Edit File by line

<?php

[0] Fix | Delete

namespace Elementor\Core\Common\Modules\Connect;

[1] Fix | Delete

[2] Fix | Delete

use Elementor\Core\Admin\Menu\Admin_Menu_Manager;

[3] Fix | Delete

use Elementor\Plugin;

[4] Fix | Delete

use Elementor\Settings;

[5] Fix | Delete

use Elementor\Utils;

[6] Fix | Delete

use Elementor\Modules\EditorOne\Classes\Menu_Data_Provider;

[7] Fix | Delete

use Elementor\Core\Common\Modules\Connect\AdminMenuItems\Editor_One_Connect_Menu;

[8] Fix | Delete

[9] Fix | Delete

if ( ! defined( 'ABSPATH' ) ) {

[10] Fix | Delete

exit; // Exit if accessed directly.

[11] Fix | Delete

}

[12] Fix | Delete

[13] Fix | Delete

class Admin {

[14] Fix | Delete

[15] Fix | Delete

const PAGE_ID = 'elementor-connect';

[16] Fix | Delete

[17] Fix | Delete

public static $url = '';

[18] Fix | Delete

[19] Fix | Delete

private function get_valid_redirect_to_from_request() {

[20] Fix | Delete

// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Only reading a URL parameter.

[21] Fix | Delete

$raw = Utils::get_super_global_value( $_GET, 'redirect_to' );

[22] Fix | Delete

[23] Fix | Delete

if ( ! $raw ) {

[24] Fix | Delete

return '';

[25] Fix | Delete

}

[26] Fix | Delete

[27] Fix | Delete

$raw = esc_url_raw( $raw );

[28] Fix | Delete

[29] Fix | Delete

$validated = wp_validate_redirect( $raw, '' );

[30] Fix | Delete

if ( ! $validated ) {

[31] Fix | Delete

return '';

[32] Fix | Delete

}

[33] Fix | Delete

[34] Fix | Delete

$admin_host = wp_parse_url( admin_url(), PHP_URL_HOST );

[35] Fix | Delete

$dest_host = wp_parse_url( $validated, PHP_URL_HOST );

[36] Fix | Delete

if ( $dest_host && $admin_host && ! hash_equals( $admin_host, $dest_host ) ) {

[37] Fix | Delete

return '';

[38] Fix | Delete

}

[39] Fix | Delete

[40] Fix | Delete

return $validated;

[41] Fix | Delete

}

[42] Fix | Delete

[43] Fix | Delete

public function register_admin_menu( Admin_Menu_Manager $admin_menu ) {

[44] Fix | Delete

if ( ! $this->is_editor_one_active() ) {

[45] Fix | Delete

$admin_menu->register( static::PAGE_ID, new Connect_Menu_Item() );

[46] Fix | Delete

}

[47] Fix | Delete

}

[48] Fix | Delete

[49] Fix | Delete

public function register_editor_one_menu( Menu_Data_Provider $menu_data_provider ) {

[50] Fix | Delete

$menu_data_provider->register_menu( new Editor_One_Connect_Menu() );

[51] Fix | Delete

}

[52] Fix | Delete

[53] Fix | Delete

private function is_editor_one_active(): bool {

[54] Fix | Delete

return (bool) Plugin::instance()->modules_manager->get_modules( 'editor-one' );

[55] Fix | Delete

}

[56] Fix | Delete

[57] Fix | Delete

/**

[58] Fix | Delete

* @since 2.3.0

[59] Fix | Delete

* @access public

[60] Fix | Delete

[61] Fix | Delete

public function on_load_page() {

[62] Fix | Delete

if ( ! $this->user_has_enough_permissions() ) {

[63] Fix | Delete

wp_die( 'You do not have sufficient permissions to access this page.', 'You do not have sufficient permissions to access this page.', [

[64] Fix | Delete

'back_link' => true,

[65] Fix | Delete

] );

[66] Fix | Delete

}

[67] Fix | Delete

[68] Fix | Delete

// Allow a per-request default landing URL when provided via a safe `redirect_to` parameter.

[69] Fix | Delete

$maybe_redirect_to = $this->get_valid_redirect_to_from_request();

[70] Fix | Delete

if ( $maybe_redirect_to ) {

[71] Fix | Delete

self::$url = $maybe_redirect_to;

[72] Fix | Delete

}

[73] Fix | Delete

[74] Fix | Delete

if ( isset( $_GET['action'], $_GET['app'] ) ) {

[75] Fix | Delete

$manager = Plugin::$instance->common->get_component( 'connect' );

[76] Fix | Delete

[77] Fix | Delete

// phpcs:ignore WordPress.Security.NonceVerification.Recommended

[78] Fix | Delete

$app_slug = Utils::get_super_global_value( $_GET, 'app' );

[79] Fix | Delete

$app = $manager->get_app( $app_slug );

[80] Fix | Delete

[81] Fix | Delete

// phpcs:ignore WordPress.Security.NonceVerification.Recommended

[82] Fix | Delete

$action = Utils::get_super_global_value( $_GET, 'action' );

[83] Fix | Delete

[84] Fix | Delete

$nonce_action = $app_slug . $action;

[85] Fix | Delete

[86] Fix | Delete

if ( ! $app ) {

[87] Fix | Delete

wp_die( 'Unknown app: ' . esc_attr( $app_slug ) );

[88] Fix | Delete

}

[89] Fix | Delete

[90] Fix | Delete

if ( ! wp_verify_nonce( Utils::get_super_global_value( $_GET, 'nonce' ), $nonce_action ) ) {

[91] Fix | Delete

wp_die( 'Invalid Nonce', 'Invalid Nonce', [

[92] Fix | Delete

'back_link' => true,

[93] Fix | Delete

] );

[94] Fix | Delete

}

[95] Fix | Delete

[96] Fix | Delete

$method = 'action_' . $action;

[97] Fix | Delete

[98] Fix | Delete

if ( method_exists( $app, $method ) ) {

[99] Fix | Delete

call_user_func( [ $app, $method ] );

[100] Fix | Delete

}

[101] Fix | Delete

}

[102] Fix | Delete

}

[103] Fix | Delete

[104] Fix | Delete

private function user_has_enough_permissions() {

[105] Fix | Delete

if ( current_user_can( 'manage_options' ) ) {

[106] Fix | Delete

return true;

[107] Fix | Delete

}

[108] Fix | Delete

[109] Fix | Delete

if ( 'library' === Utils::get_super_global_value( $_GET, 'app' ) ) {

[110] Fix | Delete

return current_user_can( 'edit_posts' );

[111] Fix | Delete

}

[112] Fix | Delete

[113] Fix | Delete

return false;

[114] Fix | Delete

}

[115] Fix | Delete

[116] Fix | Delete

/**

[117] Fix | Delete

* @since 2.3.0

[118] Fix | Delete

* @access public

[119] Fix | Delete

[120] Fix | Delete

public function __construct() {

[121] Fix | Delete

self::$url = admin_url( 'admin.php?page=' . self::PAGE_ID );

[122] Fix | Delete

[123] Fix | Delete

add_action( 'elementor/admin/menu/register', [ $this, 'register_admin_menu' ] );

[124] Fix | Delete

[125] Fix | Delete

add_action( 'elementor/editor-one/menu/register', [ $this, 'register_editor_one_menu' ] );

[126] Fix | Delete

[127] Fix | Delete

add_action( 'elementor/admin/menu/after_register', function ( Admin_Menu_Manager $admin_menu, array $hooks ) {

[128] Fix | Delete

if ( ! empty( $hooks[ static::PAGE_ID ] ) ) {

[129] Fix | Delete

add_action( 'load-' . $hooks[ static::PAGE_ID ], [ $this, 'on_load_page' ] );

[130] Fix | Delete

}

[131] Fix | Delete

}, 10, 2 );

[132] Fix | Delete

[133] Fix | Delete

add_action( 'elementor/editor-one/menu/after_register_hidden_submenus', function ( array $hooks ) {

[134] Fix | Delete

if ( ! empty( $hooks[ static::PAGE_ID ] ) ) {

[135] Fix | Delete

add_action( 'load-' . $hooks[ static::PAGE_ID ], [ $this, 'on_load_page' ] );

[136] Fix | Delete

}

[137] Fix | Delete

} );

[138] Fix | Delete

}

[139] Fix | Delete

}

[140] Fix | Delete

[141] Fix | Delete