Changeset 3325539
- Timestamp:
- 07/10/2025 10:55:36 AM (7 months ago)
- Location:
- wiredminds-leadlab/trunk
- Files:
-
- 2 added
- 2 edited
-
README.txt (modified) (1 diff)
-
leadlab.php (modified) (4 diffs)
-
leadlab.php.backup (added)
-
leadlab.php.old (added)
Legend:
- Unmodified
- Added
- Removed
-
wiredminds-leadlab/trunk/README.txt
r2932213 r3325539 4 4 Donate link: https://wiredminds.de 5 5 Requires at least: 4.8.1 6 Tested up to: 6. 27 Requires PHP: 56 Tested up to: 6.4 7 Requires PHP: 7.4 8 8 Stable tag: 1.3 9 9 License: GPLv2 or later -
wiredminds-leadlab/trunk/leadlab.php
r2932213 r3325539 1 1 <?php 2 if (!defined("ABSPATH")) { 3 exit(); 4 } 5 2 6 /* 3 Plugin Name: LeadLab by wiredminds 7 Plugin Name: LeadLab by wiredminds 4 8 Description: Wiredminds LeadLab Tracking-Code integration for WordPress 5 9 Plugin URI: https://github.com/wiredminds-gmbh/wordpress 6 Version: 1. 310 Version: 1.4 7 11 Author: wiredminds GmbH 8 12 Author URI: http://www.wiredminds.de 13 Requires PHP: 7.4 14 Requires at least: 4.8.1 15 Text Domain: wiredminds-leadlab 9 16 */ 10 17 11 plugins_url( 'leadlab.php', __FILE__ ); 12 13 if (false === version_compare(phpversion(), '5', '>=')) { 14 trigger_error('WiredMinds for WordPress requires PHP 5 or greater.', E_USER_ERROR); 18 if (version_compare(phpversion(), "7.4", "<")) { 19 wp_die( 20 __( 21 "This plugin requires a more recent version of PHP. Please contact your hosting provider to upgrade.", 22 "wiredminds-leadlab" 23 ), 24 __("PHP Version Requirements", "wiredminds-leadlab"), 25 ["response" => 503] 26 ); 27 } 28 29 /** 30 * Add HTTP security headers for admin page 31 */ 32 function wp_wm_add_security_headers() 33 { 34 if ( 35 is_admin() && 36 isset($_GET["page"]) && 37 strpos($_GET["page"], "leadlab.php") !== false 38 ) { 39 header("X-Frame-Options: DENY"); 40 header("X-Content-Type-Options: nosniff"); 41 header("X-XSS-Protection: 1; mode=block"); 42 header("Referrer-Policy: strict-origin-when-cross-origin"); 43 header( 44 "Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" 45 ); 46 } 15 47 } 16 48 … … 20 52 function wp_wm_add_links() 21 53 { 22 if (function_exists('add_options_page')) { 23 add_options_page('LeadLab by wiredminds', 'LeadLab by wiredminds', 'administrator', __FILE__, 'wp_wm_admin'); 24 } 54 if (function_exists("add_options_page")) { 55 add_options_page( 56 "LeadLab by wiredminds", 57 "LeadLab by wiredminds", 58 "manage_options", 59 __FILE__, 60 "wp_wm_admin" 61 ); 62 } 63 } 64 65 /** 66 * Handle form submission 67 */ 68 function wp_wm_handle_form_submission() 69 { 70 if (empty($_POST["action"]) || $_POST["action"] !== "save") { 71 return null; 72 } 73 74 // Verify nonce 75 if ( 76 !isset($_POST["_wpnonce"]) || 77 !wp_verify_nonce($_POST["_wpnonce"], "wp_wm_save_settings") 78 ) { 79 error_log( 80 "LeadLab Plugin: CSRF attempt detected by user ID: " . 81 get_current_user_id() 82 ); 83 return [ 84 "type" => "error", 85 "message" => __( 86 "Sicherheitsüberprüfung fehlgeschlagen. Bitte laden Sie die Seite neu und versuchen Sie es erneut.", 87 "wiredminds-leadlab" 88 ), 89 ]; 90 } 91 92 // Validate and save customer number 93 $custnum = sanitize_text_field($_POST["wp_wm_custnum"]); 94 if (!empty($custnum) && !preg_match('/^[a-zA-Z0-9]{16}$/', $custnum)) { 95 return [ 96 "type" => "error", 97 "message" => __( 98 "Ungültiges Kundennummer-Format. Es müssen genau 16 alphanumerische Zeichen sein (A-Z, a-z, 0-9).", 99 "wiredminds-leadlab" 100 ), 101 ]; 102 } 103 104 // Save settings 105 update_option("wp_wm_custnum", $custnum); 106 $consent_value = isset($_POST["wp_wm_consent"]) ? 1 : 0; 107 update_option("wp_wm_consent", $consent_value); 108 109 return [ 110 "type" => "success", 111 "message" => __( 112 "Einstellungen erfolgreich gespeichert.", 113 "wiredminds-leadlab" 114 ), 115 ]; 116 } 117 118 /** 119 * Display admin notice 120 */ 121 function wp_wm_show_admin_notice($message, $type = "error") 122 { 123 if (!empty($message)) { 124 printf( 125 '<div class="notice notice-%s"><p>%s</p></div>', 126 esc_attr($type), 127 esc_html($message) 128 ); 129 } 130 } 131 132 /** 133 * Add admin styles 134 */ 135 function wp_wm_admin_styles() 136 { 137 ?> 138 <style> 139 .wp-wm-form { 140 max-width: 600px; 141 } 142 .wp-wm-form .postbox .handle { 143 margin-left: 8px; 144 } 145 .wp-wm-form .postbox .inside { 146 padding: 0; 147 } 148 .wp-wm-label { 149 width: 210px; 150 text-align: right; 151 float: left; 152 display: block; 153 line-height: 30px; 154 font-weight: 600; 155 } 156 .wp-wm-input { 157 font-family: 'Monaco', 'Menlo', 'Ubuntu Mono', monospace; 158 letter-spacing: 1px; 159 } 160 .wp-wm-description { 161 margin-top: 5px; 162 font-style: italic; 163 color: #666; 164 } 165 .wp-wm-submit { 166 text-align: right; 167 padding: 15px 0; 168 } 169 .wp-wm-status { 170 margin-top: 20px; 171 padding: 15px; 172 border-radius: 4px; 173 } 174 .wp-wm-status.active { 175 background: #d1e7dd; 176 border: 1px solid #badbcc; 177 color: #0f5132; 178 } 179 .wp-wm-status.inactive { 180 background: #fff3cd; 181 border: 1px solid #ffecb5; 182 color: #664d03; 183 } 184 </style> 185 <?php 25 186 } 26 187 … … 30 191 function wp_wm_admin() 31 192 { 32 33 add_option('wp_wm_custnum', ''); 34 35 if (!empty($_POST['action'])) { 36 if ($_POST['action'] == 'save') { 37 update_option('wp_wm_custnum', sanitize_text_field($_POST['wp_wm_custnum'])); 38 39 } 40 41 } 42 $wp_wm_custnum = sanitize_text_field(get_option('wp_wm_custnum')); 43 44 45 add_option('wp_wm_consent', ''); 46 47 if (!empty($_POST['action'])) { 48 if ($_POST['action'] == 'save' && isset($_POST['wp_wm_consent']) && $_POST['wp_wm_consent'] == 1) { 49 update_option('wp_wm_consent', (int)$_POST['wp_wm_consent']); 50 } elseif ($_POST['action'] == 'save' && !isset($_POST['wp_wm_consent'])) { 51 update_option('wp_wm_consent', 0); 52 } 53 } 54 $wp_wm_consent = sanitize_text_field(get_option('wp_wm_consent')); 55 56 193 if (!current_user_can("manage_options")) { 194 wp_die( 195 __( 196 "You do not have sufficient permissions to access this page.", 197 "wiredminds-leadlab" 198 ) 199 ); 200 } 201 202 // Handle form submission 203 $form_result = wp_wm_handle_form_submission(); 204 205 // Get current settings 206 $wp_wm_custnum = sanitize_text_field(get_option("wp_wm_custnum", "")); 207 $wp_wm_consent = (int) get_option("wp_wm_consent", 0); 208 209 // Add admin styles 210 wp_wm_admin_styles(); 57 211 ?> 58 212 59 213 <div class="wrap"> 60 <h2><?php 61 _e('Wiredminds LeadLab Tracking-Code Konfiguration'); 62 ?></h2> 63 <div class="postbox-container" style="width: 600px;"> 64 <div class="metabox-holder"> 65 <div class="meta-box-sortables"> 66 <form action="" method="post"> 67 <div class="postbox"> 68 <h3 class="hndle"><span>Konfiguration</span></h3> 69 <div class="inside"><?php 70 $error = 0; 71 if (strlen(get_option('wp_wm_custnum')) < 1) { 72 $error++; 73 } 74 if ($error > 0) { ?> 75 <p> 76 <span style="color:red; font-weight:bold"> 77 Bitte Kundennummer eintragen. 78 </span> 214 <h1><?php _e( 215 "Wiredminds LeadLab Tracking-Code Konfiguration", 216 "wiredminds-leadlab" 217 ); ?></h1> 218 219 <?php if ($form_result) { 220 wp_wm_show_admin_notice( 221 $form_result["message"], 222 $form_result["type"] 223 ); 224 } ?> 225 226 <div class="wp-wm-form"> 227 <form action="" method="post"> 228 <div class="postbox"> 229 <h3 class="handle"><span><?php _e( 230 "Konfiguration", 231 "wiredminds-leadlab" 232 ); ?></span></h3> 233 <div class="inside"> 234 <table class="form-table"> 235 <tr> 236 <th scope="row"> 237 <label class="wp-wm-label" for="wp_wm_custnum"> 238 <?php _e( 239 "Kundennummer:", 240 "wiredminds-leadlab" 241 ); ?> 242 </label> 243 </th> 244 <td> 245 <input 246 name="wp_wm_custnum" 247 id="wp_wm_custnum" 248 type="text" 249 value="<?php echo esc_attr( 250 $wp_wm_custnum 251 ); ?>" 252 class="regular-text wp-wm-input" 253 maxlength="16" 254 size="16" 255 pattern="[a-zA-Z0-9]{16}" 256 title="<?php esc_attr_e( 257 "Geben Sie genau 16 alphanumerische Zeichen ein", 258 "wiredminds-leadlab" 259 ); ?>" 260 oninput="this.value = this.value.replace(/[^a-zA-Z0-9]/g, '')" 261 /> 262 <p class="description wp-wm-description"> 263 <?php _e( 264 "Geben Sie genau 16 alphanumerische Zeichen ein (A-Z, a-z, 0-9).", 265 "wiredminds-leadlab" 266 ); ?> 79 267 </p> 80 <?php } ?> 81 <p> 82 <label 83 style="width:210px;text-align:right; float:left; display:block; line-height: 30px;" 84 for="wp_wm_custnum">Kundennummer:</label> 85 <input name="wp_wm_custnum" id="wp_wm_custnum" type="text" value="<?php 86 echo $wp_wm_custnum; 87 ?>" size="40"/> 88 </p> 89 90 91 <p> 92 <label 93 style="width:210px;text-align:right; float:left; display:block; line-height: 30px;" 94 for="wp_wm_consent">Tracking-Cookie Erweiterung:</label> 95 <input name="wp_wm_consent" id="wp_wm_consent" type="checkbox" value=1 <?php 96 echo empty($wp_wm_consent) ? '' : 'checked' ; 97 ?> size="40"/> 98 </p> 99 100 </div> 101 102 103 104 105 106 </div> 107 <div style="text-align:right"> 108 <input type="hidden" name="action" value="save"/> 109 <input type="submit" class="button-primary" name="submit" value="<?php 110 _e('Speichern'); 111 ?> »"/> 112 </div> 113 </form> 114 <hr/> 268 </td> 269 </tr> 270 <tr> 271 <th scope="row"> 272 <label class="wp-wm-label" for="wp_wm_consent"> 273 <?php _e( 274 "Tracking-Cookie Erweiterung:", 275 "wiredminds-leadlab" 276 ); ?> 277 </label> 278 </th> 279 <td> 280 <label for="wp_wm_consent"> 281 <input 282 name="wp_wm_consent" 283 id="wp_wm_consent" 284 type="checkbox" 285 value="1" 286 <?php checked($wp_wm_consent); ?> 287 /> 288 <?php _e( 289 "Tracking-Cookie Erweiterung aktivieren", 290 "wiredminds-leadlab" 291 ); ?> 292 </label> 293 <p class="description wp-wm-description"> 294 <?php _e( 295 "Aktivieren Sie diese Option für erweiterte Cookie-Tracking-Funktionen.", 296 "wiredminds-leadlab" 297 ); ?> 298 </p> 299 </td> 300 </tr> 301 </table> 302 </div> 303 </div> 304 305 <div class="wp-wm-submit"> 306 <input type="hidden" name="action" value="save"/> 307 <?php wp_nonce_field("wp_wm_save_settings", "_wpnonce"); ?> 308 <input 309 type="submit" 310 class="button-primary" 311 name="submit" 312 value="<?php esc_attr_e( 313 "Speichern", 314 "wiredminds-leadlab" 315 ); ?> »" 316 /> 317 </div> 318 </form> 319 320 <?php if (!empty($wp_wm_custnum)): ?> 321 <div class="wp-wm-status active"> 322 <strong><?php _e( 323 "Status:", 324 "wiredminds-leadlab" 325 ); ?></strong> 326 <?php _e("Tracking ist aktiv", "wiredminds-leadlab"); ?> 327 <?php if ($wp_wm_consent): ?> 328 <?php _e( 329 "mit Cookie-Erweiterung aktiviert", 330 "wiredminds-leadlab" 331 ); ?> 332 <?php endif; ?> 333 </div> 334 <?php else: ?> 335 <div class="wp-wm-status inactive"> 336 <strong><?php _e( 337 "Status:", 338 "wiredminds-leadlab" 339 ); ?></strong> 340 <?php _e( 341 "Tracking nicht konfiguriert - bitte Kundennummer eingeben", 342 "wiredminds-leadlab" 343 ); ?> 344 </div> 345 <?php endif; ?> 115 346 </div> 116 347 </div> … … 119 350 120 351 /** 121 * Output pixelcode352 * Output tracking code 122 353 */ 123 354 function wp_wm_pixel() 124 { 125 ob_start(); 126 $wp_wm_custnum = sanitize_text_field(get_option('wp_wm_custnum')); 127 $wp_wm_consent = (int)get_option('wp_wm_consent'); 128 ob_end_clean(); 129 130 if (!empty($wp_wm_custnum)) { 131 ?> 132 133 <!-- wiredminds leadlab tracking V7 START --> 355 { 356 $custnum = sanitize_text_field(get_option("wp_wm_custnum")); 357 $consent = (int) get_option("wp_wm_consent"); 358 359 // Only output if customer number is valid 360 if (empty($custnum) || !preg_match('/^[a-zA-Z0-9]{16}$/', $custnum)) { 361 return; 362 } 363 364 // Main tracking script 365 if (!empty($custnum)) { ?> 366 <!-- wiredminds leadlab tracking V7 START --> 134 367 <script type="text/javascript"> 135 368 (function(d,s){var l=d.createElement(s),e=d.getElementsByTagName(s)[0]; 136 137 l.src='https://c.leadlab.click/<?php echo $wp_wm_custnum;?>.js';138 369 l.async=true;l.type='text/javascript'; 370 l.src='https://c.leadlab.click/<?php echo esc_js($custnum); ?>.js'; 371 e.parentNode.insertBefore(l,e);})(document,'script'); 139 372 </script> 140 141 142 <!-- wiredminds leadlab tracking V7 END --> 143 <?php 144 } 145 if (!empty($wp_wm_consent)) { 146 ?> 147 148 <!-- wiredminds leadlab consent START --> 373 <!-- wiredminds leadlab tracking V7 END --> 374 <?php } 375 376 if ($consent) { ?> 377 <!-- wiredminds leadlab consent START --> 149 378 <script type="text/javascript"> 150 (function(d,s){var l=d.createElement(s),e=d.getElementsByTagName(s)[0]; 151 l.async=true;l.type='text/javascript'; 152 l.src='https://c.leadlab.click/consent.min.js'; 153 e.parentNode.insertBefore(l,e);})(document,'script'); 154 </script> 155 156 157 <!-- wiredminds leadlab consent V7 END --> 158 <?php 159 } 160 161 } 162 163 add_action('admin_menu', 'wp_wm_add_links'); 164 add_action('wp_footer', 'wp_wm_pixel'); 379 (function(d,s){var l=d.createElement(s),e=d.getElementsByTagName(s)[0]; 380 l.async=true;l.type='text/javascript'; 381 l.src='https://c.leadlab.click/consent.min.js'; 382 e.parentNode.insertBefore(l,e);})(document,'script'); 383 </script> 384 <!-- wiredminds leadlab consent V7 END --> 385 <?php } 386 } 387 388 // Hook everything up 389 add_action("admin_menu", "wp_wm_add_links"); 390 add_action("wp_footer", "wp_wm_pixel"); 391 add_action("send_headers", "wp_wm_add_security_headers");
Note: See TracChangeset
for help on using the changeset viewer.