v1.0.0

Author: tuhin18003

core/actions/Upn_CustomAjax.php

@@ -12,6 +12,8 @@
 	die();
 }
 
+use UltimatePushNotifications\lib\Util;
+
 if ( ! \class_exists( 'Upn_CustomAjax' ) ) {
 
 	class Upn_CustomAjax {
@@ -38,9 +40,9 @@ public function upn_ajax() {
 			}
 
 			if ( ! isset( $_REQUEST['data'] ) && isset( $_POST['method'] ) ) {
-				$data = $_POST;
+				$data = Util::check_evil_script( $_POST );
 			} else {
-				$data = $_REQUEST['data'];
+				$data = Util::check_evil_script( $_REQUEST['data'] );
 			}
 
 			if ( empty( $method = $data['method'] ) || strpos( $method, '@' ) === false ) {

core/actions/Upn_EnqueueScript.php

@@ -62,8 +62,8 @@ public function upn_action_enqueue_scripts() {
 						'asset_url'    => CS_UPN_PLUGIN_ASSET_URI,
 						'ajax_url'     => esc_url( admin_url( 'admin-ajax.php?action=upn_ajax&cs_token=' . wp_create_nonce( SECURE_AUTH_SALT ) ) ),
 						'current_user' => array(
-							'user_id'   => isset($current_user->ID) ? $current_user->ID : '',
-							'user_name' => isset($current_user->user_login) ? $current_user->user_login : '',
+							'user_id'   => isset( $current_user->ID ) ? $current_user->ID : '',
+							'user_name' => isset( $current_user->user_login ) ? $current_user->user_login : '',
 						),
 					) + (array) $AppConfig
 				);

core/actions/Upn_RegisterMenu.php

@@ -49,7 +49,7 @@ class Upn_RegisterMenu {
 
 		public function __construct() {
 			 // call WordPress admin menu hook
-			add_action( 'admin_menu', array( $this, 'rtafar_register_menu' ) );
+			add_action( 'admin_menu', array( $this, 'upn_register_menu' ) );
 		}
 
 		/**
@@ -65,7 +65,7 @@ public function init_current_screen() {
 		/**
 		 * Create plugins menu
 		 */
-		public function rtafar_register_menu() {
+		public function upn_register_menu() {
 			global $upn_menu;
 			add_menu_page(
 				__( 'Ultimate Push Notifications', 'ultimate-push-notifications' ),
@@ -225,7 +225,7 @@ public function upn_page_all_registered_devices() {
 		 */
 		private function generate_page( $Page_Obj, $page_info, $option ) {
 			if ( is_object( $Page_Obj ) ) {
-				return $Page_Obj->generate_page( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ), $option );
+				return $Page_Obj->generate_page( array_merge_recursive( $page_info, array( 'upn_custom_data' => array() ) ), $option );
 			} else {
 				return $Page_Obj;
 			}
@@ -240,124 +240,38 @@ private function generate_page( $Page_Obj, $page_info, $option ) {
 		private function page_permission_restricted( $page_info ) {
 			$AccessDenied = $this->pages->AccessDenied();
 			if ( is_object( $AccessDenied ) ) {
-				return $AccessDenied->generate_access_denided( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
+				return $AccessDenied->generate_access_denided( array_merge_recursive( $page_info, array( 'upn_custom_data' => array() ) ) );
 			} else {
 				return $AccessDenied;
 			}
 		}
 
-		public function add_rule() {
-
-			$title  = 'Add';
-			$option = array();
-			if ( isset( $_GET['action'] ) && ! empty( $_GET['rule_id'] ) ) {
-				$option = Masking::get_rules( 'all', $_GET['rule_id'] );
-				$option = (array) $option[0];
-				$title  = 'Update';
-			}
-
-			// pre_print( $option );
-
-			$page_info = array(
-				'title'     => sprintf( __( '%s APP Configuration', 'ultimate-push-notifications' ), $title ),
-				'sub_title' => __( 'These will not replace in database. Following find replace rules will take place before website render to browser.', 'ultimate-push-notifications' ),
-			);
-
-			if ( current_user_can( 'manage_options' ) || current_user_can( 'administrator' ) ) {
-				$AddNewRule = $this->pages->AddNewRule();
-				if ( is_object( $AddNewRule ) ) {
-					echo $AddNewRule->generate_page( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ), $option );
-				} else {
-					echo $AddNewRule;
-				}
-			} else {
-				$AccessDenied = $this->pages->AccessDenied();
-				if ( is_object( $AccessDenied ) ) {
-					echo $AccessDenied->generate_access_denided( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
-				} else {
-					echo $AccessDenied;
-				}
-			}
-		}
-
-		public function upn_page_all_masking_rules() {
-			$page_info = array(
-				'title'     => __( 'All Masking Rule', 'ultimate-push-notifications' ),
-				'sub_title' => __( 'Following find replace rules will take place before website render to browser.', 'ultimate-push-notifications' ),
-			);
-
-			if ( current_user_can( 'manage_options' ) || current_user_can( 'administrator' ) ) {
-				$AllMaskingRules = $this->pages->AllMaskingRules();
-				if ( is_object( $AllMaskingRules ) ) {
-					echo $AllMaskingRules->generate_page( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
-				} else {
-					echo $AllMaskingRules;
-				}
-			} else {
-				$AccessDenied = $this->pages->AccessDenied();
-				if ( is_object( $AccessDenied ) ) {
-					echo $AccessDenied->generate_access_denided( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
-				} else {
-					echo $AccessDenied;
-				}
-			}
-		}
-
-		/**
-		 * Generate default settings page
-		 *
-		 * @return type
-		 */
-		public function upn_page_replace_in_db() {
-			$page_info = array(
-				'title'     => __( 'Replace In Database', 'ultimate-push-notifications' ),
-				'sub_title' => __( 'Instantly & permanently replace string from database table\'s. It will take effect in WordPress\'s table\'s only.', 'ultimate-push-notifications' ),
-			);
-
-			if ( current_user_can( 'manage_options' ) || current_user_can( 'administrator' ) ) {
-				$Default_Settings = $this->pages->ReplaceInDB();
-				if ( is_object( $Default_Settings ) ) {
-					echo $Default_Settings->generate_default_settings( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
-				} else {
-					echo $Default_Settings;
-				}
-			} else {
-				$AccessDenied = $this->pages->AccessDenied();
-				if ( is_object( $AccessDenied ) ) {
-					echo $AccessDenied->generate_access_denided( array_merge_recursive( $page_info, array( 'gateway_settings' => array() ) ) );
-				} else {
-					echo $AccessDenied;
-				}
-			}
-
-		}
-
 		/**
 		 * load funnel builder scripts
 		 */
 		public function upn_register_admin_settings_scripts() {
 			// register scripts
-			add_action( 'admin_enqueue_scripts', array( $this, 'rtafar_load_settings_scripts' ) );
+			add_action( 'admin_enqueue_scripts', array( $this, 'upn_load_settings_scripts' ) );
 
 			// init current screen
 			$this->init_current_screen();
 
 			// load all admin footer script
-			add_action( 'admin_footer', array( $this, 'rtafar_load_admin_footer_script' ) );
+			add_action( 'admin_footer', array( $this, 'upn_load_admin_footer_script' ) );
 		}
 
 		/**
 		 * Load admin scripts
 		 */
-		public function rtafar_load_settings_scripts( $page_id ) {
+		public function upn_load_settings_scripts( $page_id ) {
 			return Scripts_Settings::load_admin_settings_scripts( $page_id, $this->upn_menus );
 
 		}
 
 		/**
 		 * load custom scripts on admin footer
 		 */
-		public function rtafar_load_admin_footer_script() {
+		public function upn_load_admin_footer_script() {
 			return Scripts_Settings::load_admin_footer_script( $this->current_screen->id, $this->upn_menus );
 		}
 

core/admin/options/functions/AppConfig.php

@@ -100,7 +100,7 @@ public function cs_update_token( $user_input ) {
 
 			$current_user = Util::check_evil_script( $user_input['current_user'] );
 
-			if( empty($current_user) ){
+			if ( empty( $current_user ) ) {
 				return wp_send_json(
 					array(
 						'status' => false,
@@ -110,8 +110,8 @@ public function cs_update_token( $user_input ) {
 				);
 			}
 
-			$token        = Util::check_evil_script( $user_input['gen_token'] );
-			$device_id    = Util::check_evil_script( $user_input['device_id'] );
+			$token     = Util::check_evil_script( $user_input['gen_token'] );
+			$device_id = Util::check_evil_script( $user_input['device_id'] );
 
 			$is_exists = $wpdb->get_var(
 				$wpdb->prepare(

core/admin/options/functions/RegisteredDevicesList.php

@@ -55,6 +55,8 @@ public function get_columns() {
 		);
 	}
 
+
+
 	/**
 	 * Column default info
 	 */
@@ -81,7 +83,7 @@ public function column_cb( $item ) {
 	public function column_token( $item ) {
 		$content  = \substr( $item->token, 0, 30 );
 		$content .= '<div class="row-actions"><span class="edit">';
-		$content .= '<a class="send-test-notifications" data-token = "' . $item->token . '" >Send Test Notification</a>';
+		$content .= sprintf( __( '%1$sSend Test Notification%2$s', 'ultimate-push-notifications' ), '<a class="send-test-notifications" data-token = "' . $item->token . '" >', '</a>' );
 		$content .= '</span></div>';
 		return $content;
 	}
@@ -101,20 +103,20 @@ public function column_registered_on( $item ) {
 	}
 
 	public function column_total_notifications_sent( $item ) {
-		$content  = 'Success : ';
+		$content  = __( 'Success :', 'ultimate-push-notifications' );
 		$content .= empty( $item->total_sent_success_notifications ) ? 0 : $item->total_sent_success_notifications;
-		$content .= '<br>Fail : ';
+		$content .= sprintf( __( '%sFailure :', 'ultimate-push-notifications' ), '<br/>' );
 		$content .= empty( $item->total_sent_fail_notifications ) ? 0 : $item->total_sent_fail_notifications;
 		return $content;
 	}
 
 	public function no_items() {
-		return _e( 'Sorry! You haven\'t Registered Any Device Yet!', 'ultimate-push-notifications' );
+		return _e( 'Sorry! No Registered Device Found!', 'ultimate-push-notifications' );
 	}
 
 	function get_views() {
 		$all_link     = admin_url( 'admin.php?page=' . $this->all_count_link );
-		$views['all'] = "<a href='{$all_link}' >All <span class='count'>({$this->total_post})</span></a>";
+		$views['all'] = sprintf( __( '%1$sAll%2$s', 'ultimate-push-notifications' ), "<a href='{$all_link}' >", "<span class='count'>({$this->total_post})</span></a>" );
 		return $views;
 	}
 
@@ -132,14 +134,14 @@ public function get_bulk_actions() {
 	 * @return type
 	 */
 	private function poulate_the_data() {
-		global $wpdb, $wapg_tables;
+		global $wpdb;
 		$search = '';
-		if ( isset( $_GET['s'] ) && ! empty( $skey = $_GET['s'] ) ) {
-			$search = " where c.find like '%{$skey}%'";
+		if ( isset( $_GET['s'] ) && ! empty( $skey = Util::check_evil_script( $_GET['s'] ) ) ) {
+			$search = " where c.token like '%{$skey}%' or c.total_sent_success_notifications like '%{$skey}%' or c.total_sent_fail_notifications like '%{$skey}%'";
 		}
 
-		if ( isset( $_GET['order'] ) ) {
-			$order = $_GET['order'];
+		if ( isset( $_GET['order'] ) && ! empty( $order = Util::check_evil_script( $_GET['order'] ) ) ) {
+			$order = $order;
 		} else {
 			$order = 'c.id DESC';
 		}
@@ -155,9 +157,9 @@ private function poulate_the_data() {
 		if ( true === $this->get_only_my_devices ) {
 			$current_user_id = Util::cs_current_user_id();
 			if ( empty( $search ) ) {
-				$search = " where user_id = {$current_user_id}";
+				$search = " where c.user_id = {$current_user_id}";
 			} else {
-				$search .= " and user_id = {$current_user_id}";
+				$search .= " and c.user_id = {$current_user_id}";
 			}
 		}
 
@@ -180,21 +182,21 @@ private function poulate_the_data() {
 	}
 
 	function process_bulk_action() {
-		global $wpdb, $wapg_tables;
+		global $wpdb;
 		  // security check!
-		if ( isset( $_GET['_wpnonce'] ) && ! empty( $_GET['_wpnonce'] ) ) {
+		if ( isset( $_GET['_wpnonce'] ) && ! empty( $_wpnonce = Util::check_evil_script( $_GET['_wpnonce'] ) ) ) {
 
 			$action = 'bulk-' . $this->_args['plural'];
 
-			if ( ! wp_verify_nonce( $_GET['_wpnonce'], $action ) ) {
-				wp_die( 'Nope! Security check failed!' );
+			if ( ! wp_verify_nonce( $_wpnonce, $action ) ) {
+				wp_die( __( 'Nope! Security check failed!', 'ultimate-push-notifications' ) );
 			}
 
 			$action = $this->current_action();
 
 			switch ( $action ) :
 				case 'delete':
-					$log_ids = $_GET['id'];
+					$log_ids = Util::check_evil_script( $_GET['id'] );
 					if ( $log_ids ) {
 						foreach ( $log_ids as $log ) {
 							$wpdb->delete( "{$wpdb->prefix}upn_user_devices", array( 'id' => $log ) );

core/admin/options/functions/SetNotifications.php

@@ -49,7 +49,7 @@ public function save( $user_query ) {
 				$wpdb->update(
 					"{$wpdb->prefix}upn_notifications",
 					array(
-						'notification_type' => maybe_serialize( $user_notifications ),
+						'notification_type' => \maybe_serialize( $user_notifications ),
 					),
 					array(
 						'id'      => $is_row_exists,
@@ -62,7 +62,7 @@ public function save( $user_query ) {
 					"{$wpdb->prefix}upn_notifications",
 					array(
 						'user_id'           => $get_current_user_id,
-						'notification_type' => maybe_serialize( $user_notifications ),
+						'notification_type' => \maybe_serialize( $user_notifications ),
 					)
 				);
 				$resMsg = 'saved';
@@ -93,7 +93,7 @@ public static function get_notification_type( $user_id = false ) {
 				)
 			);
 
-			return isset( $get_row->notification_type ) ? maybe_unserialize( $get_row->notification_type ) : '';
+			return isset( $get_row->notification_type ) ? \maybe_unserialize( $get_row->notification_type ) : '';
 		}
 
 		/**

core/admin/options/pages/AllRegisteredDevices.php

@@ -1,7 +1,7 @@
 <?php namespace UltimatePushNotifications\admin\options\pages;
 
 /**
- * Class: App Configuration
+ * Class: All Registered Devices List
  *
  * @package Options
  * @since 1.0.0
@@ -53,25 +53,30 @@ public function __construct( AdminPageBuilder $AdminPageGenerator ) {
 		public function generate_page( $args, $option ) {
 
 			$page = isset( $_GET['page'] ) ? Util::check_evil_script( $_GET['page'] ) : '';
-			if ( isset( $_GET['s'] ) && ! empty( $_GET['s'] ) ) {
-				$back_url     = Util::cs_generate_admin_url( $page );
-				$args['well'] = "<p class='search-keyword'>Search results for : '<b>" . $_GET['s'] . "</b>' </p> <a href='{$back_url}' class='button'><< Back to all</a> ";
+			if ( isset( $_GET['s'] ) && ! empty( $sfor = Util::cs_esc_html( $_GET['s'] ) ) ) {
+				$args['well'] = sprintf(
+					__( '%1$s Search results for : %2$s%3$s %4$s << Back to all%5$s', 'ultimate-push-notifications' ),
+					"<p class='search-keyword'>",
+					"<b> {$sfor} </b>",
+					'</p>',
+					'<a href="' . Util::cs_generate_admin_url( $page ) . '" class="button">',
+					'</a>'
+				);
 			}
 
-			ob_start();
+			\ob_start();
 			$adCodeList = new RegisteredDevicesList( 'cs-upn-all-registered-devices' );
 			$adCodeList->prepare_items();
 			echo '<form id="plugins-filter" method="get"><input type="hidden" name="page" value="' . $page . '" />';
 			$adCodeList->views();
-			$adCodeList->search_box( __( 'Search Coin', 'real-time-auto-find-and-replace' ), '' );
+			$adCodeList->search_box( __( 'Search', 'ultimate-push-notifications' ), '' );
 			$adCodeList->display();
 			echo '</form>';
 
-			$html = ob_get_clean();
+			$html = \ob_get_clean();
 
-			$args['content'] = $html;
-			$swal_title      = '....';
-			// $btn_txt              = '...';
+			$args['content']      = $html;
+			$swal_title           = '....';
 			$update_hidden_fields = array();
 
 			$hidden_fields = array_merge_recursive(