?? GreyFile — Mystic File Browser

Current path: home/webdevt/www/cryptoimpot.fr/wp-content/plugins/divi-contact-form-helper/app/Frontend/Request/



?? Go up: /home/webdevt/www/cryptoimpot.fr/wp-content/plugins/divi-contact-form-helper/app/Frontend

?? Viewing: Ajax_Requests.php

<?php

namespace KS_PAC_DCFH\Frontend\Request;

use KS_PAC_DCFH\Admin\Controllers\Strings;

if (!defined('ABSPATH')) {
    exit;
}

class Ajax_Requests
{
    private $upload_tmp_dir;

    private $upload_tmp_url;

    public function init(): void
    {
        $this->upload_tmp_dir = ks_pac_dcfh_file_helper()::get_tmp_upload_dir();
        $this->upload_tmp_url = ks_pac_dcfh_file_helper()::get_tmp_upload_url();
        add_action('wp_ajax_upload_file', [$this, 'maybe_upload_file']);
        add_action('wp_ajax_nopriv_upload_file', [$this, 'maybe_upload_file']);
        add_action('wp_ajax_remove_file', [$this, 'maybe_remove_uploaded_file']);
        add_action('wp_ajax_nopriv_remove_file', [$this, 'maybe_remove_uploaded_file']);
        add_action('wp_ajax_save_digital_signature', [$this, 'maybe_save_digital_signature']);
        add_action('wp_ajax_nopriv_save_digital_signature', [$this, 'maybe_save_digital_signature']);
        add_action('wp_ajax_delete_digital_signature', [$this, 'maybe_delete_digital_signature']);
        add_action('wp_ajax_nopriv_delete_digital_signature', [$this, 'maybe_delete_digital_signature']);
    }

    public function maybe_upload_file(): void
    {
        if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
            wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
        }
        $file_error_types = [
            UPLOAD_ERR_INI_SIZE => __('The file you tried to upload is too large. Please choose a smaller file.', 'divi-contact-form-helper'),
            UPLOAD_ERR_FORM_SIZE => __('The file size exceeds the maximum allowed. Please choose a smaller file.', 'divi-contact-form-helper'),
            UPLOAD_ERR_PARTIAL => __('The file upload was incomplete. Please try uploading the file again.', 'divi-contact-form-helper'),
            UPLOAD_ERR_NO_FILE => __('No file was selected for upload. Please choose a file and try again.', 'divi-contact-form-helper'),
            UPLOAD_ERR_NO_TMP_DIR => __('Temporary folder is missing. Please contact the system administrator.', 'divi-contact-form-helper'),
            UPLOAD_ERR_CANT_WRITE => __('Failed to save the file to disk. Please try again or contact support.', 'divi-contact-form-helper'),
            UPLOAD_ERR_EXTENSION => __('A PHP extension prevented the file upload. Please try again or contact support.', 'divi-contact-form-helper')
        ];
        $error_message = '';
        $json_response = [
            'success' => [],
            'errors' => [],
        ];
        $upload_temp_dir = $this->upload_tmp_dir;
        $upload_temp_url = $this->upload_tmp_url;
        $token = isset($_POST['token']) ? sanitize_text_field($_POST['token']) : null;
        if (empty($token)) {
            wp_send_json_error(__('The file token is missing. Please contact the system administrator.', 'divi-contact-form-helper'));
        }
        $wp_allowed_mime_types = ks_pac_dcfh_wp_helper()::get_wp_allowed_mime_types();
        $token = json_decode(ks_pac_dcfh_general_helper()::encrypt_decrypt($token, 'd'), ARRAY_A);
        $allowd_filesize = $token['size'] ?? '';
        $allowd_mimes = isset($token['mimetypes']) ? explode(',', $token['mimetypes']) : [];
        $frontend_i10 = Strings::instance()->strings('frontend_i10');
        $security_reason_text = $frontend_i10['security_reason_text'];
        $allow_filesize_text = $frontend_i10['allow_filesize_text'];
        // Check for errors in uploaded files
        foreach ($_FILES as $file) {
            $filename = sanitize_file_name($file['name']);
            if (isset($file['error']) && UPLOAD_ERR_OK !== $file['error']) {
                $error_message = $file_error_types[$file['error']] ?? __('Something went wrong.', 'divi-contact-form-helper');
            } else {
                $file_tmpname = $file['tmp_name'];
                $file_type = $file['type'];
                $file_size = $file['size'];
                // Ensure the correct MIME type is detected
                if (extension_loaded('fileinfo')) {
                    $finfo = finfo_open(FILEINFO_MIME_TYPE);
                    $file_real_mime = finfo_file($finfo, $file_tmpname);
                    finfo_close($finfo);
                } else {
                    $file_real_mime = $file_type;
                }
                $wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
                // Validate file type and size
                if (empty($wp_filetype['type']) || empty($wp_filetype['ext'])) {
                    $error_message = str_replace('{filename}', $filename, $security_reason_text);
                } elseif (!in_array($file_real_mime, $allowd_mimes, true) || !in_array($file_real_mime, $wp_allowed_mime_types, true)) {
                    $error_message = str_replace('{filename}', $filename, $security_reason_text);
                } elseif (($file_size > $allowd_filesize) || ($file_size > wp_max_upload_size())) {
                    $error_message = str_replace('{filename}', $filename, $allow_filesize_text);
                }
            }
            if (!empty($error_message)) {
                $json_response['errors'][] = [
                    'name' => $filename,
                    'message' => $error_message,
                ];
            }
        }
        // If errors are present, return the error response
        if (!empty(array_filter($json_response['errors']))) {
            wp_send_json_success($json_response);
        }
        // Upload valid files
        foreach ($_FILES as $file) {
            $filename = sanitize_file_name($file['name']);
            $file_tmpname = $file['tmp_name'];
            $wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
            $filename_renamed = strtolower(pathinfo($filename, PATHINFO_FILENAME));
            $filename_renamed = preg_replace('/[^A-Za-z\d\-]/', ' ', $filename_renamed);
            $file_extension = pathinfo($filename, PATHINFO_EXTENSION);
            $filename_unique = wp_unique_filename(
                $upload_temp_dir,
                sprintf('%1$s-%2$s-%3$s.%4$s', mb_substr($filename_renamed, 0, 30, 'utf-8'), str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time(), $file_extension)
            );
            $file_dir = path_join($upload_temp_dir, $filename_unique);
            if (move_uploaded_file($file_tmpname, $file_dir)) {
                $file_url = path_join($upload_temp_url, $filename_unique);
                $json_response['success'][] = [
                    'tmp_name' => $filename,
                    'name' => $filename_unique,
                    'size' => size_format(filesize($file_dir)),
                    'mime' => $wp_filetype['type'],
                    'url' => $file_url,
                ];
            } else {
                $json_response['errors'][] = [
                    'name' => $filename,
                    'message' => __('Failed to move the uploaded file.', 'divi-contact-form-helper'),
                ];
            }
        }
        // Return response for successful uploads
        if (!empty(array_filter($json_response['success']))) {
            wp_send_json_success($json_response);
        }
    }

    public function maybe_remove_uploaded_file(): void
    {
        if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
            wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
        }
        $filename = isset($_POST['file_name']) ? sanitize_text_field($_POST['file_name']) : null;
        if (!empty($filename)) {
            $tmp_path = path_join($this->upload_tmp_dir, $filename);
            if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
                wp_delete_file($tmp_path);
                wp_send_json_success(__('The file has been deleted successfully!', 'divi-contact-form-helper'));
            } else {
                wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
            }
        }
    }

    public function maybe_save_digital_signature(): void
    {
        if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
            wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
        }
        $data_url = isset($_POST['data_url']) ? sanitize_text_field($_POST['data_url']) : null;
        if (!empty($data_url)) {
            $upload_temp_dir = $this->upload_tmp_dir;
            $upload_temp_url = $this->upload_tmp_url;
            $filename = wp_unique_filename($upload_temp_dir, sprintf('digital-signature-%1$s-%2$s.png', str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time()));
            $file_path = path_join($upload_temp_dir, $filename);
            $data_url = str_replace('data:image/png;base64,', '', $data_url);
            if (et_()->WPFS()->put_contents($file_path, base64_decode($data_url))) {  // phpcs:ignore
                $frontend_i10 = Strings::instance()->strings('frontend_i10');
                wp_send_json_success([
                    'message' => $frontend_i10['siganture_save_text'],
                    'filename' => $filename,
                    'file_url' => path_join($upload_temp_url, $filename),
                ]);
            } else {
                wp_send_json_error();
            }
        }
    }

    public function maybe_delete_digital_signature(): void
    {
        if (!check_ajax_referer('dcfh-nonce-ajax', '_wpnonce', false)) {
            wp_send_json_error(esc_html__('The security check failed. Please try again. Tip: Hard refresh the page (Ctrl+Shift+R on Windows/Linux or Cmd+Shift+R on Mac).', 'divi-contact-form-helper'));
        }
        $filename = isset($_POST['filename']) ? sanitize_text_field($_POST['filename']) : null;
        if (!empty($filename)) {
            $tmp_path = path_join($this->upload_tmp_dir, $filename);
            if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
                wp_delete_file($tmp_path);
                $frontend_i10 = Strings::instance()->strings('frontend_i10');
                wp_send_json_success($frontend_i10['siganture_delete_text']);
            } else {
                wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
            }
        }
    }
}


??

??