NoLog.cz/gancio
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity

Merge branch 'dev'

Browse source
This commit is contained in:
les 2021-07-08 22:39:44 +02:00
commit f392f0a335
No known key found for this signature in database
GPG key ID: 352918250B012177
27 changed files with 108 additions and 117 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -1,6 +1,8 @@
# Created by .ignore support plugin (hsz.mobi) # Created by .ignore support plugin (hsz.mobi)
### Gancio dev configuration ### Gancio dev configuration
releases
wp-plugin/wpgancio
config/development.json config/development.json
gancio_config.json gancio_config.json
config.json config.json

2
assets/style.less
View file

@ -72,7 +72,7 @@ li {
overflow: hidden; overflow: hidden;
margin: 0.5rem 1rem 0.5rem 1rem; margin: 0.5rem 1rem 0.5rem 1rem;
font-size: 1.1em !important; font-size: 1.1em !important;
line-height: 1em !important; line-height: 1.1em !important;
} }
.body { .body {

5
docs/contact.md
View file

@ -7,5 +7,8 @@ nav_order: 9
## Contacts ## Contacts
### :elephant: Mastodon ⇒ [@gancio@mastodon.cisti.org](https://mastodon.cisti.org/@gancio)
- :elephant: Mastodon ⇒ [@gancio@mastodon.cisti.org](https://mastodon.cisti.org/@gancio)
- :email: Email ⇒ [info@cisti.org](mailto:info@cisti.org)
- IRC ⇒ #gancio @ irc.autistici.org (sometimes...)

4
docs/install/debian.md
View file

@ -19,7 +19,7 @@ apt-get update && apt-get install yarn
1. Install Gancio 1. Install Gancio
```bash ```bash
yarn global add --silent {{site.url}}{% link /latest.tgz %} 2> /dev/null yarn global add --silent {{site.url}}/latest.tgz 2> /dev/null
``` ```
1. Setup with postgreSQL __(optional as you can choose sqlite)__ 1. Setup with postgreSQL __(optional as you can choose sqlite)__
@ -64,6 +64,6 @@ sudo pm2 startup -u gancio
## Upgrade ## Upgrade
```bash ```bash
sudo yarn global add --silent {{site.url}}{% link /latest.tgz %} 2> /dev/null sudo yarn global add --silent {{site.url}}/latest.tgz 2> /dev/null
sudo service pm2 restart sudo service pm2 restart
``` ```

2
docs/install/docker.md
View file

@ -79,7 +79,7 @@ cd ~
cd /etc/nginx/sites-available cd /etc/nginx/sites-available
``` ```
1. [Setup nginx as a proxy]({% link install/nginx.md %} 1. [Setup nginx as a proxy]({% link install/nginx.md %})
1. Point your web browser to [http://localhost:13120](http://localhost:13120) or where you specified during setup and enjoy :tada: 1. Point your web browser to [http://localhost:13120](http://localhost:13120) or where you specified during setup and enjoy :tada:

2
docs/install/nginx.md
View file

@ -1,4 +1,4 @@
--- t---
layout: default layout: default
title: Nginx setup title: Nginx setup
permalink: /install/nginx permalink: /install/nginx

4
layouts/default.vue
View file

@ -1,10 +1,10 @@
<template lang='pug'> <template lang='pug'>
v-app v-app(app)
Snackbar Snackbar
Confirm Confirm
Nav Nav
v-main v-main(app)
v-fade-transition(hide-on-leave) v-fade-transition(hide-on-leave)
nuxt nuxt

1
package.json
View file

@ -131,7 +131,6 @@
"resize-img": "2.0.0", "resize-img": "2.0.0",
"underscore": "1.13.1", "underscore": "1.13.1",
"@nuxtjs/vuetify/**/sass": "1.32.12", "@nuxtjs/vuetify/**/sass": "1.32.12",
"css-what": "5.0.1",
"postcss": "7.0.36", "postcss": "7.0.36",
"glob-parent": "5.1.2", "glob-parent": "5.1.2",
"core-js": "3.14.0" "core-js": "3.14.0"

29
pages/Authorize.vue
View file

@ -1,19 +1,18 @@
<template lang='pug'> <template lang='pug'>
v-row.mt-5(align='center' justify='center') .d-flex.justify-space-around
v-col(cols='12' md="6" lg="5" xl="4") v-card.mt-5(max-width='600px')
v-card(light) v-card-title {{settings.title}} - {{$t('common.authorize')}}
v-card-title {{settings.title}} - {{$t('common.authorize')}} v-card-text
v-card-text u {{$auth.user.email}}
u {{$auth.user.email}} div
div p(v-html="$t('oauth.authorization_request', { app: client.name, instance_name: settings.title })")
p(v-html="$t('oauth.authorization_request', { app: client.name, instance_name: settings.title })") ul.mb-2
ul li(v-for="s in scope.split(' ')") {{$t(`oauth.scopes.${scope}`)}}
li(v-for="s in scope.split(' ')") {{$t(`oauth.scopes.${scope}`)}} span(v-html="$t('oauth.redirected_to', {url: $route.query.redirect_uri})")
span(v-html="$t('oauth.redirected_to', {url: $route.query.redirect_uri})") v-card-actions
v-card-actions v-spacer
v-spacer v-btn(color='error' to='/') {{$t('common.cancel')}}
v-btn(color='error' to='/') {{$t('common.cancel')}} v-btn(:href='authorizeURL' color='success') {{$t('common.authorize')}}
v-btn(:href='authorizeURL' color='success') {{$t('common.authorize')}}
</template> </template>
<script> <script>

17
server/api/controller/event.js
View file

@ -118,7 +118,7 @@ const eventController = {
order: [[Resource, 'id', 'DESC']] order: [[Resource, 'id', 'DESC']]
}) })
} catch (e) { } catch (e) {
log.error(e) log.error('[EVENT]', e)
return res.sendStatus(400) return res.sendStatus(400)
} }
@ -194,7 +194,7 @@ const eventController = {
const notifier = require('../../notifier') const notifier = require('../../notifier')
notifier.notifyEvent('Create', event.id) notifier.notifyEvent('Create', event.id)
} catch (e) { } catch (e) {
log.error(e) log.error('[EVENT]', e)
res.sendStatus(404) res.sendStatus(404)
} }
}, },
@ -264,7 +264,7 @@ const eventController = {
async add (req, res) { async add (req, res) {
// req.err comes from multer streaming error // req.err comes from multer streaming error
if (req.err) { if (req.err) {
log.info(req.err) log.warn(req.err)
return res.status(400).json(req.err.toString()) return res.status(400).json(req.err.toString())
} }
@ -272,6 +272,11 @@ const eventController = {
const body = req.body const body = req.body
const recurrent = body.recurrent ? JSON.parse(body.recurrent) : null const recurrent = body.recurrent ? JSON.parse(body.recurrent) : null
if (!body.place_name) {
log.warn('Place is required')
return res.status(400).send('Place is required')
}
const eventDetails = { const eventDetails = {
title: body.title, title: body.title,
// remove html tags // remove html tags
@ -329,7 +334,7 @@ const eventController = {
notifier.notifyEvent('Create', event.id) notifier.notifyEvent('Create', event.id)
} }
} catch (e) { } catch (e) {
log.error(e) log.error('[EVENT ADD]', e)
res.sendStatus(400) res.sendStatus(400)
} }
}, },
@ -414,6 +419,7 @@ const eventController = {
} }
const notifier = require('../../notifier') const notifier = require('../../notifier')
await notifier.notifyEvent('Delete', event.id) await notifier.notifyEvent('Delete', event.id)
log.debug('[EVENT REMOVED]', event.title)
await event.destroy() await event.destroy()
res.sendStatus(200) res.sendStatus(200)
} else { } else {
@ -469,7 +475,8 @@ const eventController = {
{ model: Place, required: true, attributes: ['id', 'name', 'address'] } { model: Place, required: true, attributes: ['id', 'name', 'address'] }
] ]
}).catch(e => { }).catch(e => {
log.error(e) log.error('[EVENT]', e)
return []
}) })
return events.map(e => { return events.map(e => {

2
server/api/controller/oauth.js
View file

@ -42,7 +42,7 @@ const oauthController = {
delete client.id delete client.id
res.json(client) res.json(client)
} catch (e) { } catch (e) {
log.error(e) log.error('[OAUTH CLIENT]', e)
res.status(400).json(e) res.status(400).json(e)
} }
}, },

4
server/api/controller/settings.js
View file

@ -103,7 +103,7 @@ const settingsController = {
settingsController[is_secret ? 'secretSettings' : 'settings'][key] = value settingsController[is_secret ? 'secretSettings' : 'settings'][key] = value
return true return true
} catch (e) { } catch (e) {
log.error(e) log.error('[SETTING SET]', e)
return false return false
} }
}, },
@ -129,7 +129,7 @@ const settingsController = {
.png({ quality: 90 }) .png({ quality: 90 })
.toFile(baseImgPath + '.png', async (err, info) => { .toFile(baseImgPath + '.png', async (err, info) => {
if (err) { if (err) {
log.error(err) log.error('[LOGO]', err)
} }
const image = await readFile(baseImgPath + '.png') const image = await readFile(baseImgPath + '.png')
const favicon = await toIco([image], { sizes: [64], resize: true }) const favicon = await toIco([image], { sizes: [64], resize: true })

6
server/api/controller/user.js
View file

@ -103,7 +103,7 @@ const userController = {
mail.send(config.admin_email, 'admin_register', { user, config }) mail.send(config.admin_email, 'admin_register', { user, config })
res.sendStatus(200) res.sendStatus(200)
} catch (e) { } catch (e) {
log.error('Registration error: "%s"', e) log.error('Registration error:', e)
res.status(404).json(e) res.status(404).json(e)
} }
}, },
@ -116,7 +116,7 @@ const userController = {
mail.send(user.email, 'user_confirm', { user, config }, req.settings.locale) mail.send(user.email, 'user_confirm', { user, config }, req.settings.locale)
res.json(user) res.json(user)
} catch (e) { } catch (e) {
log.error('User creation error: %s', e) log.error('User creation error:', e)
res.status(404).json(e) res.status(404).json(e)
} }
}, },
@ -127,7 +127,7 @@ const userController = {
user.destroy() user.destroy()
res.sendStatus(200) res.sendStatus(200)
} catch (e) { } catch (e) {
log.error('User removal error: "%s"', e) log.error('User removal error:"', e)
res.status(404).json(e) res.status(404).json(e)
} }
} }

2
server/api/index.js
View file

@ -145,7 +145,7 @@ api.use((req, res) => res.sendStatus(404))
// Handle 500 // Handle 500
api.use((error, req, res, next) => { api.use((error, req, res, next) => {
log.error(error) log.error('[API ERROR]', error)
res.status(500).send('500: Internal Server Error') res.status(500).send('500: Internal Server Error')
}) })

2
server/api/mail.js
View file

@ -61,7 +61,7 @@ const mail = {
} }
return email.send(msg) return email.send(msg)
.catch(e => { .catch(e => {
log.error('Error sending email => %s', e) log.error('[MAIL]', e)
}) })
} }
} }

2
server/api/oauth.js
View file

@ -34,7 +34,7 @@ oauth.use((req, res) => res.sendStatus(404))
oauth.use((err, req, res, next) => { oauth.use((err, req, res, next) => {
const error_msg = err.toString() const error_msg = err.toString()
log.error(error_msg) log.error('[OAUTH USE]', error_msg)
res.status(500).send(error_msg) res.status(500).send(error_msg)
}) })

8
server/api/storage.js
View file

@ -8,9 +8,7 @@ const config = require('config')
try { try {
mkdirp.sync(config.upload_path + '/thumb') mkdirp.sync(config.upload_path + '/thumb')
} catch (e) { } catch (e) {}
log.error(e)
}
const DiskStorage = { const DiskStorage = {
_handleFile (req, file, cb) { _handleFile (req, file, cb) {
@ -25,11 +23,11 @@ const DiskStorage = {
let onError = false let onError = false
const err = e => { const err = e => {
if (onError) { if (onError) {
log.error(err) log.error('[UPLOAD]', err)
return return
} }
onError = true onError = true
log.error(e) log.error('[UPLOAD]', e)
req.err = e req.err = e
cb(null) cb(null)
} }

4
server/federation/helpers.js
View file

@ -126,7 +126,7 @@ const Helpers = {
return res.data return res.data
}) })
.catch(e => { .catch(e => {
log.error(`${URL}: ${e}`) log.error(`get Actor ${URL}`, e)
return false return false
}) })
@ -195,7 +195,7 @@ const Helpers = {
// .update(req.body) // .update(req.body)
// .digest('base64') // .digest('base64')
// if (`SHA-256=${digest}` !== req.headers.signature) { // if (`SHA-256=${digest}` !== req.headers.signature) {
// log.warning(`Signature mismatch ${req.headers.signature} - ${digest}`) // log.warn(`Signature mismatch ${req.headers.signature} - ${digest}`)
// return res.status(401).send('Signature mismatch') // return res.status(401).send('Signature mismatch')
// } // }

2
server/federation/webfinger.js
View file

@ -140,7 +140,7 @@ router.use((req, res) => {
// Handle 500 // Handle 500
router.use((error, req, res, next) => { router.use((error, req, res, next) => {
log.error(error) log.error('[WEBFINGER]', error)
res.status(500).send('500: Internal Server Error') res.status(500).send('500: Internal Server Error')
}) })

4
server/helpers.js
View file

@ -163,8 +163,8 @@ module.exports = {
})) }))
} }
} catch (e) { } catch (e) {
log.error(e) log.error('[Import URL]', e)
res.status(400).json(e.toString) res.status(400).json(e.toString())
} }
}, },

22
server/log.js
View file

@ -1,10 +1,14 @@
const { createLogger, transports, format } = require('winston') const { createLogger, transports, format } = require('winston')
const DailyRotateFile = require('winston-daily-rotate-file') const DailyRotateFile = require('winston-daily-rotate-file')
const dayjs = require('dayjs') // const dayjs = require('dayjs')
const config = require('config') const config = require('config')
const gancioFormat = format.printf(({ timestamp, level, message, error }) => { const gancioFormat = format.printf(info => {
return `${dayjs(timestamp).format('DD MMM YYYY HH:mm:ss')} ${level}: ${message}` if (info.stack) {
return `${info.timestamp} ${info.level}: ${info.message} \r\n${info.stack}`
} else {
return `${info.timestamp} ${info.level}: ${info.message}`
}
}) })
const logger = createLogger({ const logger = createLogger({
@ -12,15 +16,11 @@ const logger = createLogger({
transports: process.env.NODE_ENV !== 'production' transports: process.env.NODE_ENV !== 'production'
? [new transports.Console( ? [new transports.Console(
{ {
handleExceptions: true,
handleRejections: true,
level: 'debug', level: 'debug',
format: format.combine(format.errors({ stack: true }), format.timestamp(), format.colorize(), format.splat(), gancioFormat) format: format.combine(format.splat(), format.timestamp(), format.colorize(), gancioFormat)
} }
)] )]
: [new DailyRotateFile({ : [new DailyRotateFile({
handleExceptions: true,
handleRejections: true,
level: config.log_level || 'info', level: config.log_level || 'info',
filename: config.log_path + '/gancio.%DATE%.log', filename: config.log_path + '/gancio.%DATE%.log',
symlinkName: 'gancio.log', symlinkName: 'gancio.log',
@ -28,14 +28,12 @@ const logger = createLogger({
zippedArchive: true, zippedArchive: true,
maxSize: '10m', maxSize: '10m',
maxFiles: '10d', maxFiles: '10d',
format: format.combine(format.timestamp(), format.splat(), gancioFormat) format: format.combine(format.timestamp(), gancioFormat)
}), }),
new transports.Console( new transports.Console(
{ {
handleExceptions: true,
handleRejections: true,
level: config.log_level || 'info', level: config.log_level || 'info',
format: format.combine(format.timestamp(), format.splat(), format.colorize(), gancioFormat) format: format.combine(format.timestamp(), format.colorize(), gancioFormat)
} }
)] )]
}) })

4
server/notifier.js
View file

@ -51,7 +51,7 @@ const notifier = {
await notifier.sendNotification(notification, event) await notifier.sendNotification(notification, event)
notification.event_notification.status = 'sent' notification.event_notification.status = 'sent'
} catch (err) { } catch (err) {
log.error(err) log.error('[NOTIFY EVENT]', err)
notification.event_notification.status = 'error' notification.event_notification.status = 'error'
} }
return notification.event_notification.save() return notification.event_notification.save()
@ -71,7 +71,7 @@ const notifier = {
e.status = 'sent' e.status = 'sent'
return e.save() return e.save()
} catch (err) { } catch (err) {
log.error(err) log.error('[NOTIFY]', err)
e.status = 'error' e.status = 'error'
e.error = err e.error = err
return e.save() return e.save()

2
server/routes.js
View file

@ -61,7 +61,7 @@ app.use('/oauth', oauth)
// // Handle 500 // // Handle 500
app.use((error, req, res, next) => { app.use((error, req, res, next) => {
log.error(error) log.error('[ERROR]', error)
res.status(500).send('500: Internal Server Error') res.status(500).send('500: Internal Server Error')
}) })

1
wp-plugin/gancio.php
View file

@ -5,7 +5,6 @@ Plugin URI: https://gancio.org
Description: Connects an user of a gancio instance to a Wordpress user so that published events are automatically pushed with Gancio API. Description: Connects an user of a gancio instance to a Wordpress user so that published events are automatically pushed with Gancio API.
Version: 1.0 Version: 1.0
Author: Gancio Author: Gancio
Author URI: https://gancio.org
License: AGPL 3.0 License: AGPL 3.0
WPGancio is free software: you can redistribute it and/or modify it under the WPGancio is free software: you can redistribute it and/or modify it under the

35
wp-plugin/oauth.php
View file

@ -4,16 +4,15 @@ defined( 'ABSPATH' ) or die( 'Nope, not accessing this' );
// eventorganizer / triggered after an event has been updated // eventorganizer / triggered after an event has been updated
// http://codex.wp-event-organiser.com/hook-eventorganiser_save_event.html // http://codex.wp-event-organiser.com/hook-eventorganiser_save_event.html
add_action('eventorganiser_save_event', 'wpgancio_save_event', 15); add_action('eventorganiser_save_event', 'wpgancio_save_event', 15);
add_action('wp_trash_post', 'delete_post', 15); add_action('wp_trash_post', 'wpgancio_delete_post', 15);
function delete_post ($post_id) { function wpgancio_delete_post ($post_id) {
$post = get_post($post_id); $post = get_post($post_id);
$instance_url = get_option('wpgancio_instance_url'); $instance_url = get_option('wpgancio_instance_url');
if ($post->post_type == 'event') { if ($post->post_type == 'event') {
$gancio_id = get_post_meta($post_id, 'gancio_id', TRUE); $gancio_id = get_post_meta($post_id, 'wpgancio_gancio_id', TRUE);
if ($gancio_id) { if ($gancio_id) {
$body['id'] = $gancio_id;
$http = _wp_http_get_object(); $http = _wp_http_get_object();
$response = $http->request( "${instance_url}/api/event/${gancio_id}", array( $response = $http->request( "${instance_url}/api/event/${gancio_id}", array(
'method' => 'DELETE', 'method' => 'DELETE',
@ -27,14 +26,21 @@ function delete_post ($post_id) {
function wpgancio_save_event ($post_id) { function wpgancio_save_event ($post_id) {
$event = get_post( $post_id ); $event = get_post( $post_id );
function tagName ($tag) {
return sanitize_title($tag->name);
}
$tmp_tags = get_the_terms( $event, 'event-tag' );
$tags = array_map('tagName', $tmp_tags);
// do not save if it's a draft // do not save if it's a draft
if ($event->post_status != 'publish') { if ($event->post_status != 'publish') {
return; return;
} }
$gancio_id = get_post_meta($post_id, 'gancio_id', TRUE); $gancio_id = get_post_meta($post_id, 'wpgancio_gancio_id', TRUE);
// image_path // when
$date = eo_get_schedule_start( 'U', $post_id ); $date = eo_get_schedule_start( 'U', $post_id );
// get place details // get place details
@ -45,6 +51,7 @@ function wpgancio_save_event ($post_id) {
$body = array ( $body = array (
'title' => $event->post_title, 'title' => $event->post_title,
'tags' => $tags,
'description' => $event->post_content, 'description' => $event->post_content,
'start_datetime' => intval($date), 'start_datetime' => intval($date),
'place_name' => $place_name, 'place_name' => $place_name,
@ -54,7 +61,7 @@ function wpgancio_save_event ($post_id) {
// add image if specified // add image if specified
$image_url = get_the_post_thumbnail_url($post_id); $image_url = get_the_post_thumbnail_url($post_id);
if ($image_url) { if ($image_url) {
$body['image_url'] = $image_url; $body['image_url'] = esc_url($image_url);
} }
// update // update
@ -64,20 +71,22 @@ function wpgancio_save_event ($post_id) {
$response = $http->request( $instance_url . '/api/event', array( $response = $http->request( $instance_url . '/api/event', array(
'method' => 'PUT', 'method' => 'PUT',
'headers' => array ( 'headers' => array (
'Authorization' => 'Bearer ' . get_option('wpgancio_token') 'Authorization' => 'Bearer ' . get_option('wpgancio_token'),
), 'body' => $body )); 'Content-Type' => 'application/json'
), 'body' => wp_json_encode($body) ));
} else { // or create } else { // or create
$response = wp_remote_post($instance_url . '/api/event', array( $response = wp_remote_post($instance_url . '/api/event', array(
'headers' => array ( 'headers' => array (
'Authorization' => 'Bearer ' . get_option('wpgancio_token') 'Authorization' => 'Bearer ' . get_option('wpgancio_token'),
), 'body' => $body )); 'Content-Type' => 'application/json'
), 'body' => wp_json_encode($body) ));
} }
if ( is_wp_error( $response ) ) { if ( is_wp_error( $response ) ) {
$error_message = $response->get_error_message(); $error_message = $response->get_error_message();
echo "<div class='error notice'><p>${error_message}</p></div>"; echo "<div class='error notice'><p>" . esc_html($error_message) . "</p></div>";
return; return;
} }
$data = json_decode(wp_remote_retrieve_body($response)); $data = json_decode(wp_remote_retrieve_body($response));
update_post_meta($post_id, 'gancio_id', $data->id); update_post_meta($post_id, 'wpgancio_gancio_id', intval($data->id));
} }

38
wp-plugin/readme.txt
View file

@ -1,10 +1,10 @@
=== WPGancio === === WPGancio ===
Contributors: lesion Contributors: lesion
Donate link: https://gancio.org Donate link: https://gancio.org
Tags: events, gancio Tags: events, gancio, fediverse, AP, activity pub
Requires at least: 4.7 Requires at least: 4.7
Tested up to: 5.4 Tested up to: 5.7.2
Stable tag: 4.3 Stable tag: 1.0
Requires PHP: 7.0 Requires PHP: 7.0
License: AGPLv3 or later License: AGPLv3 or later
License URI: https://www.gnu.org/licenses/agpl-3.0.html License URI: https://www.gnu.org/licenses/agpl-3.0.html
@ -13,36 +13,12 @@ Connect a gancio instance to a Wordpress user so that published events are autom
== Description == == Description ==
This plugin connects a [Gancio](https://gancio.org) instance to a Wordpress website to automatically push events published on Wordpress.
It requires an event manager plugin, only [Event Organiser[(https://wp-event-organiser.com/) is supported but adding another plugin it's an easy task.
== Frequently Asked Questions ==
= A question that someone might have =
An answer to that question.
= What about foo bar? =
Answer to foo bar dilemma.
== Screenshots ==
1. This screen shot description corresponds to screenshot-1.(png|jpg|jpeg|gif). Note that the screenshot is stored in the /assets directory.
2. This is the second screen shot
== Changelog == == Changelog ==
= 1.0 = = 1.0 =
* A change since the previous version. * First release
* Another change.
= 0.5 =
* List versions from most recent at top to oldest at bottom.
== Upgrade Notice ==
= 1.0 =
Upgrade notices describe the reason a user should upgrade. No more than 300 characters.
= 0.5 =
This version fixes a security related bug. Upgrade immediately.

19
wp-plugin/settings.php
View file

@ -22,7 +22,7 @@ function wpgancio_update_options ($old_value, $instance_url) {
$redirect_uri = get_site_url(null, '/wp-admin/options-general.php?page=wpgancio' ); $redirect_uri = get_site_url(null, '/wp-admin/options-general.php?page=wpgancio' );
$query = join('&', array( $query = join('&', array(
'response_type=code', 'response_type=code',
'redirect_uri=' . esc_html($redirect_uri), 'redirect_uri=' . esc_url($redirect_uri),
'scope=event:write', 'scope=event:write',
'client_id=' . get_option('wpgancio_client_id'), 'client_id=' . get_option('wpgancio_client_id'),
)); ));
@ -53,8 +53,8 @@ function wpgancio_instance_url_validate ($instance_url) {
$response->get_error_message()); $response->get_error_message());
} else { } else {
$data = json_decode( wp_remote_retrieve_body($response), true); $data = json_decode( wp_remote_retrieve_body($response), true);
update_option('wpgancio_client_secret', $data['client_secret']); update_option('wpgancio_client_secret', sanitize_key($data['client_secret']));
update_option('wpgancio_client_id', $data['client_id']); update_option('wpgancio_client_id', sanitize_key($data['client_id']));
return $instance_url; return $instance_url;
} }
} }
@ -88,7 +88,7 @@ function wpgancio_instance_url_cb( $args ) {
name="wpgancio_instance_url"> name="wpgancio_instance_url">
<p class="description"> <p class="description">
<?php esc_html_e( 'Insert your gancio instance URL', 'wpgancio' ); ?> <?php esc_html( 'Insert your gancio instance URL', 'wpgancio' ); ?>
</p> </p>
<?php <?php
@ -104,9 +104,7 @@ function wpgancio_options_page_html() {
if ( ! current_user_can( 'manage_options' ) ) { return; } if ( ! current_user_can( 'manage_options' ) ) { return; }
// show error/update messages // show error/update messages
//settings_errors( 'wpgancio_messages' ); $code = sanitize_key($_GET['code']);
$code = $_GET['code'];
if ( $code ) { if ( $code ) {
update_option('wpgancio_code', $code); update_option('wpgancio_code', $code);
$instance_url = get_option( 'wpgancio_instance_url' ); $instance_url = get_option( 'wpgancio_instance_url' );
@ -127,8 +125,8 @@ function wpgancio_options_page_html() {
settings_errors( 'wpgancio_messages' ); settings_errors( 'wpgancio_messages' );
} else { } else {
$data = json_decode( wp_remote_retrieve_body($response), true); $data = json_decode( wp_remote_retrieve_body($response), true);
update_option('wpgancio_token', $data['access_token']); update_option('wpgancio_token', sanitize_key($data['access_token']));
update_option('wpgancio_refresh', $data['refresh_token']); update_option('wpgancio_refresh', sanitize_key($data['refresh_token']));
add_settings_error('wpgancio_messages', 'wpgancio_messages', 'Association completed!', 'success'); add_settings_error('wpgancio_messages', 'wpgancio_messages', 'Association completed!', 'success');
settings_errors( 'wpgancio_messages' ); settings_errors( 'wpgancio_messages' );
} }
@ -141,11 +139,14 @@ function wpgancio_options_page_html() {
<h1><?php echo esc_html( get_admin_page_title() ); ?></h1> <h1><?php echo esc_html( get_admin_page_title() ); ?></h1>
<form action="options.php" method="post"> <form action="options.php" method="post">
<?php <?php
// output security fields for the registered setting "wpgancio" // output security fields for the registered setting "wpgancio"
settings_fields( 'wpgancio' ); settings_fields( 'wpgancio' );
// output setting sections and their fields // output setting sections and their fields
// (sections are registered for "wpgancio", each field is registered to a specific section) // (sections are registered for "wpgancio", each field is registered to a specific section)
do_settings_sections( 'wpgancio' ); do_settings_sections( 'wpgancio' );
// output save settings button // output save settings button
submit_button( 'Save Settings' ); submit_button( 'Save Settings' );
?> ?>