5b1e2453c7
🏨 Hotel Booking Enhancements: - Implemented Eagle Booking Advanced Pricing add-on - Added Booking.com-style rate management system - Created professional calendar interface for pricing - Integrated deals and discounts functionality 💰 Advanced Pricing Features: - Dynamic pricing models (per room, per person, per adult) - Base rates, adult rates, and child rates management - Length of stay discounts and early bird deals - Mobile rates and secret deals implementation - Seasonal promotions and flash sales 📅 Availability Management: - Real-time availability tracking - Stop sell and restriction controls - Closed to arrival/departure functionality - Minimum/maximum stay requirements - Automatic sold-out management 💳 Payment Integration: - Maintained Redsys payment gateway integration - Seamless integration with existing Eagle Booking - No modifications to core Eagle Booking plugin 🛠️ Technical Implementation: - Custom database tables for advanced pricing - WordPress hooks and filters integration - AJAX-powered admin interface - Data migration from existing Eagle Booking - Professional calendar view for revenue management 📊 Admin Interface: - Booking.com-style management dashboard - Visual rate and availability calendar - Bulk operations for date ranges - Statistics and analytics dashboard - Modal dialogs for quick editing 🔧 Code Quality: - WordPress coding standards compliance - Secure database operations with prepared statements - Proper input validation and sanitization - Error handling and logging - Responsive admin interface 🤖 Generated with Claude Code (https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
194 lines
4.8 KiB
PHP
194 lines
4.8 KiB
PHP
<?php
|
|
/**
|
|
* Error Protection API: WP_Recovery_Mode_Key_Service class
|
|
*
|
|
* @package WordPress
|
|
* @since 5.2.0
|
|
*/
|
|
|
|
/**
|
|
* Core class used to generate and validate keys used to enter Recovery Mode.
|
|
*
|
|
* @since 5.2.0
|
|
*/
|
|
#[AllowDynamicProperties]
|
|
final class WP_Recovery_Mode_Key_Service {
|
|
|
|
/**
|
|
* The option name used to store the keys.
|
|
*
|
|
* @since 5.2.0
|
|
* @var string
|
|
*/
|
|
private $option_name = 'recovery_keys';
|
|
|
|
/**
|
|
* Creates a recovery mode token.
|
|
*
|
|
* @since 5.2.0
|
|
*
|
|
* @return string A random string to identify its associated key in storage.
|
|
*/
|
|
public function generate_recovery_mode_token() {
|
|
return wp_generate_password( 22, false );
|
|
}
|
|
|
|
/**
|
|
* Creates a recovery mode key.
|
|
*
|
|
* @since 5.2.0
|
|
* @since 6.8.0 The stored key is now hashed using wp_fast_hash() instead of phpass.
|
|
*
|
|
* @param string $token A token generated by {@see generate_recovery_mode_token()}.
|
|
* @return string Recovery mode key.
|
|
*/
|
|
public function generate_and_store_recovery_mode_key( $token ) {
|
|
$key = wp_generate_password( 22, false );
|
|
|
|
$records = $this->get_keys();
|
|
|
|
$records[ $token ] = array(
|
|
'hashed_key' => wp_fast_hash( $key ),
|
|
'created_at' => time(),
|
|
);
|
|
|
|
$this->update_keys( $records );
|
|
|
|
/**
|
|
* Fires when a recovery mode key is generated.
|
|
*
|
|
* @since 5.2.0
|
|
*
|
|
* @param string $token The recovery data token.
|
|
* @param string $key The recovery mode key.
|
|
*/
|
|
do_action( 'generate_recovery_mode_key', $token, $key );
|
|
|
|
return $key;
|
|
}
|
|
|
|
/**
|
|
* Verifies if the recovery mode key is correct.
|
|
*
|
|
* Recovery mode keys can only be used once; the key will be consumed in the process.
|
|
*
|
|
* @since 5.2.0
|
|
*
|
|
* @param string $token The token used when generating the given key.
|
|
* @param string $key The plain text key.
|
|
* @param int $ttl Time in seconds for the key to be valid for.
|
|
* @return true|WP_Error True on success, error object on failure.
|
|
*/
|
|
public function validate_recovery_mode_key( $token, $key, $ttl ) {
|
|
$records = $this->get_keys();
|
|
|
|
if ( ! isset( $records[ $token ] ) ) {
|
|
return new WP_Error( 'token_not_found', __( 'Recovery Mode not initialized.' ) );
|
|
}
|
|
|
|
$record = $records[ $token ];
|
|
|
|
$this->remove_key( $token );
|
|
|
|
if ( ! is_array( $record ) || ! isset( $record['hashed_key'], $record['created_at'] ) ) {
|
|
return new WP_Error( 'invalid_recovery_key_format', __( 'Invalid recovery key format.' ) );
|
|
}
|
|
|
|
if ( ! wp_verify_fast_hash( $key, $record['hashed_key'] ) ) {
|
|
return new WP_Error( 'hash_mismatch', __( 'Invalid recovery key.' ) );
|
|
}
|
|
|
|
if ( time() > $record['created_at'] + $ttl ) {
|
|
return new WP_Error( 'key_expired', __( 'Recovery key expired.' ) );
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Removes expired recovery mode keys.
|
|
*
|
|
* @since 5.2.0
|
|
*
|
|
* @param int $ttl Time in seconds for the keys to be valid for.
|
|
*/
|
|
public function clean_expired_keys( $ttl ) {
|
|
|
|
$records = $this->get_keys();
|
|
|
|
foreach ( $records as $key => $record ) {
|
|
if ( ! isset( $record['created_at'] ) || time() > $record['created_at'] + $ttl ) {
|
|
unset( $records[ $key ] );
|
|
}
|
|
}
|
|
|
|
$this->update_keys( $records );
|
|
}
|
|
|
|
/**
|
|
* Removes a used recovery key.
|
|
*
|
|
* @since 5.2.0
|
|
*
|
|
* @param string $token The token used when generating a recovery mode key.
|
|
*/
|
|
private function remove_key( $token ) {
|
|
|
|
$records = $this->get_keys();
|
|
|
|
if ( ! isset( $records[ $token ] ) ) {
|
|
return;
|
|
}
|
|
|
|
unset( $records[ $token ] );
|
|
|
|
$this->update_keys( $records );
|
|
}
|
|
|
|
/**
|
|
* Gets the recovery key records.
|
|
*
|
|
* @since 5.2.0
|
|
* @since 6.8.0 Each key is now hashed using wp_fast_hash() instead of phpass.
|
|
* Existing keys may still be hashed using phpass.
|
|
*
|
|
* @return array {
|
|
* Associative array of token => data pairs, where the data is an associative
|
|
* array of information about the key.
|
|
*
|
|
* @type array ...$0 {
|
|
* Information about the key.
|
|
*
|
|
* @type string $hashed_key The hashed value of the key.
|
|
* @type int $created_at The timestamp when the key was created.
|
|
* }
|
|
* }
|
|
*/
|
|
private function get_keys() {
|
|
return (array) get_option( $this->option_name, array() );
|
|
}
|
|
|
|
/**
|
|
* Updates the recovery key records.
|
|
*
|
|
* @since 5.2.0
|
|
* @since 6.8.0 Each key should now be hashed using wp_fast_hash() instead of phpass.
|
|
*
|
|
* @param array $keys {
|
|
* Associative array of token => data pairs, where the data is an associative
|
|
* array of information about the key.
|
|
*
|
|
* @type array ...$0 {
|
|
* Information about the key.
|
|
*
|
|
* @type string $hashed_key The hashed value of the key.
|
|
* @type int $created_at The timestamp when the key was created.
|
|
* }
|
|
* }
|
|
* @return bool True on success, false on failure.
|
|
*/
|
|
private function update_keys( array $keys ) {
|
|
return update_option( $this->option_name, $keys, false );
|
|
}
|
|
}
|