Issues in class-bulk-delete-jetpack-contact-form-messages.php (master) - Issues in master - sudar/bulk-delete - Measure and Improve Code Quality continuously with Scrutinizer

Issues (52)

Security Analysis not enabled

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

Header Injection

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

...s-bulk-delete-jetpack-contact-form-messages.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php
/**
 * Utility class for deleting Jetpack Contact Form Messages.
 *
 * @since      5.3
 *
 * @author     Sudar
 *
 * @package    BulkDelete\Misc
 */
class Bulk_Delete_Jetpack_Contact_Form_Message {
	// box slugs
	const BOX_JETPACK_MESSAGES = 'bd-jetpack-feedback';

	const FEEDBACK_POST_TYPE   = 'feedback';
	const CRON_HOOK            = 'do-bulk-delete-feedback';
	const CRON_NAME            = 'Bulk Delete Jetpack Contact Form Messages';

	/**
	 * Register Jetpack Feedback meta box for delete misc page.
	 *
	 * @static
	 *
	 * @since 5.3
	 */
	public static function add_delete_jetpack_messages_meta_box() {
		$bd = BULK_DELETE();

		add_meta_box(
			self::BOX_JETPACK_MESSAGES,
			__( 'Bulk Delete Jetpack Contact Form Messages', 'bulk-delete' ),
			array( __CLASS__, 'render_delete_jetpack_messages_box' ),
			$bd->misc_page,
			'advanced'
		);
	}

	/**
	 * Render Jetpack Feedback meta box for delete misc page.
	 *
	 * @static
	 *
	 * @since 5.3
	 */
	public static function render_delete_jetpack_messages_box() {
		if ( Bulk_Delete_Misc::is_misc_box_hidden( self::BOX_JETPACK_MESSAGES ) ) {
			printf( __( 'This section just got enabled. Kindly <a href = "%1$s">refresh</a> the page to fully enable it.', 'bulk-delete' ), 'admin.php?page=' . Bulk_Delete_Misc::MISC_PAGE_SLUG );

			return;
		}

		if ( ! self::is_jetpack_contact_active() ) {
?>
            <!-- Delete Jetpack Feedback box start-->
            <p>
                <span style="color:red">
                    <?php _e( 'Jetpack contact form is not enabled.', 'bulk-delete' ); ?>
                </span>
            </p>
            <!-- Delete Jetpack Feedback box end-->
<?php
		} else {
			$feedback_count = wp_count_posts( self::FEEDBACK_POST_TYPE );
?>
            <!-- Delete Jetpack Feedback box start-->
            <fieldset class="options">
            <table class="optiontable">
                <tr>
                    <td scope="row" >
                        <input name="smbd_feedback_use_filter" value = "false" type = "radio" checked>
                    </td>
                    <td>
                    <label for="smbd_feedback"><?php echo __( 'Delete all Contact Form Messages', 'bulk-delete' ), ' ( ', $feedback_count->publish, ' ', __( 'in total', 'bulk-delete' ), ' )'; ?></label>
                    </td>
                </tr>

                <tr>
                    <td scope="row" >
                        <input name="smbd_feedback_use_filter" id="smbd_feedback_use_filter" value = "true" type = "radio" disabled>
                    </td>
                    <td>
                        <label for="smbd_feedback"><?php _e( 'Delete Messages based on filters', 'bulk-delete' ); ?></label>
                        <span class = "bd-feedback-pro" style = "color:red; vertical-align: middle;"><?php _e( 'Only available in Pro Addon', 'bulk-delete' ); ?> <a href = "https://bulkwp.com/addons/bulk-delete-jetpack-contact-form-messages/?utm_source=wpadmin&utm_campaign=BulkDelete&utm_medium=buynow&utm_content=bd-jcm" target="_blank">Buy now</a></span>
                    </td>
                </tr>
            </table>
<?php
			/**
			 * Add more fields to the delete jetpack messages form
			 * This hook can be used to add more fields to the delete jetpack messages form.
			 *
			 * @since 5.3
			 */
			do_action( 'bd_delete_jetpack_messages_form' );
?>
            <table class="optiontable">
                <tr>
                    <td colspan="2">
                        <h4><?php _e( 'Choose your date options', 'bulk-delete' ); ?></h4>
                    </td>
                </tr>

                <tr>
                    <td scope="row">
                        <input name="smbd_feedback_restrict" id ="smbd_feedback_restrict" value = "true" type = "checkbox">
                    </td>
                    <td>
                        <label for="smbd_feedback_restrict"> <?php _e( 'Only restrict to posts which are ', 'bulk-delete' ); ?></label>
                        <select name="smbd_feedback_op" id="smbd_feedback_op" disabled>
                            <option value ="<"><?php _e( 'older than', 'bulk-delete' );?></option>
                            <option value =">"><?php _e( 'posted within last', 'bulk-delete' );?></option>
                        </select>
                        <input type ="text" name="smbd_feedback_days" id ="smbd_feedback_days" value ="0"  maxlength="4" size="4" disabled><?php _e( 'days', 'bulk-delete' );?>
                    </td>
                </tr>

                <tr>
                    <td scope="row">
                        <input name="smbd_feedback_limit" id="smbd_feedback_limit" value = "true" type = "checkbox">
                    </td>
                    <td>
                        <label for="smbd_feedback_limit"><?php _e( 'Only delete first ', 'bulk-delete' ); ?></label>
                        <input type ="text" name="smbd_feedback_limit_to" id="smbd_feedback_limit_to" disabled value ="0" maxlength="4" size="4"><?php _e( 'posts.', 'bulk-delete' );?>
                        <?php _e( 'Use this option if there are more than 1000 posts and the script times out.', 'bulk-delete' ) ?>
                    </td>
                </tr>

                <tr>
                    <td colspan="2">
                        <h4><?php _e( 'Choose your deletion options', 'bulk-delete' ); ?></h4>
                    </td>
                </tr>

                <tr>
                    <td scope="row" colspan="2">
						<label>
							<input name="smbd_feedback_force_delete" value = "false" type = "radio" checked="checked">
							<?php _e( 'Move to Trash', 'bulk-delete' ); ?>
						</label>
						<label>
							<input name="smbd_feedback_force_delete" value = "true" type = "radio">
							<?php _e( 'Delete permanently', 'bulk-delete' ); ?>
						</label>
                    </td>
                </tr>

            <tr>
                <td scope="row" colspan="2">
                    <label>
						<input name="smbd_feedback_cron" value = "false" type = "radio" checked="checked" >
						<?php _e( 'Delete now', 'bulk-delete' ); ?>
					</label>
					<label>
                    	<input name="smbd_feedback_cron" value = "true" type = "radio" id = "smbd_feedback_cron" disabled >
						<?php _e( 'Schedule', 'bulk-delete' ); ?>
					</label>
                    <input name="smbd_feedback_cron_start" id = "smbd_feedback_cron_start" value = "now" type = "text" disabled autocomplete ="off" ><?php _e( 'repeat ', 'bulk-delete' );?>
                    <select name = "smbd_feedback_cron_freq" id = "smbd_feedback_cron_freq" disabled>
                        <option value = "-1"><?php _e( "Don't repeat", 'bulk-delete' ); ?></option>
<?php
			$schedules = wp_get_schedules();
			foreach ( $schedules as $key => $value ) {
?>
                        <option value = "<?php echo $key; ?>"><?php echo $value['display']; ?></option>
<?php
			}
?>
                    </select>
                    <span class = "bd-feedback-pro" style = "color:red"><?php _e( 'Only available in Pro Addon', 'bulk-delete' ); ?> <a href = "https://bulkwp.com/addons/bulk-delete-jetpack-contact-form-messages/?utm_source=wpadmin&utm_campaign=BulkDelete&utm_medium=buynow&utm_content=bd-jcm" target="_blank">Buy now</a></span>
                </td>
            </tr>

            </table>
            </fieldset>
            <p class="submit">
                <button type='submit' name='bd_action' value='delete_jetpack_messages' class='button-primary'><?php _e( 'Bulk Delete ', 'bulk-delete' ) ?>&raquo;</button>
            </p>
            <!-- Delete Jetpack Feedback box end-->
<?php
		}
	}

	/**
	 * Filter JS Array and add validation hooks.
	 *
	 * @since 5.4
	 * @static
	 *
	 * @param array $js_array JavaScript Array
	 *
	 * @return array Modified JavaScript Array
	 */
	public static function filter_js_array( $js_array ) {
		$js_array['dt_iterators'][]                        = '_feedback';
		$js_array['validators']['delete_jetpack_messages'] = 'noValidation';

		$js_array['pre_action_msg']['delete_jetpack_messages'] = 'deleteJetpackWarning';
		$js_array['msg']['deleteJetpackWarning']               = __( 'Are you sure you want to delete all the Jetpack contact form messages based on the selected filters?', 'bulk-delete' );

		return $js_array;
	}

	/**
	 * Controller for deleting Jetpack contact form messages.
	 *
	 * @static
	 *
	 * @since  5.3
	 */
	public static function do_delete_jetpack_messages() {
		$delete_options                  = array();

		$delete_options['use_filter']    = bd_array_get( $_POST, 'smbd_feedback_use_filter', 'false' );

		$delete_options['restrict']      = bd_array_get( $_POST, 'smbd_feedback_restrict', false );
		$delete_options['limit_to']      = absint( bd_array_get( $_POST, 'smbd_feedback_limit_to', 0 ) );
		$delete_options['force_delete']  = bd_array_get( $_POST, 'smbd_feedback_force_delete', 'false' );

		$delete_options['feedback_op']   = bd_array_get( $_POST, 'smbd_feedback_op' );
		$delete_options['feedback_days'] = bd_array_get( $_POST, 'smbd_feedback_days' );

		/**
		 * Delete jetpack feedback delete options filter
		 * This filter is for processing filtering options for deleting jetpack message.
		 *
		 * @since 5.3
		 */
		$delete_options = apply_filters( 'bd_delete_jetpack_messages_delete_options', $delete_options, $_POST );

		if ( 'true' == bd_array_get( $_POST, 'smbd_feedback_cron', 'false' ) ) {
			$freq = $_POST['smbd_feedback_cron_freq'];
			$time = strtotime( $_POST['smbd_feedback_cron_start'] ) - ( get_option( 'gmt_offset' ) * 60 * 60 );

			if ( $freq == -1 ) {
				wp_schedule_single_event( $time, self::CRON_HOOK, array( $delete_options ) );
			} else {
				wp_schedule_event( $time, $freq, self::CRON_HOOK, array( $delete_options ) );
			}
			$msg = __( 'Jetpack contact form messages with the selected criteria are scheduled for deletion.', 'bulk-delete' ) . ' ' .
				sprintf( __( 'See the full list of <a href = "%s">scheduled tasks</a>' , 'bulk-delete' ), get_bloginfo( 'wpurl' ) . '/wp-admin/admin.php?page=' . Bulk_Delete::CRON_PAGE_SLUG );
		} else {
			$deleted_count = self::delete_jetpack_messages( $delete_options );
			$msg           = sprintf( _n( 'Deleted %d Jetpack contact form message', 'Deleted %d Jetpack contact form messages' , $deleted_count, 'bulk-delete' ), $deleted_count );
		}

		add_settings_error(
			Bulk_Delete_Misc::MISC_PAGE_SLUG,
			'deleted-posts',
			$msg,
			'updated'
		);
	}

	/**
	 * Delete Jetpack contact form messages.
	 *
	 * @static
	 *
	 * @since  5.3
	 *
	 * @param array $delete_options Options for deleting
	 *
	 * @return int Number of posts that were deleted
	 */
	public static function delete_jetpack_messages( $delete_options ) {
		$count      = 0;
		$use_filter = $delete_options['use_filter'];

		$options = array(
			'post_status' => 'publish',
			'post_type'   => self::FEEDBACK_POST_TYPE,
		);

		$limit_to = $delete_options['limit_to'];

		if ( $limit_to > 0 ) {
			$options['showposts'] = $limit_to;
		} else {
			$options['nopaging'] = 'true';
		}

		$force_delete = $delete_options['force_delete'];

		if ( 'true' == $force_delete ) {
			$force_delete = true;
		} else {
			$force_delete = false;
		}

		if ( 'true' == $delete_options['restrict'] ) {
			$options['op']   = $delete_options['feedback_op'];
			$options['days'] = $delete_options['feedback_days'];

			if ( ! class_exists( 'Bulk_Delete_By_Days' ) ) {
				require_once Bulk_Delete::$PLUGIN_DIR . '/include/util/class-bulk-delete-by-days.php';
			}
			new Bulk_Delete_By_Days;
		}

		$post_ids = bd_query( $options );
		foreach ( $post_ids as $post_id ) {
			if ( 'true' == $use_filter ) {
				/**
				 * Process additional filters for deleting jetpack messages.
				 *
				 * @since 5.3
				 */
				$can_delete = apply_filters( 'bd_delete_jetpack_messages_can_delete', $delete_options, $post_id );
				if ( ! $can_delete ) {
					continue;
				}
			}

			// $force delete parameter to custom post types doesn't work
			if ( $force_delete ) {
				wp_delete_post( $post_id, true );
			} else {
				wp_trash_post( $post_id );
			}
			$count++;
		}

		return $count;
	}

	/**
	 * Check whether Jetpack Contact Form is active.
	 *
	 * @static
	 *
	 * @since  5.3
	 *
	 * @return bool True if active, False otherwise
	 */
	public static function is_jetpack_contact_active() {
		$jetpack_active_modules = get_option( 'jetpack_active_modules' );
		if ( class_exists( 'Jetpack', false ) && $jetpack_active_modules && in_array( 'contact-form', $jetpack_active_modules ) ) {
			return true;
		}

		return false;
	}

	/**
	 * Append filtering options to the delete feedback page.
	 *
	 * @since 0.1
	 * @static
	 */
	public static function add_filtering_options() {
		?>
		<table class="optiontable" id="jetpack-filters" style="display:none;">
			<tr>
				<td colspan="2">
					<h4><?php _e( 'Choose your filtering options', 'bulk-delete' ); ?></h4>
				</td>
			</tr>

			<tr>
				<td scope="row">
					<input name="smbd_feedback_author_name_filter" id ="smbd_feedback_author_name_filter" value = "true" type = "checkbox">
				</td>
				<td>
					<label for="smbd_feedback_author_name_filter"><?php _e( 'Only if author name ', 'bulk-delete' ); ?></label>
					<select name="smbd_feedback_author_name_op" id="smbd_feedback_author_name_op" disabled>
						<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
						<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
					</select>
					<input type ="text" name="smbd_feedback_author_name_value" id ="smbd_feedback_author_name_value" disabled placeholder="<?php _e( 'Author Name', 'bulk-delete' ); ?>">
				</td>
			</tr>

			<tr>
				<td scope="row">
					<input name="smbd_feedback_author_email_filter" id ="smbd_feedback_author_email_filter" value = "true" type = "checkbox">
				</td>
				<td>
					<label for="smbd_feedback_author_email_filter"><?php _e( 'Only if author email ', 'bulk-delete' ); ?></label>
					<select name="smbd_feedback_author_email_op" id="smbd_feedback_author_email_op" disabled>
						<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
						<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
					</select>
					<input type ="text" name="smbd_feedback_author_email_value" id ="smbd_feedback_author_email_value" disabled placeholder="<?php _e( 'Author Email', 'bulk-delete' ); ?>">
				</td>
			</tr>

			<tr>
				<td scope="row">
					<input name="smbd_feedback_author_ip_filter" id ="smbd_feedback_author_ip_filter" value = "true" type = "checkbox">
				</td>
				<td>
					<label for="smbd_feedback_author_ip_filter"><?php _e( 'Only if author ip ', 'bulk-delete' ); ?></label>
					<select name="smbd_feedback_author_ip_op" id="smbd_feedback_author_ip_op" disabled>
						<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
						<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
					</select>
					<input type ="text" name="smbd_feedback_author_ip_value" id ="smbd_feedback_author_ip_value" disabled placeholder="<?php _e( 'Author ip', 'bulk-delete' ); ?>">
				</td>
			</tr>
		</table>
		<?php
	}

	/**
	 * Process additional delete options.
	 *
	 * @since  0.1
	 * @static
	 *
	 * @param array $delete_options Delete options array
	 * @param array $post           The Post array
	 *
	 * @return array Processed delete options array
	 */
	public static function process_filtering_options( $delete_options, $post ) {
		$filters = array();

		if ( 'true' == bd_array_get( $post, 'smbd_feedback_use_filter', 'false' ) ) {
			foreach ( array( 'name', 'email', 'ip' ) as $filter_name ) {
				if( 'true' == bd_array_get( $post, "smbd_feedback_author_{$filter_name}_filter", 'false' ) ) {
					$filters[$filter_name] = array(
						'op'    => bd_array_get( $post, "smbd_feedback_author_{$filter_name}_op", 'is' ),
						'value' => bd_array_get( $post, "smbd_feedback_author_{$filter_name}_value", '' ),
					);
				}
			}
		}

		$delete_options['filters'] = $filters;

		return $delete_options;
	}

	/**
	 * Whether the current message should be deleted based on user selection.
	 *
	 * @static
	 *
	 * @since  0.1
	 *
	 * @param array $delete_options List of options chosen by the user
	 * @param int   $post_id        Post id
	 *
	 * @return bool True if the message should be deleted, False otherwise
	 */
	public static function can_delete( $delete_options, $post_id ) {
		$can_delete = false;

		if ( self::is_jetpack_contact_active() ) {
			$content_fields = Grunion_Contact_Form_Plugin::parse_fields_from_content( $post_id );
filter:
    dependency_paths: ["lib/*"]

			$author_name  = $content_fields['_feedback_author'];
			$author_email = $content_fields['_feedback_author_email'];
			$author_ip    = $content_fields['_feedback_ip'];

			$filters = $delete_options['filters'];
			foreach ( $filters as $name => $filter ) {
				$field = "author_{$name}";
				if ( 'is' == $filter['op'] ) {
					if ( $$field == $filter['value'] ) {
						$can_delete = true;
					}
				} else {
					if ( $$field != $filter['value'] ) {
						$can_delete = true;
					}
				}
			}
		}

		return $can_delete;
	}

	/**
	 * Hook handler.
	 *
	 * @since 0.1
	 * @static
	 *
	 * @param array $delete_options Delete options array
	 */
	public static function do_delete_jetpack_messages_cron( $delete_options ) {
		do_action( 'bd_before_scheduler', self::CRON_NAME );
		$count = self::delete_jetpack_messages( $delete_options );
		do_action( 'bd_after_scheduler', self::CRON_NAME, $count );
	}
}


1			<?php
2			/**
3			* Utility class for deleting Jetpack Contact Form Messages.
4			*
5			* @since 5.3
6			*
7			* @author Sudar
8			*
9			* @package BulkDelete\Misc
10			*/
11			class Bulk_Delete_Jetpack_Contact_Form_Message {
12			// box slugs
13			const BOX_JETPACK_MESSAGES = 'bd-jetpack-feedback';
14
15			const FEEDBACK_POST_TYPE = 'feedback';
16			const CRON_HOOK = 'do-bulk-delete-feedback';
17			const CRON_NAME = 'Bulk Delete Jetpack Contact Form Messages';
18
19			/**
20			* Register Jetpack Feedback meta box for delete misc page.
21			*
22			* @static
23			*
24			* @since 5.3
25			*/
26			public static function add_delete_jetpack_messages_meta_box() {
27			$bd = BULK_DELETE();
28
29			add_meta_box(
30			self::BOX_JETPACK_MESSAGES,
31			__( 'Bulk Delete Jetpack Contact Form Messages', 'bulk-delete' ),
32			array( __CLASS__, 'render_delete_jetpack_messages_box' ),
33			$bd->misc_page,
34			'advanced'
35			);
36			}
37
38			/**
39			* Render Jetpack Feedback meta box for delete misc page.
40			*
41			* @static
42			*
43			* @since 5.3
44			*/
45			public static function render_delete_jetpack_messages_box() {
46			if ( Bulk_Delete_Misc::is_misc_box_hidden( self::BOX_JETPACK_MESSAGES ) ) {
47			printf( __( 'This section just got enabled. Kindly <a href = "%1$s">refresh</a> the page to fully enable it.', 'bulk-delete' ), 'admin.php?page=' . Bulk_Delete_Misc::MISC_PAGE_SLUG );
48
49			return;
50			}
51
52			if ( ! self::is_jetpack_contact_active() ) {
53			?>
54			<!-- Delete Jetpack Feedback box start-->
55			<p>
56			<span style="color:red">
57			<?php _e( 'Jetpack contact form is not enabled.', 'bulk-delete' ); ?>
58			</span>
59			</p>
60			<!-- Delete Jetpack Feedback box end-->
61			<?php
62			} else {
63			$feedback_count = wp_count_posts( self::FEEDBACK_POST_TYPE );
64			?>
65			<!-- Delete Jetpack Feedback box start-->
66			<fieldset class="options">
67			<table class="optiontable">
68			<tr>
69			<td scope="row" >
70			<input name="smbd_feedback_use_filter" value = "false" type = "radio" checked>
71			</td>
72			<td>
73			<label for="smbd_feedback"><?php echo __( 'Delete all Contact Form Messages', 'bulk-delete' ), ' ( ', $feedback_count->publish, ' ', __( 'in total', 'bulk-delete' ), ' )'; ?></label>
74			</td>
75			</tr>
76
77			<tr>
78			<td scope="row" >
79			<input name="smbd_feedback_use_filter" id="smbd_feedback_use_filter" value = "true" type = "radio" disabled>
80			</td>
81			<td>
82			<label for="smbd_feedback"><?php _e( 'Delete Messages based on filters', 'bulk-delete' ); ?></label>
83			<span class = "bd-feedback-pro" style = "color:red; vertical-align: middle;"><?php _e( 'Only available in Pro Addon', 'bulk-delete' ); ?> <a href = "https://bulkwp.com/addons/bulk-delete-jetpack-contact-form-messages/?utm_source=wpadmin&utm_campaign=BulkDelete&utm_medium=buynow&utm_content=bd-jcm" target="_blank">Buy now</a></span>
84			</td>
85			</tr>
86			</table>
87			<?php
88			/**
89			* Add more fields to the delete jetpack messages form
90			* This hook can be used to add more fields to the delete jetpack messages form.
91			*
92			* @since 5.3
93			*/
94			do_action( 'bd_delete_jetpack_messages_form' );
95			?>
96			<table class="optiontable">
97			<tr>
98			<td colspan="2">
99			<h4><?php _e( 'Choose your date options', 'bulk-delete' ); ?></h4>
100			</td>
101			</tr>
102
103			<tr>
104			<td scope="row">
105			<input name="smbd_feedback_restrict" id ="smbd_feedback_restrict" value = "true" type = "checkbox">
106			</td>
107			<td>
108			<label for="smbd_feedback_restrict"> <?php _e( 'Only restrict to posts which are ', 'bulk-delete' ); ?></label>
109			<select name="smbd_feedback_op" id="smbd_feedback_op" disabled>
110			<option value ="<"><?php _e( 'older than', 'bulk-delete' );?></option>
111			<option value =">"><?php _e( 'posted within last', 'bulk-delete' );?></option>
112			</select>
113			<input type ="text" name="smbd_feedback_days" id ="smbd_feedback_days" value ="0" maxlength="4" size="4" disabled><?php _e( 'days', 'bulk-delete' );?>
114			</td>
115			</tr>
116
117			<tr>
118			<td scope="row">
119			<input name="smbd_feedback_limit" id="smbd_feedback_limit" value = "true" type = "checkbox">
120			</td>
121			<td>
122			<label for="smbd_feedback_limit"><?php _e( 'Only delete first ', 'bulk-delete' ); ?></label>
123			<input type ="text" name="smbd_feedback_limit_to" id="smbd_feedback_limit_to" disabled value ="0" maxlength="4" size="4"><?php _e( 'posts.', 'bulk-delete' );?>
124			<?php _e( 'Use this option if there are more than 1000 posts and the script times out.', 'bulk-delete' ) ?>
125			</td>
126			</tr>
127
128			<tr>
129			<td colspan="2">
130			<h4><?php _e( 'Choose your deletion options', 'bulk-delete' ); ?></h4>
131			</td>
132			</tr>
133
134			<tr>
135			<td scope="row" colspan="2">
136			<label>
137			<input name="smbd_feedback_force_delete" value = "false" type = "radio" checked="checked">
138			<?php _e( 'Move to Trash', 'bulk-delete' ); ?>
139			</label>
140			<label>
141			<input name="smbd_feedback_force_delete" value = "true" type = "radio">
142			<?php _e( 'Delete permanently', 'bulk-delete' ); ?>
143			</label>
144			</td>
145			</tr>
146
147			<tr>
148			<td scope="row" colspan="2">
149			<label>
150			<input name="smbd_feedback_cron" value = "false" type = "radio" checked="checked" >
151			<?php _e( 'Delete now', 'bulk-delete' ); ?>
152			</label>
153			<label>
154			<input name="smbd_feedback_cron" value = "true" type = "radio" id = "smbd_feedback_cron" disabled >
155			<?php _e( 'Schedule', 'bulk-delete' ); ?>
156			</label>
157			<input name="smbd_feedback_cron_start" id = "smbd_feedback_cron_start" value = "now" type = "text" disabled autocomplete ="off" ><?php _e( 'repeat ', 'bulk-delete' );?>
158			<select name = "smbd_feedback_cron_freq" id = "smbd_feedback_cron_freq" disabled>
159			<option value = "-1"><?php _e( "Don't repeat", 'bulk-delete' ); ?></option>
160			<?php
161			$schedules = wp_get_schedules();
162			foreach ( $schedules as $key => $value ) {
163			?>
164			<option value = "<?php echo $key; ?>"><?php echo $value['display']; ?></option>
165			<?php
166			}
167			?>
168			</select>
169			<span class = "bd-feedback-pro" style = "color:red"><?php _e( 'Only available in Pro Addon', 'bulk-delete' ); ?> <a href = "https://bulkwp.com/addons/bulk-delete-jetpack-contact-form-messages/?utm_source=wpadmin&utm_campaign=BulkDelete&utm_medium=buynow&utm_content=bd-jcm" target="_blank">Buy now</a></span>
170			</td>
171			</tr>
172
173			</table>
174			</fieldset>
175			<p class="submit">
176			<button type='submit' name='bd_action' value='delete_jetpack_messages' class='button-primary'><?php _e( 'Bulk Delete ', 'bulk-delete' ) ?>»</button>
177			</p>
178			<!-- Delete Jetpack Feedback box end-->
179			<?php
180			}
181			}
182
183			/**
184			* Filter JS Array and add validation hooks.
185			*
186			* @since 5.4
187			* @static
188			*
189			* @param array $js_array JavaScript Array
190			*
191			* @return array Modified JavaScript Array
192			*/
193			public static function filter_js_array( $js_array ) {
194			$js_array['dt_iterators'][] = '_feedback';
195			$js_array['validators']['delete_jetpack_messages'] = 'noValidation';
196
197			$js_array['pre_action_msg']['delete_jetpack_messages'] = 'deleteJetpackWarning';
198			$js_array['msg']['deleteJetpackWarning'] = __( 'Are you sure you want to delete all the Jetpack contact form messages based on the selected filters?', 'bulk-delete' );
199
200			return $js_array;
201			}
202
203			/**
204			* Controller for deleting Jetpack contact form messages.
205			*
206			* @static
207			*
208			* @since 5.3
209			*/
210			public static function do_delete_jetpack_messages() {
211			$delete_options = array();
212
213			$delete_options['use_filter'] = bd_array_get( $_POST, 'smbd_feedback_use_filter', 'false' );
214
215			$delete_options['restrict'] = bd_array_get( $_POST, 'smbd_feedback_restrict', false );
216			$delete_options['limit_to'] = absint( bd_array_get( $_POST, 'smbd_feedback_limit_to', 0 ) );
217			$delete_options['force_delete'] = bd_array_get( $_POST, 'smbd_feedback_force_delete', 'false' );
218
219			$delete_options['feedback_op'] = bd_array_get( $_POST, 'smbd_feedback_op' );
220			$delete_options['feedback_days'] = bd_array_get( $_POST, 'smbd_feedback_days' );
221
222			/**
223			* Delete jetpack feedback delete options filter
224			* This filter is for processing filtering options for deleting jetpack message.
225			*
226			* @since 5.3
227			*/
228			$delete_options = apply_filters( 'bd_delete_jetpack_messages_delete_options', $delete_options, $_POST );
229
230			if ( 'true' == bd_array_get( $_POST, 'smbd_feedback_cron', 'false' ) ) {
231			$freq = $_POST['smbd_feedback_cron_freq'];
232			$time = strtotime( $_POST['smbd_feedback_cron_start'] ) - ( get_option( 'gmt_offset' ) * 60 * 60 );
233
234			if ( $freq == -1 ) {
235			wp_schedule_single_event( $time, self::CRON_HOOK, array( $delete_options ) );
236			} else {
237			wp_schedule_event( $time, $freq, self::CRON_HOOK, array( $delete_options ) );
238			}
239			$msg = __( 'Jetpack contact form messages with the selected criteria are scheduled for deletion.', 'bulk-delete' ) . ' ' .
240			sprintf( __( 'See the full list of <a href = "%s">scheduled tasks</a>' , 'bulk-delete' ), get_bloginfo( 'wpurl' ) . '/wp-admin/admin.php?page=' . Bulk_Delete::CRON_PAGE_SLUG );
241			} else {
242			$deleted_count = self::delete_jetpack_messages( $delete_options );
243			$msg = sprintf( _n( 'Deleted %d Jetpack contact form message', 'Deleted %d Jetpack contact form messages' , $deleted_count, 'bulk-delete' ), $deleted_count );
244			}
245
246			add_settings_error(
247			Bulk_Delete_Misc::MISC_PAGE_SLUG,
248			'deleted-posts',
249			$msg,
250			'updated'
251			);
252			}
253
254			/**
255			* Delete Jetpack contact form messages.
256			*
257			* @static
258			*
259			* @since 5.3
260			*
261			* @param array $delete_options Options for deleting
262			*
263			* @return int Number of posts that were deleted
264			*/
265			public static function delete_jetpack_messages( $delete_options ) {
266			$count = 0;
267			$use_filter = $delete_options['use_filter'];
268
269			$options = array(
270			'post_status' => 'publish',
271			'post_type' => self::FEEDBACK_POST_TYPE,
272			);
273
274			$limit_to = $delete_options['limit_to'];
275
276			if ( $limit_to > 0 ) {
277			$options['showposts'] = $limit_to;
278			} else {
279			$options['nopaging'] = 'true';
280			}
281
282			$force_delete = $delete_options['force_delete'];
283
284			if ( 'true' == $force_delete ) {
285			$force_delete = true;
286			} else {
287			$force_delete = false;
288			}
289
290			if ( 'true' == $delete_options['restrict'] ) {
291			$options['op'] = $delete_options['feedback_op'];
292			$options['days'] = $delete_options['feedback_days'];
293
294			if ( ! class_exists( 'Bulk_Delete_By_Days' ) ) {
295			require_once Bulk_Delete::$PLUGIN_DIR . '/include/util/class-bulk-delete-by-days.php';
296			}
297			new Bulk_Delete_By_Days;
298			}
299
300			$post_ids = bd_query( $options );
301			foreach ( $post_ids as $post_id ) {
302			if ( 'true' == $use_filter ) {
303			/**
304			* Process additional filters for deleting jetpack messages.
305			*
306			* @since 5.3
307			*/
308			$can_delete = apply_filters( 'bd_delete_jetpack_messages_can_delete', $delete_options, $post_id );
309			if ( ! $can_delete ) {
310			continue;
311			}
312			}
313
314			// $force delete parameter to custom post types doesn't work
315			if ( $force_delete ) {
316			wp_delete_post( $post_id, true );
317			} else {
318			wp_trash_post( $post_id );
319			}
320			$count++;
321			}
322
323			return $count;
324			}
325
326			/**
327			* Check whether Jetpack Contact Form is active.
328			*
329			* @static
330			*
331			* @since 5.3
332			*
333			* @return bool True if active, False otherwise
334			*/
335			public static function is_jetpack_contact_active() {
336			$jetpack_active_modules = get_option( 'jetpack_active_modules' );
337			if ( class_exists( 'Jetpack', false ) && $jetpack_active_modules && in_array( 'contact-form', $jetpack_active_modules ) ) {
338			return true;
339			}
340
341			return false;
342			}
343
344			/**
345			* Append filtering options to the delete feedback page.
346			*
347			* @since 0.1
348			* @static
349			*/
350			public static function add_filtering_options() {
351			?>
352			<table class="optiontable" id="jetpack-filters" style="display:none;">
353			<tr>
354			<td colspan="2">
355			<h4><?php _e( 'Choose your filtering options', 'bulk-delete' ); ?></h4>
356			</td>
357			</tr>
358
359			<tr>
360			<td scope="row">
361			<input name="smbd_feedback_author_name_filter" id ="smbd_feedback_author_name_filter" value = "true" type = "checkbox">
362			</td>
363			<td>
364			<label for="smbd_feedback_author_name_filter"><?php _e( 'Only if author name ', 'bulk-delete' ); ?></label>
365			<select name="smbd_feedback_author_name_op" id="smbd_feedback_author_name_op" disabled>
366			<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
367			<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
368			</select>
369			<input type ="text" name="smbd_feedback_author_name_value" id ="smbd_feedback_author_name_value" disabled placeholder="<?php _e( 'Author Name', 'bulk-delete' ); ?>">
370			</td>
371			</tr>
372
373			<tr>
374			<td scope="row">
375			<input name="smbd_feedback_author_email_filter" id ="smbd_feedback_author_email_filter" value = "true" type = "checkbox">
376			</td>
377			<td>
378			<label for="smbd_feedback_author_email_filter"><?php _e( 'Only if author email ', 'bulk-delete' ); ?></label>
379			<select name="smbd_feedback_author_email_op" id="smbd_feedback_author_email_op" disabled>
380			<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
381			<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
382			</select>
383			<input type ="text" name="smbd_feedback_author_email_value" id ="smbd_feedback_author_email_value" disabled placeholder="<?php _e( 'Author Email', 'bulk-delete' ); ?>">
384			</td>
385			</tr>
386
387			<tr>
388			<td scope="row">
389			<input name="smbd_feedback_author_ip_filter" id ="smbd_feedback_author_ip_filter" value = "true" type = "checkbox">
390			</td>
391			<td>
392			<label for="smbd_feedback_author_ip_filter"><?php _e( 'Only if author ip ', 'bulk-delete' ); ?></label>
393			<select name="smbd_feedback_author_ip_op" id="smbd_feedback_author_ip_op" disabled>
394			<option value ="is"><?php _e( 'is', 'bulk-delete' );?></option>
395			<option value ="is-not"><?php _e( 'is not', 'bulk-delete' );?></option>
396			</select>
397			<input type ="text" name="smbd_feedback_author_ip_value" id ="smbd_feedback_author_ip_value" disabled placeholder="<?php _e( 'Author ip', 'bulk-delete' ); ?>">
398			</td>
399			</tr>
400			</table>
401			<?php
402			}
403
404			/**
405			* Process additional delete options.
406			*
407			* @since 0.1
408			* @static
409			*
410			* @param array $delete_options Delete options array
411			* @param array $post The Post array
412			*
413			* @return array Processed delete options array
414			*/
415			public static function process_filtering_options( $delete_options, $post ) {
416			$filters = array();
417
418			if ( 'true' == bd_array_get( $post, 'smbd_feedback_use_filter', 'false' ) ) {
419			foreach ( array( 'name', 'email', 'ip' ) as $filter_name ) {
420			if( 'true' == bd_array_get( $post, "smbd_feedback_author_{$filter_name}_filter", 'false' ) ) {
421			$filters[$filter_name] = array(
422			'op' => bd_array_get( $post, "smbd_feedback_author_{$filter_name}_op", 'is' ),
423			'value' => bd_array_get( $post, "smbd_feedback_author_{$filter_name}_value", '' ),
424			);
425			}
426			}
427			}
428
429			$delete_options['filters'] = $filters;
430
431			return $delete_options;
432			}
433
434			/**
435			* Whether the current message should be deleted based on user selection.
436			*
437			* @static
438			*
439			* @since 0.1
440			*
441			* @param array $delete_options List of options chosen by the user
442			* @param int $post_id Post id
443			*
444			* @return bool True if the message should be deleted, False otherwise
445			*/
446			public static function can_delete( $delete_options, $post_id ) {
447			$can_delete = false;
448
449			if ( self::is_jetpack_contact_active() ) {
450			$content_fields = Grunion_Contact_Form_Plugin::parse_fields_from_content( $post_id );
			0 ignored issues – show Bug introduced 2018-02-07 18:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `Grunion_Contact_Form_Plugin` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
451
452			$author_name = $content_fields['_feedback_author'];
453			$author_email = $content_fields['_feedback_author_email'];
454			$author_ip = $content_fields['_feedback_ip'];
455
456			$filters = $delete_options['filters'];
457			foreach ( $filters as $name => $filter ) {
458			$field = "author_{$name}";
459			if ( 'is' == $filter['op'] ) {
460			if ( $$field == $filter['value'] ) {
461			$can_delete = true;
462			}
463			} else {
464			if ( $$field != $filter['value'] ) {
465			$can_delete = true;
466			}
467			}
468			}
469			}
470
471			return $can_delete;
472			}
473
474			/**
475			* Hook handler.
476			*
477			* @since 0.1
478			* @static
479			*
480			* @param array $delete_options Delete options array
481			*/
482			public static function do_delete_jetpack_messages_cron( $delete_options ) {
483			do_action( 'bd_before_scheduler', self::CRON_NAME );
484			$count = self::delete_jetpack_messages( $delete_options );
485			do_action( 'bd_after_scheduler', self::CRON_NAME, $count );
486			}
487			}
488

sudar / bulk-delete

Issues (52)

Security Analysis not enabled

...s-bulk-delete-jetpack-contact-form-messages.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like