Current Path: > home > transcarter > > www > wp-content > plugins > ads-txt > > inc >
Operation : Linux host59.registrar-servers.com 4.18.0-513.18.1.lve.2.el8.x86_64 #1 SMP Sat Mar 30 15:36:11 UTC 2024 x86_64 Software : Apache Server IP : 198.54.126.42 | Your IP: 216.73.216.135 Domains : 1034 Domain(s) Permission : [ 0755 ]
| Name | Type | Size | Last Modified | Actions |
|---|---|---|---|---|
| admin.php | File | 17239 bytes | July 17 2025 21:51:27. | |
| helpers.php | File | 3006 bytes | July 17 2025 21:51:27. | |
| post-type.php | File | 1794 bytes | July 17 2025 21:51:27. | |
| save.php | File | 9629 bytes | July 17 2025 21:51:27. |
<?php
/**
* Save functionality for Ads.txt.
*
* @package Ads_Txt_Manager
*/
namespace Adstxt;
/**
* Process and save the ads.txt data.
*
* Handles both AJAX and POST saves via `admin-ajax.php` and `admin-post.php` respectively.
* AJAX calls output JSON; POST calls redirect back to the Ads.txt edit screen.
*
* @return void
*/
function save() {
current_user_can( ADS_TXT_MANAGE_CAPABILITY ) || die;
check_admin_referer( 'adstxt_save' );
$_post = stripslashes_deep( $_POST );
$doing_ajax = defined( 'DOING_AJAX' ) && DOING_AJAX;
$post_id = (int) $_post['post_id'];
$ays = isset( $_post['adstxt_ays'] ) ? $_post['adstxt_ays'] : null;
// Different browsers use different line endings.
$lines = preg_split( '/\r\n|\r|\n/', $_post['adstxt'] );
$sanitized = array();
$errors = array();
$warnings = array();
$response = array();
$has_only_placeholder_records = null;
foreach ( $lines as $i => $line ) {
$line_number = $i + 1;
$result = validate_line( $line, $line_number, $has_only_placeholder_records );
$sanitized[] = $result['sanitized'];
if ( ! empty( $result['errors'] ) ) {
$errors = array_merge( $errors, $result['errors'] );
}
if ( ! empty( $result['warnings'] ) ) {
$warnings = array_merge( $warnings, $result['warnings'] );
}
if ( ! empty( $result['is_placeholder_record'] ) ) {
if ( is_null( $has_only_placeholder_records ) ) {
$has_only_placeholder_records = true;
}
}
list( 'errors' => $errors_data, 'warnings' => $warnings_data, 'is_placeholder_record' => $is_placeholder, 'is_empty_record' => $is_empty_line, 'is_comment' => $is_comment ) = $result;
// Check if the line is valid, then set $has_only_placeholder_records to false.
if ( empty( $is_placeholder ) && empty( $errors_data ) && empty( $warnings_data ) && ( ! $is_comment && ! $is_empty_line ) ) {
$has_only_placeholder_records = false;
}
}
// If $has_only_placeholder_records is false, remove no_authorized_seller warning.
if ( false === $has_only_placeholder_records ) {
$key = array_search( 'no_authorized_seller', array_column( $warnings, 'type' ) );
if ( false !== $key ) {
unset( $warnings[ $key ] );
}
}
$sanitized = implode( PHP_EOL, $sanitized );
$postarr = array(
'ID' => $post_id,
'post_title' => 'Ads.txt',
'post_content' => $sanitized,
'post_type' => 'adstxt',
'post_status' => 'publish',
'meta_input' => array(
'adstxt_errors' => $errors,
'adstxt_warnings' => $warnings,
),
);
if ( 'app-adstxt' === $_post['adstxt_type'] ) {
$postarr['post_title'] = 'App-ads.txt';
$postarr['post_type'] = 'app-adstxt';
}
if ( ! $doing_ajax || empty( $errors ) || 'y' === $ays ) {
$post_id = wp_insert_post( $postarr );
if ( $post_id ) {
$response['saved'] = true;
}
}
if ( $doing_ajax ) {
$response['sanitized'] = $sanitized;
if ( ! empty( $errors ) ) {
$response['errors'] = $errors;
}
echo wp_json_encode( $response );
die();
}
wp_safe_redirect( esc_url_raw( $_post['_wp_http_referer'] ) . '&updated=true' );
exit;
}
add_action( 'admin_post_adstxt-save', __NAMESPACE__ . '\save' );
add_action( 'admin_post_app-adstxt-save', __NAMESPACE__ . '\save' );
add_action( 'wp_ajax_adstxt-save', __NAMESPACE__ . '\save' );
add_action( 'wp_ajax_app-adstxt-save', __NAMESPACE__ . '\save' );
/**
* Validate a single line.
*
* @param string $line The line to validate.
* @param string $line_number The line number being evaluated.
* @param string $has_only_placeholder_records Flag for presence of placeholder record.
*
* @return array {
* @type string $sanitized Sanitized version of the original line.
* @type array $errors Array of errors associated with the line.
* }
*/
function validate_line( $line, $line_number, $has_only_placeholder_records = null ) {
static $record_lines = 0;
$is_placeholder_record = false;
$is_empty_record = false;
$is_comment = false;
// Only to count for records, not comments/variables.
$domain_regex = '/^((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}$/i';
$errors = array();
$warnings = array();
if ( empty( $line ) ) {
$sanitized = '';
$is_empty_record = true;
} elseif ( 0 === strpos( $line, '#' ) ) { // This is a full-line comment.
$sanitized = wp_strip_all_tags( $line );
$is_comment = true;
} elseif ( 1 < strpos( $line, '=' ) ) { // This is a variable declaration.
// The spec currently supports CONTACT, INVENTORYPARTNERDOMAIN, SUBDOMAIN, OWNERDOMAIN and MANAGERDOMAIN.
if ( ! preg_match( '/^(CONTACT|SUBDOMAIN|INVENTORYPARTNERDOMAIN|OWNERDOMAIN|MANAGERDOMAIN)=/i', $line ) ) {
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_variable',
);
} elseif ( 0 === stripos( $line, 'subdomain=' ) ) { // Subdomains should be, well, subdomains.
// Disregard any comments.
$subdomain = explode( '#', $line );
$subdomain = $subdomain[0];
$subdomain = explode( '=', $subdomain );
array_shift( $subdomain );
// If there's anything other than one piece left something's not right.
if ( 1 !== count( $subdomain ) || ! preg_match( $domain_regex, $subdomain[0] ) ) {
$subdomain = implode( '', $subdomain );
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_subdomain',
'value' => $subdomain,
);
}
}
$sanitized = wp_strip_all_tags( $line );
unset( $subdomain );
} else { // Data records: the most common.
// Disregard any comments.
$record = explode( '#', $line );
$record = $record[0];
// Record format: example.exchange.com,pub-id123456789,RESELLER|DIRECT,tagidhash123(optional).
$fields = explode( ',', $record );
if ( 3 <= count( $fields ) ) {
++$record_lines;
$exchange = trim( $fields[0] );
$pub_id = trim( $fields[1] );
$account_type = trim( $fields[2] );
$tag_id = ! empty( $fields[3] ) ? trim( $fields[3] ) : null;
$is_placeholder_record = is_placeholder_record( $exchange, $pub_id, $account_type, $tag_id );
// If the file contains placeholder record and no placeholder was already present, set variable.
if ( $is_placeholder_record && is_null( $has_only_placeholder_records ) ) {
$warnings[] = array(
'type' => 'no_authorized_seller',
'message' => __( 'Your ads.txt indicates no authorized advertising sellers.', 'ads-txt' ),
);
}
// Process further only if the current record is not placeholder record.
if ( ! $is_placeholder_record ) {
if ( ! preg_match( $domain_regex, $exchange ) ) {
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_exchange',
'value' => $exchange,
);
}
if ( ! preg_match( '/^(RESELLER|DIRECT)$/i', $account_type ) ) {
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_account_type',
);
}
if ( isset( $fields[3] ) ) {
$tag_id = trim( $fields[3] );
// TAG-IDs appear to be 16 character hashes.
// TAG-IDs are meant to be checked against their DB - perhaps good for a service or the future.
if ( ! empty( $tag_id ) && ! preg_match( '/^[a-f0-9]{16}$/', $tag_id ) ) {
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_tagid',
'value' => $fields[3],
);
}
}
}
$sanitized = wp_strip_all_tags( $line );
} else {
// Not a comment, variable declaration, or data record; therefore, invalid.
// Early on we commented the line out for safety but it's kind of a weird thing to do with a JS AYS.
$sanitized = wp_strip_all_tags( $line );
$errors[] = array(
'line' => $line_number,
'type' => 'invalid_record',
);
}
unset( $record, $fields );
}
return array(
'sanitized' => $sanitized,
'errors' => $errors,
'warnings' => $warnings,
'is_placeholder_record' => $is_placeholder_record,
'is_empty_record' => $is_empty_record,
'is_comment' => $is_comment,
);
}
/**
* Delete `adstxt_errors` meta when restoring a revision.
*
* @param int $post_id Post ID, not revision ID.
*
* @return void
*/
function clear_error_meta( $post_id ) {
delete_post_meta( $post_id, 'adstxt_errors' );
}
add_action( 'wp_restore_post_revision', __NAMESPACE__ . '\clear_error_meta', 10, 1 );
/**
* Checks if the given record is placeholder record.
* Placeholder indicates that no advertising system is authorized to buy and sell ads on the website.
*
* @see https://iabtechlab.com/wp-content/uploads/2021/03/ads.txt-1.0.3.pdf
*
* @param string $exchange Domain name of the advertising system.
* @param string $pub_id Publisher’s Account ID.
* @param string $account_type Type of Account/Relationship.
* @param string|null $tag_id Certification Authority ID.
*
* @return bool
*/
function is_placeholder_record( $exchange, $pub_id, $account_type, $tag_id = null ) {
$result = true;
// Check the exchange for placeholder.
if ( 'placeholder.example.com' !== $exchange ) {
$result = false;
}
// Check the publisher ID for placeholder.
if ( 'placeholder' !== $pub_id ) {
$result = false;
}
// Check the account type for placeholder.
if ( 'DIRECT' !== $account_type ) {
$result = false;
}
// Check the tag ID for placeholder.
if ( ! empty( $tag_id ) && 'placeholder' !== $tag_id ) {
$result = false;
}
return $result;
}
SILENT KILLER Tool