Current path: home/webdevt/www/cryptoimpot.fr/wp-content/plugins/divi-contact-form-helper/app/Frontend/Request/
?? Go up: /home/webdevt/www/cryptoimpot.fr/wp-content/plugins/divi-contact-form-helper/app/Frontend
<?php
namespace KS_PAC_DCFH\Frontend\Request;
use KS_PAC_DCFH\Admin\Controllers\Strings;
if (!defined('ABSPATH')) {
exit;
}
class Ajax_Requests
{
private $upload_tmp_dir;
private $upload_tmp_url;
public function init(): void
{
$this->upload_tmp_dir = ks_pac_dcfh_file_helper()::get_tmp_upload_dir();
$this->upload_tmp_url = ks_pac_dcfh_file_helper()::get_tmp_upload_url();
add_action('wp_ajax_upload_file', [$this, 'maybe_upload_file']);
add_action('wp_ajax_nopriv_upload_file', [$this, 'maybe_upload_file']);
add_action('wp_ajax_remove_file', [$this, 'maybe_remove_uploaded_file']);
add_action('wp_ajax_nopriv_remove_file', [$this, 'maybe_remove_uploaded_file']);
add_action('wp_ajax_save_digital_signature', [$this, 'maybe_save_digital_signature']);
add_action('wp_ajax_nopriv_save_digital_signature', [$this, 'maybe_save_digital_signature']);
add_action('wp_ajax_delete_digital_signature', [$this, 'maybe_delete_digital_signature']);
add_action('wp_ajax_nopriv_delete_digital_signature', [$this, 'maybe_delete_digital_signature']);
}
public function maybe_upload_file(): void
{
if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
}
$file_error_types = [
UPLOAD_ERR_INI_SIZE => __('The file you tried to upload is too large. Please choose a smaller file.', 'divi-contact-form-helper'),
UPLOAD_ERR_FORM_SIZE => __('The file size exceeds the maximum allowed. Please choose a smaller file.', 'divi-contact-form-helper'),
UPLOAD_ERR_PARTIAL => __('The file upload was incomplete. Please try uploading the file again.', 'divi-contact-form-helper'),
UPLOAD_ERR_NO_FILE => __('No file was selected for upload. Please choose a file and try again.', 'divi-contact-form-helper'),
UPLOAD_ERR_NO_TMP_DIR => __('Temporary folder is missing. Please contact the system administrator.', 'divi-contact-form-helper'),
UPLOAD_ERR_CANT_WRITE => __('Failed to save the file to disk. Please try again or contact support.', 'divi-contact-form-helper'),
UPLOAD_ERR_EXTENSION => __('A PHP extension prevented the file upload. Please try again or contact support.', 'divi-contact-form-helper')
];
$error_message = '';
$json_response = [
'success' => [],
'errors' => [],
];
$upload_temp_dir = $this->upload_tmp_dir;
$upload_temp_url = $this->upload_tmp_url;
$token = isset($_POST['token']) ? sanitize_text_field($_POST['token']) : null;
if (empty($token)) {
wp_send_json_error(__('The file token is missing. Please contact the system administrator.', 'divi-contact-form-helper'));
}
$wp_allowed_mime_types = ks_pac_dcfh_wp_helper()::get_wp_allowed_mime_types();
$token = json_decode(ks_pac_dcfh_general_helper()::encrypt_decrypt($token, 'd'), ARRAY_A);
$allowd_filesize = $token['size'] ?? '';
$allowd_mimes = isset($token['mimetypes']) ? explode(',', $token['mimetypes']) : [];
$frontend_i10 = Strings::instance()->strings('frontend_i10');
$security_reason_text = $frontend_i10['security_reason_text'];
$allow_filesize_text = $frontend_i10['allow_filesize_text'];
// Check for errors in uploaded files
foreach ($_FILES as $file) {
$filename = sanitize_file_name($file['name']);
if (isset($file['error']) && UPLOAD_ERR_OK !== $file['error']) {
$error_message = $file_error_types[$file['error']] ?? __('Something went wrong.', 'divi-contact-form-helper');
} else {
$file_tmpname = $file['tmp_name'];
$file_type = $file['type'];
$file_size = $file['size'];
// Ensure the correct MIME type is detected
if (extension_loaded('fileinfo')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$file_real_mime = finfo_file($finfo, $file_tmpname);
finfo_close($finfo);
} else {
$file_real_mime = $file_type;
}
$wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
// Validate file type and size
if (empty($wp_filetype['type']) || empty($wp_filetype['ext'])) {
$error_message = str_replace('{filename}', $filename, $security_reason_text);
} elseif (!in_array($file_real_mime, $allowd_mimes, true) || !in_array($file_real_mime, $wp_allowed_mime_types, true)) {
$error_message = str_replace('{filename}', $filename, $security_reason_text);
} elseif (($file_size > $allowd_filesize) || ($file_size > wp_max_upload_size())) {
$error_message = str_replace('{filename}', $filename, $allow_filesize_text);
}
}
if (!empty($error_message)) {
$json_response['errors'][] = [
'name' => $filename,
'message' => $error_message,
];
}
}
// If errors are present, return the error response
if (!empty(array_filter($json_response['errors']))) {
wp_send_json_success($json_response);
}
// Upload valid files
foreach ($_FILES as $file) {
$filename = sanitize_file_name($file['name']);
$file_tmpname = $file['tmp_name'];
$wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
$filename_renamed = strtolower(pathinfo($filename, PATHINFO_FILENAME));
$filename_renamed = preg_replace('/[^A-Za-z\d\-]/', ' ', $filename_renamed);
$file_extension = pathinfo($filename, PATHINFO_EXTENSION);
$filename_unique = wp_unique_filename(
$upload_temp_dir,
sprintf('%1$s-%2$s-%3$s.%4$s', mb_substr($filename_renamed, 0, 30, 'utf-8'), str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time(), $file_extension)
);
$file_dir = path_join($upload_temp_dir, $filename_unique);
if (move_uploaded_file($file_tmpname, $file_dir)) {
$file_url = path_join($upload_temp_url, $filename_unique);
$json_response['success'][] = [
'tmp_name' => $filename,
'name' => $filename_unique,
'size' => size_format(filesize($file_dir)),
'mime' => $wp_filetype['type'],
'url' => $file_url,
];
} else {
$json_response['errors'][] = [
'name' => $filename,
'message' => __('Failed to move the uploaded file.', 'divi-contact-form-helper'),
];
}
}
// Return response for successful uploads
if (!empty(array_filter($json_response['success']))) {
wp_send_json_success($json_response);
}
}
public function maybe_remove_uploaded_file(): void
{
if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
}
$filename = isset($_POST['file_name']) ? sanitize_text_field($_POST['file_name']) : null;
if (!empty($filename)) {
$tmp_path = path_join($this->upload_tmp_dir, $filename);
if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
wp_delete_file($tmp_path);
wp_send_json_success(__('The file has been deleted successfully!', 'divi-contact-form-helper'));
} else {
wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
}
}
}
public function maybe_save_digital_signature(): void
{
if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
}
$data_url = isset($_POST['data_url']) ? sanitize_text_field($_POST['data_url']) : null;
if (!empty($data_url)) {
$upload_temp_dir = $this->upload_tmp_dir;
$upload_temp_url = $this->upload_tmp_url;
$filename = wp_unique_filename($upload_temp_dir, sprintf('digital-signature-%1$s-%2$s.png', str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time()));
$file_path = path_join($upload_temp_dir, $filename);
$data_url = str_replace('data:image/png;base64,', '', $data_url);
if (et_()->WPFS()->put_contents($file_path, base64_decode($data_url))) { // phpcs:ignore
$frontend_i10 = Strings::instance()->strings('frontend_i10');
wp_send_json_success([
'message' => $frontend_i10['siganture_save_text'],
'filename' => $filename,
'file_url' => path_join($upload_temp_url, $filename),
]);
} else {
wp_send_json_error();
}
}
}
public function maybe_delete_digital_signature(): void
{
if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
}
$filename = isset($_POST['filename']) ? sanitize_text_field($_POST['filename']) : null;
if (!empty($filename)) {
$tmp_path = path_join($this->upload_tmp_dir, $filename);
if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
wp_delete_file($tmp_path);
$frontend_i10 = Strings::instance()->strings('frontend_i10');
wp_send_json_success($frontend_i10['siganture_delete_text']);
} else {
wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
}
}
}
}