verifyToken(); $this->checkPermissions(); return $this->processRoute(); } function setupPublic() { $this->verifyToken(); return $this->processRoute(); } function processRoute() { $class = ucfirst($_POST['endpoint']); $endpoint = __NAMESPACE__ . "\\" . $class; $method = $_POST['method']; $doing_ajax = (bool)(defined('DOING_AJAX') && DOING_AJAX); if($doing_ajax) { $data = isset($_POST['data']) ? stripslashes_deep($_POST['data']) : array(); } else { $data = $_POST; } if(is_array($data) && !empty($data)) { // filter out reserved keywords from data $reserved_keywords = array( 'token', 'endpoint', 'method', 'mailpoet_redirect' ); $data = array_diff_key($data, array_flip($reserved_keywords)); } try { $endpoint = new $endpoint(); $response = $endpoint->$method($data); wp_send_json($response); } catch(\Exception $e) { error_log($e->getMessage()); exit; } } function setToken() { $global = ''; echo $global; } function checkPermissions() { if(!current_user_can('manage_options')) { die(); } } function verifyToken() { if( empty($_POST['token']) || !wp_verify_nonce($_POST['token'], 'mailpoet_token') ) { die(); } } }