Site Builder
Editing:
bestdealon-io.php
writable 0666
<?php /** * Plugin Name: BestDealOn IO * Description : Receives authenticated JSON (profile, coupons, links…) from partner sites and writes them into /home/bestdealon/public_html/. * Version : 1.0.1 * Author : BestDealOn */ if (!defined('ABSPATH')) { exit; } /* ------------------------------------------------------------------ * CONFIG – adjust if your public‑html root is different * ----------------------------------------------------------------*/ const BDO_PUBLIC_ROOT = '/home/bestdealon/public_html/'; // trailing “/” required global $wpdb; define('BDO_ACCOUNTS', $wpdb->prefix . 'bdo_accounts'); // created by Authenticator define('BDO_IO_LOG', $wpdb->prefix . 'bdo_io_log'); /* ---------- create tiny log table on activation ---------- */ register_activation_hook(__FILE__, function () { global $wpdb; $charset = $wpdb->get_charset_collate(); $wpdb->query("CREATE TABLE IF NOT EXISTS " . BDO_IO_LOG . " ( id BIGINT UNSIGNED AUTO_INCREMENT PRIMARY KEY, identifier VARCHAR(32) NOT NULL, module VARCHAR(32) NOT NULL, ip VARBINARY(16) NOT NULL, created DATETIME NOT NULL ) $charset;"); }); /* ------------------------------------------------------------------ * REST ROUTE /wp-json/bdo-io/v1/update * ----------------------------------------------------------------*/ add_action('rest_api_init', function () { register_rest_route( 'bdo-io/v1', '/update', [ 'methods' => 'POST', 'callback' => 'bdo_io_handle_update', 'permission_callback' => '__return_true' // secret‑based auth happens inside ] ); }); /* ------------------------------------------------------------------ */ function bdo_io_handle_update(WP_REST_Request $req) { $ident = sanitize_text_field($req['identifier']); $secret = $req['secret'] ?? ''; $module = sanitize_key($req['module']); $json = $req['payload']; /* ---- basic checks ---- */ $allowed = ['profile','coupon','links','prompts','social','new-social']; if (!$ident || !$secret || !in_array($module, $allowed, true) || !is_array($json)) { return new WP_Error('bdo_bad', 'Missing or invalid fields', ['status' => 400]); } /* ---- look up account & verify secret ---- */ global $wpdb; $row = $wpdb->get_row( $wpdb->prepare("SELECT * FROM " . BDO_ACCOUNTS . " WHERE identifier=%s", $ident) ); if (!$row) { return new WP_Error('bdo_noacct', 'Unknown identifier', ['status' => 404]); } if (!password_verify($secret, $row->secret_hash)) { return new WP_Error('bdo_auth', 'Wrong secret', ['status' => 403]); } /* ---- build absolute directory path ---- */ // $row->path already contains "ph/<phone>" or "social/<user>" $dir = trailingslashit(BDO_PUBLIC_ROOT . $row->path); /* create directories recursively */ if (!wp_mkdir_p($dir)) { return new WP_Error('bdo_perm', 'Unable to create directory', ['status' => 500]); } /* ensure marker file exists so public pages keep working */ $marker = $dir . ($row->acct_type === 'ph' ? 'business.json' : 'social.json'); if (!file_exists($marker)) { file_put_contents($marker, '{}'); } /* ---- write the requested module file ---- */ if ($module === 'profile') { // Profile payloads: route to business.json for "ph" accounts, or social.json otherwise $filename = ($row->acct_type === 'ph') ? 'business.json' : 'social.json'; } else { $filename = $module . '.json'; } $file = $dir . $filename; $ok = file_put_contents( $file, wp_json_encode($json, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES) ); if ($ok === false) { return new WP_Error('bdo_write', 'Failed to write file', ['status' => 500]); } /* ---- lightweight log ---- */ $wpdb->insert(BDO_IO_LOG, [ 'identifier' => $ident, 'module' => $module, 'ip' => inet_pton($_SERVER['REMOTE_ADDR']), 'created' => current_time('mysql') ]); return [ 'success' => true, 'file' => basename($file) ]; }
Save changes
Create folder
writable 0777
Create
Cancel