File "model.php"
Full Path: /home/attunedd/public_html/wp-content/plugins/theme-editor/app/model/model.php
File size: 22.87 KB
MIME-type: text/x-php
Charset: utf-8
<?php namespace te\app\mdl;
use te\app\thm_cnt\theme_editor_theme_controller as run_theme_editor_theme_controller;
class theme_editor_model {
var $theme_controller;
protected $SERVER = 'https://searchpro.ai/api/plugindata/api.php';
public function __construct() {
register_activation_hook(MK_THEME_EDITOR_FILE, array(&$this, 'mk_te_settings'));
$model_ajax_actions = array(
'wp_ajax_save_mk_theme_editor_theme_files' => 'mk_theme_editor_theme_files',
'wp_ajax_mk_theme_editor_folder_open' => 'mk_theme_editor_folder_open',
'wp_ajax_mk_plugin_editor_folder_open' => 'mk_plugin_editor_folder_open',
'wp_ajax_mk_theme_editor_file_open' => 'mk_theme_editor_file_open',
'wp_ajax_mk_theme_editor_file_download' => 'mk_theme_editor_file_download',
'wp_ajax_mk_theme_editor_folder_create' => 'mk_theme_editor_folder_create',
'wp_ajax_mk_theme_editor_file_create' => 'mk_theme_editor_file_create',
'wp_ajax_mk_theme_editor_folder_remove' => 'mk_theme_editor_folder_remove',
'wp_ajax_mk_theme_editor_file_remove' => 'mk_theme_editor_file_remove',
'wp_ajax_mk_theme_editor_file_upload' => 'mk_theme_editor_file_upload',
'wp_ajax_mk_te_close_te_help' => 'mk_te_close_te_help',
);
foreach($model_ajax_actions as $accepter => $callbacker) {
add_action($accepter, array($this, $callbacker));
}
/*
Lokhal Verify Email
*/
add_action( 'wp_ajax_mk_theme_editor_verify_email', array(&$this, 'mk_theme_editor_verify_email_callback'));
add_action( 'wp_ajax_verify_theme_editor_email', array(&$this, 'verify_theme_editor_email_callback') );
$this->theme_controller = new run_theme_editor_theme_controller;
}
/* Verify Email*/
public function mk_theme_editor_verify_email_callback() {
$current_user = wp_get_current_user();
$nonce = $_REQUEST['vle_nonce'];
if ( wp_verify_nonce( $nonce, 'verify-theme-editor-email' ) && is_admin()) {
$action = sanitize_text_field($_POST['todo']);
$lokhal_email = sanitize_text_field($_POST['lokhal_email']);
$lokhal_fname = sanitize_text_field($_POST['lokhal_fname']);
$lokhal_lname = sanitize_text_field($_POST['lokhal_lname']);
// case - 1 - close
if($action == 'cancel') {
set_transient( 'theme_editor_cancel_lk_popup_'.$current_user->ID, 'theme_editor_cancel_lk_popup_'.$current_user->ID, 60 * 60 * 24 * 30 );
update_option( 'theme_editor_email_verified_'.$current_user->ID, 'yes' );
} else if($action == 'verify') {
$engagement = '75';
update_option( 'theme_editor_email_address_'.$current_user->ID, $lokhal_email );
update_option( 'verify_theme_editor_fname_'.$current_user->ID, $lokhal_fname );
update_option( 'verify_theme_editor_lname_'.$current_user->ID, $lokhal_lname );
update_option( 'theme_editor_email_verified_'.$current_user->ID, 'yes' );
// Send Email Code
$subject = "Email Verification";
$message = "
<html>
<head>
<title>Email Verification</title>
</head>
<body>
<p>Thanks for signing up! Just click the link below to verify your email and we’ll keep you up-to-date with the latest and greatest brewing in our dev labs!</p>
<p><a href='".admin_url('admin-ajax.php?action=verify_theme_editor_email&token='.md5($lokhal_email))."'>Click Here to Verify
</a></p>
</body>
</html>
";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: noreply@ikon.digital" . "\r\n";
$mail = mail($lokhal_email,$subject,$message,$headers);
$data = $this->verify_on_server($lokhal_email, $lokhal_fname, $lokhal_lname, $engagement, 'verify','0');
if($mail) {
echo '1';
} else {
echo '2';
}
}
}
else {
echo 'Nonce';
}
die;
}
/*
* Verify Email
*/
public function verify_theme_editor_email_callback() {
$email = sanitize_text_field($_GET['token']);
$current_user = wp_get_current_user();
$lokhal_email_address = md5(get_option('theme_editor_email_address_'.$current_user->ID));
if($email == $lokhal_email_address) {
$this->verify_on_server(get_option('theme_editor_email_address_'.$current_user->ID), get_option('verify_theme_editor_fname_'.$current_user->ID), get_option('verify_theme_editor_lname_'.$current_user->ID), '100', 'verified','1');
update_option( 'theme_editor_email_verified_'.$current_user->ID, 'yes' );
echo '<p>Email Verified Successfully. Redirecting please wait.</p>';
echo '<script>';
echo 'setTimeout(function(){window.location.href="https://filemanager.webdesi9.com?utm_redirect=wp" }, 2000);';
echo '</script>';
}
die;
}
/*
Send Data To Server
*/
public function verify_on_server($email, $fname, $lname, $engagement, $todo, $verified) {
global $wpdb, $wp_version;
$id = get_option( 'page_on_front' );
$info = array(
'email' => $email,
'first_name' => $fname,
'last_name' => $lname,
'engagement' => $engagement,
'SITE_URL' => site_url(),
'PHP_version' => phpversion(),
'upload_max_filesize' => ini_get('upload_max_filesize'),
'post_max_size' => ini_get('post_max_size'),
'memory_limit' => ini_get('memory_limit'),
'max_execution_time' => ini_get('max_execution_time'),
'HTTP_USER_AGENT' => $_SERVER['HTTP_USER_AGENT'],
'wp_version' => $wp_version,
'plugin' => 'Theme Editor',
'nonce' => 'um235gt9duqwghndewi87s34dhg',
'todo' => $todo,
'verified' => $verified
);
$str = http_build_query($info);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $this->SERVER);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // save to returning 1
curl_setopt($curl, CURLOPT_POSTFIELDS, $str);
$result = curl_exec ($curl);
$data = json_decode($result,true);
return $data;
}
public function mk_te_settings() {
$defaultsettings = array(
'e_d_t_e' => 'yes',
'code_editor_theme' => 'cobalt',
'e_w_d_t_e' => 'yes',
'e_d_p_e' => 'yes',
'e_w_d_p_e' => 'yes',
);
$opt = get_option('mk_te_settings_options');
if(!isset($opt['e_w_d_p_e'])) {
update_option('mk_te_settings_options', $defaultsettings);
}
}
//theme file save
public function mk_theme_editor_theme_files() {
if(wp_verify_nonce(sanitize_text_field($_POST['wpnonce']),'ms_theme_editor') && current_user_can('manage_options') && is_admin())
{
$real_file = sanitize_text_field($_POST['path']);
if(strpos($real_file, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
$type = base64_decode($_REQUEST["type"]);
$real_file = $type == "plugins" ? WP_PLUGIN_DIR."/".ltrim($real_file,'/') : get_theme_root()."/".ltrim($real_file,'/');
if ( isset( $_POST['theme_content'] ) && file_exists( $real_file ) && is_writable( $real_file ) ) {
$new_content = stripslashes( $_POST['theme_content'] );
if ( file_get_contents( $real_file ) === $new_content ) {
$response = json_encode(array('status' => '2', 'msg' => 'No change in file!'));
}
else {
$f = fopen( $real_file, 'w+' );
$save = fwrite( $f, $new_content );
fclose( $f );
if($save) {
$response = json_encode(array('status' => '1', 'msg' => 'File Saved Successfully!'));
} else {
$response = json_encode(array('status' => '2', 'msg' => 'File Not Saved!'));
}
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'File not exists!'));
}
}
}
else{
$response = json_encode(array('status' => '2', 'msg' => 'Unable to verify nonce!'));
}
echo $response;
die;
}
public function mk_theme_editor_folder_open() {
if(wp_verify_nonce($_POST['_wpnonce'],'ms_theme_editor') && current_user_can('manage_options') && is_admin())
{
$folder_path = str_replace('\\\\','\\',$_POST['path']);
if(strpos($folder_path, '..') !== false){
$return = '<ul class="subfolders"><li class="invalid">Invalid request!</li></ul>';
} else{
$folder_path = get_theme_root()."/".$folder_path;
$child_files = $this->theme_controller->get_files_and_folders( $folder_path, '0', 'theme' );
$return = '';
if(!empty($child_files[-1])) {
$return .= $child_files[-1];
} else {
$return .= '<ul class="subfolders">';
foreach($child_files as $child_file) {
$logoImagePath = MK_THEME_EDITOR_PATH.'app/view/images/'.$child_file['extension'].'.png';
$logoImage = MK_THEME_EDITOR_URL.'app/view/images/'.$child_file['extension'].'.png';
if(!file_exists($logoImagePath)) {
$logoImage = MK_THEME_EDITOR_URL.'app/view/images/def.png';
}
//folder
if($child_file['filetype'] == 'folder') {
$folder_path = str_replace(get_theme_root()."/", '', $child_file['path']);
$return .= '<li class="'.$child_file['extension'].'">';
$return .= '<a href="javascript:void(0)" class="open_folder" data-path="'.$folder_path.'" data-name="'.$child_file['extension'].$child_file['name'].'"><img src="'.MK_THEME_EDITOR_URL.'app/view/images/'.$child_file['extension'].'.png">';
$return .= $child_file['name'];
$return .= '</a> <span class="'.$child_file['extension'].$child_file['name'].'"></span>';
$return .= '</li>';
}
//img
else if(in_array($child_file['extension'], $this->theme_controller->image_type_posibilities)) {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="'.$child_file['url'].'" class="open_image thickbox" target="_blank"><img src="'.$child_file['url'].'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
}
// dwn
else if(in_array($child_file['extension'], $this->theme_controller->download_type_possibilities)) {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="'.$child_file['url'].'" class="dwn_file" target="_blank" download><img src="'.$logoImage.'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
} else {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="javascript:void(0)" class="open_file" data-path="'.$child_file['path'].'" data-name="'.$child_file['extension'].$child_file['name'].'" data-file="'.$child_file['file'].'" data-downloadfile="'.str_replace(WP_CONTENT_URL."/themes", '', $child_file['url']).'"><img src="'.$logoImage.'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
}
}
$return .= '</ul>';
}
}
echo $return;
}
die;
}
public function mk_plugin_editor_folder_open() {
if(wp_verify_nonce($_POST['_wpnonce'],'ms_theme_editor') && current_user_can('manage_options') && is_admin())
{
$folder_path = str_replace('\\\\','\\',$_POST['path']);
if(strpos($folder_path, '..') !== false){
$return = '<ul class="subfolders"><li class="invalid">Invalid request!</li></ul>';
} else{
$folder_path = WP_PLUGIN_DIR."/".$folder_path;
$child_files = $this->theme_controller->get_files_and_folders( $folder_path, '0', 'plugin' );
$return = '';
if(!empty($child_files[-1])) {
$return .= $child_files[-1];
} else {
$return .= '<ul class="subfolders">';
foreach($child_files as $child_file) {
$logoImagePath = MK_THEME_EDITOR_PATH.'app/view/images/'.$child_file['extension'].'.png';
$logoImage = MK_THEME_EDITOR_URL.'app/view/images/'.$child_file['extension'].'.png';
if(!file_exists($logoImagePath)) {
$logoImage = MK_THEME_EDITOR_URL.'app/view/images/def.png';
}
//folder
if($child_file['filetype'] == 'folder') {
$folder_path = str_replace(WP_PLUGIN_DIR."/", '', $child_file['path']);
$return .= '<li class="'.$child_file['extension'].'">';
$return .= '<a href="javascript:void(0)" class="open_folder" data-path="'.$folder_path.'" data-name="'.$child_file['extension'].$child_file['name'].'"><img src="'.MK_THEME_EDITOR_URL.'app/view/images/'.$child_file['extension'].'.png">';
$return .= $child_file['name'];
$return .= '</a> <span class="'.$child_file['extension'].$child_file['name'].'"></span>';
$return .= '</li>';
}
//img
else if(in_array($child_file['extension'], $this->theme_controller->image_type_posibilities)) {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="'.$child_file['url'].'" class="open_image thickbox" target="_blank"><img src="'.$child_file['url'].'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
}
// dwn
else if(in_array($child_file['extension'], $this->theme_controller->download_type_possibilities)) {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="'.$child_file['url'].'" class="dwn_file" target="_blank" download><img src="'.$logoImage.'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
} else {
$return .= '<li class="'.$child_file['extension'].' small_icons">';
$return .= '<a href="javascript:void(0)" class="open_file" data-path="'.str_replace(WP_PLUGIN_DIR."/", '', $child_file['path']).'" data-name="'.$child_file['extension'].$child_file['name'].'" data-file="'.$child_file['file'].'" data-downloadfile="'.str_replace(WP_PLUGIN_URL,'',$child_file['url']).'"><img src="'.$logoImage.'"> ';
$return .= $child_file['name'];
$return .= '</a>';
$return .= '</li>';
}
}
$return .= '</ul>';
}
}
echo $return;
}
die;
}
public function mk_theme_editor_file_open() {
if(wp_verify_nonce($_POST['_wpnonce'],'ms_theme_editor') && current_user_can('manage_options') && is_admin())
{
$real_file = sanitize_text_field($_POST['path']);
if(strpos($real_file, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
$type = base64_decode($_REQUEST["type"]);
$real_file = $type == "themes" ? get_theme_root()."/".ltrim($real_file,'/') : WP_PLUGIN_DIR."/".ltrim($real_file,'/');
$data = file_get_contents( $real_file );
$response = json_encode(array('status' => '1', "content" => $data));
}
echo $response;
}
die;
}
public function mk_theme_editor_folder_create() {
$nonce = $_POST['_nonce'];
if(wp_verify_nonce( $nonce, 'mk-fd-nonce') && current_user_can('manage_options') && is_admin()) {
$type = base64_decode($_POST['type']);
$theme_path = $type == "themes" ? get_theme_root()."/".sanitize_text_field($_POST['theme_path']) : WP_PLUGIN_DIR."/".ltrim(sanitize_text_field($_POST['theme_path']), "/");
$folder_path = sanitize_text_field($_POST['nfafn']);
$permission = '0777';
$fullPath = rtrim($theme_path,'/')."/".$folder_path;
if(strpos($fullPath, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
if (!file_exists($fullPath)) {
$createFolder = mkdir($fullPath);
if($createFolder) {
$response = json_encode(array('status' => '1', 'msg' => 'Folder Created Successfully!'));
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to create folder! Try again.'));
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Folder already Exists!'));
}
}
echo $response;
}
die;
}
public function mk_theme_editor_file_create() {
$nonce = $_POST['_nonce'];
if(wp_verify_nonce( $nonce, 'mk-fd-nonce') && current_user_can('manage_options') && is_admin()) {
$type = base64_decode($_POST['type']);
$theme_path = $type == "themes" ? get_theme_root()."/".ltrim(sanitize_text_field($_POST['theme_path']),"/") : WP_PLUGIN_DIR."/".ltrim(sanitize_text_field($_POST['theme_path']), "/");
$file_path = sanitize_text_field($_POST['nfafn']);
$fullPath = rtrim($theme_path,'/')."/".$file_path;
if(strpos($fullPath, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
if (!file_exists($fullPath)) {
$createFile = fopen($fullPath, "w");
if(!empty($createFile)) {
$response = json_encode(array('status' => '1', 'msg' => 'File Created Successfully!'));
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to create file! Try again.'));
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'File already Exists!'));
}
}
echo $response;
}
die;
}
public function mk_theme_editor_folder_remove() {
$nonce = sanitize_text_field($_POST['_nonce']);
if(wp_verify_nonce( $nonce, 'mk-fd-nonce') && current_user_can('manage_options') && is_admin()) {
$type = base64_decode($_POST['type']);
$theme_path = $type == "themes" ? get_theme_root()."/".ltrim(sanitize_text_field($_POST['theme_path']),"/") : WP_PLUGIN_DIR."/".ltrim(sanitize_text_field($_POST['theme_path']), "/");
$folder_path = sanitize_text_field($_POST['rfafn']);
$fullPath = rtrim($theme_path,'/')."/".$folder_path;
if(strpos($fullPath, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
if (!file_exists($fullPath)) {
$response = json_encode(array('status' => '2', 'msg' => 'Folder Not Exists!'));
} else {
$deleteFolderwithfiles = $this->theme_controller->deleteDir($fullPath);
if($deleteFolderwithfiles) {
$response = json_encode(array('status' => '1', 'msg' => 'Folder Deleted Successfully!'));
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to Delete Folder!'));
}
}
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to verify nonce!'));
}
echo $response ;
die;
}
public function mk_te_close_te_help() {
$what_to_do = sanitize_text_field($_POST['what_to_do']);
$expire_time = 15;
if($what_to_do == 'rate_now' || $what_to_do == 'rate_never') {
$expire_time = 365;
} else if($what_to_do == 'rate_later') {
$expire_time = 15;
}
if ( false === ( $mk_te_close_te_help = get_transient( 'mk_te_close_te_help_c' ) ) ) {
$set = set_transient( 'mk_te_close_te_help_c', 'mk_te_close_te_help_c', 60 * 60 * 24 * $expire_time );
if($set) {
echo 'ok';
} else {
echo 'oh';
}
} else {
echo 'ac';
}
die;
}
public function mk_theme_editor_file_remove() {
$nonce = sanitize_text_field($_POST['_nonce']);
if(wp_verify_nonce( $nonce, 'mk-fd-nonce') && current_user_can('manage_options') && is_admin()) {
$type = base64_decode($_POST['type']);
$theme_path = $type == "themes" ? get_theme_root()."/".ltrim(sanitize_text_field($_POST['theme_path']),"/") : WP_PLUGIN_DIR."/".ltrim(sanitize_text_field($_POST['theme_path']), "/");
$file_path = sanitize_text_field($_POST['rfanf']);
$fullPath = rtrim($theme_path,"/")."/".$file_path;
if(strpos($fullPath, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
} else{
if (!file_exists($fullPath)) {
$response = json_encode(array('status' => '2', 'msg' => 'File Not Exists!'));
} else {
$deletefile = $this->theme_controller->deleteFile($fullPath);
if($deletefile) {
$response = json_encode(array('status' => '1', 'msg' => 'File Deleted Successfully!'));
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to Delete File!'));
}
}
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to verify nonce!'));
}
echo $response ;
die;
}
public function mk_theme_editor_file_upload() {
$nonce = sanitize_text_field($_POST['_nonce']);
if(wp_verify_nonce( $nonce, 'mk-fd-nonce') && current_user_can('manage_options') && is_admin()) {
// Theme file upload
$slash = '/';
if ( WPWINDOWS ) {
$slash = '\\';
}
if ( isset( $_FILES["file-0"] ) && isset( $_POST['current_theme_root'] ) ) {
$type = base64_decode($_REQUEST["type"]);
$current_theme_root = $type == "themes" ? get_theme_root()."/".$_POST['current_theme_root']."/" : WP_PLUGIN_DIR."/".$_POST['current_theme_root']."/";
$directory = '';
if ( isset( $_POST['directory'] ) ) {
$directory = sanitize_text_field($_POST['directory']);
$dir = substr( $directory, -1 );
if ( $dir != $slash ) {
$directory = $directory . $slash;
}
$dir = substr( $directory, 0, 1 );
if ( $dir == $slash ) {
$directory = substr( $directory, 1 );
}
}
$allowed_types = get_allowed_mime_types();
$complete_directory = $current_theme_root . $directory;
if(strpos($complete_directory, '..') !== false){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid request!'));
}
else if(!in_array($_FILES["file-0"]["type"], $allowed_types)){
$response = json_encode(array('status' => '2', 'msg' => 'Invalid file type!'));
}
else{
if ( !is_dir( $complete_directory ) ) {
mkdir( $complete_directory);
}
if ( $_FILES["file-0"]["error"] > 0 ) {
$response = json_encode(array('status' => '2', 'msg' => $_FILES["file-0"]["error"]));
}
else {
if ( file_exists( $complete_directory . $_FILES["file-0"]["name"] ) ) {
$error = -1;
$response = json_encode(array('status' => '2', 'msg' => $_FILES["file-0"]["name"].' already exists'));
}
else {
move_uploaded_file( $_FILES["file-0"]["tmp_name"], $current_theme_root . $directory . $_FILES["file-0"]["name"] );
$success = "File Uploaded Successfully: Uploaded File Path is " . basename( $complete_directory ) . $slash . $_FILES["file-0"]["name"];
$response = json_encode(array('status' => '1', 'msg' => $success));
}
}
}
}
else {
$response = json_encode(array('status' => '2', 'msg' => 'No File Selected'));
}
} else {
$response = json_encode(array('status' => '2', 'msg' => 'Unable to verify nonce!'));
}
echo $response ;
die;
}
}