Below is a differential between the unpatched vulnerable code and the patched update, for reference.
--- a/atomchat/admin/atomchat-admin.php
+++ b/atomchat/admin/atomchat-admin.php
@@ -1,9 +1,18 @@
<?php
-wp_enqueue_style("atomchat-admin", dirname(plugin_dir_url( __FILE__ )).'/css/atomchat-admin.css');
-wp_enqueue_script("atomchat-event", dirname(plugin_dir_url( __FILE__ )).'/js/event.js');
-wp_enqueue_script("atomchat-admin", dirname(plugin_dir_url( __FILE__ )).'/js/atomchat-admin.js');
-wp_enqueue_script("atomchat-clipboard", dirname(dirname(dirname(dirname(plugin_dir_url( __FILE__ ))))).'/wp-includes/js/clipboard.min.js');
+$atomchat_asset_version = defined( 'ATOMCHAT_VERSION' ) ? ATOMCHAT_VERSION : '1.1.8';
+
+wp_enqueue_style( "atomchat-admin", dirname( plugin_dir_url( __FILE__ ) ) . '/css/atomchat-admin.css', array(), $atomchat_asset_version );
+wp_enqueue_script( "atomchat-event", dirname( plugin_dir_url( __FILE__ ) ) . '/js/event.js', array(), $atomchat_asset_version, false );
+wp_enqueue_script( "atomchat-admin", dirname( plugin_dir_url( __FILE__ ) ) . '/js/atomchat-admin.js', array(), $atomchat_asset_version, false );
+wp_localize_script(
+ 'atomchat-admin',
+ 'atomchatAjax',
+ array(
+ 'nonce' => wp_create_nonce( 'atomchat_admin_action' ),
+ )
+);
+wp_enqueue_script( "atomchat-clipboard", dirname( dirname( dirname( dirname( plugin_dir_url( __FILE__ ) ) ) ) ) . '/wp-includes/js/clipboard.min.js', array(), $atomchat_asset_version, false );
$isBuddyPressActive = $show_username = $show_nickname = $show_displayname = $show_fname_lname = '';
if(!is_plugin_active('buddypress/bp-loader.php') && !is_plugin_active('buddyboss-platform/bp-loader.php')){
@@ -291,4 +300,4 @@
</div>
</div>
</body>
-</html>
No newline at end of file
+</html>
--- a/atomchat/admin/atomchat-auth.php
+++ b/atomchat/admin/atomchat-auth.php
@@ -1,7 +1,15 @@
<?php
- wp_enqueue_style("atomchat-admin", dirname(plugin_dir_url( __FILE__ )).'/css/atomchat-auth.css');
- wp_enqueue_script("atomchat-event", dirname(plugin_dir_url( __FILE__ )).'/js/event.js');
- wp_enqueue_script("atomchat-admin", dirname(plugin_dir_url( __FILE__ )).'/js/atomchat-admin.js');
+ $atomchat_asset_version = defined( 'ATOMCHAT_VERSION' ) ? ATOMCHAT_VERSION : '1.1.8';
+ wp_enqueue_style( "atomchat-admin", dirname( plugin_dir_url( __FILE__ ) ) . '/css/atomchat-auth.css', array(), $atomchat_asset_version );
+ wp_enqueue_script( "atomchat-event", dirname( plugin_dir_url( __FILE__ ) ) . '/js/event.js', array(), $atomchat_asset_version, false );
+ wp_enqueue_script( "atomchat-admin", dirname( plugin_dir_url( __FILE__ ) ) . '/js/atomchat-admin.js', array(), $atomchat_asset_version, false );
+ wp_localize_script(
+ 'atomchat-admin',
+ 'atomchatAjax',
+ array(
+ 'nonce' => wp_create_nonce( 'atomchat_admin_action' ),
+ )
+ );
?>
<!DOCTYPE html>
@@ -116,4 +124,4 @@
}
</script>
</body>
-</html>
No newline at end of file
+</html>
--- a/atomchat/admin/atomchat-ready.php
+++ b/atomchat/admin/atomchat-ready.php
@@ -1,6 +1,7 @@
<?php
- wp_enqueue_style("atomchat-admin", dirname(plugin_dir_url( __FILE__ )).'/css/atomchat-ready.css');
- wp_enqueue_script("atomchat-event", dirname(plugin_dir_url( __FILE__ )).'/js/event.js');
+ $atomchat_asset_version = defined( 'ATOMCHAT_VERSION' ) ? ATOMCHAT_VERSION : '1.1.8';
+ wp_enqueue_style( "atomchat-admin", dirname( plugin_dir_url( __FILE__ ) ) . '/css/atomchat-ready.css', array(), $atomchat_asset_version );
+ wp_enqueue_script( "atomchat-event", dirname( plugin_dir_url( __FILE__ ) ) . '/js/event.js', array(), $atomchat_asset_version, false );
?>
<!DOCTYPE html>
@@ -94,4 +95,4 @@
}
</script>
</body>
-</html>
No newline at end of file
+</html>
--- a/atomchat/atomchat.php
+++ b/atomchat/atomchat.php
@@ -3,7 +3,7 @@
/**
* Plugin Name: AtomChat
* Description: Voice, video & text chat for your WordPress site
-* Version: 1.1.7
+* Version: 1.1.8
* Author: AtomChat
* Author URI: https://www.atomchat.com/
* License: GPLv2 or later
@@ -79,6 +79,7 @@
}
include_once($dir);
+include_once plugin_dir_path( __FILE__ ) . 'includes/atomchat_requesthandler.php';
/**
--- a/atomchat/includes/atomchat_cloud.php
+++ b/atomchat/includes/atomchat_cloud.php
@@ -1,6 +1,7 @@
<?php
$groupSync = get_option('atomchat_bp_group_sync');
+$atomchat_asset_version = defined( 'ATOMCHAT_VERSION' ) ? ATOMCHAT_VERSION : '1.1.8';
/**
* atomchatCreateBaseData
@@ -14,11 +15,11 @@
global $atomchat_base;
if(!empty($atomchat_base)) {
- wp_enqueue_script( 'atomchat_base', plugin_dir_url( __DIR__ ).'js/scripttag.js');
+ wp_enqueue_script( 'atomchat_base', plugin_dir_url( __DIR__ ) . 'js/scripttag.js', array(), $atomchat_asset_version, false );
wp_add_inline_script( 'atomchat_base', 'var atomchat_base = '.$atomchat_base.';' );
}else{
if(get_option('atomchat_auth_key')){
- wp_enqueue_script( 'atomchat_base', plugin_dir_url( __DIR__ ).'js/scripttag.js');
+ wp_enqueue_script( 'atomchat_base', plugin_dir_url( __DIR__ ) . 'js/scripttag.js', array(), $atomchat_asset_version, false );
wp_add_inline_script( 'atomchat_base', 'var chat_auth = "'.get_option('atomchat_auth_key').'";' );
}
}
@@ -36,8 +37,8 @@
global $atomchat_clientid;
global $atomchat_base;
- wp_enqueue_style("atomchat_corecss", "//fast.cometondemand.net/".$atomchat_clientid."x_x".substr(md5($atomchat_clientid),0,5).".css");
- wp_enqueue_script("atomchat_corejs", "//fast.cometondemand.net/".$atomchat_clientid."x_x".substr(md5($atomchat_clientid),0,5).".js");
+ wp_enqueue_style( "atomchat_corecss", "//fast.cometondemand.net/" . $atomchat_clientid . "x_x" . substr( md5( $atomchat_clientid ), 0, 5 ) . ".css", array(), $atomchat_asset_version );
+ wp_enqueue_script( "atomchat_corejs", "//fast.cometondemand.net/" . $atomchat_clientid . "x_x" . substr( md5( $atomchat_clientid ), 0, 5 ) . ".js", array(), $atomchat_asset_version, false );
}
}
@@ -78,14 +79,14 @@
}
if($layout == 'docked'){
- wp_enqueue_style("atomchat_corecss", "//fast.cometondemand.net/".$atomchat_clientid."x_x".substr(md5($atomchat_clientid),0,5).".css");
- wp_enqueue_script("atomchat_corejs", "//fast.cometondemand.net/".$atomchat_clientid."x_x".substr(md5($atomchat_clientid),0,6).".js");
+ wp_enqueue_style( "atomchat_corecss", "//fast.cometondemand.net/" . $atomchat_clientid . "x_x" . substr( md5( $atomchat_clientid ), 0, 5 ) . ".css", array(), $atomchat_asset_version );
+ wp_enqueue_script( "atomchat_corejs", "//fast.cometondemand.net/" . $atomchat_clientid . "x_x" . substr( md5( $atomchat_clientid ), 0, 6 ) . ".js", array(), $atomchat_asset_version, false );
/** Force enabled AtomChat Docked Layout (6) in atomchat_corejs **/
} else{
- wp_enqueue_script( 'atomchat_shortcodejs', '//fast.cometondemand.net/'.$atomchat_clientid."x_x".substr(md5($atomchat_clientid),0,5).'x_xcorex_xembedcode.js' );
+ wp_enqueue_script( 'atomchat_shortcodejs', '//fast.cometondemand.net/' . $atomchat_clientid . "x_x" . substr( md5( $atomchat_clientid ), 0, 5 ) . 'x_xcorex_xembedcode.js', array(), $atomchat_asset_version, false );
- wp_enqueue_script( 'atomchat_shortcode', plugin_dir_url( __DIR__ ).'js/scripttag.js' );
+ wp_enqueue_script( 'atomchat_shortcode', plugin_dir_url( __DIR__ ) . 'js/scripttag.js', array(), $atomchat_asset_version, false );
wp_add_inline_script( 'atomchat_shortcode', 'var iframeObj = {};iframeObj.module="synergy";iframeObj.style="min-height:420px;min-width:350px;";iframeObj.width="'.$width.'px";iframeObj.height="'.$height.'px";iframeObj.src="//'.$atomchat_clientid.'.cometondemand.net/cometchat_embedded.php?'.$GUID.$groupsonly.'";if(typeof(addEmbedIframe)=="function"){addEmbedIframe(iframeObj);}' );
return '
--- a/atomchat/includes/atomchat_requesthandler.php
+++ b/atomchat/includes/atomchat_requesthandler.php
@@ -1,19 +1,50 @@
<?php
+/**
+ * AtomChat request handlers.
+ *
+ * @package AtomChat
+ */
+
+if ( ! defined( 'ABSPATH' ) ) {
+ exit;
+}
+
+/**
+ * Shared permission and nonce check for AtomChat admin AJAX requests.
+ *
+ * @param string $nonce_action Nonce action.
+ */
+function atomchat_verify_admin_ajax( $nonce_action ) {
+ if ( ! is_user_logged_in() ) {
+ wp_send_json_error(
+ array(
+ 'error' => __( 'You must be logged in.', 'atomchat' ),
+ ),
+ 401
+ );
+ }
-/***
-
- * WordPress inbuild function used in this file
- * wp_remote_get, wp_remote_retrieve_body and wp_die
- * $wpdb - global variable used for database
-*/
+ if ( ! current_user_can( 'manage_options' ) ) {
+ wp_send_json_error(
+ array(
+ 'error' => __( 'Insufficient permissions.', 'atomchat' ),
+ ),
+ 403
+ );
+ }
-$atomchatIntegration = 'wordpress';
+ if ( ! check_ajax_referer( $nonce_action, 'atomchat_nonce', false ) ) {
+ wp_send_json_error(
+ array(
+ 'error' => __( 'Invalid nonce.', 'atomchat' ),
+ ),
+ 403
+ );
+ }
+}
class AtomChatInstaller {
-/*
- AtomChatInstaller constructor
-*/
- public $writablepath ;
+ public $writablepath;
public $latest_v;
public $atomchatPluginReferrer;
public $integration;
@@ -24,191 +55,239 @@
public $atomchat_api_response;
public $wpdb;
public $accessKey = 'flGBNxeq8Mgu5bynUhS5w3S2CJ7dfo3latMTxDNa';
+ public $basePath;
- function __construct($arguments = array()){
- $this->latest_v = !empty($arguments['latest_v']) ? $arguments['latest_v']: "";
- $this->integration = !empty($arguments['integration']) ? $arguments['integration']: "";
- $this->licensekey = !empty($arguments['licensekey']) ? $arguments['licensekey']: "";
- $this->token = !empty($arguments['token']) ? $arguments['token']: "";
- $this->target = !empty($arguments['target']) ? $arguments['target']: "";
- $this->download_link = !empty($arguments['download_link']) ? $arguments['download_link']: "";
- $this->atomchat_api_response = !empty($arguments['atomchat_api_response']) ? $arguments['atomchat_api_response']: "";
- $this->wpdb = !empty($arguments['wpdb']) ? $arguments['wpdb']: "";
- $this->basePath = dirname(dirname(__FILE__)).DIRECTORY_SEPARATOR;
- ini_set('memory_limit', '-1');
+ /**
+ * AtomChatInstaller constructor.
+ *
+ * @param array $arguments Installer arguments.
+ */
+ public function __construct( $arguments = array() ) {
+ $this->latest_v = ! empty( $arguments['latest_v'] ) ? $arguments['latest_v'] : '';
+ $this->integration = ! empty( $arguments['integration'] ) ? $arguments['integration'] : '';
+ $this->licensekey = ! empty( $arguments['licensekey'] ) ? $arguments['licensekey'] : '';
+ $this->token = ! empty( $arguments['token'] ) ? $arguments['token'] : '';
+ $this->target = ! empty( $arguments['target'] ) ? $arguments['target'] : '';
+ $this->download_link = ! empty( $arguments['download_link'] ) ? $arguments['download_link'] : '';
+ $this->atomchat_api_response = ! empty( $arguments['atomchat_api_response'] ) ? $arguments['atomchat_api_response'] : '';
+ $this->wpdb = ! empty( $arguments['wpdb'] ) ? $arguments['wpdb'] : '';
+ $this->basePath = dirname( dirname( __FILE__ ) ) . DIRECTORY_SEPARATOR;
}
/**
- * atomchatCheckLicenseKey: check for valid license key
- * @param: license key
- * @return json response
- */
- public function atomchatCheckLicenseKey(){
- try{
- $response = array();
-
- $url = "https://app.atomchat.com/api-software/subscription?accessKey=".$this->accessKey;
- $url .= "&licenseKey=".$this->licensekey;
-
- /***WordPress remote call start ***/
- $data = wp_remote_get( $url );
- $body = wp_remote_retrieve_body( $data );
- /***WordPress remote call end ***/
-
- $licensedata = !empty($body) ? json_decode($body) : '';
- $response['atomchat_api_response'] = !empty($body) ? $body : '';
-
- /*** cms details start ***/
- if(empty($this->integration)){
- $atomchat_cms_file = (is_object($licensedata) && property_exists($licensedata, 'integration')) ? $licensedata->integration->file : 'standalone';
- }else{
+ * Validate a license key and return AtomChat API details.
+ */
+ public function atomchatCheckLicenseKey() {
+ $response = array();
+
+ try {
+ $url = 'https://app.atomchat.com/api-software/subscription?accessKey=' . rawurlencode( $this->accessKey );
+ $url .= '&licenseKey=' . rawurlencode( $this->licensekey );
+
+ $remote_response = wp_remote_get( $url );
+
+ if ( is_wp_error( $remote_response ) ) {
+ wp_send_json_error(
+ array(
+ 'error' => 1,
+ 'message' => $remote_response->get_error_message(),
+ ),
+ 500
+ );
+ }
+
+ $body = wp_remote_retrieve_body( $remote_response );
+ $licensedata = ! empty( $body ) ? json_decode( $body ) : '';
+
+ $response['atomchat_api_response'] = ! empty( $body ) ? $body : '';
+
+ if ( empty( $this->integration ) ) {
+ $atomchat_cms_file = ( is_object( $licensedata ) && property_exists( $licensedata, 'integration' ) ) ? $licensedata->integration->file : 'standalone';
+ } else {
$atomchat_cms_file = $this->integration;
}
- /*** cms details end ***/
+ unset( $atomchat_cms_file ); // Kept for backward compatibility with existing flow.
+
+ $atomchat_cloud_active = ( is_object( $licensedata ) && property_exists( $licensedata, 'cloud' ) && ! empty( $licensedata->cloud ) ) ? 1 : 0;
+ if ( 1 === $atomchat_cloud_active ) {
+ $cookie_expiration = time() + ( 60 * 5 );
+ $cookie_secure = is_ssl();
+
+ if ( PHP_VERSION_ID >= 70300 ) {
+ setcookie(
+ 'atomchat_license_key',
+ $this->licensekey,
+ array(
+ 'expires' => $cookie_expiration,
+ 'path' => '/',
+ 'secure' => $cookie_secure,
+ 'httponly' => true,
+ 'samesite' => 'Lax',
+ )
+ );
+ } else {
+ setcookie( 'atomchat_license_key', $this->licensekey, $cookie_expiration, '/; samesite=Lax', '', $cookie_secure, true );
+ }
- /*** cloud status start ***/
- $atomchat_cloud_active = (is_object($licensedata) && property_exists($licensedata, 'cloud') && !empty($licensedata->cloud)) ? 1 : 0 ;
- if($atomchat_cloud_active){
- setcookie('atomchat_license_key', $this->licensekey, time() + (60 * 5), "/"); // 300 = 5 min
- update_option('atomchat_license_key', $this->licensekey);
+ update_option( 'atomchat_license_key', $this->licensekey );
}
- /*** cloud status end ***/
- /*** success response ***/
- if(!empty($licensedata) && is_object($licensedata) && property_exists($licensedata, 'success') && $licensedata->success == 1){
+ if ( ! empty( $licensedata ) && is_object( $licensedata ) && property_exists( $licensedata, 'success' ) && 1 === (int) $licensedata->success ) {
$response['success'] = 1;
- $response['cloud'] = $licensedata->cloud;
- }else{
- /*** error response ***/
+ $response['cloud'] = isset( $licensedata->cloud ) ? $licensedata->cloud : 0;
+ } else {
$response['success'] = 0;
- $response['error'] = (is_object($licensedata) && property_exists($licensedata, 'error')) ? $licensedata->error: 'License not found';
+ $response['error'] = ( is_object( $licensedata ) && property_exists( $licensedata, 'error' ) ) ? $licensedata->error : 'License not found';
}
- } catch (Exception $e) {
- $response['error'] = 1;
+ } catch ( Exception $e ) {
+ $response['error'] = 1;
$response['message'] = $e->getMessage();
- }
- header('Content-Type: application/json');
- echo wp_json_encode($response);
- wp_die();
- }
-}
+ }
+ if ( isset( $response['success'] ) && 1 === (int) $response['success'] ) {
+ wp_send_json_success( $response );
+ }
-if (!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchatCheckLicenseKey') {
- $licensekey = (!empty($_REQUEST['licensekey']) && is_string($_REQUEST['licensekey'])) ? sanitize_text_field($_REQUEST['licensekey']) : "";
- $update = new AtomChatInstaller(array('licensekey'=>$licensekey, 'integration'=>$atomchatIntegration, 'wpdb'=>$wpdb));
- $update -> atomchatCheckLicenseKey();
- wp_die();
+ wp_send_json_error( $response );
+ }
}
-if( !function_exists( 'atomchat_friend_ajax' ) ) {
- function atomchat_friend_ajax() {
- $response = array();
+/**
+ * Handle AtomChat friend settings update.
+ */
+function atomchat_friend_ajax() {
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
+
+ if ( isset( $_POST['atomchat_bp_group_sync'] ) ) {
+ $atomchat_bp_group_sync = sanitize_text_field( wp_unslash( $_POST['atomchat_bp_group_sync'] ) );
+ $update_sync_option = ( 'true' === $atomchat_bp_group_sync ) ? 'true' : 'false';
+ update_option( 'atomchat_bp_group_sync', $update_sync_option, '', 'no' );
+ }
- if(isset($_POST['atomchat_bp_group_sync']) && is_string($_POST['atomchat_bp_group_sync'])){
- $update_sync_option = ($_POST['atomchat_bp_group_sync'] == 'true') ? 'true' : 'false';
- update_option( 'atomchat_bp_group_sync' , $update_sync_option, '', 'no');
- }
- if(isset($_POST['atomchat_show_friends']) && is_string($_POST['atomchat_show_friends'])){
- $update_friends_option = ($_POST['atomchat_show_friends'] == 'true') ? 'true' : 'false';
- update_option( 'atomchat_show_friends' , $update_friends_option, '', 'no');
- atomtchatCurlRequestToAPI('updateUserListSetting', array(
- 'setting_key' => 'atomchat_show_friends',
- 'setting_value' => $update_friends_option
+ if ( isset( $_POST['atomchat_show_friends'] ) ) {
+ $atomchat_show_friends = sanitize_text_field( wp_unslash( $_POST['atomchat_show_friends'] ) );
+ $update_friends_option = ( 'true' === $atomchat_show_friends ) ? 'true' : 'false';
+ update_option( 'atomchat_show_friends', $update_friends_option, '', 'no' );
+ atomtchatCurlRequestToAPI(
+ 'updateUserListSetting',
+ array(
+ 'setting_key' => 'atomchat_show_friends',
+ 'setting_value' => $update_friends_option,
)
);
- }
- header('Content-Type: application/json');
- echo wp_json_encode(array('success' => 'settings updated successfully'));
- wp_die();
}
+
+ wp_send_json_success( array( 'success' => 'settings updated successfully' ) );
}
-if( !function_exists( 'atomchat_mycred_setting' ) ) {
- function atomchat_mycred_setting() {
- $response = array();
- $atomchat_mycred_url = "";
- if(isset($_POST['mycred_url'])){
- $atomchat_mycred_url = (!empty($_POST['mycred_url']) && is_string($_POST['mycred_url'])) ? sanitize_text_field($_POST['mycred_url']) : "";
- }
- if(isset($_POST['atomchat_enable_mycred']) && is_string($_POST['atomchat_enable_mycred'])){
- $atomchat_enable_mycred = ($_POST['atomchat_enable_mycred'] == 'true') ? 'true' : 'false';
- update_option( 'atomchat_enable_mycred' , $atomchat_enable_mycred, '', 'no');
- atomtchatCurlRequestToAPI('atomchat_mycred_setting', array(
- 'setting_key' => 'Enable_MyCred',
+/**
+ * Handle AtomChat MyCred settings update.
+ */
+function atomchat_mycred_setting() {
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
+
+ $atomchat_mycred_url = '';
+ if ( isset( $_POST['mycred_url'] ) ) {
+ $atomchat_mycred_url = sanitize_text_field( wp_unslash( $_POST['mycred_url'] ) );
+ }
+
+ if ( isset( $_POST['atomchat_enable_mycred'] ) ) {
+ $atomchat_enable_mycred_raw = sanitize_text_field( wp_unslash( $_POST['atomchat_enable_mycred'] ) );
+ $atomchat_enable_mycred = ( 'true' === $atomchat_enable_mycred_raw ) ? 'true' : 'false';
+ update_option( 'atomchat_enable_mycred', $atomchat_enable_mycred, '', 'no' );
+ atomtchatCurlRequestToAPI(
+ 'atomchat_mycred_setting',
+ array(
+ 'setting_key' => 'Enable_MyCred',
'setting_value' => $atomchat_enable_mycred,
- 'mycred_url' => $atomchat_mycred_url
+ 'mycred_url' => $atomchat_mycred_url,
)
);
- }
+ }
- header('Content-Type: application/json');
- echo wp_json_encode(array('success' => 'settings updated successfully'));
- wp_die();
+ wp_send_json_success( array( 'success' => 'settings updated successfully' ) );
+}
+/**
+ * Handle AtomChat credits update.
+ */
+function atomchat_update_credeits() {
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
+
+ $role = '';
+ if ( isset( $_POST['role'] ) ) {
+ $role = sanitize_key( wp_unslash( $_POST['role'] ) );
}
+
+ if ( '' === $role ) {
+ wp_send_json_error( array( 'error' => __( 'Invalid role.', 'atomchat' ) ), 400 );
+ }
+
+ $data = array();
+ $data['creditToDeduct'] = isset( $_POST['creditToDeduct'] ) ? (int) wp_unslash( $_POST['creditToDeduct'] ) : 0;
+ $data['creditOnMessage'] = isset( $_POST['creditOnMessage'] ) ? (int) wp_unslash( $_POST['creditOnMessage'] ) : 0;
+ $data['creditToDeductAudio'] = isset( $_POST['creditToDeductAudio'] ) ? (int) wp_unslash( $_POST['creditToDeductAudio'] ) : 0;
+ $data['creditToDeductAudioOnMinutes'] = isset( $_POST['creditToDeductAudioOnMinutes'] ) ? (int) wp_unslash( $_POST['creditToDeductAudioOnMinutes'] ) : 0;
+ $data['creditToDeductVideo'] = isset( $_POST['creditToDeductVideo'] ) ? (int) wp_unslash( $_POST['creditToDeductVideo'] ) : 0;
+ $data['creditToDeductVideoOnMinutes'] = isset( $_POST['creditToDeductVideoOnMinutes'] ) ? (int) wp_unslash( $_POST['creditToDeductVideoOnMinutes'] ) : 0;
+
+ update_option( 'atomchat_' . $role, $data );
+ wp_send_json_success( array( 'success' => 'settings updated successfully' ) );
}
-if( !function_exists( 'atomchat_update_credeits' ) ) {
- function atomchat_update_credeits(){
- $data = array();
+/**
+ * Handle AtomChat auth settings update.
+ */
+function atomchat_update_auth_ajax() {
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
- if(!empty($_POST['role']) && is_string($_POST['role'])){
- $role = sanitize_text_field($_POST['role']);
- }
- $data['creditToDeduct'] = (!empty($_POST['creditToDeduct']) && is_string($_POST['creditToDeduct'])) ? intval($_POST['creditToDeduct']) : 0;
- $data['creditOnMessage'] = (!empty($_POST['creditOnMessage']) && is_string($_POST['creditOnMessage'])) ? intval($_POST['creditOnMessage']) : 0;
- $data['creditToDeductAudio'] = (!empty($_POST['creditToDeductAudio']) && is_string($_POST['creditToDeductAudio'])) ? intval($_POST['creditToDeductAudio']) : 0;
- $data['creditToDeductAudioOnMinutes'] = (!empty($_POST['creditToDeductAudioOnMinutes']) && is_string($_POST['creditToDeductAudioOnMinutes'])) ? intval($_POST['creditToDeductAudioOnMinutes']) : 0;
- $data['creditToDeductVideo'] = (!empty($_POST['creditToDeductVideo']) && is_string($_POST['creditToDeductVideo'])) ? intval($_POST['creditToDeductVideo']) : 0;
- $data['creditToDeductVideoOnMinutes'] = (!empty($_POST['creditToDeductVideoOnMinutes']) && is_string($_POST['creditToDeductVideoOnMinutes'])) ? intval($_POST['creditToDeductVideoOnMinutes']) : 0;
+ $atomchat_auth_key = isset( $_POST['atomchat_auth_key'] ) ? sanitize_text_field( wp_unslash( $_POST['atomchat_auth_key'] ) ) : '';
+ $atomchat_api_key = isset( $_POST['atomchat_api_key'] ) ? sanitize_text_field( wp_unslash( $_POST['atomchat_api_key'] ) ) : '';
- update_option('atomchat_'.$role , serialize($data));
- header('Content-Type: application/json');
- echo wp_json_encode(array('success' => 'settings updated successfully'));
- wp_die();
+ update_option( 'atomchat_auth_key', $atomchat_auth_key );
+ update_option( 'atomchat_api_key', $atomchat_api_key );
- }
+ wp_send_json_success( array( 'success' => 'auth key updated successfully' ) );
}
-if( !function_exists( 'atomchat_update_auth_ajax' ) ) {
- function atomchat_update_auth_ajax() {
- $response = array();
- $atomchat_auth_key = (!empty($_POST['atomchat_auth_key']) && is_string($_POST['atomchat_auth_key'])) ? sanitize_text_field($_POST['atomchat_auth_key']) : '';
- $atomchat_api_key = (!empty($_POST['atomchat_api_key']) && is_string($_POST['atomchat_api_key'])) ? sanitize_text_field($_POST['atomchat_api_key']) : '';
- update_option( 'atomchat_auth_key' , $atomchat_auth_key);
- update_option( 'atomchat_api_key' , $atomchat_api_key);
- header('Content-Type: application/json');
- echo wp_json_encode(array('success' => 'auth key updated successfully'));
- wp_die();
- }
-}
+/**
+ * Handle AtomChat layout settings update.
+ */
+function atomchat_update_layout_ajax() {
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
-if( !function_exists( 'atomchat_update_layout_ajax' ) ) {
- function atomchat_update_layout_ajax() {
- $response = array();
- $show_docked_layout_on_all_pages = (!empty($_POST['show_docked_layout_on_all_pages']) && is_string($_POST['show_docked_layout_on_all_pages'])) ? sanitize_text_field($_POST['show_docked_layout_on_all_pages']) : '';
- $show_name_in_chat = (!empty($_POST['show_name_in_chat']) && is_string($_POST['show_name_in_chat'])) ? sanitize_text_field($_POST['show_name_in_chat']) : '';
- update_option( 'show_docked_layout_on_all_pages' , $show_docked_layout_on_all_pages);
- update_option( 'show_name_in_chat' , $show_name_in_chat);
- header('Content-Type: application/json');
- echo wp_json_encode(array('success' => 'layout settings updated successfully'));
- wp_die();
- }
-}
+ $show_docked_layout_on_all_pages = isset( $_POST['show_docked_layout_on_all_pages'] ) ? sanitize_text_field( wp_unslash( $_POST['show_docked_layout_on_all_pages'] ) ) : '';
+ $show_name_in_chat = isset( $_POST['show_name_in_chat'] ) ? sanitize_text_field( wp_unslash( $_POST['show_name_in_chat'] ) ) : '';
-if(!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchat_friend_ajax') {
- atomchat_friend_ajax();
-}
-if(!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchat_mycred_setting') {
- atomchat_mycred_setting();
-}
-if(!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchat_update_credeits') {
- atomchat_update_credeits();
+ update_option( 'show_docked_layout_on_all_pages', $show_docked_layout_on_all_pages );
+ update_option( 'show_name_in_chat', $show_name_in_chat );
+
+ wp_send_json_success( array( 'success' => 'layout settings updated successfully' ) );
}
-if(!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchat_update_auth_ajax') {
- atomchat_update_auth_ajax();
+
+/**
+ * Handle AtomChat license check.
+ */
+function atomchat_check_license_key_ajax() {
+ global $wpdb;
+
+ atomchat_verify_admin_ajax( 'atomchat_admin_action' );
+
+ $licensekey = isset( $_POST['licensekey'] ) ? sanitize_text_field( wp_unslash( $_POST['licensekey'] ) ) : '';
+ $update = new AtomChatInstaller(
+ array(
+ 'licensekey' => $licensekey,
+ 'integration' => 'wordpress',
+ 'wpdb' => $wpdb,
+ )
+ );
+
+ $update->atomchatCheckLicenseKey();
}
-if(!empty($_REQUEST['api']) && $_REQUEST['api'] == 'atomchat_update_layout_ajax') {
- atomchat_update_layout_ajax();
-}
No newline at end of file
+
+add_action( 'wp_ajax_atomchatCheckLicenseKey', 'atomchat_check_license_key_ajax' );
+add_action( 'wp_ajax_atomchat_friend_ajax', 'atomchat_friend_ajax' );
+add_action( 'wp_ajax_atomchat_mycred_setting', 'atomchat_mycred_setting' );
+add_action( 'wp_ajax_atomchat_update_credeits', 'atomchat_update_credeits' );
+add_action( 'wp_ajax_atomchat_update_auth_ajax', 'atomchat_update_auth_ajax' );
+add_action( 'wp_ajax_atomchat_update_layout_ajax', 'atomchat_update_layout_ajax' );
--- a/atomchat/installer.php
+++ b/atomchat/installer.php
@@ -8,12 +8,21 @@
* wp_enqueue_style, wp_enqueue_script and esc_url
*/
-wp_enqueue_style("installer", plugin_dir_url( __FILE__ ).'css/installer.css');
+$atomchat_asset_version = defined( 'ATOMCHAT_VERSION' ) ? ATOMCHAT_VERSION : '1.1.8';
-wp_enqueue_script("installer", plugin_dir_url( __FILE__ ).'js/installer.js');
+wp_enqueue_style( "installer", plugin_dir_url( __FILE__ ) . 'css/installer.css', array(), $atomchat_asset_version );
+
+wp_enqueue_script( "installer", plugin_dir_url( __FILE__ ) . 'js/installer.js', array(), $atomchat_asset_version, false );
+wp_localize_script(
+ 'installer',
+ 'atomchatInstaller',
+ array(
+ 'nonce' => wp_create_nonce( 'atomchat_admin_action' ),
+ )
+);
wp_enqueue_script('jquery');
if(!function_exists('curl_init')){
- wp_enqueue_script("jqcurl", plugin_dir_url( __FILE__ ).'js/checkcurl.js');
+ wp_enqueue_script( "jqcurl", plugin_dir_url( __FILE__ ) . 'js/checkcurl.js', array(), $atomchat_asset_version, false );
}
//$atomchat_logo = esc_url(plugin_dir_url(__FILE__).'images/atom_chat_black_icon_logo.png');
$atomchat_logo = esc_url(plugin_dir_url(__FILE__).'images/atomchat_final_logo.svg');
@@ -88,4 +97,4 @@
</div>
</body>
-</html>
No newline at end of file
+</html>