WP DSGVO Tools - Version 2.2.8

Version Description

Security improvement
Hide Cookie Notice Popup for Googlebot
Improved User Privacy Settings
Fixed bug with cookie validity time

Release Info

Developer	shapepress
Plugin	WP DSGVO Tools
Version	2.2.8
Comparing to
See all releases

Code changes from version 2.2.7 to 2.2.8

Files changed (12) hide show

README.txt +8 -2
admin/class-sp-dsgvo-admin.php +1 -1
admin/tabs/cookie-notice/class-sp-dsgvo-cookie-notice-action.php +1 -0
admin/tabs/cookie-notice/page.php +3 -3
includes/helpers.php +76 -2
includes/models/subject-access-request.php +1 -2
public/actions/user-permissions.php +1 -1
public/class-sp-dsgvo-public.php +30 -0
public/js/sp-dsgvo-public.js +1 -1
public/shortcodes/privacy-settings-form-alt.php +2 -2
public/shortcodes/privacy-settings-form.php +2 -2
sp-dsgvo.php +2 -2

README.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: Shapepress
3	Donate link: https://wp-dsgvo.eu
4	Tags: gdpr, dsgvo, datenschutz, wordpress, compliance, data, privacy, woocommerce,
5	Requires at least: 3.0.1
6	- Tested up to: 5.0.1
7	- Stable tag: 2.2.7
8	Requires PHP: 5.6.0
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
	@@ -80,6 +80,12 @@ Important: Disable other cookie notice plugins and Google Analytics or FB Pixel
80
81	== Changelog ==
82






83	= 2.2.7 =
84	* WPML improvement
85


3	Donate link: https://wp-dsgvo.eu
4	Tags: gdpr, dsgvo, datenschutz, wordpress, compliance, data, privacy, woocommerce,
5	Requires at least: 3.0.1
6	+ Tested up to: 5.0.4
7	+ Stable tag: 2.2.8
8	Requires PHP: 5.6.0
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html

80
81	== Changelog ==
82
83	+ = 2.2.8 =
84	+ * Security improvement
85	+ * Hide Cookie Notice Popup for Googlebot
86	+ * Improved User Privacy Settings
87	+ * Fixed bug with cookie validity time
88	+
89	= 2.2.7 =
90	* WPML improvement
91

admin/class-sp-dsgvo-admin.php CHANGED Viewed

	@@ -67,7 +67,7 @@ class SPDSGVOAdmin{
67	$user = wp_get_current_user();
68	$allowed_roles = array('administrator');
69
70	- if( array_intersect($allowed_roles, $user->roles ) ) {
71
72
73	$svg = 'data:image/svg+xml;base64,'. base64_encode(file_get_contents(SPDSGVO::pluginDir('admin/images/logo.svg')));


67	$user = wp_get_current_user();
68	$allowed_roles = array('administrator');
69
70	+ if( array_intersect($allowed_roles, $user->roles ) \|\| is_super_admin() ) {
71
72
73	$svg = 'data:image/svg+xml;base64,'. base64_encode(file_get_contents(SPDSGVO::pluginDir('admin/images/logo.svg')));

admin/tabs/cookie-notice/class-sp-dsgvo-cookie-notice-action.php CHANGED Viewed

	@@ -76,6 +76,7 @@ Class SPDSGVOCookieNoticeAction extends SPDSGVOAjaxAction{
76	SPDSGVOSettings::set('accept_button_bg_color', $this->get('accept_button_bg_color', '#4285f'));
77	SPDSGVOSettings::set('cn_reload_on_confirm_popup', $this->get('cn_reload_on_confirm_popup', '0'));
78	/* i592995 */

79	}
80
81	$this->returnBack();


76	SPDSGVOSettings::set('accept_button_bg_color', $this->get('accept_button_bg_color', '#4285f'));
77	SPDSGVOSettings::set('cn_reload_on_confirm_popup', $this->get('cn_reload_on_confirm_popup', '0'));
78	/* i592995 */
79	+ SPDSGVOSettings::set('cn_cookie_validity_popup', $this->get('cn_cookie_validity_popup', '86400'));
80	}
81
82	$this->returnBack();

admin/tabs/cookie-notice/page.php CHANGED Viewed

	@@ -166,9 +166,9 @@
166	<tr>
167	<th scope="row"><?php _e('Validity:','shapepress-dsgvo')?></th>
168	<td>
169	- <?php $cnCookieValidity = SPDSGVOSettings::get('~~cn_cookie_validity~~'); ?>
170	- <label for="~~cn_cookie_validity~~"> <select name="~~cn_cookie_validity~~"
171	- id="~~cn_cookie_validity~~">
172	<option value="86400" <?= selected($cnCookieValidity == 86400) ?>>1
173	<?php _e('Tag','shapepress-dsgvo')?></option>
174	<option value="604800" <?= selected($cnCookieValidity == 604800) ?>>1


166	<tr>
167	<th scope="row"><?php _e('Validity:','shapepress-dsgvo')?></th>
168	<td>
169	+ <?php $cnCookieValidity = SPDSGVOSettings::get('cn_cookie_validity_popup'); ?>
170	+ <label for="cn_cookie_validity_popup"> <select name="cn_cookie_validity_popup"
171	+ id="cn_cookie_validity_popup">
172	<option value="86400" <?= selected($cnCookieValidity == 86400) ?>>1
173	<?php _e('Tag','shapepress-dsgvo')?></option>
174	<option value="604800" <?= selected($cnCookieValidity == 604800) ?>>1

includes/helpers.php CHANGED Viewed

@@ -123,7 +123,7 @@ if (! function_exists('hasUserGivenPermissionFor')) {
                             $userPermissions = get_user_meta($user->ID, 'sp_dsgvo_user_permissions', TRUE);
                         } else {
                             $userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
-            -
                            $userPermissions = unserialize(stripslashes($userPermissions));
                             checkCookies($userPermissions);
+                        }
@@ -141,7 +141,7 @@ if (! function_exists('hasUserGivenPermissionFor')) {
                     } else {
                         $userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
-            -
                        $userPermissions = unserialize(stripslashes($userPermissions));
                         checkCookies($userPermissions);
+                    }
@@ -464,3 +464,77 @@ if(!function_exists('facebookPixelScript')) :
             endif;
             /* i592995 */


123	$userPermissions = get_user_meta($user->ID, 'sp_dsgvo_user_permissions', TRUE);
124	} else {
125	$userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
126	+ $userPermissions = saveUnserializeCookie($userPermissions);
127	checkCookies($userPermissions);
128	}
129

141	} else {
142
143	$userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
144	+ $userPermissions = saveUnserializeCookie($userPermissions);
145	checkCookies($userPermissions);
146	}
147

464	endif;
465
466	/* i592995 */
467	+
468	+ // Thanks to Felix :)
469	+ if (! function_exists('hasUserGivenPermissionForOrDefault')) {
470	+
471	+ function hasUserGivenPermissionForOrDefault($slug)
472	+ {
473	+ //error_log('hasUserGivenPermissionFor: '.$slug);
474	+ $user = wp_get_current_user();
475	+
476	+ if ($slug === 'cookies') {
477	+ $cnAccepted = SPDSGVOPublic::cookies_accepted_default();//sp_dsgvo_cn_cookies_accepted();
478	+
479	+ if ($user instanceof WP_User && $user->ID) {
480	+ $userPermissions = get_user_meta($user->ID, 'sp_dsgvo_user_permissions', TRUE);
481	+ } else {
482	+ $userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
483	+ $userPermissions = saveUnserializeCookie($userPermissions);
484	+ checkCookies($userPermissions);
485	+ }
486	+
487	+ if (isset($userPermissions['cookies'])) {
488	+ return $userPermissions['cookies'] == '1' \|\| $cnAccepted;
489	+ }
490	+
491	+ // error_log('hasUserGivenPermissionFor: '.$slug .': '. 'NULL');
492	+ return $cnAccepted; // at last its false -> opt-in
493	+ }
494	+
495	+ if ($user instanceof WP_User && $user->ID) {
496	+
497	+ $userPermissions = get_user_meta($user->ID, 'sp_dsgvo_user_permissions', TRUE);
498	+ } else {
499	+
500	+ $userPermissions = @$_COOKIE['sp_dsgvo_user_permissions'];
501	+ $userPermissions = saveUnserializeCookie($userPermissions);
502	+ checkCookies($userPermissions);
503	+ }
504	+
505	+ // error_log('$userPermissions');
506	+ // error_log(implode(',',$userPermissions));
507	+
508	+ if (isset($userPermissions[$slug])) {
509	+ // error_log('hasUserGivenPermissionFor: ' . $slug);
510	+ // error_log($userPermissions[$slug]);
511	+ // error_log($userPermissions[$slug] == '1');
512	+ return $userPermissions[$slug] == '1';
513	+ } else {
514	+ $defaults = SPDSGVOSettings::get('services');
515	+
516	+ if (isset($defaults[$slug])) {
517	+ //error_log('hasUserGivenPermissionFor: ' . $slug . ': ' . @$defaults[$slug]['default'] === '1');
518	+ return @$defaults[$slug]['default'] === '1';
519	+ }
520	+
521	+ //error_log('hasUserGivenPermissionFor: ' . $slug . ': ' . 'FALSE');
522	+ return FALSE;
523	+ }
524	+ }
525	+ }
526	+
527	+ if (! function_exists('saveUnserializeCookie')) {
528	+
529	+ function saveUnserializeCookie($cookieContent)
530	+ {
531	+ if (true )
532	+ {
533	+ return json_decode(stripslashes($cookieContent), true); //unserialize(stripslashes($cookieContent));
534	+ }
535	+ else {
536	+ return null;
537	+ }
538	+ }
539	+ }
540	+

includes/models/subject-access-request.php CHANGED Viewed

	@@ -60,8 +60,7 @@ Class SPDSGVOSubjectAccessRequest extends SPDSGVOModel {
60	}
61	}
62
63	- $locale = ~~get_locale~~();
64	- if (substr( $locale, 0, 5 ) === 'de_DE') $locale = 'de_DE';
65
66	// Send Email
67	$email = SPDSGVOMail::init()


60	}
61	}
62
63	+ $locale = spDsgvoGetLocale();

64
65	// Send Email
66	$email = SPDSGVOMail::init()

public/actions/user-permissions.php CHANGED Viewed

	@@ -45,7 +45,7 @@ Class SPDSGVOUserPermissionsAction extends SPDSGVOAjaxAction{
45	}
46	header('Location: '. home_url() .'?v='.time());
47	} else {
48	- setcookie('sp_dsgvo_user_permissions', ~~serialize~~($meta), (time()+(3652460*60)), '/');
49	header('Location: '. get_page_link(SPDSGVOSettings::get('user_permissions_page')) .'?v='.time());
50	}
51	die;


45	}
46	header('Location: '. home_url() .'?v='.time());
47	} else {
48	+ setcookie('sp_dsgvo_user_permissions', json_encode($meta), (time()+(3652460*60)), '/');
49	header('Location: '. get_page_link(SPDSGVOSettings::get('user_permissions_page')) .'?v='.time());
50	}
51	die;

public/class-sp-dsgvo-public.php CHANGED Viewed

	@@ -83,6 +83,7 @@ class SPDSGVOPublic
83	'cookieName' => self::$cookie['name'],
84	'cookieValue' => self::$cookie['value'],
85	'cookieTime' => SPDSGVOSettings::get('cn_cookie_validity'),

86	'cookiePath' => (defined('COOKIEPATH') ? COOKIEPATH : ''),
87	'cookieDomain' => (defined('COOKIE_DOMAIN') ? COOKIE_DOMAIN : ''),
88	'redirection' => SPDSGVOSettings::get('cn_reload_on_confirm'),
	@@ -253,6 +254,11 @@ class SPDSGVOPublic
253	*/
254	public function policyPopup()
255	{





256	if (SPDSGVOSettings::get('cookie_notice_display') == 'policy_popup') :
257	$overlay_class = 'dsgvo-popup-overlay sp-dsgvo-framework dsgvo-overlay-hidden';
258	if(!hasUserAcceptedPopup()) {
	@@ -782,6 +788,28 @@ class SPDSGVOPublic
782	}
783	}
784	}






















785
786	}
787
	@@ -794,3 +822,5 @@ function sp_dsgvo_cn_cookies_accepted()
794	{
795	return (bool) SPDSGVOPublic::cookies_accepted();
796	}


83	'cookieName' => self::$cookie['name'],
84	'cookieValue' => self::$cookie['value'],
85	'cookieTime' => SPDSGVOSettings::get('cn_cookie_validity'),
86	+ 'cookieTimePopup' => SPDSGVOSettings::get('cn_cookie_validity_popup'),
87	'cookiePath' => (defined('COOKIEPATH') ? COOKIEPATH : ''),
88	'cookieDomain' => (defined('COOKIE_DOMAIN') ? COOKIE_DOMAIN : ''),
89	'redirection' => SPDSGVOSettings::get('cn_reload_on_confirm'),

254	*/
255	public function policyPopup()
256	{
257	+ if(strstr(strtolower($_SERVER['HTTP_USER_AGENT']), "googlebot"))
258	+ {
259	+ return; // dont show popup to google
260	+ }
261	+
262	if (SPDSGVOSettings::get('cookie_notice_display') == 'policy_popup') :
263	$overlay_class = 'dsgvo-popup-overlay sp-dsgvo-framework dsgvo-overlay-hidden';
264	if(!hasUserAcceptedPopup()) {

788	}
789	}
790	}
791	+
792	+ /**
793	+ * Checks if third party non functional cookies are accepted/rejected or returns default
794	+ * Thanks to Felix :)
795	+ * @return bool
796	+ */
797	+ public static function cookies_accepted_default()
798	+ {
799	+ $userHadDecision = isset($_COOKIE[self::$cookie['name']]) \|\| isset($_COOKIE[self::$cookiePopup['name']]);
800	+ if($userHadDecision){
801	+ $noticeAccepted = strtoupper($_COOKIE[self::$cookie['name']]) === self::$cookie['value'];
802	+ $popupAccepted = strtoupper($_COOKIE[self::$cookiePopup['name']]) === self::$cookiePopup['value'];
803	+ return apply_filters('cn_is_cookie_accepted', $noticeAccepted \|\| $popupAccepted);
804	+ }else{
805	+ $defaults = SPDSGVOSettings::get('services');
806	+ if (isset($defaults['cookies'])) {
807	+ return @$defaults['cookies']['default'] === '1';
808	+ }
809	+ }
810	+ //error_log('hasUserGivenPermissionFor: ' . $slug . ': ' . 'FALSE');
811	+ return FALSE;
812	+ }
813
814	}
815

822	{
823	return (bool) SPDSGVOPublic::cookies_accepted();
824	}
825	+
826	+

public/js/sp-dsgvo-public.js CHANGED Viewed

	@@ -335,7 +335,7 @@ function getCookieValue(a) {
335	} );
336	} );
337	var d = new Date();
338	- d.setTime(d.getTime() + parseInt( cnArgs.~~cookieTime~~ ) * 1000);
339	var expires = "expires="+ d.toUTCString();
340	document.cookie = "sp_dsgvo_popup=1;" + expires + ";path=/";
341	$('.dsgvo-popup-overlay').remove();


335	} );
336	} );
337	var d = new Date();
338	+ d.setTime(d.getTime() + parseInt( cnArgs.cookieTimePopup ) * 1000);
339	var expires = "expires="+ d.toUTCString();
340	document.cookie = "sp_dsgvo_popup=1;" + expires + ";path=/";
341	$('.dsgvo-popup-overlay').remove();

public/shortcodes/privacy-settings-form-alt.php CHANGED Viewed

	@@ -61,10 +61,10 @@ function SPDSGVOUserPrivacySettingsFormShortcodeAlt($atts)
61	</p>
62	<select name="<?= $slug ?>">
63	<option
64	- <?= (~~hasUserGivenPermissionFor~~($service['slug']))? ' selected ' : '' ?>
65	value="1"><?php _e('Yes','shapepress-dsgvo')?></option>
66	<option
67	- <?= (~~hasUserGivenPermissionFor~~($service['slug']))? '' : ' selected ' ?>
68	value="0"><?php _e('No','shapepress-dsgvo')?></option>
69	</select>
70	</div>


61	</p>
62	<select name="<?= $slug ?>">
63	<option
64	+ <?= (hasUserGivenPermissionForOrDefault($service['slug']))? ' selected ' : '' ?>
65	value="1"><?php _e('Yes','shapepress-dsgvo')?></option>
66	<option
67	+ <?= (hasUserGivenPermissionForOrDefault($service['slug']))? '' : ' selected ' ?>
68	value="0"><?php _e('No','shapepress-dsgvo')?></option>
69	</select>
70	</div>

public/shortcodes/privacy-settings-form.php CHANGED Viewed

	@@ -30,10 +30,10 @@ function SPDSGVOUserPrivacySettingsFormShortcode($atts)
30	</div>
31	<div class="column"><select name="services[<?= $slug ?>]">
32	<option
33	- <?= (~~hasUserGivenPermissionFor~~($service['slug']))? ' selected ' : '' ?>
34	value="1"><?php _e('Yes','shapepress-dsgvo')?></option>
35	<option
36	- <?= (~~hasUserGivenPermissionFor~~($service['slug']))? '' : ' selected ' ?>
37	value="0"><?php _e('No','shapepress-dsgvo')?></option>
38	</select></div>
39	</div>


30	</div>
31	<div class="column"><select name="services[<?= $slug ?>]">
32	<option
33	+ <?= (hasUserGivenPermissionForOrDefault($service['slug']))? ' selected ' : '' ?>
34	value="1"><?php _e('Yes','shapepress-dsgvo')?></option>
35	<option
36	+ <?= (hasUserGivenPermissionForOrDefault($service['slug']))? '' : ' selected ' ?>
37	value="0"><?php _e('No','shapepress-dsgvo')?></option>
38	</select></div>
39	</div>

sp-dsgvo.php CHANGED Viewed

	@@ -16,7 +16,7 @@
16	* Plugin Name: WP DSGVO Tools (GDPR)
17	* Plugin URI: https://wp-dsgvo.eu
18	* Description: WP DSGVO Tools (GDPR) help you to fulfill the GDPR (DGSVO) compliance guidance (<a target="_blank" href="https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/">GDPR</a>)
19	- * Version: 2.2.7
20	* Author: Shapepress eU
21	* Author URI: https://www.shapepress.com
22	* License URI: http://www.gnu.org/licenses/gpl-2.0.txt
	@@ -28,7 +28,7 @@ if (! defined('WPINC')) {
28	die();
29	}
30
31	- define('sp_dsgvo_VERSION', '2.2.7');
32	define('sp_dsgvo_NAME', 'sp-dsgvo');
33	/* i592995 */
34	define('sp_dsgvo_URL', plugin_dir_url( __FILE__ ));


16	* Plugin Name: WP DSGVO Tools (GDPR)
17	* Plugin URI: https://wp-dsgvo.eu
18	* Description: WP DSGVO Tools (GDPR) help you to fulfill the GDPR (DGSVO) compliance guidance (<a target="_blank" href="https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/">GDPR</a>)
19	+ * Version: 2.2.8
20	* Author: Shapepress eU
21	* Author URI: https://www.shapepress.com
22	* License URI: http://www.gnu.org/licenses/gpl-2.0.txt

28	die();
29	}
30
31	+ define('sp_dsgvo_VERSION', '2.2.8');
32	define('sp_dsgvo_NAME', 'sp-dsgvo');
33	/* i592995 */
34	define('sp_dsgvo_URL', plugin_dir_url( __FILE__ ));