static function doExportFromPost()
{
// Consolidate GET and POST parameters. Allow GET to override POST.
$params = array_merge($_POST, $_GET);
// print_r($params);
foreach ($params as $key => $value) {
if (is_string($value)) {
$params[$key] = stripslashes($value);
}
}
// Assumes coming from CF7DBPlugin::whatsInTheDBPage()
$key = '3fde789a';
//substr($_COOKIE['PHPSESSID'], - 5); // session_id() doesn't work
if (isset($params['guser'])) {
$params['guser'] = CFDBDeobfuscate::deobfuscateHexString($params['guser'], $key);
}
if (isset($params['gpwd'])) {
$params['gpwd'] = CFDBDeobfuscate::deobfuscateHexString($params['gpwd'], $key);
}
if (!isset($params['enc'])) {
$params['enc'] = 'CSVUTF8';
}
if (!isset($params['form'])) {
$params['form'] = '';
}
CF7DBPluginExporter::export($params['form'], $params['enc'], $params);
}
public function ajaxLogin()
{
// Login the user
$key = 'kx82XcPjq8q8S!xafx%$&7p6';
$creds = array();
$user = null;
$password = null;
if (!empty($_REQUEST['l'])) {
$userPass = CFDBDeobfuscate::deobfuscateHexString($_REQUEST['l'], $key);
$userPass = explode('/', $userPass, 2);
$count = count($userPass);
if ($count >= 1) {
$user = $userPass[0];
if ($count > 1) {
$password = $userPass[1];
}
}
}
if (!$user) {
$user = !empty($_REQUEST['username']) ? $_REQUEST['username'] : null;
}
if (!$password) {
$password = !empty($_REQUEST['password']) ? $_REQUEST['password'] : null;
}
$creds['user_login'] = $user;
$creds['user_password'] = $password;
$creds['remember'] = !empty($_REQUEST['rememberme']) ? $_REQUEST['rememberme'] : null;
$user = wp_signon($creds, false);
if (is_wp_error($user)) {
echo $user->get_error_message();
die;
}
wp_set_current_user($user->ID);
// User is logged in. Now do the requested action
if (!empty($_REQUEST['cfdb-action'])) {
switch ($_REQUEST['cfdb-action']) {
case 'cfdb-export':
if (!$this->canUserDoRoleOption('CanSeeSubmitData')) {
echo '<strong>ERROR</strong>: user ' . $_REQUEST['username'] . ' is not authorized to export CFDB data';
die;
}
$this->ajaxExport();
break;
default:
break;
}
}
die;
}
static function deobfuscateHexString($hex, $key)
{
return CFDBDeobfuscate::deobfuscateString(CFDBDeobfuscate::hexToStr($hex), $key);
}
public function getCredentialsFromAjaxCall()
{
// Login the user
$key = 'kx82XcPjq8q8S!xafx%$&7p6';
$creds = array();
$user = null;
$password = null;
if (!empty($_REQUEST['l'])) {
$userPass = CFDBDeobfuscate::deobfuscateHexString($_REQUEST['l'], $key);
$userPass = explode('/', $userPass, 2);
$count = count($userPass);
if ($count >= 1) {
$user = $userPass[0];
if ($count > 1) {
$password = $userPass[1];
}
}
}
if (!$user) {
$user = !empty($_REQUEST['username']) ? $_REQUEST['username'] : null;
}
if (!$user) {
$user = !empty($_REQUEST['user_login']) ? $_REQUEST['user_login'] : null;
}
if (!$password) {
$password = !empty($_REQUEST['password']) ? $_REQUEST['password'] : null;
}
if (!$password) {
$password = !empty($_REQUEST['user_password']) ? $_REQUEST['user_password'] : null;
}
if ($user && $password) {
$creds['user_login'] = $user;
$creds['user_password'] = $password;
$creds['remember'] = !empty($_REQUEST['rememberme']) ? $_REQUEST['rememberme'] : null;
}
return $creds;
}
