/**
* Sanitize each setting field as needed
*
* @param array $input
* Contains all settings fields as array keys
*/
public function sanitize($input)
{
$this->logger->debug("Sanitizing data before storage");
$new_input = array();
$success = true;
$this->sanitizeString('Encryption Type', PostmanOptions::SECURITY_TYPE, $input, $new_input);
$this->sanitizeString('Hostname', PostmanOptions::HOSTNAME, $input, $new_input);
if (!empty($input[PostmanOptions::PORT])) {
$port = absint($input[PostmanOptions::PORT]);
if ($port > 0) {
$this->sanitizeInt('Port', PostmanOptions::PORT, $input, $new_input);
} else {
$new_input[PostmanOptions::PORT] = $this->options->getPort();
add_settings_error(PostmanOptions::PORT, PostmanOptions::PORT, 'Invalid TCP Port', 'error');
$success = false;
}
}
// check the auth type AFTER the hostname because we reset the hostname if auth is bad
$this->sanitizeString('From Email', PostmanOptions::MESSAGE_SENDER_EMAIL, $input, $new_input);
// the wizard doesn't set an envelope sender, so we'll default it to From Email
$new_input[PostmanOptions::ENVELOPE_SENDER] = $new_input[PostmanOptions::MESSAGE_SENDER_EMAIL];
$this->sanitizeString('Sender Email', PostmanOptions::ENVELOPE_SENDER, $input, $new_input);
$this->sanitizeString('Transport Type', PostmanOptions::TRANSPORT_TYPE, $input, $new_input);
$this->sanitizeString('Authorization Type', PostmanOptions::AUTHENTICATION_TYPE, $input, $new_input);
$this->sanitizeString('From Name', PostmanOptions::MESSAGE_SENDER_NAME, $input, $new_input);
$this->sanitizeString('Client ID', PostmanOptions::CLIENT_ID, $input, $new_input);
$this->sanitizeString('Client Secret', PostmanOptions::CLIENT_SECRET, $input, $new_input);
$this->sanitizeString('Username', PostmanOptions::BASIC_AUTH_USERNAME, $input, $new_input);
$this->sanitizePassword('Password', PostmanOptions::BASIC_AUTH_PASSWORD, $input, $new_input, $this->options->getPassword());
$this->sanitizePassword('Mandrill API Key', PostmanOptions::MANDRILL_API_KEY, $input, $new_input, $this->options->getMandrillApiKey());
$this->sanitizePassword('SendGrid API Key', PostmanOptions::SENDGRID_API_KEY, $input, $new_input, $this->options->getSendGridApiKey());
$this->sanitizeString('Reply-To', PostmanOptions::REPLY_TO, $input, $new_input);
$this->sanitizeString('From Name Override', PostmanOptions::PREVENT_MESSAGE_SENDER_NAME_OVERRIDE, $input, $new_input);
$this->sanitizeString('From Email Override', PostmanOptions::PREVENT_MESSAGE_SENDER_EMAIL_OVERRIDE, $input, $new_input);
$this->sanitizeString('Disable Email Validation', PostmanOptions::DISABLE_EMAIL_VALIDAITON, $input, $new_input);
$this->sanitizeString('Forced To Recipients', PostmanOptions::FORCED_TO_RECIPIENTS, $input, $new_input);
$this->sanitizeString('Forced CC Recipients', PostmanOptions::FORCED_CC_RECIPIENTS, $input, $new_input);
$this->sanitizeString('Forced BCC Recipients', PostmanOptions::FORCED_BCC_RECIPIENTS, $input, $new_input);
$this->sanitizeString('Additional Headers', PostmanOptions::ADDITIONAL_HEADERS, $input, $new_input);
$this->sanitizeInt('Read Timeout', PostmanOptions::READ_TIMEOUT, $input, $new_input);
$this->sanitizeInt('Conenction Timeout', PostmanOptions::CONNECTION_TIMEOUT, $input, $new_input);
$this->sanitizeInt('Log Level', PostmanOptions::LOG_LEVEL, $input, $new_input);
$this->sanitizeString('Email Log Enabled', PostmanOptions::MAIL_LOG_ENABLED_OPTION, $input, $new_input);
$this->sanitizeLogMax('Email Log Max Entries', PostmanOptions::MAIL_LOG_MAX_ENTRIES, $input, $new_input);
$this->sanitizeString('Run Mode', PostmanOptions::RUN_MODE, $input, $new_input);
$this->sanitizeString('Stealth Mode', PostmanOptions::STEALTH_MODE, $input, $new_input);
$this->sanitizeInt('Transcript Size', PostmanOptions::TRANSCRIPT_SIZE, $input, $new_input);
$this->sanitizeString('Temporary Directory', PostmanOptions::TEMPORARY_DIRECTORY, $input, $new_input);
if ($new_input[PostmanOptions::CLIENT_ID] != $this->options->getClientId() || $new_input[PostmanOptions::CLIENT_SECRET] != $this->options->getClientSecret() || $new_input[PostmanOptions::HOSTNAME] != $this->options->getHostname()) {
$this->logger->debug("Recognized new Client ID");
// the user entered a new client id and we should destroy the stored auth token
delete_option(PostmanOAuthToken::OPTIONS_NAME);
}
// can we create a tmp file? - this code is duplicated in ActivationHandler
PostmanUtils::deleteLockFile($new_input[PostmanOptions::TEMPORARY_DIRECTORY]);
$lockSuccess = PostmanUtils::createLockFile($new_input[PostmanOptions::TEMPORARY_DIRECTORY]);
// &= does not work as expected in my PHP
$lockSuccess = $lockSuccess && PostmanUtils::deleteLockFile($new_input[PostmanOptions::TEMPORARY_DIRECTORY]);
$this->logger->debug('FileLocking=' . $lockSuccess);
PostmanState::getInstance()->setFileLockingEnabled($lockSuccess);
if ($success) {
PostmanSession::getInstance()->setAction(self::VALIDATION_SUCCESS);
} else {
PostmanSession::getInstance()->setAction(self::VALIDATION_FAILED);
}
return $new_input;
}
/**
* Unblock threads waiting on lock()
*/
static function unlock()
{
if (PostmanState::getInstance()->isFileLockingEnabled()) {
PostmanUtils::deleteLockFile();
}
}
/**
* Handle activation of plugin
*/
private function handleOptionUpdates()
{
$this->logger->debug("Activating plugin");
// prior to version 0.2.5, $authOptions did not exist
$authOptions = get_option('postman_auth_token');
$options = get_option('postman_options');
$postmanState = get_option('postman_state');
if (empty($authOptions) && !empty($options) && !empty($options['access_token'])) {
$this->logger->debug("Upgrading database: copying Authorization token from postman_options to postman_auth_token");
// copy the variables from $options to $authToken
$authOptions['access_token'] = $options['access_token'];
$authOptions['refresh_token'] = $options['refresh_token'];
// there was a bug where we weren't setting the expiry time
if (!empty($options['auth_token_expires'])) {
$authOptions['auth_token_expires'] = $options['auth_token_expires'];
}
update_option('postman_auth_token', $authOptions);
}
if (!isset($options['authorization_type']) && !isset($options['auth_type'])) {
// prior to 1.0.0, access tokens were saved in authOptions without an auth type
// prior to 0.2.5, access tokens were save in options without an auth type
// either way, only oauth2 was supported
if (isset($authOptions['access_token']) || isset($options['access_token'])) {
$this->logger->debug("Upgrading database: setting authorization_type to 'oauth2'");
$options['authorization_type'] = 'oauth2';
update_option('postman_options', $options);
}
}
if (!isset($options['enc_type'])) {
// prior to 1.3, encryption type was combined with authentication type
if (isset($options['authorization_type'])) {
$this->logger->debug("Upgrading database: creating auth_type and enc_type from authorization_type");
$authType = $options['authorization_type'];
switch ($authType) {
case 'none':
$options['auth_type'] = 'none';
$options['enc_type'] = 'none';
break;
case 'basic-ssl':
$options['auth_type'] = 'login';
$options['enc_type'] = 'ssl';
break;
case 'basic-tls':
$options['auth_type'] = 'login';
$options['enc_type'] = 'tls';
break;
case 'oauth2':
$options['auth_type'] = 'oauth2';
$options['enc_type'] = 'ssl';
break;
default:
}
update_option('postman_options', $options);
}
}
// prior to 1.3.3, the version identifier was not stored and the passwords were plaintext
if (isset($options['enc_type']) && !(isset($options['version']) || isset($postmanState['version']))) {
$this->logger->debug("Upgrading database: added plugin version and encoding password");
$options['version'] = '1.3.3';
if (isset($options['basic_auth_password'])) {
$options['basic_auth_password'] = base64_encode($options['basic_auth_password']);
}
update_option('postman_options', $options);
}
// prior to 1.4.2, the transport was not identified and the auth token had no vendor
if (isset($options['auth_type']) && !isset($options['transport_type'])) {
$this->logger->debug("Upgrading database: added transport_type and vendor_name");
$options['transport_type'] = 'smtp';
update_option('postman_options', $options);
if (isset($authOptions['access_token']) && isset($options['oauth_client_id'])) {
// if there is a stored token..
if (PostmanUtils::endsWith($options['oauth_client_id'], 'googleusercontent.com')) {
$authOptions['vendor_name'] = 'google';
} else {
if (strlen($options['oauth_client_id'] < strlen($options['oauth_client_secret']))) {
$authOptions['vendor_name'] = 'microsoft';
} else {
$authOptions['vendor_name'] = 'yahoo';
}
}
update_option('postman_auth_token', $authOptions);
}
}
// for version 1.6.18, the envelope from was introduced
if (!empty($options['sender_email']) && empty($options['envelope_sender'])) {
$this->logger->debug("Upgrading database: adding envelope_sender");
$options['envelope_sender'] = $options['sender_email'];
update_option('postman_options', $options);
}
if (isset($postmanState['version']) && version_compare($postmanState['version'], '1.7.0', '<')) {
if ($options['mail_log_max_entries'] == 10) {
$options['mail_log_max_entries'] = 250;
}
$postmanStats = get_option('postman_stats');
$stateCleared = false;
if (!isset($postmanState['delivery_success_total']) && isset($postmanStats['delivery_success_total'])) {
$postmanState['delivery_success_total'] = $postmanStats['delivery_success_total'];
$stateCleared = true;
}
if (!isset($postmanState['delivery_fail_total']) && isset($postmanStats['delivery_fail_total'])) {
$postmanState['delivery_fail_total'] = $postmanStats['delivery_fail_total'];
$stateCleared = true;
}
if ($stateCleared) {
delete_option('postman_stats');
}
}
// can we create a tmp file? - this code is duplicated in InputSanitizer
PostmanUtils::deleteLockFile();
$lockSuccess = PostmanUtils::createLockFile();
// &= does not work as expected in my PHP
$lockSuccess = $lockSuccess && PostmanUtils::deleteLockFile();
$postmanState['locking_enabled'] = $lockSuccess;
// always update the version number
if (!isset($postmanState['install_date'])) {
$this->logger->debug("Upgrading database: adding install_date");
$postmanState['install_date'] = time();
}
$pluginData = apply_filters('postman_get_plugin_metadata', null);
$postmanState['version'] = $pluginData['version'];
update_option('postman_state', $postmanState);
//
delete_option('postman_session');
// reload options
PostmanState::getInstance()->reload();
PostmanOptions::getInstance()->reload();
}
