Project-Pro/wingedit.pl
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Jacek Pyziak
2026-03-11 15:57:27 +01:00
parent 481271c972
commit b4b460fd21
10775 changed files with 2071579 additions and 26409 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
wp-content/plugins/wp-all-import/helpers/functions.php
View File

@@ -327,10 +327,11 @@ if (!function_exists('wp_all_import_is_update_custom_field')) {
) {
return TRUE;
}
return FALSE;
}
}
if (!function_exists('wp_all_import_delete_missing_notice')) {
function wp_all_import_delete_missing_notice( $options ) {
@@ -482,3 +483,101 @@ if (!function_exists('wp_all_import_get_product_id_by_sku')) {
return (int) apply_filters( 'wp_all_import_get_product_id_by_sku', $id, $sku );
}
}
if (!function_exists('wp_all_import_supported_image_extensions')) {
function wp_all_import_supported_image_extensions() {
$types = ['svg']; //
$mime_types = get_allowed_mime_types();
if ( ! empty($mime_types) ) {
foreach ($mime_types as $ext => $mime_type) {
if (strpos($mime_type, 'image/') !== FALSE) {
$types[] = $ext;
}
}
}
return implode("|", apply_filters('pmxi_supported_image_extensions', $types));
}
}
if (!function_exists('pmxi_truncate_term_slug')) {
function pmxi_truncate_term_slug($string, $limit = 200) {
// Function to check if the string is URL-encoded.
$is_url_encoded = (urldecode($string) !== $string);
// Function to truncate URL-encoded strings.
if ($is_url_encoded) {
$decoded = rawurldecode($string);
$encoded_string = '';
$encoded_length = 0;
for ($i = 0; $i < mb_strlen($decoded); $i++) {
$char = mb_substr($decoded, $i, 1);
$encoded_char = rawurlencode($char);
$char_length = strlen($encoded_char);
if ($encoded_length + $char_length > $limit) {
break;
}
$encoded_string .= $encoded_char;
$encoded_length += $char_length;
}
return $encoded_string;
} else {
// Function to truncate regular strings.
if (mb_strlen($string) > $limit) {
return mb_substr($string, 0, $limit);
}
return $string;
}
}
}
if(!function_exists('pmxi_maybe_unserialize'))
{
function pmxi_maybe_unserialize($value)
{
if(is_serialized($value)){
$value = @unserialize(trim($value), ['allowed_classes' => false]);
}
return $value;
}
}
if (!function_exists('wp_all_import_get_allowed_zip_extensions')) {
/**
* Get allowed file extensions for zip extraction (whitelist approach)
* @return array
*/
function wp_all_import_get_allowed_zip_extensions() {
// Data file extensions
$data_extensions = array(
'xml', 'csv', 'txt', 'json', 'sql', 'dat', 'psv', 'tsv', 'xls', 'xlsx'
);
// Get image extensions from WordPress and plugin
$image_extensions = array();
if (function_exists('wp_all_import_supported_image_extensions')) {
$supported_image_extensions = wp_all_import_supported_image_extensions();
if ($supported_image_extensions) {
$image_extensions = explode('|', $supported_image_extensions);
}
}
// Additional common image extensions not covered by the function
$additional_image_extensions = array(
'jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp', 'avif', 'ico', 'tiff', 'tif'
);
// Merge all allowed extensions
$allowed_extensions = array_merge($data_extensions, $image_extensions, $additional_image_extensions);
// Remove duplicates and empty values
$allowed_extensions = array_filter(array_unique($allowed_extensions));
// Apply filter to allow customization
return apply_filters('wp_all_import_allowed_zip_extensions', $allowed_extensions);
}
}

363
wp-content/plugins/wp-all-import/helpers/get_file_curl.php
View File

@@ -1,183 +1,256 @@
<?php
if ( ! function_exists('get_file_curl') ):
if ( ! function_exists( 'get_file_curl' ) ):
function get_file_curl($url, $fullpath, $to_variable = false, $iteration = false) {
if ( ! preg_match('%^(http|ftp)s?://%i', $url) ) return false;
function get_file_curl( $url, $fullpath, $to_variable = false, $iteration = false ) {
if ( ! preg_match( '%^(http|ftp)s?://%i', $url ) || pmxi_is_private_ip( $url ) ) {
return false;
}
$response = wp_remote_get($url);
$response = wp_remote_get( $url, array(
'timeout' => apply_filters( 'pmxi_file_download_timeout', 15 ),
'headers' => array(
'User-Agent' => 'WP All Import (version:'.PMXI_VERSION.')',
),
) );
if ( ! is_wp_error($response) and ( ! isset($response['response']['code']) or isset($response['response']['code']) and ! in_array($response['response']['code'], array(401, 403, 404))) )
{
if ( ! is_wp_error( $response ) and ( ! isset( $response['response']['code'] ) or isset( $response['response']['code'] ) and ! in_array( $response['response']['code'], array(
401,
403,
404
) ) ) ) {
$rawdata = wp_remote_retrieve_body( $response );
if (empty($rawdata))
{
$result = pmxi_curl_download($url, $fullpath, $to_variable);
if ( ! $result and $iteration === false)
{
$new_url = wp_all_import_translate_uri($url);
return ($new_url !== $url) ? get_file_curl($new_url, $fullpath, $to_variable, true) : $result;
if ( empty( $rawdata ) ) {
$result = pmxi_curl_download( $url, $fullpath, $to_variable );
if ( ! $result and $iteration === false ) {
$new_url = wp_all_import_translate_uri( $url );
return ( $new_url !== $url ) ? get_file_curl( $new_url, $fullpath, $to_variable, true ) : $result;
}
return $result;
}else{
if(preg_match( '%\W(svg)$%i', basename( $fullpath ))){
$rawdata = wp_all_import_sanitize_svg($rawdata, false);
}
}
// Ensure we don't have a .php extension as it's often blocked on hosts in the uploads folder.
$fullpath = str_replace( '.php', '.tmp', $fullpath );
if ( ! @file_put_contents( $fullpath, $rawdata ) ) {
$fp = fopen( $fullpath, 'w' );
// Ensure the file is actually open before trying to write.
if ( false !== $fp ) {
fwrite( $fp, $rawdata );
fclose( $fp );
}
}
if ( preg_match( '%\W(svg)$%i', basename( $fullpath ) ) or preg_match( '%\W(' . wp_all_import_supported_image_extensions() . ')$%i', basename( $fullpath ) ) and ( ! ( $image_info = apply_filters( 'pmxi_getimagesize', @getimagesize( $fullpath ), $fullpath ) ) or ! in_array( $image_info[2], wp_all_import_supported_image_types() ) ) ) {
$result = pmxi_curl_download( $url, $fullpath, $to_variable );
if ( ! $result and $iteration === false ) {
$new_url = wp_all_import_translate_uri( $url );
return ( $new_url !== $url ) ? get_file_curl( $new_url, $fullpath, $to_variable, true ) : $result;
}
return $result;
}
if ( ! @file_put_contents($fullpath, $rawdata) )
{
$fp = fopen($fullpath,'w');
fwrite($fp, $rawdata);
fclose($fp);
}
return ( $to_variable ) ? $rawdata : true;
} else {
$use_only_wp_http_api = apply_filters( 'wp_all_import_use_only_wp_http_api', false );
if ( preg_match('%\W(svg)$%i', basename($fullpath)) or preg_match('%\W(jpg|jpeg|gif|png|webp)$%i', basename($fullpath)) and ( ! ($image_info = apply_filters('pmxi_getimagesize', @getimagesize($fullpath), $fullpath)) or ! in_array($image_info[2], wp_all_import_supported_image_types()) ) )
{
$result = pmxi_curl_download($url, $fullpath, $to_variable);
if ( ! $result and $iteration === false)
{
$new_url = wp_all_import_translate_uri($url);
return ($new_url !== $url) ? get_file_curl($new_url, $fullpath, $to_variable, true) : $result;
if ( false == $use_only_wp_http_api ) {
$curl = pmxi_curl_download( $url, $fullpath, $to_variable );
if ( $curl === false and $iteration === false ) {
$new_url = wp_all_import_translate_uri( $url );
return ( $new_url !== $url ) ? get_file_curl( $new_url, $fullpath, $to_variable, true ) : ( is_wp_error( $response ) ? $response : false );
}
return $result;
return ( $curl === false ) ? ( is_wp_error( $response ) ? $response : false ) : $curl;
}
return ($to_variable) ? $rawdata : true;
}
else
{
$use_only_wp_http_api = apply_filters('wp_all_import_use_only_wp_http_api', false);
if ( false == $use_only_wp_http_api ){
$curl = pmxi_curl_download($url, $fullpath, $to_variable);
if ($curl === false and $iteration === false)
{
$new_url = wp_all_import_translate_uri($url);
return ($new_url !== $url) ? get_file_curl($new_url, $fullpath, $to_variable, true) : ( is_wp_error($response) ? $response : false );
}
return ($curl === false) ? ( is_wp_error($response) ? $response : false ) : $curl;
}
return $response;
return $response;
}
}
endif;
if ( ! function_exists('pmxi_curl_download') ) {
if ( ! function_exists( 'pmxi_is_private_ip' ) ) {
function pmxi_is_private_ip( $url ) {
function pmxi_curl_download($url, $fullpath, $to_variable){
$url_components = parse_url( $url );
$host = $url_components['host'] ?? '';
$is_private_ip = false;
if ( ! function_exists('curl_version') ) return false;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$rawdata = curl_exec_follow($ch);
$result = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close ($ch);
if ( empty($rawdata) ) return false;
if (!@file_put_contents($fullpath, $rawdata)){
$fp = fopen($fullpath,'w');
fwrite($fp, $rawdata);
fclose($fp);
if ( empty( $host ) ) {
return false;
}
if ( preg_match('%\W(jpg|jpeg|gif|png|webp)$%i', basename($fullpath)) and ( ! ($image_info = apply_filters('pmxi_getimagesize', @getimagesize($fullpath), $fullpath)) or ! in_array($image_info[2], wp_all_import_supported_image_types()))) {
return false;
}
$resolved_ip = gethostbyname( $host );
$local_ip = gethostbyname( php_uname( 'n' ) );
return ($result == 200) ? (($to_variable) ? $rawdata : true) : false;
$private_ranges = [
'10.0.0.0|10.255.255.255',
'172.16.0.0|172.31.255.255',
'192.168.0.0|192.168.255.255',
'169.254.0.0|169.254.255.255', // link-local
'127.0.0.0|127.255.255.255', // loopback
];
$long_ip = ip2long( $resolved_ip );
foreach ( $private_ranges as $range ) {
list( $start, $end ) = explode( '|', $range );
if ( $long_ip >= ip2long( $start ) && $long_ip <= ip2long( $end ) ) {
$is_private_ip = true;
}
}
if ( $resolved_ip !== $local_ip && filter_var( $resolved_ip, FILTER_VALIDATE_IP ) && $is_private_ip ) {
return ! apply_filters( 'http_request_host_is_external', false, $host, $url );
}
return false;
}
}
if ( ! function_exists('curl_exec_follow') ):
if ( ! function_exists( 'pmxi_curl_download' ) ) {
function curl_exec_follow($ch, &$maxredirect = null) {
$mr = $maxredirect === null ? 5 : intval($maxredirect);
function pmxi_curl_download( $url, $fullpath, $to_variable ) {
if ( ! function_exists( 'curl_version' ) ) {
return false;
}
if (ini_get('open_basedir') == '' && ini_get('safe_mode' == 'Off')) {
if ( pmxi_is_private_ip( $url ) ) {
return false;
}
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, $mr > 0);
curl_setopt($ch, CURLOPT_MAXREDIRS, $mr);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$ch = curl_init( $url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, true );
curl_setopt( $ch, CURLOPT_HEADER, true );
curl_setopt( $ch, CURLOPT_NOBODY, true );
curl_setopt( $ch, CURLOPT_TIMEOUT, apply_filters( 'pmxi_file_download_timeout', 15 ));
} else {
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
$header = curl_exec( $ch );
$finalUrl = curl_getinfo( $ch, CURLINFO_EFFECTIVE_URL );
curl_close( $ch );
if ($mr > 0)
{
$original_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
$newurl = $original_url;
$url_data = parse_url($newurl);
if ( pmxi_is_private_ip( $finalUrl ) ) {
return false;
}
if (!empty($url_data['user']) and !empty($url_data['pass'])){
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY );
curl_setopt($ch, CURLOPT_USERPWD, $url_data['user']. ":" . $url_data['pass']);
$newurl = $url_data['scheme'] . '://' . $url_data['host'];
if (!empty($url_data['port'])){
$newurl .= ':' . $url_data['port'];
}
$newurl .= $url_data['path'];
if (!empty($url_data['query']))
{
$newurl .= '?' . $url_data['query'];
}
}
$ch = curl_init( $finalUrl );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
$rawdata = curl_exec( $ch );
$result = curl_getinfo( $ch, CURLINFO_HTTP_CODE );
curl_close( $ch );
$rch = curl_copy_handle($ch);
curl_setopt($rch, CURLOPT_HEADER, true);
curl_setopt($rch, CURLOPT_NOBODY, true);
curl_setopt($rch, CURLOPT_FORBID_REUSE, false);
if ( empty( $rawdata ) ) {
return false;
}
do
{
curl_setopt($rch, CURLOPT_URL, $newurl);
$header = curl_exec($rch);
if (curl_errno($rch)) {
$code = 0;
} else {
$code = curl_getinfo($rch, CURLINFO_HTTP_CODE);
if ($code == 301 || $code == 302) {
preg_match('/Location:(.*?)\n/', $header, $matches);
$newurl = trim(array_pop($matches));
// if no scheme is present then the new url is a
// relative path and thus needs some extra care
if(!preg_match("/^https?:/i", $newurl)){
$newurl = $original_url . $newurl;
}
} else {
$code = 0;
}
}
} while ($code && --$mr);
curl_close($rch);
if (!$mr)
{
if ($maxredirect !== null)
$maxredirect = 0;
return false;
}
curl_setopt($ch, CURLOPT_URL, $newurl);
}
}
return curl_exec($ch);
if(preg_match( '%\W(svg)$%i', basename( $fullpath ))){
$rawdata = wp_all_import_sanitize_svg($rawdata, false);
}
$fp = fopen( $fullpath, 'w' );
if ( false !== $fp ) {
fwrite( $fp, $rawdata );
fclose( $fp );
}
if ( preg_match( '%\\.(' . wp_all_import_supported_image_extensions() . ')$%i', basename( $fullpath ) ) && ( ! ( $image_info = apply_filters( 'pmxi_getimagesize', @getimagesize( $fullpath ), $fullpath ) ) || ! in_array( $image_info[2], wp_all_import_supported_image_types() ) ) ) {
return false;
}
return ( $result == 200 ) ? ( ( $to_variable ) ? $rawdata : true ) : false;
}
}
if ( ! function_exists( 'curl_exec_follow' ) ):
function curl_exec_follow( $ch, &$maxredirect = null ) {
$mr = $maxredirect === null ? 5 : intval( $maxredirect );
if ( ini_get( 'open_basedir' ) == '' && ini_get( 'safe_mode' == 'Off' ) ) {
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, $mr > 0 );
curl_setopt( $ch, CURLOPT_MAXREDIRS, $mr );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
} else {
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, false );
if ( $mr > 0 ) {
$original_url = curl_getinfo( $ch, CURLINFO_EFFECTIVE_URL );
$newurl = $original_url;
$url_data = parse_url( $newurl );
if ( ! empty( $url_data['user'] ) and ! empty( $url_data['pass'] ) ) {
curl_setopt( $ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY );
curl_setopt( $ch, CURLOPT_USERPWD, $url_data['user'] . ":" . $url_data['pass'] );
$newurl = $url_data['scheme'] . '://' . $url_data['host'];
if ( ! empty( $url_data['port'] ) ) {
$newurl .= ':' . $url_data['port'];
}
$newurl .= $url_data['path'];
if ( ! empty( $url_data['query'] ) ) {
$newurl .= '?' . $url_data['query'];
}
}
$rch = curl_copy_handle( $ch );
curl_setopt( $rch, CURLOPT_HEADER, true );
curl_setopt( $rch, CURLOPT_NOBODY, true );
curl_setopt( $rch, CURLOPT_FORBID_REUSE, false );
do {
curl_setopt( $rch, CURLOPT_URL, $newurl );
$header = curl_exec( $rch );
if ( curl_errno( $rch ) ) {
$code = 0;
} else {
$code = curl_getinfo( $rch, CURLINFO_HTTP_CODE );
if ( $code == 301 || $code == 302 ) {
preg_match( '/Location:(.*?)\n/', $header, $matches );
$newurl = trim( array_pop( $matches ) );
// if no scheme is present then the new url is a
// relative path and thus needs some extra care
if ( ! preg_match( "/^https?:/i", $newurl ) ) {
$newurl = $original_url . $newurl;
}
} else {
$code = 0;
}
}
} while ( $code && -- $mr );
curl_close( $rch );
if ( ! $mr ) {
if ( $maxredirect !== null ) {
$maxredirect = 0;
}
return false;
}
curl_setopt( $ch, CURLOPT_URL, $newurl );
}
}
return curl_exec( $ch );
}
endif;

12
wp-content/plugins/wp-all-import/helpers/wp_all_import_custom_type.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
if ( ! function_exists( 'wp_all_import_custom_type' ) ) {
function wp_all_import_custom_type( $type = '' ) {
$custom_types = apply_filters( 'pmxi_custom_types', [], 'custom_types' );
if (isset($custom_types[$type])) {
return $custom_types[$type];
}
return get_post_type_object( $type );
}
}

4
wp-content/plugins/wp-all-import/helpers/wp_all_import_get_import_post_type.php
View File

@@ -17,12 +17,12 @@ if ( ! function_exists( 'wp_all_import_get_import_post_type' ) ) {
// If this is an existing import load the custom post type from the array
if ( ! empty($import_options) ) {
$import_options_arr = unserialize($import_options['options']);
$import_options_arr = \pmxi_maybe_unserialize($import_options['options']);
$custom_type = $import_options_arr['custom_type'];
} else {
// If this is a new import get the custom post type data from the current session
$import_options = $wpdb->get_row( $wpdb->prepare("SELECT option_name, option_value FROM $wpdb->options WHERE option_name = %s", '_wpallimport_session_' . $import_id . '_'), ARRAY_A );
$import_options_arr = empty($import_options) ? array() : unserialize($import_options['option_value']);
$import_options_arr = empty($import_options) ? array() : \pmxi_maybe_unserialize($import_options['option_value']);
$custom_type = empty($import_options_arr['custom_type']) ? '' : $import_options_arr['custom_type'];
}
return $custom_type;

8
wp-content/plugins/wp-all-import/helpers/wp_all_import_is_title_required.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
function wp_all_import_is_title_required( $custom_type ) {
$types_title_not_required = array('shop_order', 'import_users', 'shop_customer', 'comments', 'woo_reviews');
$supports_title = !in_array($custom_type, $types_title_not_required);
return apply_filters('pmxi_types_current_type_supports_title', $supports_title, $custom_type);
}

19
wp-content/plugins/wp-all-import/helpers/wp_all_import_sanitize_svg.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
if(!function_exists('wp_all_import_sanitize_svg')) {
function wp_all_import_sanitize_svg( $svg, $is_file_path = true ) {
$sanitizer = new \enshrined\svgSanitize\Sanitizer();
if ( $is_file_path ) {
$svgContents = file_get_contents( $svg );
$sanitizedSvg = $sanitizer->sanitize( $svgContents );
if ( $sanitizedSvg ) {
file_put_contents( $svg, $sanitizedSvg );
}
}else{
$svg = $sanitizer->sanitize( $svg );
}
return $svg;
}
}

6
wp-content/plugins/wp-all-import/helpers/wp_all_import_template_notifications.php
View File

@@ -20,18 +20,18 @@ if ( ! function_exists('wp_all_import_template_notifications') )
if ( $post['custom_type'] == 'import_users' && ! class_exists('PMUI_Plugin') )
{
$notifications[] = __('The import template you are using requires the User Add-On. If you continue without it your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=2707221&edd_options%5Bprice_id%5D=1&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-users-template" target="_blank">Purchase the User Add-On</a>.', 'wp_all_import_plugin');
$notifications[] = __('The import template you are using requires the User Add-On. If you continue without it your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=5839963&edd_options%5Bprice_id%5D=1&discount=welcome-upgrade-169&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-users-template" target="_blank">Purchase the User Add-On</a>.', 'wp_all_import_plugin');
}
if ( $post['custom_type'] == 'shop_customer' && ! class_exists('PMUI_Plugin') )
{
$notifications[] = __('The import template you are using requires the User Add-On. If you continue without having this add-on active, your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=2707221&edd_options%5Bprice_id%5D=1&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-users-template" target="_blank">Purchase the User Add-On</a>.', 'wp_all_import_plugin');
$notifications[] = __('The import template you are using requires the User Add-On. If you continue without having this add-on active, your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=5839963&edd_options%5Bprice_id%5D=1&discount=welcome-upgrade-169&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-users-template" target="_blank">Purchase the User Add-On</a>.', 'wp_all_import_plugin');
}
elseif ( $post['custom_type'] == 'product' && ! class_exists('PMWI_Plugin') && class_exists( 'Woocommerce' ))
{
$notifications[] = __('The import template you are using requires the WooCommerce Add-On. If you continue without it your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=2707227&edd_options%5Bprice_id%5D=1&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-wooco-template" target="_blank">Purchase the WooCommerce Add-On</a>.', 'wp_all_import_plugin');
$notifications[] = __('The import template you are using requires the WooCommerce Add-On. If you continue without it your data may import incorrectly.<br/><br/><a href="https://www.wpallimport.com/checkout/?edd_action=add_to_cart&download_id=5839961&edd_options%5Bprice_id%5D=1&discount=welcome-upgrade-169&utm_source=import-plugin-free&utm_medium=upgrade-notice&utm_campaign=import-wooco-template" target="_blank">Purchase the WooCommerce Add-On</a>.', 'wp_all_import_plugin');
}
// Realia Add-On
elseif ( ! empty($post['realia_addon']) and ! is_plugin_active('realia-xml-csv-property-listings-import/realia-add-on.php') )