add_action( 'mainwp_rest_api_remove_keys', array( $this, 'ajax_rest_api_remove_keys' ) ); $this->handle_rest_api_add_new(); $this->handle_rest_api_edit(); } /** * Instantiate the REST API Menu. * * @uses \MainWP\Dashboard\MainWP_Menu::is_disable_menu_item() */ public static function init_menu() { add_submenu_page( 'mainwp_tab', esc_html__( 'REST API', 'mainwp' ), ' ' . esc_html__( 'REST API', 'mainwp' ) . '', 'read', 'RESTAPI', array( static::get_class_name(), 'render_all_api_keys', ) ); if ( ! MainWP_Menu::is_disable_menu_item( 3, 'AddApiKeys' ) ) { add_submenu_page( 'mainwp_tab', esc_html__( 'Add API Keys', 'mainwp' ), '
' . esc_html__( 'Add API Keys', 'mainwp' ) . '
', 'read', 'AddApiKeys', array( static::get_class_name(), 'render_rest_api_setings', ) ); } /** * REST API Subpages * * Filters subpages for the REST API page. * * @since Unknown */ static::$subPages = apply_filters( 'mainwp_getsubpages_restapi', array() ); if ( isset( static::$subPages ) && is_array( static::$subPages ) ) { foreach ( static::$subPages as $subPage ) { if ( MainWP_Menu::is_disable_menu_item( 3, 'RESTAPI' . $subPage['slug'] ) ) { continue; } add_submenu_page( 'mainwp_tab', $subPage['title'], '
' . $subPage['title'] . '
', 'read', 'RESTAPI' . $subPage['slug'], $subPage['callback'] ); } } static::init_left_menu( static::$subPages ); } /** * Instantiate REST API SubPages Menu. * * @uses \MainWP\Dashboard\MainWP_Menu::is_disable_menu_item() */ public static function init_subpages_menu() { ?> esc_html__( 'REST API', 'mainwp' ), 'parent_key' => 'mainwp_tab', 'slug' => 'RESTAPI', 'href' => 'admin.php?page=RESTAPI', 'icon' => '
API
', ), 0 ); $init_sub_subleftmenu = array( array( 'title' => esc_html__( 'Manage API Keys', 'mainwp' ), 'parent_key' => 'RESTAPI', 'href' => 'admin.php?page=RESTAPI', 'slug' => 'RESTAPI', 'right' => 'manage_restapi', ), array( 'title' => esc_html__( 'Add API Keys', 'mainwp' ), 'parent_key' => 'RESTAPI', 'href' => 'admin.php?page=AddApiKeys', 'slug' => 'AddApiKeys', 'right' => '', ), ); MainWP_Menu::init_subpages_left_menu( $subPages, $init_sub_subleftmenu, 'RESTAPI', 'RESTAPI' ); foreach ( $init_sub_subleftmenu as $item ) { if ( MainWP_Menu::is_disable_menu_item( 3, $item['slug'] ) ) { continue; } MainWP_Menu::add_left_menu( $item, 2 ); } } /** * Method handle_rest_api_add_new() * * Handle rest api settings */ public function handle_rest_api_add_new() { // phpcs:ignore -- NOSONAR - complex. // phpcs:disable WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $submit = false; if ( isset( $_POST['submit'] ) && isset( $_GET['page'] ) && 'AddApiKeys' === $_GET['page'] ) { $submit = true; } if ( $submit && isset( $_POST['wp_nonce'] ) && wp_verify_nonce( sanitize_key( $_POST['wp_nonce'] ), 'RESTAPI' ) ) { $all_keys = static::check_rest_api_updates(); if ( ! is_array( $all_keys ) ) { $all_keys = array(); } $consumer_key = isset( $_POST['mainwp_consumer_key'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_consumer_key'] ) ) : ''; $consumer_secret = isset( $_POST['mainwp_consumer_secret'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_consumer_secret'] ) ) : ''; $desc = isset( $_POST['mainwp_rest_add_api_key_desc'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_add_api_key_desc'] ) ) : ''; $enabled = ! empty( $_POST['mainwp_enable_rest_api'] ) ? 1 : 0; $pers = ! empty( $_POST['mainwp_rest_api_key_edit_pers'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_api_key_edit_pers'] ) ) : ''; // hash the password. $consumer_key_hashed = wp_hash_password( $consumer_key ); $consumer_secret_hashed = wp_hash_password( $consumer_secret ); if ( ! empty( $_POST['mainwp_rest_api_keys_compatible_v1'] ) ) { $all_keys[ $consumer_key ] = array( 'ck_hashed' => $consumer_key_hashed, 'cs' => $consumer_secret_hashed, 'desc' => $desc, 'enabled' => $enabled, 'perms' => $pers, ); // store the data. MainWP_Utility::update_option( 'mainwp_rest_api_keys', $all_keys ); } // compatible with version 2. $scope = 'read'; if ( ! empty( $pers ) ) { $pers_list = explode( ',', $pers ); if ( in_array( 'w', $pers_list ) && in_array( 'd', $pers_list ) ) { $scope = 'read_write'; } elseif ( in_array( 'w', $pers_list ) ) { $scope = 'write'; } } MainWP_DB::instance()->insert_rest_api_key( $consumer_key, $consumer_secret, $scope, $desc, $enabled ); // end. wp_safe_redirect( admin_url( 'admin.php?page=RESTAPI&message=created' ) ); //phpcs:ignore -- ok. exit(); } // phpcs:enable } /** * Method handle_rest_api_edit() * * Handle rest api settings */ public function handle_rest_api_edit() { // phpcs:ignore -- NOSONAR - complex. $edit_id = isset( $_POST['editkey_id'] ) ? sanitize_text_field( wp_unslash( $_POST['editkey_id'] ) ) : false; if ( isset( $_POST['submit'] ) && ! empty( $edit_id ) && isset( $_POST['edit_key_nonce'] ) && wp_verify_nonce( sanitize_key( $_POST['edit_key_nonce'] ), 'edit-key-nonce-' . $edit_id ) ) { $save = false; $updated = false; if ( ! empty( $edit_id ) ) { if ( ! empty( $_POST['rest_v2_edit'] ) ) { $key_id = intval( $edit_id ); $desc = isset( $_POST['mainwp_rest_api_key_desc'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_api_key_desc'] ) ) : ''; $enabled = ! empty( $_POST['mainwp_enable_rest_api'] ) ? 1 : 0; $pers = ! empty( $_POST['mainwp_rest_api_key_edit_pers'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_api_key_edit_pers'] ) ) : ''; $scope = 'read'; if ( ! empty( $pers ) ) { $pers_list = explode( ',', $pers ); if ( in_array( 'w', $pers_list ) && in_array( 'r', $pers_list ) ) { $scope = 'read_write'; } elseif ( in_array( 'w', $pers_list ) ) { $scope = 'write'; } } MainWP_DB::instance()->update_rest_api_key( $key_id, $scope, $desc, $enabled ); $updated = true; $save = true; } else { $edit_id = sanitize_text_field( $edit_id ); $all_keys = get_option( 'mainwp_rest_api_keys', false ); if ( is_array( $all_keys ) && isset( $all_keys[ $edit_id ] ) ) { $item = $all_keys[ $edit_id ]; if ( is_array( $item ) && isset( $item['cs'] ) ) { $item['desc'] = isset( $_POST['mainwp_rest_api_key_desc'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_api_key_desc'] ) ) : ''; $item['enabled'] = ! empty( $_POST['mainwp_enable_rest_api'] ) ? 1 : 0; $item['perms'] = ! empty( $_POST['mainwp_rest_api_key_edit_pers'] ) ? sanitize_text_field( wp_unslash( $_POST['mainwp_rest_api_key_edit_pers'] ) ) : ''; $all_keys[ $edit_id ] = $item; $updated = true; $save = true; } else { unset( $all_keys[ $edit_id ] ); // delete incorrect key. $save = true; } if ( $save ) { MainWP_Utility::update_option( 'mainwp_rest_api_keys', $all_keys ); } } } } $msg = ''; if ( $updated ) { $msg = '&message=saved'; } wp_safe_redirect( admin_url( 'admin.php?page=RESTAPI' . $msg ) ); //phpcs:ignore -- ok. exit(); } } /** * Method ajax_rest_api_remove_keys() * * Remove API Key. */ public function ajax_rest_api_remove_keys() { //phpcs:ignore -- NOSONAR - complex. MainWP_Post_Handler::instance()->check_security( 'mainwp_rest_api_remove_keys' ); $ret = array( 'success' => false ); $cons_key_id = isset( $_POST['keyId'] ) ? urldecode( wp_unslash( $_POST['keyId'] ) ) : false; // phpcs:ignore WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $is_v2 = isset( $_POST['api_ver'] ) && 'v2' === wp_unslash( $_POST['api_ver'] ) ? true : false; // phpcs:ignore WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized if ( ! empty( $cons_key_id ) ) { if ( $is_v2 ) { MainWP_DB::instance()->remove_rest_api_key( $cons_key_id ); } else { $save = false; $all_keys = get_option( 'mainwp_rest_api_keys', false ); if ( is_array( $all_keys ) && isset( $all_keys[ $cons_key_id ] ) ) { $item = $all_keys[ $cons_key_id ]; if ( is_array( $item ) && isset( $item['cs'] ) ) { unset( $all_keys[ $cons_key_id ] ); // delete key. $save = true; } } if ( $save ) { MainWP_Utility::update_option( 'mainwp_rest_api_keys', $all_keys ); } } $ret['success'] = 'SUCCESS'; $ret['result'] = esc_html__( 'REST API Key deleted successfully.', 'mainwp' ); } else { $ret['error'] = esc_html__( 'REST API Key ID empty.', 'mainwp' ); } echo wp_json_encode( $ret ); exit; } /** * Render Page Header. * * @param string $shownPage The page slug shown at this moment. * * @uses \MainWP\Dashboard\MainWP_Menu::is_disable_menu_item() * @uses \MainWP\Dashboard\MainWP_UI::render_top_header() * @uses \MainWP\Dashboard\MainWP_UI::render_page_navigation() */ public static function render_header( $shownPage = '' ) { // phpcs:ignore -- NOSONAR - complex. $params = array( 'title' => esc_html__( 'REST API', 'mainwp' ), ); MainWP_UI::render_top_header( $params ); $renderItems = array(); if ( \mainwp_current_user_can( 'dashboard', 'manage_restapi' ) ) { $renderItems[] = array( 'title' => esc_html__( 'Manage API Keys', 'mainwp' ), 'href' => 'admin.php?page=RESTAPI', 'active' => ( '' === $shownPage ) ? true : false, ); } if ( ! MainWP_Menu::is_disable_menu_item( 3, 'AddApiKeys' ) ) { if ( isset( $_GET['editkey'] ) && ! empty( $_GET['editkey'] ) && isset( $_GET['_opennonce'] ) && wp_verify_nonce( sanitize_key( $_GET['_opennonce'] ), 'mainwp-admin-nonce' ) ) { // phpcs:ignore WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $ver = isset( $_GET['rest_ver'] ) && ! empty( $_GET['rest_ver'] ) ? '&rest_ver=' . intval( $_GET['rest_ver'] ) : ''; $renderItems[] = array( 'title' => esc_html__( 'Edit API Keys', 'mainwp' ), 'href' => 'admin.php?page=AddApiKeys&editkey=' . esc_url( wp_unslash( $_GET['editkey'] ) ) . $ver . '&_opennonce=' . esc_html( wp_create_nonce( 'mainwp-admin-nonce' ) ), // phpcs:ignore WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 'active' => ( 'Edit' === $shownPage ) ? true : false, ); } $renderItems[] = array( 'title' => esc_html__( 'Add API Keys', 'mainwp' ), 'href' => 'admin.php?page=AddApiKeys', 'active' => ( 'Settings' === $shownPage ) ? true : false, ); } if ( isset( static::$subPages ) && is_array( static::$subPages ) ) { foreach ( static::$subPages as $subPage ) { if ( MainWP_Menu::is_disable_menu_item( 3, 'RESTAPI' . $subPage['slug'] ) ) { continue; } $item = array(); $item['title'] = $subPage['title']; $item['href'] = 'admin.php?page=RESTAPI' . $subPage['slug']; $item['active'] = ( $subPage['slug'] === $shownPage ) ? true : false; $renderItems[] = $item; } } MainWP_UI::render_page_navigation( $renderItems ); } /** * Close the HTML container. */ public static function render_footer() { echo ''; } /** * Method render_api_keys_v1_table. * * @return void */ public static function render_api_keys_v1_table() { //phpcs:ignore -- NOSONAR - complex. $all_keys = static::check_rest_api_updates(); if ( ! is_array( $all_keys ) ) { $all_keys = array(); } if ( ! empty( $all_keys ) ) { ?>

$item ) { if ( ! is_array( $item ) ) { continue; } $ending = substr( $ck, -8 ); $desc = isset( $item['desc'] ) && ! empty( $item['desc'] ) ? $item['desc'] : 'N/A'; $enabled = isset( $item['enabled'] ) && ! empty( $item['enabled'] ) ? true : false; $endcoded_ck = rawurlencode( $ck ); $pers_codes = ''; if ( ! isset( $item['perms'] ) ) { $pers_codes = 'r,w,d'; // to compatible. } elseif ( ! empty( $item['perms'] ) ) { $pers_codes = $item['perms']; } $pers_names = array(); if ( ! empty( $pers_codes ) && is_string( $pers_codes ) ) { $pers_codes = explode( ',', $pers_codes ); if ( is_array( $pers_codes ) ) { if ( in_array( 'r', $pers_codes ) ) { $pers_names[] = esc_html__( 'Read', 'mainwp' ); } if ( in_array( 'w', $pers_codes ) ) { $pers_names[] = esc_html__( 'Write', 'mainwp' ); } if ( in_array( 'd', $pers_codes ) ) { $pers_names[] = esc_html__( 'Delete', 'mainwp' ); } } } ?>
' . esc_html__( 'Enabled', 'mainwp' ) . '' : '' . esc_html__( 'Disabled', 'mainwp' ) . ''; ?>
get_rest_api_keys(); $el_id_cb_1 = 'cb-select-all-top'; ?> truncated_key; $desc = ! empty( $item->description ) ? esc_html( $item->description ) : 'N/A'; $enabled = $item->enabled ? true : false; $key_id = $item->key_id; $pers_title = array(); $per = $item->permissions; if ( 'read' === $per ) { $pers_title[] = esc_html__( 'Read', 'mainwp' ); } if ( 'write' === $per ) { $pers_title[] = esc_html__( 'Write', 'mainwp' ); } if ( 'read_write' === $per ) { $pers_title[] = esc_html__( 'Read', 'mainwp' ); $pers_title[] = esc_html__( 'Write', 'mainwp' ); } ?>
' . esc_html__( 'Enabled', 'mainwp' ) . '' : '' . esc_html__( 'Disabled', 'mainwp' ) . ''; ?> last_access ) ? '' . MainWP_Utility::time_elapsed_string( strtotime( $item->last_access ) ) . '' : 'N/A'; // phpcs:ignore WordPress.Security.EscapeOutput ?>
', ' ' ); ?>

get_option( 'mainwp_rest_api_consumer_key', '' ), 'cs' => get_option( 'mainwp_rest_api_consumer_secret', '' ), 'desc' => '', ); } MainWP_Utility::update_option( 'mainwp_rest_api_keys', $all_keys ); if ( false !== $cs ) { delete_option( 'mainwp_rest_api_consumer_key' ); delete_option( 'mainwp_rest_api_consumer_secret' ); delete_option( 'mainwp_enable_rest_api' ); } } // end. return $all_keys; } /** * Method show_messages(). * * Show actions messages. */ public static function show_messages() { $msg = ''; if ( isset( $_GET['message'] ) && ( 'saved' === $_GET['message'] || 'created' === $_GET['message'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized $msg = esc_html__( 'API Key have been saved successfully!', 'mainwp' ); } if ( ! empty( $msg ) ) { ?>
get_rest_api_key_by( $key_id ); if ( ! empty( $edit_item ) ) { static::render_rest_api_v2_edit( $edit_item ); return; } } } // we need to generate a consumer key and secret and return the result and save it into the database. $_consumer_key = static::mainwp_generate_rand_hash(); $_consumer_secret = static::mainwp_generate_rand_hash(); $consumer_key = 'ck_' . $_consumer_key; $consumer_secret = 'cs_' . $_consumer_secret; static::render_header( 'Settings' ); ?>


', '' ); ?>
key_id; $edit_desc = $item->description; $enabled = $item->enabled ? true : false; $ending = $item->truncated_key; $perms = $item->permissions; if ( 'read' === $perms ) { $init_pers = 'r'; } if ( 'write' === $perms ) { $init_pers = 'w'; } if ( 'read_write' === $perms ) { $init_pers = 'r,w'; } static::render_header( 'Edit' ); $el_id_res_api_1 = 'rest-api-settings'; ?>
aria-label="" />
aria-label="" />
$value ) { $cookies[] = new \WP_Http_Cookie( array( 'name' => $name, 'value' => $value, ) ); } } } $args = array( 'method' => 'GET', 'timeout' => 45, 'headers' => array( 'content-type' => 'application/json', ), 'sslverify' => (bool) get_option( 'mainwp_sslVerifyCertificate', true ), ); if ( $check_logged_in && ! empty( $cookies ) ) { $args['cookies'] = $cookies; } $site_url = get_option( 'home' ); $response = wp_remote_post( $site_url . '/wp-json', $args ); $body = wp_remote_retrieve_body( $response ); $data = is_string( $body ) ? json_decode( $body, true ) : false; if ( is_array( $data ) & isset( $data['routes'] ) && ! empty( $data['routes'] ) ) { return true; } elseif ( ! $check_logged_in ) { return static::check_rest_api_enabled( true ); } return false; } /** * Method mainwp_help_content() * * Creates the MainWP Help Documentation List for the help component in the sidebar. */ public static function mainwp_help_content() { $allow_pages = array( 'RESTAPI', 'AddApiKeys' ); if ( isset( $_GET['page'] ) && in_array( $_GET['page'], $allow_pages, true ) ) { //phpcs:ignore WordPress.Security.NonceVerification.Recommended ?>

REST API
Enable REST API
REST API Permissions
Disable REST API
Delete REST API Key
Your custom text
* * @since 4.0 */ do_action( 'mainwp_rest_api_help_item' ); ?>