Почетна Преглед Помоћ
Пријавите Се
tum
/
whitesports
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Комити 4 Издања 0 Вики

Нема описа

Дрво: f1bc928a71
Гране Ознаке
whitesports
/
app
/
wp-content
/
plugins
/
mailpoet
/
lib
/
Subscribers
/
SubscriberSu...

SubscriberSubscribeController.php 8.6KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250 
  1. <?php
    2. 

  2. 

  3. namespace MailPoet\Subscribers;
    4. 

  4. 

  5. if (!defined('ABSPATH')) exit;
    6. 

  6. 

  7. 

  8. use MailPoet\Entities\FormEntity;
    9. 

  9. use MailPoet\Form\FormsRepository;
    10. 

  10. use MailPoet\Form\Util\FieldNameObfuscator;
    11. 

  11. use MailPoet\NotFoundException;
    12. 

  12. use MailPoet\Settings\SettingsController;
    13. 

  13. use MailPoet\Statistics\StatisticsFormsRepository;
    14. 

  14. use MailPoet\Subscription\Captcha;
    15. 

  15. use MailPoet\Subscription\CaptchaSession;
    16. 

  16. use MailPoet\Subscription\SubscriptionUrlFactory;
    17. 

  17. use MailPoet\Subscription\Throttling as SubscriptionThrottling;
    18. 

  18. use MailPoet\UnexpectedValueException;
    19. 

  19. use MailPoet\WP\Functions as WPFunctions;
    20. 

  20. 

  21. class SubscriberSubscribeController {
    22. 

  22.   /** @var FormsRepository */
    23. 

  23.   private $formsRepository;
    24. 

  24. 

  25.   /** @var Captcha */
    26. 

  26.   private $subscriptionCaptcha;
    27. 

  27. 

  28.   /** @var CaptchaSession */
    29. 

  29.   private $captchaSession;
    30. 

  30. 

  31.   /** @var SubscriptionUrlFactory */
    32. 

  32.   private $subscriptionUrlFactory;
    33. 

  33. 

  34.   /** @var FieldNameObfuscator */
    35. 

  35.   private $fieldNameObfuscator;
    36. 

  36. 

  37.   /** @var SettingsController */
    38. 

  38.   private $settings;
    39. 

  39. 

  40.   /** @var RequiredCustomFieldValidator */
    41. 

  41.   private $requiredCustomFieldValidator;
    42. 

  42. 

  43.   /** @var SubscriberActions */
    44. 

  44.   private $subscriberActions;
    45. 

  45. 

  46.   /** @var WPFunctions */
    47. 

  47.   private $wp;
    48. 

  48. 

  49.   /** @var SubscriptionThrottling */
    50. 

  50.   private $throttling;
    51. 

  51. 

  52.   /** @var StatisticsFormsRepository */
    53. 

  53.   private $statisticsFormsRepository;
    54. 

  54. 

  55.   public function __construct(
    56. 

  56.     Captcha $subscriptionCaptcha,
    57. 

  57.     CaptchaSession $captchaSession,
    58. 

  58.     SubscriberActions $subscriberActions,
    59. 

  59.     SubscriptionUrlFactory $subscriptionUrlFactory,
    60. 

  60.     SubscriptionThrottling $throttling,
    61. 

  61.     FieldNameObfuscator $fieldNameObfuscator,
    62. 

  62.     RequiredCustomFieldValidator $requiredCustomFieldValidator,
    63. 

  63.     SettingsController $settings,
    64. 

  64.     FormsRepository $formsRepository,
    65. 

  65.     StatisticsFormsRepository $statisticsFormsRepository,
    66. 

  66.     WPFunctions $wp
    67. 

  67.   ) {
    68. 

  68.     $this->formsRepository = $formsRepository;
    69. 

  69.     $this->subscriptionCaptcha = $subscriptionCaptcha;
    70. 

  70.     $this->captchaSession = $captchaSession;
    71. 

  71.     $this->subscriptionUrlFactory = $subscriptionUrlFactory;
    72. 

  72.     $this->requiredCustomFieldValidator = $requiredCustomFieldValidator;
    73. 

  73.     $this->fieldNameObfuscator = $fieldNameObfuscator;
    74. 

  74.     $this->settings = $settings;
    75. 

  75.     $this->subscriberActions = $subscriberActions;
    76. 

  76.     $this->wp = $wp;
    77. 

  77.     $this->throttling = $throttling;
    78. 

  78.     $this->statisticsFormsRepository = $statisticsFormsRepository;
    79. 

  79.   }
    80. 

  80. 

  81.   public function subscribe(array $data): array {
    82. 

  82.     $form = $this->getForm($data);
    83. 

  83. 

  84.     if (!empty($data['email'])) {
    85. 

  85.       throw new UnexpectedValueException(__('Please leave the first field empty.', 'mailpoet'));
    86. 

  86.     }
    87. 

  87. 

  88.     $captchaSettings = $this->settings->get('captcha');
    89. 

  89.     $data = $this->initCaptcha($captchaSettings, $form, $data);
    90. 

  90.     $data = $this->deobfuscateFormPayload($data);
    91. 

  91. 

  92.     try {
    93. 

  93.       $this->requiredCustomFieldValidator->validate($data, $form);
    94. 

  94.     } catch (\Exception $e) {
    95. 

  95.       throw new UnexpectedValueException($e->getMessage());
    96. 

  96.     }
    97. 

  97. 

  98.     $segmentIds = $this->getSegmentIds($form, $data['segments'] ?? []);
    99. 

  99.     unset($data['segments']);
    100. 

  100. 

  101.     $meta = $this->validateCaptcha($captchaSettings, $data);
    102. 

  102.     if (isset($meta['error'])) {
    103. 

  103.       return $meta;
    104. 

  104.     }
    105. 

  105. 

  106.     // only accept fields defined in the form
    107. 

  107.     $formFieldIds = array_filter(array_map(function (array $formField): ?string {
    108. 

  108.       if (!isset($formField['id'])) {
    109. 

  109.         return null;
    110. 

  110.       }
    111. 

  111.       return is_numeric($formField['id']) ? "cf_{$formField['id']}" : $formField['id'];
    112. 

  112.     }, $form->getBlocksByTypes(FormEntity::FORM_FIELD_TYPES)));
    113. 

  113.     $data = array_intersect_key($data, array_flip($formFieldIds));
    114. 

  114. 

  115.     // make sure we don't allow too many subscriptions with the same ip address
    116. 

  116.     $timeout = $this->throttling->throttle();
    117. 

  117. 

  118.     if ($timeout > 0) {
    119. 

  119.       $timeToWait = $this->throttling->secondsToTimeString($timeout);
    120. 

  120.       $meta['refresh_captcha'] = true;
    121. 

  121.       $meta['error'] = sprintf(__('You need to wait %s before subscribing again.', 'mailpoet'), $timeToWait);
    122. 

  122.       return $meta;
    123. 

  123.     }
    124. 

  124. 

  125.     $subscriber = $this->subscriberActions->subscribe($data, $segmentIds);
    126. 

  126. 

  127.     if (!empty($captchaSettings['type']) && $captchaSettings['type'] === Captcha::TYPE_BUILTIN) {
    128. 

  128.       // Captcha has been verified, invalidate the session vars
    129. 

  129.       $this->captchaSession->reset();
    130. 

  130.     }
    131. 

  131. 

  132.     // record form statistics
    133. 

  133.     $this->statisticsFormsRepository->record($form, $subscriber);
    134. 

  134. 

  135.     $formSettings = $form->getSettings();
    136. 

  136.     if (!empty($formSettings['on_success'])) {
    137. 

  137.       if ($formSettings['on_success'] === 'page') {
    138. 

  138.         // redirect to a page on a success, pass the page url in the meta
    139. 

  139.         $meta['redirect_url'] = $this->wp->getPermalink($formSettings['success_page']);
    140. 

  140.       } else if ($formSettings['on_success'] === 'url') {
    141. 

  141.         $meta['redirect_url'] = $formSettings['success_url'];
    142. 

  142.       }
    143. 

  143.     }
    144. 

  144. 

  145.     return $meta;
    146. 

  146.   }
    147. 

  147. 

  148.   private function deobfuscateFormPayload($data): array {
    149. 

  149.     return $this->fieldNameObfuscator->deobfuscateFormPayload($data);
    150. 

  150.   }
    151. 

  151. 

  152.   private function initCaptcha(?array $captchaSettings, FormEntity $form, array $data): array {
    153. 

  153.     if (!$captchaSettings || !isset($captchaSettings['type'])) {
    154. 

  154.       return $data;
    155. 

  155.     }
    156. 

  156. 

  157.     if ($captchaSettings['type'] === Captcha::TYPE_BUILTIN) {
    158. 

  158.       $captchaSessionId = isset($data['captcha_session_id']) ? $data['captcha_session_id'] : null;
    159. 

  159.       $this->captchaSession->init($captchaSessionId);
    160. 

  160.       if (!isset($data['captcha'])) {
    161. 

  161.         // Save form data to session
    162. 

  162.         $this->captchaSession->setFormData(array_merge($data, ['form_id' => $form->getId()]));
    163. 

  163.       } elseif ($this->captchaSession->getFormData()) {
    164. 

  164.         // Restore form data from session
    165. 

  165.         $data = array_merge($this->captchaSession->getFormData(), ['captcha' => $data['captcha']]);
    166. 

  166.       }
    167. 

  167.       // Otherwise use the post data
    168. 

  168.     }
    169. 

  169.     return $data;
    170. 

  170.   }
    171. 

  171. 

  172.   private function validateCaptcha($captchaSettings, $data): array {
    173. 

  173.     if (empty($captchaSettings['type'])) {
    174. 

  174.       return [];
    175. 

  175.     }
    176. 

  176. 

  177.     $meta = [];
    178. 

  178.     $isBuiltinCaptchaRequired = false;
    179. 

  179.     if ($captchaSettings['type'] === Captcha::TYPE_BUILTIN) {
    180. 

  180.       $isBuiltinCaptchaRequired = $this->subscriptionCaptcha->isRequired(isset($data['email']) ? $data['email'] : '');
    181. 

  181.       if ($isBuiltinCaptchaRequired && empty($data['captcha'])) {
    182. 

  182.         $meta['redirect_url'] = $this->subscriptionUrlFactory->getCaptchaUrl($this->captchaSession->getId());
    183. 

  183.         $meta['error'] = __('Please fill in the CAPTCHA.', 'mailpoet');
    184. 

  184.         return $meta;
    185. 

  185.       }
    186. 

  186.     }
    187. 

  187. 

  188.     if ($captchaSettings['type'] === Captcha::TYPE_RECAPTCHA && empty($data['recaptcha'])) {
    189. 

  189.       return ['error' => __('Please check the CAPTCHA.', 'mailpoet')];
    190. 

  190.     }
    191. 

  191. 

  192.     if ($captchaSettings['type'] === Captcha::TYPE_RECAPTCHA) {
    193. 

  193.       $response = empty($data['recaptcha']) ? $data['recaptcha-no-js'] : $data['recaptcha'];
    194. 

  194.       $response = $this->wp->wpRemotePost('https://www.google.com/recaptcha/api/siteverify', [
    195. 

  195.         'body' => [
    196. 

  196.           'secret' => $captchaSettings['recaptcha_secret_token'],
    197. 

  197.           'response' => $response,
    198. 

  198.         ],
    199. 

  199.       ]);
    200. 

  200.       if (is_wp_error($response)) {
    201. 

  201.         return ['error' => __('Error while validating the CAPTCHA.', 'mailpoet')];
    202. 

  202.       }
    203. 

  203.       $response = json_decode(wp_remote_retrieve_body($response));
    204. 

  204.       if (empty($response->success)) {
    205. 

  205.         return ['error' => __('Error while validating the CAPTCHA.', 'mailpoet')];
    206. 

  206.       }
    207. 

  207. 

  208.     } elseif ($captchaSettings['type'] === Captcha::TYPE_BUILTIN && $isBuiltinCaptchaRequired) {
    209. 

  209.       $captchaHash = $this->captchaSession->getCaptchaHash();
    210. 

  210.       if (empty($captchaHash)) {
    211. 

  211.         $meta['error'] = __('Please regenerate the CAPTCHA.', 'mailpoet');
    212. 

  212.       } elseif (!hash_equals(strtolower($data['captcha']), strtolower($captchaHash))) {
    213. 

  213.         $this->captchaSession->setCaptchaHash(null);
    214. 

  214.         $meta['refresh_captcha'] = true;
    215. 

  215.         $meta['error'] = __('The characters entered do not match with the previous CAPTCHA.', 'mailpoet');
    216. 

  216.       }
    217. 

  217.     }
    218. 

  218. 

  219.     return $meta;
    220. 

  220.   }
    221. 

  221. 

  222.   private function getSegmentIds(FormEntity $form, array $segmentIds): array {
    223. 

  223. 

  224.     // If form contains segment selection blocks allow only segments ids configured in those blocks
    225. 

  225.     $segmentBlocksSegmentIds = $form->getSegmentBlocksSegmentIds();
    226. 

  226.     if (!empty($segmentBlocksSegmentIds)) {
    227. 

  227.       $segmentIds = array_intersect($segmentIds, $segmentBlocksSegmentIds);
    228. 

  228.     } else {
    229. 

  229.       $segmentIds = $form->getSettingsSegmentIds();
    230. 

  230.     }
    231. 

  231. 

  232.     if (empty($segmentIds)) {
    233. 

  233.       throw new UnexpectedValueException(__('Please select a list.', 'mailpoet'));
    234. 

  234.     }
    235. 

  235. 

  236.     return $segmentIds;
    237. 

  237.   }
    238. 

  238. 

  239.   private function getForm(array $data): FormEntity {
    240. 

  240.     $formId = (isset($data['form_id']) ? (int)$data['form_id'] : false);
    241. 

  241.     $form = $this->formsRepository->findOneById($formId);
    242. 

  242. 

  243.     if (!$form) {
    244. 

  244.       throw new NotFoundException(__('Please specify a valid form ID.', 'mailpoet'));
    245. 

  245.     }
    246. 

  246. 

  247.     return $form;
    248. 

  248.   }
    249. 

  249. }
    250. 

  250.