Current path: home/webdevt/www/demo2/wp-content/plugins/divi-contact-form-helper/d5/server/Admin/AjaxRequests/
?? Go up: /home/webdevt/www/demo2/wp-content/plugins/divi-contact-form-helper/d5/server/Admin
<?php
namespace KS_PAC_DCFH\Admin\AjaxRequests;
if (!defined('ABSPATH')) {
exit;
}
class FileUploadRemoveAjaxRequests
{
private string $upload_tmp_dir;
private string $upload_tmp_url;
public function load(): void
{
add_action('wp_ajax_dcfh_upload_file', [$this, 'maybe_upload_file']);
add_action('wp_ajax_nopriv_dcfh_upload_file', [$this, 'maybe_upload_file']);
add_action('wp_ajax_dcfh_delete_file', [$this, 'maybe_delete_file']);
add_action('wp_ajax_nopriv_dcfh_delete_file', [$this, 'maybe_delete_file']);
$this->upload_tmp_dir = ks_pac_dcfh_app()->file_utils()::get_tmp_upload_dir();
$this->upload_tmp_url = ks_pac_dcfh_app()->file_utils()::get_tmp_upload_url();
}
public function maybe_upload_file(): void
{
if (!check_ajax_referer('dcfh_pb_ajax_req', '_wpnonce')) {
wp_send_json_error(esc_html__('The security check failed due to an invalid nonce. Please try again.', 'divi-contact-form-helper'));
}
if (!ks_pac_dcfh_app()->file_utils()::is_temp_dir_exists()) {
wp_send_json_error(['message' => esc_html__('We’re currently unable to upload your file due to a temporary system issue. Please try again shortly, or contact admin if the problem persists.', 'divi-contact-form-helper')], 400);
}
$file_error_types = [
UPLOAD_ERR_INI_SIZE => __('The file you tried to upload is too large. Please choose a smaller file.', 'divi-contact-form-helper'),
UPLOAD_ERR_FORM_SIZE => __('The file size exceeds the maximum allowed. Please choose a smaller file.', 'divi-contact-form-helper'),
UPLOAD_ERR_PARTIAL => __('The file upload was incomplete. Please try uploading the file again.', 'divi-contact-form-helper'),
UPLOAD_ERR_NO_FILE => __('No file was selected for upload. Please choose a file and try again.', 'divi-contact-form-helper'),
UPLOAD_ERR_NO_TMP_DIR => __('Temporary folder is missing. Please contact the system administrator.', 'divi-contact-form-helper'),
UPLOAD_ERR_CANT_WRITE => __('Failed to save the file to disk. Please try again or contact support.', 'divi-contact-form-helper'),
UPLOAD_ERR_EXTENSION => __('A PHP extension prevented the file upload. Please try again or contact support.', 'divi-contact-form-helper')
];
$error_message = '';
$json_response = [
'success' => [],
'errors' => [],
];
$upload_temp_dir = $this->upload_tmp_dir;
$upload_temp_url = $this->upload_tmp_url;
$token = isset($_POST['token']) ? sanitize_text_field($_POST['token']) : null;
if (empty($token)) {
wp_send_json_error(__('The file token is missing. Please contact the system administrator.', 'divi-contact-form-helper'));
}
$wp_allowed_mime_types = ks_pac_dcfh_app()->file_utils()::get_wp_allowed_mime_types();
$token = json_decode(ks_pac_dcfh_app()->misc_utils()::encrypt_decrypt($token, 'd'), ARRAY_A);
$allowd_filesize = sanitize_text_field($token['maxFileSize'] ?? '');
$allowd_mimes = $token['allowedFileTypes'] ?? [];
$upload_not_allowed_error_text = sanitize_text_field($_POST['upload_file_size_warning_text'] ?? '');
$upload_file_size_warning_text = sanitize_text_field($_POST['not_allowed_error_text'] ?? '');
// Check for errors in uploaded files
foreach ($_FILES as $file) {
$filename = sanitize_file_name($file['name']);
if (isset($file['error']) && UPLOAD_ERR_OK !== $file['error']) {
$error_message = $file_error_types[$file['error']] ?? __('Something went wrong.', 'divi-contact-form-helper');
} else {
$file_tmpname = $file['tmp_name'];
$file_type = $file['type'];
$file_size = $file['size'];
// Ensure the correct MIME type is detected
if (extension_loaded('fileinfo')) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$file_real_mime = finfo_file($finfo, $file_tmpname);
finfo_close($finfo);
} else {
$file_real_mime = $file_type;
}
$wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
// Validate file type and size
if (empty($wp_filetype['type']) || empty($wp_filetype['ext'])) {
$error_message = str_replace('{filename}', $filename, $upload_not_allowed_error_text);
} elseif (!in_array($file_real_mime, $allowd_mimes, true) || !in_array($file_real_mime, $wp_allowed_mime_types, true)) {
$error_message = str_replace('{filename}', $filename, $upload_not_allowed_error_text);
} elseif (($file_size > $allowd_filesize) || ($file_size > wp_max_upload_size())) {
$error_message = str_replace('{filename}', $filename, $upload_file_size_warning_text);
}
}
if (!empty($error_message)) {
$json_response['errors'][] = [
'name' => $filename,
'message' => $error_message,
];
}
}
// If errors are present, return the error response
if (!empty(array_filter($json_response['errors']))) {
wp_send_json_success($json_response);
}
// Upload valid files
foreach ($_FILES as $file) {
$filename = sanitize_file_name($file['name']);
$file_tmpname = $file['tmp_name'];
$wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
$filename_renamed = strtolower(pathinfo($filename, PATHINFO_FILENAME));
$filename_renamed = preg_replace('/[^A-Za-z\d\-]/', ' ', $filename_renamed);
$file_extension = pathinfo($filename, PATHINFO_EXTENSION);
$filename_unique = wp_unique_filename(
$upload_temp_dir,
sprintf('%1$s-%2$s-%3$s.%4$s', mb_substr($filename_renamed, 0, 30, 'utf-8'), str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time(), $file_extension)
);
$file_dir = path_join($upload_temp_dir, $filename_unique);
if (move_uploaded_file($file_tmpname, $file_dir)) { // phpcs:ignore
$file_url = path_join($upload_temp_url, $filename_unique);
$json_response['success'][] = [
'tmp_name' => $filename,
'name' => $filename_unique,
'size' => size_format(filesize($file_dir)),
'mime' => $wp_filetype['type'],
'url' => $file_url,
];
} else {
$json_response['errors'][] = [
'name' => $filename,
'message' => __('Failed to move the uploaded file.', 'divi-contact-form-helper'),
];
}
}
// Return response for successful uploads
if (!empty(array_filter($json_response['success']))) {
wp_send_json_success($json_response);
}
}
public function maybe_delete_file(): void
{
if (!check_ajax_referer('dcfh_pb_ajax_req', '_wpnonce')) {
wp_send_json_error(esc_html__('The security check failed due to an invalid nonce. Please try again.', 'divi-contact-form-helper'));
}
$filename = isset($_POST['file_name']) ? sanitize_text_field($_POST['file_name']) : null;
if (!empty($filename)) {
$tmp_path = path_join($this->upload_tmp_dir, $filename);
if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
wp_delete_file($tmp_path);
wp_send_json_success(__('The file has been deleted successfully!', 'divi-contact-form-helper'));
} else {
wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
}
}
}
}