Make WordPress Core


Ignore:
Timestamp:
05/02/2018 02:15:05 AM (6 years ago)
Author:
SergeyBiryukov
Message:

Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.

Props allendav.
Merges [43012] and [43089] to the 4.9 branch.
See #43546.

Location:
branches/4.9
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-admin/includes/ajax-actions.php

    r43084 r43092  
    40194019}
    40204020
     4021/**
     4022 * Ajax handler for exporting a user's personal data.
     4023 *
     4024 * @since 4.9.6
     4025 */
    40214026function wp_ajax_wp_privacy_export_personal_data() {
    4022     check_ajax_referer( 'wp-privacy-export-personal-data', 'security' );
     4027    $request_id  = (int) $_POST['id'];
     4028
     4029    if ( empty( $request_id ) ) {
     4030        wp_send_json_error( __( 'Error: Invalid request ID.' ) );
     4031    }
    40234032
    40244033    if ( ! current_user_can( 'manage_options' ) ) {
     
    40264035    }
    40274036
    4028     $email_address  = sanitize_text_field( $_POST['email'] );
     4037    check_ajax_referer( 'wp-privacy-export-personal-data-' . $request_id, 'security' );
     4038
     4039    // Get the request data.
     4040    $request = wp_get_user_request_data( $request_id );
     4041
     4042    if ( ! $request || 'export_personal_data' !== $request->action_name ) {
     4043        wp_send_json_error( __( 'Error: Invalid request type.' ) );
     4044    }
     4045
     4046    $email_address = $request->email;
     4047    if ( ! is_email( $email_address ) ) {
     4048        wp_send_json_error( __( 'Error: A valid email address must be given.' ) );
     4049    }
     4050
    40294051    $exporter_index = (int) $_POST['exporter'];
    40304052    $page           = (int) $_POST['page'];
     4053    $send_as_email  = isset( $_POST['sendAsEmail'] ) ? ( "true" === $_POST['sendAsEmail'] ) : false;
    40314054
    40324055    /**
     
    40404063     *         callback               string  Callable exporter that accepts an email address and
    40414064     *                                        a page and returns an array of name => value
    4042      *                                        pairs of personal data
    4043      *         exporter_friendly_name string  Translated user facing friendly name for the exporter
     4065     *                                        pairs of personal data.
     4066     *         exporter_friendly_name string  Translated user facing friendly name for the exporter.
    40444067     *     ]
    40454068     * }
     
    40674090        }
    40684091
    4069         // Surprisingly, email addresses can contain mutli-byte characters now
    4070         $email_address = trim( mb_strtolower( $email_address ) );
    4071 
    4072         if ( ! is_email( $email_address ) ) {
    4073             wp_send_json_error( 'A valid email address must be given.' );
    4074         }
    4075 
    40764092        $exporter = $exporters[ $index ];
     4093
    40774094        if ( ! is_array( $exporter ) ) {
    40784095            wp_send_json_error( "Expected an array describing the exporter at index {$exporter_index}." );
    40794096        }
    4080         if ( ! array_key_exists( 'callback', $exporter ) ) {
    4081             wp_send_json_error( "Exporter array at index {$exporter_index} does not include a callback." );
    4082         }
    4083         if ( ! is_callable( $exporter['callback'] ) ) {
    4084             wp_send_json_error( "Exporter callback at index {$exporter_index} is not a valid callback." );
    4085         }
    40864097        if ( ! array_key_exists( 'exporter_friendly_name', $exporter ) ) {
    40874098            wp_send_json_error( "Exporter array at index {$exporter_index} does not include a friendly name." );
     4099        }
     4100        if ( ! array_key_exists( 'callback', $exporter ) ) {
     4101            wp_send_json_error( "Exporter does not include a callback: {$exporter['exporter_friendly_name']}." );
     4102        }
     4103        if ( ! is_callable( $exporter['callback'] ) ) {
     4104            wp_send_json_error( "Exporter callback is not a valid callback: {$exporter['exporter_friendly_name']}." );
    40884105        }
    40894106
     
    41094126        }
    41104127    } else {
    4111         // No exporters, so we're done
     4128        // No exporters, so we're done.
    41124129        $response = array(
    41134130            'data' => array(),
     
    41274144     * @param string $email_address   The email address associated with this personal data.
    41284145     * @param int    $page            The zero-based page for this response.
     4146     * @param int    $request_id      The privacy request post ID associated with this request.
     4147     * @param bool   $send_as_email   Whether the final results of the export should be emailed to the user.
    41294148     */
    4130     $response = apply_filters( 'wp_privacy_personal_data_export_page', $response, $exporter_index, $email_address, $page );
     4149    $response = apply_filters( 'wp_privacy_personal_data_export_page', $response, $exporter_index, $email_address, $page, $request_id, $send_as_email );
     4150
    41314151    if ( is_wp_error( $response ) ) {
    41324152        wp_send_json_error( $response );
     
    41544174    check_ajax_referer( 'wp-privacy-erase-personal-data-' . $request_id, 'security' );
    41554175
    4156     // Find the request CPT
     4176    // Get the request data.
    41574177    $request = wp_get_user_request_data( $request_id );
    41584178
Note: See TracChangeset for help on using the changeset viewer.