n array */ private function get_permission_error_response() { return [ 'status' => 'error', 'payload' => [ 'error_message' => esc_html__( 'you are not allowed to perform this action', 'elementor' ), ], ]; } /** * Maybe Update Site Logo * * If a new name is provided, it will be updated as the Site Name. * * @since 3.6.0 * * @return array */ private function maybe_update_site_name() { $problem_error = [ 'status' => 'error', 'payload' => [ 'error_message' => esc_html__( 'There was a problem setting your site name', 'elementor' ), ], ]; // phpcs:ignore WordPress.Security.NonceVerification.Missing if ( empty( $_POST['data'] ) ) { return $problem_error; } // phpcs:ignore WordPress.Security.NonceVerification.Missing $data = json_decode( Utils::get_super_global_value( $_POST, 'data' ), true ); if ( ! isset( $data['siteName'] ) ) { return $problem_error; } /** * Onboarding Site Name * * Filters the new site name passed by the user to update in Elementor's onboarding process. * Elementor runs `esc_html()` on the Site Name passed by the user for security reasons. If a user wants to * include special characters in their site name, they can use this filter to override it. * * @since 3.6.0 * * @param string Escaped new site name */ $new_site_name = apply_filters( 'elementor/onboarding/site-name', $data['siteName'] ); // The site name is sanitized in `update_options()` update_option( 'blogname', $new_site_name ); return [ 'status' => 'success', 'payload' => [ 'siteNameUpdated' => true, ], ]; } /** * Maybe Update Site Logo * * If an image attachment ID is provided, it will be updated as the Site Logo Theme Mod. * * @since 3.6.0 * * @return array */ private function maybe_update_site_logo() { if ( ! current_user_can( 'edit_theme_options' ) ) { return $this->get_permission_error_response(); } $data_error = [ 'status' => 'error', 'payload' => [ 'error_message' => esc_html__( 'There was a problem setting your site logo', 'elementor' ), ], ]; // phpcs:ignore WordPress.Security.NonceVerification.Missing if ( empty( $_POST['data'] ) ) { return $data_error; } // phpcs:ignore WordPress.Security.NonceVerification.Missing $data = json_decode( Utils::get_super_global_value( $_POST, 'data' ), true ); // If there is no attachment ID passed or it is not a valid ID, exit here. if ( empty( $data['attachmentId'] ) ) { return $data_error; } $absint_attachment_id = absint( $data['attachmentId'] ); if ( 0 === $absint_attachment_id ) { return $data_error; } $attachment_url = wp_get_attachment_url( $data['attachmentId'] ); // Check if the attachment exists. If it does not, exit here. if ( ! $attachment_url ) { return $data_error; } set_theme_mod( 'custom_logo', $absint_attachment_id ); return [ 'status' => 'success', 'payload' => [ 'siteLogoUpdated' => true, ], ]; } /** * Maybe Upload Logo Image * * If an image file upload is provided, and it passes validation, it will be uploaded to the site's Media Library. * * @since 3.6.0 * * @return array */ private function maybe_upload_logo_image() { $error_message = esc_html__( 'There was a problem uploading your file', 'elementor' ); $file = Utils::get_super_global_value( $_FILES, 'fileToUpload' ); // phpcs:ignore WordPress.Security.NonceVerification.Missing if ( ! is_array( $file ) || empty( $file['type'] ) ) { return [ 'status' => 'error', 'payload' => [ 'error_message' => $error_message, ], ]; } // If the user has allowed it, set the Request's state as an "Elementor Upload" request, in order to add // support for non-standard file uploads. if ( 'image/svg+xml' === $file['type'] ) { if ( Uploads_Manager::are_unfiltered_uploads_enabled() ) { Plugin::$instance->uploads_manager->set_elementor_upload_state( true ); } else { wp_send_json_error( 'To upload SVG files, you must allow uploading unfiltered files.' ); } } // If the image is an SVG file, sanitation is performed during the import (upload) process. $image_attachment = Plugin::$instance->templates_manager->get_import_images_instance()->import( $file ); if ( 'image/svg+xml' === $file['type'] && Uploads_Manager::are_unfiltered_uploads_enabled() ) { // Reset Upload state. Plugin::$instance->uploads_manager->set_elementor_upload_state( false ); } if ( $image_attachment && ! is_wp_error( $image_attachment ) ) { $result = [ 'status' => 'success', 'payload' => [ 'imageAttachment' => $image_attachment, ], ]; } else { $result = [ 'status' => 'error', 'payload' => [ 'error_message' => $error_message, ], ]; } return $result; } /** * Activate Hello Theme * * @since 3.6.0 * * @return array */ private function maybe_activate_hello_theme() { if ( ! current_user_can( 'switch_themes' ) ) { return $this->get_permission_error_response(); } switch_theme( 'hello-elementor' ); return [ 'status' => 'success', 'payload' => [ 'helloThemeActivated' => true, ], ]; } /** * Upload and Install Elementor Pro * * @since 3.6.0 * * @return array */ private function upload_and_install_pro() { if ( ! current_user_can( 'install_plugins' ) || ! current_user_can( 'activate_plugins' ) ) { return $this->get_permission_error_response(); } $error_message = esc_html__( 'There was a problem uploading your file', 'elementor' ); $file = Utils::get_super_global_value( $_FILES, 'fileToUpload' ) ?? []; // phpcs:ignore WordPress.Security.NonceVerification.Missing if ( ! is_array( $file ) || empty( $file['type'] ) ) { return [ 'status' => 'error', 'payload' => [ 'error_message' => $error_message, ], ]; } $result = []; if ( ! class_exists( 'Automatic_Upgrader_Skin' ) ) { require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; } $skin = new Automatic_Upgrader_Skin(); $upgrader = new Plugin_Upgrader( $skin ); $upload_result = $upgrader->install( $file['tmp_name'], [ 'overwrite_package' => false ] ); if ( ! $upload_result || is_wp_error( $upload_result ) ) { $result = [ 'status' => 'error', 'payload' => [ 'error_message' => $error_message, ], ]; } else { $activated = activate_plugin( WP_PLUGIN_DIR . '/elementor-pro/elementor-pro.php', false, false, true ); if ( ! is_wp_error( $activated ) ) { $result = [ 'status' => 'success', 'payload' => [ 'elementorProInstalled' => true, ], ]; } else { $result = [ 'status' => 'error', 'payload' => [ 'error_message' => $error_message, 'elementorProInstalled' => false, ], ]; } } return $result; } private function maybe_update_onboarding_db_option() { $db_option = get_option( self::ONBOARDING_OPTION ); if ( ! $db_option ) { update_option( self::ONBOARDING_OPTION, true ); } return [ 'status' => 'success', 'payload' => 'onboarding DB', ]; } /** * Maybe Handle Ajax * * This method checks if there are any AJAX actions being * @since 3.6.0 * * @return array|null */ private function maybe_handle_ajax() { $result = []; // phpcs:ignore WordPress.Security.NonceVerification.Missing switch ( Utils::get_super_global_value( $_POST, 'action' ) ) { case 'elementor_update_site_name': // If no value is passed for any reason, no need ot update the site name. $result = $this->maybe_update_site_name(); break; case 'elementor_update_site_logo': $result = $this->maybe_update_site_logo(); break; case 'elementor_upload_site_logo': $result = $this->maybe_upload_logo_image(); break; case 'elementor_activate_hello_theme': $result = $this->maybe_activate_hello_theme(); break; case 'elementor_upload_and_install_pro': $result = $this->upload_and_install_pro(); break; case 'elementor_update_onboarding_option': $result = $this->maybe_update_onboarding_db_option(); } if ( ! empty( $result ) ) { if ( 'success' === $result['status'] ) { wp_send_json_success( $result['payload'] ); } else { wp_send_json_error( $result['payload'] ); } } } public function __construct() { add_action( 'elementor/init', function() { // Only load when viewing the onboarding app. if ( Plugin::$instance->app->is_current() ) { $this->set_onboarding_settings(); // Needed for installing the Hello Elementor theme. wp_enqueue_script( 'updates' ); // Needed for uploading Logo from WP Media Library. wp_enqueue_media(); } }, 12 ); // Needed for uploading Logo from WP Media Library. The 'admin_menu' hook is used because it runs before // 'admin_init', and the App triggers printing footer scripts on 'admin_init' at priority 0. add_action( 'admin_menu', function () { add_action( 'wp_print_footer_scripts', function () { if ( function_exists( 'wp_print_media_templates' ) ) { wp_print_media_templates(); } } ); } ); add_action( 'admin_init', function() { if ( wp_doing_ajax() && isset( $_POST['action'] ) && isset( $_POST['_nonce'] ) && wp_verify_nonce( Utils::get_super_global_value( $_POST, '_nonce' ), Ajax::NONCE_KEY ) && current_user_can( 'manage_options' ) ) { $this->maybe_handle_ajax(); } } ); } }