?? GreyFile — Mystic File Browser

Current path: home/webdevt/www/demo2/wp-content/plugins/divi-contact-form-helper/d5/server/Admin/AjaxRequests/



?? Go up: /home/webdevt/www/demo2/wp-content/plugins/divi-contact-form-helper/d5/server/Admin

?? Viewing: FileUploadRemoveAjaxRequests.php

<?php

namespace KS_PAC_DCFH\Admin\AjaxRequests;

if (!defined('ABSPATH')) {
    exit;
}

class FileUploadRemoveAjaxRequests
{
    private string $upload_tmp_dir;

    private string $upload_tmp_url;

    public function load(): void
    {
        add_action('wp_ajax_dcfh_upload_file', [$this, 'maybe_upload_file']);
        add_action('wp_ajax_nopriv_dcfh_upload_file', [$this, 'maybe_upload_file']);
        add_action('wp_ajax_dcfh_delete_file', [$this, 'maybe_delete_file']);
        add_action('wp_ajax_nopriv_dcfh_delete_file', [$this, 'maybe_delete_file']);
        $this->upload_tmp_dir = ks_pac_dcfh_app()->file_utils()::get_tmp_upload_dir();
        $this->upload_tmp_url = ks_pac_dcfh_app()->file_utils()::get_tmp_upload_url();
    }

    public function maybe_upload_file(): void
    {
        if (!check_ajax_referer('dcfh_pb_ajax_req', '_wpnonce')) {
            wp_send_json_error(esc_html__('The security check failed due to an invalid nonce. Please try again.', 'divi-contact-form-helper'));
        }
        if (!ks_pac_dcfh_app()->file_utils()::is_temp_dir_exists()) {
            wp_send_json_error(['message' => esc_html__('We’re currently unable to upload your file due to a temporary system issue. Please try again shortly, or contact admin if the problem persists.', 'divi-contact-form-helper')], 400);
        }
        $file_error_types = [
            UPLOAD_ERR_INI_SIZE => __('The file you tried to upload is too large. Please choose a smaller file.', 'divi-contact-form-helper'),
            UPLOAD_ERR_FORM_SIZE => __('The file size exceeds the maximum allowed. Please choose a smaller file.', 'divi-contact-form-helper'),
            UPLOAD_ERR_PARTIAL => __('The file upload was incomplete. Please try uploading the file again.', 'divi-contact-form-helper'),
            UPLOAD_ERR_NO_FILE => __('No file was selected for upload. Please choose a file and try again.', 'divi-contact-form-helper'),
            UPLOAD_ERR_NO_TMP_DIR => __('Temporary folder is missing. Please contact the system administrator.', 'divi-contact-form-helper'),
            UPLOAD_ERR_CANT_WRITE => __('Failed to save the file to disk. Please try again or contact support.', 'divi-contact-form-helper'),
            UPLOAD_ERR_EXTENSION => __('A PHP extension prevented the file upload. Please try again or contact support.', 'divi-contact-form-helper')
        ];
        $error_message = '';
        $json_response = [
            'success' => [],
            'errors' => [],
        ];
        $upload_temp_dir = $this->upload_tmp_dir;
        $upload_temp_url = $this->upload_tmp_url;
        $token = isset($_POST['token']) ? sanitize_text_field($_POST['token']) : null;
        if (empty($token)) {
            wp_send_json_error(__('The file token is missing. Please contact the system administrator.', 'divi-contact-form-helper'));
        }
        $wp_allowed_mime_types = ks_pac_dcfh_app()->file_utils()::get_wp_allowed_mime_types();
        $token = json_decode(ks_pac_dcfh_app()->misc_utils()::encrypt_decrypt($token, 'd'), ARRAY_A);
        $allowd_filesize = sanitize_text_field($token['maxFileSize'] ?? '');
        $allowd_mimes = $token['allowedFileTypes'] ?? [];
        $upload_not_allowed_error_text = sanitize_text_field($_POST['upload_file_size_warning_text'] ?? '');
        $upload_file_size_warning_text = sanitize_text_field($_POST['not_allowed_error_text'] ?? '');
        // Check for errors in uploaded files
        foreach ($_FILES as $file) {
            $filename = sanitize_file_name($file['name']);
            if (isset($file['error']) && UPLOAD_ERR_OK !== $file['error']) {
                $error_message = $file_error_types[$file['error']] ?? __('Something went wrong.', 'divi-contact-form-helper');
            } else {
                $file_tmpname = $file['tmp_name'];
                $file_type = $file['type'];
                $file_size = $file['size'];
                // Ensure the correct MIME type is detected
                if (extension_loaded('fileinfo')) {
                    $finfo = finfo_open(FILEINFO_MIME_TYPE);
                    $file_real_mime = finfo_file($finfo, $file_tmpname);
                    finfo_close($finfo);
                } else {
                    $file_real_mime = $file_type;
                }
                $wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
                // Validate file type and size
                if (empty($wp_filetype['type']) || empty($wp_filetype['ext'])) {
                    $error_message = str_replace('{filename}', $filename, $upload_not_allowed_error_text);
                } elseif (!in_array($file_real_mime, $allowd_mimes, true) || !in_array($file_real_mime, $wp_allowed_mime_types, true)) {
                    $error_message = str_replace('{filename}', $filename, $upload_not_allowed_error_text);
                } elseif (($file_size > $allowd_filesize) || ($file_size > wp_max_upload_size())) {
                    $error_message = str_replace('{filename}', $filename, $upload_file_size_warning_text);
                }
            }
            if (!empty($error_message)) {
                $json_response['errors'][] = [
                    'name' => $filename,
                    'message' => $error_message,
                ];
            }
        }
        // If errors are present, return the error response
        if (!empty(array_filter($json_response['errors']))) {
            wp_send_json_success($json_response);
        }
        // Upload valid files
        foreach ($_FILES as $file) {
            $filename = sanitize_file_name($file['name']);
            $file_tmpname = $file['tmp_name'];
            $wp_filetype = wp_check_filetype_and_ext($file_tmpname, $filename, $wp_allowed_mime_types);
            $filename_renamed = strtolower(pathinfo($filename, PATHINFO_FILENAME));
            $filename_renamed = preg_replace('/[^A-Za-z\d\-]/', ' ', $filename_renamed);
            $file_extension = pathinfo($filename, PATHINFO_EXTENSION);
            $filename_unique = wp_unique_filename(
                $upload_temp_dir,
                sprintf('%1$s-%2$s-%3$s.%4$s', mb_substr($filename_renamed, 0, 30, 'utf-8'), str_pad(wp_rand(999, time()), 5, 0, STR_PAD_BOTH), time(), $file_extension)
            );
            $file_dir = path_join($upload_temp_dir, $filename_unique);
            if (move_uploaded_file($file_tmpname, $file_dir)) { // phpcs:ignore
                $file_url = path_join($upload_temp_url, $filename_unique);
                $json_response['success'][] = [
                    'tmp_name' => $filename,
                    'name' => $filename_unique,
                    'size' => size_format(filesize($file_dir)),
                    'mime' => $wp_filetype['type'],
                    'url' => $file_url,
                ];
            } else {
                $json_response['errors'][] = [
                    'name' => $filename,
                    'message' => __('Failed to move the uploaded file.', 'divi-contact-form-helper'),
                ];
            }
        }
        // Return response for successful uploads
        if (!empty(array_filter($json_response['success']))) {
            wp_send_json_success($json_response);
        }
    }

    public function maybe_delete_file(): void
    {
        if (!check_ajax_referer('dcfh_pb_ajax_req', '_wpnonce')) {
            wp_send_json_error(esc_html__('The security check failed due to an invalid nonce. Please try again.', 'divi-contact-form-helper'));
        }
        $filename = isset($_POST['file_name']) ? sanitize_text_field($_POST['file_name']) : null;
        if (!empty($filename)) {
            $tmp_path = path_join($this->upload_tmp_dir, $filename);
            if (et_()->WPFS()->is_file($tmp_path) && et_()->WPFS()->exists($tmp_path)) {
                wp_delete_file($tmp_path);
                wp_send_json_success(__('The file has been deleted successfully!', 'divi-contact-form-helper'));
            } else {
                wp_send_json_error(__('Something went wrong. Please upload file again.', 'divi-contact-form-helper'));
            }
        }
    }
}


??

??