File "WPDA_Widget.php"
Full Path: /home/vantageo/public_html/cache/cache/.wp-cli/wp-content/plugins/wp-data-access/WPDataAccess/Dashboard/WPDA_Widget.php
File size: 9.65 KB
MIME-type: text/x-php
Charset: utf-8
<?php
// phpcs:ignore Standard.Category.SniffName.ErrorCode
namespace WPDataAccess\Dashboard;
use WPDataAccess\WPDA;
/**
* Abstract widget base class
*/
abstract class WPDA_Widget {
/**
* Nonce seed
*/
const WIDGET_ADD = 'WPDA_WIDGET_ADD';
/**
* Nonce seed
*/
const WIDGET_REFRESH = 'WPDA_WIDGET_REFRESH';
/**
* Widget sequence number
*
* @var int
*/
protected static $widget_sequence_nr = 0;
/**
* Active column number
*
* @var int|mixed
*/
protected $column = 1;
/**
* Share indicator
*
* @var bool
*/
protected $can_share = false;
/**
* Layout indicator
*
* @var bool
*/
protected $has_layout = false;
/**
* Settings indicator
*
* @var bool
*/
protected $has_setting = false;
/**
* Refresh indicator
*
* @var bool
*/
protected $can_refresh = false;
/**
* Widget name
*
* @var mixed|string
*/
protected $name = 'No name';
/**
* Widget title
*
* @var mixed|string
*/
protected $title = 'No title';
/**
* Widget content
*
* @var mixed|string
*/
protected $content = 'Loading...';
/**
* Nonce
*
* @var null
*/
protected $wp_nonce = null;
/**
* Current widget id
*
* @var int|mixed
*/
protected $widget_id = 0;
/**
* Widget positioning
*
* @var string
*/
protected $position = 'append';
/**
* Current state
*
* @var mixed|string|null
*/
protected $state = null;
/**
* Lock indicator
*
* @var bool
*/
protected $is_locked = false;
/**
* Widget shares
*
* @var array
*/
protected $share = array(
'post' => 'true',
'page' => 'true',
'embed' => 'block',
'allow' => array(),
);
/**
* Constructor
*
* @param array $args Constructor arguments.
*/
public function __construct( $args = array() ) {
wp_enqueue_script( 'jquery-ui-widget' );
if ( isset( $args['name'] ) ) {
$this->name = $args['name'];
}
if ( isset( $args['column'] ) ) {
$this->column = $args['column'];
}
if ( isset( $args['title'] ) ) {
$this->title = $args['title'];
}
if ( isset( $args['content'] ) ) {
$this->content = $args['content'];
}
if ( isset( $args['position'] ) && 'prepend' === $args['position'] ) {
$this->position = 'prepend';
}
if ( isset( $args['widget_id'] ) ) {
$this->widget_id = $args['widget_id'];
// Used to add widgets via ajax.
} else {
$this->widget_id = ++self::$widget_sequence_nr;
// Used to add widgets on page load.
}
if ( isset( $args['is_locked'] ) ) {
$this->is_locked = true === $args['is_locked'] || 'true' === $args['is_locked'];
}
if ( isset( $args['share'] ) && isset(
$args['share']['roles'],
$args['share']['users'],
$args['share']['post'],
$args['share']['page'],
$args['share']['embed'],
$args['share']['allow']
) ) {
$this->share = array(
'roles' => $args['share']['roles'],
'users' => $args['share']['users'],
'post' => $args['share']['post'],
'page' => $args['share']['page'],
'embed' => $args['share']['embed'],
'allow' => $args['share']['allow'],
);
}
$this->state = ( isset( $args['state'] ) ? $args['state'] : 'new' );
$this->wp_nonce = wp_create_nonce( static::WIDGET_REFRESH . WPDA::get_current_user_login() );
}
/**
* Construct widget container
*
* @return false|string
*/
protected function container() {
ob_start();
?>
<script type="application/javascript" class="wpda-widget-<?php
echo esc_attr( $this->widget_id );
?>">
jQuery(function() {
var widget = `<?php
echo $this->html();
// phpcs:ignore WordPress.Security.EscapeOutput
?>`;
jQuery("#wpda-dashboard-column-<?php
echo esc_attr( $this->column );
?>").<?php
echo esc_attr( $this->position );
?>(widget);
jQuery("#wpda-widget-<?php
echo esc_attr( $this->widget_id );
?>").data("name", "<?php
echo esc_attr( $this->name );
?>" );
jQuery("#wpda-widget-<?php
echo esc_attr( $this->widget_id );
?> .wpda-widget-close").on("click", function() {
removePanelFromDashboard(jQuery(this).closest('.wpda-widget'));
});
});
</script>
<?php
$this->js();
return ob_get_clean();
}
/**
* Construct widget html
*
* @return string
*/
protected function html() {
$share = '';
$layout = '';
$setting = '';
$refresh = ( $this->can_refresh ? "<i class='fas fa-sync-alt wpda-widget-refresh wpda_tooltip' title='Refresh'></i> " : '' );
$close = ( !$this->is_locked ? '<i class="fas fa-window-close wpda-widget-close wpda_tooltip" title="Close"></i>' : '' );
$widget = <<<EOF
<div id="wpda-widget-{$this->widget_id}" data-id="{$this->widget_id}" class="wpda-widget ui-widget">
<div class="wpda-widget-content">
<div class="ui-widget-header">
<span>{$this->name}</span>
<span class="icons">
\t\t\t\t\t\t\t\t{$share}
\t\t\t\t\t\t\t\t{$layout}
\t\t\t\t\t\t\t\t{$setting}
\t\t\t\t\t\t\t\t{$refresh}
\t\t\t\t\t\t\t\t{$close}
\t\t\t\t\t\t\t</span>
</div>
<div class="ui-widget-content">
{$this->content}
</div>
</div>
</div>
EOF;
return $widget;
}
/**
* Cross origin check
*
* @param WPDA_Widget $widget Widget.
* @return bool
*/
protected static function check_cors( $widget ) {
if ( isset( $_POST['wpda_caller'] ) && 'embedded' === $_POST['wpda_caller'] ) {
// phpcs:ignore WordPress.Security.NonceVerification
$share = ( isset( $widget['widgetShare'] ) ? $widget['widgetShare'] : null );
if ( 'block' === $share['embed'] ) {
WPDA::sent_header( 'application/json', '*' );
echo static::msg( 'ERROR', 'No access' );
// phpcs:ignore WordPress.Security.EscapeOutput
wp_die();
} else {
if ( '*' === $share['embed'] ) {
WPDA::sent_header( 'application/json', '*' );
return true;
} else {
// Access is already checked with sonce token.
WPDA::sent_header( 'application/json', '*' );
return true;
}
}
}
return false;
}
/**
* Abstract method forcing each subclass to add its own specific javascript code
*
* @return mixed
*/
protected abstract function js();
// Method to add custom JavaScript code.
/**
* Add widget to dashboard
*
* @return void
*/
public function add() {
echo $this->container();
// phpcs:ignore WordPress.Security.EscapeOutput
?>
<script type="application/javascript">
jQuery(function() {
increaseWidgetSequenceNr();
});
</script>
<?php
}
/**
* Abstract widget method forcing each subclass to implement its own specific widget functionality
*
* @return mixed
*/
public static abstract function widget();
/**
* Construct widget via ajax (general part used for each widget)
*
* @return void
*/
public static function ajax_widget() {
$wp_nonce = ( isset( $_POST['wp_nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['wp_nonce'] ) ) : '' );
if ( !wp_verify_nonce( $wp_nonce, static::WIDGET_ADD . WPDA::get_current_user_login() ) ) {
WPDA::sent_header( 'application/json' );
echo static::msg( 'ERROR', 'Token expired, please refresh page' );
// phpcs:ignore WordPress.Security.EscapeOutput
wp_die();
}
static::widget();
}
/**
* Abstract refresh method forcing each subclass to implement its own specific refresh functionality
*
* @return mixed
*/
public static abstract function refresh();
/**
* Refresh widget via ajax (general part used for each widget)
*
* @return void
*/
public static function ajax_refresh() {
$wp_nonce = ( isset( $_POST['wp_nonce'] ) ? sanitize_text_field( wp_unslash( $_POST['wp_nonce'] ) ) : '' );
if ( !wp_verify_nonce( $wp_nonce, static::WIDGET_REFRESH . WPDA::get_current_user_login() ) ) {
WPDA::sent_header( 'application/json' );
echo static::msg( 'ERROR', 'Token expired, please refresh page' );
// phpcs:ignore WordPress.Security.EscapeOutput
wp_die();
}
static::refresh();
}
/**
* Construct JSON response message
*
* @param string $status Response status.
* @param string $msg Response message.
* @return mixed
*/
protected static function msg( $status, $msg ) {
$error = array(
'status' => $status,
'msg' => $msg,
);
return wp_json_encode( $error );
}
}