|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* EEH_URL helper |
|
5
|
|
|
* Helper class for URL-related PHP functions |
|
6
|
|
|
* |
|
7
|
|
|
* @package Event Espresso |
|
8
|
|
|
* @subpackage /helper/EEH_URL.helper.php |
|
9
|
|
|
* @author Brent Christensen, Michael Nelson |
|
10
|
|
|
* ------------------------------------------------------------------------ |
|
11
|
|
|
*/ |
|
12
|
|
|
class EEH_URL |
|
13
|
|
|
{ |
|
14
|
|
|
|
|
15
|
|
|
/** |
|
16
|
|
|
* _add_query_arg |
|
17
|
|
|
* adds nonce to array of arguments then calls WP add_query_arg function |
|
18
|
|
|
* |
|
19
|
|
|
* @access public |
|
20
|
|
|
* @param array $args |
|
21
|
|
|
* @param string $url |
|
22
|
|
|
* @param bool $exclude_nonce If true then the nonce will be excluded from the generated url. |
|
23
|
|
|
* @return string |
|
24
|
|
|
*/ |
|
25
|
|
|
public static function add_query_args_and_nonce($args = array(), $url = '', $exclude_nonce = false) |
|
26
|
|
|
{ |
|
27
|
|
View Code Duplication |
if (empty($url)) { |
|
28
|
|
|
$user_msg = esc_html__( |
|
29
|
|
|
'An error occurred. A URL is a required parameter for the add_query_args_and_nonce method.', |
|
30
|
|
|
'event_espresso' |
|
31
|
|
|
); |
|
32
|
|
|
$dev_msg = $user_msg . "\n" |
|
33
|
|
|
. sprintf( |
|
34
|
|
|
esc_html__( |
|
35
|
|
|
'In order to dynamically generate nonces for your actions, you need to supply a valid URL as a second parameter for the %s method.', |
|
36
|
|
|
'event_espresso' |
|
37
|
|
|
), |
|
38
|
|
|
__CLASS__ . '::add_query_args_and_nonce' |
|
39
|
|
|
); |
|
40
|
|
|
EE_Error::add_error($user_msg . '||' . $dev_msg, __FILE__, __FUNCTION__, __LINE__); |
|
41
|
|
|
} |
|
42
|
|
|
// check that an action exists and add nonce |
|
43
|
|
|
if (! $exclude_nonce) { |
|
44
|
|
|
if (isset($args['action']) && ! empty($args['action'])) { |
|
45
|
|
|
$args = array_merge( |
|
46
|
|
|
$args, |
|
47
|
|
|
array( |
|
48
|
|
|
$args['action'] . '_nonce' => wp_create_nonce($args['action'] . '_nonce') |
|
49
|
|
|
) |
|
50
|
|
|
); |
|
51
|
|
|
} else { |
|
52
|
|
|
$args = array_merge( |
|
53
|
|
|
$args, |
|
54
|
|
|
array( |
|
55
|
|
|
'action' => 'default', 'default_nonce' => wp_create_nonce('default_nonce') |
|
56
|
|
|
) |
|
57
|
|
|
); |
|
58
|
|
|
} |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
// finally, let's always add a return address (if present) :) |
|
62
|
|
|
$args = ! empty($_REQUEST['action']) && ! isset($_REQUEST['return']) |
|
63
|
|
|
? array_merge($args, array('return' => $_REQUEST['action'])) |
|
64
|
|
|
: $args; |
|
65
|
|
|
|
|
66
|
|
|
return add_query_arg($args, $url); |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
|
|
70
|
|
|
/** |
|
71
|
|
|
* Returns whether not the remote file exists. |
|
72
|
|
|
* Checking via GET because HEAD requests are blocked on some server configurations. |
|
73
|
|
|
* |
|
74
|
|
|
* @param string $url |
|
75
|
|
|
* @param array $args the arguments that should be passed through to the wp_remote_request call. |
|
76
|
|
|
* @return boolean |
|
77
|
|
|
*/ |
|
78
|
|
|
public static function remote_file_exists($url, $args = array()) |
|
79
|
|
|
{ |
|
80
|
|
|
$results = wp_remote_request( |
|
81
|
|
|
$url, |
|
82
|
|
|
array_merge( |
|
83
|
|
|
array( |
|
84
|
|
|
'method' => 'GET', |
|
85
|
|
|
'redirection' => 1, |
|
86
|
|
|
), |
|
87
|
|
|
$args |
|
88
|
|
|
) |
|
89
|
|
|
); |
|
90
|
|
|
if (! $results instanceof WP_Error && |
|
91
|
|
|
isset($results['response']) && |
|
92
|
|
|
isset($results['response']['code']) && |
|
93
|
|
|
$results['response']['code'] == '200') { |
|
94
|
|
|
return true; |
|
95
|
|
|
} else { |
|
96
|
|
|
return false; |
|
97
|
|
|
} |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* refactor_url |
|
103
|
|
|
* primarily used for removing the query string from a URL |
|
104
|
|
|
* |
|
105
|
|
|
* @param string $url |
|
106
|
|
|
* @param bool $remove_query - TRUE (default) will strip off any URL params, ie: ?this=1&that=2 |
|
107
|
|
|
* @param bool $base_url_only - TRUE will only return the scheme and host with no other parameters |
|
108
|
|
|
* @return string |
|
109
|
|
|
*/ |
|
110
|
|
|
public static function refactor_url($url = '', $remove_query = true, $base_url_only = false) |
|
111
|
|
|
{ |
|
112
|
|
|
// break apart incoming URL |
|
113
|
|
|
$url_bits = parse_url($url); |
|
114
|
|
|
// HTTP or HTTPS ? |
|
115
|
|
|
$scheme = isset($url_bits['scheme']) ? $url_bits['scheme'] . '://' : 'http://'; |
|
116
|
|
|
// domain |
|
117
|
|
|
$host = isset($url_bits['host']) ? $url_bits['host'] : ''; |
|
118
|
|
|
// if only the base URL is requested, then return that now |
|
119
|
|
|
if ($base_url_only) { |
|
120
|
|
|
return $scheme . $host; |
|
121
|
|
|
} |
|
122
|
|
|
$port = isset($url_bits['port']) ? ':' . $url_bits['port'] : ''; |
|
123
|
|
|
$user = isset($url_bits['user']) ? $url_bits['user'] : ''; |
|
124
|
|
|
$pass = isset($url_bits['pass']) ? ':' . $url_bits['pass'] : ''; |
|
125
|
|
|
$pass = ($user || $pass) ? $pass . '@' : ''; |
|
126
|
|
|
$path = isset($url_bits['path']) ? $url_bits['path'] : ''; |
|
127
|
|
|
// if the query string is not required, then return what we have so far |
|
128
|
|
|
if ($remove_query) { |
|
129
|
|
|
return $scheme . $user . $pass . $host . $port . $path; |
|
130
|
|
|
} |
|
131
|
|
|
$query = isset($url_bits['query']) ? '?' . $url_bits['query'] : ''; |
|
132
|
|
|
$fragment = isset($url_bits['fragment']) ? '#' . $url_bits['fragment'] : ''; |
|
133
|
|
|
return $scheme . $user . $pass . $host . $port . $path . $query . $fragment; |
|
134
|
|
|
} |
|
135
|
|
|
|
|
136
|
|
|
|
|
137
|
|
|
/** |
|
138
|
|
|
* get_query_string |
|
139
|
|
|
* returns just the query string from a URL, formatted by default into an array of key value pairs |
|
140
|
|
|
* |
|
141
|
|
|
* @param string $url |
|
142
|
|
|
* @param bool $as_array TRUE (default) will return query params as an array of key value pairs, FALSE will |
|
143
|
|
|
* simply return the query string |
|
144
|
|
|
* @return string|array |
|
145
|
|
|
*/ |
|
146
|
|
|
public static function get_query_string($url = '', $as_array = true) |
|
147
|
|
|
{ |
|
148
|
|
|
// decode, then break apart incoming URL |
|
149
|
|
|
$url_bits = parse_url(html_entity_decode($url)); |
|
150
|
|
|
// grab query string from URL |
|
151
|
|
|
$query = isset($url_bits['query']) ? $url_bits['query'] : ''; |
|
152
|
|
|
// if we don't want the query string formatted into an array of key => value pairs, then just return it as is |
|
153
|
|
|
if (! $as_array) { |
|
154
|
|
|
return $query; |
|
155
|
|
|
} |
|
156
|
|
|
// if no query string exists then just return an empty array now |
|
157
|
|
|
if (empty($query)) { |
|
158
|
|
|
return array(); |
|
159
|
|
|
} |
|
160
|
|
|
// empty array to hold results |
|
161
|
|
|
$query_params = array(); |
|
162
|
|
|
// now break apart the query string into separate params |
|
163
|
|
|
$query = explode('&', $query); |
|
164
|
|
|
// loop thru our query params |
|
165
|
|
|
foreach ($query as $query_args) { |
|
166
|
|
|
// break apart the key value pairs |
|
167
|
|
|
$query_args = explode('=', $query_args); |
|
168
|
|
|
// and add to our results array |
|
169
|
|
|
$query_params[ $query_args[0] ] = $query_args[1]; |
|
170
|
|
|
} |
|
171
|
|
|
return $query_params; |
|
172
|
|
|
} |
|
173
|
|
|
|
|
174
|
|
|
|
|
175
|
|
|
/** |
|
176
|
|
|
* prevent_prefetching |
|
177
|
|
|
* |
|
178
|
|
|
* @return void |
|
179
|
|
|
*/ |
|
180
|
|
|
public static function prevent_prefetching() |
|
181
|
|
|
{ |
|
182
|
|
|
// prevent browsers from prefetching of the rel='next' link, because it may contain content that interferes |
|
183
|
|
|
// with the registration process |
|
184
|
|
|
remove_action('wp_head', 'adjacent_posts_rel_link_wp_head'); |
|
185
|
|
|
} |
|
186
|
|
|
|
|
187
|
|
|
|
|
188
|
|
|
/** |
|
189
|
|
|
* This generates a unique site-specific string. |
|
190
|
|
|
* An example usage for this string would be to save as a unique identifier for a record in the db for usage in |
|
191
|
|
|
* urls. |
|
192
|
|
|
* |
|
193
|
|
|
* @param string $prefix Use this to prefix the string with something. |
|
194
|
|
|
* @return string |
|
195
|
|
|
*/ |
|
196
|
|
|
public static function generate_unique_token($prefix = '') |
|
197
|
|
|
{ |
|
198
|
|
|
$token = md5(uniqid() . mt_rand()); |
|
199
|
|
|
return $prefix ? $prefix . '_' . $token : $token; |
|
200
|
|
|
} |
|
201
|
|
|
|
|
202
|
|
|
|
|
203
|
|
|
/** |
|
204
|
|
|
* filter_input_server_url |
|
205
|
|
|
* uses filter_input() to sanitize one of the INPUT_SERVER URL values |
|
206
|
|
|
* but adds a backup in case filter_input() returns nothing, which can erringly happen on some servers |
|
207
|
|
|
* |
|
208
|
|
|
* @param string $server_variable |
|
209
|
|
|
* @return string |
|
210
|
|
|
*/ |
|
211
|
|
|
public static function filter_input_server_url($server_variable = 'REQUEST_URI') |
|
212
|
|
|
{ |
|
213
|
|
|
$URL = ''; |
|
214
|
|
|
$server_variables = array( |
|
215
|
|
|
'REQUEST_URI' => 1, |
|
216
|
|
|
'HTTP_HOST' => 1, |
|
217
|
|
|
'PHP_SELF' => 1, |
|
218
|
|
|
); |
|
219
|
|
|
$server_variable = strtoupper($server_variable); |
|
220
|
|
|
// whitelist INPUT_SERVER var |
|
221
|
|
|
if (isset($server_variables[ $server_variable ])) { |
|
222
|
|
|
$URL = filter_input(INPUT_SERVER, $server_variable, FILTER_SANITIZE_URL, FILTER_NULL_ON_FAILURE); |
|
223
|
|
|
if (empty($URL)) { |
|
224
|
|
|
// fallback sanitization if the above fails |
|
225
|
|
|
$URL = wp_sanitize_redirect($_SERVER[ $server_variable ]); |
|
226
|
|
|
} |
|
227
|
|
|
} |
|
228
|
|
|
return $URL; |
|
229
|
|
|
} |
|
230
|
|
|
|
|
231
|
|
|
|
|
232
|
|
|
/** |
|
233
|
|
|
* Gets the current page's full URL. |
|
234
|
|
|
* |
|
235
|
|
|
* @return string |
|
236
|
|
|
*/ |
|
237
|
|
View Code Duplication |
public static function current_url() |
|
238
|
|
|
{ |
|
239
|
|
|
$url = ''; |
|
240
|
|
|
if (isset($_SERVER['HTTP_HOST'], $_SERVER['REQUEST_URI'])) { |
|
241
|
|
|
$url = is_ssl() ? 'https://' : 'http://'; |
|
242
|
|
|
$url .= \EEH_URL::filter_input_server_url('HTTP_HOST'); |
|
243
|
|
|
$url .= \EEH_URL::filter_input_server_url('REQUEST_URI'); |
|
244
|
|
|
} |
|
245
|
|
|
return $url; |
|
246
|
|
|
} |
|
247
|
|
|
|
|
248
|
|
|
|
|
249
|
|
|
/** |
|
250
|
|
|
* Identical in functionality to EEH_current_url except it removes any provided query_parameters from it. |
|
251
|
|
|
* |
|
252
|
|
|
* @param array $query_parameters An array of query_parameters to remove from the current url. |
|
253
|
|
|
* @since 4.9.46.rc.029 |
|
254
|
|
|
* @return string |
|
255
|
|
|
*/ |
|
256
|
|
|
public static function current_url_without_query_paramaters(array $query_parameters) |
|
257
|
|
|
{ |
|
258
|
|
|
return remove_query_arg($query_parameters, EEH_URL::current_url()); |
|
259
|
|
|
} |
|
260
|
|
|
|
|
261
|
|
|
|
|
262
|
|
|
/** |
|
263
|
|
|
* @param string $location |
|
264
|
|
|
* @param int $status |
|
265
|
|
|
* @param string $exit_notice |
|
266
|
|
|
*/ |
|
267
|
|
|
public static function safeRedirectAndExit($location, $status = 302, $exit_notice = '') |
|
268
|
|
|
{ |
|
269
|
|
|
EE_Error::get_notices(false, true); |
|
270
|
|
|
wp_safe_redirect($location, $status); |
|
271
|
|
|
exit($exit_notice); |
|
272
|
|
|
} |
|
273
|
|
|
|
|
274
|
|
|
/** |
|
275
|
|
|
* Slugifies text for usage in a URL. |
|
276
|
|
|
* |
|
277
|
|
|
* Currently, this isn't just calling `sanitize_title()` on it, because that percent-encodes unicode characters, |
|
278
|
|
|
* and WordPress chokes on them when used as CPT and custom taxonomy slugs. |
|
279
|
|
|
* |
|
280
|
|
|
* @since 4.9.66.p |
|
281
|
|
|
* @param string $text |
|
282
|
|
|
* @param string $fallback |
|
283
|
|
|
* @return string which can be used in a URL |
|
284
|
|
|
*/ |
|
285
|
|
|
public static function slugify($text, $fallback) |
|
286
|
|
|
{ |
|
287
|
|
|
// url decode after sanitizing title to restore unicode characters, |
|
288
|
|
|
// see https://github.com/eventespresso/event-espresso-core/issues/575 |
|
289
|
|
|
return urldecode( |
|
290
|
|
|
sanitize_title( |
|
291
|
|
|
$text, |
|
292
|
|
|
$fallback |
|
293
|
|
|
) |
|
294
|
|
|
); |
|
295
|
|
|
} |
|
296
|
|
|
} |
|
297
|
|
|
|
eventespresso /
event-espresso-core
