Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

namespace Elementor\Modules\WpRest\Base;

[2] Fix | Delete

[3] Fix | Delete

use Elementor\Core\Utils\Api\Error_Builder;

[4] Fix | Delete

use Elementor\Core\Utils\Collection;

[5] Fix | Delete

[6] Fix | Delete

if ( ! defined( 'ABSPATH' ) ) {

[7] Fix | Delete

exit; // Exit if accessed directly.

[8] Fix | Delete

}

[9] Fix | Delete

[10] Fix | Delete

abstract class Query {

[11] Fix | Delete

const NAMESPACE = 'elementor/v1';

[12] Fix | Delete

const NONCE_KEY = 'x_wp_nonce';

[13] Fix | Delete

[14] Fix | Delete

const KEYS_CONVERSION_MAP_KEY = 'keys_conversion_map';

[15] Fix | Delete

const IS_PUBLIC_KEY = 'is_public';

[16] Fix | Delete

const TAX_QUERY_KEY = 'tax_query';

[17] Fix | Delete

const META_QUERY_KEY = 'meta_query';

[18] Fix | Delete

[19] Fix | Delete

const MAX_RESPONSE_COUNT = 100;

[20] Fix | Delete

const ITEMS_COUNT_KEY = 'items_count';

[21] Fix | Delete

[22] Fix | Delete

const INCLUDED_TYPE_KEY = 'included_types';

[23] Fix | Delete

const EXCLUDED_TYPE_KEY = 'excluded_types';

[24] Fix | Delete

const HIDE_EMPTY_KEY = 'hide_empty';

[25] Fix | Delete

[26] Fix | Delete

const SEARCH_TERM_KEY = 'term';

[27] Fix | Delete

const SEARCH_FILTER_PRIORITY = 10;

[28] Fix | Delete

[29] Fix | Delete

/**

[30] Fix | Delete

* @param \WP_REST_Request $request

[31] Fix | Delete

* @return \WP_REST_Response

[32] Fix | Delete

**/

[33] Fix | Delete

abstract protected function get( \WP_REST_Request $request );

[34] Fix | Delete

[35] Fix | Delete

abstract protected static function get_allowed_param_keys(): array;

[36] Fix | Delete

[37] Fix | Delete

abstract protected static function get_keys_to_encode(): array;

[38] Fix | Delete

[39] Fix | Delete

abstract protected function get_endpoint_registration_args(): array;

[40] Fix | Delete

[41] Fix | Delete

public function register( $endpoint, bool $override_existing_endpoints = false ): void {

[42] Fix | Delete

register_rest_route( self::NAMESPACE, $endpoint, [

[43] Fix | Delete

[

[44] Fix | Delete

'methods' => \WP_REST_Server::READABLE,

[45] Fix | Delete

'permission_callback' => fn ( \WP_REST_Request $request ) => $this->validate_access_permission( $request ),

[46] Fix | Delete

'args' => $this->get_endpoint_registration_args(),

[47] Fix | Delete

'callback' => fn ( \WP_REST_Request $request ) => $this->send( fn () => $this->get( $request ) ),

[48] Fix | Delete

[49] Fix | Delete

], $override_existing_endpoints );

[50] Fix | Delete

}

[51] Fix | Delete

[52] Fix | Delete

/**

[53] Fix | Delete

* @param array $item The input array with original keys.

[54] Fix | Delete

* @param array $dictionary An associative array mapping old keys to new keys.

[55] Fix | Delete

* @return array The array with translated keys.

[56] Fix | Delete

[57] Fix | Delete

public function translate_keys( array $item, array $dictionary ): array {

[58] Fix | Delete

if ( empty( $dictionary ) ) {

[59] Fix | Delete

return $item;

[60] Fix | Delete

}

[61] Fix | Delete

[62] Fix | Delete

$replaced = [];

[63] Fix | Delete

[64] Fix | Delete

foreach ( $item as $key => $value ) {

[65] Fix | Delete

if ( ! isset( $dictionary[ $key ] ) ) {

[66] Fix | Delete

continue;

[67] Fix | Delete

}

[68] Fix | Delete

[69] Fix | Delete

$replaced[ $dictionary[ $key ] ] = $value;

[70] Fix | Delete

}

[71] Fix | Delete

[72] Fix | Delete

return $replaced;

[73] Fix | Delete

}

[74] Fix | Delete

[75] Fix | Delete

/**

[76] Fix | Delete

* @param array<string>|string $input The input data, expected to be an array or JSON-encoded string.

[77] Fix | Delete

* @return array The sanitized array of strings.

[78] Fix | Delete

[79] Fix | Delete

public static function sanitize_string_array( $input ) {

[80] Fix | Delete

if ( ! is_array( $input ) ) {

[81] Fix | Delete

$raw = sanitize_text_field( $input );

[82] Fix | Delete

$decoded = json_decode( $raw, true );

[83] Fix | Delete

if ( is_array( $decoded ) ) {

[84] Fix | Delete

$input = $decoded;

[85] Fix | Delete

} else {

[86] Fix | Delete

$input = false !== strpos( $raw, ',' ) ? explode( ',', $raw ) : ( '' !== $raw ? [ $raw ] : [] );

[87] Fix | Delete

}

[88] Fix | Delete

}

[89] Fix | Delete

[90] Fix | Delete

return Collection::make( $input )

[91] Fix | Delete

->reduce( function ( $carry, $value, $key ) {

[92] Fix | Delete

if ( $value ) {

[93] Fix | Delete

$carry[ $key ] = is_array( $value ) ? self::sanitize_string_array( $value ) : sanitize_text_field( $value );

[94] Fix | Delete

}

[95] Fix | Delete

[96] Fix | Delete

return $carry;

[97] Fix | Delete

}, [] );

[98] Fix | Delete

}

[99] Fix | Delete

[100] Fix | Delete

[101] Fix | Delete

private function validate_access_permission( $request ): bool {

[102] Fix | Delete

$nonce = $request->get_header( self::NONCE_KEY );

[103] Fix | Delete

[104] Fix | Delete

return current_user_can( 'edit_posts' ) && wp_verify_nonce( $nonce, 'wp_rest' );

[105] Fix | Delete

}

[106] Fix | Delete

[107] Fix | Delete

/**

[108] Fix | Delete

* @param callable $cb The route callback.

[109] Fix | Delete

* @return \WP_REST_Response | \WP_Error

[110] Fix | Delete

[111] Fix | Delete

private function send( callable $cb ) {

[112] Fix | Delete

try {

[113] Fix | Delete

$response = $cb();

[114] Fix | Delete

} catch ( \Exception $e ) {

[115] Fix | Delete

return Error_Builder::make( $e->getCode() )

[116] Fix | Delete

->set_message( $e->getMessage() )

[117] Fix | Delete

->build();

[118] Fix | Delete

}

[119] Fix | Delete

[120] Fix | Delete

return $response;

[121] Fix | Delete

}

[122] Fix | Delete

[123] Fix | Delete

/**

[124] Fix | Delete

* @param $args array{

[125] Fix | Delete

* excluded_types: array,

[126] Fix | Delete

* included_types: array,

[127] Fix | Delete

* keys_conversion_map: array,

[128] Fix | Delete

* } The query parameters

[129] Fix | Delete

* @return array The query parameters.

[130] Fix | Delete

[131] Fix | Delete

public static function build_query_params( array $args ): array {

[132] Fix | Delete

$allowed_keys = static::get_allowed_param_keys();

[133] Fix | Delete

$keys_to_encode = static::get_keys_to_encode();

[134] Fix | Delete

$params = [];

[135] Fix | Delete

[136] Fix | Delete

foreach ( $args as $key => $value ) {

[137] Fix | Delete

if ( ! in_array( $key, $allowed_keys, true ) || ! isset( $value ) ) {

[138] Fix | Delete

continue;

[139] Fix | Delete

}

[140] Fix | Delete

[141] Fix | Delete

if ( ! in_array( $key, $keys_to_encode, true ) ) {

[142] Fix | Delete

$params[ $key ] = $value;

[143] Fix | Delete

continue;

[144] Fix | Delete

}

[145] Fix | Delete

[146] Fix | Delete

$params[ $key ] = wp_json_encode( $value );

[147] Fix | Delete

}

[148] Fix | Delete

[149] Fix | Delete

return $params;

[150] Fix | Delete

}

[151] Fix | Delete

}

[152] Fix | Delete

[153] Fix | Delete