File: /home/wedotrades.co.uk/public_html/wp-content/plugins/redirection/models/log/log.php
<?php
require_once __DIR__ . '/log-404.php';
require_once __DIR__ . '/log-redirect.php';
/**
 * Base log class
 */
abstract class Red_Log {
	const MAX_IP_LENGTH = 45;
	const MAX_DOMAIN_LENGTH = 255;
	const MAX_URL_LENGTH = 2000;
	const MAX_AGENT_LENGTH = 255;
	const MAX_REFERRER_LENGTH = 255;
	/**
	 * Supported HTTP methods
	 *
	 * @var array
	 */
	protected static $supported_methods = [ 'GET', 'HEAD', 'POST', 'PUT', 'DELETE', 'CONNECT', 'OPTIONS', 'TRACE', 'PATCH' ];
	/**
	 * Log ID
	 *
	 * @var integer
	 */
	protected $id = 0;
	/**
	 * Created date time
	 *
	 * @var integer
	 */
	protected $created = 0;
	/**
	 * Requested URL
	 *
	 * @var string
	 */
	protected $url = '';
	/**
	 * Client user agent
	 *
	 * @var string
	 */
	protected $agent = '';
	/**
	 * Client referrer
	 *
	 * @var string
	 */
	protected $referrer = '';
	/**
	 * Client IP
	 *
	 * @var string
	 */
	protected $ip = '';
	/**
	 * Requested domain
	 *
	 * @var string
	 */
	protected $domain = '';
	/**
	 * Response HTTP code
	 *
	 * @var integer
	 */
	protected $http_code = 0;
	/**
	 * Request method
	 *
	 * @var string
	 */
	protected $request_method = '';
	/**
	 * Additional request data
	 *
	 * @var string
	 */
	protected $request_data = '';
	/**
	 * Constructor
	 *
	 * @param array $values Array of log values.
	 */
	final public function __construct( array $values ) {
		foreach ( $values as $key => $value ) {
			$this->$key = $value;
		}
		if ( isset( $values['created'] ) ) {
			$converted = mysql2date( 'U', $values['created'] );
			if ( $converted ) {
				$this->created = intval( $converted, 10 );
			}
		}
	}
	/**
	 * Get's the table name for this log object
	 *
	 * @param Object $wpdb WPDB object.
	 * @return string
	 */
	protected static function get_table_name( $wpdb ) {
		return '';
	}
	/**
	 * Get a log item by ID
	 *
	 * @param integer $id Log ID.
	 * @return Red_Log|false
	 */
	public static function get_by_id( $id ) {
		global $wpdb;
		$table = static::get_table_name( $wpdb );
		// Table name is internally generated.
		// phpcs:ignore
		$row = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$table} WHERE id=%d", $id ), ARRAY_A );
		if ( $row ) {
			return new static( $row );
		}
		return false;
	}
	/**
	 * Delete a log entry
	 *
	 * @param integer $id Log ID.
	 * @return integer|false
	 */
	public static function delete( $id ) {
		global $wpdb;
		return $wpdb->delete( static::get_table_name( $wpdb ), [ 'id' => $id ] );
	}
	/**
	 * Delete all matching log entries
	 *
	 * @param array $params Array of filter parameters.
	 * @return integer|false
	 */
	public static function delete_all( array $params = [] ) {
		global $wpdb;
		$query = self::get_query( $params );
		$table = static::get_table_name( $wpdb );
		$sql = "DELETE FROM {$table} {$query['where']}";
		// phpcs:ignore
		return $wpdb->query( $sql );
	}
	/**
	 * Convert a log entry to JSON
	 *
	 * @return array
	 */
	public function to_json() {
		return [
			'id' => intval( $this->id, 10 ),
			'created' => date_i18n( get_option( 'date_format' ), $this->created ),
			'created_time' => gmdate( get_option( 'time_format' ), $this->created ),
			'url' => $this->url,
			'agent' => $this->agent,
			'referrer' => $this->referrer,
			'domain' => $this->domain,
			'ip' => $this->ip,
			'http_code' => intval( $this->http_code, 10 ),
			'request_method' => $this->request_method,
			'request_data' => $this->request_data ? json_decode( $this->request_data, true ) : '',
		];
	}
	/**
	 * Get filtered log entries
	 *
	 * @param array $params Filters.
	 * @return array{items: Array, total: integer}
	 */
	public static function get_filtered( array $params ) {
		global $wpdb;
		$query = self::get_query( $params );
		$table = static::get_table_name( $wpdb );
		$sql = "SELECT * FROM {$table} {$query['where']}";
		// Already escaped
		// phpcs:ignore
		$sql .= $wpdb->prepare( ' ORDER BY ' . $query['orderby'] . ' ' . $query['direction'] . ' LIMIT %d,%d', $query['offset'], $query['limit'] );
		// Already escaped
		// phpcs:ignore
		$rows = $wpdb->get_results( $sql, ARRAY_A );
		// Already escaped
		// phpcs:ignore
		$total_items = $wpdb->get_var( "SELECT COUNT(*) FROM $table " . $query['where'] );
		$items = array();
		foreach ( $rows as $row ) {
			$item = new static( $row );
			$items[] = $item->to_json();
		}
		return [
			'items' => $items,
			'total' => intval( $total_items, 10 ),
		];
	}
	/**
	 * Get grouped log entries
	 *
	 * @param string $group Group type.
	 * @param array  $params Filter params.
	 * @return array{items: mixed, total: integer}
	 */
	public static function get_grouped( $group, array $params ) {
		global $wpdb;
		$table = static::get_table_name( $wpdb );
		$query = self::get_query( $params );
		if ( ! in_array( $group, [ 'ip', 'url', 'agent' ], true ) ) {
			$group = 'url';
		}
		// Already escaped
		// phpcs:ignore
		$sql = $wpdb->prepare( "SELECT COUNT(*) as count,$group FROM {$table} {$query['where']} GROUP BY $group ORDER BY count {$query['direction']}, $group LIMIT %d,%d", $query['offset'], $query['limit'] );
		// Already escaped
		// phpcs:ignore
		$rows = $wpdb->get_results( $sql );
		// Already escaped
		// phpcs:ignore
		$total_items = $wpdb->get_var( "SELECT COUNT(DISTINCT $group) FROM {$table} {$query['where']}" );
		foreach ( $rows as $row ) {
			$row->count = intval( $row->count, 10 );
			if ( isset( $row->url ) ) {
				$row->id = $row->url;
			} elseif ( isset( $row->ip ) ) {
				$row->id = $row->ip;
			} elseif ( isset( $row->agent ) ) {
				$row->id = $row->agent;
			}
		}
		return array(
			'items' => $rows,
			'total' => intval( $total_items, 10 ),
		);
	}
	/**
	 * Convert a set of filters to a SQL query.
	 *
	 * @param array $params Filters.
	 * @return array{orderby: string, direction: string, limit: integer, offset: integer, where: string}
	 */
	public static function get_query( array $params ) {
		$query = [
			'orderby' => 'id',
			'direction' => 'DESC',
			'limit' => RED_DEFAULT_PER_PAGE,
			'offset' => 0,
			'where' => '',
		];
		if ( isset( $params['orderby'] ) && in_array( $params['orderby'], array( 'ip', 'url' ), true ) ) {
			$query['orderby'] = $params['orderby'];
		}
		if ( isset( $params['direction'] ) && in_array( strtoupper( $params['direction'] ), array( 'ASC', 'DESC' ), true ) ) {
			$query['direction'] = strtoupper( $params['direction'] );
		}
		if ( isset( $params['per_page'] ) ) {
			$limit = intval( $params['per_page'], 10 );
			if ( $limit >= 5 && $limit <= RED_MAX_PER_PAGE ) {
				$query['limit'] = $limit;
			}
		}
		if ( isset( $params['page'] ) ) {
			$offset = intval( $params['page'], 10 );
			if ( $offset >= 0 ) {
				$query['offset'] = $offset * $query['limit'];
			}
		}
		if ( isset( $params['filterBy'] ) && is_array( $params['filterBy'] ) ) {
			$where = static::get_query_filter( $params['filterBy'] );
			if ( count( $where ) > 0 ) {
				$query['where'] = 'WHERE ' . implode( ' AND ', $where );
			}
		}
		return $query;
	}
	/**
	 * Get query filters as a SQL `WHERE` statement. SQL will be sanitized
	 *
	 * @param array $filter Array of filter params.
	 * @return array
	 */
	protected static function get_query_filter( array $filter ) {
		global $wpdb;
		$where = [];
		if ( isset( $filter['ip'] ) ) {
			// phpcs:ignore
			$ip = @inet_pton( trim( $filter['ip'] ) );
			if ( $ip !== false ) {
				// Full IP match
				// phpcs:ignore
				$ip = @inet_ntop( $ip );  // Convert back to string
				$where[] = $wpdb->prepare( 'ip = %s', $ip );
			} else {
				// Partial IP match
				$where[] = $wpdb->prepare( 'ip LIKE %s', '%' . $wpdb->esc_like( trim( $filter['ip'] ) ) . '%' );
			}
		}
		if ( isset( $filter['domain'] ) ) {
			$where[] = $wpdb->prepare( 'domain LIKE %s', '%' . $wpdb->esc_like( trim( $filter['domain'] ) ) . '%' );
		}
		if ( isset( $filter['url-exact'] ) ) {
			$where[] = $wpdb->prepare( 'url = %s', $filter['url-exact'] );
		} elseif ( isset( $filter['url'] ) ) {
			$where[] = $wpdb->prepare( 'url LIKE %s', '%' . $wpdb->esc_like( trim( $filter['url'] ) ) . '%' );
		}
		if ( isset( $filter['referrer'] ) ) {
			$where[] = $wpdb->prepare( 'referrer LIKE %s', '%' . $wpdb->esc_like( trim( $filter['referrer'] ) ) . '%' );
		}
		if ( isset( $filter['agent'] ) ) {
			$agent = trim( $filter['agent'] );
			if ( empty( $agent ) ) {
				$where[] = $wpdb->prepare( 'agent = %s', $agent );
			} else {
				$where[] = $wpdb->prepare( 'agent LIKE %s', '%' . $wpdb->esc_like( $agent ) . '%' );
			}
		}
		if ( isset( $filter['http'] ) ) {
			$where[] = $wpdb->prepare( 'http_code = %d', $filter['http'] );
		}
		if ( isset( $filter['method'] ) && in_array( strtoupper( $filter['method'] ), static::$supported_methods, true ) ) {
			$where[] = $wpdb->prepare( 'request_method = %s', strtoupper( $filter['method'] ) );
		}
		return $where;
	}
	/**
	 * Sanitize a new log entry
	 *
	 * @param string $domain Requested Domain.
	 * @param string $url Requested URL.
	 * @param string $ip Client IP. This is assumed to be a valid IP and won't be checked.
	 * @param array  $details Extra log details.
	 * @return array
	 */
	protected static function sanitize_create( $domain, $url, $ip, array $details = [] ) {
		$url = urldecode( $url );
		$insert = [
			'url' => substr( sanitize_text_field( $url ), 0, self::MAX_URL_LENGTH ),
			'domain' => substr( sanitize_text_field( $domain ), 0, self::MAX_DOMAIN_LENGTH ),
			'ip' => substr( sanitize_text_field( $ip ), 0, self::MAX_IP_LENGTH ),
			'created' => current_time( 'mysql' ),
		];
		// Unfortunatley these names dont match up
		$allowed = [
			'agent' => 'agent',
			'referrer' => 'referrer',
			'request_method' => 'request_method',
			'http_code' => 'http_code',
			'request_data' => 'request_data',
		];
		foreach ( $allowed as $name => $replace ) {
			if ( ! empty( $details[ $name ] ) ) {
				$insert[ $replace ] = $details[ $name ];
			}
		}
		if ( isset( $insert['agent'] ) ) {
			$insert['agent'] = substr( sanitize_text_field( $insert['agent'] ), 0, self::MAX_AGENT_LENGTH );
		}
		if ( isset( $insert['referrer'] ) ) {
			$insert['referrer'] = substr( sanitize_text_field( $insert['referrer'] ), 0, self::MAX_REFERRER_LENGTH );
		}
		if ( isset( $insert['request_data'] ) ) {
			$insert['request_data'] = wp_json_encode( $insert['request_data'], JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_NUMERIC_CHECK );
		}
		if ( isset( $insert['http_code'] ) ) {
			$insert['http_code'] = intval( $insert['http_code'], 10 );
		}
		if ( isset( $insert['request_method'] ) ) {
			$insert['request_method'] = strtoupper( sanitize_text_field( $insert['request_method'] ) );
			if ( ! in_array( $insert['request_method'], static::$supported_methods, true ) ) {
				$insert['request_method'] = '';
			}
		}
		return $insert;
	}
	/**
	 * Get the CSV filename for this log object
	 *
	 * @return string
	 */
	public static function get_csv_filename() {
		return '';
	}
	/**
	 * Get the CSV headers for this log object
	 *
	 * @return array
	 */
	public static function get_csv_header() {
		return [];
	}
	/**
	 * Get the CSV headers for this log object
	 *
	 * @param object $row Log row.
	 * @return array
	 */
	public static function get_csv_row( $row ) {
		return [];
	}
	/**
	 * Export the log entry to CSV
	 *
	 * @return void
	 */
	public static function export_to_csv() {
		$filename = static::get_csv_filename() . '-' . date_i18n( get_option( 'date_format' ) ) . '.csv';
		header( 'Content-Type: text/csv' );
		header( 'Cache-Control: no-cache, must-revalidate' );
		header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
		header( 'Content-Disposition: attachment; filename="' . $filename . '"' );
		// phpcs:ignore
		$stdout = fopen( 'php://output', 'w' );
		if ( ! $stdout ) {
			return;
		}
		fputcsv( $stdout, static::get_csv_header() );
		global $wpdb;
		$table = static::get_table_name( $wpdb );
		// phpcs:ignore
		$total_items = $wpdb->get_var( "SELECT COUNT(*) FROM $table" );
		$exported = 0;
		$limit = 100;
		while ( $exported < $total_items ) {
			// phpcs:ignore
			$rows = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table LIMIT %d,%d", $exported, $limit ) );
			$exported += count( $rows );
			foreach ( $rows as $row ) {
				$csv = static::get_csv_row( $row );
				fputcsv( $stdout, $csv );
			}
			if ( count( $rows ) < $limit ) {
				break;
			}
		}
	}
}