th.guenther/kompass
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: th.guenther:ba736ef6611851ae5341fd6635779f5fef570b87
Branches Tags
th.guenther:main th.guenther:development-4.8.4 th.guenther:v4.8.1 th.guenther:epic-anmeldungen th.guenther:epic-teililisten th.guenther:v4.2.1
..
compare: th.guenther:epic-teililisten
Branches Tags
th.guenther:development-4.8.4 th.guenther:main th.guenther:v4.8.1 th.guenther:epic-anmeldungen th.guenther:epic-teililisten th.guenther:v4.2.1

27 Commits
ba736ef661 ... epic-teili

Author SHA1 Message Date
Thomas Günther
a66f2d2422 Test 2024-05-25 19:44:05 +02:00
Thomas Günther
e9740e86b5 Grundfunktionalität zum Senden von E-Mails 2024-03-24 19:52:32 +01:00
Thomas Günther
5e766bc2e5 Gruppen können angelegt und bearbeitet werden 
Teili können angelegt werden
 2024-03-23 20:46:44 +01:00
Thomas Günther
abc3a2a0a0 Base setup for displaying groups and listing members 2024-03-23 00:37:20 +01:00
Thomas Günther
c85d93e06f Bugfixes 2024-03-17 16:18:06 +01:00
Thomas Günther
3fcd0f2c2b Updated makefile 2024-03-16 17:00:12 +01:00
Thomas Günther
caa2bc6493 updated menu structure 2024-03-16 16:58:13 +01:00
Thomas Günther
49f1ebc5ba updated menu structure 2024-03-16 16:58:00 +01:00
Thomas Günther
d2c74a158a Added new user roles 2024-03-16 16:35:18 +01:00
Thomas Günther
bee1f6c96c Support for site verification codes 2024-03-16 14:21:57 +01:00
Thomas Günther
96e084e353 some design improvements 2024-03-06 22:45:27 +01:00
Thomas Günther
c7ba74d7e3 new navigation tree 
desing optimization
language fixes
 2024-03-05 22:59:42 +01:00
Thomas Günther
76ecb7d978 new navigation tree 
desing optimization
language fixes
 2024-03-05 22:59:15 +01:00
Thomas Günther
5492bda6d2 structure for autodeployment 2024-03-02 18:14:08 +01:00
Thomas Günther
dd6af287f3 Bugfix timezone on events 2024-03-02 18:13:44 +01:00
Thomas Günther
9835f32dfa multi language support 
support for small devices
 2024-03-02 16:00:58 +01:00
Thomas Günther
b3b58ce103 multi language support 
support for small devices
 2024-03-02 15:09:07 +01:00
Thomas Günther
4d479cedaf celanup 2024-02-27 12:06:55 +01:00
th.guenther
e204c8a53e Merge pull request 'v4.2.1' (#1) from v4.2.1 into main 
Reviewed-on: #1
 2024-02-27 12:00:24 +01:00
Thomas Günther
d1eece5875 celanup 2024-02-27 11:58:24 +01:00
Thomas Günther
9d6c90e9cd Updated Limit Login setup 2024-02-27 11:57:38 +01:00
Thomas Günther
6dafa7f1ee Created setup environment 2024-02-27 11:34:52 +01:00
Thomas Günther
40a3b93d4b Created setup environment 2024-02-27 11:33:24 +01:00
Thomas Günther
18820c7191 Protection of WordPress logins 2024-02-26 14:47:51 +01:00
Thomas Günther
bb741539f6 Update in code structure 2024-02-21 21:41:11 +01:00
Thomas Günther
80fb6cd452 Security Settings: 
xmlrpc deaktivieren
 Autorenscan deaktivieren
 Scripting in /wp-content/uploads/ deaktivieren
 Zugriff auf potenziell sensible Dateien blockieren
 Dateieditor im WP Dashboard deaktivieren
 Skriptverkettung deaktivieren
 Skriptausführung im Include-Verzeichnis deaktivieren
 Zugriff von ungewollten Bots verbieten
 Auflistung von Verzeichnissen deaktivieren
 Debug-Ausgaben deaktivieren
 Login-URL ändern
 2024-02-21 21:31:00 +01:00
Thomas Günther
69322d64f3 Design updates 2024-02-21 16:07:03 +01:00
176 changed files with 4235 additions and 6490 deletions
Expand all files Collapse all files

27
.deployment/create_info_json.php Normal file
View File

@ -0,0 +1,27 @@
<?php
if (!isset($argv[1])) {
die('No version set, please use ' . PHP_EOL .'make setup version=' . PHP_EOL);
}
$file = file_get_contents(dirname(__FILE__) . '/info.json.tpl');
$file = str_replace('%version%', $argv[1], $file);
$file = str_replace('%date%', date('d.m.Y H:i:00'), $file);
$file = str_replace('%changelog%', parseChangeLog(), $file);
$ptr = fopen('info.json', 'w');
fwrite($ptr, $file);
fclose($ptr);
system('lftp -e "put -O / info.json; bye" -u "lv-sachsen-main_ftp3,sE&xDXc8za#S" bdp.mein-verein.online');
function parseChangeLog()
{
$return = '';
foreach (file(dirname(__FILE__) . '/../changelog') as $line) {
$line = trim($line);
if ($line !== '') {
$return .= $line;
}
};
return $return;
}

17
.deployment/info.json Normal file
View File

@ -0,0 +1,17 @@
{
"name": "BdP Kompass",
"slug": "bdp-kompass",
"author": "Thomas Günther",
"author_profile": "https://sachsen.pfadfinden.de",
"version": "4.3.2",
"download_url": "http://lv-sachsen-main.bdp.mein-verein.online/wordpress/bdp-kompass-4.3.2.zip",
"requires": "6.0",
"tested": "6.5",
"requires_php": "8.2",
"last_updated": "02.03.2024 16:24:00",
"sections": {
"description": "Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite",
"installation": "Bitte wendet euch an den LB IT, falls ihr zur Installation oder zu Updates Fragen habt.",
"changelog": "<h4>Version 4.3.1</h4><ul><li>Mehrsprachrigkeit unterstütz</li><li>Unterstützung für Smartphones</li></ul><h4>Version 4.2.1</h4><ul><li>Erweiterte Sicherheitsfunktionen implemntiert</li><li>Passwort-Policies implementiert</li><li>Integration von Limit Login Attempts (classic)</li><li>Integration von WPS Hide Login</li></ul><h4>Version 4.1.1</h4><ul><li>Erster release des Plugins</li></ul>"
}
}

17
.deployment/info.json.tpl Normal file
View File

@ -0,0 +1,17 @@
{
"name": "BdP Kompass",
"slug": "bdp-kompass",
"author": "Thomas Günther",
"author_profile": "https://sachsen.pfadfinden.de",
"version": "%version%",
"download_url": "http://lv-sachsen-main.bdp.mein-verein.online/wordpress/bdp-kompass-%version%.zip",
"requires": "6.0",
"tested": "6.5",
"requires_php": "8.2",
"last_updated": "%date%",
"sections": {
"description": "Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite",
"installation": "Bitte wendet euch an den LB IT, falls ihr zur Installation oder zu Updates Fragen habt.",
"changelog": "%changelog%"
}
}

17
Makefile Normal file
View File

@ -0,0 +1,17 @@
translate: bdp-kompass.php
msgfmt lang/bdp-kompass_de_DE.po -olang/bdp-kompass-de_DE.mo
deploy: bdp-kompass.php
make translate
@php ./.deployment/create_info_json.php $(version)
mkdir -p ./.deployment/bdp-kompass/bdp-kompass
cp -r * ./.deployment/bdp-kompass/bdp-kompass
rm ./.deployment/bdp-kompass/bdp-kompass/changelog
rm ./.deployment/bdp-kompass/bdp-kompass/Makefile
rm -rf ./.deployment/bdp-kompass/bdp-kompass/.deployment
rm -rf ./.deployment/bdp-kompass/bdp-kompass/.git
cd ./.deployment/bdp-kompass/ && zip -qr ./bdp-kompass-$(version).zip ./bdp-kompass/
lftp -e "put -O / ./.deployment/bdp-kompass/bdp-kompass-$(version).zip; bye" -u "lv-sachsen-main_ftp3,sE&xDXc8za#S" bdp.mein-verein.online
rm -rf ./.deployment/bdp-kompass/
rm -rf ./.deployment/info.json/
rm -rf ./info.json

0
README.md
View File

43
assets/password.js Normal file
View File

@ -0,0 +1,43 @@
jQuery(document).ready(function($) {
$( "<button class='button button-primary' disabled id='password_too_short'>" +
php_vars.password_too_short_text + "</button>" ).insertBefore( ".submit" );
$("#password_too_short").css('display', 'none');
$(document).on('DOMSubtreeModified', '#pass-strength-result', function() {
var strengthMeter = $(this).attr('class');
var allowedStrengths = php_vars.allowed_strengths;
$( "[name='pw_weak']" ).css('visibility', 'hidden');
$( '.pw-weak' ).css('visibility', 'hidden');
$( '#pw-weak-text-label' ).css('visibility', 'hidden');
if (strengthMeter !== '') {
if (allowedStrengths.includes(strengthMeter)) {
$("[name='pw_weak']").prop("checked", true);
$("[name='submit']").css('display', 'inline');
$('#createusersub').css('display', 'inline');
$('submit').onclick = function() {
$('your-profile').submit();
};
$("#createusersub").onclick = function() {
$('createuser').submit();
};
$("#password_too_short").css('display', 'none');
} else {
$("#createusersub").css('display', 'none');
$("[name='submit']").prop("disabled", true);
$("[name='pw_weak']").prop("checked", false);
$("[name='submit']").css('display', 'none');
$('submit').onclick = function() {
return false;
};
$("#createusersub").onclick = function() {
return false;
};
$("#password_too_short").css('display', 'inline');
}
}
});
});

21
assets/searchtable.js Normal file
View File

@ -0,0 +1,21 @@
function searchTable(tableId, searchField) {
var input, filter, table, tr, td, i, j, txtValue;
input = searchField;
filter = input.value.toUpperCase();
table = document.getElementById(tableId);
tr = table.getElementsByTagName("tr");
for (i = 0; i < tr.length; i++) {
td = tr[i].getElementsByTagName("td");
for (j = 0; j < td.length; j++) {
if (td[j]) {
txtValue = td[j].textContent || td[j].innerText;
if (txtValue.toUpperCase().indexOf(filter) > -1) {
tr[i].style.display = "";
break;
} else {
tr[i].style.display = "none";
}
}
}
}
}

18
assets/security.css
View File

@ -3,13 +3,11 @@
width: 85%;
margin: auto;
padding: 10px;
border-style: solid; border-color: #d0d0d0; border-radius: 10px; padding: 15px; border-width: 1px;
box-shadow: 2px 2px 5px #c0c0c0;
}
.bdp_security_inner {
border-style: solid; border-color: #d0d0d0; border-radius: 10px; padding: 15px; border-width: 1px;
box-shadow: 2px 2px 5px #c0c0c0;
width: 80%;
margin: 0 auto 40px;
}
@ -52,4 +50,16 @@
.long_text {
width: 80%;
}
.bdp-kompass-no-blocked-ips
{
padding: 5px 10px;
width: 90%;
background-color: #ffffff;
border-style: solid;
border-color: #00a32a;
border-width: 1px;
font-weight: bold;
font-size: 12pt;
}

426
assets/wordpress-bdp.css
View File

@ -1,87 +1,389 @@
#adminmenu,
#wpadminbar,
#adminmenuwrap,
#adminmenuback, #adminmenuwrap, #adminmenu, #adminmenu .wp-has-current-submenu > .wp-submenu {
width: 250px;
}
#wpcontent, #wpfooter {
margin-left: 230px;
background-color: #ffffff !important;
padding-left: 40px;
}
#adminmenu .wp-submenu {
left: 210px;
}
#adminmenu .wp-not-current-submenu .wp-submenu, .folded #adminmenu .wp-has-current-submenu .wp-submenu, #adminmenu .ame-has-deep-submenu:not(.ame-has-highlighted-item) > .wp-submenu {
width: 30px;
}
body {
--ame-ms-menu-width: 250px;
}
@media screen and (min-width: 783px) {
body:not(.folded) #widgets-editor .interface-interface-skeleton {
left: 250px;
}
#adminmenu .wp-not-current-submenu .wp-submenu {
display: none !important;
}
}
@media screen and (max-width: 960px) and (min-width: 783px) {
body.auto-fold #widgets-editor .interface-interface-skeleton {
left: var(--ame-ms-collapsed-menu-width, 36px);
}
}
#wpwrap {
background-color: #ffffff;
}
#adminmenuback {
background-color: #ffcb04 !important;
box-shadow: none;
}
#toplevel_page_limit-login-attempts,
#wp-admin-bar-llar-root {
#adminmenu .wp-submenu a {
font-weight: 200;
}
#adminmenu > li {
padding: 10px 5px;
font-weight: bolder;
}
#adminmenu > li a {
color: #020918;
}
#adminmenu > li div.wp-menu-image:before {
color: #020918;
}
#adminmenu > li a:hover, #adminmenu > li.menu-top:hover, #adminmenu > li.opensub > a.menu-top, #adminmenu > li > a.menu-top:focus {
color: #020918;
}
#adminmenu > li.menu-top:hover, #adminmenu > li.opensub > a.menu-top, #adminmenu > li > a.menu-top:focus {
background-color: rgb(240, 244, 247);
color: #1d4899 !important;
}
#adminmenu > li.menu-top:hover div.wp-menu-image:before, #adminmenu > li.menu-top > a:focus div.wp-menu-image:before, #adminmenu > li.opensub > a.menu-top div.wp-menu-image:before {
color: #1d4899;
}
#adminmenu > li .wp-submenu, #adminmenu > li.wp-has-current-submenu .wp-submenu, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu, .folded #adminmenu > li.wp-has-current-submenu .wp-submenu a.wp-has-current-submenu:focus + .wp-submenu {
background: #ffcb04;
}
.nav-tab {
border-color: rgb(128, 159, 245);
background-color: rgba(185, 203, 255, 0.84);
border-radius: 5px 5px 0 0;
}
/* Active tabs use a bottom border color that matches the page background color. */
.about-wrap .nav-tab-active,
.nav-tab-active,
.nav-tab-active:hover {
border-style: none;
background-color: #F0F4F7;
border-bottom-color: #fff;
box-shadow: 2px 2px 5px #c0c0c0;
}
.button-primary {
border-style: none;
background-color: #F0F4F7 !important;
color: #404040 !important;
box-shadow: 2px 2px 5px #c0c0c0;
}
#adminmenu > li.wp-has-submenu.wp-not-current-submenu.opensub:hover:after {
border-right-color: #ffcb04;
}
#adminmenu > li .wp-submenu .wp-submenu-head {
color: #1d4899;
}
.wp-has-current-submenu:hover {
background-color: #fafafa !important;
}
.wp-submenu li a {
padding: 10px 0px 10px 10px;
padding-top: 10px !important;
padding-bottom: 10px !important;
}
#collapse-button {
display: none;
}
.wp-submenu-wrap,
.wp-submenu-head {
color: #FFFFFF !important;
.bdp_setting_box {
margin-right: 10px;
background-color: #ffffff;
padding: 15px;
border-style: solid;
border-width: 1px;
border-top-width: 0 !important;
border-color: #1d94cf;
}
.wp-has-submenu,
.wp-not-current-submenu,
.menu-top,
#collapse-button,
#wp-submenu ul,
#wp-admin-bar-site-name,
.ab-item
{
color: #46484d !important;
font-weight: bold !important;
}
.wp-menu-open ,
.wp-has-current-submenu li,
#adminmenu ul
{
background-color: #3163bd !important;
color: #FFFFFF !important;
.bdp_setting_box:first-of-type {
border-top-width: 1px !important;
}
.wp-not-current-submenu:hover,
#wpadminbar .ab-item:hover
{
background-color: #3163bd !important;
color: #FFFFFF !important;
.bdp_setting_box label {
cursor: pointer;
}
.bdp_setting_box label span {
cursor: pointer;
width: 10pt;
color: #a0a0a0;
}
@media screen and (min-width: 783px) {
.wp-has-current-submenu li a {
width: 210px !important;
}
}
.ab-submenu {
.wp-submenu li a:hover {
background-color: rgb(240, 244, 247) !important;
color: #1d4899 !important;
}
.current .menu-top .wp-menu-name,
.wp-has-current-submenu .wp-menu-name {
background-color: #ffcb04 !important;
border-style: none !important;
width: 202px;
}
#wp-admin-bar-updates,
#wp-admin-bar-comments,
#wp-admin-bar-new-content,
#wp-admin-bar-wp-logo
.wp-has-submenu:after {
border-right-color: #ffcb04 !important;
}
@media screen and (min-width: 783px) {
.wp-submenu, .wp-submenu-wrap {
background-color: #fafafa !important;
width: 220px !important;
}
#adminmenu .current .menu-top .wp-menu-name {
padding: 10px;
width: 225px !important;
}
}
ul#adminmenu a.wp-has-current-submenu::after, ul#adminmenu > li.current > a.current::after,
.auto-fold ul#adminmenu a.wp-has-current-submenu::after, .auto-fold ul#adminmenu > li.current > a.current::after {
display: none !important;
}
#adminmenu .wp-has-current-submenu .wp-submenu .wp-submenu-head, #adminmenu .wp-menu-arrow, #adminmenu .wp-menu-arrow div, #adminmenu li.current a.menu-top, #adminmenu li.wp-has-current-submenu a.wp-has-current-submenu
{
display: none;
background-color: #fafafa;
}
.bdp_submit:hover {
@media screen and (max-width: 782px) {
#adminmenu > li.menu-top:hover, #adminmenu > li.opensub > a.menu-top, #adminmenu > li > a.menu-top:focus {
background-color: #fafafa;
color: #1d4899 !important;
width: 285px !important;
}
#adminmenu .current .menu-top{
width: 280px;
}
#adminmenu .current .menu-top .wp-menu-name {
width: 245px !important;
}
#adminmenu > li .wp-submenu, #adminmenu > li.wp-has-current-submenu .wp-submenu, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu, .folded #adminmenu > li.wp-has-current-submenu .wp-submenu a.wp-has-current-submenu:focus + .wp-submenu {
width: 285px !important;
}
.wp-submenu:hover,
.wp-submenu .wp-submenu-wrap:hover,
.nav-tab-active:hover {
border-style: none;
background-color: #fafafa !important;
}
#adminmenuback, #adminmenuwrap, #adminmenu, #adminmenu .wp-has-current-submenu > .wp-submenu {
width: 300px !important;
}
.wp-submenu,
.wp-submenu .wp-submenu-wrap li,
.auto-fold #adminmenu li.menu-top .wp-submenu > li > a {
background-color: #fafafa !important;
width: 285px !important;
}
#wp-admin-bar-comments {
display: none !important;
}
#wp-admin-bar-kompass_gruppen {
display: block !important;
}
}
#adminmenu div.wp-menu-name {
}
#adminmenu > li .wp-submenu a, #adminmenu > li.wp-has-current-submenu .wp-submenu a, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu a, .folded #adminmenu > li.wp-has-current-submenu .wp-submenu a, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu a {
color: #020918;
padding-left: 25px;
}
#adminmenu > li .wp-submenu a:focus, #adminmenu > li .wp-submenu a:hover, #adminmenu > li.wp-has-current-submenu .wp-submenu a:focus, #adminmenu > li.wp-has-current-submenu .wp-submenu a:hover, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu a:focus, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu a:hover, .folded #adminmenu > li.wp-has-current-submenu .wp-submenu a, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu a:focus, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu a:hover {
color: #ffcb04;
background-color: #ffffff;
}
#adminmenu > li .wp-submenu li.current a, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu li.current a, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu li.current a {
color: #010a1a;
}
#adminmenu > li .wp-submenu li.current a:hover, #adminmenu > li .wp-submenu li.current a:focus, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu li.current a:hover, #adminmenu > li a.wp-has-current-submenu:focus + .wp-submenu li.current a:focus, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu li.current a:hover, #adminmenu > li.wp-has-current-submenu.opensub .wp-submenu li.current a:focus {
color: #ffcb04;
background-color: #ffffff;
}
#adminmenu > li.current a.menu-top, #adminmenu > li.wp-has-current-submenu a.wp-has-current-submenu, #adminmenu > li.wp-has-current-submenu .wp-submenu .wp-submenu-head, .folded #adminmenu > li.current.menu-top {
color: #1d4899;
}
#adminmenu > li.wp-has-current-submenu div.wp-menu-image:before, #adminmenu a.current:hover div.wp-menu-image:before, #adminmenu > li.current div.wp-menu-image::before, #adminmenu > li.wp-has-current-submenu a:focus div.wp-menu-image:before, #adminmenu > li.wp-has-current-submenu.opensub div.wp-menu-image:before, #adminmenu > li:hover div.wp-menu-image:before, #adminmenu > li a:focus div.wp-menu-image:before, #adminmenu > li.opensub div.wp-menu-image:before, .ie8 #adminmenu > li.opensub div.wp-menu-image:before, #adminmenu a.current:hover div.wp-menu-image:before {
color: #ffffff;
background-color: #3163bd;
cursor: pointer;
border-radius: 5px;
}
.bdp_submit {
background-color: #ffffff;
padding: 5px 25px;
border-style: solid;
border-width: 1px;
border-color: #769be7;
cursor: pointer;
border-radius: 5px;
box-shadow: 2px 2px 2px #d0d0d0;
#adminmenu > li .awaiting-mod, #adminmenu > li .update-plugins {
background: #ffcb04 !important;
color: #1d4899;
}
#adminmenu > li .current a .awaiting-mod, #adminmenu > li a.wp-has-current-submenu .update-plugins, #adminmenu > li:hover a .awaiting-mod, #adminmenu > li.menu-top:hover > a .update-plugins {
color: #1d4899;
background: #ffcb04;
}
#adminmenuback, #adminmenuwrap, #adminmenu {
background-color: #fafafa;
}
#adminmenuback {
box-shadow: 10px 10px 5px rgb(240, 244, 247);
}
@media screen and (min-width: 783px) {
}
#wpadminbar {
background-color: rgb(240, 244, 247);
color: #1d4899;
}
#wpadminbar .ab-item, #wpadminbar a.ab-item, #wpadminbar > #wp-toolbar span.ab-label, #wpadminbar > #wp-toolbar span.noticon {
color: #1d4899;
}
#wpadminbar .ab-icon, #wpadminbar .ab-icon:before, #wpadminbar .ab-item:before, #wpadminbar .ab-item:after {
color: #1d4899;
}
#wpadminbar:not(.mobile) .ab-top-menu > li:hover > .ab-item, #wpadminbar:not(.mobile) .ab-top-menu > li > .ab-item:focus, #wpadminbar.nojq .quicklinks .ab-top-menu > li > .ab-item:focus, #wpadminbar.nojs .ab-top-menu > li.menupop:hover > .ab-item, #wpadminbar .ab-top-menu > li.menupop.hover > .ab-item {
background-color: #ffffff;
color: #ffcb04;
}
#wpadminbar:not(.mobile) > #wp-toolbar li:hover span.ab-label, #wpadminbar:not(.mobile) > #wp-toolbar li.hover span.ab-label, #wpadminbar:not(.mobile) > #wp-toolbar a:focus span.ab-label, #wpadminbar:not(.mobile) li:hover .ab-icon:before, #wpadminbar:not(.mobile) li:hover .ab-item:before, #wpadminbar:not(.mobile) li:hover .ab-item:after, #wpadminbar:not(.mobile) li:hover #adminbarsearch:before {
color: #ffcb04;
background-color: #ffffff;
}
#wpadminbar .menupop .ab-sub-wrapper {
background-color: #ffffff;
}
#wpadminbar .quicklinks .menupop ul.ab-sub-secondary, #wpadminbar .quicklinks .menupop ul.ab-sub-secondary .ab-submenu {
background-color: #ffffff;
}
#wpadminbar .ab-submenu .ab-item, #wpadminbar .quicklinks .menupop ul li a, #wpadminbar .quicklinks .menupop.hover ul li a, #wpadminbar.nojs .quicklinks .menupop:hover ul li a {
color: #1d4899;
}
#wpadminbar .quicklinks li .blavatar, #wpadminbar .menupop .menupop > .ab-item:before {
color: #f3f3f1;
}
#wpadminbar .quicklinks .menupop ul li a {
padding: 10px;
}
#wpadminbar .quicklinks .menupop ul li a:hover, #wpadminbar .quicklinks .menupop ul li a:focus, #wpadminbar .quicklinks .menupop ul li a:hover strong, #wpadminbar .quicklinks .menupop ul li a:focus strong, #wpadminbar .quicklinks .ab-sub-wrapper .menupop.hover > a, #wpadminbar .quicklinks .menupop.hover ul li a:hover, #wpadminbar .quicklinks .menupop.hover ul li a:focus, #wpadminbar.nojs .quicklinks .menupop:hover ul li a:hover, #wpadminbar.nojs .quicklinks .menupop:hover ul li a:focus, #wpadminbar li:hover .ab-icon:before, #wpadminbar li:hover .ab-item:before, #wpadminbar li a:focus .ab-icon:before, #wpadminbar li .ab-item:focus:before, #wpadminbar li .ab-item:focus .ab-icon:before, #wpadminbar li.hover .ab-icon:before, #wpadminbar li.hover .ab-item:before, #wpadminbar li:hover #adminbarsearch:before, #wpadminbar li #adminbarsearch.adminbar-focused:before, #wpadminbar .quicklinks li a:hover .blavatar, #wpadminbar .quicklinks li a:focus .blavatar, #wpadminbar .quicklinks .ab-sub-wrapper .menupop.hover > a .blavatar, #wpadminbar .menupop .menupop > .ab-item:hover:before, #wpadminbar.mobile .quicklinks .ab-icon:before, #wpadminbar.mobile .quicklinks .ab-item:before {
color: #1d4899;
background-color: rgb(240, 244, 247);
}
#wpadminbar #wp-admin-bar-user-info .display-name {
color: #1d4899;
}
#wpadminbar #wp-admin-bar-user-info a:hover .display-name {
color: #ffcb04;
background-color: #ffffff;
}
#wpadminbar #wp-admin-bar-user-info .username {
color: #1d4899;
}
#wpadminbar.mobile .quicklinks .hover .ab-icon:before, #wpadminbar.mobile .quicklinks .hover .ab-item:before, #wpadminbar #adminbarsearch:before {
color: #f3f3f1;
}
li.wp-has-submenu.wp-not-current-submenu.opensub:after,
li.wp-has-submenu.wp-not-current-submenu.opensub:hover:after,
.wp-menu-name:after {
display: none !important;
}
#adminmenu li.wp-has-submenu.wp-not-current-submenu.opensub:hover:after {
display: none;
}
#adminmenu .wp-menu-arrow div {
display: none !important;
background-color: #FFFFFF !important;
}
#bdp_success {
background-color: #ffffff;
border-color: #c3c4c7;
border-left-color: #00a32a;
padding: 10px 12px;
margin: 5px 0 15px;
border-width: 1px;
border-style: solid;
border-left-width: 4px;
width: 97%;
}

209
bdp-kompass.php
View File

@ -2,48 +2,55 @@
/**
* Plugin Name: BdP Kompass
* Description: Wordpress-Plugin zur Unterstützung von Stämmen im Bund der Pfadfinderinnen und Pfadfinder e.V. zur optimalen Verwaltung eurer Webseite
* Version: 4.1.1
* Version: 4.3.9
* Tags: bdp, utility, helper
* Requires at least: 6.0
* Requires PHP: 8.2
* Author: Thomas Günther
* Author URI: https://www.sachsen.pfadfinden.de
* Update URI: https://lv-sachsen-main.bdp.mein-verein.online/wordpress/
* Update URI: http://lv-sachsen-main.bdp.mein-verein.online/wordpress/
* Text Domain: bdp-kompass
*/
use Bdp\Modules\Gruppen\Controllers\MainController as GruppenMain;
use Bdp\Modules\KompassSettings\Controllers\SettingsPage as KomnpassSettings;
use Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage as OptionsPageAlias;
use Bdp\Modules\Mail\Controllers\MailController;
use Bdp\Modules\Security\Security;
use Bdp\Modules\Seo\Seo;
define('BDP_LV_PLUGIN_DIR', ABSPATH . '/wp-content/plugins/bdp-kompass/');
define('BDP_LV_PLUGIN_URL', plugin_dir_url(__FILE__));
define('BDP_LV_PLUGIN_SLUG', 'bdp-kompass');
require_once BDP_LV_PLUGIN_DIR . 'core/fileloader.php';
bdp_create_menu_structure();
require_once dirname(__FILE__) . '/includes/setup.php';
function bdp_plugin_install() {
Seo::setup();
Calendar::setup();
Security::setup();
update_option('kompass_installation', true);
}
function bdp_plugin_init()
{
remove_menu_page('admin.php?page=limit-login-attempts&tab=dashboard');
if (get_option('kompass_installation') == true) {
delete_option('kompass_installation');
wp_redirect('admin.php?page=bdp-kompass%2Fmodules%2Findex.php&loadmodule=firstusage');
}
}
register_activation_hook(__FILE__, 'bdp_plugin_install');
add_action('init', 'bdp_plugin_init');
function bdp_plugin_init() {
bdp_kompass_load_plugin_textdomain();
Security::ProhibitBots();
Security::SetPageFilters();
GruppenMain::setup();
if (null == get_option('kompass_already_installed', null)) {
Seo::setup();
Calendar::setup();
Security::setup();
update_option('kompass_already_installed', true);
wp_redirect( 'site-health.php?tab=bdp_enhanced_security');
}
Seo::importVerificationKeys();
}
add_action('admin_menu', function () {
bdp_kompass_load_plugin_textdomain();
new OptionsPageAlias();
new KomnpassSettings();
new GruppenMain();
new MailController();
});
function register_custom_theme_directory() {
$file = ABSPATH . '/wp-content/plugins/bdp-kompass/buena/' ;
@ -54,149 +61,13 @@ function register_custom_theme_directory() {
switch_theme('buena');
}
#add_action( 'after_setup_theme', 'register_custom_theme_directory' );
class BdpVersionChecker
{
public $plugin_slug;
public $version;
public $cache_key;
public $cache_allowed;
public $updateUrl;
public function __construct()
{
$plugin_data = get_plugin_data(__FILE__);
$this->plugin_slug = 'bdp-kompass';
$this->updateUrl = $plugin_data['UpdateURI'] . '/info.json';
$this->version = $plugin_data['Version'];
$this->cache_key = 'bdp_kompass_upd';
$this->cache_allowed = true;
add_filter('plugins_api', array($this, 'info'), 20, 3);
add_filter('site_transient_update_plugins', array($this, 'update'));
add_action('upgrader_process_complete', array($this, 'purge'), 10, 2);
}
public function request()
{
$remote = get_transient($this->cache_key);
if (false === $remote || !$this->cache_allowed) {
$remote = wp_remote_get(
$this->updateUrl
,
array(
'timeout' => 10,
'headers' => array(
'Accept' => 'application/json'
)
)
);
if (
is_wp_error($remote)
|| 200 !== wp_remote_retrieve_response_code($remote)
|| empty(wp_remote_retrieve_body($remote))
) {
return false;
}
set_transient($this->cache_key, $remote, 3600);
}
$remote = json_decode(wp_remote_retrieve_body($remote));
return $remote;
}
function info($res = '', $action = '', $args = '')
{
if (!isset($args->slug) || $args->slug !== $this->plugin_slug) {
return $res;
}
// get updates
$remote = $this->request();
if (!$remote) {
return $res;
}
$res = new stdClass();
$res->name = $remote->name;
$res->slug = $remote->slug;
$res->version = $remote->version;
$res->tested = $remote->tested;
$res->requires = $remote->requires;
$res->author = $remote->author;
$res->author_profile = $remote->author_profile;
$res->download_link = $remote->download_url;
$res->trunk = $remote->download_url;
$res->requires_php = $remote->requires_php;
$res->last_updated = $remote->last_updated;
$res->sections = array(
'description' => $remote->sections->description,
'installation' => $remote->sections->installation,
'changelog' => $remote->sections->changelog
);
if (!empty($remote->banners)) {
$res->banners = array(
'low' => $remote->banners->low,
'high' => $remote->banners->high
);
}
return $res;
}
public function update($transient)
{
if (empty($transient->checked)) {
return $transient;
}
$remote = $this->request();
if(
$remote
&& version_compare( $this->version, $remote->version, '<' )
&& version_compare( $remote->requires, get_bloginfo( 'version' ), '<=' )
&& version_compare( $remote->requires_php, PHP_VERSION, '<' )
) {
$res = new stdClass();
$res->slug = $this->plugin_slug;
$res->plugin = plugin_basename( __FILE__ );
$res->new_version = $remote->version;
$res->tested = $remote->tested;
$res->package = $remote->download_url;
$transient->response[ $res->plugin ] = $res;
} else {
$res = new stdClass();
$res->slug = $this->plugin_slug;
$res->plugin = plugin_basename( __FILE__ );
$transient->no_update[ $res->plugin ] = $res;
}
return $transient;
}
public function purge($upgrader, $options)
{
if (
$this->cache_allowed
&& 'update' === $options['action']
&& 'plugin' === $options['type']
) {
delete_transient($this->cache_key);
}
}
function enqueue_custom_password_js() {
wp_enqueue_script( 'searchable-table', BDP_LV_PLUGIN_URL . '/assets/searchtable.js');
wp_enqueue_script( 'custom-password-js', BDP_LV_PLUGIN_URL . 'assets/password.js');
wp_localize_script( 'custom-password-js', 'php_vars', [
'allowed_strengths' => kompass_get_minimal_password_strength(),
'password_too_short_text' => 'Dass Passwort entspricht nicht den Anforderungen.'
]);
}
$class = new BdpVersionChecker();
add_filter( 'plugins_api', array( $class, 'info' ), 20, 3 );
add_action( 'after_setup_theme', 'kompass_after_setup_theme' );

96
buena/404.php
View File

@ -1,96 +0,0 @@
<!DOCTYPE html>
<!--[if IE 7]>
<html class="ie ie7" <?php language_attributes(); ?>>
<![endif]-->
<!--[if IE 8]>
<html class="ie ie8" <?php language_attributes(); ?>>
<![endif]-->
<!--[if !(IE 7) | !(IE 8) ]><!-->
<html <?php language_attributes(); ?>>
<!--<![endif]-->
<head>
<meta charset="<?php bloginfo( 'charset' ); ?>" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="shortcut icon" href="<?php echo esc_url( get_template_directory_uri() ); ?>/img/favicon.ico" />
<link rel="pingback" href="<?php bloginfo( 'pingback_url' ); ?>" />
<?php if ( is_singular() ) wp_enqueue_script( 'comment-reply' ); ?>
<?php wp_head(); ?>
</head>
<!-- FIXME: Mehr ARIA role setzen -->
<body <?php body_class(); ?>>
<div id="wrap"><!-- FIXME: Klassen hfeed, site? -->
<header id="header" role="banner"><!-- FIXME: Klasse site-header? -->
<hgroup id="branding">
<h1 class="site-title">
<a href="<?php echo esc_url( home_url( '/' ) ); ?>" title="<?php _e( 'Zurück zur Startseite', 'buena-theme' ); ?>">
<img alt="Bund der Pfadfinderinnen und Pfadfinder" src="<?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen.png" srcset="<?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen.png 1x, <?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen@2x.png 2x" width="390" height="79" />
</a>
</h1>
<h2 class="site-description">
<?php echo esc_html( get_bloginfo( 'name', 'display' ) ); ?>
</h2>
</hgroup>
<nav class="screen-reader-text">
<!-- FIXME: Tollere Navigation ausdenken -->
<a href="#content">
<?php _e( 'Zum Inhalt springen', 'buena-theme' ); ?>
</a>
</nav>
<?php do_action( 'buena_search_form' ); ?>
</header>
<div id="left">
<?php wp_nav_menu( [ 'theme_location' => 'primary', 'depth' => 2, 'container' => 'nav', 'container_class' => 'nav-menu' ] ); ?>
<?php if ( is_active_sidebar( 'below-navigation' ) ): ?>
<ul class="widgets">
<?php dynamic_sidebar( 'below-navigation' ); ?>
</ul>
<?php endif; ?>
</div>
<div id="teaser">
<?php if ( is_page() || have_posts() && is_single() ): the_post(); ?>
<?php if ( has_post_thumbnail() ): ?>
<?php the_post_thumbnail( 'poster', [ 'alt' => '' ] ); ?>
<?php else: ?>
<img src="<?php header_image(); ?>" height="<?php echo get_custom_header()->height; ?>" width="<?php echo get_custom_header()->width; ?>" alt="" />
<?php endif; ?>
<div id="teaserTitle">
<h2><?php the_title(); ?></h2>
</div>
<?php rewind_posts(); ?>
<?php elseif ( get_header_image() ): ?>
<img src="<?php header_image(); ?>" height="<?php echo get_custom_header()->height; ?>" width="<?php echo get_custom_header()->width; ?>" alt="" />
<div id="teaserTitle">
<h2><?php bloginfo( 'description' ); ?></h2>
</div>
<?php endif; ?>
</div>
<div id="main" role="main">
<div id="content">
<?php if ( have_posts() ): ?>
<?php while ( have_posts() ): the_post(); ?>
<?php get_template_part( 'content', get_post_format() ); ?>
<?php endwhile; ?>
<?php else: // FIXME: Wenn berechtigt: Erstellen anbieten ?>
<article id="post-0" class="post no-results not-found">
<?php _e( 'Nicht gefunden.', 'buena-theme' ); ?>
</article>
<?php endif; ?>
</div>
<nav class="pagination">
<div class="previous"><?php previous_posts_link( __( '« Neuere Beiträge', 'buena-theme' ) ); ?></div>
<div class="next"><?php next_posts_link( __( 'Ältere Beiträge »', 'buena-theme' ) ); ?></div>
</nav>
<?php comments_template(); ?>
</div>
</div>
<?php if ( is_active_sidebar( 'footer' ) ): ?>
<footer id="footer">
<ul class="widgets">
<?php dynamic_sidebar( 'footer' ); ?>
</ul>
</footer>
<?php endif; ?>
<?php wp_footer(); ?>
</body>
</html>

27
buena/comments.php
View File

@ -1,27 +0,0 @@
<?php
if ( post_password_required() ) {
printf( '<p class="nocomments">%s</p>', __( 'Kommentare werden erst angezeigt, wenn das Kennwort eingegeben wurde.', 'buena-theme' ) );
return;
}
// FIXME: Hier sollten die Social-Media-Knöpfe auftauchen…
?>
<div class="comments">
<?php if ( have_comments() ) : ?>
<h4 id="comments"><?php comments_number( 'Keine Kommentare', 'Ein Kommentar', '% Kommentare' );?></h4>
<ul class="commentlist">
<?php wp_list_comments(); ?>
</ul>
<nav class="pagination">
<div class="alignleft"><?php previous_comments_link() ?></div>
<div class="alignright"><?php next_comments_link() ?></div>
</nav>
<?php endif; ?>
<?php if ( comments_open() ) : ?>
<?php comment_form(); ?>
<?php else: ?>
<p class="nocomments screen-reader-text"><?php _e( 'Es kann nicht kommentiert werden.', 'buena-theme' ); ?></p>
<?php endif; ?>
</div>

17
buena/content.php
View File

@ -1,17 +0,0 @@
<article id="post-<?php the_ID(); ?>" <?php post_class( 'clearfix' ); ?>>
<?php if ( is_singular() ): ?>
<?php the_content(); ?>
<p><?php the_tags(); ?></p>
<?php wp_link_pages( array( 'before' => '<nav class="page-links">Seiten:', 'after' => '</nav>' ) ); ?>
<?php else: ?>
<a class="h h-box h-box-blaugelb<?php if ( ! has_post_thumbnail() ): ?> h-box-blaugelb-bildlos<?php endif; ?>" href="<?php echo esc_url( get_permalink() ); ?>">
<?php the_post_thumbnail( 'gallery-thumb', [ 'alt' => '' ] ); ?>
<?php if ( get_the_title() ): ?>
<header class="wrap">
<h3><?php the_title(); ?></h3>
</header>
<?php endif; ?>
</a>
<?php has_excerpt() ? the_excerpt() : the_content(); ?>
<?php endif; ?>
</article>

89
buena/functions.php
View File

@ -1,89 +0,0 @@
<?php
if ( ! defined( 'ABSPATH' ) ) {
die( 'Im a theme.' );
}
if ( ! function_exists( 'trigger_pfadfinden_plugin_error' ) ) {
/**
* Show an error message.
*
* @see http://www.squarepenguin.com/wordpress/?p=6 Inspiration
*
* @param string $message
* @param int $type optional
* @return bool
*/
function trigger_pfadfinden_plugin_error( $message, $type = 0 )
{
if ( isset( $_GET['action'] ) && 'error_scrape' === $_GET['action'] ) {
echo $message;
return true;
}
if ( ! $type ) {
$type = E_USER_WARNING;
}
return trigger_error( $message, $type );
}
}
// Check for suitable environment
if ( defined( 'PHP_VERSION_ID' ) && PHP_VERSION_ID >= 50400 ) {
// Register autoloader if updater plugin missing
if ( ! class_exists( 'plugins\buena\use\shy-wordpress\src\Shy\WordPress\Theme' ) ) {
if ( ! include_once __DIR__ . '/use/shy-wordpress/src/autoloader.php' ) {
trigger_pfadfinden_plugin_error(
__( 'Das Theme ist unvollständig und konnte nicht geladen werden. Neuinstallation müsste helfen.', 'buena-theme' ),
E_USER_ERROR
);
return;
}
}
// Register our autoloader
if ( ! include_once __DIR__ . '/src/autoloader.php' ) {
trigger_pfadfinden_plugin_error(
__( 'Das Theme ist unvollständig und konnte nicht geladen werden. Neuinstallation müsste helfen.', 'buena-theme' ),
E_USER_ERROR
);
return;
}
/**
* @return \plugins\buena\src\Pfadfinden\WordPress\BuenaTheme
*/
function buena_get_theme()
{
static $theme = null;
if (!$theme) {
$theme = new ReflectionClass( 'plugins\buena\src\Pfadfinden\WordPress\BuenaTheme' );
$theme = $theme->newInstance();
}
return $theme;
}
/**
* @param string $method
* @return callable
*/
function buena_get_callback( $method )
{
return array( buena_get_theme(), (string) $method );
}
return buena_get_theme();
}
// Display error message
trigger_pfadfinden_plugin_error(
sprintf(
__( 'You need at least PHP 5.4 to use the Buena theme. Your are using %s.', 'buena-theme' ),
PHP_VERSION
),
E_USER_ERROR
);

106
buena/index.php
View File

@ -1,106 +0,0 @@
<!DOCTYPE html>
<!--[if IE 7]>
<html class="ie ie7" <?php language_attributes(); ?>>
<![endif]-->
<!--[if IE 8]>
<html class="ie ie8" <?php language_attributes(); ?>>
<![endif]-->
<!--[if !(IE 7) | !(IE 8) ]><!-->
<html <?php language_attributes(); ?>>
<!--<![endif]-->
<head>
<meta charset="<?php bloginfo( 'charset' ); ?>" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<?php if ( ! function_exists( 'has_site_icon' ) || ! has_site_icon() ): // FIXME: Remove workaround on 2016-02-16 ?>
<link rel="shortcut icon" href="<?php echo esc_url( get_template_directory_uri() ); ?>/img/favicon.ico" />
<?php endif; ?>
<link rel="pingback" href="<?php bloginfo( 'pingback_url' ); ?>" />
<?php if ( is_singular() ) wp_enqueue_script( 'comment-reply' ); ?>
<?php wp_head(); ?>
</head>
<!-- FIXME: Mehr ARIA role setzen -->
<body <?php body_class(); ?>>
<div id="wrap"><!-- FIXME: Klassen hfeed, site? -->
<header id="header" role="banner"><!-- FIXME: Klasse site-header? -->
<hgroup id="branding">
<h1 class="site-title">
<a href="<?php echo esc_url( home_url( '/' ) ); ?>" title="<?php _e( 'Zurück zur Startseite', 'buena-theme' ); ?>">
<img alt="Bund der Pfadfinderinnen und Pfadfinder" src="<?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen.png" srcset="<?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen.png 1x, <?php echo esc_url( get_template_directory_uri() ); ?>/img/bundeszeichen@2x.png 2x" width="390" height="79" />
</a>
</h1>
<h2 class="site-description">
<?php echo esc_html( get_bloginfo( 'name', 'display' ) ); ?>
</h2>
</hgroup>
<nav>
<!-- FIXME: Tollere Navigation ausdenken -->
<a href="#content" class="screen-reader-text"><?php _e( 'Zum Inhalt springen', 'buena-theme' ); ?></a>
<button type="button" id="responsiveMenu" title="<?php esc_attr_e( 'Menü', 'buena-theme' ); ?>">
<img alt="<?php esc_attr_e( 'Menü', 'buena-theme' ); ?>" src="<?php echo esc_url( get_template_directory_uri() ); ?>/img/hamburger.png" width="32" height="32" />
</button>
</nav>
<?php do_action( 'buena_search_form' ); ?>
</header>
<div id="left">
<?php wp_nav_menu( [ 'theme_location' => 'primary', 'depth' => 2, 'container' => 'nav', 'container_class' => 'nav-menu nav-menu-primary' ] ); ?>
<?php if ( is_active_sidebar( 'below-navigation' ) ): ?>
<ul class="widgets">
<?php dynamic_sidebar( 'below-navigation' ); ?>
</ul>
<?php endif; ?>
</div>
<?php if ( $buenaTeaserImage = buena_get_theme()->getTeaserImage() ): ?>
<header class="h h-box h-box-teaser">
<?php echo $buenaTeaserImage; ?>
<hgroup class="wrap">
<h2><?php buena_get_theme()->printTitle(); ?></h2>
</hgroup>
</header>
<?php else: ?>
<header class="h">
<h2><?php buena_get_theme()->printTitle(); ?></h2>
</header>
<?php endif; ?>
<div id="main" role="main" class="container">
<div id="content" class="content-<?php if ( is_singular() ): ?>singular<?php else: ?>gallery<?php endif; ?>">
<?php if ( have_posts() ): ?>
<?php while ( have_posts() ): the_post(); ?>
<?php get_template_part( 'content', get_post_format() ); ?>
<?php endwhile; ?>
<?php else: // FIXME: Wenn berechtigt: Erstellen anbieten ?>
<article id="post-0" class="post no-results not-found">
<?php _e( 'Nicht gefunden.', 'buena-theme' ); ?>
</article>
<?php endif; ?>
</div>
<nav class="pagination">
<div class="alignright"><?php next_posts_link( __( 'Ältere Beiträge »', 'buena-theme' ) ); ?></div>
<div class="alignleft"><?php previous_posts_link( __( '« Neuere Beiträge', 'buena-theme' ) ); ?></div>
</nav>
<?php comments_template(); ?>
</div>
</div>
<footer id="footer">
<div class="wrapper media">
<?php if ( is_active_sidebar( 'footer' ) || has_nav_menu( 'footer' ) ): ?>
<header class="h">
<?php echo esc_html( get_bloginfo( 'name', 'display' ) ?: 'Bund der Pfadfinderinnen und Pfadfinder e.V.' ); ?>
</header>
<?php wp_nav_menu( [ 'theme_location' => 'footer', 'container' => 'nav', 'container_class' => 'nav-menu nav-menu-footer alignleft', 'fallback_cb' => '' ] ); ?>
<ul class="widgets bd">
<?php dynamic_sidebar( 'footer' ); ?>
</ul>
<?php endif; ?>
</div>
</footer>
<script>
+function() {
document.getElementById('responsiveMenu').addEventListener('click', function() {
document.body.classList.toggle('show-responsive-menu');
});
}();
</script>
<?php wp_footer(); ?>
</body>
</html>

11
buena/searchform.php
View File

@ -1,11 +0,0 @@
<form role="search" method="get" class="search-form" action="<?php echo home_url( '/' ); ?>">
<label>
<span class="screen-reader-text"><?php echo _x( 'Search for:', 'label' ); ?></span>
<?php if ( doing_action( 'buena_search_form' ) ): ?>
<input type="search" class="search-field" value="<?php echo get_search_query(); ?>" name="s" title="<?php echo esc_attr_x( 'Search for:', 'label' ); ?>" />
<?php else: ?>
<input type="search" class="search-field" placeholder="<?php echo esc_attr_x( 'Search …', 'placeholder' ); ?>" value="<?php echo get_search_query(); ?>" name="s" title="<?php echo esc_attr_x( 'Search for:', 'label' ); ?>" />
<?php endif; ?>
</label>
<button type="submit" class="search-submit" title="<?php esc_attr_e( 'Query search', 'buena-theme' ); ?>"><?php echo esc_html_x( 'Search', 'submit button' ); ?></button>
</form>

19
buena/src/autoloader.php
View File

@ -1,19 +0,0 @@
<?php
/**
* Try to load a Pfadfinden WordPress class.
*
* @param string $name
* @return bool
*/
function buena_autoloader( $name )
{
if ( substr( $name, 0, 21 ) !== 'Pfadfinden\\WordPress\\' ) {
return false;
}
$name = __DIR__ . '/' . str_replace( '\\', DIRECTORY_SEPARATOR, $name ) . '.php';
return is_file( $name ) && include( $name );
}
spl_autoload_register( 'buena_autoloader' );

98
buena/use/shy-wordpress/src/Shy/WordPress/CompositeOption.php
View File

@ -1,98 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\src\Shy\WordPress;
use plugins\buena\use\shy/**
* A composite option with a fixed number of suboptions and their default values.
*/
abstract class CompositeOption implements \ArrayAccess, \Countable, \IteratorAggregate
{
use HookableTrait;
/**
* @var string
*/
protected $slug;
/**
* @return string
*/
public function getSlug()
{
return $this->slug;
}
protected function __construct( $slug )
{
$this->slug = (string) $slug;
$this->addHookMethod( 'default_option_' . $this->slug, 'getDefaults' );
}
/**
* Return default values for all suboptions.
* Hooked into get_option() defaults.
*
* @return array
*/
abstract public function getDefaults();
/**
* @param string $offset
* @return mixed
*/
public function getDefault( $offset )
{
return $this->getDefaults()[ $offset ];
}
public function offsetExists( $offset )
{
$settings = get_option( $this->slug );
return isset( $settings[ $offset ] );
}
public function offsetGet( $offset )
{
$settings = get_option( $this->slug );
if ( ! isset( $settings[ $offset ] ) ) {
throw new \OutOfBoundsException( "There is no setting '$offset'." );
}
return $settings[ $offset ];
}
public function offsetSet( $offset, $value )
{
$settings = get_option( $this->slug );
if ( ! isset( $settings[ $offset ] ) ) {
throw new \OutOfBoundsException( "There is no setting '$offset'." );
}
$settings[ $offset ] = $value;
update_option( $this->slug, $settings );
}
public function offsetUnset( $offset )
{
throw new \BadMethodCallException( 'You cannot unset settings.' );
}
public function count()
{
return count( $this->getDefaults() );
}
public function getIterator()
{
return new \ArrayIterator( get_option( $this->slug ) );
}
}

35
buena/use/shy-wordpress/src/Shy/WordPress/HookableTrait.php
View File

@ -1,35 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\src\Shy\WordPress;
/**
* Making actions and filters how they should be.
*
* Default to pass all arguments.
*/
trait HookableTrait
{
/**
* @param string $action_or_filter
* @param string $method
* @param int $priority
* @param int $acceptedArgs
*/
protected function addHookMethod( $action_or_filter, $method, $priority = 10, $acceptedArgs = 99 )
{
add_filter( $action_or_filter, array( $this, $method ), $priority, $acceptedArgs );
}
/**
* @param string $action_or_filter
* @param string $method
* @param int $priority
* @param int $acceptedArgs
*/
protected function removeHookMethod( $action_or_filter, $method, $priority = 10, $acceptedArgs = 99 )
{
remove_filter( $action_or_filter, array( $this, $method ), $priority, $acceptedArgs );
}
}

13
buena/use/shy-wordpress/src/Shy/WordPress/Plugin.php
View File

@ -1,13 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\src\Shy\WordPress;
use plugins\buena\use\shy/**
* Marker class for WordPress plugins.
*/
abstract class Plugin
{
use HookableTrait;
}

383
buena/use/shy-wordpress/src/Shy/WordPress/SettingsPage.php
View File

@ -1,383 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\src\Shy\WordPress;
use plugins\buena\use\shyuse plugins\buena\use\shy/**
* Abstracts common functionality and escaping for the Settings API.
*
* TODO: Check slug and field names for illegal characters.
* TODO: Refactor to not extend but use CompositeOption
*/
abstract class SettingsPage extends CompositeOption
{
use HookableTrait;
/**
* @var string
*/
protected $capability;
/**
* Slug (file name) of the parent menu entry.
*
* @see add_submenu_page() for suggestions.
*
* @return string|null
*/
protected function getParentSlug()
{
return 'options-general.php';
}
/**
* Title for this setting page.
*
* @return string
*/
abstract protected function getPageTitle();
/**
* String to show in the menu entry.
*
* @return string
*/
protected function getMenuTitle()
{
return $this->getPageTitle();
}
/**
* @param string $slug Page slug
* @param string $capability Required capability to view
*/
protected function __construct( $slug, $capability = 'manage_options' )
{
parent::__construct( $slug );
$this->capability = (string) $capability;
$this->addHookMethod( 'admin_menu', 'registerPage' );
$this->addHookMethod( 'admin_init', 'registerSettings' );
}
public function __toString()
{
return $this->slug;
}
/**
* Register our options page.
*
* @return void
*/
public function registerPage()
{
add_submenu_page(
$this->getParentSlug(),
$this->getPageTitle(),
$this->getMenuTitle(),
$this->capability,
$this->slug,
array( $this, 'renderPage' )
);
}
/**
* Register the actual settings.
* Override and use addSection() and add*Field() methods.
*
* @return void
*/
public function registerSettings()
{
register_setting(
$this->slug,
$this->slug,
array( $this, 'sanitizeOptions' )
);
}
/**
* Sanitize option values after form submission.
*
* @param array $options
* @return array
*/
abstract public function sanitizeOptions( array $options );
/**
* Section to add fields to.
*
* Parameter default from add_settings_field().
*
* @var string
*/
protected $currentSection = 'default';
/**
* Add a new section and return its generated name.
*
* @param string $title optional, can be empty
* @param string $name optional, will be generated if empty
* @return string
*/
protected function addSection( $title = '', $name = '' )
{
$name = (string) $name;
if ( ! strlen( $name ) ) {
$name = $this->slug . '-section' . ( count( $this->getSections() ) + 1 );
}
add_settings_section(
$name,
esc_html( $title ),
array( $this, 'renderSectionTeaser' ),
$this->slug
);
return $this->currentSection = $name;
}
/**
* Callback before output of section fields.
*
* Teasers must escape their output themselves.
*
* @param array $section {
* @type string $id
* @type string $title
* @type callable $callback
* }
*/
public function renderSectionTeaser( array $section )
{
}
/**
* Get all known section names on this page.
*
* @global $wp_settings_fields
* @return array<string>
*/
public function getSections()
{
global $wp_settings_fields;
if ( ! isset( $wp_settings_fields[ $this->slug ] ) ) {
return array();
}
return array_keys( $wp_settings_fields[ $this->slug ] );
}
/**
* @global $wp_settings_fields
* @param string $section
* @return array<string, array {
* @type string $id
* @type string $title
* @type callable $callback
* @type array $args
* }>
*/
public function getFieldsForSection( $section )
{
global $wp_settings_fields;
return $wp_settings_fields[ $this->slug ][ $section ];
}
/**
* Add a custom field to this setting page.
*
* @param string $name
* @param string $label
* @param callable $callback
* @param array $args
*/
protected function addField( $name, $label, $callback, $args = array() )
{
if ( ! is_callable( $callback ) ) {
throw new \InvalidArgumentException( 'Parameter $callback must be callable.' );
}
add_settings_field(
$name,
esc_html( $label ),
$callback,
$this->slug,
$this->currentSection,
$args
);
}
/**
* Add a text field to this settings page.
*
* @param string $name
* @param string $label
* @param array $args
* @param string $callback
*/
protected function addTextField( $name, $label, $args = array(), $callback = '' )
{
if ( ! $callback || ! is_callable( $callback ) ) {
$callback = array( $this, 'renderTextField' );
}
$this->addField(
$name,
$label,
$callback,
$args + array(
'label_for' => $this->slug . '-' . $name,
'name' => $name,
'attr' => array(),
)
);
}
/**
* @param string $name
* @param string $label
* @param string $caption
* @param array $args
* @param callable $callback
*/
protected function addCheckboxField( $name, $label, $caption, $args = array(), $callback = '' )
{
if ( ! $callback || ! is_callable( $callback ) ) {
$callback = array( $this, 'renderCheckboxField' );
}
$this->addField(
$name,
$label,
$callback,
$args + array(
'label_for' => $this->slug . '-' . $name,
'name' => $name,
'caption' => $caption,
'attr' => array(),
)
);
}
/**
* Add an error.
*
* @param string $code
* @param string $message
*/
protected function addError( $code, $message )
{
add_settings_error( $this->slug, $code, $message );
}
/**
* Errors for this setting.
*
* @return array {
* @type string $setting
* @type string $code
* @type string $message
* @type string $type 'error'
* }
*/
public function getErrors()
{
return get_settings_errors( $this->slug );
}
/**
* Render a setting as text field.
*
* @param array $args {
* @type string $name
* @type string $label_for
* @type array $attr
* }
*/
public function renderTextField( array $args )
{
$name = $args['name'];
$this->renderInputTag( array(
'type' => 'text',
'id' => $args['label_for'],
'class' => 'regular-text',
'name' => $this->slug . '[' . $name . ']',
'value' => $this[ $name ],
) + $args['attr'] );
}
/**
* Render a setting as checkbox.
*
* @param array $args {
* @type string $caption
* @type string $name
* @type string $label_for
* @type array $attr
* }
*/
public function renderCheckboxField( array $args )
{
$name = $args['name'];
echo '<label>';
$this->renderInputTag( array(
'type' => 'checkbox',
'id' => isset( $args['label_for'] ) ? $args['label_for'] : null,
'name' => $this->slug . '[' . $name . ']',
'value' => '1',
'checked' => $this[ $name ] ? 'checked' : null,
) + $args['attr'] );
echo ' ' . esc_html( $args['caption'] ) . '</label>';
}
/**
* Output an input tag with given HTML attributes.
*
* @param array $attr
*/
protected function renderInputTag( array $attr )
{
echo '<input';
foreach ( $attr as $k => $v ) {
if ( null !== $v ) {
printf( ' %s="%s"', $k, esc_attr( $v ) );
}
}
echo ' />';
}
/**
* Output settings page.
*/
public function renderPage()
{
if ( ! current_user_can( $this->capability ) ) {
wp_die( __( 'You do not have sufficient permissions to access this page.' ) );
}
?>
<div class="wrap">
<h2><?php echo esc_html( $this->getPageTitle() ); ?></h2>
<form action="options.php" method="post">
<?php settings_errors( 'general' ); // “Settings saved.” message ?>
<?php settings_fields( $this->slug ); ?>
<?php do_settings_sections( $this->slug ); ?>
<?php submit_button(); ?>
</form>
</div>
<?php
}
}

18
buena/use/shy-wordpress/src/Shy/WordPress/Theme.php
View File

@ -1,18 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\src\Shy\WordPress;
use plugins\buena\use\shyabstract class Theme extends Plugin
{
public function __construct()
{
$GLOBALS['content_width'] = $this->getContentWidth();
}
/**
* @return integer
*/
abstract public function getContentWidth();
}

20
buena/use/shy-wordpress/src/autoloader.php
View File

@ -1,20 +0,0 @@
<?php
/**
* Try to load a Shy WordPress class.
*
* @param string $name
* @return boolean
*/
function shy_wordpress_autoloader( $name )
{
if ( substr( $name, 0, 14 ) !== 'Shy\\WordPress\\' ) {
return false;
}
$name = __DIR__ . '/' . str_replace( '\\', DIRECTORY_SEPARATOR, $name ) . '.php';
return is_file( $name ) && include( $name );
}
spl_autoload_register( 'shy_wordpress_autoloader' );

40
buena/use/shy-wordpress/tests/Shy/WordPress/Tests/HookableTraitTest.php
View File

@ -1,40 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\tests\Shy\WordPress\Tests;
use wordpress\src\Shy\WordPress\HookableTrait;
/**
* Check that HookableTrait actually works.
*
* @author Philipp Cordes <pc@irgendware.net>
*/
class HookableTraitTest extends \WP_UnitTestCase
{
use HookableTrait;
public function actionMethod()
{
}
public function testWorksAsAction()
{
$this->addHookMethod( 'shywp_test_action', 'actionMethod' );
$this->assertTrue( has_action( 'shywp_test_action' ), 'Registering an action via addHookMethod() worked.' );
}
public function filterMethod( $value )
{
return $value;
}
public function testWorksAsFilter()
{
$this->addHookMethod( 'shywp_test_filter', 'filterMethod' );
$this->assertTrue( has_filter( 'shywp_test_filter' ), 'Registering a filter via addHookMethod() worked.' );
}
}

181
buena/use/shy-wordpress/tests/Shy/WordPress/Tests/SettingsPageTest.php
View File

@ -1,181 +0,0 @@
<?php
namespace plugins\buena\use\shy-wordpress\tests\Shy\WordPress\Tests;
use wordpress\src\Shy\WordPress\SettingsPage;
use PHPUnit_Framework_MockObject_MockObject as MockObject;
use PHPUnit_Framework_MockObject_Builder_InvocationMocker as BuilderInvocationMocker;
class SettingsPageTest extends \WP_UnitTestCase
{
/**
* Mock a SettingsPage.
*
* @param string|null $slug
* @param string $capability
*
* @return wordpress\src\Shy\WordPress\SettingsPage|MockObject {
* @method BuilderInvocationMocker method(string)
* }
*/
protected function mockSettingsPage( $slug = null, $capability = 'manage_options' )
{
$builder = $this->getMockBuilder( 'plugins\buena\use\shy-wordpress\src\Shy\WordPress\SettingsPage' )
->enableProxyingToOriginalMethods();
if ( null === $slug ) {
$builder->disableOriginalConstructor();
} else {
$builder->setConstructorArgs( array( $slug, $capability ) );
}
return $builder->getMock();
}
/**
* Test reading defaults from the settings page.
*
* @covers wordpress\src\Shy\WordPress\SettingsPage::__construct()
* @covers wordpress\src\Shy\WordPress\SettingsPage::getDefaults()
* @covers wordpress\src\Shy\WordPress\SettingsPage::offsetExists()
* @covers wordpress\src\Shy\WordPress\SettingsPage::offsetGet()
* @expectedException OutOfBoundsException
*/
public function testReading()
{
$slug = 'shywp_settingspage_test_slug_reading';
$defaults = array( 'foo' => 'bar' );
$page = $this->mockSettingsPage( $slug );
$page->method( 'getDefaults' )->willReturn( $defaults );
$this->assertEquals( $defaults, get_option( $slug ) );
$this->assertArrayHasKey( 'foo', $page );
$this->assertEquals( $defaults['foo'], $page['foo'] );
$this->assertArrayNotHasKey( 'baz', $page );
$page['baz'];
}
/**
* Test writing to the settings page.
*
* @covers wordpress\src\Shy\WordPress\SettingsPage::offsetSet()
* @expectedException OutOfBoundsException
*/
public function testWriting()
{
$slug = 'shywp_settingspage_test_slug_writing';
$defaults = array( 'foo' => 'bar' );
$page = $this->mockSettingsPage( $slug );
$page->method( 'getDefaults' )->willReturn( $defaults );
$page['foo'] = 'foo';
$this->assertEquals( 'foo', $page['foo'] );
$page['baz'] = '123';
}
/**
* Fail to remove a setting.
*
* @covers SettingPage::offsetUnset()
* @expectedException BadMethodCallException
*/
public function testRemoving()
{
$slug = 'shywp_settingspage_test_slug_removing';
$defaults = array();
$page = $this->mockSettingsPage( $slug );
$page->method( 'getDefaults' )->willReturn( $defaults );
unset( $page['baz'] );
}
/**
* Test whether the settings page can be showed.
*
* @covers wordpress\src\Shy\WordPress\SettingsPage::__construct()
* @covers wordpress\src\Shy\WordPress\SettingsPage::getParentSlug()
* @covers wordpress\src\Shy\WordPress\SettingsPage::getPageTitle()
* @covers wordpress\src\Shy\WordPress\SettingsPage::getMenuTitle()
*/
public function testRegisterPage()
{
$this->expectOutputRegex( '/&lt;page&amp;title&gt;/' );
$slug = 'shywp_settingspage_test_slug_registerpage';
$page = $this->mockSettingsPage( $slug );
$page->method( 'getParentSlug' )->willReturn( 'index.php' );
$page->method( 'getPageTitle' )->willReturn( '<page&title>' );
$page->method( 'getMenuTitle' )->willReturn( '<menu&title>' );
$page->expects( $this->once() )->method( 'registerPage' )->with();
$page->expects( $this->once() )->method( 'registerSettings' )->with();
// FIXME: Simulate display of backend.
}
/**
* @covers wordpress\src\Shy\WordPress\SettingsPage::sanitizeOptions()
*/
public function testSanitize()
{
$slug = 'shywp_settingspage_test_slug_sanitize';
$page = $this->mockSettingsPage( $slug );
$page->method( 'sanitizeOptions' )->will( $this->returnArgument( 0 ) );
$page->expects( $this->atLeastOnce() )->method( 'sanitizeOptions' );
$this->markTestIncomplete();
// FIXME: Simulate form submission
}
public function testRenderTextField()
{
$this->expectOutputRegex( '/^<input type="text"/' );
$page = $this->mockSettingsPage();
$page->renderTextField( array(
'label_for' => 'foo',
'name' => 'bar',
) );
}
public function testRenderCheckboxField()
{
$this->expectOutputRegex( '/^<label><input type="checkbox"/' );
$page = $this->mockSettingsPage();
$page->renderCheckboxField( array(
'label_for' => 'foo',
'name' => 'bar',
'caption' => 'baz',
) );
}
public function testRenderPage()
{
$this->markTestIncomplete();
$this->expectOutputRegex( '/<form action="options.php" method="post">.*&lt;3&amp;&gt;.*cryptic_teaser.*</form>/' );
$slug = 'shywp_settingspage_test_slug_renderpage';
$page = $this->mockSettingsPage( $slug, 'read' );
$page->method( 'getPageTitle' )->willReturn( '<3&>' );
$page->method( 'renderSectionTeaser' )->will( $this->returnCallback( function () use ( $teaser ) {
echo 'cryptic_teaser';
} ) );
// FIXME: Simulate view of the settings page
$page->renderPage();
}
}

20
buena/use/shy-wordpress/tests/autoloader.php
View File

@ -1,20 +0,0 @@
<?php
/**
* Try to load a Shy WordPress test class.
*
* @param string $name
* @return boolean
*/
function shy_wordpress_tests_autoloader( $name )
{
if ( substr( $name, 0, 20 ) !== 'Shy\\WordPress\\Tests\\' ) {
return false;
}
$name = __DIR__ . '/' . str_replace( '\\', DIRECTORY_SEPARATOR, $name ) . '.php';
return is_file( $name ) && include( $name );
}
spl_autoload_register( 'shy_wordpress_tests_autoloader' );

14
buena/use/shy-wordpress/tests/bootstrap.php
View File

@ -1,14 +0,0 @@
<?php
/**
* PHPUnit bootstrap file
*
* Variant of the one from github.com/tierra/wordpress-plugins-tests
*/
require_once '../src/autoloader.php';
require_once 'autoloader.php';
require_once ( getenv( 'WP_DEVELOP_DIR' ) ?: '../../../..' )
. '/tests/phpunit/includes/bootstrap.php';

61
changelog Normal file
View File

@ -0,0 +1,61 @@
<h4>Version 4.3.9</h4>
<ul>
<li>Fehlerbehebung</li>
</ul>
<h4>Version 4.3.8</h4>
<ul>
<li>Google- und Bing-Verifizierung nun auch im Plugin möglich</li>
<li>Neue Nutzerrollen</li>
<li>Update in Menüstruktur</li>
</ul>
<h4>Version 4.3.7</h4>
<ul>
<li>Design - Optimierungen</li>
</ul>
<h4>Version 4.3.6</h4>
<ul>
<li>Sicherheitspatch</li>
</ul>
<h4>Version 4.3.5</h4>
<ul>
<li>Translation fixes</li>
</ul>
<h4>Version 4.3.4</h4>
<ul>
<li>Optimized menu tree</li>
</ul>
<h4>Version 4.3.3</h4>
<ul>
<li>Bugfix für osobletete Plugins</li>
</ul>
<h4>Version 4.3.2</h4>
<ul>
<li>Bugfix: Zeitzone in Kalender korrigiert</li>
</ul>
<h4>Version 4.3.1</h4>
<ul>
<li>Mehrsprachigkeit unterstützt</li>
<li>Unterstützung für Smartphones</li>
</ul>
<h4>Version 4.2.1</h4>
<ul>
<li>Erweiterte Sicherheitsfunktionen implemntiert</li>
<li>Passwort-Policies implementiert</li>
<li>Integration von Limit Login Attempts (classic)</li>
<li>Integration von WPS Hide Login</li>
</ul>
<h4>Version 4.1.1</h4>
<ul>
<li>Erster release des Plugins</li>
</ul>

28
components/partials/checkbox-option.php Normal file
View File

@ -0,0 +1,28 @@
<?php
function kompass_print_checkbox(string $settingName) {
$currentSetting = get_option($settingName, []);
if (!is_array($currentSetting)) {
$currentSetting = [$currentSetting];
}
$options = ['kompass_limit_login_lockout_notify' => [
'email' => __('E-Mail to site admin', BDP_LV_PLUGIN_SLUG)
],
];
if(!isset($options[$settingName])) {
return;
}
$setting = $options[$settingName];
foreach ($setting as $radioOption => $optionText) {
$isChecked = in_array($radioOption, $currentSetting) ? 'checked ' : '' ;
echo '<input ' .
$isChecked .
'type="checkbox"
name="' . $settingName . '[]"
value="' . $radioOption . '"
id="setting_' . $settingName . '_' . $radioOption . '" />' .
'<label for="setting_' . $settingName . '_' . $radioOption . '">' . $optionText . '</label><br />';
}
}

24
components/partials/date-element.php Normal file
View File

@ -0,0 +1,24 @@
<?php
function _kompass_print_datebox($settingName, $settingValue, $style = '') {
echo '<input style="' . $style . '" type="date" name="' . $settingName . '" value="' . $settingValue. '" />';
if (defined('WP_DEBUG') && WP_DEBUG == true) {
echo '<br />' . $settingName;
}
}
function kompass_print_datebox(array $args) {
if (!isset($args['setting'])) {
wp_die('Missing argument setting at text-element ' . print_r($args, true));
}
$setting = get_option($args['setting'], null);
$setting = $setting ?? ( $args['value'] ?? '' );
$style = isset($args['style']) ? $args['style'] : '';
$value = esc_attr($setting);
if ($value === null && isset($args['value'])) {
$value = $args['value'];
}
_kompass_print_datebox($args['setting'], $value, $style);
}

18
components/partials/form-start.php Normal file
View File

@ -0,0 +1,18 @@
<?php
function kompass_prepare_form($params = [])
{
if (isset($params['page'])) {
echo ' <form method="post" action="admin.php?page=' .$params['page'] . '">';
}
echo '<input type="hidden" name="update_options" value="true" />';
foreach ($params as $key => $value) {
echo '<input type="hidden" name="' . $key . '" value="' . $value . '">';
}
}
function kompass_close_form(string $buttonText)
{
submit_button($buttonText,'button');
echo '</form>';
}

8
components/partials/message-box.php Normal file
View File

@ -0,0 +1,8 @@
<?php
function kompass_print_message_box(string $message, string $type = 'success')
{
echo '<div class="notice notice-' . $type .'" style="padding: 5px 10px;">';
echo $message;
echo '</div>';
}

35
components/partials/radio-option.php Normal file
View File

@ -0,0 +1,35 @@
<?php
function kompass_print_radio(string $settingName) {
$currentSetting = get_option($settingName, '');
$options = [
'kompass_limit_login_client_type' => [
'REMOTE_ADDR' => __('Direct connection', BDP_LV_PLUGIN_SLUG),
'HTTP_X_FORWARDED_FOR' => __('Behind a proxy', BDP_LV_PLUGIN_SLUG)
],
'kompass_limit_login_cookies' => [
true => __('Yes', BDP_LV_PLUGIN_SLUG),
false => __('No', BDP_LV_PLUGIN_SLUG)
],
'kompass_password_minimal_strength' => [
'1' => __('Allow all password strengths', BDP_LV_PLUGIN_SLUG),
'2' => __('At least passwords with medium strength', BDP_LV_PLUGIN_SLUG),
'3' => __('Only allow strong passwords', BDP_LV_PLUGIN_SLUG)
]
];
if(!isset($options[$settingName])) {
return;
}
$setting = $options[$settingName];
foreach ($setting as $radioOption => $optionText) {
$isChecked = $currentSetting == $radioOption ? 'checked ' : '' ;
echo '<input
' . $isChecked .
' type="radio"
name="' . $settingName . '"
value="' . $radioOption . '"
id="setting_' . $settingName . '_' . $radioOption . '" />' .
'<label for="setting_' . $settingName . '_' . $radioOption . '">' . $optionText . '</label><br />';
}
}

9
components/partials/telephon-link.php Normal file
View File

@ -0,0 +1,9 @@
<?php
function kompass_print_telephone_link(string $telephonnumber)
{
$numberInternational = $telephonnumber;
if (str_starts_with($numberInternational, '0')) {
$numberInternational = '+49' . substr($numberInternational,1);
}
echo '<a href="tel:' . $numberInternational . '">' . $telephonnumber . '</a>';
}

27
components/partials/text-element.php Normal file
View File

@ -0,0 +1,27 @@
<?php
function _kompass_print_textbox($settingName, $settingValue, $style = '') {
echo '<input style="' . $style . '" type="text" name="' . $settingName . '" value="' . $settingValue. '" />';
if (defined('WP_DEBUG') && WP_DEBUG == true) {
echo '<br />' . $settingName;
}
}
function kompass_print_textbox(array $args) {
if (!isset($args['setting'])) {
wp_die('Missing argument setting at text-element ' . print_r($args, true));
}
$setting = get_option($args['setting'], null);
$setting = $setting ?? ( $args['value'] ?? '' );
$style = isset($args['style']) ? $args['style'] : '';
$value = esc_attr($setting);
if (isset($args['unit_division'])) {
$value = (int)$value / (int)$args['unit_division'];
}
if ($value === null && isset($args['value'])) {
$value = $args['value'];
}
_kompass_print_textbox($args['setting'], $value, $style);
}

0
core/VersionChecker.php
View File

14
core/fileloader.php
View File

@ -1,14 +0,0 @@
<?php
require_once (ABSPATH . '/wp-admin/includes/plugin.php');
require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-base.php');
require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-direct.php');
require_once (BDP_LV_PLUGIN_DIR . '/lib/ics-parser/Event.php');
require_once (BDP_LV_PLUGIN_DIR . '/lib/ics-parser/ICal.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/seo/seo.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/calendar/calendar.php');
require_once (ABSPATH . '/wp-includes/pluggable.php');
require_once (BDP_LV_PLUGIN_DIR . '/core/frontend-functions.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/security/security.php');

0
core/filters.php
View File

61
includes/DatabaseHandler.php Normal file
View File

@ -0,0 +1,61 @@
<?php
declare(strict_types=1);
namespace Bdp\Libs;
class DatabaseHandler {
public function readFromDb(string $table, array $conditions = []) : array {
global $wpdb;
$sql = 'SELECT * FROM ' . $wpdb->prefix . $table . $this->parseConditions($conditions);
return $this->getResults( $sql );
}
public function readSqlFromDb(string $tableName, string $preparedSql) : array
{
global $wpdb;
$sql = str_replace('%tablename%', $wpdb->prefix . $tableName, $preparedSql );
return $this->getResults($sql);
}
public function insertRows(string $tableName, array $newData) : int
{
global $wpdb;
$tableName = $wpdb->prefix . $tableName;
$wpdb->insert( $tableName, $newData );
return $wpdb->insert_id;
}
public function updateRows(string $tableName, array $newData, $conditions = [])
{
global $wpdb;
$tableName = $wpdb->prefix . $tableName;
$wpdb->update( $tableName, $newData, $conditions );
}
public function countSqlRows(string $tableName, array $conditions = []) : int
{
global $wpdb;
$sql = 'SELECT COUNT(*) as count_data FROM ' . $wpdb->prefix . $tableName . $this->parseConditions($conditions);
$res = $this->getResults( $sql );
$res = $res[0];
return (int)$res->count_data;
}
private function getResults(string $sql) : array
{
global $wpdb;
return $wpdb->get_results($sql, OBJECT );
}
private function parseConditions(array $conditionArray) : string
{
global $wpdb;
$_tmpArr = [];
foreach ($conditionArray as $key => $value) {
$_tmpArr[] = '`' . $key .'` = "' . $wpdb->_real_escape($value) . '"';
}
$returnString = implode(' AND ', $_tmpArr);
return $returnString !== '' ? (' WHERE ' . $returnString) : '';
}
}

56
includes/FileAccess.class.php Normal file
View File

@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace Bdp\Libs;
class FileAccess extends \WP_Filesystem_Direct
{
public const HTACCESS_MAIN = '/.htaccess';
public const HTACCESS_UPLOADS = '/wp-content/uploads/.htaccess';
public function __construct( $arg = null )
{
if ( ! defined( 'FS_CHMOD_FILE' ) ) {
define( 'FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0644 ) );
}
}
public static function htaccessContains(string $needle, $file = self::HTACCESS_MAIN) : bool
{
return str_contains(FileAccess::readHtaccess($file), $needle);
}
public static function readHtaccess($file = self::HTACCESS_MAIN) : string
{
$wfs = new self();
if (!$wfs->exists(ABSPATH . $file)) {
return '';
}
return $wfs->get_contents(ABSPATH . $file);
}
public static function writeHtaccess(string $value, $file = self::HTACCESS_MAIN) : bool
{
$wfs = new self();
$wfs->put_contents(ABSPATH . $file, $value);
return true;
}
public static function insertInHtaccess(string $element, $file = self::HTACCESS_MAIN) : bool
{
if (FileAccess::htaccessContains($element, $file)) {
return true;
}
$htaccessFile = FileAccess::readHtaccess($file);
$htaccessFile .= PHP_EOL . $element . PHP_EOL;
FileAccess::writeHtaccess($htaccessFile, $file);
return true;
}
public static function deleteFromHtaccess(string $element, $file = self::HTACCESS_MAIN) : bool {
$htaccessFile = str_replace($element . PHP_EOL, '', FileAccess::readHtaccess($file));
return FileAccess::writeHtaccess($htaccessFile, $file);
}
}

89
includes/WpConfigEditor.class.php Normal file
View File

@ -0,0 +1,89 @@
<?php
declare(strict_types=1);
namespace Bdp\Libs;
class WpConfigEditor extends \WP_Filesystem_Direct
{
public const WP_CONFIG_FILE = '/wp-config.php';
public function __construct($arg = null)
{
if (!defined('FS_CHMOD_FILE')) {
define('FS_CHMOD_FILE', (fileperms(ABSPATH . 'index.php') & 0777 | 0644));
}
}
public function readConfig(): string
{
if (!$this->exists(ABSPATH . self::WP_CONFIG_FILE)) {
return '';
}
return $this->get_contents(ABSPATH . self::WP_CONFIG_FILE);
}
public function writeConfig($value): bool
{
$value = str_replace('<?php', '', $value);
$value = str_replace('<?', '', $value);
$value = str_replace('?>', '', $value);
$value = str_replace(PHP_EOL . PHP_EOL, PHP_EOL, $value);
$value = '<?php' . PHP_EOL . $value;
$this->put_contents(ABSPATH . self::WP_CONFIG_FILE, $value);
return true;
}
public static function updateConfig($key, $value): bool
{
$wfs = new self();
$configContent = $wfs->readConfig();
if (null === self::getConfigValue($key)) {
$configContent .= "define( '$key', $value );" . PHP_EOL;
}
preg_match("/define\([ ]?'($key)'\,[ ]?(.*)[ ]?\);/",$configContent, $matches);
$configContent = str_replace($matches[0], "define( '$key', $value );", $configContent);
return $wfs->writeConfig($configContent);
}
public static function getConfigValue($key): ?string
{
$wfs = new self();
$configContent = $wfs->readConfig();
preg_match("/define\([ ]?'($key)'\,[ ]?(.*)[ ]?\);/",$configContent, $matches);
if (count($matches) == 0) {
return null;
}
return trim($matches[2]);
}
public static function updateSiteKeys(string $newKeySet)
{
foreach (explode(PHP_EOL, trim($newKeySet)) as $currentKeyLine) {
preg_match("/define\([ ]?'(.*)'\,[ ]?(.*)[ ]?\);/", $currentKeyLine, $matches);
self::updateConfig($matches[1], trim($matches[2]));
}
return true;
}
public static function deleteConfigKey($key): bool
{
if (null === self::getConfigValue($key)) {
return true;
}
$wfs = new self();
$configContent = $wfs->readConfig();
preg_match("/define\([ ]?'($key)'\,[ ]?(.*)[ ]?\);/",$configContent, $matches);
$configContent = str_replace($matches[0], '', $configContent);
return $wfs->writeConfig($configContent);
}
}

45
includes/action_caller.php Normal file
View File

@ -0,0 +1,45 @@
<?php
if (!isset($loginHandler)) {
$loginHandler = new \Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler();
}
add_action('wp_login_failed', [$loginHandler, 'onFailedLogin']);
add_filter('wp_authenticate_user', [$loginHandler, 'onSuccessFullLogin'], 99999, 2);
add_filter( 'admin_enqueue_scripts', 'enqueue_custom_password_js',10 );
add_action('admin_init', 'kompass_admin_init');
if (get_option('kompass_cookies', false)) {
$loginHandler->handleCookies();
add_action('auth_cookie_bad_username', [$loginHandler, 'checkFailedCookies']);
add_action('auth_cookie_valid', [$loginHandler, 'onValidCookie'], 10, 2);
}
if (isset($_POST['save_kompass_balist_list_type'])) {
updateBlockOrAllowList($_POST);
}
function add_custom_admin_bar_item() {
global $wp_admin_bar;
// Überprüfen, ob der Benutzer die erforderliche Berechtigung hat
if ( current_user_can( 'show_groups' ) ) {
// Das Array mit den Eigenschaften des benutzerdefinierten Elements
$args = [
'id' => 'kompass_gruppen',
'title' => '<span class="ab-icon dashicons-groups"></span>' .
'<span class="ab-label">' .__('Groups', BDP_LV_PLUGIN_SLUG) . '</span>',
'href' => get_admin_url() . 'admin.php?page=kompass-groups',
];
// Das benutzerdefinierte Element zur Admin-Leiste hinzufügen
$wp_admin_bar->add_node( $args );
}
}
// Die Funktion aufrufen, um das benutzerdefinierte Element zur Admin-Leiste hinzuzufügen
add_action( 'admin_bar_menu', 'add_custom_admin_bar_item', 50 );
add_action('wp_head', 'kompass_seo_add_verifications' );

7
includes/environment.php Normal file
View File

@ -0,0 +1,7 @@
<?php
define('BDP_LV_PLUGIN_SLUG', 'bdp-kompass');
define('BDP_LV_STARTUP_FILE', WP_PLUGIN_DIR . '/' . BDP_LV_PLUGIN_SLUG . '/' . BDP_LV_PLUGIN_SLUG . '.php');
define('BDP_LV_PLUGIN_DIR', plugin_dir_path(BDP_LV_STARTUP_FILE));
define('BDP_LV_PLUGIN_URL', plugin_dir_url(BDP_LV_STARTUP_FILE));

45
includes/filters.php Normal file
View File

@ -0,0 +1,45 @@
<?php
add_action( 'plugins_loaded', 'bdp_kompass_load_plugin_textdomain' );
register_activation_hook(BDP_LV_STARTUP_FILE, 'bdp_plugin_install');
add_action('init', 'bdp_plugin_init');
function _protect_wp_disablexmlrpc_string() {
return "<FilesMatch \"xmlrpc.php\">
Require all denied
</FilesMatch>";
}
function _protect_wp_disable_script_execution_string() {
return '<FilesMatch "\.(php|phtml|php3|php4|php5|pl|py|jsp|asp|html|htm|shtml|sh|cgi|suspected)$">' . "
deny from all
</FilesMatch>";
}
function _protect_wp_disable_special_files_string() {
return '<FilesMatch "^.*(README|error_log|wp-config\.php|user.ini|log|php.ini|\.[hH][tT][aApP].*)$">' . "
deny from all
</FilesMatch>";
}
function _protect_wp_disable_directory_listing_string() {
return 'Options -Indexes';
}
function _protect_wp_secure_include_dir_string() {
return "RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]";
}
function _protect_wp_initial_bot_list_array()
{
return explode(';', 'SemrushBot;AhrefsBot;DotBot;WhatCMS;Rogerbot;trendictionbot;BLEXBot;linkfluence;magpie-crawler;MJ12bot;Mediatoolkitbot;AspiegelBot;DomainStatsBot;Cincraw;Nimbostratus;HTTrack;serpstatbot;omgili;GrapeshotCrawler;MegaIndex;PetalBot;Semanticbot;Cocolyzebot;DomCopBot;Traackr;BomboraBot;Linguee;webtechbot;DomainStatsBot;Clickagy;sqlmap;Internet-structure-research-project-bot;Seekport;AwarioSmartBot;OnalyticaBot;Buck;Riddler;SBL-BOT;DF Bot 1.0;PubMatic Crawler Bot;BVBot;Sogou;Barkrowler;Yandex');
}

109
core/frontend-functions.php → includes/frontend-functions.php
View File

@ -17,58 +17,39 @@ function bdp_update_dashboard_style() {
function bdp_add_menu_security() {
$moduleLoad = get_admin_url() . 'admin.php?page=' . BDP_LV_PLUGIN_SLUG . '/modules/index.php&loadmodule=';
add_menu_page(
'Sicherheit',
'Erweiterte<br />Sicherheit',
'manage_options',
'site-health.php',
'',
'dashicons-admin-network',
5
);
https://wordpress.local.development.contelli.de/wp-admin/admin.php?page=limit-login-attempts
add_submenu_page('site-health.php',
'Login-Kontrolle',
'Login-Kontrolle',
'manage_options',
get_admin_url() . 'admin.php?page=limit-login-attempts'
);
}
function bdp_add_menu_contents() {
add_menu_page(
'Beiträge',
'Inhalte',
'edit_posts',
'edit.php',
'',
'dashicons-format-aside',
4
);
add_menu_page('Seiten',
'Inhalte',
'edit_posts',
'edit.php?post_type=page',
'',
'dashicons-format-aside',
4
);
add_submenu_page('edit.php',
add_submenu_page('edit.php?post_type=page',
'media',
'Medienverwaltung',
'edit_posts',
'upload.php'
);
add_submenu_page('edit.php',
'media',
'Statische Seiten',
'edit_posts',
'edit.php?post_type=page'
);
add_submenu_page('edit.php',
add_submenu_page('edit.php?post_type=page',
'comments',
'Kommentare',
'edit_posts',
'edit-comments.php'
);
add_submenu_page('edit.php?post_type=page',
'Beiträge',
'Beiträge',
'edit_posts',
'edit.php'
);
}
function bdp_add_menu_mein_lv() {
@ -77,9 +58,9 @@ function bdp_add_menu_mein_lv() {
$moduleLoad = get_admin_url() . 'admin.php?page=' . BDP_LV_PLUGIN_SLUG . '/modules/index.php&loadmodule=';
add_menu_page(
'Mein BDP',
'Mein BdP',
'BdP',
'manage_options',
'show_bdp',
$mainSlug,
'',
BDP_LV_PLUGIN_URL . '/icon.png',
@ -87,46 +68,43 @@ function bdp_add_menu_mein_lv() {
);
add_submenu_page($mainSlug,
'calendar_settings',
'Kalender-Einstellungen',
'manage_options',
$moduleLoad . 'calendar'
);
add_submenu_page($mainSlug,
'calendar_settings',
'Über',
'manage_options',
'Über',
'show_bdp',
$moduleLoad . 'about'
);
}
function bdp_add_menu_setup() {
add_menu_page(
'Benutzer',
'Benutzer-Verwaltung',
'manage_options',
'users.php',
'',
'dashicons-admin-users',
6
);
add_menu_page(
'Allgemeine Einstellungen',
'Webseiten-Setup',
'manage_options',
'users.php',
'options-general.php',
'',
'dashicons-admin-generic',
6
);
add_submenu_page('users.php',
'Allgemeine Einstellungen',
'Allgemeine Einstellungen',
'manage_options',
'options-general.php'
);
add_submenu_page('users.php',
add_submenu_page('options-general.php',
'Design-Einstellungen',
'Design',
'Template bearbeiten',
'manage_options',
'customize.php?return=/wp-admin/'
);
add_submenu_page('users.php',
add_submenu_page('options-general.php',
'plugins',
'Erweiterungen',
'manage_options',
@ -134,12 +112,21 @@ function bdp_add_menu_setup() {
);
add_submenu_page('users.php',
add_submenu_page('options-general.php',
'themes',
'Designs',
'manage_options',
'themes.php'
);
add_submenu_page('options-general.php',
'Sicherheit',
'Webseiten-Sicherheit',
'manage_options',
'site-health.php'
);
}
function bdp_cleanup_menu()
@ -161,15 +148,13 @@ function bdp_cleanup_menu()
bdp_add_menu_security();
remove_submenu_page('edit.php?post_type=page','post-new.php?post_type=page');
remove_submenu_page('users.php','user-new.php');
remove_submenu_page('users.php','profile.php');
remove_submenu_page('edit.php','post-new.php');
remove_submenu_page('edit.php','edit-tags.php?taxonomy=category');
remove_submenu_page('edit.php','edit-tags.php?taxonomy=post_tag');
}
function bdp_create_menu_structure()

9
includes/pre_requires.php Normal file
View File

@ -0,0 +1,9 @@
<?php
require_once (ABSPATH . '/wp-admin/includes/plugin.php');
require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-base.php');
require_once (ABSPATH . '/wp-admin/includes/class-wp-filesystem-direct.php');
require_once (ABSPATH . '/wp-includes/pluggable.php');
require_once (ABSPATH . '/wp-includes/capabilities.php');
require_once (ABSPATH . '/wp-admin/includes/template.php');
require_once (ABSPATH . '/wp-admin/includes/file.php');
require_once( ABSPATH . '/wp-admin/includes/upgrade.php' );

105
includes/roles.php Normal file
View File

@ -0,0 +1,105 @@
<?php
function setup_site_roles()
{
remove_role( 'subscriber' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
remove_role( 'contributor' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
remove_role( 'author' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
remove_role( 'editor' ); // Hier 'custom_role_slug' durch den tatsächlichen Slug der zu löschenden Rolle ersetzen
$capabilities = array(
'read' => true, // Die Rolle kann Beiträge lesen
'edit_posts' => true, // Die Rolle kann Beiträge bearbeiten
'delete_posts' => true, // Die Rolle kann Beiträge löschen
'publish_posts' => true, // Die Rolle kann Beiträge veröffentlichen
// Weitere Berechtigungen können nach Bedarf hinzugefügt werden
);
// Rolle hinzufügen
add_role( 'stafue', 'Stammesführung', kompass_get_capa_stafue() );
add_role( 'grufue', 'Gruppenführung', kompass_get_capa_grufue() );
add_role( 'aktionsleitung', 'Aktionsleitung', kompass_get_capa_aktionsleitung() );
add_role( 'author', 'Redakteur', kompass_get_capa_editor() );
$role = get_role( 'administrator' );
foreach (kompass_get_capa_stafue() as $capability => $value) {
$role->add_cap( $capability );
}
}
function kompass_get_capa_stafue() : array
{
return array_merge(
[
'create_groups' => true,
'delete_groups' => true,
'edit_groups' => true,
'delete_teilis' => true,
'move_teilis' => true,
'create_events' => true,
], kompass_get_capa_aktionsleitung(), kompass_get_capa_grufue(), kompass_get_capa_editor());
}
function kompass_get_capa_aktionsleitung() : array
{
return [
'show_bdp' => true,
'create_event_teilis' => true,
'edit_event_teilis' => true,
'delete_event_teilis' => true,
'send_event_mails' => true,
];
}
function kompass_get_capa_grufue() : array
{
return [
'show_bdp' => true,
'show_groups' => true,
'create_teilis' => true,
'edit_teilis' => true,
'send_mails' => true
];
}
function kompass_get_capa_editor() : array
{
return [
'moderate_comments' => true,
'manage_categories' => true,
'manage_links' => true,
'upload_files' => true,
'unfiltered_html' => true,
'edit_posts' => true,
'edit_others_posts' => true,
'edit_published_posts' => true,
'publish_posts' => true,
'edit_pages' => true,
'read' => true,
'level_7' => true,
'level_6' => true,
'level_5' => true,
'level_4' => true,
'level_3' => true,
'level_2' => true,
'level_1' => true,
'level_0' => true,
'edit_others_pages' => true,
'edit_published_pages' => true,
'publish_pages' => true,
'delete_pages' => true,
'delete_others_pages' => true,
'delete_published_pages' => true,
'delete_posts' => true,
'delete_others_posts' => true,
'delete_published_posts' => true,
'delete_private_posts' => true,
'edit_private_posts' => true,
'read_private_posts' => true,
'delete_private_pages' => true,
'edit_private_pages' => true,
'read_private_pages' => true,
];
}

55
includes/setup.php Normal file
View File

@ -0,0 +1,55 @@
<?php
use Bdp\Modules\LimitLoginAttempts\Controllers\LoginHandler;
use Bdp\Libs\DatabaseHandler;
require_once dirname(__FILE__) . '/pre_requires.php';
require_once dirname(__FILE__) . '/environment.php';
require_once dirname(__FILE__) . '/spl.php';
require_once dirname(__FILE__) . '/update.class.php';
require_once BDP_LV_PLUGIN_DIR . 'includes/FileAccess.class.php';
require_once BDP_LV_PLUGIN_DIR . 'includes/WpConfigEditor.class.php';
require_once BDP_LV_PLUGIN_DIR . 'includes/DatabaseHandler.php';
require_once (BDP_LV_PLUGIN_DIR . '/includes/roles.php');
require_once (BDP_LV_PLUGIN_DIR . '/includes/filters.php');
require_once (BDP_LV_PLUGIN_DIR . '/lib/ics-parser/Event.php');
require_once (BDP_LV_PLUGIN_DIR . '/lib/ics-parser/ICal.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/seo/seo.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/calendar/calendar.php');
require_once (BDP_LV_PLUGIN_DIR . '/includes/frontend-functions.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/calendar/Views/settings-form.php');
require_once (BDP_LV_PLUGIN_DIR . '/modules/security/security.php');
$dbHandler = new DatabaseHandler();
function kompass_admin_init()
{
kompass_settings_validators();
}
bdp_create_menu_structure();
function bdp_kompass_load_plugin_textdomain() {
load_textdomain( BDP_LV_PLUGIN_SLUG, BDP_LV_PLUGIN_DIR . '/lang/' . BDP_LV_PLUGIN_SLUG . '-' . get_locale() . '.mo' );
}
function kompass_after_setup_theme()
{
setup_site_roles();
#register_custom_theme_directory();
}
$loginHandler = new LoginHandler();
new BdpVersionChecker();
#add_filter( 'plugins_api', array( $class, 'info' ), 20, 3 );
require_once dirname(__FILE__) . '/action_caller.php';

44
includes/spl.php Normal file
View File

@ -0,0 +1,44 @@
<?php
spl_autoload_register(function ($className) {
if (!str_starts_with($className, 'ProtectLogin\\')) {
return;
}
$fileName = str_replace('\\','/', $className);
$fileName = str_replace('ProtectLogin/Modules/', 'ProtectLogin/modules/', $fileName);
$fileName = str_replace('ProtectLogin/', '', $fileName);
$fileName = BDP_LV_PLUGIN_DIR . $fileName . '.php';
if (!file_exists($fileName)) {
return;
}
require_once $fileName;
});
$directoryPath = BDP_LV_PLUGIN_DIR . 'components/partials/';
foreach (glob($directoryPath . '*.php') as $file) {
require_once $file;
}
$subdirs = ['includes', 'Controllers', 'Views', 'Requests', 'Actions'];
foreach (scandir(BDP_LV_PLUGIN_DIR . 'modules/') as $curModule) {
if ($curModule != '.' && $curModule != '..' && is_dir(BDP_LV_PLUGIN_DIR . 'modules/' . $curModule))
{
if ($curModule == 'calendar') {
continue;
}
foreach ($subdirs as $dir) {
$directoryPath = BDP_LV_PLUGIN_DIR . 'modules/' . $curModule . '/' . $dir . '/';
foreach (glob($directoryPath . '*.php') as $file) {
require_once $file;
}
}
}
}

152
includes/update.class.php Normal file
View File

@ -0,0 +1,152 @@
<?php
class BdpVersionChecker
{
public $plugin_slug;
public $version;
public $cache_key;
public $cache_allowed;
public $updateUrl;
public function __construct()
{
$plugin_data = get_plugin_data( BDP_LV_STARTUP_FILE );
$this->plugin_slug = BDP_LV_PLUGIN_SLUG;
$this->updateUrl = $plugin_data['UpdateURI'] . '/info.json';
$this->version = $plugin_data['Version'];
$this->cache_key = 'bdp-kompass-upd';
$this->cache_allowed = false;
add_filter( 'plugins_api', array( $this, 'info' ), 20, 3 );
add_filter( 'site_transient_update_plugins', array( $this, 'update' ) );
add_action( 'upgrader_process_complete', array( $this, 'purge' ), 10, 2 );
}
public function request(){
$remote = get_transient( $this->cache_key );
if( false === $remote || ! $this->cache_allowed ) {
$remote = wp_remote_get(
$this->updateUrl
,
array(
'timeout' => 10,
'headers' => array(
'Accept' => 'application/json'
)
)
);
if(
is_wp_error( $remote )
|| 200 !== wp_remote_retrieve_response_code( $remote )
|| empty( wp_remote_retrieve_body( $remote ) )
) {
return false;
}
set_transient( $this->cache_key, $remote, 3600 );
}
$remote = json_decode( wp_remote_retrieve_body( $remote ) );
return $remote;
}
function info( $res = '', $action = '', $args = '' )
{
if (!isset($args->slug) || $args->slug !== $this->plugin_slug) {
return $res;
}
// get updates
$remote = $this->request();
if( ! $remote ) {
return $res;
}
$newVersion = $remote->version;
$res = new stdClass();
$res->name = $remote->name;
$res->slug = $remote->slug;
$res->version = $newVersion;
$res->tested = $remote->tested;
$res->requires = $remote->requires;
$res->author = $remote->author;
$res->author_profile = $remote->author_profile;
$res->download_link = $remote->download_url;
$res->trunk = $remote->download_url;
$res->requires_php = $remote->requires_php;
$res->last_updated = $remote->last_updated;
$res->sections = array(
'description' => $remote->sections->description,
'installation' => $remote->sections->installation,
'changelog' => $remote->sections->changelog
);
if( ! empty( $remote->banners ) ) {
$res->banners = array(
'low' => $remote->banners->low,
'high' => $remote->banners->high
);
}
return $res;
}
public function update( $transient ) {
if ( empty($transient->checked ) ) {
return $transient;
}
$remote = $this->request();
if(
$remote
&& version_compare( $this->version, $remote->version, '<' )
&& version_compare( $remote->requires, get_bloginfo( 'version' ), '<=' )
&& version_compare( $remote->requires_php, PHP_VERSION, '<' )
) {
$newVersion = $remote->version;
$res = new stdClass();
$res->slug = $this->plugin_slug;
$res->plugin = plugin_basename( BDP_LV_STARTUP_FILE );
$res->new_version = $newVersion;
$res->tested = $remote->tested;
$res->package = $remote->download_url;
$transient->response[ $res->plugin ] = $res;
} else {
$res = new stdClass();
$res->slug = $this->plugin_slug;
$res->plugin = plugin_basename( BDP_LV_STARTUP_FILE );
$transient->no_update[ $res->plugin ] = $res;
}
return $transient;
}
public function purge( $upgrader, $options ){
if (
$this->cache_allowed
&& 'update' === $options['action']
&& 'plugin' === $options[ 'type' ]
) {
// just clean the cache when new plugin version is installed
delete_transient( $this->cache_key );
}
}
}

BIN
lang/bdp-kompass-de_DE.mo Normal file
View File

Binary file not shown.

279
lang/bdp-kompass_de_DE.po Normal file
View File

@ -0,0 +1,279 @@
msgid "kompass"
msgstr "kompass"
msgid "Calendar settings"
msgstr "Kalender-Einstellungen"
msgid "Calendar URL"
msgstr "Kalender-Adresse"
msgid "SEO-Options"
msgstr "Suchmaschinen-Einstellungen"
msgid "Google Site verification"
msgstr "Google Seiten-Verifikation"
msgid "Bing Site verification"
msgstr "Bing Seiten-Verifikation"
msgid "Calendar Settings"
msgstr "Kalender-Einstellungen"
msgid "Extended Security"
msgstr "Erweiterte Sicherheit"
msgid "Save changes"
msgstr "Änderungen speichern"
msgid "All settings are saved."
msgstr "Die Einstellungen wurden gespeichert."
msgid "Disable xmlrpc"
msgstr "xmlrpc deaktivieren"
msgid "By introducing the REST API in WordPress, xmlrpc. However, php is no longer needed to communicate outside of WordPress, which is why there is no longer any reason to leave it active or use it. Therefore, for the security of your site, it is better to deactivate or delete it."
msgstr "Durch die Einführung der REST API in WordPress wird xmlrpc. php jedoch nicht mehr benötigt, um außerhalb von WordPress zu kommunizieren, weshalb es hier keinen Grund mehr gibt, diese aktiv zu lassen oder zu nutzen. Deshalb ist es für die Sicherheit deiner Seite besser, diese zu deaktivieren oder zu löschen."
msgid "Disable Authorscan"
msgstr "Autorenscan deaktivieren"
msgid "The author page in WordPress typically displays a list of all posts by a specific author on your website. Unfortunately, Google also records the page and to prevent this, we can deactivate the author page. When a visitor clicks on an name of an author, they are redirected to the author page. This page contains a list of posts written by this author, as well as possibly a brief description of the author and a photo. It is also possible to record which user names have been created."
msgstr "Die Autorenseite in WordPress zeigt normalerweise eine Liste aller Beiträge eines bestimmten Autors auf deiner Website an. Google erfasst die Seite auch leider und um das zu verhindern, können wir die Autorenseite deaktivieren. Wenn ein Besucher auf den Namen eines Autors klickt, wird er auf die Autorenseite weitergeleitet. Diese Seite enthält eine Liste der Beiträge, die von diesem Autor verfasst wurden, sowie möglicherweise eine kurze Beschreibung des Autors und ein Foto. Auch ist es darüber möglich zu erfassen, welche Nutzernamen angelegt sind."
msgid "Disable scripting in /wp-content/uploads/"
msgstr "Scripting in /wp-content/uploads/ deaktivieren"
msgid "Disabling scripting in /wp-content/uploads/ can be a security measure to protect your WordPress website from potential threats. The /wp-content/uploads folder is usually the default folder where WordPress stores uploaded files, such as images, videos, and other media files."
msgstr "Das Deaktivieren von Scripting in /wp-content/uploads/ kann eine Sicherheitsmaßnahme sein, um dein WordPress-Website vor potenziellen Bedrohungen zu schützen. Der Ordner /wp-content/uploads ist normalerweise der Standardordner, in dem WordPress hochgeladene Dateien, wie Bilder, Videos und andere Mediendateien, speichert."
msgid "Block access to potentially sensitive files"
msgstr "Zugriff auf potenziell sensible Dateien blockieren"
msgid "This setting prohibits access to configuration files and log files"
msgstr "Diese Einstellung verbietet den Zugriff auf Konfigurationsdateien sowie Log-Dateien"
msgid "Disable file editor in WP Dashboard"
msgstr "Dateieditor im WP Dashboard deaktivieren"
msgid "This is a security feature that allows you to prevent users from editing theme and plugin files directly from the WordPress dashboard. This can be useful for a variety of reasons, including preventing accidental code changes and protecting your website from malicious attacks."
msgstr "Hierbei handelt es sich um eine Sicherheitsfunktion, mit der Sie verhindern können, dass Benutzer Theme- und Plugin-Dateien direkt über das WordPress-Dashboard bearbeiten können. Dies kann aus verschiedenen Gründen nützlich sein, unter anderem um versehentliche Änderungen am Code zu verhindern und Ihre Website vor böswilligen Angriffen zu schützen."
msgid "Disable script concatenation"
msgstr "Skriptverkettung deaktivieren"
msgid "Disabling script concatenation in the WordPress admin panel is a simple and effective way to enhance performance. However, it is crucial to carefully consider the impact of this change, as it may increase the number of HTTP requests, potentially affecting loading times"
msgstr "Das Deaktivieren der Skriptverkettung im WordPress-Admin-Panel ist eine einfache und effektive Möglichkeit, die Leistung zu verbessern. Es ist jedoch wichtig, die Auswirkungen dieser Änderung sorgfältig abzuwägen, da sie die Anzahl der HTTP-Anfragen erhöhen und sich möglicherweise auf die Ladezeiten auswirken kann."
msgid "Disable script execution in include dir"
msgstr "Skriptausführung im Include-Verzeichnis deaktivieren"
msgid "Limiting script execution in specific directories can improve security by preventing potentially malicious scripts from running in critical parts of the WordPress system. This is particularly important to prevent attacks such as Cross-Site Scripting (XSS), which inject malicious code into website content."
msgstr "Das Begrenzen der Skriptausführung in bestimmten Verzeichnissen kann die Sicherheit verbessern, indem potenziell schädliche Skripte daran gehindert werden, in kritischen Teilen des WordPress-Systems ausgeführt zu werden. Dies ist besonders wichtig, um Angriffe wie Cross-Site Scripting (XSS) zu verhindern, bei denen schädlicher Code in Webseiteninhalte eingeschleust wird."
msgid "Change site keys"
msgstr "Seitenschlüssel erneuern"
msgid "An error occured connecting api.wordpress.org"
msgstr "Beim Kontaktieren von api.wordpress.org trat ein Fehler auf"
msgid "The site keys were updated successfully."
msgstr "Die Seitenschlüssel wurden erneuert."
msgid "Protect WP detected missing security settings"
msgstr "Protect WP hat fehlende Sicherheitseinstellungen festgestellt"
msgid "Protect WP has detected that advanced security settings are missing.<br />You can update the settings directly in the dashboard."
msgstr "Protect WP hat festgestellt, dass erweiterte Sicherheitseinstellungen fehlen.<br />Du kannst die Einstellungen direkt im Dashboard aktualisieren."
msgid "Protect WP - security settings"
msgstr "Protect WP - Sicherheitseinstellungen"
msgid "Prohibit access from unwanted bots"
msgstr "Zugriff von ungewollten Bots verbieten"
msgid "Excluding specific bots from a WordPress website provides improved security by reducing potentially malicious activity and security risks, optimizes resource consumption and site performance, protects against content theft and duplicate content, enables more precise control of traffic, and promotes more effective SEO -Optimization by reducing irrelevant bots, ultimately leading to a safer, more efficient and better performing website."
msgstr "Das Ausschließen bestimmter Bots von einer WordPress-Website bietet eine verbesserte Sicherheit, indem potenziell bösartige Aktivitäten und Sicherheitsrisiken reduziert werden, optimiert den Ressourcenverbrauch und die Website-Performance, schützt vor Inhaltsdiebstahl und Duplicate Content, ermöglicht eine genauere Kontrolle des Datenverkehrs und fördert eine effektivere SEO-Optimierung durch die Reduzierung nicht relevanter Bots, was letztendlich zu einer sichereren, effizienteren und besser performenden Website führt."
msgid "Bot Detection Database"
msgstr "Datenbank zur Bot-Erkennung"
msgid "Registered bots"
msgstr "Vorhandene Bots"
msgid "Add more bots"
msgstr "Weitere Bots hinzufügen"
msgid "Leave blank in order to delete"
msgstr "Zum Löschen leer lassen"
msgid "Please use line breaks to enter multiple bots"
msgstr "Bitte Zeilenumbruch verwenden, um mehrere Bots einzutragen"#
msgid "Bot Detection Database updated successfully."
msgstr "Die Datenbank zur Bot-Erkennung wurde erfolgreich aktualisiert."
msgid "Disable directory listing"
msgstr "Auflistung von Verzeichnissen deaktivieren"
msgid "Directory listing should be disabled to ensure the security and privacy of a website. When Directory Listing is enabled, this allows users to directly access the contents of directories on a web server without having to specify a specific file. This can expose sensitive information such as directory structures, internal files and scripts, posing a potential security risk. Disabling Directory Listing prevents users from accessing this sensitive information, thereby providing an additional layer of security for the website."
msgstr "Das Auflisten von Verzeichnissen sollte deaktiviert werden, um die Sicherheit und Privatsphäre einer Website zu gewährleisten. Wenn Directory Listing aktiviert ist, ermöglicht dies Benutzern den direkten Zugriff auf die Inhalte von Verzeichnissen auf einem Webserver, ohne dass eine spezifische Datei angegeben werden muss. Dies kann sensible Informationen wie Verzeichnisstrukturen, interne Dateien und Skripte offenlegen, was ein potenzielles Sicherheitsrisiko darstellt. Durch das Deaktivieren von Directory Listing wird verhindert, dass Benutzer auf diese sensiblen Informationen zugreifen können, und bietet somit eine zusätzliche Sicherheitsschicht für die Website."
msgid "Disable debug output"
msgstr "Debug-Ausgaben deaktivieren"
msgid "Debugging should be disabled to protect sensitive information about the internal structure and potential security vulnerabilities of a a WordPress website from potential attackers. When debugging is enabled, error messages and warnings are displayed directly on the website, which can provide attackers with valuable information about the configuration of the website and possible vulnerabilities."
msgstr "Debugging sollte deaktiviert werden, um sensible Informationen über die interne Struktur und mögliche Sicherheitslücken einer WordPress-Website vor potenziellen Angreifern zu schützen. Wenn Debuggin aktiviert ist, werden Fehlermeldungen und Warnungen direkt auf der Webseite angezeigt, was Angreifern wertvolle Informationen über die Konfiguration und mögliche Schwachstellen der Website geben kann. "
msgid "Change Login URL"
msgstr "Login-URL ändern"
msgid "Changing the default login URL of WordPress is advisable to enhance the security of your website. By default, WordPress login URLs is /wp-admin or /wp-login.php, which are easily guessed by hackers and facilitate attacks such as brute-force attacks. Changing the login URL to something unique and difficult to guess increases security since potential attackers will struggle to find the correct URL. This can help protect your website from unauthorized access and other malicious activities."
msgstr "Es ist ratsam, die Standard-Login-URL von WordPress zu ändern, um die Sicherheit deiner Website zu erhöhen. Standardmäßig lautet die Login-URL von WordPress /wp-admin oder /wp-login.php, was für Hacker leicht zu erraten ist und Angriffe wie Brute-Force-Attacken erleichtern kann. Durch Ändern der Login-URL auf etwas Einzigartiges und schwer zu erraten, erhöhst du die Sicherheit, da potenzielle Angreifer Schwierigkeiten haben werden, die richtige URL zu finden. Dies kann helfen, deine Website vor unautorisiertem Zugriff und anderen böswilligen Aktivitäten zu schützen."
msgid "Login-Protection"
msgstr "Login-Sicherheit"
msgid "Settings"
msgstr "Einstellungen"
msgid "There are no ip addresses blocked."
msgstr "Derzeit sind keine Adressen gesperrt."
msgid "IP address"
msgstr "IP-Adresse"
msgid "Blocked until"
msgstr "Gesperrt bis"
msgid "Actions"
msgstr "Aktionen"
msgid "The settings were saved."
msgstr "Die Einstellungen wurden gespeichert."
msgid "The ip address was released."
msgstr "Die IP-Adresse wurde freigegeben."
msgid "The list was saved."
msgstr "Die Liste wurde gespeichert."
msgid "An error occured."
msgstr "Es ist ein Fehler aufgetreten"
msgid "Options"
msgstr "Optionen"
msgid "Blocklist"
msgstr "Blocklist"
msgid "Allowlist"
msgstr "Allowlist"
msgid "Blocked IP addresses"
msgstr "Gesperrte IP-Adressen"
msgid "Too many failed login attempts."
msgstr "Zu vile fehlerhafte Login-Versuche."
msgid "Please try again later."
msgstr "Bitte versuche es später erneut."
msgid "%d hour"
msgid_plural "%d hours"
msgstr[0] "%d Stunde"
msgstr[1] "%d Stunden"
msgid "Please try again in %d hour."
msgid_plural "Please try again in %d hours."
msgstr[0] "Bitte versuche es in %d Stunde noch einmal."
msgstr[1] "Bitte versuche es in %d Stunden noch einmal."
msgid "Please try again in %d minute."
msgid_plural "Please try again in %d minutes."
msgstr[0] "Bitte versuche es in %d Minute noch einmal."
msgstr[1] "Bitte versuche es in %d Minuten noch einmal."
msgid "%d minute"
msgid_plural "%d minutes"
msgstr[0] "%d Minute"
msgstr[1] "%d Minuten"
msgid "Leave blank for delete"
msgstr "Zum Löschen frei lassen"
msgid "Add ip address"
msgstr "IP-Adresse hinzufügen"
msgid "Please use line breaks to enter multiple ip addresses"
msgstr "Bitte Zeilenumbruch verwenden, um mehrere IP-Adressen einzutragen"
msgid "Maximum reps until lockout"
msgstr "Maximale Wiederholungen bis zur Sperrung"
msgid "Duration of lockout (in minutes)"
msgstr "Dauer der Sperre (in Minuten)"
msgid "Maximum number of lockouts"
msgstr "Maximale Anzahl an Sperrungen"
msgid "Long-term duration (in hours)"
msgstr "Langzeitsperre (in Stunden)"
msgid "Minimum password strength"
msgstr "Minimale Passwort-Stärke"
msgid "Page accessible via"
msgstr "Seite erreichbar über"
msgid "Handle cookies"
msgstr "Cookies verarbeiten"
msgid "Notify if blocked"
msgstr "Bei Sperrung benachrichtigen"
msgid "Failed attempts until notification"
msgstr "Fehlversuche bis zur Benachrichtigung"
msgid "E-Mail to site admin"
msgstr "E-Mail an den Webseiten-Administrator"
msgid "Direct connection"
msgstr "Direkte Verbindung"
msgid "Behind a proxy"
msgstr "Hinter einem Proxy"
msgid "Yes"
msgstr "Ja"
msgid "No"
msgstr "Nein"
msgid "Allow all password strengths"
msgstr "Alle Passwort-Stärken erlauben"
msgid "At least passwords with medium strength"
msgstr "Mindestens Passwortstärke normal"
msgid "Only allow strong passwords"
msgstr "Nur starke Passwörter erlauben"
msgid "The password does not correspond to the requirements."
msgstr "Dass Passwort entspricht nicht den Anforderungen."
msgid "Release ip address"
msgstr "IP-Adresse freigeben"
msgid "Add ip address to blocklist"
msgstr "IP-Adresse auf Blocklist setzen"
msgid "Add ip address to allowlist and release"
msgstr "IP-Adresse auf Allowlist setzen und freigeben"
msgid "Search for ip address"
msgstr "Nach IP-Adresse suchen"
msgid "Delete"
msgstr "Löschen"

21
lib/database/kompass_stammesgruppen_gruppen.sql Normal file
View File

@ -0,0 +1,21 @@
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
CREATE TABLE `%tablename%` (
`id` int NOT NULL AUTO_INCREMENT,
`gruppen_name` varchar(256) COLLATE utf8mb4_unicode_520_ci NOT NULL,
`gruppe_grufue` bigint UNSIGNED DEFAULT NULL,
PRIMARY KEY (id)
) %charset%;
ALTER TABLE `%tablename%`
ADD PRIMARY KEY (`id`);
ALTER TABLE `%tablename%`
MODIFY `id` int NOT NULL AUTO_INCREMENT;
ALTER TABLE `%tablename%` ADD CONSTRAINT `gruppe_grufue` FOREIGN KEY (`gruppe_grufue`) REFERENCES `%prefix%users`(`ID`) ON DELETE CASCADE ON UPDATE CASCADE;
COMMIT;

49
lib/database/kompass_stammesgruppen_teilis.sql Normal file
View File

@ -0,0 +1,49 @@
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
SET time_zone = "+00:00";
CREATE TABLE `%tablename%` (
`id` int NOT NULL AUTO_INCREMENT,
`gruppe_id` int NOT NULL,
`vorname` varchar(128) NOT NULL,
`nachname` varchar(128) NOT NULL,
`geburtsdatum` date DEFAULT NULL,
`ansprechpartner` varchar(256) DEFAULT NULL,
`strasse` varchar(128) DEFAULT NULL,
`hausnummer` varchar(8) DEFAULT NULL,
`plz` varchar(5) DEFAULT NULL,
`ort` varchar(128) DEFAULT NULL,
`email_1` varchar(512) NOT NULL,
`email_2` varchar(512) DEFAULT NULL,
`telefon_1` varchar(16) NOT NULL,
`telefon_2` varchar(16) DEFAULT NULL,
`badeerlaubnis` enum('complete','partial','none','') NOT NULL DEFAULT 'none',
`allergien` varchar(2048) NOT NULL,
`abholung` enum('alone','parents','other','') NOT NULL DEFAULT 'parents',
`abholung_text` varchar(1024) NOT NULL DEFAULT '0',
`foto_socialmedia` tinyint NOT NULL DEFAULT '0',
`foto_print` tinyint NOT NULL DEFAULT '0',
`foto_webseite` tinyint NOT NULL DEFAULT '0',
`foto_partner` tinyint NOT NULL DEFAULT '0',
`halstuch` enum('none','woe','pfadi','rr') NOT NULL DEFAULT 'none',
`anmerkungen` varchar(2048) NOT NULL,
`aufnahmeantrag_da` tinyint NOT NULL DEFAULT '0',
`fotoerlaubnis_da` tinyint NOT NULL DEFAULT '0',
`elterninfo_da` tinyint NOT NULL DEFAULT '0',
`badeerlaubnis_da` tinyint NOT NULL DEFAULT '0',
PRIMARY KEY (id)
) %charset%;
ALTER TABLE `%tablename%`
ADD PRIMARY KEY (`id`),
ADD KEY `teili_gruppe` (`gruppe_id`);
ALTER TABLE `%tablename%`
MODIFY `id` int NOT NULL AUTO_INCREMENT;
ALTER TABLE `%tablename%`
ADD CONSTRAINT `teili_gruppe` FOREIGN KEY (`gruppe_id`) REFERENCES `%prefix%kompass_stammesgruppen_gruppen` (`id`) ON DELETE CASCADE ON UPDATE CASCADE;
COMMIT;

19
lib/ics-parser/Event.php
View File

@ -154,21 +154,20 @@ class Event
{
foreach ($data as $key => $value) {
if ($key == 'DTSTART_array' || $key == 'DTEND_array') {
$timeZone = 'Europe/Berlin';
if (isset($value[0]['TZID'])) {
$timeZone = $value[0]['TZID'];
}
$dateString = $value[1];
$dateTime = \DateTime::createFromFormat('Ymd\THis', $dateString);
$dateTime = \DateTime::createFromFormat('Ymd\THis', $dateString, new \DateTimeZone($timeZone));
if (false === $dateTime) {
$this->wholeDay = true;
$dateTime = \DateTime::createFromFormat('Ymd', $dateString);
$dateTime = \DateTime::createFromFormat('Ymd', $dateString, new \DateTimeZone($timeZone));
}
$timeZone = 'Europe/Berlin';
if (isset($value[0]['TZID'])) {
$timeZone = $value[0]['TZID'];
}
$dateTime->setTimezone(new \DateTimeZone($timeZone));
$dateTime->setTimezone(new \DateTimeZone('UTC'));
if ($key == 'DTSTART_array') {
$this->start = $dateTime->format('d.m.Y H:i:s');
$this->startInt = $dateTime->getTimestamp();
@ -176,9 +175,7 @@ class Event
$this->end = $dateTime->format('d.m.Y H:i:s');
$this->endInt = $dateTime->getTimestamp();
}
} else {
$variable = self::snakeCase($key);
if (property_exists($this, $variable)) {
$this->{$variable} = $this->prepareData($value);

1
lib/ics-parser/ICal.php
View File

@ -2223,7 +2223,6 @@ class ICal
if ($ignoreUtc && strtoupper($timeZone) === self::TIME_ZONE_UTC) {
return null;
}
return $timeZone;
}

18
modules/Gruppen/Actions/CreateGroupAction.php Normal file
View File

@ -0,0 +1,18 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class CreateGroupAction
{
public static function execute(array $newData)
{
global $dbHandler;
if (!current_user_can('create_groups')) {
kompass_print_message_box(__('You are not allowed to create a group', BDP_LV_PLUGIN_SLUG), 'error');
}
global $dbHandler;
$dbHandler->insertRows(MainController::KOMPASS_STAMMESGRUPPEN_GRUPPEN, $newData);
kompass_print_message_box(__('The group was created.', BDP_LV_PLUGIN_SLUG));
}
}

21
modules/Gruppen/Actions/CreateGroupMemberAction.php Normal file
View File

@ -0,0 +1,21 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class CreateGroupMemberAction
{
public static function execute(array $userData) : int
{
global $dbHandler;
if (!current_user_can('create_teilis')) {
kompass_print_message_box(__('You are not allowed to add a member', BDP_LV_PLUGIN_SLUG), 'error');
}
global $dbHandler;
$userData['gruppe_id'] = 1;
kompass_print_message_box(__('The member was added.', BDP_LV_PLUGIN_SLUG));
return $dbHandler->insertRows(MainController::KOMPASS_STAMMESGRUPPEN_TEILIS, $userData);
}
}

37
modules/Gruppen/Actions/CreateGroupMemberDataAction.php Normal file
View File

@ -0,0 +1,37 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class CreateGroupMemberDataAction
{
public static function execute(array $userData) : array
{
$dataKeys = [
'vorname' => 'kompass_group_member_firstname',
'nachname' => 'kompass_group_member_lastname',
'geburtsdatum' => 'kompass_group_member_birthday',
'ansprechpartner' => 'kompass_group_member_parents',
'email_1' => 'kompass_group_member_email_1',
'email_2' => 'kompass_group_member_email_2',
'telefon_1' => 'kompass_group_member_phone_1',
'telefon_2' => 'kompass_group_member_phone_2',
];
$return = ['data' => [], 'rawData' => [], 'errors' => []];
foreach ($dataKeys as $dbKey => $formKey) {
$value = trim($userData[$formKey]);
$return['rawData'][$formKey] = $value;
if ($dbKey === 'email_2' || $dbKey === 'telefon_2') {
$return['data'][$dbKey] = $value;
} else {
if ( $value === '' ) {
$return['errors'][] = sprintf(__( 'The field "%s" is required.', BDP_LV_PLUGIN_SLUG ), $dbKey);
} else {
$return['data'][ $dbKey ] = $value;
}
}
}
return $return;
}
}

19
modules/Gruppen/Actions/UpdateGroupAction.php Normal file
View File

@ -0,0 +1,19 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class UpdateGroupAction
{
public static function execute(array $newData, int $groupId)
{
global $dbHandler;
if (!current_user_can('edit_groups')) {
kompass_print_message_box(__('You are not allowed to update a group', BDP_LV_PLUGIN_SLUG), 'error');
}
global $dbHandler;
$dbHandler->updateRows(MainController::KOMPASS_STAMMESGRUPPEN_GRUPPEN, $newData, ['id' => $groupId]);
kompass_print_message_box(__('The group was updated.', BDP_LV_PLUGIN_SLUG));
}
}

17
modules/Gruppen/Controllers/CreateGroupController.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
class CreateGroupController
{
public function __construct()
{
if (current_user_can('create_groups')) {
kompass_create_group_form();
} else {
kompass_print_gruppen_overview();
}
}
}

17
modules/Gruppen/Controllers/CreateMemberController.php Normal file
View File

@ -0,0 +1,17 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
class CreateMemberController
{
public function __construct(array $prefilledData = [])
{
if (current_user_can('create_teilis')) {
kompass_create_group_member_form($prefilledData);
} else {
kompass_print_gruppen_overview();
}
}
}

139
modules/Gruppen/Controllers/MainController.php Normal file
View File

@ -0,0 +1,139 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
use SearchMemberRequest;
class MainController
{
public const KOMPASS_STAMMESGRUPPEN_GRUPPEN = 'kompass_stammesgruppen_gruppen';
public const KOMPASS_STAMMESGRUPPEN_TEILIS = 'kompass_stammesgruppen_teilis';
public static function setup()
{
global $wpdb;
$charset = $wpdb->get_charset_collate();
$fileReader = new FileAccess();
foreach ([self::KOMPASS_STAMMESGRUPPEN_GRUPPEN, self::KOMPASS_STAMMESGRUPPEN_TEILIS] as $table) {
$sqlTable = $wpdb->prefix . $table;
$sql = "SHOW TABLES LIKE '$sqlTable'";
$result = $wpdb->get_var( $sql );
if ( $result == $sqlTable ) {
continue;
}
$sqlSetup = str_replace(
'%tablename%',
$sqlTable,
$fileReader->get_contents( WP_PLUGIN_DIR . '/' . BDP_LV_PLUGIN_SLUG . '/lib/database/' . $table . '.sql' ) );
$sqlSetup = str_replace('%charset%', $charset, $sqlSetup);
$sqlSetup = str_replace('%prefix%', $wpdb->prefix, $sqlSetup);
dbDelta( $sqlSetup );
}
}
public function __construct()
{
add_submenu_page(
BDP_LV_PLUGIN_DIR . '/modules/index.php',
__('Groups', BDP_LV_PLUGIN_SLUG),
__('Groups', BDP_LV_PLUGIN_SLUG),
'show_groups',
'kompass-groups',
[$this, 'router'],
1);
}
public function router()
{
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'searchmember':
$memberList = SearchMemberRequest::listByName($_POST['member_name']);
new PrintMemberListController($memberList);
break;
case 'create_group_form':
new CreateGroupController();
break;
case 'update-group':
\UpdateGroupAction::execute(['gruppen_name' => $_REQUEST['kompass_groups_group_name']],
(int)$_REQUEST['group_id']);
new PrintGroupsController();
break;
case 'create-group':
$data = ['gruppen_name' => $_REQUEST['kompass_groups_group_name']];
\CreateGroupAction::execute($data);
new PrintGroupsController();
break;
case 'new-member':
new CreateMemberController();
break;
case 'create-member':
$userData = \CreateGroupMemberDataAction::execute($_REQUEST);
if (count($userData['errors']) === 0) {
$memberId = \CreateGroupMemberAction::execute( $userData['data'] );
new PrintMemberController($memberId);
} else {
kompass_print_message_box(implode('<br />', $userData['errors']), 'error');
new CreateMemberController($userData['rawData']);
exit;
}
new PrintGroupsController();
break;
case 'show-members':
$memberList = \ListMemberRequest::listForGroup((int)$_REQUEST['group-id']);
new PrintMemberListController($memberList);
break;
case 'show-member':
new PrintMemberController((int)$_REQUEST['member-id']);
break;
case 'compose-mail':
current_user_can('send_mails');
break;
case 'delete-group':
if (current_user_can('delete_groups')) {
}
break;
case 'edit-group':
if (current_user_can('edit_groups')) {
kompass_edit_group_form($_REQUEST['group-id']);
}
break;
default:
new PrintGroupsController();
}
} else {
new PrintGroupsController();
}
}
private function listMembers()
{
}
private function printMembers(array $memberList)
{
}
}

13
modules/Gruppen/Controllers/PrintGroupsController.php Normal file
View File

@ -0,0 +1,13 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
class PrintGroupsController
{
public function __construct()
{
kompass_print_gruppen_overview();
}
}

15
modules/Gruppen/Controllers/PrintMemberController.php Normal file
View File

@ -0,0 +1,15 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
class PrintMemberController
{
public function __construct(int $memberId)
{
global $dbHandler;
$member = $dbHandler->readFromDb(MainController::KOMPASS_STAMMESGRUPPEN_TEILIS, ['id' => $memberId]);
echo '<pre>';print_r($member);die();
}
}

16
modules/Gruppen/Controllers/PrintMemberListController.php Normal file
View File

@ -0,0 +1,16 @@
<?php
namespace Bdp\Modules\Gruppen\Controllers;
use Bdp\Libs\FileAccess;
class PrintMemberListController
{
public function __construct(array $memberList)
{
if (count($memberList) === 0) {
exit;
}
kompass_print_gruppen_members($memberList);
}
}

12
modules/Gruppen/Requests/ListMemberRequest.php Normal file
View File

@ -0,0 +1,12 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class ListMemberRequest
{
public static function listForGroup(int $groupId) : array
{
global $dbHandler;
return $dbHandler->readFromDb(MainController::KOMPASS_STAMMESGRUPPEN_TEILIS, ['gruppe_id' => $groupId]);
}
}

15
modules/Gruppen/Requests/SearchMemberRequest.php Normal file
View File

@ -0,0 +1,15 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController;
class SearchMemberRequest
{
public static function listByName(string $name) : array
{
global $dbHandler;
return $dbHandler->readSqlFromDb( MainController::KOMPASS_STAMMESGRUPPEN_TEILIS,
'SELECT * FROM %tablename% WHERE CONCAT(`vorname`, " " , `nachname`) LIKE "%' . $name . '%"');
}
}

64
modules/Gruppen/Views/CreateGroupForm.php Normal file
View File

@ -0,0 +1,64 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController as GruppenController;
function kompass_edit_group_form(int $groupId)
{
global $dbHandler;
$page = BDP_LV_PLUGIN_SLUG . '-create-group';
$group = $dbHandler->readFromDb(GruppenController::KOMPASS_STAMMESGRUPPEN_GRUPPEN, ['id' => $groupId]);
add_settings_section(
'custom_settings_section',
__('Edit Group', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
$page,
[
'action' => 'update-group',
'page' => 'kompass-groups',
'group_id' => $groupId
]
);
_kompass_group_display_elements($page, $group[0]);
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-create-group');
kompass_close_form(__('Update', BDP_LV_PLUGIN_SLUG));
}
function kompass_create_group_form()
{
global $dbHandler;
$page = BDP_LV_PLUGIN_SLUG . '-create-group';
add_settings_section(
'custom_settings_section',
__('Create Group', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
$page,
[
'action' => 'create-group',
'page' => 'kompass-groups'
]
);
_kompass_group_display_elements($page);
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-create-group');
kompass_close_form(__('Create', BDP_LV_PLUGIN_SLUG));
}
function _kompass_group_display_elements(string $page, stdClass $currentGroup = null)
{
$value = '';
if (null !== $currentGroup) {
$value = $currentGroup->gruppen_name;
}
add_settings_field(
'kompass_group_field_1',
__('Group Name', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_groups_group_name',
'value' => $value, 'style' => 'width: 512px']);
}

131
modules/Gruppen/Views/CreateMemberForm.php Normal file
View File

@ -0,0 +1,131 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController as GruppenController;
function kompass_edit_group_member_form(int $groupId)
{
global $dbHandler;
$page = BDP_LV_PLUGIN_SLUG . '-create-group';
$group = $dbHandler->readFromDb(GruppenController::KOMPASS_STAMMESGRUPPEN_GRUPPEN, ['id' => $groupId]);
add_settings_section(
'custom_settings_section',
__('Edit Group', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
$page,
[
'action' => 'update-group',
'page' => 'kompass-groups',
'group_id' => $groupId
]
);
_kompass_group_display_elements($page, $group[0]);
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-create-group');
kompass_close_form(__('Update', BDP_LV_PLUGIN_SLUG));
}
function kompass_create_group_member_form(array $prefilledData = [])
{
global $dbHandler;
$page = BDP_LV_PLUGIN_SLUG . '-create-member';
add_settings_section(
'custom_settings_section',
__('Add Member', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
$page,
[
'action' => 'create-member',
'page' => 'kompass-groups'
]
);
_kompass_group_member_display_elements($page, $prefilledData);
do_settings_sections($page);
kompass_close_form(__('Add member', BDP_LV_PLUGIN_SLUG));
}
function _kompass_group_member_display_elements(string $page, array $prefilledElements = [])
{
$value = $prefilledElements['kompass_group_member_firstname'] ?? '';
add_settings_field(
'kompass_group_member_field_1',
__('First Name', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_firstname',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_lastname'] ?? '';
add_settings_field(
'kompass_group_member_field_2',
__('Last Name', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_lastname',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_birthday'] ?? '';
add_settings_field(
'kompass_group_member_field_3',
__('Birthday', BDP_LV_PLUGIN_SLUG),
'kompass_print_datebox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_birthday',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_parents'] ?? '';
add_settings_field(
'kompass_group_member_field_4',
__('Contact person', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_parents',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_email_1'] ?? '';
add_settings_field(
'kompass_group_member_field_5',
__('E-Mail', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_email_1',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_email_2'] ?? '';
add_settings_field(
'kompass_group_member_field_6',
__('Alternative E-Mail', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_email_2',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_phone_1'] ?? '';
add_settings_field(
'kompass_group_member_field_7',
__('Telephone', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_phone_1',
'value' => $value, 'style' => 'width: 512px']);
$value = $prefilledElements['kompass_group_member_phone_2'] ?? '';
add_settings_field(
'kompass_group_member_field_8',
__('Alternative Telephone', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$page,
'custom_settings_section',
['setting' => 'kompass_group_member_phone_2',
'value' => $value, 'style' => 'width: 512px']);
}

95
modules/Gruppen/Views/GruppenOverview.php Normal file
View File

@ -0,0 +1,95 @@
<?php
use Bdp\Modules\Gruppen\Controllers\MainController as GruppenController;
function kompass_print_gruppen_overview()
{
global $dbHandler;
?>
<form method="post" action="admin.php?page=kompass-groups">
<p style="width: 100%; text-align: right">
<input type="hidden" name="action" value="searchmember">
<input type="text" name="member_name" style="width: 500px;"
placeholder="<?=__('Search member', BDP_LV_PLUGIN_SLUG); ?>" />
<input type="submit" class="button" value="<?= __('Search', BDP_LV_PLUGIN_SLUG); ?>" />
</p>
</form>
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<thead>
<tr>
<th scope="col" class="manage-column column-name"><?= __('Group Name', BDP_LV_PLUGIN_SLUG); ?></th>
<th scope="col" class="manage-column column-name"><?= __('Number Members', BDP_LV_PLUGIN_SLUG); ?></th>
<th style="width: 100px;" class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?php
foreach ($dbHandler->readFromDb( GruppenController::KOMPASS_STAMMESGRUPPEN_GRUPPEN) as $currentGruppe) {
$participantCount = $dbHandler->countSqlRows(GruppenController::KOMPASS_STAMMESGRUPPEN_TEILIS, ['gruppe_id' => $currentGruppe->id]);
echo '<tr>';
echo '<td>' . $currentGruppe->gruppen_name .'</td>';
echo '<td>' . $participantCount . '</td>';
echo '<td> ' . kompass_get_group_actions($currentGruppe->id, $participantCount ) .'</td>';
echo '</tr>';
}
?>
</tbody>
</table>
<?php
echo '<p>';
if ( current_user_can( 'send_mails' ) ) {
echo '<a class="button" href="' . admin_url('admin.php?page=kompass-groups') . '&action=compose-mail&group-id=0">' .
__( 'Mail to multiple groups', BDP_LV_PLUGIN_SLUG ) . '</a> &nbsp;';
}
if (current_user_can('create_teilis')) {
echo '<a class="button" href="' . admin_url('admin.php?page=kompass-groups') . '&action=new-member">' .
__( 'New Member', BDP_LV_PLUGIN_SLUG ) . '</a> &nbsp;';
}
if ( current_user_can( 'delete_teilis' ) ) {
?>
<a class="button" href="admin.php?page=kompass-groups&action=create_group_form">
<?= __('Create Group', BDP_LV_PLUGIN_SLUG); ?></a>
<?php
}
echo '</p>';
// Gutenberg-Editor einbinden
wp_editor( '', 'gutenberg_content', array(
'textarea_name' => 'gutenberg_content',
// 'media_buttons' => false, // Deaktivieren der Medien-Upload-Schaltfläche
) );
}
function kompass_get_group_actions(int $groupId, int $participantCount) : string
{
$elements = [];
if ($participantCount > 0) {
$elements[] = '<a href="' . admin_url('admin.php?page=kompass-groups') . '&action=show-members&group-id=' .$groupId .'">' .
__('Show Members', BDP_LV_PLUGIN_SLUG) . '</a>';
if (current_user_can('send_mails')) {
$elements[] = '<a href="' . admin_url('admin.php?page=kompass-groups') . '&action=compose-mail&group-id=' .$groupId .'">' .
__( 'Mail to group', BDP_LV_PLUGIN_SLUG ) . '</a>';
}
} else {
if (current_user_can('delete_groups')) {
$elements[] = '<a href="' . admin_url('admin.php?page=kompass-groups') . '&action=delete-group&group-id=' .$groupId .'">' .
__('Delete', BDP_LV_PLUGIN_SLUG) . '</a>';
}
}
if (current_user_can('edit_groups')) {
$elements[] = '<a href="' . admin_url('admin.php?page=kompass-groups') . '&action=edit-group&group-id=' .$groupId .'">' .
__('Edit', BDP_LV_PLUGIN_SLUG) . '</a>';
}
return implode('<br />' , $elements);
}

65
modules/Gruppen/Views/PrintMembers.php Normal file
View File

@ -0,0 +1,65 @@
<?php
function kompass_print_gruppen_members(array $memberList)
{
?>
<p style="width: 100%; text-align: right">
<input type="text" id="searchInput"
onkeyup="searchTable('myTable', this)"
placeholder="<?=__('Filter member', BDP_LV_PLUGIN_SLUG); ?>">
</p>
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<thead>
<tr>
<th scope="col" class="manage-column column-name"><?= __('Name', BDP_LV_PLUGIN_SLUG); ?></th>
<th style="width: 100px;" class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?php
foreach ($memberList as $curMember) {
?>
<tr>
<td> <?= $curMember->vorname . ' ' . $curMember->nachname ?>
<br />
<?php kompass_gruppen_printTelephonNumbers($curMember); ?>
<br />
<?= __('Allergies:', BDP_LV_PLUGIN_SLUG) . ' ' .
($curMember->allergien != '' ? $curMember->allergien : '---'); ?>
</td>
<td>
<a href= <?= admin_url('admin.php?page=kompass-groups') . '&action=show-member&member-id=' .$curMember->id; ?>">
<?= __('Show details', BDP_LV_PLUGIN_SLUG); ?></a>
<br />
<a href="admin.php?page=bdp-kompass-limit-login-attempts&action=removeFromList">
<?= __('Send E-Mail', BDP_LV_PLUGIN_SLUG); ?></a>
<br />
<?php
if ( current_user_can( 'delete_teilis' ) ) {
?>
<a href="admin.php?page=bdp-kompass-limit-login-attempts&action=removeFromList">
<?= __('Delete', BDP_LV_PLUGIN_SLUG); ?></a>
<?php
}
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
}
function kompass_gruppen_printTelephonNumbers(stdClass $curMember)
{
kompass_print_telephone_link($curMember->telefon_1);
if ($curMember->telefon_2 != '') {
echo ' // ';
kompass_print_telephone_link( $curMember->telefon_2 );
}
}

79
modules/KompassSettings/Controllers/SettingsPage.php Normal file
View File

@ -0,0 +1,79 @@
<?php
namespace Bdp\Modules\KompassSettings\Controllers;
class SettingsPage
{
public function __construct()
{
add_options_page(
__('kompass', BDP_LV_PLUGIN_SLUG) . ' - ' . __('Settings', BDP_LV_PLUGIN_SLUG),
__('kompass', BDP_LV_PLUGIN_SLUG) . ' - ' . __('Settings', BDP_LV_PLUGIN_SLUG),
'manage_options',
BDP_LV_PLUGIN_SLUG . '-Kompass-settings',
[$this, 'option_page'],2048);
}
public function option_page() {
bdp_kompass_load_plugin_textdomain();
$showMessage = null;
$tab = isset($_REQUEST['tab']) ? $_REQUEST['tab'] : 'tab1';
if (isset($_REQUEST['update_options']) && $_REQUEST['update_options'] == true) {
switch ($tab) {
case 'tab1':
update_option('bdp_calendar_categories', json_encode($_POST['category']));
update_option('bdp_calendar_source_url', $_POST['bdp_calendar_source_url']);
$showMessage = __('The settings were saved.', BDP_LV_PLUGIN_SLUG);
break;
case 'tab2':
update_option('kompass_seo_google_verification', $_POST['kompass_seo_google_verification']);
update_option('kompass_seo_bing_verification', $_POST['kompass_seo_bing_verification']);
$showMessage = __('The settings were saved.', BDP_LV_PLUGIN_SLUG);
break;
}
if (null !== $showMessage) {
echo '<div class="notice notice-success" style="padding: 5px 10px;">';
echo $showMessage;
echo '</div>';
}
}
bdp_kompass_load_plugin_textdomain();
?>
<div class="wrap">
<h1 class="wp-heading-inline">
<?= __('kompass', BDP_LV_PLUGIN_SLUG); ?> - <?= __('Settings', BDP_LV_PLUGIN_SLUG); ?></h1>
<hr class="wp-header-end">
<?= kompass_settings_print_tab_header($tab); ?>
<div class="tab-content">
<?php
switch ($tab) {
case 'tab1':
echo '<form action="admin.php?page=bdp-kompass-Kompass-settings&tab=tab1" method="post">';
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-calendar-settings');
require_once BDP_LV_PLUGIN_DIR . '/modules/calendar/Views/categories-partial.php';
echo '<input type="hidden" name="tab" value="tab1" />';
submit_button();
echo '</form>';
break;
case 'tab2':
echo '<form action="admin.php?page=bdp-kompass-Kompass-settings" method="post">';
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-seo-settings');
submit_button();
echo '<input type="hidden" name="tab" value="tab2" />';
echo '</form>';
break;
}
?>
</div>
</div>
<?php
}
}

13
modules/KompassSettings/Views/tab-control.php Normal file
View File

@ -0,0 +1,13 @@
<?php
function kompass_settings_print_tab_header(string $activeTab = 'tab1')
{
$baseUrl = 'admin.php?page=bdp-kompass-Kompass-settings&tab=';
return '<h2 class="nav-tab-wrapper">'.
'<a href="' . $baseUrl . 'tab1" class="nav-tab ' . ($activeTab == 'tab1' ? 'nav-tab-active' : '') . '">' .
__('Calendar Settings', BDP_LV_PLUGIN_SLUG) .
'</a>'.
'<a href="' . $baseUrl . 'tab2" class="nav-tab ' . ($activeTab == 'tab2' ? 'nav-tab-active' : '') .'">' .
__('SEO', BDP_LV_PLUGIN_SLUG) .
'</a>'.
'</h2>';
}

281
modules/LimitLoginAttempts/Controllers/LoginHandler.php Normal file
View File

@ -0,0 +1,281 @@
<?php
namespace Bdp\Modules\LimitLoginAttempts\Controllers;
use ProtectLogin\Modules\LimitLoginAttempts\Requests\IpAddress;
class LoginHandler {
public const DIRECT_ADDR = 'REMOTE_ADDR';
public const PROXY_ADDR = 'HTTP_X_FORWARDED_FOR';
public function onSuccessFullLogin($user, $password) {
if (!is_wp_error($user) && $this->isLoginAllowedFromIp() ) {
return $user;
}
global $limit_login_my_error_shown;
$limit_login_my_error_shown = true;
$error = new \WP_Error();
// This error should be the same as in "shake it" filter below
$error->add('too_many_retries', $this->composeErrorMessage());
return $error;
}
public function onFailedLogin(string $username) {
$ip = $this->getAddress();
/* if currently locked-out, do not add to retries */
$lockouts = get_option('protect_login_limit_login_lockouts', []);
if(isset($lockouts[$ip]) && time() < $lockouts[$ip]) {
return;
}
/* Get the arrays with retries and retries-valid information */
$retries = get_option('kompass_limit_login_retries', []);
$valid = get_option('kompass_limit_login_retries_valid', []);
/* Check validity and add one to retries */
if (isset($retries[$ip])) { //} && isset($valid[$ip]) && time() < $valid[$ip]) {
$retries[$ip] ++;
} else {
$retries[$ip] = 1;
}
update_option('kompass_limit_login_retries', $retries);
/* lockout? */
if($retries[$ip] % get_option('kompass_limit_login_allowed_retries', 0) != 0) {
return;
}
$retries_long = get_option('kompass_limit_login_allowed_retries', 1)
* get_option('kompass_limit_login_allowed_lockouts', 1);
if ($retries[$ip] >= $retries_long) {
$lockouts[$ip] = time() + get_option('kompass_limit_login_long_duration', 86400);
} else {
$lockouts[$ip] = time() + get_option('kompass_limit_login_lockout_duration', 900);
}
update_option('kompass_limit_login_lockouts', $lockouts);
/* do any notification */
$this->notify($username);
}
private function notifyByEmail($user)
{
$ip = $this->getAddress();
$lockouts = get_option('kompass_limit_login_lockouts', []);
if (!isset($lockouts[$ip])) {
return;
}
$blocked_until = $lockouts[$ip];
$retries = get_option('kompass_limit_login_retries', []);
$currentRetries = $retries[$ip];
$notify_after = get_option('kompass_limit_login_notify_email_after', 1);
if ($currentRetries % $notify_after !== 0) {
return;
}
$blogname = get_option('blogname', 'none');
$subject = sprintf(__("[%s] Too many failed login attempts"
, 'limit-login-attempts')
, $blogname);
$message = 'Neue Sperrung auf deiner Webseite: ' . PHP_EOL .
'IP-Adresse: ' . $ip . PHP_EOL .
'Gesperrt bis: ' . date('d.m.Y H:i', $blocked_until);
$admin_email = get_option('admin_email');
wp_mail($admin_email, $subject, $message);
}
/* Handle notification in event of lockout */
private function notify($user) {
$args = get_option('kompass_limit_login_lockout_notify', []);
if (!is_array($args)) {
$args = [$args];
}
foreach ($args as $mode) {
switch (trim($mode)) {
case 'email':
$this->notifyByEmail($user);
break;
}
}
}
private function composeErrorMessage() {
$ip = $this->getAddress();
$lockouts = get_option('protect_login_limit_login_lockouts');
$msg = __('Too many failed login attempts.', BDP_LV_PLUGIN_SLUG) . ' ';
if (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]) {
/* Huh? No timeout active? */
$msg .= __('Please try again later.', BDP_LV_PLUGIN_SLUG);
return $msg;
}
$when = ceil(($lockouts[$ip] - time()) / 60);
if ($when > 60) {
$when = ceil($when / 60);
$msg .= sprintf(_n('Please try again in %d hour.', 'Please try again in %d hours.', $when, BDP_LV_PLUGIN_SLUG), $when);
} else {
$msg .= sprintf(_n('Please try again in %d minute.', 'Please try again in %d minutes.', $when, BDP_LV_PLUGIN_SLUG), $when);
}
return $msg;
}
private static function getAddress($typeName = '') {
global $limitLoginAttemptsSettings;
$typeOriginal = $typeName;
if (empty($typeName)) {
$typeName = get_option('kompass_limit_loginclient_type', self::DIRECT_ADDR);
}
if (isset($_SERVER[$typeName]) && filter_var($_SERVER[$typeName], FILTER_VALIDATE_IP)) {
return $_SERVER[$typeName];
}
/*
* Not found. Did we get proxy type from option?
* If so, try to fall back to direct address.
*/
if ( empty($typeName) && $typeOriginal == self::PROXY_ADDR
&& isset($_SERVER[self::DIRECT_ADDR])
&& filter_var($_SERVER[self::DIRECT_ADDR], FILTER_VALIDATE_IP)) {
/*
* NOTE: Even though we fall back to direct address -- meaning you
* can get a mostly working plugin when set to PROXY mode while in
* fact directly connected to Internet it is not safe!
*
* Client can itself send HTTP_X_FORWARDED_FOR header fooling us
* regarding which IP should be banned.
*/
return $_SERVER[self::DIRECT_ADDR];
}
return '';
}
public function isLoginAllowedFromIp() {
$ip = $this->getAddress();
if (in_array($ip, get_option('kompass_limit_login_blocklist', []))) {
return false;
}
if (in_array($ip, get_option('kompass_limit_login_allowlist', []))) {
return true;
}
/* lockout active? */
$lockouts = get_option('kompass_limit_login_lockouts', []);
return (!is_array($lockouts) || !isset($lockouts[$ip]) || time() >= $lockouts[$ip]);
}
public function checkFailedCookies($cookie_elements) {
$this->clearAuthCookie();
/*
* Invalid username gets counted every time.
*/
$this->onFailedLogin($cookie_elements['username']);
}
private function clearAuthCookie() {
wp_clear_auth_cookie();
if (!empty($_COOKIE[AUTH_COOKIE])) {
$_COOKIE[AUTH_COOKIE] = '';
}
if (!empty($_COOKIE[SECURE_AUTH_COOKIE])) {
$_COOKIE[SECURE_AUTH_COOKIE] = '';
}
if (!empty($_COOKIE[LOGGED_IN_COOKIE])) {
$_COOKIE[LOGGED_IN_COOKIE] = '';
}
}
public function onValidCookie($cookie_elements, $user) {
/*
* As all meta values get cached on user load this should not require
* any extra work for the common case of no stored value.
*/
if (get_user_meta($user->ID, 'kompass_limit_login_previous_cookie')) {
delete_user_meta($user->ID, 'kompass_limit_login_previous_cookie');
}
}
function clearLoginCookie($cookie_elements) {
$this->clearAuthCookie();
/*
* Under some conditions an invalid auth cookie will be used multiple
* times, which results in multiple failed attempts from that one
* cookie.
*
* Unfortunately I've not been able to replicate this consistently and
* thus have not been able to make sure what the exact cause is.
*
* Probably it is because a reload of for example the admin dashboard
* might result in multiple requests from the browser before the invalid
* cookie can be cleard.
*
* Handle this by only counting the first attempt when the exact same
* cookie is attempted for a user.
*/
extract($cookie_elements, EXTR_OVERWRITE);
// Check if cookie is for a valid user
$user = get_user_by('login', $username);
if (!$user) {
// "shouldn't happen" for this action
$this->onFailedLogin($username);
return;
}
$previous_cookie = get_user_meta($user->ID, 'kompass_limit_login_previous_cookie', true);
if ($previous_cookie && $previous_cookie == $cookie_elements) {
// Identical cookies, ignore this attempt
return;
}
// Store cookie
if ($previous_cookie)
update_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements);
else
add_user_meta($user->ID, 'kompass_limit_login_previous_cookie', $cookie_elements, true);
$this->onFailedLogin($username);
}
public function handleCookies() {
if ($this->isLoginAllowedFromIp()) {
return;
}
$this->clearAuthCookie();
}
}

193
modules/LimitLoginAttempts/Controllers/OptionsPage.php Normal file
View File

@ -0,0 +1,193 @@
<?php
namespace Bdp\Modules\LimitLoginAttempts\Controllers;
class OptionsPage
{
public function __construct()
{
add_options_page(
__('Login-Protection', BDP_LV_PLUGIN_SLUG),
__('Login-Protection', BDP_LV_PLUGIN_SLUG),
'manage_options',
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts',
[$this, 'limit_login_option_page'],2048);
}
public function releaseIp($ip)
{
$allIps = get_option('kompass_limit_login_lockouts', []);
unset($allIps[$ip]);
update_option('kompass_limit_login_lockouts', $allIps);
}
public static function addToBlocklist(string $ip)
{
$blockedIps = get_option('kompass_limit_login_blocklist', []);
$blockedIps[] = $ip;
update_option('kompass_limit_login_blocklist', $blockedIps);
}
public static function addToAllowlist(string $ip)
{
$allowedIps = get_option('kompass_limit_login_allowlist', []);
$allowedIps[] = $ip;
update_option('kompass_limit_login_allowlist', $allowedIps);
self::releaseIp($ip);
}
public function removeFromList(string $listType, string $ip){
update_option(
'kompass_limit_login_' . $listType,
array_diff(get_option('kompass_limit_login_' . $listType, []), [$ip])
);
}
public function getBlockedIps()
{
bdp_kompass_load_plugin_textdomain();
$ips = '';
foreach (get_option('kompass_limit_login_lockouts', []) as $ip => $blockedUntil) {
$ips .= '<tr style="vertical-align: top;">' .
'<td style="padding-right: 50px;">' . $ip . '</td>';
if (in_array($ip, get_option('protect_login_limit_login_blocklist', []))) {
$ips .= '<td style="padding-right: 50px;">Dauerhaft blockiert</td>' .
'<td>' .
'Keine Aktion möglich' .
'</td></tr>';
} else {
$ips .= '<td style="padding-right: 50px;">' . date('d.m.Y', $blockedUntil) . '<br />' . date('H:i', $blockedUntil) . ' Uhr</td>' .
'<td>
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=release&ip=' .
base64_encode($ip) . '">' . __('Release ip address', BDP_LV_PLUGIN_SLUG) . '</a><br />
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toBlock&ip=' .
base64_encode($ip) . '">' . __('Add ip address to blocklist', BDP_LV_PLUGIN_SLUG) . '</a><br />
<a href="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab4&action=toAllow&ip=' .
base64_encode($ip) . '">' . __('Add ip address to allowlist and release', BDP_LV_PLUGIN_SLUG) . '</a><br /> ' .
'</td></tr>';
};
}
return $ips;
}
public function limit_login_option_page() {
global $errors;
bdp_kompass_load_plugin_textdomain();
$showMessage = null;
if (isset($_POST['update_options'])) {
update_settings($_POST);
$showMessage = __('The settings were saved.', BDP_LV_PLUGIN_SLUG);
}
if (isset($_GET['action']) && $_GET['action'] == 'release') {
$showMessage = __('The ip address was released.', BDP_LV_PLUGIN_SLUG);
}
if(isset($_POST['save_kompass_balist_list_type'])) {
$showMessage = __('The list was saved.', BDP_LV_PLUGIN_SLUG);
}
if (null !== $showMessage && $errors === false) {
echo '<div class="notice notice-success" style="padding: 5px 10px;">';
echo $showMessage;
echo '</div>';
}
if ($errors) {
echo '<div class="notice notice-error" style="padding: 5px 10px;">';
echo __('An error occured.', BDP_LV_PLUGIN_SLUG);
echo '</div>';
}
$tab = isset($_GET['tab']) ? $_GET['tab'] : 'tab1';
if (isset($_GET['action']) && $_GET['action'] == 'removeFromList') {
$this->removeFromList($_GET['list'], base64_decode($_GET['ip']));
if ($_GET['list'] == 'blocklist') {
$tab = 'tab2';
} else {
$tab = 'tab3';
}
}
bdp_kompass_load_plugin_textdomain();
?>
<div class="wrap">
<h1 class="wp-heading-inline">
<?= __('Login-Protection', BDP_LV_PLUGIN_SLUG); ?> - <?= __('Settings', BDP_LV_PLUGIN_SLUG); ?></h1>
<hr class="wp-header-end">
<?= kompass_print_tab_header($tab); ?>
<div class="tab-content">
<?php
switch ($tab) {
case 'tab1':
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab1" method="post">';
do_settings_sections(BDP_LV_PLUGIN_SLUG . '-limit-login-attempts');
submit_button();
echo '</form>';
break;
case 'tab2':
echo '<h2>Blocklist</h2>';
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab2" method="post">';
kompass_print_block_allow_form('blocklist');
submit_button();
echo '</form>';
break;
case 'tab3':
echo '<h2>Allowlist</h2>';
echo '<form action="admin.php?page=bdp-kompass-limit-login-attempts&tab=tab3" method="post">';
kompass_print_block_allow_form('allowlist');
submit_button();
echo '</form>';
break;
case 'tab4':
if (isset($_GET['action']) && $_GET['action'] == 'release') {
$this->releaseIp(base64_decode($_GET['ip']));
}
if (isset($_GET['action']) && $_GET['action'] == 'toBlock') {
$this->addToBlocklist(base64_decode($_GET['ip']));
}
if (isset($_GET['action']) && $_GET['action'] == 'toAllow') {
$this->addToAllowlist(base64_decode($_GET['ip']));
}
$blockedIps = $this->getBlockedIps();
echo '<h2>'. __('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .'</h2>';
if (strlen($blockedIps) == 0) {
echo '<div class="bdp-kompass-no-blocked-ips">';
echo __('There are no ip addresses blocked.', BDP_LV_PLUGIN_SLUG);
echo '</div>';
} else { ?>
<p style="width: 100%; text-align: right">
<input type="text" id="searchInput"
onkeyup="searchTable('myTable', this)"
placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
</p>
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<thead>
<tr>
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
<th class="manage-column column-name"><?= __('Blocked until', BDP_LV_PLUGIN_SLUG); ?></th>
<th class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?= $blockedIps ?>
</tbody>
</table>
<?php
}
break;
}
?>
</div>
</div>
<?php
}
}

18
modules/LimitLoginAttempts/Views/tab-control.php Normal file
View File

@ -0,0 +1,18 @@
<?php
function kompass_print_tab_header(string $activeTab = 'tab1')
{
$baseUrl = 'admin.php?page=bdp-kompass-limit-login-attempts&tab=';
return '<h2 class="nav-tab-wrapper">'.
'<a href="' . $baseUrl . 'tab1" class="nav-tab ' . ($activeTab == 'tab1' ? 'nav-tab-active' : '') . '">' .
__('Options', BDP_LV_PLUGIN_SLUG) .
'</a>'.
'<a href="' . $baseUrl . 'tab2" class="nav-tab ' . ($activeTab == 'tab2' ? 'nav-tab-active' : '') .'">' .
__('Blocklist', BDP_LV_PLUGIN_SLUG) .
'</a>'.
'<a href="' . $baseUrl . 'tab3" class="nav-tab ' . ($activeTab == 'tab3' ? 'nav-tab-active' : '') .'">' .
__('Allowlist', BDP_LV_PLUGIN_SLUG) .
'</a>'.
'<a href="' . $baseUrl . 'tab4" class="nav-tab ' . ($activeTab == 'tab4' ? 'nav-tab-active' : '') .'">' .
__('Blocked IP addresses', BDP_LV_PLUGIN_SLUG) .
'</a></h2>';
}

65
modules/LimitLoginAttempts/includes/block-and-allow-list-form.php Normal file
View File

@ -0,0 +1,65 @@
<?php
use Bdp\Modules\LimitLoginAttempts\Controllers\OptionsPage as LimitLoginAttemptsOptions;
function updateBlockOrAllowList(array $postVars)
{
$listType = $postVars['save_kompass_balist_list_type'];
if (count($postVars['new_ips']) == 1) {
foreach (explode(PHP_EOL, $postVars['new_ips'][0]) as $newIp) {
$newIp = trim($newIp);
if ('' !== $newIp) {
if ($listType == 'blocklist') {
LimitLoginAttemptsOptions::addToBlocklist($newIp);
} else {
LimitLoginAttemptsOptions::addToAllowlist($newIp);
}
}
}
}
}
function kompass_print_block_allow_form(string $listType) {
$elements = get_option('kompass_limit_login_' . $listType, []);
?>
<input type="hidden" name="save_kompass_balist_list_type" value="<?= $listType; ?>" />
<p style="width: 100%; text-align: right">
<input type="text" id="searchInput"
onkeyup="searchTable('myTable', this)"
placeholder="<?=__('Search for ip address', BDP_LV_PLUGIN_SLUG); ?>">
</p>
<table class="wp-list-table widefat fixed striped table-view-list" id="myTable">
<thead>
<tr>
<th scope="col" class="manage-column column-name"><?= __('IP address', BDP_LV_PLUGIN_SLUG); ?></th>
<th style="width: 100px;" class="manage-column column-name"><?= __('Actions', BDP_LV_PLUGIN_SLUG); ?></th>
</tr>
</thead>
<tbody>
<?php
foreach ($elements as $currentIp) {
echo '<tr>';
echo '<td>' . $currentIp .'</td>';
echo '<td><a href="admin.php?page=bdp-kompass-limit-login-attempts&action=removeFromList' .
'&list=' . $listType . '&ip=' . base64_encode($currentIp) . '">'
. __('Delete', BDP_LV_PLUGIN_SLUG) . '</a></td>';
echo '</tr>';
}
?>
</tbody>
</table>
</div>
<div class="kompass_setting_box">
<h3><?= __('IP-Adresse hinzufügen', BDP_LV_PLUGIN_SLUG); ?></h3>
<p>
<textarea
placeholder="<?= __('Please use line breaks to enter multiple ips', BDP_LV_PLUGIN_SLUG); ?>"
name="new_ips[]"
style="width: 350px;" rows="5"></textarea>
</p>
</div>
<?php
}

102
modules/LimitLoginAttempts/includes/gui_elements.php Normal file
View File

@ -0,0 +1,102 @@
<?php
function _kompass_limit_logins_settings_radio_callback(array $args)
{
kompass_print_radio($args['setting']);
}
function _kompass_limit_logins_settings_checkbox_callback(array $args) {
kompass_print_checkbox($args['setting']);
}
bdp_kompass_load_plugin_textdomain();
add_settings_section(
'custom_settings_section',
__('Options', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
BDP_LV_PLUGIN_SLUG . '-limit-login-attempts'
);
$settings_page = BDP_LV_PLUGIN_SLUG . '-limit-login-attempts';
add_settings_field(
'kompass_lla_1',
__('Maximum reps until lockout', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_allowed_retries']);
add_settings_field(
'kompass_lla_2',
__('Duration of lockout (in minutes)', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_lockout_duration', 'unit_division' => 60 ]);
add_settings_field(
'kompass_lla_3',
__('Maximum number of lockouts', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_allowed_lockouts']);
add_settings_field(
'kompass_lla_4',
__('Long-term duration (in hours)', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_long_duration', 'unit_division' => 3600]);
add_settings_field(
'kompass_lla_5',
__('Minimum password strength', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_password_minimal_strength']);
add_settings_field(
'kompass_lla_6',
__('Page accessible via', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_client_type']);
add_settings_field(
'kompass_lla_7',
__('Handle cookies', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_radio_callback',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_cookies']);
add_settings_field(
'kompass_lla_8',
__('Notify if blocked', BDP_LV_PLUGIN_SLUG),
'_kompass_limit_logins_settings_checkbox_callback',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_lockout_notify']);
add_settings_field(
'kompass_lla_9',
__('Failed attempts until notification', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$settings_page,
'custom_settings_section',
['setting' => 'kompass_limit_login_notify_email_after']);

60
modules/LimitLoginAttempts/includes/validators.php Normal file
View File

@ -0,0 +1,60 @@
<?php
function check_for_integer(int $input) {
return $input;
}
function hours_to_seconds_converter(int $input) {
// Hier kannst du die Eingabe validieren, z.B. sicherstellen, dass es sich um eine gültige E-Mail-Adresse handelt.
return minutes_to_seconds_converter($input) * 60;
}
function minutes_to_seconds_converter(int $input) {
return check_for_integer($input) * 60;
}
function kompass_settings_validators()
{
$slug = BDP_LV_PLUGIN_SLUG . '-limit-login-attempts';
register_setting($slug,
'kompass_limit_login_allowed_retries',
'check_for_integer');
register_setting($slug,
'kompass_limit_login_allowed_lockouts',
'check_for_integer');
register_setting($slug,
'kompass_limit_login_lockout_duration',
'minutes_to_seconds_converter');
register_setting($slug,
'kompass_limit_login_long_duration',
'hours_to_seconds_converter');
register_setting($slug,
'kompass_limit_login_notify_email_after',
'check_for_integer');
}
function update_settings(array $postParams) {
$settings = ['kompass_limit_login_lockout_duration',
'kompass_limit_login_allowed_retries',
'kompass_limit_login_allowed_lockouts',
'kompass_password_minimal_strength',
'kompass_limit_login_client_type',
'kompass_limit_login_long_duration',
'kompass_limit_login_lockout_notify',
'kompass_limit_login_notify_email_after',
'kompass_limit_login_cookies'];
foreach ($settings as $curSetting) {
if (isset($postParams[$curSetting])) {
update_option($curSetting, $postParams[$curSetting]);
} else {
update_option($curSetting, '');
}
}
}

10
modules/Mail/Controllers/MailCompose.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace Bdp\Modules\Mail\Controllers;
class MailCompose
{
function __construct()
{
kompass_print_mail_compose();
}
}

153
modules/Mail/Controllers/MailController.php Normal file
View File

@ -0,0 +1,153 @@
<?php
namespace Bdp\Modules\Mail\Controllers;
use Bdp\Libs\FileAccess;
use SearchMemberRequest;
class MailController
{
public function __construct()
{
add_menu_page(
__('E-Mail', BDP_LV_PLUGIN_SLUG),
__('E-Mail', BDP_LV_PLUGIN_SLUG),
'send_mails',
'kompass-mail',
[$this, 'router'],
'dashicons-email',
4
);
/*$mailCompose = new MailCompose();
add_submenu_page(
'kompass-mail',
__('Templates', BDP_LV_PLUGIN_SLUG),
__('Templates', BDP_LV_PLUGIN_SLUG),
'send_mails',
'kompass-mail-compose',
[$mailCompose, '__construct'],
1);*/
}
public function router()
{
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'send-email':
// SMTP-Konfiguration
$smtp_host = 'bdp.mein-verein.online'; // SMTP-Host
$smtp_port = 25; // SMTP-Port
$smtp_username = 'noreply@mareike.sachsen.pfadfinden.de'; // SMTP-Benutzername
$smtp_password = 'fwJ_wxbW9G45'; // SMTP-Passwort
$smtp_secure = 'tls'; // Verschlüsselung (tls oder ssl)
// Einstellungen für wp_mail ändern
add_action( 'phpmailer_init', function( $phpmailer ) use ( $smtp_host, $smtp_port, $smtp_username, $smtp_password, $smtp_secure ) {
$phpmailer->isSMTP();
$phpmailer->Host = $smtp_host;
$phpmailer->Port = $smtp_port;
$phpmailer->SMTPAuth = true;
$phpmailer->Username = $smtp_username;
$phpmailer->Password = $smtp_password;
$phpmailer->setFrom('info@pfadfinden-halle.de', 'Pfadfinden - Halle');
#$phpmailer->SMTPSecure = $smtp_secure;
} );
// Senden Sie die E-Mail
$sent = wp_mail($_REQUEST['mail-to'],$_REQUEST['mail-subject'],$_REQUEST['mail-text'],
['Reply-To: ' . $_REQUEST['mail-from'], 'Content-Type: text/html; charset=UTF-8']);
// Überprüfen, ob die E-Mail erfolgreich gesendet wurde
if ( $sent ) {
echo '<p>E-Mail wurde erfolgreich gesendet!</p>';
} else {
echo '<p>Fehler beim Senden der E-Mail!</p>';
}
echo $_REQUEST['mail-to'] . '<br />';
echo $_REQUEST['mail-text'];
echo 'mail gesendet';
break;
case 'create_group_form':
new \Bdp\Modules\Gruppen\Controllers\CreateGroupController();
break;
case 'update-group':
\UpdateGroupAction::execute(['gruppen_name' => $_REQUEST['kompass_groups_group_name']],
(int)$_REQUEST['group_id']);
new \Bdp\Modules\Gruppen\Controllers\PrintGroupsController();
break;
case 'create-group':
$data = ['gruppen_name' => $_REQUEST['kompass_groups_group_name']];
\CreateGroupAction::execute($data);
new \Bdp\Modules\Gruppen\Controllers\PrintGroupsController();
break;
case 'new-member':
new \Bdp\Modules\Gruppen\Controllers\CreateMemberController();
break;
case 'create-member':
$userData = \CreateGroupMemberDataAction::execute($_REQUEST);
if (count($userData['errors']) === 0) {
$memberId = \CreateGroupMemberAction::execute( $userData['data'] );
new \Bdp\Modules\Gruppen\Controllers\PrintMemberController($memberId);
} else {
kompass_print_message_box(implode('<br />', $userData['errors']), 'error');
new \Bdp\Modules\Gruppen\Controllers\CreateMemberController($userData['rawData']);
exit;
}
new \Bdp\Modules\Gruppen\Controllers\PrintGroupsController();
break;
case 'show-members':
$memberList = \ListMemberRequest::listForGroup((int)$_REQUEST['group-id']);
new \Bdp\Modules\Gruppen\Controllers\PrintMemberListController($memberList);
break;
case 'show-member':
new \Bdp\Modules\Gruppen\Controllers\PrintMemberController((int)$_REQUEST['member-id']);
break;
case 'compose-mail':
current_user_can('send_mails');
break;
case 'delete-group':
if (current_user_can('delete_groups')) {
}
break;
case 'edit-group':
if (current_user_can('edit_groups')) {
kompass_edit_group_form($_REQUEST['group-id']);
}
break;
default:
}
} else {
new MailCompose();
}
}
private function listMembers()
{
}
private function printMembers(array $memberList)
{
}
}

34
modules/Mail/Views/MailCompose.php Normal file
View File

@ -0,0 +1,34 @@
<?php
function kompass_print_mail_compose()
{
global $dbHandler;
?>
<form method="post" action="admin.php?page=kompass-mail" style="width: 80%; margin: auto">
<table style="width: 100%">
<input type="hidden" name="action" value="send-email" />
<tr>
<td><?= __('From: ', BDP_LV_PLUGIN_SLUG); ?></td>
<td><input type="text" name="mail-from" style="width: 100%"></td>
</tr>
<tr>
<td><?= __('To: ', BDP_LV_PLUGIN_SLUG); ?></td>
<td><input type="text" name="mail-to" style="width: 100%"></td>
</tr>
<tr>
<td><?= __('Subject: ', BDP_LV_PLUGIN_SLUG); ?></td>
<td><input type="text" name="mail-subject" style="width: 100%"></td>
</tr>
</table>
<?php
wp_editor( '', 'gutenberg_content', array(
'textarea_name' => 'mail-text',
// 'media_buttons' => false, // Deaktivieren der Medien-Upload-Schaltfläche
) );
submit_button(__('Send email', BDP_LV_PLUGIN_SLUG));
?>
</form>
<?php
}

10
modules/PasswordStrength/includes/password_strength_rules.php Normal file
View File

@ -0,0 +1,10 @@
<?php
function kompass_get_minimal_password_strength() {
$minPasswordStrength = get_option('kompass_password_minimal_strength', 1);
$possibleStrengths = ['1' => 'short, bad, good, strong',
'2' => 'good, strong',
'3' => 'strong'];
return ' ' . $possibleStrengths[$minPasswordStrength];
}

1
modules/about/internal/index.php
View File

@ -1,4 +1,3 @@
<div id="wpbody-content">
<h1>Über dieses Plugin</h1>

66
modules/calendar/Views/categories-partial.php Normal file
View File

@ -0,0 +1,66 @@
<?php
$categories = get_option('bdp_calendar_categories', null);
if (null !== $categories) {
$categories = json_decode($categories, true);
} else {
$categories = [
'yellow' => 'Meute',
'blue' => 'Sippe',
'red' => 'Runde',
'green' => 'Stammesführung',
'fuchsia' => '',
'orange' => ''
];
}
?>
<table class="form-table">
<tr>
<th style="width: 200px" scope="row"></th>
<th></th>
<td style="width: 50px;"></td>
<td></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Gelb:</th>
<th><input type="text" name="category[yellow]" value="<?php echo $categories['yellow']; ?>" /></th>
<td style="width: 50px;" class="bdp_cal_event_yellow"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Blau:</th>
<th><input type="text" name="category[blue]" value="<?php echo $categories['blue']; ?>" /></th>
<td class="bdp_cal_event_blue"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Rot:</th>
<th><input type="text" name="category[red]" value="<?php echo $categories['red']; ?>" /></th>
<td class="bdp_cal_event_red"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Grün:</th>
<th><input type="text" name="category[green]" value="<?php echo $categories['green']; ?>" /></th>
<td class="bdp_cal_event_green"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Fuchsia:</th>
<th><input type="text" name="category[fuchsia]" value="<?php echo $categories['fuchsia']; ?>" /></th>
<td class="bdp_cal_event_fuchsia"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Orange:</th>
<th><input type="text" name="category[orange]" value="<?php echo $categories['orange']; ?>" /></th>
<td class="bdp_cal_event_orange"></td>
</tr>
<tr>
<th style="width: 210px;" scope="row">Grau:</th>
<th>Standard</th>
<td class="bdp_cal_event_grey"></td>
</tr>
</table>

18
modules/calendar/Views/settings-form.php Normal file
View File

@ -0,0 +1,18 @@
<?php
add_settings_section(
'custom_settings_section',
__('Calendar settings', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
BDP_LV_PLUGIN_SLUG . '-calendar-settings'
);
$seo_settings_page = BDP_LV_PLUGIN_SLUG . '-calendar-settings';
add_settings_field(
'kompass_cal_1',
__('Calendar URL', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$seo_settings_page,
'custom_settings_section',
['setting' => 'bdp_calendar_source_url', 'style' => 'width: 1024px']);

91
modules/calendar/internal/index.php
View File

@ -1,91 +0,0 @@
<?php
echo '<div id="wpbody-content">';
echo '<h1>Kalender-Einstellungen</h1>';
if (isset($_POST['submit'])) {
echo '<div id="bdp_success">Die Einstellungen wurden gespeichert.</div>';
update_option('bdp_calendar_categories', json_encode($_POST['category']));
update_option('bdp_calendar_source_url', $_POST['ical_url']);
}
$categories = get_option('bdp_calendar_categories', null);
if (null !== $categories) {
$categories = json_decode($categories, true);
} else {
$categories = [
'yellow' => 'Meute',
'blue' => 'Sippe',
'red' => 'Runde',
'green' => 'Stammesführung',
'fuchsia' => '',
'orange' => ''
];
}
?>
<form method="post" action="admin.php?page=bdp-kompass%2Fmodules%2Findex.php&loadmodule=calendar">
<div class="bdp_cal_outer">
<fieldset class="bdp_cal_inner">
<legend>Datenabfrage</legend>
<table>
<tr style="vertical-align: top;">
<td>Kalender-URL:</td>
<td><input class="long_text" type="text" name="ical_url" id="ical_url" required
value = "<?php echo get_option('bdp_calendar_source_url', ''); ?>"
><br />
<label style="font-weight: normal; color: #a0a0a0; font-style: italic">
Bitte gib hier die URL zur .ics - Datei eures Kalenbders im Wiki ein.
</label>
</td>
</tr>
</table>
</fieldset>
<fieldset class="bdp_cal_inner">
<legend>Labels</legend>
<table>
<tr>
<td>Gelb:</td>
<td><input type="text" name="category[yellow]" value="<?php echo $categories['yellow']; ?>" /></td>
<td class="bdp_cal_event_yellow"></td>
</tr>
<tr>
<td>Blau:</td>
<td><input type="text" name="category[blue]" value="<?php echo $categories['blue']; ?>" /></td>
<td class="bdp_cal_event_blue"></td>
</tr>
<tr>
<td>Rot:</td>
<td><input type="text" name="category[red]" value="<?php echo $categories['red']; ?>" /></td>
<td class="bdp_cal_event_red"></td>
</tr>
<tr>
<td>Grün:</td>
<td><input type="text" name="category[green]" value="<?php echo $categories['green']; ?>" /></td>
<td class="bdp_cal_event_green"></td>
</tr>
<tr>
<td>Fuchsia:</td>
<td><input type="text" name="category[fuchsia]" value="<?php echo $categories['fuchsia']; ?>" /></td>
<td class="bdp_cal_event_fuchsia"></td>
</tr>
<tr>
<td>Orange:</td>
<td><input type="text" name="category[orange]" value="<?php echo $categories['orange']; ?>" /></td>
<td class="bdp_cal_event_orange"></td>
</tr>
<tr>
<td>Grau:</td>
<td>Standard</td>
<td class="bdp_cal_event_grey"></td>
</tr>
</table>
</fieldset>
<input class="bdp_submit" type="submit" name="submit" value="Einstellungen speichern">
</form>
</div>
</div>

75
modules/firstusage/classes/Security.class.php
View File

@ -1,75 +0,0 @@
<?php
namespace Bdp\Modules\Security;
use ZipArchive;
class Security
{
public const required_security_plugins = [
'wps_hide_login' => ['downloadUrl' => 'https://downloads.wordpress.org/plugin/wps-hide-login.1.9.10.zip'],
'limit-login-attempts-reloaded' => ['downloadUrl' => 'https://downloads.wordpress.org/plugin/limit-login-attempts-reloaded.2.25.27.zip']];
public const delete_plugins = [
'akismet/akismet.php',
'hello.php'
];
public static function setup()
{
self::deletePlugins();
foreach (self::required_security_plugins as $pluginSlug => $pluginData) {
if (!is_dir(WP_PLUGIN_DIR . '/' . $pluginSlug)) {
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
}
}
$loginUrl = get_option('whl_page', 'bdp_login');
update_option('whl_page', $loginUrl);
}
public static function deletePlugins() {
deactivate_plugins(self::delete_plugins);
delete_plugins(self::delete_plugins);
}
public static function installSecurityPlugin(string $pluginSlug, string $downloadUrl) : bool
{
$ch = curl_init();
$source = $downloadUrl;
curl_setopt($ch, CURLOPT_URL, $source);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec ($ch);
curl_close ($ch);
$destination = WP_PLUGIN_DIR . '/' . $pluginSlug . '.zip';
$file = fopen($destination, "w+");
fputs($file, $data);
fclose($file);
$zip = new ZipArchive();
$zip->open($destination);
$zip->extractTo(WP_PLUGIN_DIR);
$zip->close();
unlink($destination);
$pluginInfos = get_plugins( '/'.$pluginSlug );
$installfile = $pluginSlug . '/';
if( ! empty( $pluginInfos ) ) {
foreach ($pluginInfos as $file => $info) :
$installfile .= $file;
endforeach;
}
$result = activate_plugin($installfile);
return $result === null;
}
}

22
modules/firstusage/internal/index.php
View File

@ -1,22 +0,0 @@
<?php
echo '<div id="wpbody-content">';
echo '<h1>Installation erfolgreich!</h1>';
?>
<form method="post" action="admin.php?page=bdp-kompass%2Fmodules%2Findex.php&loadmodule=security">
<div class="bdp_security_outer">
<fieldset class="bdp_security_inner">
<span style="font-weight: bold;">Herzlichen Glückwunsch!</span><br /><br />
Das Plugin Kompass wurde soeben erfolgreich installiert.<br />Im Hintergrund wurden bereits erste Optimierungen an der Webseite vorgenommen, so wurde die Navcigation vereinfacht, und falls dies noch nicht der Fall war, wurde die Webseite mit einer suchmaschinenfreundlichen Struktur ausgestattet.<br />
Es wurden bereits erste sicherheitsrelevante Plugins installiert. Du findest die Übersicht, welchePlugins aktiv sind, jederzeit <a href="plugins.php">hier</a><br /><br />
Über die Kalender-Einstellungen kannst du den Kalender deines Stammes aus dem Wiki auf deiner Webseite einbinden, dieser erscheint dann automatisch unt er der Adresse <a href="<?php echo get_site_url() . '/kalender'; ?>"><?php echo get_site_url() . '/kalender'; ?></a><br /><br />
Aus Sicherheitsgründen empfiehlt es sich, die Adresse zum Dashboard deiner Webseite ztu verschleiern. Ein hierfür notwendiges Plugin wurde automatisch installiert. Um dich zukünftig auf deiner Webseite einzuloggen, nutze folgende URL:<br />
<label><?php echo get_site_url(); ?>/</label><input style="width: 250px;" class="long_text" type="text" name="login_url" id="login_url" required
value = "<?php echo get_option('whl_page', 'bdp_login'); ?>">
<br /><input class="bdp_submit" type="submit" name="submit" value="Verändere diese URL noch einmal"><br /><br />
Falls du zu diesem Plugin Anmerkungen oder Fragen hast, wende dich bitte an den LB IT.
</fieldset>
</div>
</form>

3
modules/firstusage/security.php
View File

@ -1,3 +0,0 @@
<?php
require_once dirname(__FILE__) . '/classes/Security.class.php';

115
modules/security/classes/Security.class.php
View File

@ -4,18 +4,15 @@ namespace Bdp\Modules\Security;
use ZipArchive;
class Security
{
public const required_security_plugins = [
'wps_hide_login' => ['downloadUrl' => 'https://downloads.wordpress.org/plugin/wps-hide-login.1.9.10.zip'],
'limit-login-attempts-reloaded' => ['downloadUrl' => 'https://downloads.wordpress.org/plugin/limit-login-attempts-reloaded.2.25.27.zip']];
public const required_security_plugins = [];
public const delete_plugins = [
'akismet/akismet.php',
'hello.php'
'hello.php',
'wps-hide-login/wps-hide-login.php',
'limit-login-attempts-reloaded'
];
public static function setup()
@ -26,17 +23,101 @@ class Security
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
}
}
$loginUrl = get_option('kompass_sec_rewrite_login', null);
if (null == $loginUrl) {
$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
}
$loginUrl = get_option('whl_page', 'bdp_login');
update_option('whl_page', $loginUrl);
enable_option_rewrite_url($loginUrl);
enable_option_disable_xmlrpc();
enable_option_block_authorscan();
enable_option_block_execution_in_uploads();
enable_option_prohibit_special_files();
enable_option_file_editor();
enable_option_disable_conatenation();
enable_option_secure_include_dir();
enable_option_prohibit_bot_access();
enable_option_block_directory_listing();
self::resetLimitLoginAttempts();
delete_option('whl_page');
}
public static function deletePlugins() {
deactivate_plugins(self::delete_plugins);
delete_plugins(self::delete_plugins);
$existingPlugins = [];
foreach (self::delete_plugins as $curPlugin) {
if (file_exists(WP_PLUGIN_DIR . '/' . $curPlugin)) {
$existingPlugins[] = $curPlugin;
}
}
deactivate_plugins($existingPlugins);
delete_plugins($existingPlugins);
}
public static function ProhibitBots() {
$botList = get_prohibitedbot_list();
if (!is_bot_access_prohibited() || count($botList) == 0) {
return;
}
foreach ($botList as $botListEntry) {
if (stripos($_SERVER['HTTP_USER_AGENT'], $botListEntry) !== false) {
status_header(403);
die();
}
}
}
public static function protectAuthorScan()
{
global $wp;
if (str_starts_with($wp->request, 'author/') && is_authorscan_blocked()) {
status_header(403);
die();
}
}
public static function SetPageFilters() {
global $wp;
if (str_contains($_SERVER['REQUEST_URI'], 'wp-login.php?action=logout')) {
return;
}
add_action('template_redirect', [Security::class, 'protectAuthorScan']);
Security::protectLoginSecurity();
}
public static function protectLoginSecurity() {
$hideLogin = is_login_rewritten();
if (null === $hideLogin) {
return;
}
if ( str_contains( $_SERVER['REQUEST_URI'], 'wp-login.php' ) && ! isset( $_POST['redirect_to'] ) && $_POST['redirect_to'] !== 'interner-bereich' ) {
wp_redirect( home_url() );
die();
}
if ( str_contains( $_SERVER['REQUEST_URI'], $hideLogin ) !== false ) {
$user_login = '';
if (!isset($error)) {
$error = '';
}
$_REQUEST['redirect_to'] = 'interner-bereich';
require_once 'wp-login.php';
die();
}
if ( str_contains( $_SERVER['REQUEST_URI'], 'interner-bereich' ) !== false ) {
wp_redirect( '/wp-admin' );
die();
}
}
public static function installSecurityPlugin(string $pluginSlug, string $downloadUrl) : bool
{
@ -72,4 +153,16 @@ class Security
return $result === null;
}
public static function resetLimitLoginAttempts() {
update_option('kompass_limit_login_lockout_duration', 900);
update_option('kompass_limit_login_allowed_retries', 3);
update_option('kompass_limit_login_allowed_lockouts', 3);
update_option('kompass_password_minimal_strength', 3);
update_option('kompass_limit_login_client_type', 'REMOTE_ADDR');
update_option('kompass_limit_login_long_duration', 86400);
update_option('kompass_limit_login_lockout_notify', ['email']);
update_option('kompass_limit_login_notify_email_after', 3);
update_option('kompass_limit_login_cookies',0);
}
}

79
modules/security/includes/settings_reader.php Normal file
View File

@ -0,0 +1,79 @@
<?php
use Bdp\Libs\FileAccess as FileAccess;
use Bdp\Libs\WpConfigEditor as WpConfigEditor;
function is_xmlrpc_disabled() : bool {
return FileAccess::htaccessContains(_protect_wp_disablexmlrpc_string());
}
function is_authorscan_blocked() : bool {
return get_option('protect_wp_hide_authors', false);
}
function is_execution_in_uploads_blocked() : bool {
return FileAccess::htaccessContains(_protect_wp_disable_script_execution_string(), FileAccess::HTACCESS_UPLOADS);
}
function is_access_for_special_files_prohibited() : bool {
return FileAccess::htaccessContains(_protect_wp_disable_special_files_string());
}
function is_file_editor_diabled() : bool {
$isDisabled = WpConfigEditor::getConfigValue('DISALLOW_FILE_EDIT');
if (null == $isDisabled) {
return false;
}
if ('false' == $isDisabled) {
return false;
}
return true;
}
function is_conatenation_disabled() : bool {
$isDisabled = WpConfigEditor::getConfigValue('CONCATENATE_SCRIPTS');
if (null == $isDisabled) {
return false;
}
if ('false' == $isDisabled) {
return false;
}
return true;
}
function is_includedir_protected() : bool {
return FileAccess::htaccessContains(_protect_wp_secure_include_dir_string());
}
function is_directory_listing_disabled() : bool {
return FileAccess::htaccessContains(_protect_wp_disable_directory_listing_string());
}
function is_bot_access_prohibited() : bool {
return get_option('protect_wp_prohibit_bot_access', false);
}
function get_prohibitedbot_list() {
$returnValue = [];
$botList = get_option('protect_wp_prohibit_bot_list', null);
if ($botList !== null) {
$returnValue = unserialize(trim($botList));
}
return $returnValue;
}
function is_wp_debug_diabled() : bool
{
$wpDebugValue = WpConfigEditor::getConfigValue('WP_DEBUG');
return ('false' == $wpDebugValue || null == $wpDebugValue);
}
function is_login_rewritten() : ?string
{
return get_option('kompass_sec_rewrite_login', null);
}

160
modules/security/includes/settings_writer.php Normal file
View File

@ -0,0 +1,160 @@
<?php
use Bdp\Libs\FileAccess as FileAccess;
use Bdp\Libs\WpConfigEditor as WpConfigEditor;
function disable_option_disable_xmlrpc() {
return FileAccess::deleteFromHtaccess(_protect_wp_disablexmlrpc_string());
}
function enable_option_disable_xmlrpc() : bool {
return FileAccess::insertInHtaccess(_protect_wp_disablexmlrpc_string());
}
function enable_option_block_authorscan() {
update_option('protect_wp_hide_authors', true);
}
function disable_option_block_authorscan() {
update_option('protect_wp_hide_authors', false);
}
function disable_option_block_execution_in_uploads() {
return FileAccess::deleteFromHtaccess(_protect_wp_disable_script_execution_string(), FileAccess::HTACCESS_UPLOADS);
}
function enable_option_block_execution_in_uploads() {
return FileAccess::insertInHtaccess(_protect_wp_disable_script_execution_string(), FileAccess::HTACCESS_UPLOADS);
}
function disable_option_prohibit_special_files() {
return FileAccess::deleteFromHtaccess(_protect_wp_disable_special_files_string());
}
function enable_option_prohibit_special_files() {
return FileAccess::insertInHtaccess(_protect_wp_disable_special_files_string());
}
function disable_option_file_editor() {
return WpConfigEditor::updateConfig('DISALLOW_FILE_EDIT', 'false');
}
function enable_option_file_editor() {
return WpConfigEditor::updateConfig('DISALLOW_FILE_EDIT', 'true');
}
function enable_option_disable_conatenation() {
return WpConfigEditor::updateConfig('CONCATENATE_SCRIPTS', 'true');
}
function disable_option_disable_conatenation() {
return WpConfigEditor::updateConfig('CONCATENATE_SCRIPTS', 'false');
}
function disable_option_secure_include_dir() {
return FileAccess::deleteFromHtaccess(_protect_wp_secure_include_dir_string());
}
function enable_option_secure_include_dir() : bool {
return FileAccess::insertInHtaccess(_protect_wp_secure_include_dir_string());
}
function enable_option_prohibit_bot_access() {
update_option('protect_wp_prohibit_bot_access', true);
if (count(get_prohibitedbot_list()) == 0) {
set_prohibitedbot_list(_protect_wp_initial_bot_list_array());
}
}
function disable_option_prohibit_bot_access() {
update_option('protect_wp_prohibit_bot_access', false);
}
function set_prohibitedbot_list($botList) {
update_option('protect_wp_prohibit_bot_list', serialize($botList));
}
function enable_option_block_directory_listing() : bool {
return FileAccess::insertInHtaccess(_protect_wp_disable_directory_listing_string());
}
function disable_option_block_directory_listing() : bool {
return FileAccess::deleteFromHtaccess(_protect_wp_disable_directory_listing_string());
}
function enable_option_disable_wp_debug() {
WpConfigEditor::updateConfig('WP_DEBUG', 'false');
}
function disable_option_disable_wp_debug() {
WpConfigEditor::updateConfig('WP_DEBUG', 'true');
}
function enable_option_rewrite_url(?string $url = null) {
global $_POST;
$saveUrl = $url ?? $_POST['rewrite_login'];
update_option('kompass_sec_rewrite_login', $saveUrl);
}
function disable_option_rewrite_url() {
update_option('kompass_sec_rewrite_login', null);
}
function kompass_sec_save_settings($settings) {
$allPossibleSettings = [
'option_disable_xmlrpc',
'option_block_authorscan',
'option_block_execution_in_uploads',
'option_prohibit_special_files',
'option_file_editor',
'option_disable_conatenation',
'option_secure_include_dir',
'option_prohibit_bot_access',
'option_block_directory_listing',
'option_disable_wp_debug',
'option_rewrite_url',
];
$enableSettings = array_intersect($allPossibleSettings, $settings);
$disableSettings = array_diff($allPossibleSettings, $settings);
foreach ($disableSettings as $curSetting) {
$function = 'disable_' . $curSetting;
$function();
}
foreach ($enableSettings as $curSetting) {
$function = 'enable_' . $curSetting;
$function();
}
?>
<div class="notice notice-success">
<p>
<?= __('All settings are saved.', BDP_LV_PLUGIN_SLUG); ?>
</p>
</div>
<?php
return;
}
function kompass_sec_site_keys() {
$content = wp_remote_get('https://api.wordpress.org/secret-key/1.1/salt/');
if (!is_array($content) || !isset($content['body'])) {
?>
<div class="notice notice-error">
<p>
<?= __('An error occured connecting api.wordpress.org', BDP_LV_PLUGIN_SLUG); ?>
</p>
</div>
<?php
return;
}
WpConfigEditor::updateSiteKeys($content['body']);
?>
<div class="notice notice-success">
<p>
<?= __('The site keys were updated successfully.', BDP_LV_PLUGIN_SLUG); ?>
</p>
</div>
<?php
}

22
modules/security/internal/botlist-tab.php Normal file
View File

@ -0,0 +1,22 @@
<h2><?= __('Bot Detection Database', BDP_LV_PLUGIN_SLUG); ?></h2>
<div class="pwp_setting_box">
<h3><?= __('Registered bots', BDP_LV_PLUGIN_SLUG); ?></h3>
<?php
foreach (get_prohibitedbot_list() as $currenBot) {
?>
<p style=" margin: 10px auto; width: 80%;">
<input type="text" name="existing_bots[]" value="<?= $currenBot ?>" style="width: 100%;" /><br />
<label style="cursor: default; color: #a0a0a0; fot-size: 9pt; font-style: italic"><?= __('Leave blank in order to delete', BDP_LV_PLUGIN_SLUG); ?></label>
</p>
<?php
}
?>
</div>
<div class="pwp_setting_box">
<h3><?= __('Add more bots', BDP_LV_PLUGIN_SLUG); ?></h3>
<p style=" margin: 10px auto; width: 80%;">
<textarea placeholder="<?= __('Please use line breaks to enter multiple bots', BDP_LV_PLUGIN_SLUG); ?>" name="new_bots[]" style="width: 100%;" rows="10"></textarea>
</p>
</div>
<br /><br />
<input type="submit" class="button" value="<?= __('Save changes', BDP_LV_PLUGIN_SLUG); ?>" />

19
modules/security/internal/index.php
View File

@ -1,6 +1,6 @@
<?php
echo '<div class="health-check-body health-check-debug-tab hide-if-no-js">';
echo '<h1>Erweiterte Sicherheitseinstellungen</h1>';
echo '<h2>Erweiterte Sicherheitseinstellungen</h2>';
if (isset($_POST['submit'])) {
echo '<div id="bdp_success">Die Einstellungen wurden gespeichert.</div>';
update_option('whl_page', $_POST['login_url']);
@ -9,13 +9,12 @@ if (isset($_POST['submit'])) {
<form method="post" action="admin.php?page=bdp-kompass%2Fmodules%2Findex.php&loadmodule=security">
<div class="bdp_security_outer">
<fieldset class="bdp_security_inner">
<legend>Wordpress-Login</legend>
<table>
<table>
<tr style="vertical-align: top;">
<td>Login-URL:</td>
<td> <label><?php echo get_site_url(); ?>/</label><input style="width: 100px;" class="long_text" type="text" name="login_url" id="login_url" required
<td style="font-weight: bold; padding-right: 10px;"><br />Login-URL:</td>
<td style="vertical-align: top;">
<label>
<?php echo get_site_url(); ?>/</label><input style="width: 100px;" class="long_text" type="text" name="login_url" id="login_url" required
value = "<?php echo get_option('whl_page', 'bdp_login'); ?>"
>/<br />
<label style="font-weight: normal; color: #a0a0a0; font-style: italic">
@ -23,9 +22,9 @@ if (isset($_POST['submit'])) {
</label>
</td>
</tr>
</table>
</fieldset>
<input class="bdp_submit" type="submit" name="submit" value="Einstellungen speichern">
</table><br /><br />
<input class="button" type="submit" name="submit" value="Einstellungen speichern">
</div>
</form>

118
modules/security/internal/site-health-tab.php Normal file
View File

@ -0,0 +1,118 @@
<h2><?= __('Extended Security', BDP_LV_PLUGIN_SLUG); ?></h2>
<div class="bdp_setting_box">
<input <?php if (is_xmlrpc_disabled()) {echo ' checked';} ?> type="checkbox" id="sec_mod_1" name="security_settings[]" value="option_disable_xmlrpc" />
<label for="sec_mod_1">
<?= __('Disable xmlrpc', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('By introducing the REST API in WordPress, xmlrpc. However, php is no longer needed to communicate outside of WordPress, which is why there is no longer any reason to leave it active or use it. Therefore, for the security of your site, it is better to deactivate or delete it.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (is_authorscan_blocked()) {echo ' checked';} ?> type="checkbox" id="sec_mod_2" name="security_settings[]" value="option_block_authorscan" />
<label for="sec_mod_2">
<?= __('Disable Authorscan', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('The author page in WordPress typically displays a list of all posts by a specific author on your website. Unfortunately, Google also records the page and to prevent this, we can deactivate the author page. When a visitor clicks on an name of an author, they are redirected to the author page. This page contains a list of posts written by this author, as well as possibly a brief description of the author and a photo. It is also possible to record which user names have been created.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (is_execution_in_uploads_blocked()) {echo ' checked';} ?> type="checkbox" id="sec_mod_3" name="security_settings[]" value="option_block_execution_in_uploads" />
<label for="sec_mod_3">
<?= __('Disable scripting in /wp-content/uploads/', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Disabling scripting in /wp-content/uploads/ can be a security measure to protect your WordPress website from potential threats. The /wp-content/uploads folder is usually the default folder where WordPress stores uploaded files, such as images, videos, and other media files.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (is_access_for_special_files_prohibited()) {echo ' checked';} ?> type="checkbox" id="sec_mod_4" name="security_settings[]" value="option_prohibit_special_files" />
<label for="sec_mod_4">
<?= __('Block access to potentially sensitive files', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('This setting prohibits access to configuration files and log files', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_file_editor_diabled()) {echo ' checked';} ?> type="checkbox" id="sec_mod_5" name="security_settings[]" value="option_file_editor" />
<label for="sec_mod_5">
<?= __('Disable file editor in WP Dashboard', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('This is a security feature that allows you to prevent users from editing theme and plugin files directly from the WordPress dashboard. This can be useful for a variety of reasons, including preventing accidental code changes and protecting your website from malicious attacks.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_conatenation_disabled()) {echo ' checked';} ?> type="checkbox" id="sec_mod_6" name="security_settings[]" value="option_disable_conatenation" />
<label for="sec_mod_6">
<?= __('Disable script concatenation', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Disabling script concatenation in the WordPress admin panel is a simple and effective way to enhance performance. However, it is crucial to carefully consider the impact of this change, as it may increase the number of HTTP requests, potentially affecting loading times', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_includedir_protected()) {echo ' checked';} ?> type="checkbox" id="sec_mod_7" name="security_settings[]" value="option_secure_include_dir" />
<label for="sec_mod_7">
<?= __('Disable script execution in include dir', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Limiting script execution in specific directories can improve security by preventing potentially malicious scripts from running in critical parts of the WordPress system. This is particularly important to prevent attacks such as Cross-Site Scripting (XSS), which inject malicious code into website content.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_bot_access_prohibited()) {echo ' checked';} ?> type="checkbox" id="sec_mod_8" name="security_settings[]" value="option_prohibit_bot_access" />
<label for="sec_mod_8">
<?= __('Prohibit access from unwanted bots', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Excluding specific bots from a WordPress website provides improved security by reducing potentially malicious activity and security risks, optimizes resource consumption and site performance, protects against content theft and duplicate content, enables more precise control of traffic, and promotes more effective SEO -Optimization by reducing irrelevant bots, ultimately leading to a safer, more efficient and better performing website.', BDP_LV_PLUGIN_SLUG); ?><br />
<a href="site-health.php?tab=bdp_enhanced_security&subpage=botlist"><?= __('Bot Detection Database', BDP_LV_PLUGIN_SLUG); ?></a>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_directory_listing_disabled()) {echo ' checked';} ?> type="checkbox" id="sec_mod_9" name="security_settings[]" value="option_block_directory_listing" />
<label for="sec_mod_9">
<?= __('Disable directory listing', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Directory listing should be disabled to ensure the security and privacy of a website. When Directory Listing is enabled, this allows users to directly access the contents of directories on a web server without having to specify a specific file. This can expose sensitive information such as directory structures, internal files and scripts, posing a potential security risk. Disabling Directory Listing prevents users from accessing this sensitive information, thereby providing an additional layer of security for the website.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (true === is_wp_debug_diabled()) {echo ' checked';} ?> type="checkbox" id="sec_mod_10" name="security_settings[]" value="option_disable_wp_debug" />
<label for="sec_mod_10">
<?= __('Disable debug output', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Debugging should be disabled to protect sensitive information about the internal structure and potential security vulnerabilities of a a WordPress website from potential attackers. When debugging is enabled, error messages and warnings are displayed directly on the website, which can provide attackers with valuable information about the configuration of the website and possible vulnerabilities.', BDP_LV_PLUGIN_SLUG); ?>
</span>
</label>
</div>
<div class="bdp_setting_box">
<input <?php if (null !== is_login_rewritten()) {echo ' checked';} ?> type="checkbox" id="sec_mod_11" name="security_settings[]" value="option_rewrite_url" />
<label for="sec_mod_11">
<?= __('Change Login URL', BDP_LV_PLUGIN_SLUG); ?><br />
<span>
<?= __('Changing the default login URL of WordPress is advisable to enhance the security of your website. By default, WordPress login URLs is /wp-admin or /wp-login.php, which are easily guessed by hackers and facilitate attacks such as brute-force attacks. Changing the login URL to something unique and difficult to guess increases security since potential attackers will struggle to find the correct URL. This can help protect your website from unauthorized access and other malicious activities.', BDP_LV_PLUGIN_SLUG); ?><br />
<label style="font-weight: bold;">
<?= __('Login-URL', BDP_LV_PLUGIN_SLUG) ?>: <?= get_site_url(); ?>/<input style="width: 100px;" class="long_text" type="text" name="rewrite_login" id="rewrite_login" value="<?= is_login_rewritten(); ?>">
</label>
</span>
</label>
</div>
<br /><br />
<input type="submit" class="button" value="<?= __('Save changes', BDP_LV_PLUGIN_SLUG); ?>" />
<a class="button" href="site-health.php?tab=bdp_enhanced_security&action=updatesitekeys"><?= __('Change site keys', BDP_LV_PLUGIN_SLUG); ?></a>

46
modules/security/security.php
View File

@ -1,21 +1,53 @@
<?php
require_once dirname(__FILE__) . '/includes/settings_reader.php';
require_once dirname(__FILE__) . '/includes/settings_writer.php';
function wp_example_site_health_navigation_tabs( $tabs ) {
// translators: Tab heading for Site Health navigation.
$tabs['loginurl'] = esc_html_x( 'Login-URL', 'Site Health', 'text-domain' );
$tabs['bdp_enhanced_security'] = esc_html_x('Erweiterte Sicherheit', 'Site Health', 'text-domain');
return $tabs;
}
add_filter( 'site_health_navigation_tabs', 'wp_example_site_health_navigation_tabs' );
function wp_example_site_health_tab_content($tab)
{
// Do nothing if this is not our tab.
if ('loginurl' === $tab) {
require_once dirname(__FILE__) . '/internal/index.php';
return;
}
if ('bdp_enhanced_security' === $tab) {
if (isset($_GET['subpage']) && $_GET['subpage'] == 'botlist') {
if (isset($_POST['save_settings']) && isset($_POST['existing_bots']) && isset($_POST['new_bots'])) {
protect_wp_save_bots($_POST['existing_bots'], $_POST['new_bots']);
}
echo '<div class="health-check-body health-check-status-tab hide-if-no-js">';
echo '<form method="post" action="site-health.php?tab=' . BDP_LV_PLUGIN_SLUG . '&subpage=botlist">';
echo '<input type="hidden" name="save_settings" value="true" />';
require BDP_LV_PLUGIN_DIR . 'modules/security/internal/botlist-tab.php';
echo '</form>';
echo '</div>';
return;
}
update_option('protect_wp_needs_attention', false);
if (isset($_POST['save_settings'])) {
$securitySettings = [];
if (isset($_POST['security_settings'])) {
$securitySettings = $_POST['security_settings'];
}
kompass_sec_save_settings($securitySettings);
}
if (isset($_GET['action']) && $_GET['action'] == 'updatesitekeys') {
kompass_sec_site_keys();
}
echo '<div class="health-check-body health-check-status-tab hide-if-no-js">';
echo '<form method="post" action="site-health.php?tab=bdp_enhanced_security">';
echo '<input type="hidden" name="save_settings" value="true" />';
require BDP_LV_PLUGIN_DIR . 'modules/security/internal/site-health-tab.php';
echo '</form>';
echo '</div>';
return;
}
}
add_action('site_health_tab_content', 'wp_example_site_health_tab_content');

28
modules/seo/Views/seo-form.php Normal file
View File

@ -0,0 +1,28 @@
<?php
add_settings_section(
'custom_settings_section',
__('SEO-Options', BDP_LV_PLUGIN_SLUG),
'kompass_prepare_form',
BDP_LV_PLUGIN_SLUG . '-seo-settings'
);
$seo_settings_page = BDP_LV_PLUGIN_SLUG . '-seo-settings';
add_settings_field(
'kompass_seo_1',
__('Google Site verification', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$seo_settings_page,
'custom_settings_section',
['setting' => 'kompass_seo_google_verification', 'style' => 'width: 500px']);
add_settings_field(
'kompass_seo_2',
__('Bing Site verification', BDP_LV_PLUGIN_SLUG),
'kompass_print_textbox',
$seo_settings_page,
'custom_settings_section',
['setting' => 'kompass_seo_bing_verification', 'style' => 'width: 500px']);

26
modules/seo/classes/Seo.class.php
View File

@ -3,8 +3,34 @@
namespace Bdp\Modules\Seo;
class Seo
{
public static function importVerificationKeys() {
$aioseoSetting = get_option('aioseo_options', null);
if (null === $aioseoSetting) {
return;
}
if ('' !== $aioseoSetting && !is_object($aioseoSetting) && !is_array($aioseoSetting)){
$aioseoSetting = json_decode( $aioseoSetting );
}
if (!is_object($aioseoSetting) ||!isset($aioseoSetting->webmasterTools) ||!is_object($aioseoSetting->webmasterTools)) {
return;
}
$webmasterTools = $aioseoSetting->webmasterTools;
if ('' !== get_option('kompass_seo_google_verification', '')) {
update_option('kompass_seo_google_verification', $webmasterTools->google);
}
if ('' !== get_option('kompass_seo_bing_verification', '')) {
update_option('kompass_seo_bing_verification', $webmasterTools->bing);
}
}
public static function setup()
{
if (get_option('permalink_structure') === '') {
update_option('permalink_structure', '/%postname%/');
flush_rewrite_rules();

Some files were not shown because too many files have changed in this diff Show More