2018-03-29 16:24:46 +02:00
< ? php
if ( IN_serendipity !== true ) {
die ( " Don't hack! " );
}
// Probe for a language include with constants. Still include defines later on, if some constants were missing
$probelang = dirname ( __FILE__ ) . '/' . $serendipity [ 'charset' ] . 'lang_' . $serendipity [ 'lang' ] . '.inc.php' ;
if ( file_exists ( $probelang )) {
include $probelang ;
}
include dirname ( __FILE__ ) . '/lang_en.inc.php' ;
2018-03-29 22:10:43 +02:00
class serendipity_event_dsgvo_gdpr extends serendipity_event
2018-03-29 16:24:46 +02:00
{
2018-03-29 22:10:43 +02:00
var $title = PLUGIN_EVENT_DSGVO_GDPR_NAME ;
2018-03-29 16:24:46 +02:00
function introspect ( & $propbag )
{
global $serendipity ;
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_NAME );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_DESC );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'stackable' , false );
$propbag -> add ( 'author' , 'Serendipity Team' );
2018-05-15 18:45:36 +02:00
$propbag -> add ( 'version' , '1.2.0' );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'requirements' , array (
'serendipity' => '2.0' ,
'smarty' => '2.6.7' ,
'php' => '5.3.3'
));
$propbag -> add ( 'groups' , array ( 'FRONTEND_FEATURES' , 'BACKEND_FEATURES' ));
$propbag -> add ( 'event_hooks' ,
array (
'frontend_saveComment' => true ,
'frontend_comment' => true ,
'entries_header' => true ,
'entry_display' => true ,
'genpage' => true ,
'frontend_footer' => true ,
2018-04-03 10:29:42 +02:00
'frontend_configure' => true ,
2018-04-23 12:03:55 +02:00
'css' => true ,
'backend_sidebar_admin' => true ,
'backend_sidebar_entries_event_display_dsgvo' => true ,
'backend_deletecomment' => true
2018-03-29 16:24:46 +02:00
)
);
2018-04-03 10:29:42 +02:00
$propbag -> add ( 'configuration' , array ( 'commentform_checkbox' , 'commentform_text' , 'gdpr_url' , 'gdpr_info' , 'gdpr_content' , 'show_in_footer' , 'show_in_footer_text' , 'cookie_consent' , 'cookie_consent_text' , 'cookie_consent_path' , 'anonymizeIp' ));
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'config_groups' , array (
2018-03-29 22:10:43 +02:00
PLUGIN_EVENT_DSGVO_GDPR_MENU => array ( 'gdpr_url' , 'gdpr_info' , 'gdpr_content' ),
PLUGIN_EVENT_DSGVO_GDPR_COOKIE_MENU => array ( 'cookie_consent' , 'cookie_consent_text' , 'cookie_consent_path' )
2018-03-29 16:24:46 +02:00
));
}
function generate_content ( & $title ) {
$title = $this -> title ;
}
function introspect_config_item ( $name , & $propbag )
{
global $serendipity ;
switch ( $name ) {
2018-03-29 22:10:43 +02:00
case 'gdpr_url' :
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'type' , 'string' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_URL );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_URL_DESC );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'default' , '' );
break ;
2018-03-29 22:10:43 +02:00
case 'gdpr_content' :
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'type' , 'html' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_STATEMENT );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_STATEMENT_DESC );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'default' , " " );
break ;
case 'commentform_text' :
$propbag -> add ( 'type' , 'html' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_TEXT );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_TEXT_DESC );
$propbag -> add ( 'default' , PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_TEXT_DEFAULT );
2018-03-29 16:24:46 +02:00
break ;
case 'commentform_checkbox' :
$propbag -> add ( 'type' , 'boolean' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_CHECKBOX );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_CHECKBOX_DESC );
2018-05-15 18:33:58 +02:00
$propbag -> add ( 'default' , 'false' );
2018-03-29 16:24:46 +02:00
break ;
2018-04-03 10:29:42 +02:00
case 'anonymizeIp' :
$propbag -> add ( 'type' , 'boolean' );
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_ANONYMIZE );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_ANONYMIZE_DESC );
$propbag -> add ( 'default' , 'true' );
break ;
2018-03-29 16:24:46 +02:00
case 'show_in_footer' :
$propbag -> add ( 'type' , 'boolean' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_SHOW_IN_FOOTER );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_SHOW_IN_FOOTER_DESC );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'default' , 'true' );
break ;
case 'show_in_footer_text' :
$propbag -> add ( 'type' , 'html' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_SHOW_IN_FOOTER_TEXT );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_SHOW_IN_FOOTER_TEXT_DESC );
$propbag -> add ( 'default' , PLUGIN_EVENT_DSGVO_GDPR_SHOW_IN_FOOTER_TEXT_DEFAULT );
2018-03-29 16:24:46 +02:00
break ;
2018-03-29 22:10:43 +02:00
case 'gdpr_info' :
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'type' , 'content' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_INFO );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_INFO_DESC );
2018-05-15 18:45:36 +02:00
$propbag -> add ( 'default' , $this -> inspect_gdpr () . $this -> buttonCopyToClipboard ( $this -> inspect_gdpr ()));
2018-03-29 16:24:46 +02:00
break ;
case 'cookie_consent' :
$propbag -> add ( 'type' , 'boolean' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_DESC );
2018-03-29 16:24:46 +02:00
$propbag -> add ( 'default' , 'true' );
break ;
case 'cookie_consent_text' :
$propbag -> add ( 'type' , 'text' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_TEXT );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_TEXT_DESC );
$propbag -> add ( 'default' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_TEXT_DEFAULT );
2018-03-29 16:24:46 +02:00
break ;
case 'cookie_consent_path' :
$propbag -> add ( 'type' , 'string' );
2018-03-29 22:10:43 +02:00
$propbag -> add ( 'name' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_PATH );
$propbag -> add ( 'description' , PLUGIN_EVENT_DSGVO_GDPR_COOKIE_CONSENT_PATH_DESC );
$propbag -> add ( 'default' , $serendipity [ 'serendipityHTTPPath' ] . 'plugins/serendipity_event_dsgvo_gdpr/' );
2018-03-29 16:24:46 +02:00
break ;
}
return true ;
}
2018-03-29 22:10:43 +02:00
function inspect_gdpr () {
2018-04-09 17:39:51 +02:00
global $serendipity ;
2018-03-29 22:10:43 +02:00
$out = PLUGIN_EVENT_DSGVO_GDPR_SERENDIPITY_CORE ;
2018-03-29 16:24:46 +02:00
$classes = serendipity_plugin_api :: enum_plugins ();
foreach ( $classes as $class_data ) {
$pluginFile = serendipity_plugin_api :: probePlugin ( $class_data [ 'name' ], $class_data [ 'classname' ], $class_data [ 'pluginPath' ]);
2018-04-01 12:07:38 +02:00
$plugin =& serendipity_plugin_api :: getPluginInfo ( $pluginFile , $class_data , 'event' );
2018-03-29 16:24:46 +02:00
if ( is_object ( $plugin )) {
// Object is returned when a plugin could not be cached.
$bag = new serendipity_property_bag ;
$plugin -> introspect ( $bag );
$legal = $bag -> get ( 'legal' );
if ( is_array ( $legal )) {
$out .= '<h3>' . $class_data [ 'classname' ] . '</h3>' ;
2018-04-05 14:17:19 +02:00
// "services" should list every service that a plugin connects to via a HTTP or other API interface,
// and describe what each service does, and which data it gets.
// Only services that are executed on visitor input must be listed; services that the blog server (instead
// of a client) connects to are nice to have, but are only required to be shown if it includes visitor (meta)data
2018-03-29 16:24:46 +02:00
if ( is_array ( $legal [ 'services' ]) && count ( $legal [ 'services' ]) > 0 ) {
$out .= '<h4>Web services / Third Party</h4>' ;
$out .= '<ul>' ;
foreach ( $legal [ 'services' ] AS $servicename => $servicedata ) {
$out .= '<li><a href="' . $servicedata [ 'url' ] . '">' . $servicename . '</a>: ' . $servicedata [ 'desc' ] . '</li>' ;
}
$out .= '</ul>' ;
}
2018-04-05 14:17:19 +02:00
// "frontend" lists descriptions what the plugin does on the frontendside and where it uses visitor data or metadata
2018-03-29 16:24:46 +02:00
if ( is_array ( $legal [ 'frontend' ]) && count ( $legal [ 'frontend' ]) > 0 ) {
$out .= '<h4>Frontend</h4>' ;
$out .= '<ul>' ;
foreach ( $legal [ 'frontend' ] AS $servicename => $servicedata ) {
$out .= '<li>' . $servicedata . '</li>' ;
}
$out .= '</ul>' ;
}
2018-04-05 14:17:19 +02:00
// "backend" lists descriptions what the plugin does on the backend and where it uses visitor data or metadata
2018-03-29 16:24:46 +02:00
if ( is_array ( $legal [ 'backend' ]) && count ( $legal [ 'backend' ]) > 0 ) {
$out .= '<h4>Backend</h4>' ;
$out .= '<ul>' ;
foreach ( $legal [ 'backend' ] AS $servicename => $servicedata ) {
$out .= '<li>' . $servicedata . '</li>' ;
}
$out .= '</ul>' ;
}
2018-04-05 14:17:19 +02:00
// "cookies" lists an array of which cookies might be set a a plugin and why. If a plugin makes use of
// session features, also mention that it relies on that session id.
2018-03-29 16:24:46 +02:00
if ( is_array ( $legal [ 'cookies' ]) && count ( $legal [ 'cookies' ]) > 0 ) {
$out .= '<h4>Cookies</h4>' ;
$out .= '<ul>' ;
foreach ( $legal [ 'cookies' ] AS $servicename => $servicedata ) {
$out .= '<li>' . $servicedata . '</li>' ;
}
$out .= '</ul>' ;
}
2018-04-05 14:17:19 +02:00
// "sessiondata" lists an array of which PHP session data values are (temporarily) saved
2018-03-29 16:24:46 +02:00
if ( is_array ( $legal [ 'sessiondata' ]) && count ( $legal [ 'sessiondata' ]) > 0 ) {
$out .= '<h4>Session data</h4>' ;
$out .= '<ul>' ;
foreach ( $legal [ 'sessiondata' ] AS $servicename => $servicedata ) {
$out .= '<li>' . $servicedata . '</li>' ;
}
$out .= '</ul>' ;
}
2018-04-05 14:17:19 +02:00
// This is a list of TRUE/FALSE boolean toggles
2018-03-29 16:24:46 +02:00
$out .= '<h4>Attributes</h4>' ;
$out .= '<ul>' ;
if ( $legal [ 'stores_user_input' ]) {
2018-04-05 14:17:19 +02:00
$out .= '<li>Stores user data (like names, text, preferences) to a database, file or other storage (mail)</li>' ;
2018-03-29 16:24:46 +02:00
} else {
$out .= '<li>Does not store user data (or not specified)</li>' ;
}
if ( $legal [ 'stores_ip' ]) {
2018-04-05 14:17:19 +02:00
$out .= '<li>Stores IP data (written to storage)</li>' ;
2018-03-29 16:24:46 +02:00
} else {
$out .= '<li>Does not store IP data (or not specified)</li>' ;
}
if ( $legal [ 'uses_ip' ]) {
2018-04-05 14:17:19 +02:00
$out .= '<li>Operates on IP data (read-access, also when passing through metadata)</li>' ;
2018-03-29 16:24:46 +02:00
} else {
$out .= '<li>Does not operate on IP data (or not specified)</li>' ;
}
if ( $legal [ 'transmits_user_input' ]) {
2018-04-05 14:17:19 +02:00
$out .= '<li>Transmits user input to services / third parties (not necessarily stored)</li>' ;
2018-03-29 16:24:46 +02:00
} else {
$out .= '<li>Does not transmit user input to services / third parties (or not specified)</li>' ;
}
$out .= '</ul>' ;
}
}
}
2018-04-09 17:39:51 +02:00
// Themes
$stack = array ();
serendipity_plugin_api :: hook_event ( 'backend_templates_fetchlist' , $stack );
$themes = serendipity_fetchTemplates ();
foreach ( $themes AS $theme ) {
$stack [ $theme ] = serendipity_fetchTemplateInfo ( $theme );
}
ksort ( $stack );
$theme_active = '' ;
$theme_other = '' ;
$static_info = array (
'2k11' => array (
'This theme can optionally use webfonts. If enabled, webfonts are loaded from Google/CDN servers, who will receive the IP address of the visitor and his metadata (browser, referrer, user agent, possible cookies)'
),
'next' => array (
'This theme can optionally use webfonts. If enabled, webfonts are loaded from Google/CDN servers, who will receive the IP address of the visitor and his metadata (browser, referrer, user agent, possible cookies)'
),
'clean-blog' => array (
2018-04-10 02:04:36 +02:00
'This theme can optionally use webfonts. If enabled, webfonts are loaded from Google/CDN servers, who will receive the IP address of the visitor and his metadata (browser, referrer, user agent, possible cookies)'
2018-04-09 17:39:51 +02:00
),
'skeleton' => array (
2018-04-09 20:50:09 +02:00
'This theme can optionally use webfonts. If enabled, webfonts are loaded from Google/CDN servers, who will receive the IP address of the visitor and his metadata (browser, referrer, user agent, possible cookies)'
2018-04-09 17:39:51 +02:00
),
'timeline' => array (
2018-04-10 02:04:36 +02:00
'This theme can optionally use webfonts. If enabled, webfonts are loaded from Google/CDN servers, who will receive the IP address of the visitor and his metadata (browser, referrer, user agent, possible cookies)'
2018-04-09 17:39:51 +02:00
),
);
foreach ( $stack as $theme => $info ) {
if ( strtolower ( $info [ 'engine' ]) == 'yes' ) {
continue ;
}
if ( file_exists ( $serendipity [ " serendipityPath " ] . $serendipity [ " templatePath " ] . $theme . " /legal.txt " ) || isset ( $static_info [ $theme ])) {
if ( $theme == $serendipity [ 'template' ]) {
$pointer = 'theme_active' ;
2018-05-15 18:45:36 +02:00
$$pointer .= '<h3>Active Theme "' . $theme . '"</h3>' . " \n " ;
2018-04-09 17:39:51 +02:00
} else {
$pointer = 'theme_other' ;
2018-05-15 18:45:36 +02:00
$$pointer .= '<h3>Available Theme "' . $theme . '"</h3>' . " \n " ;
2018-04-09 17:39:51 +02:00
}
$$pointer .= '<ul>' ;
if ( isset ( $static_info [ $theme ])) {
foreach ( $static_info [ $theme ] AS $themeout ) {
2018-05-15 18:45:36 +02:00
$$pointer .= '<li>' . $themeout . " </li> \n " ;
2018-04-09 17:39:51 +02:00
}
}
if ( file_exists ( $serendipity [ " serendipityPath " ] . $serendipity [ " templatePath " ] . $theme . " /legal.txt " )) {
$$pointer .= '<li>' . file_get_contents ( $serendipity [ " serendipityPath " ] . $serendipity [ " templatePath " ] . $theme . " /legal.txt " ) . '</li>' ;
}
$$pointer .= '</ul>' ;
}
}
$out .= $theme_active . $theme_other ;
2018-03-29 16:24:46 +02:00
return $out ;
}
function parseText ( $text ) {
global $serendipity ;
2018-03-29 22:10:43 +02:00
$url = $this -> get_config ( 'gdpr_url' );
2018-03-29 16:24:46 +02:00
if ( empty ( $url )) {
2018-03-29 22:10:43 +02:00
$url = $serendipity [ 'serendipityHTTPPath' ] . $serendipity [ 'indexFile' ] . '?serendipity[subpage]=dsgvo_gdpr_privacy' ;
2018-03-29 16:24:46 +02:00
}
2018-03-29 22:10:43 +02:00
$text = str_replace ( '%gdpr_url%' , $url , $text );
2018-03-29 16:24:46 +02:00
return $text ;
}
function isActive () {
global $serendipity ;
2018-03-29 22:10:43 +02:00
if ( $serendipity [ 'GET' ][ 'subpage' ] == 'dsgvo_gdpr_privacy' ) {
2018-03-29 16:24:46 +02:00
return true ;
}
return false ;
}
2018-04-23 12:03:55 +02:00
function parseParts ( $string ) {
$out = array ();
$parts = explode ( " \n " , $string );
foreach ( $parts AS $part ) {
$part = trim ( $part );
if ( empty ( $part )) continue ;
$out [] = " ' " . serendipity_db_escape_string ( $part ) . " ' " ;
}
return $out ;
}
2018-05-15 18:45:36 +02:00
// outputs html for a button that copies the given text to the browser clipboard
function buttonCopyToClipboard ( $text ) {
$out = '<textarea style="display: none;white-space: pre;" id="copyWrapper">' . serendipity_specialchars ( $text ) . '</textarea>' ;
$out .= '<button type="button" onclick="copyTextFromWrapper()">' . PLUGIN_EVENT_DSGVO_GDPR_COPY_CLIPBOARD . '</button>' ;
$out .= ' < script >
function copyTextFromWrapper () {
var target = document . getElementById ( " copyWrapper " );
target . style . display = " block " ;
target . focus ();
target . select ();
document . execCommand ( " Copy " );
target . style . display = " none " ;
} </ script > ' ;
return $out ;
}
2018-04-23 12:03:55 +02:00
function showBackend () {
global $serendipity ;
if ( $serendipity [ 'serendipityUserlevel' ] < USERLEVEL_ADMIN ) {
return false ;
}
$clist = array ();
if ( isset ( $serendipity [ 'POST' ][ 'delete' ]) || isset ( $serendipity [ 'POST' ][ 'export' ])) {
$author_list = $this -> parseParts ( $serendipity [ 'POST' ][ 'filter' ][ 'author' ]);
$email_list = $this -> parseParts ( $serendipity [ 'POST' ][ 'filter' ][ 'email' ]);
if ( count ( $author_list ) == 0 && count ( $email_list ) == 0 ) {
echo '<p>' . PLUGIN_EVENT_DSGVO_GDPR_BACKEND_DELFAIL . '</p>' ;
} else {
$where = array ();
if ( count ( $author_list ) > 0 ) {
$where [] = 'author IN (' . implode ( ', ' , $author_list ) . ')' ;
}
if ( count ( $email_list ) > 0 ) {
$where [] = 'email IN (' . implode ( ', ' , $email_list ) . ')' ;
}
2018-05-01 14:06:06 +02:00
$clist = serendipity_db_query ( " SELECT *
2018-04-23 12:03:55 +02:00
FROM { $serendipity [ 'dbPrefix' ]} comments
WHERE " . implode(' OR ', $where ), false, 'assoc');
}
if ( ! is_array ( $clist ) || count ( $clist ) == 0 ) {
echo '<p>' . NO_COMMENTS . '</p>' ;
} else {
if ( isset ( $serendipity [ 'POST' ][ 'delete' ])) {
foreach ( $clist AS $comment ) {
echo '<p>' . sprintf ( COMMENT_DELETED , $comment [ 'id' ]) . '</p>' ;
serendipity_deleteComment ( $comment [ 'id' ], $comment [ 'entry_id' ]);
}
}
if ( isset ( $serendipity [ 'POST' ][ 'export' ])) {
header ( 'Content-Type: application/csv; charset=' . LANG_CHARSET );
header ( 'Content-Disposition: attachment; filename=blog-userData.csv' );
header ( 'Pragma: no-cache' );
echo '#' ;
foreach ( $clist [ 0 ] AS $key => $val ) {
echo '"' . $key . '";' ;
}
echo " \n " ;
foreach ( $clist AS $comment ) {
foreach ( $comment AS $key => $val ) {
echo '"' . $val . '";' ;
}
echo " \n " ;
}
2018-05-14 14:56:16 +02:00
exit ;
2018-04-23 12:03:55 +02:00
}
}
}
echo '<form action="?" method="post">' ;
echo serendipity_setFormToken ();
echo '<input type="hidden" name="serendipity[adminModule]" value="event_display" />' ;
echo '<input type="hidden" name="serendipity[adminAction]" value="dsgvo" />' ;
echo '<p>' . PLUGIN_EVENT_DSGVO_GDPR_BACKEND_INFO . '</p>' ;
?>
< fieldset id = " filter_dsgvo " class = " filter_pane " >
< legend class = " visuallyhidden " >< ? php echo PLUGIN_EVENT_DSGVO_GDPR_BACKEND ; ?> </legend>
< div class = " clearfix inputs " >
< div class = " form_field " >
< label for = " filter_author " >< ? php echo AUTHOR ; ?> </label>
< textarea id = " filter_author " name = " serendipity[filter][author] " >< ? php echo serendipity_specialchars ( $serendipity [ 'POST' ][ 'filter' ][ 'author' ]); ?> </textarea>
</ div >
< div class = " form_field " >
< label for = " filter_email " >< ? php echo EMAIL ; ?> </label>
< textarea id = " filter_email " name = " serendipity[filter][email] " >< ? php echo serendipity_specialchars ( $serendipity [ 'POST' ][ 'filter' ][ 'email' ]); ?> </textarea>
</ div >
</ div >
< div class = " form_buttons " >
< input name = " serendipity[export] " value = " CSV " type = " submit " >
< input name = " serendipity[delete] " class = " state_cancel comments_multidelete " data - delmsg = " <?php echo COMMENTS_DELETE_CONFIRM; ?> " value = " <?php echo DELETE; ?> " type = " submit " >
</ div >
</ fieldset >
< ? php
echo '</form>' ;
}
2018-03-29 16:24:46 +02:00
function event_hook ( $event , & $bag , & $eventData , $addData = null ) {
global $serendipity ;
$hooks = & $bag -> get ( 'event_hooks' );
if ( isset ( $hooks [ $event ])) {
switch ( $event ) {
2018-04-23 12:03:55 +02:00
case 'backend_sidebar_admin' :
?>
< li >< a href = " ?serendipity[adminModule]=event_display&serendipity[adminAction]=dsgvo " >< ? php echo PLUGIN_EVENT_DSGVO_GDPR_BACKEND ; ?> </a></li>
< ? php
break ;
case 'backend_sidebar_entries_event_display_dsgvo' :
$this -> showBackend ();
break ;
2018-04-03 10:29:42 +02:00
case 'frontend_configure' :
if ( serendipity_db_bool ( $this -> get_config ( 'anonymizeIp' ))) {
$_SERVER [ 'REMOTE_ADDR' ] = IpAnonymizer :: anonymizeIp ( $_SERVER [ 'REMOTE_ADDR' ]);
}
return true ;
break ;
2018-03-29 16:24:46 +02:00
case 'frontend_saveComment' :
if ( serendipity_db_bool ( $this -> get_config ( 'commentform_checkbox' ))) {
if ( $addData [ 'type' ] == 'NORMAL' ) {
// Only act to comments. Trackbacks are an API so we cannot add checks there.
if ( empty ( $serendipity [ 'POST' ][ 'accept_privacy' ])) {
$eventData = array ( 'allow_comments' => false );
2018-03-29 22:10:43 +02:00
$serendipity [ 'messagestack' ][ 'comments' ][] = PLUGIN_EVENT_DSGVO_GDPR_COMMENTFORM_ERROR ;
2018-03-29 16:24:46 +02:00
return false ;
}
}
}
return true ;
break ;
case 'frontend_comment' :
if ( serendipity_db_bool ( $this -> get_config ( 'commentform_checkbox' ))) {
?>
2018-05-01 14:06:06 +02:00
< div class = " form_toolbar dsgvo_gdpr_comment " >
2018-03-29 16:24:46 +02:00
< div class = " form_box " >
2018-03-29 22:10:43 +02:00
< input id = " checkbox_dsgvo_gdpr " name = " serendipity[accept_privacy] " value = " 1 " type = " checkbox " < ? php echo ( $serendipity [ 'POST' ][ 'accept_privacy' ] == 1 ? 'checked="checked"' : '' ); ?> ><label for="checkbox_dsgvo_gdpr"><?php echo $this->parseText($this->get_config('commentform_text')); ?></label>
2018-03-29 16:24:46 +02:00
</ div >
2018-05-01 14:06:06 +02:00
</ div >
2018-03-29 16:24:46 +02:00
< ? php
}
return true ;
break ;
case 'genpage' :
if ( $this -> isActive ()) {
$serendipity [ 'is_staticpage' ] = true ;
}
return true ;
break ;
2018-04-23 12:03:55 +02:00
case 'backend_deletecomment' :
// Vanilla s9y does not delete all metadata of a comment that has threaded replies, it only sets the body to "Deleted".
// Here we take care that all metadata is cleared in that case.
2018-05-01 14:06:06 +02:00
serendipity_db_query ( " UPDATE { $serendipity [ 'dbPrefix' ] } comments
2018-04-23 12:03:55 +02:00
SET title = '' , author = '' , email = '' , url = '' , ip = '' , referer = ''
WHERE id = { $addData [ 'cid' ]} " );
return true ;
break ;
2018-03-29 16:24:46 +02:00
case 'entry_display' :
if ( $this -> isActive ()) {
if ( is_array ( $eventData )) {
$eventData [ 'clean_page' ] = true ; // This is important to not display an entry list!
} else {
$eventData = array ( 'clean_page' => true );
}
}
return true ;
break ;
case 'entries_header' :
if ( $this -> isActive ()) {
serendipity_header ( $_SERVER [ 'SERVER_PROTOCOL' ] . ' 200 OK' );
serendipity_header ( 'Status: 200 OK' );
2018-03-29 22:10:43 +02:00
$statement = $this -> get_config ( 'gdpr_content' );
2018-03-29 16:24:46 +02:00
if ( empty ( $statement )) {
2018-03-29 22:10:43 +02:00
$statement = '<div class="dsgvo_gdpr_statement_error">' . PLUGIN_EVENT_DSGVO_GDPR_STATEMENT_ERROR . '</div>' ;
2018-03-29 16:24:46 +02:00
}
2018-03-29 22:10:43 +02:00
echo '<div class="dsgvo_gdpr_statement">' . $statement . '</div>' ;
2018-03-29 16:24:46 +02:00
}
return true ;
break ;
case 'frontend_footer' :
if ( serendipity_db_bool ( $this -> get_config ( 'show_in_footer' ))) {
2018-03-29 22:10:43 +02:00
echo '<div class="dsgvo_gdpr_footer">' . $this -> parseText ( $this -> get_config ( 'show_in_footer_text' )) . '</div>' ;
2018-03-29 16:24:46 +02:00
}
if ( serendipity_db_bool ( $this -> get_config ( 'cookie_consent' ))) {
?>
< link rel = " stylesheet " type = " text/css " href = " <?php echo $this->get_config ('cookie_consent_path'); ?>/cookieconsent.min.css " />
< script type = " text/javascript " src = " <?php echo $this->get_config ('cookie_consent_path'); ?>cookieconsent.min.js " ></ script >
< ? php
echo $this -> parseText ( $this -> get_config ( 'cookie_consent_text' ));
}
return true ;
break ;
2018-04-09 20:50:09 +02:00
2018-03-29 16:24:46 +02:00
case 'css' :
2018-03-29 22:10:43 +02:00
if ( ! strpos ( $eventData , '.dsgvo_gdpr' )) {
2018-03-29 16:24:46 +02:00
// class exists in CSS, so a user has customized it and we don't need default
echo file_get_contents ( dirname ( __FILE__ ) . '/style.css' );
}
return true ;
break ;
default :
return false ;
}
} else {
return false ;
}
}
}
2018-04-03 10:29:42 +02:00
/*
https :// github . com / geertw / php - ip - anonymizer / blob / master / LICENSE
MIT License
Copyright ( c ) 2016 Geert Wirken
Permission is hereby granted , free of charge , to any person obtaining a copy
of this software and associated documentation files ( the " Software " ), to deal
in the Software without restriction , including without limitation the rights
to use , copy , modify , merge , publish , distribute , sublicense , and / or sell
copies of the Software , and to permit persons to whom the Software is
furnished to do so , subject to the following conditions :
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software .
THE SOFTWARE IS PROVIDED " AS IS " , WITHOUT WARRANTY OF ANY KIND , EXPRESS OR
IMPLIED , INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY ,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT . IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM , DAMAGES OR OTHER
LIABILITY , WHETHER IN AN ACTION OF CONTRACT , TORT OR OTHERWISE , ARISING FROM ,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE .
*/
class IpAnonymizer {
/**
* @ var string IPv4 netmask used to anonymize IPv4 address .
*/
public $ipv4NetMask = " 255.255.255.0 " ;
/**
* @ var string IPv6 netmask used to anonymize IPv6 address .
*/
public $ipv6NetMask = " ffff:ffff:ffff:ffff:0000:0000:0000:0000 " ;
/**
* Anonymize an IPv4 or IPv6 address .
*
* @ param $address string IP address that must be anonymized
* @ return string The anonymized IP address . Returns an empty string when the IP address is invalid .
*/
public static function anonymizeIp ( $address ) {
$anonymizer = new IpAnonymizer ();
return $anonymizer -> anonymize ( $address );
}
/**
* Anonymize an IPv4 or IPv6 address .
*
* @ param $address string IP address that must be anonymized
* @ return string The anonymized IP address . Returns an empty string when the IP address is invalid .
*/
public function anonymize ( $address ) {
$packedAddress = inet_pton ( $address );
if ( strlen ( $packedAddress ) == 4 ) {
return $this -> anonymizeIPv4 ( $address );
} elseif ( strlen ( $packedAddress ) == 16 ) {
return $this -> anonymizeIPv6 ( $address );
} else {
return " " ;
}
}
/**
* Anonymize an IPv4 address
* @ param $address string IPv4 address
* @ return string Anonymized address
*/
public function anonymizeIPv4 ( $address ) {
return inet_ntop ( inet_pton ( $address ) & inet_pton ( $this -> ipv4NetMask ));
}
/**
* Anonymize an IPv6 address
* @ param $address string IPv6 address
* @ return string Anonymized address
*/
public function anonymizeIPv6 ( $address ) {
return inet_ntop ( inet_pton ( $address ) & inet_pton ( $this -> ipv6NetMask ));
}
}
2018-05-01 14:06:06 +02:00
/* vim: set sts=4 ts=4 expandtab : */