many for the stored ids (some notifications are triggered by more than one event id - this array is used to represent the relations)
*
* @var array
*
* @since 5.2.1
*/
public static $additional_events_to_store = array(
4005 => array(
4006,
),
4000 => array(
4001,
4012,
),
2002 => array(
2016,
2017,
2019,
2021,
2025,
2027,
2047,
2048,
2049,
2050,
2053,
2054,
2055,
2062,
2086,
2119,
2120,
2131,
2132,
),
7000 => array(
7001,
7002,
7003,
7004,
7005,
),
9000 => array(
9001,
9003,
9004,
9005,
9006,
9008,
9009,
9010,
9011,
9012,
9013,
9014,
9015,
9072,
9073,
9077,
9007,
9016,
9017,
9018,
9019,
9020,
9021,
9022,
9023,
9024,
9025,
9026,
9042,
9043,
9044,
9045,
9046,
9047,
9048,
9049,
9050,
9051,
),
9027 => array(
9028,
9029,
9030,
9031,
9032,
9033,
9034,
9074,
9075,
9076,
9159,
),
9063 => array(
9064,
9065,
9066,
9067,
9068,
9069,
9070,
9071,
),
9035 => array(
9036,
9037,
9038,
9039,
9040,
9041,
),
);
/**
* Initialize the report class
*
* @return void
*
* @since 5.1.1
*/
public static function init() {
if ( \is_admin() ) {
\add_action( 'wsal_init', array( __CLASS__, 'wsal_init' ), 20 );
Settings_Builder::init();
/**
* Save Options
*/
\add_action( 'wp_ajax_notifications_data_save', array( __CLASS__, 'save_settings_ajax' ) );
\add_action( 'wp_ajax_send_daily_summary_now', array( __CLASS__, 'send_daily_summary' ) );
// AJAX test email part.
\add_action( 'wp_ajax_wsal_send_notifications_test_email', array( Notification_Helper::class, 'send_test_email' ) );
}
$current_settings = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
/** Set defaults */
if ( empty( $current_settings ) ) {
self::build_in_check_and_save( array( 'notification_weekly_summary_notification' => true ), true );
}
}
/**
* Hooks on the main plugin init process
*
* @return void
*
* @since 5.1.1
*/
public static function wsal_init() {
View_Manager::add_from_class( __CLASS__ );
}
/**
* Registers alert formatters for SMS and email notifications.
*
* @param array $formatters Formatter definitions array.
*
* @return array
*
* @since 5.3.0
*/
public static function register_alert_formatters( $formatters ) {
$formatters['sms'] = Alert_Formatter_Configuration::get_default_configuration();
$formatters['email'] = Alert_Formatter_Configuration::set_configuration(
array(
'is_js_in_links_allowed' => false,
'set_supports_metadata' => false,
'set_supports_hyperlinks' => false,
),
true
);
$formatters['slack'] = Alert_Formatter_Configuration::get_default_slack_configuration();
return $formatters;
}
/**
* Override this and make it return true to create a shortcut link in plugin page to the view.
*
* @return boolean
*
* @since 5.1.1
*/
public static function has_plugin_shortcut_link() {
return false;
}
/**
* Stores the view weight (where is should be positioned in the menu).
*
* @since 5.1.1
*/
public static function get_weight() {
return 3;
}
/**
* Method: Whether page should be accessible or not.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_accessible() {
return true;
}
/**
* Method: Safe view menu name.
*
* @return string
*
* @since 5.1.1
*/
public static function get_safe_view_name() {
return 'wsal-notifications';
}
/**
* Returns the view name
*
* @since 5.1.1
*/
public static function get_title() {
return \esc_html__( 'Notifications', 'wp-security-audit-log' );
}
/**
* Returns the view name
*
* @since 5.1.1
*/
public static function get_name() {
return \esc_html__( 'Notifications', 'wp-security-audit-log' );
}
/**
* Method: Whether page should appear in menu or not.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_visible() {
return true;
}
/**
* Sets the hook suffix
*
* @param string $suffix - The hook suffix.
*
* @return void
*
* @since 5.1.1
*/
public static function set_hook_suffix( $suffix ) {
self::$hook_suffix = $suffix;
}
/**
* Returns the hook suffix
*
* @return string
*
* @since 5.1.1
*/
public static function get_hook_suffix() {
return self::$hook_suffix;
}
/**
* Draws the header
*
* @since 5.1.1
*/
public static function header() {
$dependencies = array(
'jquery',
'jquery-ui-sortable',
'jquery-ui-draggable',
'wp-color-picker',
'jquery-ui-autocomplete',
'wp-i18n',
);
\wp_enqueue_script(
'wsal-notifications-admin-scripts',
WSAL_BASE_URL . 'classes/Helpers/settings/admin/wsal-notification-settings.js',
$dependencies,
WSAL_VERSION,
false
);
\wp_set_script_translations( 'wsal-notifications-admin-scripts', 'wp-security-audit-log', WSAL_BASE_DIR . 'languages' );
\wp_enqueue_style(
'wsal-notifications-admin-style',
WSAL_BASE_URL . 'classes/Helpers/settings/admin/style.css',
array(),
WSAL_VERSION,
'all'
);
// phpcs:disable
// phpcs:enable
}
/**
* Draws the footer
*
* @since 5.1.1
*/
public static function footer() {
}
/**
* Renders the view icon (this has been deprecated in newer WP versions).
*
* @since 5.1.1
*/
public static function render_icon() {
?>
' . esc_html( self::get_title() ) . '';
}
/**
* Method: Render content of the view.
*
* @since 5.1.1
*/
public static function render_content() {
self::content_show();
}
/**
* Shows the view of the selected options
*
* @return void
*
* @since 5.1.1
*/
public static function content_show() {
\wp_enqueue_media();
$settings_tabs = array(
'notifications-highlights' => array(
'icon' => 'email-alt',
'title' => \esc_html__( 'Activity log highlights', 'wp-security-audit-log' ),
),
);
// phpcs:disable
// phpcs:enable
if ( ! WP_Helper::is_multisite() ) {
unset( $settings_tabs['multisite-notifications'] );
}
if ( ! Woocommerce_Helper::is_woocommerce_active() ) {
unset( $settings_tabs['woocommerce-notifications'] );
}
?>
';
} else {
unset( $settings_tabs['custom-notification-edit'] );
}
} else {
unset( $settings_tabs['custom-notification-edit'] );
}
if ( empty( $custom_notification_id_hidden_field ) ) {
foreach ( $settings_tabs as $tab => $settings ) {
$icon = $settings['icon'];
$title = $settings['title'];
$style = $settings['style'] ?? '';
?>
-
' . \esc_html__( 'Back', 'wp-security-audit-log' ) . '';
?>
$return_value['redirect'] ) );
exit;
}
}
\wp_send_json_success( 2 );
}
}
/**
* Ajax handler for test summary button.
*
* @since 5.1.1
*/
public static function send_daily_summary() {
if ( ! \current_user_can( 'manage_options' ) ) {
\wp_die(
\esc_html__(
'You do not have sufficient permissions to access this page.',
'wp-security-audit-log'
)
);
}
if ( isset( $_REQUEST['_wpnonce'] ) ) {
$nonce_check = \wp_verify_nonce( \sanitize_text_field( \wp_unslash( $_REQUEST['_wpnonce'] ) ), self::BUILT_IN_SEND_NOW_NONCE_NAME );
if ( ! $nonce_check ) {
\wp_send_json_error( new \WP_Error( 500, \esc_html__( 'Nonce checking failed', 'wp-security-audit-log' ) ), 400 );
}
} else {
\wp_send_json_error( new \WP_Error( 500, \esc_html__( 'Nonce is not provided', 'wp-security-audit-log' ) ), 400 );
}
$report = Notification_Helper::get_report( true );
if ( ! $report ) {
\wp_send_json_error( __( 'Daily report is empty', 'wp-security-audit-log' ) );
}
// Summary email address.
$summary_emails = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
$email_from = 'daily_email_address';
if ( isset( $_REQUEST['weekly'] ) && 1 === (int) $_REQUEST['weekly'] ) {
$email_from = 'weekly_email_address';
}
if ( isset( $summary_emails[ $email_from ] ) ) {
$summary_emails = $summary_emails[ $email_from ];
}
$summary_emails = explode( ',', $summary_emails );
$result = false;
if ( $summary_emails && isset( $report['subject'] ) && isset( $report['body'] ) ) {
foreach ( $summary_emails as $email ) {
$result = Notification_Helper::send_notification_email( $email, $report['subject'], $report['body'] );
}
}
if ( $result ) {
\wp_send_json_success();
} else {
\wp_send_json_error( __( 'The plugin failed to send the email. Is your email set up correctly? Please consult with your website administrator or contact us to assist you with the troubleshooting.', 'wp-security-audit-log' ) );
}
exit();
}
/**
* Daily Cron report sending.
*
* @since 5.3.0
*/
public static function send_daily_summary_cron() {
$report = Notification_Helper::get_report( false );
if ( ! $report ) {
return;
}
// Summary email address.
$summary_emails = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
if ( isset( $summary_emails['daily_email_address'] ) ) {
$summary_emails = $summary_emails['daily_email_address'];
}
$summary_emails = explode( ',', $summary_emails );
if ( empty( $summary_emails ) ) {
return;
}
if ( $summary_emails && isset( $report['subject'] ) && isset( $report['body'] ) ) {
foreach ( $summary_emails as $email ) {
Notification_Helper::send_notification_email( $email, $report['subject'], $report['body'] );
}
}
}
/**
* Weekly Cron report sending.
*
* @since 5.3.0
*/
public static function send_weekly_summary_cron() {
$report = Notification_Helper::get_report( false, true );
if ( ! $report ) {
return;
}
// Summary email address.
$summary_emails = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
if ( isset( $summary_emails['weekly_email_address'] ) ) {
$summary_emails = $summary_emails['weekly_email_address'];
}
$summary_emails = explode( ',', $summary_emails );
if ( empty( $summary_emails ) ) {
return;
}
if ( $summary_emails && isset( $report['subject'] ) && isset( $report['body'] ) ) {
foreach ( $summary_emails as $email ) {
Notification_Helper::send_notification_email( $email, $report['subject'], $report['body'] );
}
}
}
/**
* Checks if default email address is set in the notifications settings.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_default_mail_set(): bool {
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_email_address'] ) && ! empty( $settings['notification_default_email_address'] ) ) {
return true;
}
return false;
}
/**
* Returns the default email address from the notifications settings.
*
* @return string
*
* @since 5.1.1
*/
public static function get_default_mail(): string {
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_email_address'] ) && ! empty( $settings['notification_default_email_address'] ) ) {
return $settings['notification_default_email_address'];
}
return '';
}
/**
* Checks if default phone number is set in the notifications settings.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_default_twilio_set(): bool {
if ( null === self::$twilio_is_set ) {
self::$twilio_is_set = false;
if ( ! Twilio::is_set() ) {
return false;
}
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_phone'] ) && ! empty( $settings['notification_default_phone'] ) ) {
self::$twilio_is_set = true;
return true;
}
}
return self::$twilio_is_set;
}
/**
* Returns the default phone number from the notifications settings.
*
* @return string
*
* @since 5.1.1
*/
public static function get_default_twilio(): string {
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_phone'] ) && ! empty( $settings['notification_default_phone'] ) ) {
return $settings['notification_default_phone'];
}
return '';
}
/**
* Checks if default phone number is set in the notifications settings.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_default_slack_set(): bool {
if ( null === self::$slack_is_set ) {
self::$slack_is_set = false;
if ( ! Slack::is_set() ) {
return false;
}
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_slack_channel'] ) && ! empty( $settings['notification_default_slack_channel'] ) ) {
self::$slack_is_set = true;
return true;
}
}
return self::$slack_is_set;
}
/**
* Returns the default phone number from the notifications settings.
*
* @return string
*
* @since 5.1.1
*/
public static function get_default_slack(): string {
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['notification_default_slack_channel'] ) && ! empty( $settings['notification_default_slack_channel'] ) ) {
return $settings['notification_default_slack_channel'];
}
return '';
}
/**
* Checks if url shortening is enabled in the notifications settings.
*
* @return boolean
*
* @since 5.1.1
*/
public static function is_url_shortner_enabled(): bool {
$settings = self::get_global_notifications_setting();
if ( ! empty( $settings ) && isset( $settings['shorten_notification_urls'] ) && true === (bool) $settings['shorten_notification_urls'] ) {
return true;
}
return \false;
}
/**
* There is a bug (not clear where exactly) which stores serialized PHP data with newlines, which later on after some (unknown variable) unserialization, causes issues probably due to fact that the newline symbol is changed - not 100% sure what is causing it, but I am getting it randomly now and then.
* Thats the reason for that method existance - when there is a need to get the global notifications settings, use this and not direct call.
*
* Basically - the template bodies are json encoded during storing and they need to be decoded before use.
*
* @return array
*
* @since 5.2.0
* @since 5.6.2 - Decrypt encrypted credentials on read, trigger lazy migration for plaintext values.
*/
public static function get_global_notifications_setting(): array {
if ( null === self::$global_notifications_setting ) {
self::$global_notifications_setting = Settings_Helper::get_option_value(
self::NOTIFICATIONS_SETTINGS_NAME,
array()
);
if ( isset( self::$global_notifications_setting['email_notifications_body'] ) ) {
self::$global_notifications_setting['email_notifications_body'] = json_decode( self::$global_notifications_setting['email_notifications_body'] );
}
if ( isset( self::$global_notifications_setting['sms_notifications_body'] ) ) {
self::$global_notifications_setting['sms_notifications_body'] = json_decode( self::$global_notifications_setting['sms_notifications_body'] );
}
if ( isset( self::$global_notifications_setting['slack_notifications_body'] ) ) {
self::$global_notifications_setting['slack_notifications_body'] = json_decode( self::$global_notifications_setting['slack_notifications_body'] );
}
$decryption_result = Credential_Settings_Helper::decrypt_credentials( self::$global_notifications_setting );
self::$global_notifications_setting = $decryption_result['settings'];
$needs_migration = $decryption_result['needs_migration'];
if ( $needs_migration ) {
$migrated_settings = Credential_Settings_Helper::migrate_plaintext_credentials( self::$global_notifications_setting );
Settings_Helper::set_option_value( self::NOTIFICATIONS_SETTINGS_NAME, $migrated_settings );
}
}
return self::$global_notifications_setting;
}
/**
* Saves the global notifications settings. Check the comment on the method above for more details.
*
* @param array $settings - The array with all the settings to be saved.
*
* @return void
*
* @since 5.2.0
* @since 5.6.2 - Encrypt credential values before writing to DB, reset static cache.
*/
public static function set_global_notifications_setting( array $settings ) {
if ( isset( $settings['email_notifications_body'] ) ) {
$settings['email_notifications_body'] = json_encode( $settings['email_notifications_body'] );
}
if ( isset( $settings['sms_notifications_body'] ) ) {
$settings['sms_notifications_body'] = json_encode( $settings['sms_notifications_body'] );
}
if ( isset( $settings['slack_notifications_body'] ) ) {
$settings['slack_notifications_body'] = json_encode( $settings['slack_notifications_body'] );
}
/**
* Ensure all credential values are encrypted before writing to the DB.
* Callers may pass decrypted plaintext (e.g. from the static cache),
* so any value that is not already encrypted is treated as plaintext.
*/
$settings = Credential_Settings_Helper::encrypt_credentials( $settings );
Settings_Helper::set_option_value(
self::NOTIFICATIONS_SETTINGS_NAME,
$settings
);
self::$global_notifications_setting = null;
}
/**
* Migrate legacy plaintext credentials to encrypted storage.
*
* Returns the notification titles used in the notifications UI
*
* @return array
*
* @since 5.2.1
*/
public static function get_notification_titles(): array {
return array(
// Suspicious activity Notifications.
1002 => \esc_html__( 'Failed login for WordPress users', 'wp-security-audit-log' ),
1003 => \esc_html__( 'Failed login for non existing WordPress users', 'wp-security-audit-log' ),
// Plugin Changes Notifications.
6004 => \esc_html__( 'WordPress was updated', 'wp-security-audit-log' ),
// Plugin Changes Notifications.
5000 => \esc_html__( 'New plugin is installed', 'wp-security-audit-log' ),
5001 => \esc_html__( 'Installed plugin is activated', 'wp-security-audit-log' ),
2051 => \esc_html__( 'Plugin file is modified', 'wp-security-audit-log' ),
5002 => \esc_html__( 'Installed plugin is deactivated', 'wp-security-audit-log' ),
5003 => \esc_html__( 'A plugin is uninstalled', 'wp-security-audit-log' ),
5004 => \esc_html__( 'Installed plugin is upgraded', 'wp-security-audit-log' ),
// Theme Changes Notifications.
5005 => \esc_html__( 'New theme is installed', 'wp-security-audit-log' ),
5006 => \esc_html__( 'Installed theme is activated', 'wp-security-audit-log' ),
2046 => \esc_html__( 'Theme file is modified', 'wp-security-audit-log' ),
5007 => \esc_html__( 'A theme is uninstalled', 'wp-security-audit-log' ),
5031 => \esc_html__( 'Installed theme is updated', 'wp-security-audit-log' ),
// User Activity.
1000 => \esc_html__( 'User logs in', 'wp-security-audit-log' ),
4003 => \esc_html__( 'User changed password', 'wp-security-audit-log' ),
// User profile Changes.
4005 => \esc_html__( 'User changed email address', 'wp-security-audit-log' ),
4002 => \esc_html__( 'User\'s role has changed', 'wp-security-audit-log' ),
4004 => \esc_html__( 'User changed the password of another user', 'wp-security-audit-log' ),
4000 => \esc_html__( 'New user is created', 'wp-security-audit-log' ),
// Content Changes.
2001 => \esc_html__( 'New content is published', 'wp-security-audit-log' ),
2065 => \esc_html__( 'Content in a post, page or custom post type is changed', 'wp-security-audit-log' ),
2008 => \esc_html__( 'Post is permanently deleted from the trash', 'wp-security-audit-log' ),
2012 => \esc_html__( 'Post is moved to the trash', 'wp-security-audit-log' ),
2002 => \esc_html__( 'Anything but content in a post is changed', 'wp-security-audit-log' ),
// Multisite.
4008 => \esc_html__( 'User granted super admin', 'wp-security-audit-log' ),
4009 => \esc_html__( 'User revoked super admin', 'wp-security-audit-log' ),
4010 => \esc_html__( 'User added to site', 'wp-security-audit-log' ),
4011 => \esc_html__( 'User removed from site', 'wp-security-audit-log' ),
7000 => \esc_html__( 'Site changes', 'wp-security-audit-log' ),
5008 => \esc_html__( 'Activated theme on network', 'wp-security-audit-log' ),
5009 => \esc_html__( 'Deactivated theme from network', 'wp-security-audit-log' ),
// Woo.
9000 => \esc_html__( 'Any product change', 'wp-security-audit-log' ),
9027 => \esc_html__( 'Any store settings change', 'wp-security-audit-log' ),
9063 => \esc_html__( 'Any coupon code changes', 'wp-security-audit-log' ),
9035 => \esc_html__( 'Any orders changes', 'wp-security-audit-log' ),
// Severities.
500 => \esc_html__( 'Critical event is generated', 'wp-security-audit-log' ),
);
// \esc_html__( 'Published content is modified', 'wp-security-audit-log' )
// \esc_html__( 'Content is published', 'wp-security-audit-log' )
// \esc_html__( 'First time user logs in', 'wp-security-audit-log' )
// \esc_html__( 'Critical Alert is Generated', 'wp-security-audit-log' )
}
/**
* Checks and validates the data for the built-in notifications.
*
* @param array $post_array - The array with all the data provided.
* @param bool $first_time - Set defaults.
*
* @return void
*
* @since 5.1.1
*
* @since 5.6.0 - Added suppression of event triggers during first-time initialization.
*/
private static function build_in_check_and_save( array $post_array, bool $first_time = false ) {
if ( ! \current_user_can( 'manage_options' ) ) {
if ( ! $first_time ) {
\wp_die( \esc_html__( 'You do not have sufficient permissions to access this page.', 'wp-security-audit-log' ) );
}
}
/**
* Suppress events on first time activation and upon settings reset via the plugin's options.
*/
$suppress_events_on_first_time_activation = false;
if ( $first_time ) {
$suppress_events_on_first_time_activation = true;
}
$report_options = array();
$no_defaults = false;
if ( ! self::is_default_mail_set() && ! self::is_default_twilio_set() && ! self::is_default_slack_set() ) {
$no_defaults = true;
}
$current_settings = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
$report_options['daily_summary_notification'] = ( ( isset( $post_array['notification_daily_summary_notification'] ) ) ? filter_var( $post_array['notification_daily_summary_notification'], FILTER_VALIDATE_BOOLEAN ) : false );
$current_daily_summary_notification = isset( $current_settings['daily_summary_notification'] ) ? $current_settings['daily_summary_notification'] : '';
if ( ! $suppress_events_on_first_time_activation && $current_daily_summary_notification !== $report_options['daily_summary_notification'] ) {
Alert_Manager::trigger_event(
6310,
array(
'EventType' => ( $report_options['daily_summary_notification'] ) ? 'enabled' : 'disabled',
)
);
}
$report_options['daily_email_address'] = ( ( isset( $post_array['notification_daily_email_address'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['notification_daily_email_address'] ) ) : Email_Helper::get_default_email_to() );
$current_daily_mail_address = isset( $current_settings['daily_email_address'] ) ? $current_settings['daily_email_address'] : '';
if ( ! $suppress_events_on_first_time_activation && $report_options['daily_email_address'] !== $current_daily_mail_address ) {
Alert_Manager::trigger_event(
6311,
array(
'EventType' => 'modified',
'recipient' => $report_options['daily_email_address'],
'previous_recipient' => $current_daily_mail_address,
)
);
}
$report_options['daily_send_empty_summary_emails'] = ( ( isset( $post_array['notification_daily_send_empty_summary_emails'] ) ) ? filter_var( $post_array['notification_daily_send_empty_summary_emails'], FILTER_VALIDATE_BOOLEAN ) : false );
// Weekly Settings start.
$report_options['weekly_summary_notification'] = ( ( isset( $post_array['notification_weekly_summary_notification'] ) ) ? filter_var( $post_array['notification_weekly_summary_notification'], FILTER_VALIDATE_BOOLEAN ) : false );
$current_weekly_summary_notification = isset( $current_settings['weekly_summary_notification'] ) ? $current_settings['weekly_summary_notification'] : '';
if ( ! $suppress_events_on_first_time_activation && $current_weekly_summary_notification !== $report_options['weekly_summary_notification'] ) {
Alert_Manager::trigger_event(
6319,
array(
'EventType' => ( $report_options['weekly_summary_notification'] ) ? 'enabled' : 'disabled',
)
);
}
$report_options['weekly_email_address'] = ( ( isset( $post_array['notification_weekly_email_address'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['notification_weekly_email_address'] ) ) : Email_Helper::get_default_email_to() );
$current_weekly_mail_address = isset( $current_settings['weekly_email_address'] ) ? $current_settings['weekly_email_address'] : '';
if ( ! $suppress_events_on_first_time_activation && $report_options['weekly_email_address'] !== $current_weekly_mail_address ) {
Alert_Manager::trigger_event(
6328,
array(
'EventType' => 'modified',
'recipient' => $report_options['weekly_email_address'],
'previous_recipient' => $current_weekly_mail_address,
)
);
}
$report_options['weekly_send_empty_summary_emails'] = ( ( isset( $post_array['notification_weekly_send_empty_summary_emails'] ) ) ? filter_var( $post_array['notification_weekly_send_empty_summary_emails'], FILTER_VALIDATE_BOOLEAN ) : false );
// Weekly Settings end.
foreach ( self::$events_to_collect as $event_id ) {
$report_options[ 'event_' . $event_id . '_notification' ] = ( ( isset( $post_array[ 'notification_event_' . $event_id . '_notification' ] ) ) ? filter_var( $post_array[ 'notification_event_' . $event_id . '_notification' ], FILTER_VALIDATE_BOOLEAN ) : false );
if ( isset( $post_array[ 'notification_event_' . $event_id . '_failed_more_than' ] ) ) {
$int = filter_var( $post_array[ 'notification_event_' . $event_id . '_failed_more_than' ], \FILTER_VALIDATE_INT );
if ( 2 > $int ) {
$int = 2;
}
if ( 30 < $int ) {
$int = 30;
}
$report_options[ 'event_' . $event_id . '_failed_more_than' ] = ( $int && $int > 0 ) ? $int : 2;
}
$report_options[ 'event_' . $event_id . '_notification_custom_message' ] = ( ( isset( $post_array[ 'notification_event_' . $event_id . '_notification_custom_message' ] ) ) ? filter_var( $post_array[ 'notification_event_' . $event_id . '_notification_custom_message' ], FILTER_VALIDATE_BOOLEAN ) : false );
if ( $report_options[ 'event_' . $event_id . '_notification_custom_message' ] ) {
$report_options[ 'event_' . $event_id . '_notification_email_address' ] = ( ( isset( $post_array[ 'notification_event_' . $event_id . '_notification_email_address' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $event_id . '_notification_email_address' ] ) ) : '' );
$report_options[ 'event_' . $event_id . '_notification_phone' ] = ( ( isset( $post_array[ 'notification_event_' . $event_id . '_notification_phone' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $event_id . '_notification_phone' ] ) ) : '' );
$report_options[ 'event_' . $event_id . '_notification_slack' ] = ( ( isset( $post_array[ 'notification_event_' . $event_id . '_notification_slack' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $event_id . '_notification_slack' ] ) ) : '' );
}
if ( ( ! isset( $report_options[ 'event_' . $event_id . '_notification_email_address' ] ) || empty( $report_options[ 'event_' . $event_id . '_notification_email_address' ] ) ) &&
( ! isset( $report_options[ 'event_' . $event_id . '_notification_phone' ] ) || empty( $report_options[ 'event_' . $event_id . '_notification_phone' ] ) ) &&
( ! isset( $report_options[ 'event_' . $event_id . '_notification_slack' ] ) || empty( $report_options[ 'event_' . $event_id . '_notification_slack' ] ) ) &&
( $no_defaults ) ) {
unset( $report_options[ 'event_' . $event_id . '_notification' ] );
unset( $report_options[ 'event_' . $event_id . '_notification_email_address' ] );
unset( $report_options[ 'event_' . $event_id . '_notification_phone' ] );
unset( $report_options[ 'event_' . $event_id . '_notification_slack' ] );
unset( $report_options[ 'event_' . $event_id . '_notification_custom_message' ] );
unset( $report_options[ 'event_' . $event_id . '_failed_more_than' ] );
} elseif ( $report_options[ 'event_' . $event_id . '_notification' ] ) {
$report_options['notification_ids'][] = $event_id;
if ( isset( self::$additional_events_to_store[ $event_id ] ) ) {
$report_options['notification_ids'] = \array_merge( $report_options['notification_ids'], self::$additional_events_to_store[ $event_id ] );
}
}
}
foreach ( self::$severities_to_collect as $severity ) {
$report_options[ 'event_' . $severity . '_notification' ] = ( ( isset( $post_array[ 'notification_event_' . $severity . '_notification' ] ) ) ? filter_var( $post_array[ 'notification_event_' . $severity . '_notification' ], FILTER_VALIDATE_BOOLEAN ) : false );
$report_options[ 'event_' . $severity . '_notification_custom_message' ] = ( ( isset( $post_array[ 'notification_event_' . $severity . '_notification_custom_message' ] ) ) ? filter_var( $post_array[ 'notification_event_' . $severity . '_notification_custom_message' ], FILTER_VALIDATE_BOOLEAN ) : false );
if ( $report_options[ 'event_' . $severity . '_notification_custom_message' ] ) {
$report_options[ 'event_' . $severity . '_notification_email_address' ] = ( ( isset( $post_array[ 'notification_event_' . $severity . '_notification_email_address' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $severity . '_notification_email_address' ] ) ) : '' );
$report_options[ 'event_' . $severity . '_notification_phone' ] = ( ( isset( $post_array[ 'notification_event_' . $severity . '_notification_phone' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $severity . '_notification_phone' ] ) ) : '' );
$report_options[ 'event_' . $severity . '_notification_slack' ] = ( ( isset( $post_array[ 'notification_event_' . $severity . '_notification_slack' ] ) ) ? \sanitize_text_field( \wp_unslash( $post_array[ 'notification_event_' . $severity . '_notification_slack' ] ) ) : '' );
}
if ( ( ! isset( $report_options[ 'event_' . $severity . '_notification_email_address' ] ) || empty( $report_options[ 'event_' . $severity . '_notification_email_address' ] ) ) &&
( ! isset( $report_options[ 'event_' . $severity . '_notification_phone' ] ) || empty( $report_options[ 'event_' . $severity . '_notification_phone' ] ) ) &&
( ! isset( $report_options[ 'event_' . $severity . '_notification_slack' ] ) || empty( $report_options[ 'event_' . $severity . '_notification_slack' ] ) ) &&
( $no_defaults ) ) {
unset( $report_options[ 'event_' . $severity . '_notification' ] );
unset( $report_options[ 'event_' . $severity . '_notification_email_address' ] );
unset( $report_options[ 'event_' . $severity . '_notification_phone' ] );
unset( $report_options[ 'event_' . $severity . '_notification_slack' ] );
unset( $report_options[ 'event_' . $severity . '_notification_custom_message' ] );
} elseif ( $report_options[ 'event_' . $severity . '_notification' ] ) {
$report_options['notification_severities'][] = $severity;
}
}
self::compare_and_fire_events( $report_options );
if ( empty( $report_options ) ) {
Settings_Helper::delete_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME );
} else {
Settings_Helper::set_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, $report_options );
}
}
/**
* Compares the settings before storing them in against the current settings and fires events if there are changes.
*
* @param array $settings_to_store - Array with the settings to store.
*
* @return void
*
* @since 5.2.1
*/
private static function compare_and_fire_events( array $settings_to_store ) {
$current_settings = Settings_Helper::get_option_value( self::BUILT_IN_NOTIFICATIONS_SETTINGS_NAME, array() );
if ( empty( $settings_to_store ) && ! empty( $current_settings ) ) {
foreach ( self::$events_to_collect as $event_id ) {
if ( isset( $current_settings[ 'event_' . $event_id . '_notification' ] ) &&
true === $current_settings[ 'event_' . $event_id . '_notification' ] ) {
Alert_Manager::trigger_event(
6312,
array(
'notification_name' => self::get_notification_titles()[ $event_id ],
'EventType' => 'disabled',
)
);
}
}
}
if ( ! empty( $settings_to_store ) && ! empty( $current_settings ) ) {
$events_to_check = \array_merge( self::$events_to_collect, self::$severities_to_collect );
foreach ( $events_to_check as $event_id ) {
if ( isset( $settings_to_store[ 'event_' . $event_id . '_notification' ] ) && isset( $current_settings[ 'event_' . $event_id . '_notification' ] ) &&
$current_settings[ 'event_' . $event_id . '_notification' ] !== $settings_to_store[ 'event_' . $event_id . '_notification' ] ) {
$type = 'enabled';
if ( false === $settings_to_store[ 'event_' . $event_id . '_notification' ] ) {
$type = 'disabled';
}
Alert_Manager::trigger_event(
6312,
array(
'notification_name' => self::get_notification_titles()[ $event_id ],
'EventType' => $type,
)
);
}
$store_custom_address = ( isset( $settings_to_store[ 'event_' . $event_id . '_notification_custom_message' ] ) ? $settings_to_store[ 'event_' . $event_id . '_notification_custom_message' ] : false );
$current_custom_address = ( isset( $current_settings[ 'event_' . $event_id . '_notification_custom_message' ] ) ? $current_settings[ 'event_' . $event_id . '_notification_custom_message' ] : false );
$default_recipient = \esc_html__( 'Use default', 'wp-security-audit-log' );
$store_email = ( isset( $settings_to_store[ 'event_' . $event_id . '_notification_email_address' ] ) ? $settings_to_store[ 'event_' . $event_id . '_notification_email_address' ] : $default_recipient );
$current_email = ( isset( $current_settings[ 'event_' . $event_id . '_notification_email_address' ] ) ? $current_settings[ 'event_' . $event_id . '_notification_email_address' ] : $default_recipient );
$store_phone = ( isset( $settings_to_store[ 'event_' . $event_id . '_notification_phone' ] ) ? $settings_to_store[ 'event_' . $event_id . '_notification_phone' ] : $default_recipient );
$current_phone = ( isset( $current_settings[ 'event_' . $event_id . '_notification_phone' ] ) ? $current_settings[ 'event_' . $event_id . '_notification_phone' ] : $default_recipient );
$store_slack = ( isset( $settings_to_store[ 'event_' . $event_id . '_notification_slack' ] ) ? $settings_to_store[ 'event_' . $event_id . '_notification_slack' ] : $default_recipient );
$current_slack = ( isset( $current_settings[ 'event_' . $event_id . '_notification_slack' ] ) ? $current_settings[ 'event_' . $event_id . '_notification_slack' ] : $default_recipient );
if ( $store_custom_address !== $current_custom_address || $store_email !== $current_email || $store_phone !== $current_phone || $store_slack !== $current_slack ) {
Alert_Manager::trigger_event(
6313,
array(
'notification_name' => self::get_notification_titles()[ $event_id ],
'recipient' => Settings_Helper::create_recipient_string( $store_email, $store_phone ),
'previous_recipient' => Settings_Helper::create_recipient_string( $current_email, $current_phone ),
'EventType' => 'modified',
)
);
}
}
}
}
/**
* Checks and validates the data for the notification settings.
*
* @param array $post_array - The array with all the data provided.
*
* @return void
*
* @since 5.1.1
* @since 5.6.2 - Added masked value guard and credential encryption on save.
*/
private static function settings_check_and_save( array $post_array ) {
if ( ! \current_user_can( 'manage_options' ) ) {
\wp_die( \esc_html__( 'You do not have sufficient permissions to access this page.', 'wp-security-audit-log' ) );
}
$current_settings = Settings_Helper::get_option_value( self::NOTIFICATIONS_SETTINGS_NAME, array() );
/**
* When a credential field is submitted unchanged, the form sends back a masked value (e.g. "xoxb****Fh3p") instead of the real token.
* So we avoid this in two steps:
*
* 1. Preserve the real encrypted values from the DB for unchanged fields.
* 2. Clear the masked values from the POST data so downstream validation doesn't treat them
* as new credentials to validate against the API, and skips them.
*/
/**
* Options is necessary to preserve encrypted values when encrypted settings aren't edited. E.g. when user only changes "default Email address(es)".
* This method just merges the current encrypted setting values with the new POST data.
*/
$options = Credential_Settings_Helper::get_encrypted_unchanged_credentials( $post_array, $current_settings );
// Updating $post_array is necessary to skip validation for masked values when they are not edited, which would fail API validation.
$post_array = Credential_Settings_Helper::empty_masked_values_from_post_data( $post_array, $current_settings );
/**
* Validate and encrypt Twilio credentials. If validation fails the values are silently discarded.
* Masked (unchanged) fields were already preserved by get_unchanged_credentials().
*/
$twilio_sid = \sanitize_text_field( \wp_unslash( $post_array['twilio_notification_account_sid'] ?? '' ) );
$twilio_auth = \sanitize_text_field( \wp_unslash( $post_array['twilio_notification_auth_token'] ?? '' ) );
$twilio_phone = \sanitize_text_field( \wp_unslash( $post_array['twilio_notification_phone_number'] ?? '' ) );
if ( '' !== $twilio_sid && '' !== $twilio_auth && '' !== $twilio_phone ) {
$twilio_result = Credential_Settings_Helper::validate_and_save_twilio( $twilio_sid, $twilio_auth, $twilio_phone, $options );
if ( false !== $twilio_result ) {
$options = $twilio_result;
}
}
$slack_token = \sanitize_text_field( \wp_unslash( $post_array['slack_notification_auth_token'] ?? '' ) );
if ( '' !== $slack_token ) {
$slack_result = Credential_Settings_Helper::validate_and_save_slack( $slack_token, $options );
if ( false !== $slack_result ) {
$options = $slack_result;
}
}
if ( isset( $post_array['notification_default_email_address'] ) ) {
$options['notification_default_email_address'] = ( ( isset( $post_array['notification_default_email_address'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['notification_default_email_address'] ) ) : '' );
}
if ( isset( $post_array['notification_default_phone'] ) ) {
$options['notification_default_phone'] = ( ( isset( $post_array['notification_default_phone'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['notification_default_phone'] ) ) : '' );
}
if ( isset( $post_array['notification_default_slack_channel'] ) ) {
$options['notification_default_slack_channel'] = ( ( isset( $post_array['notification_default_slack_channel'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['notification_default_slack_channel'] ) ) : '' );
}
if ( isset( $post_array['email_notifications_subject'] ) ) {
$options['email_notifications_subject'] = ( ( isset( $post_array['email_notifications_subject'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['email_notifications_subject'] ) ) : '' );
}
$options['email_notifications_body'] = '';
if ( isset( $post_array['email_notifications_body'] ) ) {
$options['email_notifications_body'] = ( ( isset( $post_array['email_notifications_body'] ) ) ? \wpautop( \wp_unslash( $post_array['email_notifications_body'] ) ) : '' );
if ( ! isset( $current_settings['email_notifications_body'] ) ) {
$current_settings['email_notifications_body'] = json_encode( stripslashes( Notification_Helper::get_default_email_body() ) );
}
if ( json_encode( stripslashes( $options['email_notifications_body'] ) ) !== $current_settings['email_notifications_body'] || $options['email_notifications_subject'] !== $current_settings['email_notifications_subject'] ) {
Alert_Manager::trigger_event(
6318,
array(
'EventType' => 'modified',
'template_name' => 'Email',
)
);
}
}
$options['sms_notifications_body'] = '';
if ( isset( $post_array['sms_notifications_body'] ) ) {
$options['sms_notifications_body'] = ( ( isset( $post_array['sms_notifications_body'] ) ) ? ( \wp_unslash( $post_array['sms_notifications_body'] ) ) : '' );
if ( ! isset( $current_settings['sms_notifications_body'] ) ) {
$current_settings['sms_notifications_body'] = json_encode( stripslashes( Notification_Helper::get_default_sms_body() ) );
}
if ( json_encode( stripslashes( $options['sms_notifications_body'] ) ) !== $current_settings['sms_notifications_body'] ) {
Alert_Manager::trigger_event(
6318,
array(
'EventType' => 'modified',
'template_name' => 'SMS',
)
);
}
}
$options['slack_notifications_body'] = '';
if ( isset( $post_array['slack_notifications_body'] ) ) {
$options['slack_notifications_body'] = ( ( isset( $post_array['slack_notifications_body'] ) ) ? ( \wp_unslash( $post_array['slack_notifications_body'] ) ) : '' );
if ( ! isset( $current_settings['slack_notifications_body'] ) ) {
$current_settings['slack_notifications_body'] = json_encode( stripslashes( Notification_Helper::get_default_slack_body() ) );
}
if ( json_encode( stripslashes( $options['slack_notifications_body'] ) ) !== $current_settings['slack_notifications_body'] ) {
Alert_Manager::trigger_event(
6318,
array(
'EventType' => 'modified',
'template_name' => 'Slack',
)
);
}
}
$options['shorten_notification_urls'] = ( ( isset( $post_array['shorten_notification_urls'] ) ) ? filter_var( $post_array['shorten_notification_urls'], FILTER_VALIDATE_BOOLEAN ) : false );
if ( isset( $post_array['notification_bitly_shorten_key'] ) ) {
$bitly_value = \sanitize_text_field( \wp_unslash( $post_array['notification_bitly_shorten_key'] ) );
if ( '' !== $bitly_value && ! Encryption_Helper::is_masked( $bitly_value ) ) {
$options['notification_bitly_shorten_key'] = Encryption_Helper::encrypt( $bitly_value );
} elseif ( '' === $bitly_value ) {
$options['notification_bitly_shorten_key'] = '';
}
}
$default = ( 'free' === \WpSecurityAuditLog::get_plugin_version() ) ? true : false;
// Summarized emails.
$options['notification_summary_user_logins'] = ( ( isset( $post_array['notification_summary_user_logins'] ) ) ? filter_var( $post_array['notification_summary_user_logins'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_failed_logins'] = ( ( isset( $post_array['notification_summary_failed_logins'] ) ) ? filter_var( $post_array['notification_summary_failed_logins'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_wrong_password'] = ( ( isset( $post_array['notification_wrong_password'] ) ) ? filter_var( $post_array['notification_wrong_password'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_wrong_username'] = ( ( isset( $post_array['notification_summary_wrong_username'] ) ) ? filter_var( $post_array['notification_summary_wrong_username'], FILTER_VALIDATE_BOOLEAN ) : $default );
if ( $options['notification_summary_failed_logins'] && ! $options['notification_wrong_password'] && ! $options['notification_summary_wrong_username'] ) {
$options['notification_summary_failed_logins'] = $default;
}
$options['notification_summary_password_changes'] = ( ( isset( $post_array['notification_summary_password_changes'] ) ) ? filter_var( $post_array['notification_summary_password_changes'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_password_user_change_own_password'] = ( ( isset( $post_array['notification_summary_password_user_change_own_password'] ) ) ? filter_var( $post_array['notification_summary_password_user_change_own_password'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_password_user_change_other_password'] = ( ( isset( $post_array['notification_summary_password_user_change_other_password'] ) ) ? filter_var( $post_array['notification_summary_password_user_change_other_password'], FILTER_VALIDATE_BOOLEAN ) : $default );
if ( $options['notification_summary_password_changes'] && ! $options['notification_summary_password_user_change_own_password'] && ! $options['notification_summary_password_user_change_other_password'] ) {
$options['notification_summary_password_changes'] = $default;
}
$options['notification_summary_plugins_activity'] = ( ( isset( $post_array['notification_summary_plugins_activity'] ) ) ? filter_var( $post_array['notification_summary_plugins_activity'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_system_activity'] = ( ( isset( $post_array['notification_summary_system_activity'] ) ) ? filter_var( $post_array['notification_summary_system_activity'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_content_changes'] = ( ( isset( $post_array['notification_summary_content_changes'] ) ) ? filter_var( $post_array['notification_summary_content_changes'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_published_posts'] = ( ( isset( $post_array['notification_summary_published_posts'] ) ) ? filter_var( $post_array['notification_summary_published_posts'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_deleted_posts'] = ( ( isset( $post_array['notification_summary_deleted_posts'] ) ) ? filter_var( $post_array['notification_summary_deleted_posts'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_changed_posts'] = ( ( isset( $post_array['notification_summary_changed_posts'] ) ) ? filter_var( $post_array['notification_summary_changed_posts'], FILTER_VALIDATE_BOOLEAN ) : $default );
$options['notification_summary_status_changed_posts'] = ( ( isset( $post_array['notification_summary_status_changed_posts'] ) ) ? filter_var( $post_array['notification_summary_status_changed_posts'], FILTER_VALIDATE_BOOLEAN ) : $default );
if ( $options['notification_summary_content_changes'] && ! $options['notification_summary_published_posts'] && ! $options['notification_summary_deleted_posts'] && ! $options['notification_summary_deleted_posts'] && ! $options['notification_summary_status_changed_posts'] ) {
$options['notification_summary_content_changes'] = false;
}
$options['notification_summary_multisite_individual_site'] = ( ( isset( $post_array['notification_summary_multisite_individual_site'] ) ) ? filter_var( $post_array['notification_summary_multisite_individual_site'], FILTER_VALIDATE_BOOLEAN ) : false );
$options['notification_events_included'] = ( ( isset( $post_array['notification_events_included'] ) ) ? filter_var( $post_array['notification_events_included'], FILTER_VALIDATE_BOOLEAN ) : false );
if ( ! $options['notification_events_included'] ) {
$options['notification_summary_number_of_events_included'] = null;
} else {
$options['notification_summary_number_of_events_included'] = ( ( isset( $post_array['notification_summary_number_of_events_included'] ) ) ? \esc_attr( \absint( $post_array['notification_summary_number_of_events_included'] ) ) : 10 );
}
if ( WP_Helper::is_multisite() && ! $options['notification_summary_multisite_individual_site'] ) {
$options['notification_summary_content_changes'] = false;
}
if ( empty( $options ) ) {
Settings_Helper::delete_option_value( self::NOTIFICATIONS_SETTINGS_NAME );
} else {
self::set_global_notifications_setting( $options );
}
}
/**
* Checks and validates the data for the custom notifications.
*
* @param array $post_array - The array with all the data provided.
*
* @return array
*
* @since 5.2.1
*/
private static function custom_notifications_check_and_save( array $post_array ) {
if ( ! \current_user_can( 'manage_options' ) ) {
\wp_die( \esc_html__( 'You do not have sufficient permissions to access this page.', 'wp-security-audit-log' ) );
}
$report_options = array();
$no_defaults = false;
if ( ! self::is_default_mail_set() && ! self::is_default_twilio_set() && ! self::is_default_slack_set() ) {
$no_defaults = true;
}
if ( isset( $post_array['custom_notifications_id'] ) && 0 < \absint( (int) $post_array['custom_notifications_id'] ) ) {
$report_options['id'] = \absint( (int) $post_array['custom_notifications_id'] );
}
if ( isset( $post_array['store_global_mail'] ) && 'yes' === $post_array['store_global_mail'] ) {
$notification_mail = ( ( isset( $post_array['custom_notification_email'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_email'] ) ) : '' );
if ( ! empty( $notification_mail ) ) {
$t_options = Settings_Helper::get_option_value( self::NOTIFICATIONS_SETTINGS_NAME, array() );
$t_options['notification_default_email_address'] = $notification_mail;
self::set_global_notifications_setting( $t_options );
}
}
$report_options['notification_status'] = ( ( isset( $post_array['custom_notification_enabled'] ) ) ? filter_var( $post_array['custom_notification_enabled'], FILTER_VALIDATE_BOOLEAN ) : false );
$report_options['notification_title'] = ( ( isset( $post_array['custom_notification_title'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_title'] ) ) : \esc_html__( 'Custom notification - no name', 'wp-security-audit-log' ) . ' ' . \substr( \str_shuffle( '0123456789' ), 0, 5 ) );
$report_options['notification_email'] = ( ( isset( $post_array['custom_notification_email'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_email'] ) ) : '' );
$report_options['notification_email_bcc'] = ( ( isset( $post_array['custom_notification_email_bcc'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_email_bcc'] ) ) : '' );
$report_options['notification_email_user'] = ( ( isset( $post_array['custom_notification_email_user'] ) ) ? filter_var( $post_array['custom_notification_email_user'], FILTER_VALIDATE_BOOLEAN ) : false );
$report_options['notification_phone'] = ( ( isset( $post_array['custom_notification_phone'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_phone'] ) ) : '' );
$report_options['notification_slack'] = ( ( isset( $post_array['custom_notification_slack'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_slack'] ) ) : '' );
$report_options['notification_username'] = \wp_get_current_user()->user_login;
$report_options['notification_user_id'] = \get_current_user_id();
$report_options['notification_template'] = array();
$report_options['notification_template']['custom_notification_template_enabled'] = ( ( isset( $post_array['custom_notification_template_enabled'] ) ) ? filter_var( $post_array['custom_notification_template_enabled'], FILTER_VALIDATE_BOOLEAN ) : false );
if ( isset( $post_array['email_custom_notifications_subject'] ) ) {
$report_options['notification_template']['email_custom_notifications_subject'] = ( ( isset( $post_array['email_custom_notifications_subject'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['email_custom_notifications_subject'] ) ) : '' );
}
if ( isset( $post_array['email_custom_notifications_body'] ) ) {
$report_options['notification_template']['email_custom_notifications_body'] = ( ( isset( $post_array['email_custom_notifications_body'] ) ) ? \wpautop( \wp_unslash( $post_array['email_custom_notifications_body'] ) ) : '' );
}
$report_options['notification_sms_template'] = array();
$report_options['notification_sms_template']['custom_notification_sms_template_enabled'] = ( ( isset( $post_array['custom_notification_sms_template_enabled'] ) ) ? filter_var( $post_array['custom_notification_sms_template_enabled'], FILTER_VALIDATE_BOOLEAN ) : false );
if ( isset( $post_array['sms_custom_notifications_body'] ) ) {
$report_options['notification_sms_template']['sms_custom_notifications_body'] = ( ( isset( $post_array['sms_custom_notifications_body'] ) ) ? ( \wp_unslash( $post_array['sms_custom_notifications_body'] ) ) : '' );
}
$report_options['notification_slack_template'] = array();
$report_options['notification_slack_template']['custom_notification_slack_template_enabled'] = ( ( isset( $post_array['custom_notification_slack_template_enabled'] ) ) ? filter_var( $post_array['custom_notification_slack_template_enabled'], FILTER_VALIDATE_BOOLEAN ) : false );
if ( isset( $post_array['slack_custom_notifications_body'] ) ) {
$report_options['notification_slack_template']['slack_custom_notifications_body'] = ( ( isset( $post_array['slack_custom_notifications_body'] ) ) ? ( \wp_unslash( $post_array['slack_custom_notifications_body'] ) ) : '' );
}
$report_options['notification_query'] = '';
if ( isset( $post_array['custom_notification_query'] ) ) {
$report_options['notification_query'] = ( ( isset( $post_array['custom_notification_query'] ) ) ? \sanitize_text_field( \wp_unslash( $post_array['custom_notification_query'] ) ) : '' );
// if ( ! empty( $post_array['custom_notification_query'] ) ) {
// $report_options['notification_query_sql'] = Query_Builder_Parser::parse( $report_options['notification_query'] );
// }
}
$report_options['notification_query_sql'] = ( ( isset( $post_array['custom_notification_query_sql'] ) ) ? ( \esc_sql( self::obscure_query( $post_array['custom_notification_query_sql'] ) ) ) : '' );
if ( ! empty( $report_options['notification_query_sql'] ) ) {
$report_options['notification_query_sql'] = Notification_Helper::normalize_query( $report_options['notification_query_sql'] );
}
$report_options['notification_view_state'] = 1;
$report_options['notification_settings'] = array();
$report_options['notification_settings']['custom_notification_send_to_default_email'] = ( ( isset( $post_array['custom_notification_send_to_default_email'] ) ) ? filter_var( $post_array['custom_notification_send_to_default_email'], FILTER_VALIDATE_BOOLEAN ) : false );
$report_options['notification_settings']['custom_notification_send_to_default_slack'] = ( ( isset( $post_array['custom_notification_send_to_default_slack'] ) ) ? filter_var( $post_array['custom_notification_send_to_default_slack'], FILTER_VALIDATE_BOOLEAN ) : false );
$report_options['notification_settings']['custom_notification_send_to_default_phone'] = ( ( isset( $post_array['custom_notification_send_to_default_phone'] ) ) ? filter_var( $post_array['custom_notification_send_to_default_phone'], FILTER_VALIDATE_BOOLEAN ) : false );
$last_id = Custom_Notifications_Entity::save( $report_options );
$query_args_view_data = array(
'page' => self::get_safe_view_name(),
'action' => 'edit',
Custom_Notifications_Entity::get_table_name() . '[0]' => absint( $last_id ),
'_wpnonce' => \wp_create_nonce( 'bulk-custom-notifications' ),
);
$admin_page_url = \network_admin_url( 'admin.php' );
$view_data_link = \add_query_arg( $query_args_view_data, $admin_page_url );
return array( 'redirect' => $view_data_link . '#wsal-options-tab-custom-notification-edit' );
}
/**
* Changes the generated query string.
*
* @param string $query - The query string to be changes.
*
* @return string
*
* @since 5.2.1
*/
public static function obscure_query( string $query ): string {
// Replace all with leading space first.
$query = str_replace( ' \'', ' ' . Notification_Helper::VALUE_QUERY_PREFIX, $query );
// Then replace all with trailing space.
$query = str_replace( '\' ', Notification_Helper::VALUE_QUERY_PREFIX . ' ', $query );
// And finally replace everything else.
$query = str_replace( '\'', Notification_Helper::VALUE_QUERY_PREFIX, $query );
return $query;
}
}
}