[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: Auth.php
<?php namespace WPForms\Integrations\ConstantContact\V3; use Exception; use RuntimeException; use WPForms\Integrations\ConstantContact\V3\Api\Api; /** * Class Auth. * * @since 1.9.3 */ class Auth { /** * Nonce. * * @since 1.9.3 */ const NONCE = 'wpforms-constant-contact-v3'; /** * Add hooks. * * @since 1.9.3 */ public function hooks() { add_action( 'wpforms_builder_enqueues', [ $this, 'enqueue_scripts' ] ); add_action( 'wpforms_settings_enqueue', [ $this, 'enqueue_scripts' ] ); add_action( 'wp_ajax_wpforms_constant_contact_popup_auth', [ $this, 'ajax_handle_auth' ] ); } /** * Load scripts. * * @since 1.9.3 */ public function enqueue_scripts() { $min = wpforms_get_min_suffix(); wp_enqueue_script( 'wpforms-constant-contact-v3-auth', WPFORMS_PLUGIN_URL . "assets/js/integrations/constant-contact-v3/auth{$min}.js", [ 'jquery' ], WPFORMS_VERSION, true ); wp_localize_script( 'wpforms-constant-contact-v3-auth', 'WPFormsConstantContactV3AuthVars', [ 'auth_url' => self::get_auth_url(), 'ajax_url' => admin_url( 'admin-ajax.php' ), 'page_url' => $this->get_page_url(), 'nonce' => wp_create_nonce( self::NONCE ), 'strings' => [ 'wait' => esc_html__( 'Please wait a moment...', 'wpforms-lite' ), 'error' => esc_html__( 'There was an error while processing your request. Please try again.', 'wpforms-lite' ), ], ] ); } /** * Handle Auth popup. * * @since 1.9.3 */ public function ajax_handle_auth() { try { if ( ! wpforms_current_user_can() ) { wp_send_json_error( esc_html__( 'You do not have permission to perform this action.', 'wpforms-lite' ) ); } $account = $this->create_account(); $this->validate_account( $account ); wpforms_update_providers_options( Core::SLUG, $account, $account['id'] ); wp_send_json_success( $account['id'] ); } catch ( Exception $e ) { wp_send_json_error( $e->getMessage() ); } } /** * Receive and validate access and refresh tokens. * * @since 1.9.3 * * @return array * * @throws RuntimeException Invalid code. */ private function get_code(): array { check_ajax_referer( self::NONCE, 'nonce' ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $response = json_decode( wp_unslash( $_POST['data'] ?? '' ), true ); $invalid_code_message = __( 'Invalid code.', 'wpforms-lite' ); if ( empty( $response ) || empty( $response['code'] ) ) { throw new RuntimeException( esc_html( $invalid_code_message ) ); } $code = json_decode( $response['code'], true ); if ( empty( $code['access_token'] ) ) { throw new RuntimeException( esc_html( $invalid_code_message ) ); } return $code; } /** * Validate account. * * @since 1.9.3 * * @param array $account Account data. * * @throws RuntimeException Invalid account. */ private function validate_account( array $account ) { if ( empty( $account['email'] ) ) { throw new RuntimeException( esc_html__( 'Invalid account.', 'wpforms-lite' ) ); } $accounts = wpforms_get_providers_options( Core::SLUG ); if ( empty( $accounts ) ) { return; } $emails = wp_list_pluck( $accounts, 'id', 'email' ); if ( isset( $emails[ $account['email'] ] ) && $emails[ $account['email'] ] !== $account['id'] ) { throw new RuntimeException( esc_html__( 'This email is already connected.', 'wpforms-lite' ) ); } } /** * Build an option array. * * @since 1.9.3 * * @return array * @noinspection NonSecureUniqidUsageInspection */ private function create_account(): array { $code = $this->get_code(); $time = time(); $account = [ 'id' => uniqid(), 'date' => $time, 'access_token' => $code['access_token'], 'refresh_token' => $code['refresh_token'] ?? '', 'expires_in' => $time + (int) ( $code['expires_in'] ?? 0 ), ]; $account_summary = ( new Api( $account ) )->get_account_summary(); $account['email'] = $account_summary['contact_email'] ?? ''; $account['label'] = $this->get_label( $account_summary ); /** * Filters the account data after it was created. * * @since 1.9.3 * * @param array $account Account data. */ return (array) apply_filters( 'wpforms_integrations_constant_contact_v3_auth_create_account_data', $account ); } /** * Get APP data needed for auth in the sing-up popup. * * @since 1.9.3 * * @return string */ public static function get_auth_url(): string { return add_query_arg( [ 'client_id' => ConstantContact::get_api_key(), 'scope' => 'offline_access account_read contact_data', 'redirect_uri' => add_query_arg( 'api-version', 'v3', ConstantContact::get_middleware_url() ), 'state' => 'WPForms-' . wp_rand( 1000, 9999 ), 'response_type' => 'code', 'prompt' => 'login', ], ConstantContact::SIGN_UP ); } /** * Get label. * * @since 1.9.3 * * @param array $account_summary Account summary. * * @return string */ private function get_label( array $account_summary ): string { $email_part = $account_summary['contact_email'] ?? ''; $org_part = $account_summary['organization_name'] ?? ''; if ( empty( $email_part ) && empty( $org_part ) ) { return ''; } if ( empty( $email_part ) ) { return $org_part; } if ( empty( $org_part ) ) { return $email_part; } return "$email_part / $org_part"; } /** * Get the URL to the providers' page with the focus on the CC v3 integration. * * @since 1.9.3 * * @return string */ private function get_page_url(): string { return add_query_arg( [ 'page' => 'wpforms-settings', 'view' => 'integrations', 'wpforms-integration' => Core::SLUG, ], admin_url( 'admin.php' ) ); } }
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: webm021.cluster127.gra.hosting.ovh.net
Server IP: 10.127.20.21
PHP Version: 8.4.22
Server Software: Apache
System: Linux webm021.cluster127.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
HDD Total: 14.32 GB
HDD Free: 8.45 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
Exists
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes
gcc:
No
pkexec:
No
git:
Yes
User Info
Username: vcomplcotr
User ID (UID): 38697
Group ID (GID): 100
Script Owner UID: 38697
Current Dir Owner: 38697