From 5e107d36ca20bf9cccb869f0ce76113010fcb998 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20G=C3=BCnther?= <th.guenther@saale-mail.de>
Date: Tue, 30 Jul 2024 23:06:59 +0200
Subject: [PATCH] Preparation fpr new mareike & solea module

---
 includes/frontend-functions.php               | 122 +-----------------
 includes/roles.php                            |  80 ++++--------
 .../class-extendregistrationform.php          |  39 ++++++
 .../Controllers/class-saveregistration.php    |  76 +++++++++++
 modules/calendar/calendar.php                 |   2 -
 modules/calendar/classes/Calendar.class.php   |   3 +
 .../Controllers/class-main.php                |  24 +++-
 modules/security/classes/Security.class.php   |  16 ++-
 modules/security/includes/settings_writer.php |   7 -
 modules/security/internal/site-health-tab.php |  14 --
 10 files changed, 177 insertions(+), 206 deletions(-)
 create mode 100644 modules/Registration/Controllers/class-extendregistrationform.php
 create mode 100644 modules/Registration/Controllers/class-saveregistration.php

diff --git a/includes/frontend-functions.php b/includes/frontend-functions.php
index f20eadd..382427b 100644
--- a/includes/frontend-functions.php
+++ b/includes/frontend-functions.php
@@ -15,43 +15,6 @@ function bdp_update_dashboard_style() {
 }
 
 
-function bdp_add_menu_security() {
-    $moduleLoad = get_admin_url() . 'admin.php?page=' . BDP_LV_PLUGIN_SLUG . '/modules/index.php&loadmodule=';
-}
-
-function bdp_add_menu_contents() {
-	add_menu_page('Seiten',
-		'Inhalte',
-		'edit_posts',
-		'edit.php?post_type=page',
-		'',
-		'dashicons-format-aside',
-		4
-	);
-
-    add_submenu_page('edit.php?post_type=page',
-        'media',
-        'Medienverwaltung',
-        'edit_posts',
-        'upload.php'
-    );
-
-    add_submenu_page('edit.php?post_type=page',
-        'comments',
-        'Kommentare',
-        'edit_posts',
-        'edit-comments.php'
-    );
-
-	add_submenu_page('edit.php?post_type=page',
-		'Beiträge',
-		'Beiträge',
-		'edit_posts',
-		'edit.php'
-	);
-
-}
-
 function bdp_add_menu_mein_lv() {
     $location = BDP_LV_PLUGIN_DIR . '/modules/';
     $mainSlug = $location . 'index.php';
@@ -75,90 +38,7 @@ function bdp_add_menu_mein_lv() {
     );
 }
 
-function bdp_add_menu_setup() {
-	add_menu_page(
-		'Benutzer',
-		'Benutzer-Verwaltung',
-		'manage_options',
-		'users.php',
-		'',
-		'dashicons-admin-users',
-		6
-	);
-
-
-    add_menu_page(
-        'Allgemeine Einstellungen',
-        'Webseiten-Setup',
-        'manage_options',
-        'options-general.php',
-        '',
-        'dashicons-admin-generic',
-        6
-    );
-
-    add_submenu_page('options-general.php',
-        'Design-Einstellungen',
-        'Template bearbeiten',
-        'manage_options',
-        'customize.php?return=/wp-admin/'
-    );
-
-    add_submenu_page('options-general.php',
-        'plugins',
-        'Erweiterungen',
-        'manage_options',
-        'plugins.php'
-    );
-
-
-    add_submenu_page('options-general.php',
-        'themes',
-        'Designs',
-        'manage_options',
-        'themes.php'
-    );
-
-
-	add_submenu_page('options-general.php',
-		'Sicherheit',
-		'Webseiten-Sicherheit',
-		'manage_options',
-		'site-health.php'
-	);
-
-}
-
-function bdp_cleanup_menu()
-{
-    global $submenu;
-
-    remove_menu_page('edit-comments.php');
-    remove_menu_page('edit.php');
-    remove_menu_page('edit.php?post_type=page');
-    remove_menu_page('upload.php');
-    remove_menu_page('themes.php');
-    remove_menu_page('plugins.php');
-    remove_menu_page('options-general.php');
-    remove_menu_page('users.php');
-    remove_menu_page('tools.php');
-
-    bdp_add_menu_contents();
-    bdp_add_menu_setup();
-    bdp_add_menu_security();
-
-
-	remove_submenu_page('edit.php?post_type=page','post-new.php?post_type=page');
-    remove_submenu_page('users.php','user-new.php');
-    remove_submenu_page('users.php','profile.php');
-
-    remove_submenu_page('edit.php','post-new.php');
-    remove_submenu_page('edit.php','edit-tags.php?taxonomy=category');
-    remove_submenu_page('edit.php','edit-tags.php?taxonomy=post_tag');
-}
-
 function bdp_create_menu_structure()
-{
-    add_action('admin_menu', 'bdp_cleanup_menu');
+{;
     bdp_add_menu_mein_lv();
 }
diff --git a/includes/roles.php b/includes/roles.php
index ed69d1d..abcb71b 100644
--- a/includes/roles.php
+++ b/includes/roles.php
@@ -5,64 +5,40 @@
 	 remove_role( 'contributor' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
 	 remove_role( 'author' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
 	 remove_role( 'editor' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
-	 $capabilities = array(
-		 'read' => true, // Die Rolle kann Beiträge lesen
-		 'edit_posts' => true, // Die Rolle kann Beiträge bearbeiten
-		 'delete_posts' => true, // Die Rolle kann Beiträge löschen
-		 'publish_posts' => true, // Die Rolle kann Beiträge veröffentlichen
-		 // Weitere Berechtigungen können nach Bedarf hinzugefügt werden
-	 );
 
-	 // Rolle hinzufügen
-	 add_role( 'stafue', 'Stammesführung', kompass_get_capa_stafue() );
-	 add_role( 'grufue', 'Gruppenführung', kompass_get_capa_grufue() );
-	 add_role( 'aktionsleitung', 'Aktionsleitung', kompass_get_capa_aktionsleitung() );
+	 $role = get_role( 'director' );
+	 if ( null === $role ) {
+		 add_role(
+			 'director',
+			 true === get_option( 'solea_used_for_state', false )
+				 ? __( 'State director', 'mareike' )
+				 : __( 'Club director', 'mareike' ),
+			 kompass_get_capa_editor()
+		 );
+	 } else {
+		 $role = get_role( 'director' );
+		 foreach ( kompass_get_capa_editor() as $capability => $value ) {
+			 $role->add_cap( $capability );
+		 }
+	 }
+
 	 add_role( 'author', 'Redakteur', kompass_get_capa_editor() );
 
-	 $role = get_role( 'administrator' );
-	 foreach (kompass_get_capa_stafue() as $capability => $value) {
-	    $role->add_cap( $capability );
+	 $role = get_role( 'user' );
+	 if ( null === $role ) {
+		 add_role(
+			 'user',
+			 'Standardnutzer',
+			 array('read' => true)
+		 );
+	 } else {
+		 foreach ( solea_get_capabilities_user() as $capability => $value ) {
+			 $role->add_cap( 'read' );
+		 }
 	 }
+
  }
 
-function kompass_get_capa_stafue() : array
-{
-	return array_merge(
-		[
-		'create_groups' => true,
-		'delete_groups' => true,
-		'edit_groups' => true,
-		'delete_teilis' => true,
-		'move_teilis' => true,
-		'create_events' => true,
-	], kompass_get_capa_aktionsleitung(), kompass_get_capa_grufue(), kompass_get_capa_editor());
-}
-
-
-
-function kompass_get_capa_aktionsleitung() : array
-{
-	return [
-		'show_bdp' => true,
-		'create_event_teilis' => true,
-		'edit_event_teilis' => true,
-		'delete_event_teilis' => true,
-		'send_event_mails' => true,
-	];
-}
-
- function kompass_get_capa_grufue() : array
- {
-	 return [
-		 'show_bdp' => true,
-		 'show_groups' => true,
-		 'create_teilis' => true,
-		 'edit_teilis' => true,
-		 'send_mails' => true
-	 ];
- }
-
-
  function kompass_get_capa_editor() : array
  {
 	 return [
diff --git a/modules/Registration/Controllers/class-extendregistrationform.php b/modules/Registration/Controllers/class-extendregistrationform.php
new file mode 100644
index 0000000..7315138
--- /dev/null
+++ b/modules/Registration/Controllers/class-extendregistrationform.php
@@ -0,0 +1,39 @@
+<?php
+/**
+ * File: class-extendregistrationform.php
+ *
+ *
+ * @since 2024-07-30
+ * @license GPL-3.0-or-later
+ *
+ * @package mareike/
+ */
+
+namespace Bdp\Modules\Registration\Controllers;
+
+class ExtendRegistrationForm {
+	public static function execute() {
+		?>
+		<p>
+			<label for="first_name">Vorname<br />
+				<input required style="width: 768px !important;" type="text" name="first_name" id="first_name" class="input" value="<?php echo esc_attr(wp_unslash($_POST['first_name'] ?? '')); ?>" size="25" /></label>
+		</p>
+		<p>
+			<label for="last_name">Nachname<br />
+				<input required style="width: 768px !important;" type="text" name="last_name" id="last_name" class="input" value="<?php echo esc_attr(wp_unslash($_POST['last_name'] ?? '')); ?>" size="25" /></label>
+		</p>
+		<?php
+	}
+
+	public static function error_messages($errors, $sanitized_user_login, $user_email) {
+			if (empty($_POST['first_name']) || !empty($_POST['first_name']) && trim($_POST['first_name']) == '') {
+				$errors->add('first_name_error', '<strong>FEHLER</strong>: Der Vorname ist erforderlich.');
+			}
+			if (empty($_POST['last_name']) || !empty($_POST['last_name']) && trim($_POST['last_name']) == '') {
+				$errors->add('last_name_error', '<strong>FEHLER</strong>: DEr Nachname ist erforderlich.');
+			}
+			return $errors;
+
+
+	}
+}
\ No newline at end of file
diff --git a/modules/Registration/Controllers/class-saveregistration.php b/modules/Registration/Controllers/class-saveregistration.php
new file mode 100644
index 0000000..de0c537
--- /dev/null
+++ b/modules/Registration/Controllers/class-saveregistration.php
@@ -0,0 +1,76 @@
+<?php
+/**
+ * File: class-saveregistration.php
+ *
+ *
+ * @since 2024-07-30
+ * @license GPL-3.0-or-later
+ *
+ * @package mareike/
+ */
+
+namespace Bdp\Modules\Registration\Controllers;
+
+use WP_User;
+
+class SaveRegistration {
+	public static function execute($user_id) {
+		if (!empty($_POST['first_name'])) {
+			update_user_meta($user_id, 'first_name', sanitize_text_field($_POST['first_name']));
+		}
+		if (!empty($_POST['last_name'])) {
+			update_user_meta($user_id, 'last_name', sanitize_text_field($_POST['last_name']));
+		}
+
+		// Assign the 'Standarduser' role to the new user
+		$user = new WP_User($user_id);
+		$user->set_role('standarduser');
+
+		// Send confirmation email
+		$user = get_userdata($user_id);
+		$code = sha1($user->user_registered);
+		update_user_meta($user_id, 'activation_code', $code);
+
+		$activation_link = add_query_arg(array('key' => $code, 'user' => $user_id), get_site_url() . '/wp-login.php');
+
+		wp_mail($user->user_email, 'Bitte bestätige deine Anmeldung', 'Hallo, bitte bestätige deine Anmeldung über den folgenden Link: ' . $activation_link);
+
+		// Notify admin
+		wp_mail(get_option('admin_email'), 'New User Registration', 'A new user has registered: ' . $user->user_login . PHP_EOL . 'First name:' . $user->first_name . PHP_EOL . 'Last name:' . $user->last_name );
+	}
+
+	public static function activate_user() {
+		if (isset($_GET['key']) && isset($_GET['user'])) {
+			$user_id = intval($_GET['user']);
+			$activation_code = get_user_meta($user_id, 'activation_code', true);
+
+			if ($activation_code === $_GET['key']) {
+				delete_user_meta($user_id, 'activation_code');
+				wp_redirect(home_url('/wp-login.php?checkemail=registered'));
+				exit;
+			}
+		}
+	}
+
+	public static function check_user_activation($user, $username, $password) {
+		if (!is_a($user, 'WP_User')) {
+			return null;
+		}
+		$user_id = $user->ID;
+		$activation_code = get_user_meta($user_id, 'activation_code', true);
+
+		if ($activation_code) {
+			return new WP_Error('not_activated', __('ERROR: You need to activate your account. Please check your email.', 'kompass'));
+		}
+
+		return $user;
+	}
+
+	public static function display_custom_message() {
+		if (isset($_GET['checkemail']) && $_GET['checkemail'] === 'registered') {
+			echo '<div class="custom-message" style="text-align:center; margin:20px auto; padding:10px; background-color:#e0f7fa; border:1px solid #00796b; border-radius:5px; max-width:600px;">
+                <p style="font-size:16px; color:#00796b;">Vielen Dank für deine Registrierung. Bitte überprüfen deine E-Mails, um deine Registrierung zu bestätigen.</p>
+              </div>';
+		}
+	}
+}
\ No newline at end of file
diff --git a/modules/calendar/calendar.php b/modules/calendar/calendar.php
index 07e6e37..1bf5c52 100644
--- a/modules/calendar/calendar.php
+++ b/modules/calendar/calendar.php
@@ -1,6 +1,4 @@
 <?php
 add_filter('the_content', ['Calendar', 'printCalendar']);
-wp_enqueue_style('bdp_calendar_css', BDP_LV_PLUGIN_URL . '/modules/calendar/assets/calendar.css');
-wp_enqueue_script( 'loadCalendar',  BDP_LV_PLUGIN_URL . '/modules/calendar/assets/ajaxscript.js');
 
 require_once dirname(__FILE__) . '/classes/Calendar.class.php';
diff --git a/modules/calendar/classes/Calendar.class.php b/modules/calendar/classes/Calendar.class.php
index c2f412d..7b00912 100644
--- a/modules/calendar/classes/Calendar.class.php
+++ b/modules/calendar/classes/Calendar.class.php
@@ -28,6 +28,9 @@ class Calendar
         // Der zu ersetzende String
         $original_string = '{{calendar}}';
 		if (str_contains($content,$original_string)) {
+			wp_enqueue_style('bdp_calendar_css', BDP_LV_PLUGIN_URL . '/modules/calendar/assets/calendar.css');
+			wp_enqueue_script( 'loadCalendar',  BDP_LV_PLUGIN_URL . '/modules/calendar/assets/ajaxscript.js');
+
 			$calendar = new Calendar();
 
 			// Der Ersatzstring
diff --git a/modules/event-participants/Controllers/class-main.php b/modules/event-participants/Controllers/class-main.php
index 0023292..a22f1a4 100644
--- a/modules/event-participants/Controllers/class-main.php
+++ b/modules/event-participants/Controllers/class-main.php
@@ -40,11 +40,27 @@ class MainController
     }
     public function __construct()
     {
-		global $dbHandler;
+		global $dbHandler, $wpdb;
 
-	    add_menu_page(
-		    __('Events', BDP_LV_PLUGIN_SLUG),
-		    __('Events', BDP_LV_PLUGIN_SLUG),
+		$show_menu = false;
+
+	    foreach ([self::KOMPASS_EVENTS_EVENTS] as $table) {
+		    $sqlTable = $wpdb->prefix . $table;
+		    $sql      = "SHOW TABLES LIKE '$sqlTable'";
+
+		    $result = $wpdb->get_var( $sql );
+		    if ( $result == $sqlTable ) {
+			    $show_menu = true;
+		    }
+	    }
+
+		if (!$show_menu) {
+			return;
+		}
+
+		    add_menu_page(
+		    __('Events (legacy)', BDP_LV_PLUGIN_SLUG),
+		    __('Events (legacy)', BDP_LV_PLUGIN_SLUG),
 		    'send_mails',
 		    'kompass-events',
 		    [$this, 'router'],
diff --git a/modules/security/classes/Security.class.php b/modules/security/classes/Security.class.php
index a44806f..f86d810 100644
--- a/modules/security/classes/Security.class.php
+++ b/modules/security/classes/Security.class.php
@@ -28,8 +28,7 @@ class Security
 			$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
 		}
 
-        enable_option_rewrite_url($loginUrl);
-	    enable_option_disable_xmlrpc();
+        enable_option_disable_xmlrpc();
 	    enable_option_block_authorscan();
 	    enable_option_block_execution_in_uploads();
 	    enable_option_prohibit_special_files();
@@ -83,12 +82,17 @@ class Security
 	public static function SetPageFilters() {
 		global $wp;
 
-		if (str_contains($_SERVER['REQUEST_URI'], 'wp-login.php?action=logout')) {
-			return;
+		add_action('template_redirect', [Security::class, 'protectAuthorScan']);
+
+		if (null !== is_login_rewritten()) {
+			if (str_contains($_SERVER['REQUEST_URI'], 'wp-login.php?action=logout')) {
+				return;
 		}
 
-		add_action('template_redirect', [Security::class, 'protectAuthorScan']);
-		Security::protectLoginSecurity();
+			Security::protectLoginSecurity();
+		}
+
+
 	}
 
 	public static function protectLoginSecurity() {
diff --git a/modules/security/includes/settings_writer.php b/modules/security/includes/settings_writer.php
index 6012da5..e06490f 100644
--- a/modules/security/includes/settings_writer.php
+++ b/modules/security/includes/settings_writer.php
@@ -86,12 +86,6 @@ function disable_option_disable_wp_debug() {
     WpConfigEditor::updateConfig('WP_DEBUG', 'true');
 }
 
-function enable_option_rewrite_url(?string $url = null) {
-    global $_POST;
-	$saveUrl = $url ?? $_POST['rewrite_login'];
-    update_option('kompass_sec_rewrite_login', $saveUrl);
-}
-
 function disable_option_rewrite_url() {
 	update_option('kompass_sec_rewrite_login', null);
 }
@@ -110,7 +104,6 @@ function kompass_sec_save_settings($settings) {
 		'option_prohibit_bot_access',
 		'option_block_directory_listing',
 		'option_disable_wp_debug',
-		'option_rewrite_url',
 	];
 
 	$enableSettings = array_intersect($allPossibleSettings, $settings);
diff --git a/modules/security/internal/site-health-tab.php b/modules/security/internal/site-health-tab.php
index b7b3014..d9b2351 100644
--- a/modules/security/internal/site-health-tab.php
+++ b/modules/security/internal/site-health-tab.php
@@ -98,20 +98,6 @@
         </span>
     </label>
 </div>
-<div class="bdp_setting_box">
-    <input <?php if (null !== is_login_rewritten()) {echo ' checked';} ?> type="checkbox" id="sec_mod_11" name="security_settings[]" value="option_rewrite_url" />
-    <label for="sec_mod_11">
-		<?= __('Change Login URL', BDP_LV_PLUGIN_SLUG); ?><br />
-        <span>
-            <?= __('Changing the default login URL of WordPress is advisable to enhance the security of your website. By default, WordPress login URLs is /wp-admin or /wp-login.php, which are easily guessed by hackers and facilitate attacks such as brute-force attacks. Changing the login URL to something unique and difficult to guess increases security since potential attackers will struggle to find the correct URL. This can help protect your website from unauthorized access and other malicious activities.', BDP_LV_PLUGIN_SLUG); ?><br />
-            <label style="font-weight: bold;">
-	            <?= __('Login-URL', BDP_LV_PLUGIN_SLUG) ?>: <?= get_site_url(); ?>/<input style="width: 100px;" class="long_text" type="text" name="rewrite_login" id="rewrite_login" value="<?= is_login_rewritten(); ?>">
-            </label>
-        </span>
-    </label>
-</div>
-
-
 
 <br /><br />
 <input type="submit" class="button" value="<?= __('Save changes', BDP_LV_PLUGIN_SLUG); ?>" />