Changeset 3036964

Timestamp:

02/16/2024 07:21:44 PM (2 years ago)

Author:

brandondove

Message:

PHP 8 compatibility, WordPress 6.4 compatibility, Improves documentation, Updates site scan allow line for robots.txt, Adds new Site Scan setting for modifying the robots.txt file, Changes from automatic robots.txt file writing to opt-in.

Location:

uk-cookie-consent/trunk

Files:

• changelog.txt (modified) (1 diff)
• includes/controllers/class-account-api-controller.php (modified) (5 diffs)
• includes/controllers/class-banner-settings-controller.php (modified) (1 diff)
• includes/controllers/class-edit-cookie.php (modified) (18 diffs)
• includes/controllers/class-robots-txt.php (modified) (5 diffs)
• includes/controllers/class-site-scan-controller.php (modified) (10 diffs)
• includes/models/class-site-scan-model.php (modified) (3 diffs)
• includes/models/class-termly-api-model.php (modified) (1 diff)
• readme.txt (modified) (2 diffs)
• uk-cookie-consent.php (modified) (2 diffs)

uk-cookie-consent/trunk/changelog.txt

@@ +1 @@
+= 3.2 =
+* New: There is a new setting on the site scan page to add a specific allow line to an existing or virtual (provided by WordPress core) robots.txt file.
+* Update: Changed the text of the "allow" line in the robots.txt to accurately reflect the new scraper's name.
+* Removed: The plugin will no longer automatically save the "allow" line to the robots.txt file when regenerating rewrite rules.
+
 = 3.1.1 =
 * Update: Updates the embed script on the consent banner to include some additional information needed for European privacy framework.

uk-cookie-consent/trunk/includes/controllers/class-account-api-controller.php

@@ -1 +1 @@
 <?php
+/**
+ * Account API Controller
+ *
+ * @package UKCookieConsent
+ */
 
 namespace termly;
 
+/**
+ * Account API Controller class.
+ */
 class Account_API_Controller {
 
+    /**
+     * Hooks into WordPress for this class.
+     *
+     * @return void
+     */
     public static function hooks() {
 
@@ -16 +29 @@
     }
 
+    /**
+     * Adds the rewrite rule for the account status endpoint.
+     *
+     * @return void
+     */
     public static function add_rewrite_rule() {
 
@@ -30 +48 @@
     }
 
+    /**
+     * Maybe schedule the cron job.
+     *
+     * @return void
+     */
     public static function maybe_schedule_cron() {
 
@@ -40 +63 @@
     }
 
+    /**
+     * Update the account status.
+     *
+     * @return WP_REST_Response
+     */
     public static function update_account_status() {
 
@@ -76 +104 @@
         } else {
 
-            error_log( print_r( [ $response ], true ) );
-            wp_send_json_error();
+            return rest_ensure_response( [ 'message' => __( 'Failed to update account status.', 'uk-cookie-consent' ) ] );
 
         }
 
-        wp_send_json_success();
+        return rest_ensure_response( [ 'message' => __( 'Account status updated.', 'uk-cookie-consent' ) ] );
 
     }
 
+    /**
+     * Check if the plugin is using a free account to communicate with the API.
+     *
+     * @return bool
+     */
     public static function is_free() {
 

uk-cookie-consent/trunk/includes/controllers/class-banner-settings-controller.php

@@ -172 +172 @@
             '/consent-toggle',
             [
-                'methods'  => 'POST',
-                'callback' => [ __CLASS__, 'handle_consent_toggle' ],
+                'methods'             => 'POST',
+                'callback'            => [ __CLASS__, 'handle_consent_toggle' ],
+                'permission_callback' => '__return_true',
             ]
         );

uk-cookie-consent/trunk/includes/controllers/class-edit-cookie.php

@@ -8 +8 @@
 namespace termly;
 
-// If the Termly API Controller has not been included
+// If the Termly API Controller has not been included.
 if ( ! class_exists( 'Termly_API_Controller' ) ) {
     require_once TERMLY_CONTROLLERS . 'class-termly-api-controller.php';
@@ -18 +18 @@
 class Edit_Cookie {
 
+    /**
+     * The name prefix for ids.
+     *
+     * @var string
+     */
     public static $name_prefix = 'termly-edit-cookie-';
 
     /**
-     * hooks    Hooks into WordPress for this class
+     * Hooks into WordPress for this class.
      *
      * @return void
@@ -33 +38 @@
 
     /**
-     * edit_page    Adds submenu page for edit page with no parent
+     * Adds submenu page for edit page with no parent.
      *
      * @return void
@@ -40 +45 @@
 
         add_submenu_page(
-            null,
+            'admin.php',
             __( 'Edit Cookie', 'uk-cookie-consent' ),
             '',
@@ -51 +56 @@
 
     /**
-     * edit_page_view    The view for the edit page.
+     * The view for the edit page.
      * Also triggers edit/add functionality if action is set
      *
@@ -58 +63 @@
     public static function edit_page_view() {
 
-        // Handle editing or adding a cookie if there is an action set in the request
+        // Handle editing or adding a cookie if there is an action set in the request.
         if ( isset( $_REQUEST['action'] ) ) {
             $status = self::handle_crud();
@@ -64 +69 @@
 
         // Whether this is editing or adding new
-        // Cookie ID is only set if we are editing
+        // Cookie ID is only set if we are editing.
         $editing = isset( $_GET['cookie_id'] );
 
-        // Name prefix for ids
+        // Name prefix for ids.
         $name_prefix = self::$name_prefix;
 
         // If a cookie has been added, an additional
-        // array value is added which is the cookie id
+        // array value is added which is the cookie id.
         if ( isset( $status ) && 3 === count( $status ) ) {
             $cookie_id = $status[2];
@@ -77 +82 @@
         }
 
-        // By default, cookie is set to false
+        // By default, cookie is set to false.
         $cookie = false;
 
@@ -117 +122 @@
 
     /**
-     * handle_crud    Handle editing and adding a cookie
+     * Handle editing and adding a cookie
      *
      * @return array [0] is success/error [1] is message [2] (optional) is cookie id
@@ -123 +128 @@
     public static function handle_crud() {
 
-        if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'termly_cookie_nonce' ) ) {
+        if ( ! isset( $_REQUEST['_wpnonce'], $_REQUEST['action'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ), 'termly_cookie_nonce' ) ) {
             die();
         }
 
-        $action = sanitize_text_field( $_REQUEST['action'] );
-
-        // Check for required fields
-        $required_fields = [
-            'name', 'category', 'domain',
-        ];
+        $action = sanitize_text_field( wp_unslash( $_REQUEST['action'] ) );
+
+        // Check for required fields.
+        $required_fields = [ 'name', 'category', 'domain' ];
 
         foreach ( $required_fields as $field ) {
@@ -143 +146 @@
         }
 
-        // Delete the transient which stores cookie list
+        // Delete the transient which stores cookie list.
         delete_transient( 'termly-site-scan-results' );
 
-        // Arguments for edit/add cookie
-        $arg_keys = [
-            'name', 'category', 'expire', 'tracker_type',
-            'country', 'domain', 'service', 'service_policy_link',
-            'source', 'value', 'en_us',
-        ];
+        // Arguments for edit/add cookie.
+        $arg_keys = [ 'name', 'category', 'expire', 'tracker_type', 'country', 'domain', 'service', 'service_policy_link', 'source', 'value', 'en_us' ];
 
         $args = [];
 
-        // Add arguments of they are set
+        // Add arguments of they are set.
         foreach ( $arg_keys as $key ) {
             if ( ! isset( $_REQUEST[ $key ] ) ) {
                 continue;
             }
-            $args[ $key ] = sanitize_text_field( $_REQUEST[ $key ] );
-        }
-
-        // Unslash the args
-        $args = wp_unslash( $args );
-
-        // Edit a cookie
+            $args[ $key ] = sanitize_text_field( wp_unslash( $_REQUEST[ $key ] ) );
+        }
+
+        // Edit a cookie.
         if ( 'edit' === $action ) {
             $status = self::edit_cookie( $args );
@@ -172 +168 @@
         }
 
-        // Add a cookie
+        // Add a cookie.
         if ( 'add' === $action ) {
             $status = self::add_cookie( $args );
@@ -183 +179 @@
 
     /**
-     * edit_cookie
-     *
-     * @param  array $args Post arguments
+     * Store the cookie and return the status.
+     *
+     * @param  array $args Post arguments All posted arguments.
      *
      * @return array [0] is success/error [1] is message [2] is cookie id
@@ -191 +187 @@
     public static function edit_cookie( $args ) {
 
-        // These fields cannot be edited
-        $non_editable_fields = [ 'name', 'expire', 'tracker_type', 'domain', ];
-
-        // Loop through and remove non editable fields if they are set
+        // These fields cannot be edited.
+        $non_editable_fields = [ 'name', 'expire', 'tracker_type', 'domain' ];
+
+        // Loop through and remove non editable fields if they are set.
         foreach ( $non_editable_fields as $field ) {
             if ( ! isset( $args[ $field ] ) ) {
@@ -202 +198 @@
         }
 
-        // Get the cookie ID
+        if ( ! isset( $_REQUEST['cookie_id'] ) ) {
+            return [
+                'error',
+                __( 'Cookie not found', 'uk-cookie-consent' ),
+            ];
+        }
+
+        // Get the cookie ID.
         $cookie_id = intval( $_REQUEST['cookie_id'] );
 
-        // PUT request to the API
+        // PUT request to the API.
         $response = Termly_API_Controller::call( 'PUT', 'cookies/' . $cookie_id, $args );
 
         if ( 200 === wp_remote_retrieve_response_code( $response ) && ! is_wp_error( $response ) ) {
-            // Return success
+
+            // Return success.
             return [
                 'success',
@@ -215 +219 @@
                 $cookie_id,
             ];
-        }
-
-        // Return failure
+
+        }
+
+        // Return failure.
         return [
             'error',
@@ -250 +255 @@
 
             // If not adding another, set cookie id to go to edit screen.
-            if ( 'add_another' !== $_REQUEST['submit'] ) {
+            if ( isset( $_REQUEST['submit'] ) && 'add_another' !== sanitize_text_field( wp_unslash( $_REQUEST['submit'] ) ) ) {
                 $success[] = intval( $cookie_id );
             }
@@ -268 +273 @@
      * Highlight the "Cookie Management" submenu page when on the edit cookie page
      *
-     * @param  string $parent
+     * @param  string $parent_page The slug of the parent page.
      *
      * @return string
      */
-    public static function highlight( $parent ) {
+    public static function highlight( $parent_page ) {
+
         global $plugin_page;
         if ( 'termly-edit-cookie' === $plugin_page ) {
-            $plugin_page = 'cookie-management';
-        }
-        return $parent;
+
+            $plugin_page = 'cookie-management'; // phpcs:ignore WordPress.WP.GlobalVariablesOverride.Prohibited
+
+        }
+        return $parent_page;
+
     }
 

uk-cookie-consent/trunk/includes/controllers/class-robots-txt.php

@@ -21 +21 @@
 
         \add_filter( 'robots_txt', [ __CLASS__, 'virtual' ], 10, 1 );
-        \add_action( 'generate_rewrite_rules', [ __CLASS__, 'check_file' ] );
 
     }
@@ -31 +30 @@
      * @return string $file
      */
-    public static function virtual( $file ) {
+    public static function virtual( $file = '' ) {
 
-        return 'User-agent: Scrapy
+        return '# Termly scanner
+User-agent: TermlyBot
 Allow: /
 
@@ -41 +41 @@
 
     /**
-     * Check for an actual robots.txt file.
-     * Fired after rewrite rules are flushed.
-     * We needed a place where users could trigger this.
-     *
-     * @param WP_Rewrite $rules The WP_Rewrite object.
+     * Check for an actual robots.txt file and add the allow line.
      *
      * @return void
      */
-    public static function check_file( $rules ) {
+    public static function add_allow_line() {
 
         // Include filesystem functionality.
@@ -87 +83 @@
         // Check to see if the robots file already has the rule.
         $robots_content = $wp_filesystem->get_contents( $robots_path );
-        $robots_rule = 'User-agent: Scrapy
+        $scrapy_rule    = '/User-agent: Scrapy\nAllow: \//';
+        $robots_rule    = '# Termly scanner
+User-agent: TermlyBot
 Allow: /';
 
+        // Remove the Scrapy rule if it exists.
+        if ( 1 === preg_match( $scrapy_rule, $robots_content ) ) {
+            $robots_content = preg_replace( $scrapy_rule, '', $robots_content );
+        }
+
+        // Check if the termly bot rule already exists.
         if ( false !== strpos( $robots_content, $robots_rule ) ) {
             return;
@@ -103 +107 @@
     }
 
+    /**
+     * Check for an actual robots.txt file with the allo wline and remove it.
+     *
+     * @return void
+     */
+    public static function remove_allow_line() {
+
+        // Include filesystem functionality.
+        require_once ABSPATH . 'wp-admin/includes/file.php';
+
+        // Check that the robots file exists.
+        $robots_path = ABSPATH . '/robots.txt';
+        if ( ! file_exists( $robots_path ) || ! is_file( $robots_path ) ) {
+            return;
+        }
+
+        // Initialize the filesystem API.
+        global $wp_filesystem;
+
+        $url = \wp_nonce_url(
+            \add_query_arg(
+                [
+                    'page' => 'termly',
+                ],
+                \admin_url( 'admin.php' )
+            ),
+            'termly-robots-nonce'
+        );
+
+        // Create and test creds.
+        $creds = \request_filesystem_credentials( $url, '', false, false, null );
+        if ( false === $creds ) {
+            return;
+        }
+
+        if ( ! \WP_Filesystem( $creds ) ) {
+            // Prompt user to enter credentials.
+            \request_filesystem_credentials( $url, '', true, false, null );
+            return;
+        }
+
+        // Check to see if the robots file already has the rule.
+        $robots_content = $wp_filesystem->get_contents( $robots_path );
+        $rules          = '/(User-agent: Scrapy\nAllow: \/|# Termly scanner\nUser-agent: TermlyBot\nAllow: \/)/';
+
+        // Remove the Scrapy rule if it exists.
+        if ( 1 === preg_match( $rules, $robots_content ) ) {
+            $robots_content = preg_replace( $rules, '', $robots_content );
+        }
+
+        // Prepend the rule. Robots file is read top to bottom.
+        $wp_filesystem->put_contents( $robots_path, $robots_content, FS_CHMOD_FILE );
+
+    }
+
 }
 

uk-cookie-consent/trunk/includes/controllers/class-site-scan-controller.php

@@ -13 +13 @@
 class Site_Scan_Controller extends Menu_Controller {
 
+    /**
+     * The last request made to the API.
+     *
+     * @var \WP_Error
+     */
     private static $last_request = null;
 
+    /**
+     * Register the hooks for the class.
+     */
     public static function hooks() {
 
@@ -35 +43 @@
     }
 
+    /**
+     * Register the settings and fields for the Site Scan.
+     */
     public static function register_settings() {
 
         // Register the API Key Setting.
-        register_setting( 'termly_site_scan', 'termly_site_scan', [ 'sanitize_callback' => [ new Site_Scan_Model, 'sanitize_site_scan' ] ] );
+        register_setting(
+            'termly_site_scan',
+            'termly_site_scan',
+            [
+                'sanitize_callback' => [ new Site_Scan_Model, 'sanitize_site_scan' ],
+            ]
+        );
 
         // Add a section to the Settings API.
@@ -56 +73 @@
         );
 
-    }
-
+        add_settings_field(
+            'termly_robots_txt',
+            __( 'Robots.txt', 'uk-cookie-consent' ),
+            [ __CLASS__, 'robots_txt_field' ],
+            'termly_site_scan',
+            'termly_site_scan_section'
+        );
+
+    }
+
+    /**
+     * Output the section header.
+     *
+     * @param array $args The arguments for the section.
+     */
     public static function section_header( $args = [] ) {
         // Don't output a heading.
     }
 
-    public static function site_scan_field( $args = [] ) {
+    /**
+     * Output the Site Scan field.
+     */
+    public static function site_scan_field() {
 
         $feature_set_cache_key = 'termly-feature-set';
@@ -107 +140 @@
     }
 
+    /**
+     * Output the Robots.txt field.
+     */
+    public static function robots_txt_field() {
+
+        $site_scan = get_option(
+            'termly_site_scan',
+            [
+                'robots_txt' => 0,
+            ]
+        );
+        $site_scan = wp_parse_args( $site_scan, [ 'robots_txt' => 0 ] );
+        ?>
+        <p><label class="checkbox-container" for="termly-site-scan-robots-txt">
+            <input type="checkbox" name="termly_site_scan[robots_txt]" id="termly-site-scan-robots-txt" value="1" <?php checked( 1, $site_scan['robots_txt'] ); ?>>
+            <svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+                <path class="border" d="M3.5 6C3.5 4.61929 4.61929 3.5 6 3.5H18C19.3807 3.5 20.5 4.61929 20.5 6V18C20.5 19.3807 19.3807 20.5 18 20.5H6C4.61929 20.5 3.5 19.3807 3.5 18V6Z" fill="white" stroke="#CED4DA"/>
+                <path class="checkmark" fill-rule="evenodd" clip-rule="evenodd" d="M15.4937 9.25628C15.8383 8.91457 16.397 8.91457 16.7416 9.25628C17.0861 9.59799 17.0861 10.152 16.7416 10.4937L11.4474 15.7437C11.1029 16.0854 10.5442 16.0854 10.1996 15.7437L7.25844 12.8271C6.91385 12.4853 6.91385 11.9313 7.25844 11.5896C7.60302 11.2479 8.16169 11.2479 8.50627 11.5896L10.8235 13.8876L15.4937 9.25628Z" fill="#4672FF"/>
+            </svg>
+            <span><?php esc_html_e( 'Add Termly Scanner to robots.txt Allow list', 'uk-cookie-consent' ); ?></span>
+        </label></p>
+        <?php
+    }
+
+    /**
+     * Add the Site Scan submenu item.
+     */
     public static function menu() {
 
@@ -120 +180 @@
     }
 
+    /**
+     * Output the Site Scan page.
+     */
     public static function menu_page() {
 
@@ -126 +189 @@
     }
 
+    /**
+     * Make a call out to the Termly API to initiate a new scan.
+     */
     public static function handle_new_scan_request() {
 
@@ -133 +199 @@
     }
 
+    /**
+     * Output the new scan notice.
+     */
     public static function new_scan_notice() {
 
@@ -168 +237 @@
     }
 
+    /**
+     * Output the update notice.
+     */
     public static function maybe_update_notice() {
 
@@ -175 +247 @@
             'termly_site_scan',
             [
-                'enabled'   => 0,
+                'enabled' => 0,
             ]
         );
@@ -207 +279 @@
     }
 
+    /**
+     * Get the last scanned date.
+     *
+     * @return string
+     */
     public static function get_last_scanned() {
 

uk-cookie-consent/trunk/includes/models/class-site-scan-model.php

@@ -13 +13 @@
 class Site_Scan_Model {
 
+    /**
+     * Sanitize the site scan settings.
+     *
+     * @param array $value The value to sanitize.
+     *
+     * @return array
+     */
     public static function sanitize_site_scan( $value ) {
 
@@ -22 +29 @@
             $value,
             [
-                'enabled'   => 0,
-                'frequency' => 'trimonthly',
+                'enabled'    => 0,
+                'frequency'  => 'trimonthly',
+                'robots_txt' => 0,
             ]
         );
@@ -31 +39 @@
             if ( '' !== $value ) {
 
-                $response = Termly_API_Controller::call( 'PUT', 'website/scan_settings', [ 'scan_enabled' => boolval( $value['enabled'] ), 'scan_period' => $value['frequency'], ] );
+                // Save the settings to the API.
+                $response = Termly_API_Controller::call(
+                    'PUT',
+                    'website/scan_settings',
+                    [
+                        'scan_enabled' => boolval( $value['enabled'] ),
+                        'scan_period'  => $value['frequency'],
+                    ]
+                );
                 if ( 200 === wp_remote_retrieve_response_code( $response ) && ! is_wp_error( $response ) ) {
+
+                    // If the robots.txt setting is enabled and the robots.txt file exists.
+                    if ( 1 === intval( $value['robots_txt'] ) ) {
+
+                        \termly\Robots_Txt::add_allow_line();
+
+                    } else {
+
+                        \termly\Robots_Txt::remove_allow_line();
+
+                    }
 
                     $type = 'updated';

uk-cookie-consent/trunk/includes/models/class-termly-api-model.php

@@ -83 +83 @@
 
             }
-
-        } else {
-
-            error_log( print_r( [ $response ], true ) );
 
         }

uk-cookie-consent/trunk/readme.txt

@@ -5 +5 @@
 Requires PHP: 5.6
 Tested up to: 6.2
-Stable tag: 3.1.1
+Stable tag: 3.2
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -126 +126 @@
 == Changelog ==
 
+= 3.2 =
+* New: There is a new setting on the site scan page to add a specific allow line to an existing or virtual (provided by WordPress core) robots.txt file.
+* Update: Changed the text of the "allow" line in the robots.txt to accurately reflect the new scraper's name.
+* Removed: The plugin will no longer automatically save the "allow" line to the robots.txt file when regenerating rewrite rules.
+
 = 3.1.1 =
 * Update: Updates the embed script on the consent banner to include some additional information needed for European privacy framework.

uk-cookie-consent/trunk/uk-cookie-consent.php

@@ -4 +4 @@
  * Plugin URI: https://termly.io/products/
  * Description: Our easy to use cookie consent plugin can assist in your GDPR and ePrivacy Directive compliance efforts.
- * Version: 3.1.1
+ * Version: 3.2
  * Author: Termly
  * Author URI: https://termly.io/
@@ -78 +78 @@
 define( 'TERMLY_BASENAME', plugin_basename( __FILE__ ) );
 define( 'TERMLY_API_BASE', 'https://app.termly.io/api' );
-define( 'TERMLY_VERSION', '3.1' );
+define( 'TERMLY_VERSION', '3.2' );
 define( 'TERMLY_URL', plugin_dir_url( __FILE__ ) );
 define( 'TERMLY_PATH', plugin_dir_path( __FILE__ ) );