public static function export()
{
if (!wp_verify_nonce(wp_stream_filter_input(INPUT_GET, 'stream_notifications_nonce'), 'stream-notifications-nonce')) {
wp_die(__('Invalid nonce, go back and try again.', 'stream-notifications'));
}
$args = array('type' => 'notification_rule', 'ignore_context' => true, 'posts_per_page' => -1, 'order' => 'asc');
$query = wp_stream_query($args);
$items = array();
$cached = get_transient('stream-notification-rules');
foreach ($query as $rule) {
$rule = new WP_Stream_Notification_Rule($rule->ID);
$rule->ID = null;
$items[] = $rule->to_array();
}
$json = json_encode($items);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="stream-notification-rules_' . current_time('timestamp', 1) . '.json"');
header('Connection: Keep-Alive');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . strlen($json));
echo $json;
// xss ok
die;
}
/**
* Log handler
*
* @param $connector
* @param string $message sprintf-ready error message string
* @param array $args sprintf (and extra) arguments to use
* @param int $object_id Target object id
* @param array $contexts Contexts of the action
* @param int $user_id User responsible for the action
*
* @internal param string $action Action performed (stream_action)
* @return int
*/
public function log($connector, $message, $args, $object_id, $contexts, $user_id = null)
{
global $wpdb;
if (is_null($user_id)) {
$user_id = get_current_user_id();
}
require_once WP_STREAM_INC_DIR . 'class-wp-stream-author.php';
$user = new WP_User($user_id);
$roles = get_option($wpdb->get_blog_prefix() . 'user_roles');
if (!isset($args['author_meta'])) {
$args['author_meta'] = array('user_email' => $user->user_email, 'display_name' => defined('WP_CLI') && empty($user->display_name) ? 'WP-CLI' : $user->display_name, 'user_login' => $user->user_login, 'user_role_label' => !empty($user->roles) ? $roles[$user->roles[0]]['name'] : null, 'agent' => WP_Stream_Author::get_current_agent());
if (defined('WP_CLI') && function_exists('posix_getuid')) {
$uid = posix_getuid();
$user_info = posix_getpwuid($uid);
$args['author_meta']['system_user_id'] = $uid;
$args['author_meta']['system_user_name'] = $user_info['name'];
}
}
// Remove meta with null values from being logged
$meta = array_filter($args, function ($var) {
return !is_null($var);
});
$recordarr = array('object_id' => $object_id, 'site_id' => is_multisite() ? get_current_site()->id : 1, 'blog_id' => apply_filters('blog_id_logged', is_network_admin() ? 0 : get_current_blog_id()), 'author' => $user_id, 'author_role' => !empty($user->roles) ? $user->roles[0] : null, 'created' => current_time('mysql', 1), 'summary' => vsprintf($message, $args), 'parent' => self::$instance->prev_record, 'connector' => $connector, 'contexts' => $contexts, 'meta' => $meta, 'ip' => wp_stream_filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP));
$record_id = WP_Stream_DB::get_instance()->insert($recordarr);
return $record_id;
}
/**
* Handle ajax saving of time intervals
*/
public function save_interval()
{
$interval = array('key' => wp_stream_filter_input(INPUT_GET, 'key', FILTER_SANITIZE_STRING, array('default' => '')), 'start' => wp_stream_filter_input(INPUT_GET, 'start', FILTER_SANITIZE_STRING, array('default' => '')), 'end' => wp_stream_filter_input(INPUT_GET, 'end', FILTER_SANITIZE_STRING, array('default' => '')));
// Get predefined interval for validation
$avail_intervals = $this->get_predefined_intervals();
if ('' !== $interval['key'] && 'custom' !== $interval['key'] && !isset($avail_intervals[$interval['key']])) {
wp_die(esc_html__('That time interval is not available.', 'stream'));
}
// Only store dates if we are dealing with custom dates and no relative preset
if ('custom' !== $interval['key']) {
$interval['start'] = '';
$interval['end'] = '';
}
WP_Stream_Reports_Settings::update_user_option_and_redirect('interval', $interval);
}
/**
* @action wp_ajax_wp_stream_get_filter_value_by_id
*/
public static function get_filter_value_by_id()
{
$filter = wp_stream_filter_input(INPUT_POST, 'filter');
switch ($filter) {
case 'author':
$id = wp_stream_filter_input(INPUT_POST, 'id');
if ($id === '0') {
$value = 'WP-CLI';
break;
}
$user = get_userdata($id);
if (!$user || is_wp_error($user)) {
$value = '';
} else {
$value = $user->display_name;
}
break;
default:
$value = '';
}
echo json_encode($value);
wp_die();
}
/**
* Ajax callback for processing migrate actions
*
* Break down the total number of records found into reasonably-sized chunks
* and send each of those chunks to the Stream API
*
* Drops the legacy Stream data from the DB once the API has consumed everything
*
* @action wp_ajax_wp_stream_migrate_action
* @return void
*/
public static function process_migrate_action()
{
$action = wp_stream_filter_input(INPUT_POST, 'migrate_action');
$nonce = wp_stream_filter_input(INPUT_POST, 'nonce');
if (!wp_verify_nonce($nonce, 'wp_stream_migrate-' . absint(get_current_blog_id()) . absint(get_current_user_id()))) {
return;
}
set_time_limit(0);
// Just in case, this could take a while for some
if ('migrate' === $action) {
self::migrate_notification_rules();
$records = self::get_records(self::$limit);
if (!$records) {
// If all the records are gone, clean everything up
self::drop_legacy_data();
wp_send_json_success(__('Migration complete!', 'stream'));
}
$response = self::send_records($records);
if (true === $response) {
// Delete the records that were just sent to the API successfully
self::delete_records(self::$_records);
wp_send_json_success('migrate');
} else {
if (isset($response['body']['message']) && !empty($response['body']['message'])) {
$body = json_decode($response['body'], true);
$message = $body['message'];
} elseif (isset($response['response']['message']) && !empty($response['response']['message'])) {
$message = $response['response']['message'];
} else {
$message = __('An unknown error occurred during migration.', 'stream');
}
wp_send_json_error(sprintf(__('%s Please try again later or contact support.', 'stream'), esc_html($message)));
}
}
if ('delay' === $action) {
set_transient(self::MIGRATE_DELAY_TRANSIENT, "Don't nag me, bro", HOUR_IN_SECONDS * 3);
wp_send_json_success(__("OK, we'll remind you again in a few hours.", 'stream'));
}
if ('delete' === $action) {
$success_message = __('All existing records have been deleted from the database.', 'stream');
if (!is_multisite()) {
// If this is a single-site install, force delete everything
self::drop_legacy_data(true, true);
wp_send_json_success($success_message);
} else {
// If multisite, only delete records for this site - this will take longer
$records = self::get_record_ids(self::$limit);
if (!$records) {
// If all the records are gone, clean everything up
self::drop_legacy_data();
wp_send_json_success($success_message);
} else {
self::delete_records($records);
wp_send_json_success('delete');
}
}
}
die;
}
/**
* Output for Stream Records as a feed.
*
* @return xml
*/
public static function feed_template()
{
$die_title = esc_html__('Access Denied', 'stream');
$die_message = sprintf('<h1>%s</h1><p>%s</p>', $die_title, esc_html__("You don't have permission to view this feed, please contact your site Administrator.", 'stream'));
$query_var = is_network_admin() ? self::FEED_NETWORK_QUERY_VAR : self::FEED_QUERY_VAR;
$args = array('meta_key' => self::USER_FEED_OPTION_KEY, 'meta_value' => wp_stream_filter_input(INPUT_GET, self::FEED_KEY_QUERY_VAR), 'number' => 1);
$user = get_users($args);
if (empty($user)) {
wp_die($die_message, $die_title);
}
if (!is_super_admin($user[0]->ID)) {
$roles = isset($user[0]->roles) ? (array) $user[0]->roles : array();
if (self::$is_network_feed) {
wp_die($die_message, $die_title);
}
if (!$roles || !array_intersect($roles, WP_Stream_Settings::$options['general_role_access'])) {
wp_die($die_message, $die_title);
}
}
$blog_id = self::$is_network_feed ? null : get_current_blog_id();
$args = array('blog_id' => $blog_id, 'records_per_page' => wp_stream_filter_input(INPUT_GET, 'records_per_page', FILTER_SANITIZE_NUMBER_INT), 'search' => wp_stream_filter_input(INPUT_GET, 'search'), 'object_id' => wp_stream_filter_input(INPUT_GET, 'object_id', FILTER_SANITIZE_NUMBER_INT), 'ip' => wp_stream_filter_input(INPUT_GET, 'ip', FILTER_VALIDATE_IP), 'author' => wp_stream_filter_input(INPUT_GET, 'author', FILTER_SANITIZE_NUMBER_INT), 'author_role' => wp_stream_filter_input(INPUT_GET, 'author_role'), 'date' => wp_stream_filter_input(INPUT_GET, 'date'), 'date_from' => wp_stream_filter_input(INPUT_GET, 'date_from'), 'date_to' => wp_stream_filter_input(INPUT_GET, 'date_to'), 'record__in' => wp_stream_filter_input(INPUT_GET, 'record__in'), 'order' => wp_stream_filter_input(INPUT_GET, 'order'), 'orderby' => wp_stream_filter_input(INPUT_GET, 'orderby'), 'fields' => wp_stream_filter_input(INPUT_GET, 'fields'));
$records = wp_stream_query($args);
$latest_record = isset($records[0]->created) ? $records[0]->created : null;
$records_admin_url = add_query_arg(array('page' => WP_Stream_Admin::RECORDS_PAGE_SLUG), admin_url(WP_Stream_Admin::ADMIN_PARENT_PAGE));
$latest_link = null;
if (isset($records[0]->ID)) {
$latest_link = add_query_arg(array('record__in' => $records[0]->ID), $records_admin_url);
}
$domain = parse_url($records_admin_url, PHP_URL_HOST);
$format = wp_stream_filter_input(INPUT_GET, self::FEED_TYPE_QUERY_VAR);
if ('atom' === $format) {
require_once WP_STREAM_INC_DIR . 'feeds/atom.php';
} elseif ('json' === $format) {
require_once WP_STREAM_INC_DIR . 'feeds/json.php';
} else {
require_once WP_STREAM_INC_DIR . 'feeds/rss-2.0.php';
}
exit;
}
/**
* Log Order major status changes ( creating / updating / trashing )
*
* @action transition_post_status
*
* @param string $new
* @param string $old
* @param \WP_Post $post
*/
public function callback_transition_post_status($new, $old, $post)
{
// Only track orders
if ('shop_order' !== $post->post_type) {
return;
}
// Don't track customer actions
if (!is_admin()) {
return;
}
// Don't track minor status change actions
if (in_array(wp_stream_filter_input(INPUT_GET, 'action'), array('mark_processing', 'mark_on-hold', 'mark_completed')) || defined('DOING_AJAX')) {
return;
}
// Don't log updates when more than one happens at the same time
if ($post->ID === $this->order_update_logged) {
return;
}
if (in_array($new, array('auto-draft', 'draft', 'inherit'))) {
return;
} elseif ('auto-draft' === $old && 'publish' === $new) {
$message = esc_html_x('%s created', 'Order title', 'stream');
$action = 'created';
} elseif ('trash' === $new) {
$message = esc_html_x('%s trashed', 'Order title', 'stream');
$action = 'trashed';
} elseif ('trash' === $old && 'publish' === $new) {
$message = esc_html_x('%s restored from the trash', 'Order title', 'stream');
$action = 'untrashed';
} else {
$message = esc_html_x('%s updated', 'Order title', 'stream');
}
if (empty($action)) {
$action = 'updated';
}
$order = new \WC_Order($post->ID);
$order_title = esc_html__('Order number', 'stream') . ' ' . esc_html($order->get_order_number());
$order_type_name = esc_html__('order', 'stream');
$this->log($message, array('post_title' => $order_title, 'singular_name' => $order_type_name, 'new_status' => $new, 'old_status' => $old, 'revision_id' => null), $post->ID, $post->post_type, $action);
$this->order_update_logged = $post->ID;
}
/**
* @todo Core needs a delete_plugin hook
* @todo This does not work in WP-CLI
*/
public static function callback_pre_set_site_transient_update_plugins($value)
{
if (!wp_stream_filter_input(INPUT_POST, 'verify-delete') || !($plugins_to_delete = get_option('wp_stream_plugins_to_delete'))) {
return $value;
}
foreach ($plugins_to_delete as $plugin => $data) {
$name = $data['Name'];
$network_wide = $data['Network'] ? __('network wide', 'stream') : '';
self::log(__('"%s" plugin deleted', 'stream'), compact('name', 'plugin', 'network_wide'), null, 'plugins', 'deleted');
}
delete_option('wp_stream_plugins_to_delete');
return $value;
}
/**
* @action wp_ajax_wp_stream_get_filter_value_by_id
*/
public function get_filter_value_by_id()
{
$filter = wp_stream_filter_input(INPUT_POST, 'filter');
switch ($filter) {
case 'user_id':
$id = wp_stream_filter_input(INPUT_POST, 'id');
if ('0' === $id) {
$value = 'WP-CLI';
break;
}
$user = get_userdata($id);
if (!$user || is_wp_error($user)) {
$value = '';
} else {
$value = $user->display_name;
}
break;
default:
$value = '';
}
echo wp_stream_json_encode($value);
// xss ok
if (defined('WP_STREAM_TESTS') && WP_STREAM_TESTS) {
return;
}
die;
}
/**
* @action load-edit.php
*/
public function actions()
{
if (!isset($_REQUEST['action']) || !isset($_REQUEST['post_type']) || WP_Stream_Notifications_Post_Type::POSTTYPE !== wp_stream_filter_input(INPUT_GET, 'post_type')) {
return;
}
$action = $_REQUEST['action'];
$request = isset($_REQUEST['post']) ? is_array($_REQUEST['post']) ? $_REQUEST['post'] : explode(',', $_REQUEST['post']) : isset($_REQUEST['id']) ? array($_REQUEST['id']) : array();
$ids = array_map('absint', $request);
if (empty($action) || empty($ids)) {
return;
}
if (in_array($action, array('publish', 'unpublish'))) {
$status = 'publish' === $action ? 'publish' : 'draft';
foreach ($ids as $id) {
wp_update_post(array('ID' => $id, 'post_status' => $status));
}
wp_safe_redirect(add_query_arg(array('updated' => count($ids)), remove_query_arg(array('action', 'action2', 'id', 'ids', 'post', '_wp_http_referer', 'post_status', 'mode', 'm'))));
exit;
// Without this, the page displays the weird 'Are you sure you want this?'
}
}
public function get_stream()
{
// Filters
$allowed_params = array('connector', 'context', 'action', 'author', 'author_role', 'object_id', 'search', 'date', 'date_from', 'date_to', 'record__in', 'blog_id', 'ip');
$sections = isset($_POST['sections']) ? maybe_unserialize(base64_decode($_POST['sections'])) : array();
if (!is_array($sections)) {
$sections = array();
}
//return $sections;
$other_tokens = isset($_POST['other_tokens']) ? maybe_unserialize(base64_decode($_POST['other_tokens'])) : array();
if (!is_array($other_tokens)) {
$other_tokens = array();
}
//return $other_tokens;
unset($_POST['sections']);
unset($_POST['other_tokens']);
$args = array();
foreach ($allowed_params as $param) {
if (self::$mainwpChildReports) {
$paramval = mainwp_wp_stream_filter_input(INPUT_POST, $param);
} else {
$paramval = wp_stream_filter_input(INPUT_POST, $param);
}
if ($paramval || '0' === $paramval) {
$args[$param] = $paramval;
}
}
foreach ($args as $arg => $val) {
if (!in_array($arg, $allowed_params)) {
unset($args[$arg]);
}
}
// to fix bug
$exclude_connector_posts = true;
if (isset($sections['body']) && isset($sections['body']['section_token']) && is_array($sections['body']['section_token'])) {
foreach ($sections['body']['section_token'] as $sec) {
if (strpos($sec, "[section.posts") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
if ($exclude_connector_posts) {
if (isset($sections['header']) && isset($sections['header']['section_token']) && is_array($sections['header']['section_token'])) {
foreach ($sections['header']['section_token'] as $sec) {
if (strpos($sec, "[section.posts") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
}
if ($exclude_connector_posts) {
if (isset($sections['footer']) && isset($sections['footer']['section_token']) && is_array($sections['footer']['section_token'])) {
foreach ($sections['footer']['section_token'] as $sec) {
if (strpos($sec, "[section.posts") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
}
if ($exclude_connector_posts) {
if (isset($other_tokens['body']) && is_array($other_tokens['body'])) {
foreach ($other_tokens['body'] as $sec) {
if (strpos($sec, "[post.") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
}
if ($exclude_connector_posts) {
if (isset($other_tokens['header']) && is_array($other_tokens['header'])) {
foreach ($other_tokens['header'] as $sec) {
if (strpos($sec, "[post.") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
}
if ($exclude_connector_posts) {
if (isset($other_tokens['footer']) && is_array($other_tokens['footer'])) {
foreach ($other_tokens['footer'] as $sec) {
if (strpos($sec, "[post.") !== false) {
$exclude_connector_posts = false;
break;
}
}
}
}
if ($exclude_connector_posts) {
$args['connector__not_in'] = array('posts');
}
///// end fix /////
$args['action__not_in'] = array('login');
// fix for Stream 3
if (3 !== self::$streamVersionNumber) {
$args['fields'] = 'with-meta';
if (isset($args['date_from'])) {
$args['date_from'] = date('Y-m-d H:i:s', $args['date_from']);
}
if (isset($args['date_to'])) {
$args['date_to'] = date('Y-m-d H:i:s', $args['date_to']);
}
} else {
if (isset($args['date_from'])) {
$args['date_from'] = date('Y-m-d', $args['date_from']);
}
if (isset($args['date_to'])) {
$args['date_to'] = date('Y-m-d', $args['date_to']);
}
}
$args['records_per_page'] = 9999;
// error_log(print_r($args, true));
if (self::$mainwpChildReports) {
$records = mainwp_wp_stream_query($args);
} else {
if (149 === self::$streamVersionNumber) {
$records = wp_stream_query($args);
} else {
if (3 === self::$streamVersionNumber) {
$records = wp_stream_get_instance()->db->query->query($args);
}
}
}
if (!is_array($records)) {
$records = array();
}
//return $records;
//$other_tokens_data = $this->get_other_tokens_data($records, $other_tokens);
if (isset($other_tokens['header']) && is_array($other_tokens['header'])) {
$other_tokens_data['header'] = $this->get_other_tokens_data($records, $other_tokens['header']);
}
if (isset($other_tokens['body']) && is_array($other_tokens['body'])) {
$other_tokens_data['body'] = $this->get_other_tokens_data($records, $other_tokens['body']);
}
if (isset($other_tokens['footer']) && is_array($other_tokens['footer'])) {
$other_tokens_data['footer'] = $this->get_other_tokens_data($records, $other_tokens['footer']);
}
$sections_data = array();
if (isset($sections['header']) && is_array($sections['header']) && !empty($sections['header'])) {
foreach ($sections['header']['section_token'] as $index => $sec) {
$tokens = $sections['header']['section_content_tokens'][$index];
$sections_data['header'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
if (isset($sections['body']) && is_array($sections['body']) && !empty($sections['body'])) {
foreach ($sections['body']['section_token'] as $index => $sec) {
$tokens = $sections['body']['section_content_tokens'][$index];
$sections_data['body'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
if (isset($sections['footer']) && is_array($sections['footer']) && !empty($sections['footer'])) {
foreach ($sections['footer'] as $index => $sec) {
$tokens = $sections['footer']['section_content_tokens'][$index];
$sections_data['footer'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
$information = array('other_tokens_data' => $other_tokens_data, 'sections_data' => $sections_data);
return $information;
}
/**
* @action load-theme-editor.php
*/
public static function get_edition_data()
{
if ('POST' !== $_SERVER['REQUEST_METHOD']) {
return;
}
if ('update' !== wp_stream_filter_input(INPUT_POST, 'action')) {
return;
}
$theme_slug = wp_stream_filter_input(INPUT_POST, 'theme') ? wp_stream_filter_input(INPUT_POST, 'theme') : get_stylesheet();
$theme = wp_get_theme($theme_slug);
if (!$theme->exists() || $theme->errors() && 'theme_no_stylesheet' === $theme->errors()->get_error_code()) {
return;
}
$allowed_files = $theme->get_files('php', 1);
$style_files = $theme->get_files('css');
$allowed_files['style.css'] = $style_files['style.css'];
$file = wp_stream_filter_input(INPUT_POST, 'file');
if (empty($file)) {
$file_name = 'style.css';
$file_path = $allowed_files['style.css'];
} else {
$file_name = $file;
$file_path = sprintf('%s/%s', $theme->get_stylesheet_directory(), $file_name);
}
$file_contents_before = file_get_contents($file_path);
self::$edited_file = compact('file_name', 'file_path', 'file_contents_before', 'theme');
}
/**
* Retrieve plugin data needed for the log message
*
* @param string $slug The plugin file base name (e.g. akismet/akismet.php)
* @return mixed $output Compacted variables
*/
public static function get_plugin_data($slug)
{
$base = null;
$name = null;
$slug = current(explode('/', $slug));
$file_name = wp_stream_filter_input(INPUT_POST, 'file');
$file_path = WP_PLUGIN_DIR . '/' . $file_name;
$file_contents_before = file_get_contents($file_path);
$plugins = get_plugins();
foreach ($plugins as $key => $plugin_data) {
if (0 === strpos($key, $slug)) {
$base = $key;
$name = $plugin_data['Name'];
break;
}
}
$file_name = str_ireplace(trailingslashit($slug), '', $file_name);
$slug = !empty($base) ? $base : $slug;
$output = compact('file_name', 'file_path', 'file_contents_before', 'slug', 'name');
return $output;
}
/**
* Add a description to each of the Settings pages in the Network Admin
*
* @param $description
*
* @return string
*/
function settings_form_description($description)
{
if (!is_network_admin()) {
return;
}
$current_page = wp_stream_filter_input(INPUT_GET, 'page');
switch ($current_page) {
case self::NETWORK_SETTINGS_PAGE_SLUG:
$description = __('These settings apply to all sites on the network.', 'stream');
break;
case self::DEFAULT_SETTINGS_PAGE_SLUG:
$description = __('These default settings will apply to new sites created on the network. These settings do not alter existing sites.', 'stream');
break;
}
return $description;
}
/**
* Add a description to each of the Settings pages in the Network Admin
*
* @param $description
*
* @return string
*/
public function settings_form_description($description)
{
if (!is_network_admin()) {
return '';
}
$current_page = wp_stream_filter_input(INPUT_GET, 'page');
switch ($current_page) {
case $this->network_settings_page_slug:
$description = __('These settings apply to all sites on the network.', 'stream');
break;
case $this->default_settings_page_slug:
$description = __('These default settings will apply to new sites created on the network. These settings do not alter existing sites.', 'stream');
break;
}
return $description;
}
/**
* Ajax callback for processing migrate actions
*
* Break down the total number of records found into reasonably-sized
* chunks and save records from each of those chunks to the local DB.
*
* Disconnects from WP Stream once the migration is complete.
*
* @action wp_ajax_wp_stream_migrate_action
*/
public function migrate_action_callback()
{
$action = wp_stream_filter_input(INPUT_POST, 'migrate_action');
$nonce = wp_stream_filter_input(INPUT_POST, 'nonce');
if (!wp_verify_nonce($nonce, 'wp_stream_migrate-' . absint(get_current_blog_id()) . absint(get_current_user_id()))) {
return;
}
set_time_limit(0);
// Just in case, this could take a while for some
switch ($action) {
case 'migrate':
case 'continue':
$this->migrate();
break;
case 'delay':
$this->delay();
break;
case 'ignore':
$this->ignore();
break;
}
die;
}
public function ajax_reset_occ()
{
$id = wp_stream_filter_input(INPUT_GET, 'id');
$nonce = wp_stream_filter_input(INPUT_GET, 'wp_stream_nonce');
if (!wp_verify_nonce($nonce, 'reset-occ_' . $id)) {
wp_send_json_error(esc_html__('Invalid nonce', 'stream-notifications'));
}
if (empty($id) || (int) $id !== $id) {
wp_send_json_error(esc_html__('Invalid record ID', 'stream-notifications'));
}
wp_stream_update_meta($id, 'occurrences', 0);
wp_send_json_success();
}
public function get_stream()
{
// Filters
$allowed_params = array('connector', 'context', 'action', 'author', 'author_role', 'object_id', 'search', 'date', 'date_from', 'date_to', 'record__in', 'blog_id', 'ip');
$sections = isset($_POST['sections']) ? unserialize(base64_decode($_POST['sections'])) : array();
if (!is_array($sections)) {
$sections = array();
}
//return $sections;
$other_tokens = isset($_POST['other_tokens']) ? unserialize(base64_decode($_POST['other_tokens'])) : array();
if (!is_array($other_tokens)) {
$other_tokens = array();
}
//return $other_tokens;
unset($_POST['sections']);
unset($_POST['other_tokens']);
$args = array();
foreach ($allowed_params as $param) {
if (self::$mainwpChildReports) {
$paramval = mainwp_wp_stream_filter_input(INPUT_POST, $param);
} else {
$paramval = wp_stream_filter_input(INPUT_POST, $param);
}
if ($paramval || '0' === $paramval) {
$args[$param] = $paramval;
}
}
foreach ($args as $arg => $val) {
if (!in_array($arg, $allowed_params)) {
unset($args[$arg]);
}
}
$args['action__not_in'] = array('login');
$args['fields'] = 'with-meta';
if (isset($args['date_from'])) {
$args['date_from'] = date("Y-m-d H:i:s", $args['date_from']);
}
if (isset($args['date_to'])) {
$args['date_to'] = date("Y-m-d H:i:s", $args['date_to']);
}
$args['records_per_page'] = 9999;
// error_log(print_r($args, true));
if (self::$mainwpChildReports) {
$records = mainwp_wp_stream_query($args);
} else {
$records = wp_stream_query($args);
}
// if (count($records) > 0)
// error_log(print_r($records, true));
// else
// error_log("==============");
if (!is_array($records)) {
$records = array();
}
//return $records;
//$other_tokens_data = $this->get_other_tokens_data($records, $other_tokens);
if (isset($other_tokens['header']) && is_array($other_tokens['header'])) {
$other_tokens_data['header'] = $this->get_other_tokens_data($records, $other_tokens['header']);
}
if (isset($other_tokens['body']) && is_array($other_tokens['body'])) {
$other_tokens_data['body'] = $this->get_other_tokens_data($records, $other_tokens['body']);
}
if (isset($other_tokens['footer']) && is_array($other_tokens['footer'])) {
$other_tokens_data['footer'] = $this->get_other_tokens_data($records, $other_tokens['footer']);
}
$sections_data = array();
if (isset($sections['header']) && is_array($sections['header']) && !empty($sections['header'])) {
foreach ($sections['header']['section_token'] as $index => $sec) {
$tokens = $sections['header']['section_content_tokens'][$index];
$sections_data['header'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
if (isset($sections['body']) && is_array($sections['body']) && !empty($sections['body'])) {
foreach ($sections['body']['section_token'] as $index => $sec) {
$tokens = $sections['body']['section_content_tokens'][$index];
$sections_data['body'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
if (isset($sections['footer']) && is_array($sections['footer']) && !empty($sections['footer'])) {
foreach ($sections['footer'] as $index => $sec) {
$tokens = $sections['footer']['section_content_tokens'][$index];
$sections_data['footer'][$index] = $this->get_section_loop_data($records, $tokens, $sec);
}
}
$information = array('other_tokens_data' => $other_tokens_data, 'sections_data' => $sections_data);
return $information;
}
/**
* Returns the option key
*
* @return string
*/
public function get_option_key()
{
$option_key = $this->option_key;
$current_page = wp_stream_filter_input(INPUT_GET, 'page');
if (!$current_page) {
$current_page = wp_stream_filter_input(INPUT_GET, 'action');
}
if ('wp_stream_network_settings' === $current_page) {
$option_key = $this->network_options_key;
}
return apply_filters('wp_stream_settings_option_key', $option_key);
}
<div class="wrap">
<?php
if (wp_stream_filter_input(INPUT_GET, 'updated') || wp_stream_filter_input(INPUT_POST, 'summary')) {
?>
<div class="updated fade">
<p><?php
esc_html_e('Rule saved.', 'stream-notifications');
?>
</p>
</div>
<?php
}
?>
<h2><?php
$rule->exists() ? esc_html_e('Edit Notification Rule', 'stream-notifications') : esc_html_e('Add New Notification Rule', 'stream-notifications');
?>
<?php
if ($rule->exists()) {
?>
<?php
$new_link = add_query_arg(array('page' => WP_Stream_Notifications::NOTIFICATIONS_PAGE_SLUG, 'view' => 'rule'), is_network_admin() ? network_admin_url(WP_Stream_Admin::ADMIN_PARENT_PAGE) : admin_url(WP_Stream_Admin::ADMIN_PARENT_PAGE));
?>
<a href="<?php
echo esc_url($new_link);
?>
" class="add-new-h2"><?php
esc_html_e('Add New', 'stream-notifications');
?>
</a>
/**
* Track Monitor module notification status
*/
public function callback_jetpack_module_configuration_load_monitor()
{
$active = wp_stream_filter_input(INPUT_POST, 'receive_jetpack_monitor_notification');
if (!$active) {
return;
}
$this->log(__('Monitor notifications %s', 'stream'), array('status' => $active ? esc_html__('activated', 'stream') : esc_html__('deactivated', 'stream'), 'option' => 'receive_jetpack_monitor_notification', 'old_value' => !$active, 'value' => $active), null, 'monitor', 'updated');
}
/**
* Track Monitor module notification status
*/
public static function callback_jetpack_module_configuration_load_monitor()
{
if ($_POST) {
$active = wp_stream_filter_input(INPUT_POST, 'receive_jetpack_monitor_notification');
self::log(__('Monitor notifications %s', 'stream'), array('status' => $active ? __('activated', 'stream') : __('deactivated', 'stream'), 'option' => 'receive_jetpack_monitor_notification', 'old_value' => !$active, 'value' => $active), null, 'monitor', 'updated');
}
}
/**
* Output for Stream Records as a feed.
*
* @return xml
*/
public static function feed_template()
{
$die_title = esc_html__('Access Denied', 'stream');
$die_message = '<h1>' . $die_title . '</h1><p>' . esc_html__('You don\'t have permission to view this feed, please contact your site Administrator.', 'stream') . '</p>';
if (!isset($_GET[self::FEED_QUERY_VAR]) || empty($_GET[self::FEED_QUERY_VAR])) {
wp_die($die_message, $die_title);
}
$args = array('meta_key' => self::USER_FEED_KEY, 'meta_value' => $_GET[self::FEED_QUERY_VAR], 'number' => 1);
$user = get_users($args);
if (!is_super_admin($user[0]->ID)) {
$roles = isset($user[0]->roles) ? (array) $user[0]->roles : array();
if (self::$is_network_feed) {
wp_die($die_message, $die_title);
}
if (!$roles || !array_intersect($roles, WP_Stream_Settings::$options['general_role_access'])) {
wp_die($die_message, $die_title);
}
}
$blog_id = self::$is_network_feed ? null : get_current_blog_id();
$args = array('blog_id' => $blog_id, 'records_per_page' => wp_stream_filter_input(INPUT_GET, 'records_per_page', FILTER_SANITIZE_NUMBER_INT, array('options' => array('default' => get_option('posts_per_rss')))), 'search' => wp_stream_filter_input(INPUT_GET, 'search'), 'object_id' => wp_stream_filter_input(INPUT_GET, 'object_id', FILTER_SANITIZE_NUMBER_INT), 'ip' => wp_stream_filter_input(INPUT_GET, 'ip', FILTER_VALIDATE_IP), 'author' => wp_stream_filter_input(INPUT_GET, 'author', FILTER_SANITIZE_NUMBER_INT), 'author_role' => wp_stream_filter_input(INPUT_GET, 'author_role'), 'date' => wp_stream_filter_input(INPUT_GET, 'date'), 'date_from' => wp_stream_filter_input(INPUT_GET, 'date_from'), 'date_to' => wp_stream_filter_input(INPUT_GET, 'date_to'), 'record__in' => wp_stream_filter_input(INPUT_GET, 'record__in', FILTER_SANITIZE_NUMBER_INT), 'record_parent' => wp_stream_filter_input(INPUT_GET, 'record_parent', FILTER_SANITIZE_NUMBER_INT), 'order' => wp_stream_filter_input(INPUT_GET, 'order', FILTER_DEFAULT, array('options' => array('default' => 'desc'))), 'orderby' => wp_stream_filter_input(INPUT_GET, 'orderby', FILTER_DEFAULT, array('options' => array('default' => 'ID'))), 'fields' => wp_stream_filter_input(INPUT_GET, 'fields', FILTER_DEFAULT, array('options' => array('default' => 'with-meta'))));
$records = wp_stream_query($args);
$latest_record = isset($records[0]->created) ? $records[0]->created : null;
$records_admin_url = add_query_arg(array('page' => WP_Stream_Admin::RECORDS_PAGE_SLUG), admin_url(WP_Stream_Admin::ADMIN_PARENT_PAGE));
if ('json' === wp_stream_filter_input(INPUT_GET, self::FEED_TYPE_QUERY_VAR)) {
if (version_compare(PHP_VERSION, '5.4', '>=')) {
echo json_encode($records, JSON_PRETTY_PRINT);
} else {
echo json_encode($records);
}
} else {
header('Content-Type: ' . feed_content_type('rss-http') . '; charset=' . get_option('blog_charset'), true);
printf('<?xml version="1.0" encoding="%s"?>', esc_attr(get_option('blog_charset')));
?>
<rss version="2.0"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:wfw="http://wellformedweb.org/CommentAPI/"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
<?php
/**
* Action fires during RSS xmls printing
*/
?>
<?php
do_action('rss2_ns');
?>
>
<channel>
<title><?php
bloginfo_rss('name');
?>
- <?php
esc_html_e('Stream Feed', 'stream');
?>
</title>
<atom:link href="<?php
self_link();
?>
" rel="self" type="application/rss+xml" />
<link><?php
echo esc_url($records_admin_url);
?>
</link>
<description><?php
bloginfo_rss('description');
?>
</description>
<lastBuildDate><?php
echo esc_html(mysql2date('r', $latest_record, false));
?>
</lastBuildDate>
<language><?php
bloginfo_rss('language');
?>
</language>
<sy:updatePeriod><?php
echo esc_html('hourly');
?>
</sy:updatePeriod>
<sy:updateFrequency><?php
echo absint(1);
?>
</sy:updateFrequency>
<?php
/**
* Action fires during RSS head
*/
?>
<?php
do_action('rss2_head');
?>
<?php
foreach ($records as $record) {
?>
<?php
$record_link = add_query_arg(array('record__in' => (int) $record->ID), $records_admin_url);
$author = get_userdata($record->author);
$display_name = isset($author->display_name) ? $author->display_name : 'N/A';
?>
<item>
<title><![CDATA[ <?php
echo trim($record->summary);
?>
]]></title>
<pubDate><?php
echo esc_html(mysql2date('r', $record->created, false));
?>
</pubDate>
<dc:creator><?php
echo esc_html($display_name);
?>
</dc:creator>
<category domain="connector"><![CDATA[ <?php
echo esc_html($record->connector);
?>
]]></category>
<category domain="context"><![CDATA[ <?php
echo esc_html($record->context);
?>
]]></category>
<category domain="action"><![CDATA[ <?php
echo esc_html($record->action);
?>
]]></category>
<category domain="ip"><?php
echo esc_html($record->ip);
?>
</category>
<guid isPermaLink="false"><?php
echo esc_url($record_link);
?>
</guid>
<link><?php
echo esc_url($record_link);
?>
</link>
<?php
/**
* Action fires during RSS item
*/
?>
<?php
do_action('rss2_item');
?>
</item>
<?php
}
?>
</channel>
</rss>
<?php
exit;
}
}
public function handle_rule_deletion($id, $action, $is_bulk = false)
{
$data = $_GET;
$nonce = wp_stream_filter_input(INPUT_GET, 'wp_stream_nonce');
$nonce_identifier = $is_bulk ? 'wp_stream_notifications_bulk_actions' : "delete-record_{$id}";
$visibility = wp_stream_filter_input(INPUT_GET, 'visibility', FILTER_DEFAULT);
if (!wp_verify_nonce($nonce, $nonce_identifier)) {
return;
}
$activate_rule = apply_filters('wp_stream_notifications_before_rule_' . $action, true, $id);
if (false === $activate_rule) {
return;
}
$this->delete_record($id);
wp_redirect(add_query_arg(array('wp_stream_nonce' => false, 'action' => false, 'id' => false, 'visibility' => $visibility)));
}
/**
* This function is use to check whether or not a record should be excluded from the log
*
* @param $connector string name of the connector being logged
* @param $context string name of the context being logged
* @param $action string name of the action being logged
* @param $user_id int id of the user being logged
* @param $ip string ip address being logged
* @return bool
*/
public function is_record_excluded($connector, $context, $action, $user = null, $ip = null)
{
if (is_null($user)) {
$user = wp_get_current_user();
}
if (is_null($ip)) {
$ip = wp_stream_filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP);
} else {
$ip = wp_stream_filter_var($ip, FILTER_VALIDATE_IP);
}
$user_role = isset($user->roles[0]) ? $user->roles[0] : null;
$record = array('connector' => $connector, 'context' => $context, 'action' => $action, 'author' => $user->ID, 'role' => $user_role, 'ip_address' => $ip);
$exclude_settings = isset(WP_Stream_Settings::$options['exclude_rules']) ? WP_Stream_Settings::$options['exclude_rules'] : array();
if (isset($exclude_settings['exclude_row']) && !empty($exclude_settings['exclude_row'])) {
foreach ($exclude_settings['exclude_row'] as $key => $value) {
// Prepare values
$author_or_role = isset($exclude_settings['author_or_role'][$key]) ? $exclude_settings['author_or_role'][$key] : '';
$connector = isset($exclude_settings['connector'][$key]) ? $exclude_settings['connector'][$key] : '';
$context = isset($exclude_settings['context'][$key]) ? $exclude_settings['context'][$key] : '';
$action = isset($exclude_settings['action'][$key]) ? $exclude_settings['action'][$key] : '';
$ip_address = isset($exclude_settings['ip_address'][$key]) ? $exclude_settings['ip_address'][$key] : '';
$exclude = array('connector' => !empty($connector) ? $connector : null, 'context' => !empty($context) ? $context : null, 'action' => !empty($action) ? $action : null, 'ip_address' => !empty($ip_address) ? $ip_address : null, 'author' => is_numeric($author_or_role) ? $author_or_role : null, 'role' => !empty($author_or_role) && !is_numeric($author_or_role) ? $author_or_role : null);
$exclude_rules = array_filter($exclude, 'strlen');
if (!empty($exclude_rules)) {
$excluded = true;
foreach ($exclude_rules as $exclude_key => $exclude_value) {
if ($record[$exclude_key] !== $exclude_value) {
$excluded = false;
break;
}
}
if ($excluded) {
return true;
}
}
}
}
return false;
}
/**
* Override connector log for our own Settings / Actions
*
* @param array $data
*
* @return array|bool
*/
public static function log_override(array $data)
{
global $pagenow;
if ('options.php' === $pagenow && 'settings' === $data['connector'] && wp_stream_filter_input(INPUT_POST, '_wp_http_referer')) {
if (!isset($data['args']['context']) || !isset(self::$option_groups[$data['args']['context']])) {
return $data;
}
$page = preg_match('#page=([^&]*)#', wp_stream_filter_input(INPUT_POST, '_wp_http_referer'), $match) ? $match[1] : '';
$labels = self::get_context_labels();
if (!isset($labels[$page])) {
return $data;
}
if (!($label = self::settings_labels($data['args']['option_key']))) {
$data['message'] = __('%s settings updated', 'stream');
$label = $labels[$page];
}
$data['args']['label'] = $label;
$data['args']['context'] = $page;
$data['context'] = $page;
$data['connector'] = self::$name;
}
return $data;
}
/**
* Returns the option key depending on which settings page is being viewed
*
* @return string Option key for this page
*/
public static function get_option_key()
{
$option_key = self::OPTION_KEY;
$current_page = wp_stream_filter_input(INPUT_GET, 'page');
if (!$current_page) {
$current_page = wp_stream_filter_input(INPUT_GET, 'action');
}
return apply_filters('wp_stream_settings_option_key', $option_key);
}
function filter_date($items)
{
wp_enqueue_style('jquery-ui');
wp_enqueue_style('wp-stream-datepicker');
wp_enqueue_script('jquery-ui-datepicker');
$date_predefined = wp_stream_filter_input(INPUT_GET, 'date_predefined');
$date_from = wp_stream_filter_input(INPUT_GET, 'date_from');
$date_to = wp_stream_filter_input(INPUT_GET, 'date_to');
ob_start();
?>
<div class="date-interval">
<select class="field-predefined hide-if-no-js" name="date_predefined" data-placeholder="<?php
esc_attr_e('All Time', 'stream');
?>
">
<option></option>
<option value="custom" <?php
selected('custom' === $date_predefined);
?>
><?php
esc_attr_e('Custom', 'stream');
?>
</option>
<?php
foreach ($items as $key => $interval) {
$end = isset($interval['end']) ? $interval['end']->format('Y/m/d') : null;
printf('<option value="%s" data-from="%s" data-to="%s" %s>%s</option>', esc_attr($key), esc_attr($interval['start']->format('Y/m/d')), esc_attr($end), selected($key === $date_predefined), esc_html($interval['label']));
}
?>
</select>
<div class="date-inputs">
<div class="box">
<i class="date-remove dashicons"></i>
<input type="text" name="date_from" class="date-picker field-from" placeholder="<?php
esc_attr_e('Start Date', 'stream');
?>
" value="<?php
echo esc_attr($date_from);
?>
" />
</div>
<span class="connector dashicons"></span>
<div class="box">
<i class="date-remove dashicons"></i>
<input type="text" name="date_to" class="date-picker field-to" placeholder="<?php
esc_attr_e('End Date', 'stream');
?>
" value="<?php
echo esc_attr($date_to);
?>
" />
</div>
</div>
</div>
<?php
return ob_get_clean();
}
/**
* Returns the option key depending on which settings page is being viewed
*
* @return string Option key for this page
*/
public static function get_option_key()
{
$option_key = self::KEY;
$current_page = wp_stream_filter_input(INPUT_GET, 'page');
if (!$current_page) {
$current_page = wp_stream_filter_input(INPUT_GET, 'action');
}
if ('wp_stream_default_settings' === $current_page) {
$option_key = self::DEFAULTS_KEY;
}
if ('wp_stream_network_settings' === $current_page) {
$option_key = self::NETWORK_KEY;
}
return apply_filters('wp_stream_settings_option_key', $option_key);
}
public function save_chart_height()
{
$chart_height = wp_stream_filter_input(INPUT_GET, 'chart_height', FILTER_SANITIZE_NUMBER_INT);
if (false === $chart_height) {
wp_send_json_error();
}
// Update the database option
WP_Stream_Reports_Settings::ajax_update_user_option('chart_height', $chart_height);
}
