| | 1 | <?php |
| | 2 | /** |
| | 3 | * Privacy Policy Screen. |
| | 4 | * |
| | 5 | * @package WordPress |
| | 6 | * @subpackage Administration |
| | 7 | */ |
| | 8 | |
| | 9 | /** WordPress Administration Bootstrap */ |
| | 10 | require_once( dirname( __FILE__ ) . '/admin.php' ); |
| | 11 | |
| | 12 | if ( ! current_user_can( 'manage_options' ) ) { |
| | 13 | wp_die( __( 'Sorry, you are not allowed to manage privacy on this site.' ) ); |
| | 14 | } |
| | 15 | |
| | 16 | $title = __( 'Privacy Tools' ); |
| | 17 | |
| | 18 | $action = isset( $_GET['action'] ) ? $_GET['action'] : ''; |
| | 19 | |
| | 20 | $doing_personal_data_export_for_email = ''; |
| | 21 | |
| | 22 | if ( ! empty( $action ) ) { |
| | 23 | check_admin_referer( $action ); |
| | 24 | |
| | 25 | if ( 'set-privacy-page' === $action ) { |
| | 26 | $privacy_policy_page_id = isset( $_POST['page_for_privacy_policy'] ) ? $_POST['page_for_privacy_policy'] : 0; |
| | 27 | update_option( 'page_for_privacy_policy', $privacy_policy_page_id ); |
| | 28 | add_settings_error( |
| | 29 | 'page_for_privacy_policy', |
| | 30 | 'page_for_privacy_policy', |
| | 31 | __( 'Privacy policy page updated successfully' ), |
| | 32 | 'updated' |
| | 33 | ); |
| | 34 | } |
| | 35 | |
| | 36 | if ( 'create-privacy-page' === $action ) { |
| | 37 | $privacy_policy_page_id = wp_insert_post( |
| | 38 | array( |
| | 39 | 'post_title' => __( 'Privacy Policy' ), |
| | 40 | 'post_status' => 'publish', |
| | 41 | 'post_type' => 'page', |
| | 42 | ), |
| | 43 | true |
| | 44 | ); |
| | 45 | |
| | 46 | if ( is_wp_error( $privacy_policy_page_id ) ) { |
| | 47 | add_settings_error( |
| | 48 | 'page_for_privacy_policy', |
| | 49 | 'page_for_privacy_policy', |
| | 50 | __( 'Unable to create privacy policy page' ), |
| | 51 | 'error' |
| | 52 | ); |
| | 53 | } else { |
| | 54 | update_option( 'page_for_privacy_policy', $privacy_policy_page_id ); |
| | 55 | add_settings_error( |
| | 56 | 'page_for_privacy_policy', |
| | 57 | 'page_for_privacy_policy', |
| | 58 | __( 'Privacy policy page created successfully' ), |
| | 59 | 'updated' |
| | 60 | ); |
| | 61 | } |
| | 62 | } |
| | 63 | |
| | 64 | if ( 'export-personal-data' === $action ) { |
| | 65 | |
| | 66 | $username_or_email_address = isset( $_POST['username_or_email_to_export'] ) ? $_POST['username_or_email_to_export'] : ''; |
| | 67 | $username_or_email_address = sanitize_text_field( $username_or_email_address ); |
| | 68 | |
| | 69 | if ( ! is_email( $username_or_email_address ) ) { |
| | 70 | $user = get_user_by( 'login', $username_or_email_address ); |
| | 71 | if ( ! $user instanceof WP_User ) { |
| | 72 | add_settings_error( |
| | 73 | 'username_or_email_to_export', |
| | 74 | 'username_or_email_to_export', |
| | 75 | __( 'Unable to export personal data. Username not recognized.' ), |
| | 76 | 'error' |
| | 77 | ); |
| | 78 | } else { |
| | 79 | $doing_personal_data_export_for_email = $user->user_email; |
| | 80 | } |
| | 81 | } else { |
| | 82 | $doing_personal_data_export_for_email = $username_or_email_address; |
| | 83 | } |
| | 84 | |
| | 85 | if ( ! empty( $doing_personal_data_export_for_email ) ) { |
| | 86 | $title = __( 'Export Personal Data' ); |
| | 87 | } |
| | 88 | } |
| | 89 | } |
| | 90 | |
| | 91 | if ( empty( $doing_personal_data_export_for_email ) ) { |
| | 92 | // If a privacy policy page ID is available, make sure the page actually exists. If not, display a warning |
| | 93 | $privacy_policy_page_exists = false; |
| | 94 | $privacy_policy_page_id = get_option( 'page_for_privacy_policy' ); |
| | 95 | if ( ! empty( $privacy_policy_page_id ) ) { |
| | 96 | $privacy_policy_page = get_post( $privacy_policy_page_id ); |
| | 97 | if ( ! $privacy_policy_page instanceof WP_Post ) { |
| | 98 | add_settings_error( |
| | 99 | 'page_for_privacy_policy', |
| | 100 | 'page_for_privacy_policy', |
| | 101 | __( 'The currently selected privacy policy page does not exist' ), |
| | 102 | 'warning' |
| | 103 | ); |
| | 104 | } else { |
| | 105 | if ( 'trash' === $privacy_policy_page->post_status ) { |
| | 106 | add_settings_error( |
| | 107 | 'page_for_privacy_policy', |
| | 108 | 'page_for_privacy_policy', |
| | 109 | __( 'The currently selected privacy policy page is in the trash. Please select a new privacy policy page.' ), |
| | 110 | 'error' |
| | 111 | ); |
| | 112 | } else { |
| | 113 | $privacy_policy_page_exists = true; |
| | 114 | } |
| | 115 | } |
| | 116 | } |
| | 117 | |
| | 118 | get_current_screen()->add_help_tab( array( |
| | 119 | 'id' => 'privacy', |
| | 120 | 'title' => __( 'Privacy' ), |
| | 121 | 'content' => '<p>' . __( 'This page provides tools with which you can manage your user\'s personal data and site\'s privacy policy.' ) . '</p>', |
| | 122 | ) ); |
| | 123 | |
| | 124 | get_current_screen()->set_help_sidebar( |
| | 125 | '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . |
| | 126 | '<p>' . __( '<a href="#">Documentation on privacy</a>' ) . '</p>' |
| | 127 | ); |
| | 128 | } |
| | 129 | |
| | 130 | require_once( ABSPATH . 'wp-admin/admin-header.php' ); |
| | 131 | |
| | 132 | ?> |
| | 133 | <div class="wrap"> |
| | 134 | <h1><?php echo esc_html( $title ); ?></h1> |
| | 135 | <?php settings_errors(); ?> |
| | 136 | <?php |
| | 137 | |
| | 138 | // Run the exporter |
| | 139 | if ( ! empty( $doing_personal_data_export_for_email ) ) { |
| | 140 | if ( $username_or_email_address === $doing_personal_data_export_for_email ) { |
| | 141 | $heading = sprintf( |
| | 142 | __( 'Exporting personal data for %s' ), |
| | 143 | $doing_personal_data_export_for_email |
| | 144 | ); |
| | 145 | } else { |
| | 146 | $heading = sprintf( |
| | 147 | __( 'Exporting personal data for %1$s (%2$s)' ), |
| | 148 | $doing_personal_data_export_for_email, |
| | 149 | $username_or_email_address |
| | 150 | ); |
| | 151 | } |
| | 152 | ?> |
| | 153 | <p> |
| | 154 | <?php echo esc_html( $heading ); ?> |
| | 155 | </p> |
| | 156 | |
| | 157 | <div id="exporters-container"> |
| | 158 | <ul id="exporter-list"> |
| | 159 | </ul> |
| | 160 | <table class="wp-list-table widefat striped" id="exported-data-table"> |
| | 161 | <tr> |
| | 162 | <th><?php _e( 'Name' ); ?></th> |
| | 163 | <th><?php _e( 'Value' ); ?></th> |
| | 164 | </tr> |
| | 165 | </table> |
| | 166 | </div> |
| | 167 | |
| | 168 | <?php |
| | 169 | // Build the array of exporters and emit it as an array accessible to javascript along with a nonce |
| | 170 | $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); |
| | 171 | |
| | 172 | $exporter_names = array(); |
| | 173 | foreach ( ( array ) $exporters as $exporter ) { |
| | 174 | $exporter_names[] = $exporter['exporter_friendly_name']; |
| | 175 | } |
| | 176 | |
| | 177 | ?> |
| | 178 | |
| | 179 | <!-- scripts for the exporter --> |
| | 180 | |
| | 181 | <script> |
| | 182 | ( function( $ ) { |
| | 183 | $( document ).ready( function() { |
| | 184 | var exportForEmail = <?php echo json_encode( $doing_personal_data_export_for_email ); ?>; |
| | 185 | var exporterNames = <?php echo json_encode( $exporter_names ); ?>; |
| | 186 | var successMessage = "<?php echo esc_attr( __( 'Export completed successfully' ) ); ?>"; |
| | 187 | var failureMessage = "<?php echo esc_attr( __( 'A failure occurred during export' ) ); ?>"; |
| | 188 | |
| | 189 | function on_exports_done_success() { |
| | 190 | $( '#exporters-container' ).append( '<p>' + successMessage + '</p>' ); |
| | 191 | } |
| | 192 | |
| | 193 | function on_export_failure( textStatus, error ) { |
| | 194 | $( '#exporters-container' ).append( '<p>' + failureMessage + '</p>' ); |
| | 195 | $( '#exporters-container' ).append( '<p>' + textStatus + '</p>' ); |
| | 196 | } |
| | 197 | |
| | 198 | function do_next_export( exporterIndex, pageIndex ) { |
| | 199 | $.ajax( { |
| | 200 | url: ajaxurl, |
| | 201 | data: { |
| | 202 | action: 'wp-privacy-export-personal-data', |
| | 203 | email: exportForEmail, |
| | 204 | exporter: exporterIndex, |
| | 205 | page: pageIndex |
| | 206 | }, |
| | 207 | method: 'post' |
| | 208 | } ).done( function( response ) { |
| | 209 | var responseData = response.data; |
| | 210 | for ( var dataIndex = 0; dataIndex < responseData.data.length; dataIndex++ ) { |
| | 211 | $( '#exported-data-table' ).append( '<tr><td>' + responseData.data[ dataIndex ].name + '</td><td>' + responseData.data[ dataIndex ].value + '</td></tr>' ); |
| | 212 | } |
| | 213 | if ( ! responseData.done ) { |
| | 214 | setTimeout( do_next_export( exporterIndex, pageIndex + 1 ) ); |
| | 215 | } else { |
| | 216 | if ( exporterIndex < exporterNames.length - 1 ) { |
| | 217 | setTimeout( do_next_export( exporterIndex + 1, 0 ) ); |
| | 218 | } else { |
| | 219 | on_exports_done_success(); |
| | 220 | } |
| | 221 | } |
| | 222 | } ).fail( function( jqxhr, textStatus, error ) { |
| | 223 | on_export_failure( textStatus, error ); |
| | 224 | } ); |
| | 225 | } |
| | 226 | |
| | 227 | // And now, let's begin |
| | 228 | do_next_export( 0, 0 ); |
| | 229 | } ) |
| | 230 | } ) ( jQuery ); |
| | 231 | </script> |
| | 232 | |
| | 233 | <p> |
| | 234 | <a href="tools-privacy.php"><?php esc_html_e( 'Return to privacy tools' ); ?></a> |
| | 235 | </p> |
| | 236 | <?php |
| | 237 | } |
| | 238 | |
| | 239 | // Display the privacy tools form table |
| | 240 | if ( empty( $doing_personal_data_export_for_email ) ) { |
| | 241 | ?> |
| | 242 | <table class="form-table"> |
| | 243 | <tr> |
| | 244 | <th scope="row"><?php _e( 'Privacy policy page' ); ?></th> |
| | 245 | <td id="privacy-page-form-container"> |
| | 246 | <form method="post" action="tools-privacy.php?action=set-privacy-page"> |
| | 247 | <?php wp_nonce_field( 'set-privacy-page' ); ?> |
| | 248 | <fieldset> |
| | 249 | <legend class="screen-reader-text"><span><?php _e( 'Privacy policy page' ); ?></span></legend> |
| | 250 | <label for="page_for_privacy_policy"> |
| | 251 | <?php wp_dropdown_pages( |
| | 252 | array( |
| | 253 | 'name' => 'page_for_privacy_policy', |
| | 254 | 'show_option_none' => __( '— Select —' ), |
| | 255 | 'option_none_value' => '0', |
| | 256 | 'selected' => get_option( 'page_for_privacy_policy' ), |
| | 257 | ) |
| | 258 | ); |
| | 259 | ?> |
| | 260 | </label> |
| | 261 | </fieldset> |
| | 262 | <?php submit_button( __( 'Set Page' ) ); ?> |
| | 263 | </form> |
| | 264 | <?php |
| | 265 | if ( empty( $privacy_policy_page_id ) ) { |
| | 266 | ?> |
| | 267 | <form method="post" action="tools-privacy.php?action=create-privacy-page"> |
| | 268 | <?php wp_nonce_field( 'create-privacy-page' ); ?> |
| | 269 | <p> |
| | 270 | <?php _e( 'If you don\'t already have a page for your privacy policy, you can create one now' ); ?> |
| | 271 | </p> |
| | 272 | <?php submit_button( __( 'Create Page' ) ); ?> |
| | 273 | </form> |
| | 274 | <?php |
| | 275 | } |
| | 276 | if( $privacy_policy_page_exists ) { |
| | 277 | $edit_href = add_query_arg( |
| | 278 | array( |
| | 279 | 'post' => $privacy_policy_page_id, |
| | 280 | 'action' => 'edit', |
| | 281 | ), |
| | 282 | admin_url( 'post.php' ) |
| | 283 | ); |
| | 284 | $view_href = get_permalink( $privacy_policy_page_id ); |
| | 285 | $prompt = sprintf( |
| | 286 | __( 'You may also <a href="%1$s">edit</a> or <a href="%2$s">view</a> your privacy policy page' ), |
| | 287 | $edit_href, |
| | 288 | $view_href |
| | 289 | ); |
| | 290 | $allowed_html = array( 'a' => array( 'href' => array() ) ); |
| | 291 | ?> |
| | 292 | <p class="description" id="page_for_privacy_policy_view_edit"> |
| | 293 | <?php echo wp_kses( $prompt, $allowed_html ); ?> |
| | 294 | </p> |
| | 295 | <?php |
| | 296 | } |
| | 297 | ?> |
| | 298 | </td> |
| | 299 | </tr> |
| | 300 | <tr> |
| | 301 | <th scope="row"><?php _e( 'Export personal data' ); ?></th> |
| | 302 | <td id="export-personal-data-form-container"> |
| | 303 | <form method="post" action="tools-privacy.php?action=export-personal-data"> |
| | 304 | <?php wp_nonce_field( 'export-personal-data' ); ?> |
| | 305 | <fieldset> |
| | 306 | <legend class="screen-reader-text"><span><?php _e( 'Enter the username or email address of the user whose personal data you wish to export' ); ?></span></legend> |
| | 307 | <label for="username_or_email_to_export"> |
| | 308 | <input type="text" class="regular-text" name="username_or_email_to_export" /> |
| | 309 | </label> |
| | 310 | <p class="description"><?php _e( 'The username or email address of the user whose personal data you wish to export' ); ?></p> |
| | 311 | </fieldset> |
| | 312 | <?php submit_button( __( 'Begin Export' ) ); ?> |
| | 313 | </form> |
| | 314 | </td> |
| | 315 | </tr> |
| | 316 | </table> |
| | 317 | <!-- scripts for the privacy form table content --> |
| | 318 | <script> |
| | 319 | ( function( $ ) { |
| | 320 | $( document ).ready( function() { |
| | 321 | $( '#page_for_privacy_policy' ).change( function() { |
| | 322 | $( '#page_for_privacy_policy_view_edit' ).hide(); |
| | 323 | } ); |
| | 324 | } ); |
| | 325 | } ( jQuery ) ); |
| | 326 | </script> |
| | 327 | <?php |
| | 328 | } |
| | 329 | ?> |
| | 330 | |
| | 331 | </div> |
| | 332 | <?php |
| | 333 | |
| | 334 | include( ABSPATH . 'wp-admin/admin-footer.php' ); |