if ( ! function_exists( $sanitize_function ) ) { _doing_it_wrong( __METHOD__, 'Invalid sanitize function', '3.59.4' ); return $onboarding_data; } // phpcs:ignore WordPress.Security.NonceVerification.Missing, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized if ( isset( $_POST['eow'][ $key ] ) ) { // Nonce is verified in the parent function. // phpcs:ignore WordPress.Security.NonceVerification.Missing, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $onboarding_data[ $key ] = $sanitize_function( wp_unslash( $_POST['eow'][ $key ] ) ); } else { unset( $onboarding_data[ $key ] ); } return $onboarding_data; } /** * Save the onboarding data to Drip. * * @param array $onboarding_data The onboarding data. * * @return void */ public function save_to_drip( array $onboarding_data ) { $url = 'https://imagely.com/wp-json/imagely/v1/get_opt_in_data'; $email = sanitize_email( $onboarding_data['_email_address'] ); if ( empty( $email ) ) { return; } $tags = []; $position = ''; $tags[] = 'im-' . $this->get_license_type(); if ( isset( $onboarding_data['_user_type'] ) ) { $position = $onboarding_data['_user_type']; } $body_data = [ 'imagely-drip-email' => base64_encode( $email ), // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode 'imagely-drip-tags' => $tags, 'imagely-drip-position' => $position, ]; $body = wp_json_encode( $body_data ); $args = [ 'method' => 'POST', 'headers' => [ 'Content-Type' => 'application/json', 'user-agent' => 'ENVIRA/IMAGELY/' . NGG_PLUGIN_VERSION . '; ' . get_bloginfo( 'url' ), ], 'body' => $body, 'timeout' => '5', // Timeout in seconds. 'redirection' => '5', 'httpversion' => '1.0', 'blocking' => true, 'data_format' => 'body', ]; $response = wp_safe_remote_post( $url, $args ); } /** * Save selected addons to database. */ public function save_selected_addons() { // check for nonce nextgen-galleryOnboardingCheck. if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['nonce'] ) ), 'nextgen-galleryOnboardingCheck' ) ) { wp_send_json_error( 'Invalid nonce' ); wp_die(); } // check if the current user can manage options. if ( ! current_user_can( 'manage_options' ) ) { wp_send_json_error( 'You do not have permission to save data' ); wp_die(); } if ( ! empty( $_POST['addons'] ) ) { $addons = explode( ',', sanitize_text_field( wp_unslash( $_POST['addons'] ) ) ); // Sanitize data and merge to existing data. $onboarding_data = get_option( 'ngg_onboarding_data' ); if ( empty( $onboarding_data ) ) { $onboarding_data = []; } // Save addons as _addons key. $onboarding_data['_addons'] = $addons; $updated = update_option( 'ngg_onboarding_data', $onboarding_data ); wp_send_json_success( 'Addons saved successfully' ); wp_die(); } wp_send_json_error( 'Something went wrong. Please try again.' ); wp_die(); } /** * Get the license type for the current plugin. * * @since 3.59.4 * * @return string */ public function get_license_type() { if ( defined( 'NGG_PRO_PLUGIN_BASENAME' ) ) { return 'pro'; } elseif ( defined( 'NGG_PLUS_PLUGIN_BASENAME' ) ) { return 'plus'; } elseif ( defined( 'NGG_STARTER_PLUGIN_BASENAME' ) ) { return 'starter'; } return 'lite'; } /** * Install the recommended plugins and add-ons. * * @return void */ public function install_recommended_plugins() { // check for nonce nextgen-galleryOnboardingCheck. if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['nonce'] ) ), 'nextgen-galleryOnboardingCheck' ) ) { wp_send_json_error( 'Invalid nonce' ); wp_die(); } // check if the current user can manage options. if ( ! current_user_can( 'manage_options' ) ) { wp_send_json_error( 'You do not have permission to install plugins' ); wp_die(); } if ( ! empty( $_POST['plugins'] ) ) { // Sanitize data, plugins is a string delimited by comma. $plugins = explode( ',', sanitize_text_field( wp_unslash( $_POST['plugins'] ) ) ); // Install the plugins. foreach ( $plugins as $plugin ) { if ( '' !== $this->is_recommended_plugin_installed( $plugin ) ) { continue; // Skip the plugin if it is already installed. } // Generate the plugin URL by slug. $url = 'https://downloads.wordpress.org/plugin/' . $plugin . '.zip'; $this->install_helper( $url ); } } wp_send_json_success( 'Installed the recommended plugins successfully.' ); wp_die(); } /** * Helper function to install the free plugins. * * @param string $download_url The download URL. * * @return void */ public function install_helper( string $download_url ) { if ( empty( $download_url ) ) { return; } global $hook_suffix; // Set the current screen to avoid undefined notices. set_current_screen(); $method = ''; $url = esc_url( admin_url( 'index.php?page=nextgen-gallery-setup-wizard' ) ); // Start output buffering to catch the filesystem form if credentials are needed. ob_start(); $creds = request_filesystem_credentials( $url, $method, false, false, null ); if ( false === $creds ) { $form = ob_get_clean(); echo wp_json_encode( [ 'form' => $form ] ); die; } // If we are not authenticated, make it happen now. if ( ! WP_Filesystem( $creds ) ) { ob_start(); request_filesystem_credentials( $url, $method, true, false, null ); $form = ob_get_clean(); echo wp_json_encode( [ 'form' => $form ] ); die; } // We do not need any extra credentials if we have gotten this far, so let's install the plugin. require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; // Create the plugin upgrader with our custom skin. $skin = new \Imagely\NGG\Util\Installer_Skin(); $installer = new \Plugin_Upgrader( $skin ); $status = $installer->install( $download_url ); if ( is_wp_error( $status ) ) { wp_send_json_error( $status->get_error_message() ); } // Flush the cache and return. wp_cache_flush(); } /** * Verify the license key. * * @since 3.59.4 * * @return void * * Copy of maybe_verify_key in License class. * Modified to return wp_send_json_success and wp_send_json_error. */ public function ngg_plugin_verify_license_key() { if ( ! isset( $_POST['nextgen-gallery-license-key'], $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['nonce'] ) ), 'nextgen-galleryOnboardingCheck' ) ) { wp_send_json_error( 'Invalid Request', \WP_Http::FORBIDDEN ); wp_die(); } $url = 'https://members.photocrati.com/wp-json/licensing/v1/register_site'; $license_key = isset( $_POST['nextgen-gallery-license-key'] ) ? sanitize_text_field( wp_unslash( $_POST['nextgen-gallery-license-key'] ) ) : null; if ( empty( $license_key ) ) { wp_send_json_error( 'License key is required' ); wp_die(); } $query_args = [ 'license_key' => $license_key, 'site_url' => site_url(), ]; $args = [ 'method' => 'POST', 'timeout' => 45, 'redirection' => 5, 'httpversion' => '1.0', 'body' => $query_args, 'user-agent' => 'ImagelyUpdates/' . NGG_PLUGIN_VERSION . '; ' . get_bloginfo( 'url' ), 'blocking' => true, ]; $response = wp_safe_remote_post( $url, $args ); if ( is_wp_error( $response ) ) { $error_message = $response->get_error_message(); wp_send_json_error( $error_message ); wp_die(); } else { $http_code = wp_remote_retrieve_response_code( $response ); $result = json_decode( wp_remote_retrieve_body( $response ) ); // check if the response has error and bail out. // check if the response has error and bail out. if ( isset( $result->error ) && '' !== $result->error ) { wp_send_json_error( $this->get_error_message( $result->error ) ); wp_die(); } $valid = in_array( $result->status ?? '', ['active', 'inactive','disabled'], true ) ?? false; // Check if status is active/inactive not expired or disabled. if ( 200 === $http_code && $valid ) { $product = $result->level ?? false; if ( ! $product ) { wp_send_json_error( 'Product not found.' ); wp_die(); } // Check if the product is already installed. $current_level = $this->get_license_type(); if ( $current_level === $product ) { // If the product is already installed, return success. wp_send_json_success( 'Congratulations! This site is now receiving automatic updates.' ); wp_die(); } // Check if limit is reached. if ( '' === $result->is_at_limit ) { wp_send_json_error( 'Sorry, you have reached the limit of sites for this license key.' ); wp_die(); } $url = $this->download_pro( $license_key, $product ); if ( isset( $url ) ) { $this->install_helper( $url ); } wp_send_json_success( 'Congratulations! This site is now receiving automatic updates.' ); wp_die(); } else { // if license is expired, throw error. if ( 'expired' === $result->status ) { wp_send_json_error( $this->get_error_message( 'license_expired' ) ); wp_die(); } // if license is invalid, throw error. wp_send_json_error( $this->get_error_message( null ) ); wp_die(); } } } /** * Download the pro version of the plugin. * * @param string $key The license key. * @param string $product The product name. * * @return boolean|string */ public function download_pro( string $key, string $product ) { // Check if the product already exist in the installed plugins. if( 'no-clicks disabled' === $this->is_recommended_plugin_installed( 'nextgen-gallery-' . $product ) ){ return false; } $url = 'https://members.photocrati.com/wp-json/licensing/v1/get_update?product=nextgen-gallery-' . $product . '&license_key=' . $key . '&site_url=' . site_url(); $args = [ 'method' => 'GET', 'timeout' => 45, 'redirection' => 5, 'httpversion' => '1.0', 'user-agent' => 'ImagelyUpdates/' . NGG_PLUGIN_VERSION . '; ' . get_bloginfo( 'url' ), 'blocking' => true, ]; $response = wp_safe_remote_get( $url, $args ); if ( ! is_wp_error( $response ) ) { $http_code = wp_remote_retrieve_response_code( $response ); $body = wp_remote_retrieve_body( $response ); if ( 200 === $http_code ) { return json_decode( $body )->download_url ?? ''; } else { return false; } } } /** * Get a list of installed recommended plugins and addons. * * @return array */ public function get_installed_plugins(): array { $plugins = $this->get_recommended_plugins(); // Check if these plugins are installed already or not. $all_plugins = get_plugins(); $installed = []; foreach ( $plugins as $plugin ) { if ( in_array( $plugin, array_keys( $all_plugins ), true ) ) { // Get array key of $plugins. $installed[] = array_search( $plugin, $plugins, true ); } } return $installed; } /** * Get error messages. * * @since 3.59.4 * * @param string|null $code The error message. * * @return string */ public function get_error_message( ?string $code ): string { if ( ! isset( $code ) ) { return 'Something went wrong, please try again later.'; } $message = ''; switch ( $code ) { case 'empty_site_url': $message = __( 'The site URL is missing. Please provide a valid URL.', 'nextgen-gallery' ); break; case 'license_not_found': $message = __( 'The license key was not found. Please verify and try again.', 'nextgen-gallery' ); break; case 'license_status_expired': case 'license_expired': $message = __( 'The license key has expired. Please renew your license.', 'nextgen-gallery' ); break; case 'license_status_disabled': case 'license_disabled': $message = __( 'The license key has not been activated yet. Please contact support.', 'nextgen-gallery' ); break; case 'license_status_revoked': case 'license_revoked': $message = __( 'The license key has been revoked. Please contact support.', 'nextgen-gallery' ); break; case 'license_limit_installations': $message = __( 'The license key has reached the maximum number of installations.', 'nextgen-gallery' ); break; default: $message = __( 'An unknown error occurred. Please try again.', 'nextgen-gallery' ); break; } return $message; } }