'Unauthorized'], 403);
}
$title = sanitize_text_field($_POST['title'] ?? '');
$description = sanitize_text_field($_POST['description'] ?? '');
$image_url = esc_url_raw($_POST['image_url'] ?? '');
$html_content = wp_kses_post($_POST['html_content'] ?? '');
if ($title === '' || $image_url === '') {
wp_send_json_error(['message' => 'Missing title or image'], 400);
}
$slug = sanitize_key(wp_generate_password(12, false, false));
$upload = wp_upload_dir();
$base_dir = trailingslashit($upload['basedir']) . 'brassgate-sharecards/' . $slug;
if (!wp_mkdir_p($base_dir)) {
wp_send_json_error(['message' => 'Unable to prepare sharecard storage'], 500);
}
$og_url = trailingslashit(home_url('/share/i/' . $slug . '/'));
$html = "";
$html .= '' . esc_html($title) . ' ';
$html .= '';
$html .= '' . $html_content . ' ';
$html .= '';
$file = trailingslashit($base_dir) . 'index.html';
if (file_put_contents($file, $html) === false) {
wp_send_json_error(['message' => 'Unable to write sharecard'], 500);
}
$card = [
'slug' => $slug,
'title' => $title,
'description' => $description,
'image_url' => $image_url,
'created_at' => current_time('mysql'),
];
$existing = get_option('bgad_sharecards', []);
if (!is_array($existing)) $existing = [];
$existing[$slug] = $card;
update_option('bgad_sharecards', $existing, false);
wp_send_json_success([
'slug' => $slug,
'share_url' => $og_url,
'image_url' => $image_url,
'title' => $title,
'description' => $description,
]);
}
/**
* Sideload an existing backend image into the WP media library for sharing.
*/
public static function ajax_sideload_backend_image() {
self::check_nonce();
if (!current_user_can('manage_options')) {
wp_send_json_error(['message' => 'Unauthorized'], 403);
}
$image_url = esc_url_raw($_POST['image_url'] ?? '');
$platform = sanitize_key($_POST['platform'] ?? 'social');
if (!$image_url) {
wp_send_json_error(['message' => 'Missing image URL'], 400);
}
$ext = strtolower(pathinfo(parse_url($image_url, PHP_URL_PATH), PATHINFO_EXTENSION));
if (!$ext) {
// Some signed URLs store the real filename in the query string (?path=/mnt/...jpg)
$qs = [];
parse_str((string) parse_url($image_url, PHP_URL_QUERY), $qs);
if (!empty($qs['path']) && is_string($qs['path'])) {
$ext = strtolower(pathinfo($qs['path'], PATHINFO_EXTENSION));
}
}
$resp = wp_remote_get($image_url, ['timeout' => 20]);
if (is_wp_error($resp)) {
wp_send_json_error(['message' => $resp->get_error_message()], 500);
}
$code = (int) wp_remote_retrieve_response_code($resp);
$body = wp_remote_retrieve_body($resp);
$ctype = wp_remote_retrieve_header($resp, 'content-type');
if ($code < 200 || $code >= 300 || !$body) {
wp_send_json_error(['message' => 'Unable to fetch image'], 500);
}
$ctypeValid = $ctype && preg_match('#^image/(jpe?g|png)$#i', $ctype);
$extValid = in_array($ext, ['jpg', 'jpeg', 'png'], true);
if (!$ctypeValid && !$extValid) {
wp_send_json_error(['message' => 'Only JPG and PNG are allowed'], 400);
}
// Normalize extension and mime type
if (!$extValid) {
$ext = stripos((string) $ctype, 'png') !== false ? 'png' : 'jpg';
}
$ext = $ext === 'jpeg' ? 'jpg' : $ext;
if (!$ctypeValid) {
// Fallback to extension-derived mime when remote server omits/uses octet-stream
$ctype = $ext === 'png' ? 'image/png' : 'image/jpeg';
} else {
// Ensure jpeg mime normalizes to jpg extension if extension was empty
if (!$ext) {
$ext = stripos($ctype, 'png') !== false ? 'png' : 'jpg';
}
}
$tmp = wp_tempnam($image_url);
if (!$tmp) {
wp_send_json_error(['message' => 'Unable to create temp file'], 500);
}
if (file_put_contents($tmp, $body) === false) {
@unlink($tmp);
wp_send_json_error(['message' => 'Unable to write temp file'], 500);
}
$filename = sprintf('brassgate-share-%s-%s.%s', $platform ?: 'social', time(), $ext ?: 'jpg');
$file = [
'name' => sanitize_file_name($filename),
'tmp_name' => $tmp,
'type' => $ctype ?: 'image/' . ($ext === 'png' ? 'png' : 'jpeg'),
'size' => filesize($tmp),
'error' => 0,
];
require_once ABSPATH . 'wp-admin/includes/file.php';
require_once ABSPATH . 'wp-admin/includes/media.php';
require_once ABSPATH . 'wp-admin/includes/image.php';
$sideload = media_handle_sideload($file, 0);
@unlink($tmp);
if (is_wp_error($sideload)) {
wp_send_json_error(['message' => $sideload->get_error_message()], 500);
}
$url = wp_get_attachment_url($sideload);
if (!$url) {
wp_send_json_error(['message' => 'Upload did not return a URL'], 500);
}
wp_send_json_success([
'public_url' => $url,
'attachment_id' => $sideload,
]);
}
/** ---------- Social share uploads (sideload existing image) ---------- */
public static function ajax_upload_share_image() {
self::check_nonce();
if (!self::user_has_plan()) {
wp_send_json_error(['message' => 'Unauthorized'], 403);
}
if (empty($_FILES['share_image'])) {
wp_send_json_error(['message' => 'No image provided'], 400);
}
$file = $_FILES['share_image'];
$file['name'] = 'brassgate-share-' . uniqid('', true) . '-' . sanitize_file_name($file['name']);
require_once ABSPATH . 'wp-admin/includes/file.php';
$overrides = ['test_form' => false];
$uploaded = wp_handle_sideload($file, $overrides);
if (isset($uploaded['error'])) {
wp_send_json_error(['message' => $uploaded['error']], 500);
}
$url = $uploaded['url'] ?? '';
$type = $uploaded['type'] ?? '';
$file_path = $uploaded['file'] ?? '';
$attachment_id = 0;
if ($url && $file_path) {
$attachment = [
'post_mime_type' => $type,
'post_title' => preg_replace('/\.[^.]+$/', '', basename($file_path)),
'post_content' => '',
'post_status' => 'inherit'
];
$attachment_id = wp_insert_attachment($attachment, $file_path);
if (!is_wp_error($attachment_id)) {
require_once ABSPATH . 'wp-admin/includes/image.php';
$attach_data = wp_generate_attachment_metadata($attachment_id, $file_path);
wp_update_attachment_metadata($attachment_id, $attach_data);
}
}
if (empty($url)) {
wp_send_json(['success' => false, 'message' => 'Upload did not return a URL.'], 500);
}
wp_send_json_success([
'public_url' => $url,
'url' => $url,
'attachment_id' => $attachment_id,
]);
}
// Remove the default first submenu that mirrors the top-level page slug,
// so our numbered items lead the list.
public static function fix_submenu_order() {
remove_submenu_page(self::SLUG, self::SLUG);
}
public static function redirect_legacy_content_studio() {
if (!is_admin()) {
return;
}
$page = isset($_GET['page']) ? sanitize_key($_GET['page']) : '';
if ($page !== self::SLUG . '-home') {
return;
}
$target = admin_url('admin.php?page=' . self::CONTENT_STUDIO_PAGE);
if (!headers_sent()) {
wp_safe_redirect($target);
exit;
}
echo '';
exit;
}
public static function redirect_legacy_large_video() {
if (!is_admin()) {
return;
}
$page = isset($_GET['page']) ? sanitize_key($_GET['page']) : '';
$legacy_slugs = array(
self::SLUG_LVI => __('Large Video Interrogator has moved to Large Video Storage.', 'bgad'),
self::SLUG_LVS => __('Large Video Suite has moved to Large Video Storage.', 'bgad'),
'lvs-director-v3' => __('Large Video Suite Director has moved to Large Video Storage.', 'bgad'),
'lvs-storage-v3' => __('Large Video Storage has moved to the refreshed Large Video Storage page.', 'bgad'),
);
if (!isset($legacy_slugs[$page])) {
return;
}
$target = admin_url('admin.php?page=' . self::SLUG_LARGE_VIDEO_STORAGE);
if (!headers_sent()) {
wp_safe_redirect($target);
exit;
}
$notice = $legacy_slugs[$page];
echo '';
exit;
}
public static function redirect_legacy_secretary() {
if (!is_admin()) {
return;
}
$page = isset($_GET['page']) ? sanitize_key($_GET['page']) : '';
if ($page !== self::SLUG_SECRETARY_LEGACY && $page !== self::SLUG_SECRETARY_GMAIL_AUTH_LEGACY) {
return;
}
$target_page = ($page === self::SLUG_SECRETARY_GMAIL_AUTH_LEGACY)
? self::SLUG_SECRETARY_GMAIL_AUTH
: self::SLUG_SECRETARY;
$target = admin_url('admin.php?page=' . $target_page);
if (!headers_sent()) {
wp_safe_redirect($target);
exit;
}
echo '';
exit;
}
/** LaunchOS SSO removed */
/** LaunchOS Workbench routes removed */
/** ---------------- Admin Notices (stability) ---------------- */
public static function admin_notices() {
if (!is_admin() || !current_user_can('manage_options')) return;
$page = isset($_GET['page']) ? sanitize_key($_GET['page']) : '';
if ($page !== self::SLUG_ADCHAT && $page !== self::SLUG) return;
$key = self::guess_client_key();
if (!$key) {
echo 'Assistants Deluxe: No client API key detected. Set BRASSGATE_CLIENT_KEY in env or add a User/Manager API key to your profile to enable chat and document lookups.
';
$tpl = __DIR__ . '/pages/videos.php';
if (file_exists($tpl)) include $tpl; else echo '
Videos Template missing.
';
echo '
Large Video Storage This feature has been removed.
Large Video Uploader This feature has been removed.
Video Director This feature has been removed.
';
$tpl = __DIR__ . '/pages/videos-portrait.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Portrait Video Storage Template missing.
';
}
echo '
';
$tpl = __DIR__ . '/pages/audio.php';
if (file_exists($tpl)) include $tpl; else echo '
Audio Generation Template missing.
';
echo '
';
$tpl = __DIR__ . '/pages/music.php';
if (file_exists($tpl)) include $tpl; else echo '
Music Generation Template missing.
';
echo '
';
$tpl = __DIR__ . '/pages/video-studio.php';
if (file_exists($tpl)) include $tpl; else echo '
Video Studio Template missing.
';
echo '
';
$tpl = __DIR__ . '/pages/image-manager.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Image Manager Template missing.
';
}
echo '
' . esc_html__('Large Video Interrogator has been replaced by the Large Video Suite. You were redirected to the new experience.', 'bgad') . '
Large Video Suite Template missing.
';
$tpl = __DIR__ . '/pages/vertical-socials-helper.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Vertical Socials Helper Template missing.
';
}
echo '
';
$tpl = __DIR__ . '/pages/horizontal-socials.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Video Socials (Horizontal) Template missing.
';
}
echo '
';
$tpl = __DIR__ . '/pages/audio-test-music.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Audio Test Template missing.
';
}
echo '
';
$tpl = __DIR__ . '/pages/splash.php';
if (file_exists($tpl)) include $tpl; else echo '
Splash Images Template missing.
';
echo '
';
$tpl = __DIR__ . '/pages/live-director.php';
if (file_exists($tpl)) include $tpl; else echo '
Live Director Template missing.
';
echo '
';
$tpl = __DIR__ . '/pages/overlays-lower-thirds.php';
if (file_exists($tpl)) include $tpl; else echo '
Lower Thirds Template missing.
';
echo '
Video Studio Debug This feature has been removed.
' . esc_html__('You do not have permission to access Admin File Cull.', 'bgad') . '
';
$tpl = __DIR__ . '/pages/admin-file-cull.php';
if (file_exists($tpl)) {
include $tpl;
} else {
echo '
Admin File Cull Template missing.
';
}
echo '
' . esc_html__('Articles & Socials (2) assets missing:', 'brassgate-assistants-deluxe') . ' ' . esc_html(implode(', ', $missing)) . '
' . esc_html__('Articles and Social Media assets are missing. Ensure assets/css/articles-socials-v3.css and assets/js/articles-socials-v3.js are deployed.', 'brassgate-assistants-deluxe') . '
' . esc_html__('Link Socials assets are missing. Ensure assets/js/bgad_link_socials.js is deployed.', 'brassgate-assistants-deluxe') . '
Content Studio ';
esc_html_e('Content Studio helper missing. Please reinstall the plugin assets.', 'brassgate-assistants-deluxe');
echo '
' . esc_html__('Articles & Socials (2)', 'brassgate-assistants-deluxe') . ' ' . esc_html__('Template missing. Please deploy pages/articles-socials.php.', 'brassgate-assistants-deluxe') . '
' . esc_html__('Articles and Social Media', 'brassgate-assistants-deluxe') . ' ' . esc_html__('Template missing. Please deploy pages/articles-socials-v3.php.', 'brassgate-assistants-deluxe') . '
' . esc_html__('Ideas Board', 'brassgate-assistants-deluxe') . ' ' . esc_html__('Template missing. Please deploy pages/ideas_board.php.', 'brassgate-assistants-deluxe') . '
' . esc_html__('Ideas Board (Manager)', 'brassgate-assistants-deluxe') . ' ' . esc_html__('Template missing. Please deploy pages/ideas_board_manager.php.', 'brassgate-assistants-deluxe') . '
';
echo ' ';
echo ' ';
// Left: Conversations
echo '
';
// Center: Thread
echo '
';
echo ' ';
echo ' ';
echo ' ';
echo ' Formatted View ';
echo ' Raw View ';
echo ' ';
echo ' ';
echo ' ';
echo ' ';
echo ' Message composer ';
echo ' ';
echo ' ';
echo ' 0 characters ';
echo ' Send ';
echo '
';
echo ' ';
echo ' ';
echo ' ';
// Right: Tools
echo '
';
echo '
';
echo '
';
echo '
';
echo ' Analyzing... Checking sources... Verifying facts... Generating... Finalizing... ';
echo ' ';
echo '
';
echo '
Cancel ';
echo '
';
echo '
';
echo ' ';
// Admin-only notice to signal fallback rendering
if (current_user_can('manage_options')) {
echo 'Assistants Deluxe: page template missing (pages/bga_ad_chat.php or pages/ad-chat.php). Rendering inline fallback. Deploy the template file to remove this notice.
Report Studio was retired. Please use Content Studio to generate articles and reports.
Please sign in to use the Video Studio.
';
}
if (!self::user_has_plan()) {
$plans_url = esc_url(self::manager_url());
return 'An active BrassGate plan is required to use the Video Studio.
View plans .
An active BrassGate plan is required to view the video library.
View plans .
Avery is unavailable at the moment.
';
}
return ob_get_clean();
}
public static function render_jimmy_shortcode($atts = [], $content = '') {
if (!is_user_logged_in() || !current_user_can('read')) {
return 'Please log in to view Jimmy.
';
}
ob_start();
$page = plugin_dir_path(__FILE__) . 'pages/jimmy.php';
if (is_readable($page)) {
include $page;
} else {
echo 'Jimmy is unavailable at the moment.
';
}
return ob_get_clean();
}
// Doc Repo renderer (embedded Documents v3)
public static function render_doc_repo() {
if (!current_user_can('read')) wp_die('Insufficient permissions.');
$context = self::ensure_plan_access('Document Repo', array(), self::SLUG_DOCS);
$GLOBALS['bgad_doc_quota'] = $context;
$page = plugin_dir_path(__FILE__) . 'pages/doc-repo.php';
if (is_readable($page)) { include $page; return; }
echo 'C1 Doc Repo Template missing.
Doc Reader Template missing.
Allowances Template missing.
Social Media Tracking Template missing.
Social Media Connections Template missing.
Meeting Room Template missing.
Meeting Minutes Template missing.
Meeting Summaries Template missing.
Meeting Archive Template missing.
Action Board Template missing.
Timeline Mode Template missing.
Avery Gmail Auth ';
if ($auth_url) {
printf('
Open Google OAuth
', esc_url($auth_url));
echo '
After granting access, close the Google window and return to the Avery page.
';
} else {
echo '
Unable to start Gmail OAuth. Please check configuration.
';
}
echo '
Admin - Managers
Upload 1024x1024 PNG/JPG icons per manager. These apply to all users. Default is manager_default.png.
Assistants (Deluxe) — Pricing & Quotas
Health & Diagnostics
Run quick checks to verify template availability, API connectivity, and key detection. Results are admin-only.
Run Health Check
'forbidden'], 403);
self::ensure_plan_for_ajax();
$valid = check_ajax_referer('bgad_sc', 'nonce', false);
if (!$valid) {
$valid = check_ajax_referer(self::NONCE, 'nonce', false);
}
if (!$valid) {
wp_send_json_error(['message' => 'invalid nonce'], 403);
}
}
// Capability guard for Video Studio creator routes (filterable)
private static function check_studio_cap() {
$default_cap = has_filter('bgvs_required_capability') ? 'edit_posts' : 'read';
$cap = apply_filters('bgvs_required_capability', $default_cap);
if (!$cap) {
$cap = $default_cap;
}
if (!current_user_can($cap)) wp_send_json_error(['message'=>'forbidden'], 403);
}
// Helper: proxy a streaming GET to backend while preserving identity headers
private static function proxy_stream($path, $filename_hint = '', $default_type = 'application/octet-stream', $timeout = 600) {
$url = self::backend_base() . $path;
$headers = self::user_headers();
$res = wp_remote_request($url, [
'method' => 'GET',
'timeout' => $timeout,
'headers' => $headers,
]);
if (is_wp_error($res)) {
status_header(502);
echo 'Upstream error: ' . esc_html($res->get_error_message());
wp_die();
}
$code = wp_remote_retrieve_response_code($res);
$body = wp_remote_retrieve_body($res);
$ctype = wp_remote_retrieve_header($res, 'content-type');
if ($code < 200 || $code >= 300) {
status_header($code ?: 500);
echo esc_html(is_string($body) ? $body : 'Upstream error');
wp_die();
}
if (!$ctype) $ctype = $default_type;
nocache_headers();
header('Content-Type: ' . $ctype);
if ($filename_hint) {
header('Content-Disposition: inline; filename="' . basename($filename_hint) . '"');
}
echo $body;
wp_die();
}
public static function ajax_send() {
self::check_nonce();
$cid = sanitize_text_field($_POST['conversation_id'] ?? '');
$payload = [
'message' => (string)($_POST['message'] ?? ''),
'scope' => sanitize_text_field($_POST['scope'] ?? 'self'),
];
// Only include conversation_id if it's a real server ID (not empty and not local_)
if (!empty($cid) && stripos($cid, 'local_') !== 0) {
$payload['conversation_id'] = $cid;
}
$headers = self::user_headers();
$headers['x-assistant-style'] = sanitize_text_field($_POST['style'] ?? 'friendly');
$headers['x-assistant-strict'] = !empty($_POST['strict']) ? '1' : '0';
$headers['x-assistant-model'] = sanitize_text_field($_POST['model'] ?? 'brasso');
$r = self::http('POST', '/v3/assistant/send', $payload, 120);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
wp_send_json_success($r['data']);
}
public static function ajax_history() {
self::check_nonce();
$cid = sanitize_text_field($_POST['conversation_id'] ?? $_GET['conversation_id'] ?? '');
// For local / unsynced conversations, return empty history to avoid 404
if (empty($cid) || stripos($cid, 'local_') === 0) {
wp_send_json_success(['messages' => []]);
}
$r = self::http('GET', '/v3/assistant/history?conversation_id='.rawurlencode($cid), null, 60);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
wp_send_json_success($r['data']);
}
public static function ajax_convos() {
self::check_nonce();
$r = self::http('GET', '/v3/assistant/conversations?page=1&page_size=50', null, 60);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
wp_send_json_success($r['data']);
}
public static function ajax_sources() {
self::check_nonce();
$cid = sanitize_text_field($_POST['conversation_id'] ?? '');
// For local / unsynced conversations, return empty sources to avoid 404
if (empty($cid) || stripos($cid, 'local_') === 0) {
wp_send_json_success(['sources' => []]);
}
$r = self::http('GET', '/v3/assistant/sources?conversation_id='.rawurlencode($cid), null, 60);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
wp_send_json_success($r['data']);
}
// -------- Video Studio AJAX (v3/video) --------
public static function ajax_bgvs_preflight() {
self::check_nonce();
$now = time();
if (self::$vs_cb_open_until && $now < self::$vs_cb_open_until) {
$corr = function_exists('wp_generate_uuid4') ? wp_generate_uuid4() : uniqid('corr_', true);
wp_send_json([
'ok'=>false,
'status'=>503,
'error'=>'backend unreachable (circuit open)',
'via'=>'wp-proxy',
'corr'=>$corr,
'ts'=>time(),
], 200);
}
$r = self::bgvs_proxy_json('GET', '/v3/video/preflight');
// Single 503 retry (explicit) in addition to base proxy retries
if (empty($r['ok']) && (int)($r['status'] ?? 0) === 503) {
usleep(300000); // 300ms
$r = self::bgvs_proxy_json('GET', '/v3/video/preflight');
}
if (!empty($r['ok'])) {
// reset CB on success
self::$vs_cb_fails = 0; self::$vs_cb_last_fail = 0; self::$vs_cb_open_until = 0;
wp_send_json($r);
}
// failure
$last = self::$vs_cb_last_fail ?: 0;
$within = ($now - $last) <= 60;
if ($within) {
self::$vs_cb_fails += 1;
} else {
self::$vs_cb_fails = 1;
}
self::$vs_cb_last_fail = $now;
if (self::$vs_cb_fails >= 2 && $within) {
self::$vs_cb_open_until = $now + 15; // open for 15s
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_plan() {
self::check_nonce();
self::check_studio_cap();
// Support unified payload body or individual fields
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
$payload = [
'prompt' => (string)($_POST['prompt'] ?? ''),
'total_sec' => max(15, min(300, intval($_POST['total_sec'] ?? 30))),
'orientation' => sanitize_text_field($_POST['orientation'] ?? 'landscape'),
'variety' => isset($_POST['variety']) ? floatval($_POST['variety']) : 0.35,
'use_lore' => isset($_POST['use_lore']) ? (bool)$_POST['use_lore'] : true,
];
}
$r = self::bgvs_proxy_json('POST', '/v3/video/plan', $payload);
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'plan',
'endpoint' => '/v3/video/plan',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_preview_start() {
self::check_nonce();
self::check_studio_cap();
// Debug: log receipt of POST for diagnostics
if (defined('WP_DEBUG') && WP_DEBUG) {
error_log('[bgvs_preview_start] received: ' . print_r($_POST, true));
}
// Accept JSON payload or individual form fields
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
// Accept JSON-like form fields and forward as-is
$payload = [
'prompt' => (string)($_POST['prompt'] ?? ''),
'length_sec' => max(5, min(3600, intval($_POST['length_sec'] ?? 30))),
'orientation' => sanitize_text_field($_POST['orientation'] ?? 'landscape'),
// Legacy flat fields (kept for backward compatibility)
'intro_splash' => sanitize_text_field($_POST['intro_splash'] ?? ''),
'outro_splash' => sanitize_text_field($_POST['outro_splash'] ?? ''),
'intro_dur' => floatval($_POST['intro_dur'] ?? 0),
'outro_dur' => floatval($_POST['outro_dur'] ?? 0),
'variety' => isset($_POST['variety']) ? floatval($_POST['variety']) : 0.35,
'strict_orientation' => isset($_POST['strict_orientation']) ? (bool)$_POST['strict_orientation'] : true,
'max_candidates_per_beat' => intval($_POST['max_candidates_per_beat'] ?? 10),
'healer' => isset($_POST['healer']) ? (bool)$_POST['healer'] : true,
'seed' => isset($_POST['seed']) ? intval($_POST['seed']) : null,
];
}
// Optional object-shaped splashes
if (!empty($_POST['intro_splash']) && is_string($_POST['intro_splash'])) {
$js = json_decode(stripslashes((string)$_POST['intro_splash']), true);
if (is_array($js) && isset($js['filename'])) $payload['intro_splash'] = $js;
}
if (!empty($_POST['outro_splash']) && is_string($_POST['outro_splash'])) {
$js = json_decode(stripslashes((string)$_POST['outro_splash']), true);
if (is_array($js) && isset($js['filename'])) $payload['outro_splash'] = $js;
}
// Optional interstitials JSON
if (!empty($_POST['interstitials'])) {
$ints = json_decode(stripslashes((string)$_POST['interstitials']), true);
if (is_array($ints)) $payload['interstitials'] = $ints;
}
// Optional JSON plan
if (!empty($_POST['plan'])) {
$plan = json_decode(stripslashes((string)$_POST['plan']), true);
if (is_array($plan)) $payload['plan'] = $plan;
}
$r = self::bgvs_proxy_json('POST', '/v3/video/preview/start', $payload);
if (defined('WP_DEBUG') && WP_DEBUG) {
$code = isset($r['status']) ? (int)$r['status'] : 0;
error_log('[bgvs_preview_start] backend status: ' . $code);
}
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'preview',
'endpoint' => '/v3/video/preview/start',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_splash_list() {
self::check_nonce();
$role = sanitize_text_field($_POST['role'] ?? $_GET['role'] ?? '');
$orientation = sanitize_text_field($_POST['orientation'] ?? $_GET['orientation'] ?? '');
// Translate role -> type (API expects `type`), and forward orientation if provided
$qs = [];
if ($role !== '') { $qs['type'] = $role; }
if ($orientation !== '') { $qs['orientation'] = $orientation; }
$r = self::bgvs_proxy_json('GET', '/v3/splash/list', null, $qs);
// Single 503 retry for transient catalog hiccups
if (empty($r['ok']) && (int)($r['status'] ?? 0) === 503) {
usleep(300000); // 300ms
$r = self::bgvs_proxy_json('GET', '/v3/splash/list', null, $qs);
}
if (!empty($r['ok']) && is_array($r['body'])) {
$body = $r['body'];
$items = [];
if (isset($body['items']) && is_array($body['items'])) {
$items = $body['items'];
} elseif (isset($body['list']) && is_array($body['list'])) {
$items = $body['list'];
}
$r['body'] = ['items' => $items];
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_preview_status() {
self::check_nonce();
$fn = sanitize_text_field($_POST['filename'] ?? $_GET['filename'] ?? '');
$r = self::bgvs_proxy_json('GET', '/v3/video/preview/status', null, ['filename'=>$fn]);
wp_send_json($r, 200);
}
public static function ajax_bgvs_preview_stream() {
self::check_nonce();
$fn = sanitize_text_field($_GET['filename'] ?? $_POST['filename'] ?? '');
if (!$fn) wp_send_json_error(['message'=>'missing filename'], 400);
self::bgvs_proxy_stream('/v3/video/preview/stream', ['filename'=>$fn]);
}
public static function ajax_bgvs_preview_delete() {
self::check_nonce();
self::check_studio_cap();
$fn = sanitize_text_field($_POST['filename'] ?? '');
$r = self::bgvs_proxy_json('DELETE', '/v3/video/preview', null, ['filename' => $fn]);
wp_send_json($r, 200);
}
public static function ajax_bgvs_audio_plan() {
self::check_nonce();
self::check_studio_cap();
// Support unified payload body or individual fields
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
$payload = [
'preview_filename' => sanitize_text_field($_POST['preview_filename'] ?? ''),
'use_music' => isset($_POST['use_music']) ? (bool)$_POST['use_music'] : true,
'music_style' => sanitize_text_field($_POST['music_style'] ?? ''),
'instrumental' => isset($_POST['instrumental']) ? (bool)$_POST['instrumental'] : true,
'use_narration' => isset($_POST['use_narration']) ? (bool)$_POST['use_narration'] : false,
'voice_id' => sanitize_text_field($_POST['voice_id'] ?? ''),
'tone' => sanitize_text_field($_POST['tone'] ?? ''),
];
}
// Optional plan JSON
if (!empty($_POST['plan'])) {
$pl = json_decode(stripslashes((string)$_POST['plan']), true);
if (is_array($pl)) $payload['plan'] = $pl;
}
$r = self::bgvs_proxy_json('POST', '/v3/video/audio/plan', $payload);
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'audio_plan',
'endpoint' => '/v3/video/audio/plan',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json($r, 200);
}
// ---- Music generation (server→server) ----
public static function ajax_bgvs_music_start() {
self::check_nonce();
self::check_studio_cap();
// Support unified payload body or individual fields
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
$payload = [
'prompt_music' => (string)($_POST['prompt'] ?? ''),
'length_sec' => max(1, min(600, intval($_POST['duration'] ?? 30))),
'instrumental' => isset($_POST['instrumental']) ? (bool)$_POST['instrumental'] : true,
'orientation' => sanitize_text_field($_POST['orientation'] ?? 'landscape'),
'style' => sanitize_text_field($_POST['style'] ?? ''),
];
}
$r = self::bgvs_proxy_json('POST', '/v3/audio/music/start', $payload);
if (!empty($r['ok']) && is_array($r['body'])) {
$data = $r['body'];
} else {
$data = is_array($r['body'] ?? null) ? $r['body'] : [];
}
// Normalize to vendor_filename for UI
if (is_array($data) && isset($data['filename']) && !isset($data['vendor_filename'])) {
$data['vendor_filename'] = $data['filename'];
}
$r['body'] = $data;
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'music_start',
'endpoint' => '/v3/audio/music/start',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_music_stream() {
self::check_nonce();
$fn = sanitize_text_field($_GET['vendor_filename'] ?? $_POST['vendor_filename'] ?? '');
if (!$fn) wp_send_json_error(['message'=>'missing vendor_filename'], 400);
self::bgvs_proxy_stream('/v3/audio/music/stream', ['filename'=>$fn]);
}
// ---- Narration generation (server→server) ----
public static function ajax_bgvs_narrate_start() {
self::check_nonce();
self::check_studio_cap();
// Support unified payload body or individual fields
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
$payload = [
'script' => (string)($_POST['script'] ?? ''),
'voice_id'=> sanitize_text_field($_POST['voice_id'] ?? ''),
'tone' => sanitize_text_field($_POST['tone'] ?? ''),
];
}
// Backend v3/audio may use a different key naming; adapt if needed
$r = self::bgvs_proxy_json('POST', '/v3/audio/narrate/start', $payload);
$data = is_array($r['body'] ?? null) ? $r['body'] : [];
if (is_array($data) && isset($data['filename']) && !isset($data['vendor_filename'])) {
$data['vendor_filename'] = $data['filename'];
}
$r['body'] = $data;
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'narrate_start',
'endpoint' => '/v3/audio/narrate/start',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_narrate_stream() {
self::check_nonce();
$fn = sanitize_text_field($_GET['vendor_filename'] ?? $_POST['vendor_filename'] ?? '');
if (!$fn) wp_send_json_error(['message'=>'missing vendor_filename'], 400);
// Some backends use filename param; mirror music for consistency
self::bgvs_proxy_stream('/v3/audio/narrate/stream', ['filename'=>$fn]);
}
// ---- Voices (optional) ----
public static function ajax_bgvs_voices() {
self::check_nonce();
$r = self::bgvs_proxy_json('GET', '/v3/audio/voices');
if (!empty($r['ok']) && is_array($r['body'])) {
wp_send_json($r['body'], 200);
}
// Fallback small list
wp_send_json(['items' => [ ['id'=>'edward','name'=>'Edward'], ['id'=>'luna','name'=>'Luna'] ]], 200);
}
public static function ajax_bgvs_finalize_start() {
self::check_nonce();
self::check_studio_cap();
// Build finalize payload with minimal defaults (supports unified payload)
$payload = null;
if (isset($_POST['payload'])) {
$pl = json_decode(stripslashes((string)$_POST['payload']), true);
if (is_array($pl)) $payload = $pl;
}
if (!is_array($payload)) {
$payload = [
'preview_filename' => sanitize_text_field($_POST['preview_filename'] ?? ''),
'music' => [
'source' => sanitize_text_field($_POST['music_source'] ?? 'none'),
'vendor_filename' => sanitize_text_field($_POST['music_vendor_filename'] ?? ''),
'style' => sanitize_text_field($_POST['music_style'] ?? ''),
'instrumental' => isset($_POST['music_instrumental']) ? (bool)$_POST['music_instrumental'] : true,
],
'narration' => [
'source' => sanitize_text_field($_POST['nar_source'] ?? 'none'),
'vendor_filename' => sanitize_text_field($_POST['nar_vendor_filename'] ?? ''),
'voice_id' => sanitize_text_field($_POST['nar_voice_id'] ?? ''),
'tone' => sanitize_text_field($_POST['nar_tone'] ?? ''),
],
'overlays' => [],
'title' => sanitize_text_field($_POST['title'] ?? ''),
'description' => sanitize_textarea_field($_POST['description'] ?? ''),
'strict_length' => isset($_POST['strict_length']) ? (bool)$_POST['strict_length'] : true,
];
if (!empty($_POST['overlays'])) {
$ov = json_decode(stripslashes((string)$_POST['overlays']), true);
if (is_array($ov)) $payload['overlays'] = $ov;
}
}
$r = self::bgvs_proxy_json('POST', '/v3/video/finalize/start', $payload);
if (empty($r['ok']) || !is_array($r['body'])) {
$status = isset($r['status']) ? intval($r['status']) : 500;
$err = is_array($r['body'] ?? null) ? ($r['body']['error'] ?? $r['body']['detail'] ?? 'upstream error') : (is_string($r['body'] ?? '') ? $r['body'] : 'upstream error');
wp_send_json_error(['message'=>$err], $status ?: 500);
}
// Attach a proxy URL for download convenience
$data = $r['body'];
if (is_array($data) && !empty($data['filename'])) {
$data['proxy_url'] = add_query_arg([
'action' => 'bgvs_library_stream',
'nonce' => wp_create_nonce(self::NONCE),
'filename' => $data['filename'],
], admin_url('admin-ajax.php'));
}
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'shortform',
'action' => 'finalize',
'endpoint' => '/v3/video/finalize/start',
'method' => 'POST',
);
bg_increment_user_usage(get_current_user_id(), 'shortform_from_user_videos', 1, null, $context);
}
wp_send_json_success($data);
}
public static function ajax_bgvs_library_list() {
self::check_nonce();
$r = self::bgvs_proxy_json('GET', '/v3/video/library/list');
wp_send_json($r, 200);
}
public static function ajax_bgvs_library_stream() {
self::check_nonce();
$fn = sanitize_text_field($_GET['filename'] ?? $_POST['filename'] ?? '');
if (!$fn) wp_send_json_error(['message'=>'missing filename'], 400);
self::bgvs_proxy_stream('/v3/video/library/download', ['filename'=>$fn]);
}
public static function ajax_bgvs_library_delete() {
self::check_nonce();
self::check_studio_cap();
$fn = sanitize_text_field($_POST['filename'] ?? '');
$r = self::bgvs_proxy_json('DELETE', '/v3/video/library', null, ['filename'=>$fn]);
if (!empty($r['ok']) && function_exists('bg_decrement_user_usage')) {
$context = array(
'source' => 'ajax',
'page' => 'videos',
'action' => 'delete',
'endpoint' => '/v3/video/library',
'method' => 'DELETE',
);
bg_decrement_user_usage(get_current_user_id(), 'videos_upload', 1, null, $context);
}
wp_send_json($r, 200);
}
public static function ajax_bgvs_clips_search() {
self::check_nonce();
$q = isset($_GET['q']) ? sanitize_text_field($_GET['q']) : sanitize_text_field($_POST['q'] ?? '');
$r = self::bgvs_proxy_json('GET', '/v3/video/clips/search', null, $q ? ['query'=>$q] : []);
wp_send_json($r, 200);
}
public static function ajax_bgvs_thumb() {
self::check_nonce();
$fn = sanitize_text_field($_GET['filename'] ?? $_POST['filename'] ?? '');
$t = isset($_GET['t']) ? floatval($_GET['t']) : floatval($_POST['t'] ?? 0.5);
if (!$fn) wp_send_json_error(['message'=>'missing filename'], 400);
self::bgvs_proxy_stream('/v3/video/thumb', ['filename'=>$fn, 't'=>$t]);
}
public static function ajax_vertical_socials_status() {
$nonce = '';
if (isset($_POST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_POST['nonce']));
} elseif (isset($_REQUEST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_REQUEST['nonce']));
}
if ($nonce === '' || !wp_verify_nonce($nonce, self::NONCE)) {
wp_send_json(['ok' => false, 'error' => 'Invalid nonce'], 403);
}
if (!self::user_has_plan()) {
wp_send_json(['ok' => false, 'error' => 'forbidden'], 403);
}
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
if ($client_key === '') {
wp_send_json(['ok' => false, 'error' => 'Missing BrassGate client key in profile']);
}
$job_id = isset($_POST['job_id']) ? sanitize_text_field(wp_unslash($_POST['job_id'])) : '';
if ($job_id === '') {
wp_send_json(['ok' => false, 'error' => 'Missing job id']);
}
$base = self::vertical_backend_base();
$url = rtrim($base, '/') . '/v3/vertical/status/' . rawurlencode($job_id);
$headers = self::vertical_headers();
if ($client_key !== '') {
$headers['x-brassgate-client-key'] = $client_key;
$headers['X-Brassgate-Client-Key'] = $client_key;
}
if (!isset($headers['X-Correlation-Id']) && function_exists('wp_generate_uuid4')) {
$headers['X-Correlation-Id'] = wp_generate_uuid4();
}
$response = wp_remote_get($url, [
'timeout' => 60,
'headers' => $headers,
'sslverify' => true,
]);
if (is_wp_error($response)) {
wp_send_json(['ok' => false, 'error' => $response->get_error_message()], 502);
}
$status = (int) wp_remote_retrieve_response_code($response);
$raw_body = (string) wp_remote_retrieve_body($response);
$decoded = json_decode($raw_body, true);
$corr = wp_remote_retrieve_header($response, 'x-correlation-id');
if ($status >= 200 && $status < 300 && is_array($decoded)) {
wp_send_json(['ok' => true, 'corr' => $corr, 'body' => $decoded]);
return;
}
$error_detail = '';
if (is_array($decoded)) {
$error_detail = isset($decoded['error']) ? (string) $decoded['error'] : '';
if ($error_detail === '' && isset($decoded['detail'])) {
$error_detail = is_string($decoded['detail']) ? $decoded['detail'] : wp_json_encode($decoded['detail']);
}
if ($error_detail === '' && isset($decoded['message'])) {
$error_detail = (string) $decoded['message'];
}
if ($error_detail === '') {
$error_detail = wp_json_encode($decoded);
}
} else {
$error_detail = $raw_body;
}
wp_send_json(['ok' => false, 'error' => $error_detail ?: 'Backend error', 'status' => $status], $status >= 400 ? $status : 502);
}
public static function ajax_vertical_socials_ping() {
$nonce = '';
if (isset($_POST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_POST['nonce']));
} elseif (isset($_REQUEST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_REQUEST['nonce']));
}
if ($nonce === '' || !wp_verify_nonce($nonce, self::NONCE)) {
wp_send_json(['ok' => false, 'error' => 'Invalid nonce'], 403);
}
if (!current_user_can('manage_options')) {
wp_send_json(['ok' => false, 'error' => 'forbidden'], 403);
}
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
if ($client_key === '') {
wp_send_json(['ok' => false, 'error' => 'Missing BrassGate client key in profile']);
}
$base = self::vertical_backend_base();
$headers = self::vertical_headers();
if ($client_key !== '') {
$headers['x-brassgate-client-key'] = $client_key;
$headers['X-Brassgate-Client-Key'] = $client_key;
}
if (!isset($headers['X-Correlation-Id']) && function_exists('wp_generate_uuid4')) {
$headers['X-Correlation-Id'] = wp_generate_uuid4();
}
$response = wp_remote_get($base . '/v3/vertical/ping', [
'timeout' => 60,
'headers' => $headers,
'sslverify' => true,
]);
if (is_wp_error($response)) {
wp_send_json(['ok' => false, 'error' => $response->get_error_message()], 502);
}
$status = (int) wp_remote_retrieve_response_code($response);
$raw_body = (string) wp_remote_retrieve_body($response);
$decoded = json_decode($raw_body, true);
$corr = wp_remote_retrieve_header($response, 'x-correlation-id');
if ($status >= 200 && $status < 300) {
wp_send_json([
'ok' => true,
'corr' => $corr,
'body' => is_array($decoded) ? $decoded : null,
'raw' => $raw_body,
]);
}
$error_detail = '';
if (is_array($decoded)) {
$error_detail = isset($decoded['error']) ? (string) $decoded['error'] : '';
if ($error_detail === '' && isset($decoded['detail'])) {
$error_detail = is_string($decoded['detail']) ? $decoded['detail'] : wp_json_encode($decoded['detail']);
}
if ($error_detail === '' && isset($decoded['message'])) {
$error_detail = (string) $decoded['message'];
}
if ($error_detail === '') {
$error_detail = wp_json_encode($decoded);
}
} else {
$error_detail = $raw_body;
}
wp_send_json(['ok' => false, 'error' => $error_detail ?: 'Backend error', 'status' => $status], 502);
}
public static function ajax_horizontal_socials_ping() {
$nonce = '';
if (isset($_POST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_POST['nonce']));
} elseif (isset($_REQUEST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_REQUEST['nonce']));
}
if ($nonce === '' || !wp_verify_nonce($nonce, self::NONCE)) {
wp_send_json(['ok' => false, 'error' => 'Invalid nonce'], 403);
}
if (!current_user_can('manage_options')) {
wp_send_json(['ok' => false, 'error' => 'forbidden'], 403);
}
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
if ($client_key === '') {
wp_send_json(['ok' => false, 'error' => 'Missing BrassGate client key in profile']);
}
$base = self::horizontal_backend_base();
$headers = self::horizontal_headers();
if ($client_key !== '') {
$headers['x-brassgate-client-key'] = $client_key;
$headers['X-Brassgate-Client-Key'] = $client_key;
}
if (!isset($headers['X-Correlation-Id']) && function_exists('wp_generate_uuid4')) {
$headers['X-Correlation-Id'] = wp_generate_uuid4();
}
$response = wp_remote_get($base . '/v3/horizontal_socials/ping', [
'timeout' => 60,
'headers' => $headers,
'sslverify' => true,
]);
if (is_wp_error($response)) {
wp_send_json(['ok' => false, 'error' => $response->get_error_message()], 502);
}
$status = (int) wp_remote_retrieve_response_code($response);
$raw_body = (string) wp_remote_retrieve_body($response);
$decoded = json_decode($raw_body, true);
$corr = wp_remote_retrieve_header($response, 'x-correlation-id');
if ($status >= 200 && $status < 300) {
wp_send_json([
'ok' => true,
'corr' => $corr,
'body' => is_array($decoded) ? $decoded : null,
'raw' => $raw_body,
]);
}
$error_detail = '';
if (is_array($decoded)) {
$error_detail = isset($decoded['error']) ? (string) $decoded['error'] : '';
if ($error_detail === '' && isset($decoded['detail'])) {
$error_detail = is_string($decoded['detail']) ? $decoded['detail'] : wp_json_encode($decoded['detail']);
}
if ($error_detail === '' && isset($decoded['message'])) {
$error_detail = (string) $decoded['message'];
}
if ($error_detail === '') {
$error_detail = wp_json_encode($decoded);
}
} else {
$error_detail = $raw_body;
}
wp_send_json(['ok' => false, 'error' => $error_detail ?: 'Backend error', 'status' => $status], $status >= 400 ? $status : 502);
}
public static function ajax_vertical_socials_download() {
$nonce = '';
if (isset($_REQUEST['nonce'])) {
$nonce = sanitize_text_field(wp_unslash($_REQUEST['nonce']));
}
if ($nonce === '' || !wp_verify_nonce($nonce, self::NONCE)) {
status_header(403);
echo 'Invalid nonce';
wp_die();
}
if (!current_user_can('manage_options')) {
status_header(403);
echo 'forbidden';
wp_die();
}
$user_id = get_current_user_id();
$client_key = $user_id ? trim((string) get_user_meta($user_id, 'brassgate_client_key', true)) : '';
if ($client_key === '') {
wp_send_json(['ok' => false, 'error' => 'Missing BrassGate client key in profile']);
}
$job_id = '';
if (isset($_REQUEST['job_id'])) {
$job_id = sanitize_text_field(wp_unslash($_REQUEST['job_id']));
}
if ($job_id === '') {
status_header(400);
echo 'Missing job id';
wp_die();
}
$inline = isset($_REQUEST['inline']) && (string) wp_unslash($_REQUEST['inline']) === '1';
$query = [
'job_id' => $job_id,
];
if ($inline) {
$query['inline'] = '1';
}
$base = self::vertical_backend_base();
$url = add_query_arg($query, $base . '/v3/vertical/download');
$headers = self::vertical_headers(false);
if ($client_key !== '') {
$headers['x-brassgate-client-key'] = $client_key;
$headers['X-Brassgate-Client-Key'] = $client_key;
}
if ($inline) {
$headers['Accept'] = '*/*';
} elseif (!isset($headers['Accept'])) {
$headers['Accept'] = 'application/json';
}
if (!isset($headers['X-Correlation-Id']) && function_exists('wp_generate_uuid4')) {
$headers['X-Correlation-Id'] = wp_generate_uuid4();
}
$response = wp_remote_get($url, [
'timeout' => $inline ? 120 : 60,
'headers' => $headers,
'sslverify' => true,
]);
if (is_wp_error($response)) {
if ($inline) {
status_header(502);
echo esc_html($response->get_error_message());
wp_die();
}
wp_send_json(['ok' => false, 'error' => $response->get_error_message()], 502);
}
$status = (int) wp_remote_retrieve_response_code($response);
$corr = wp_remote_retrieve_header($response, 'x-correlation-id');
if ($inline) {
$body = wp_remote_retrieve_body($response);
if ($status < 200 || $status >= 300) {
status_header($status);
echo esc_html($body);
wp_die();
}
$content_type = wp_remote_retrieve_header($response, 'content-type');
$content_length = wp_remote_retrieve_header($response, 'content-length');
$filename = sanitize_file_name($job_id . '.mp4');
status_header(200);
if ($content_type) {
header('Content-Type: ' . $content_type);
} else {
header('Content-Type: video/mp4');
}
if ($content_length) {
header('Content-Length: ' . $content_length);
}
header('Content-Disposition: inline; filename="' . $filename . '"');
echo $body;
wp_die();
}
$raw_body = (string) wp_remote_retrieve_body($response);
$decoded = json_decode($raw_body, true);
if ($status >= 200 && $status < 300 && is_array($decoded) && isset($decoded['url'])) {
wp_send_json([
'ok' => true,
'corr' => $corr,
'body' => [
'url' => esc_url_raw($decoded['url']),
],
]);
}
$error_detail = '';
if (is_array($decoded)) {
$error_detail = isset($decoded['error']) ? (string) $decoded['error'] : '';
if ($error_detail === '' && isset($decoded['detail'])) {
$error_detail = is_string($decoded['detail']) ? $decoded['detail'] : wp_json_encode($decoded['detail']);
}
if ($error_detail === '' && isset($decoded['message'])) {
$error_detail = (string) $decoded['message'];
}
if ($error_detail === '') {
$error_detail = wp_json_encode($decoded);
}
} else {
$error_detail = $raw_body;
}
wp_send_json(['ok' => false, 'error' => $error_detail ?: 'Backend error'], 502);
}
public static function ajax_lvi_proxy() {
if (!current_user_can('manage_options')) {
wp_send_json(['ok' => false, 'error' => 'forbidden'], 403);
}
check_ajax_referer('bgad_lvi_nonce', 'nonce');
$mode = sanitize_key($_POST['mode'] ?? '');
$override_api = trim((string)wp_unslash($_POST['api_key_override'] ?? ''));
$override_client = trim((string)wp_unslash($_POST['client_key_override'] ?? ''));
if (!function_exists('bgad_user_headers')) {
$inc = plugin_dir_path(__FILE__) . 'includes/bg-headers.php';
if (file_exists($inc)) {
require_once $inc;
}
}
$headers = function_exists('bgad_user_headers') ? bgad_user_headers(true, 'large-video-interrogator') : [];
$api_key = $override_api !== '' ? $override_api : trim((string)($headers['X-User-API-Key'] ?? $headers['x-user-api-key'] ?? ''));
$client_key = $override_client !== '' ? $override_client : trim((string)($headers['X-BrassGate-Client'] ?? $headers['x-brassgate-client-key'] ?? ''));
if ($client_key === '' && function_exists('bgad_user_client_key')) {
$client_key = trim((string)bgad_user_client_key());
}
$manager_key = '';
if (isset($headers['X-Manager-API-Key']) && $headers['X-Manager-API-Key']) {
$manager_key = trim((string)$headers['X-Manager-API-Key']);
} elseif (isset($headers['x-manager-api-key']) && $headers['x-manager-api-key']) {
$manager_key = trim((string)$headers['x-manager-api-key']);
}
if ($api_key === '' || $client_key === '') {
wp_send_json(['ok' => false, 'error' => 'missing-keys'], 400);
}
$base = function_exists('bgad_backend_base') ? bgad_backend_base() : self::backend_base();
$base = rtrim($base, '/');
$headers = [
'X-User-API-Key' => $api_key,
'X-BrassGate-Client' => $client_key,
'X-BrassGate-Client-Key' => $client_key,
'x-brassgate-client-key' => $client_key,
'Accept' => 'application/json',
];
if ($manager_key !== '') {
$headers['X-Manager-API-Key'] = $manager_key;
}
$meta = [
'nonce_ok' => true,
'mode' => $mode,
];
$request_args = [
'timeout' => 300,
'headers' => $headers,
];
$endpoint = '';
$method = 'GET';
switch ($mode) {
case 'index':
$method = 'POST';
$endpoint = '/v3/video/index';
if (empty($_FILES['file']) || !isset($_FILES['file']['tmp_name'])) {
wp_send_json(['ok' => false, 'error' => 'missing-file'], 400);
}
$file = $_FILES['file'];
if (!empty($file['error'])) {
wp_send_json([
'ok' => false,
'error' => 'upload-error',
'code' => (int) $file['error'],
], 400);
}
$allowed = ['mp4', 'mov', 'mkv', 'webm'];
$ext = strtolower(pathinfo($file['name'] ?? '', PATHINFO_EXTENSION));
if (!in_array($ext, $allowed, true)) {
wp_send_json(['ok' => false, 'error' => 'unsupported-type'], 400);
}
$max_bytes = 2048 * 1024 * 1024; // 2 GiB
if (!empty($file['size']) && (int)$file['size'] > $max_bytes) {
wp_send_json(['ok' => false, 'error' => 'file-too-large'], 400);
}
$sample = isset($_POST['sample_rate_sec']) ? floatval($_POST['sample_rate_sec']) : 1.0;
if (!is_finite($sample) || $sample < 1.0) {
$sample = 1.0;
}
$meta['sample_rate_sec'] = $sample;
$body = [
'sample_rate_sec' => (string)$sample,
];
$ctype = $file['type'] ?? 'application/octet-stream';
$fname = $file['name'] ?? 'upload';
if (function_exists('curl_file_create')) {
$body['file'] = curl_file_create($file['tmp_name'], $ctype ?: 'application/octet-stream', $fname);
} else {
$body['file'] = '@' . $file['tmp_name'];
}
$request_args['body'] = $body;
break;
case 'status':
case 'result':
$video_id = sanitize_text_field($_POST['video_id'] ?? $_GET['video_id'] ?? '');
if ($video_id === '') {
wp_send_json(['ok' => false, 'error' => 'missing-video-id'], 400);
}
$meta['video_id'] = $video_id;
if ($mode === 'status') {
$endpoint = '/v3/video/index/status?video_id=' . rawurlencode($video_id);
$request_args['timeout'] = 120;
} else {
$endpoint = '/v3/video/index/result?video_id=' . rawurlencode($video_id);
$request_args['timeout'] = 300;
}
break;
case 'reindex':
$method = 'POST';
$video_id = sanitize_text_field($_POST['video_id'] ?? '');
if ($video_id === '') {
wp_send_json(['ok' => false, 'error' => 'missing-video-id'], 400);
}
$sample = isset($_POST['sample_rate_sec']) ? floatval($_POST['sample_rate_sec']) : 1.0;
if (!is_finite($sample) || $sample < 1.0) {
$sample = 1.0;
}
$meta['video_id'] = $video_id;
$meta['sample_rate_sec'] = $sample;
$endpoint = '/v3/video/reindex?video_id=' . rawurlencode($video_id) . '&sample_rate_sec=' . rawurlencode($sample);
$request_args['body'] = '';
break;
case 'delete':
$method = 'DELETE';
$video_id = sanitize_text_field($_POST['video_id'] ?? '');
if ($video_id === '') {
wp_send_json(['ok' => false, 'error' => 'missing-video-id'], 400);
}
$meta['video_id'] = $video_id;
$endpoint = '/v3/video/index?video_id=' . rawurlencode($video_id);
$request_args['timeout'] = 120;
break;
default:
wp_send_json(['ok' => false, 'error' => 'unsupported-mode'], 400);
}
$url = $base . $endpoint;
$meta['url'] = $url;
$meta['method'] = $method;
if ($method === 'GET') {
$response = wp_remote_get($url, $request_args);
} elseif ($method === 'POST') {
$request_args['method'] = 'POST';
$response = wp_remote_post($url, $request_args);
} else {
$request_args['method'] = $method;
$response = wp_remote_request($url, $request_args);
}
if (is_wp_error($response)) {
wp_send_json([
'ok' => false,
'error' => 'request-failed',
'message' => $response->get_error_message(),
'meta' => $meta,
], 502);
}
$status = (int) wp_remote_retrieve_response_code($response);
$body = (string) wp_remote_retrieve_body($response);
$parsed = null;
if ($body !== '') {
$json = json_decode($body, true);
if (json_last_error() === JSON_ERROR_NONE) {
$parsed = $json;
}
}
$ok = ($status >= 200 && $status < 300);
$payload = [
'ok' => $ok,
'status' => $status,
'body' => $parsed !== null ? $parsed : $body,
'is_json' => ($parsed !== null),
'meta' => $meta + [
'headers_forwarded' => array_keys($headers),
],
];
if ($parsed !== null) {
$payload['json'] = $parsed;
}
wp_send_json($payload, $ok ? 200 : ($status ?: 502));
}
public static function ajax_report_start() {
self::check_nonce();
$payload = [
'conversation_id' => sanitize_text_field($_POST['conversation_id'] ?? ''),
'mode' => sanitize_text_field($_POST['mode'] ?? 'brasso'),
'depth' => sanitize_text_field($_POST['depth'] ?? 'onepager'),
'guidance' => (string)($_POST['guidance'] ?? ''),
];
$path = '/v3/assistant/report';
if ($path==='/v3/assistant/report') $payload['long'] = true;
$r = self::http('POST', $path, $payload, 30);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
// Flatten {ok,data:{...}} → {...}
$out = $r['data'];
if (is_array($out) && array_key_exists('data', $out)) $out = $out['data'];
wp_send_json_success($out);
}
public static function ajax_report_status() {
self::check_nonce();
$job_id = sanitize_text_field($_POST['job_id'] ?? '');
$r = self::http('POST', '/v3/assistant/report/status', ['job_id'=>$job_id], 30);
if (empty($r['ok'])) wp_send_json_error($r, $r['status'] ?? 500);
// Flatten
$out = $r['data'];
if (is_array($out) && array_key_exists('data', $out)) $out = $out['data'];
wp_send_json_success($out);
}
/**
* Quotas (messages left)
* Priority:
* 1) MU-plugin bridge (bg_get_user_usage_summary + local delta)
* 2) /v3/assistant/quota (user-scoped, if present)
* 3) /admin/usage (X-Admin-Key only; client_id auto-derived)
*/
public static function ajax_usage() {
self::check_nonce();
// 0) Preferred: local MU-plugin bridge
if (function_exists('bg_get_user_usage_summary')) {
$u = wp_get_current_user();
$user_id = (int)$u->ID;
$summary = bg_get_user_usage_summary($user_id);
$base_remaining = null;
if (is_array($summary) && !empty($summary['chat_messages'])) {
$cm = $summary['chat_messages'];
if (isset($cm['remaining'])) {
$base_remaining = (int)$cm['remaining'];
} else {
$limit = isset($cm['limit']) ? (int)$cm['limit'] : 0;
$used = isset($cm['used']) ? (int)$cm['used'] : 0;
$base_remaining = max(0, $limit - $used);
}
}
$delta = 0;
$m = get_user_meta($user_id, 'bg_quota_delta_chat_messages', true);
if (is_numeric($m)) $delta = (int)$m;
if ($delta === 0) {
$opt = get_option('bg_quota_bridge_delta');
if (is_array($opt)) {
if (isset($opt[$user_id]) && is_array($opt[$user_id])) {
$v = $opt[$user_id]['chat_messages'] ?? 0;
if (is_numeric($v)) $delta = (int)$v;
}
if ($delta === 0 && isset($opt['chat_messages']) && is_array($opt['chat_messages'])) {
$v = $opt['chat_messages'][$user_id] ?? 0;
if (is_numeric($v)) $delta = (int)$v;
}
}
}
if ($delta === 0) {
$opt2 = get_option('bg_quota_deltas');
if (is_array($opt2)) {
$v = $opt2['chat_messages'][$user_id] ?? ($opt2[$user_id]['chat_messages'] ?? 0);
if (is_numeric($v)) $delta = (int)$v;
}
}
if ($delta === 0) {
$arr = get_user_meta($user_id, 'bg_quota_bridge_user_'.$user_id, true);
if (is_array($arr)) {
$v = $arr['chat_messages'] ?? 0;
if (is_numeric($v)) $delta = (int)$v;
}
}
if ($base_remaining !== null) {
$final_remaining = max(0, $base_remaining - $delta);
wp_send_json_success([
'messages_left' => $final_remaining,
'base_remaining' => $base_remaining,
'local_delta' => $delta,
'source' => 'mu-plugin',
]);
}
}
// 1) Fallback: user-scoped backend endpoint
$res = self::http('GET', '/v3/assistant/quota', null, 20);
if (!empty($res['ok'])) wp_send_json_success($res['data'] + ['source'=>'backend-quota']);
// 2) Last resort: /admin/usage
$admin_key = trim((string)get_option(self::OPT_ADMIN_KEY, ''));
if ($admin_key === '') {
wp_send_json_success(['messages_left' => null, 'note' => 'quota endpoint unavailable; admin key not set', 'source'=>'none']);
}
$u = wp_get_current_user();
$user_k = trim((string)get_user_meta($u->ID, self::USER_KEY, true));
$client_id = $user_k ?: '';
$call_usage = function($cid) use ($admin_key) {
$path = '/admin/usage?client_id=' . rawurlencode($cid);
return BrassGate_Assistants_Deluxe::http('GET', $path, null, 20, ['X-Admin-Key' => $admin_key]);
};
if ($client_id) {
$res2 = $call_usage($client_id);
if (!empty($res2['ok'])) wp_send_json_success($res2['data'] + ['source'=>'admin-usage:key']);
}
$lookup = self::http('GET', '/v1/clients/', null, 20, ['X-Admin-Key' => $admin_key]);
if (!empty($lookup['ok']) && !empty($lookup['data'])) {
$list = $lookup['data']['items'] ?? $lookup['data'];
if (is_array($list)) {
foreach ($list as $row) {
$ak = $row['api_key'] ?? $row['key'] ?? '';
if ($ak && $ak === $user_k) {
$real_id = $row['id'] ?? $row['client_id'] ?? '';
if ($real_id) {
$res3 = $call_usage($real_id);
if (!empty($res3['ok'])) wp_send_json_success($res3['data'] + ['source'=>'admin-usage:id']);
}
}
}
}
}
wp_send_json_success(['messages_left' => null, 'note' => 'quota unavailable', 'source'=>'fallback']);
}
/** Saved reports removed */
/** ---------------- Admin-only Health Check ---------------- */
public static function ajax_health() {
// Restrict to admins
self::check_nonce();
if (!current_user_can('manage_options')) wp_send_json_error(['message' => 'forbidden'], 403);
// Template availability
$base = plugin_dir_path(__FILE__) . 'pages/';
$legacy = $base . 'bga_ad_chat.php';
$renamed = $base . 'ad-chat.php';
$tmpl = [
'bga_ad_chat_php' => is_readable($legacy),
'ad_chat_php' => is_readable($renamed),
'inline_fallback' => true,
];
// Key detection (masked/no key value exposure)
$env = getenv('BRASSGATE_CLIENT_KEY');
$u = wp_get_current_user();
$user_k = $u && $u->ID ? trim((string)get_user_meta($u->ID, self::USER_KEY, true)) : '';
$mgr_k = $u && $u->ID ? trim((string)get_user_meta($u->ID, self::MANAGER_KEY, true)) : '';
$key_source = $env ? 'env' : ($user_k ? 'user' : ($mgr_k ? 'manager' : 'none'));
// Backend pings (safe, short timeouts)
$apiBase = self::backend_base();
$results = [
'api_base' => $apiBase,
];
// Conversations ping
$ping1 = self::http('GET', '/v3/assistant/conversations?page=1&page_size=1', null, 15);
$results['conversations'] = [
'ok' => !empty($ping1['ok']),
'status' => $ping1['status'] ?? null,
];
// Documents list ping (self scope)
$ping2 = self::http('GET', '/v3/documents/list?page=1&page_size=1&scope=self', null, 15);
$results['documents'] = [
'ok' => !empty($ping2['ok']),
'status' => $ping2['status'] ?? null,
];
// Doc Repo health: team/org scopes and admin key presence
$u = wp_get_current_user();
$has_mgr = $u && $u->ID ? (bool) trim((string)get_user_meta($u->ID, self::MANAGER_KEY, true)) : false;
$admin_key = trim((string)get_option(self::OPT_ADMIN_KEY, ''));
$results['doc_repo'] = [
'admin_key_configured' => ($admin_key !== ''),
];
// Team scope (requires manager key)
$ping_team = self::http('GET', '/v3/documents/list?page=1&page_size=1&scope=team', null, 15);
$results['doc_repo']['documents_team'] = [
'ok' => !empty($ping_team['ok']),
'status' => $ping_team['status'] ?? null,
'note' => $has_mgr ? 'manager key present' : 'no manager key on user',
];
// Org scope (requires admin key)
$ping_org = self::http('GET', '/v3/documents/list?page=1&page_size=1&scope=org', null, 15, self::backend_admin_headers());
$results['doc_repo']['documents_org'] = [
'ok' => !empty($ping_org['ok']),
'status' => $ping_org['status'] ?? null,
'note' => $admin_key !== '' ? 'admin key configured' : 'admin key missing',
];
// Quota ping (user-scoped if available)
$ping3 = self::http('GET', '/v3/assistant/quota', null, 15);
$results['quota'] = [
'ok' => !empty($ping3['ok']),
'status' => $ping3['status'] ?? null,
];
wp_send_json_success([
'template' => $tmpl,
'keys' => [
'has_key' => ($key_source !== 'none'),
'source' => $key_source,
],
'api' => $results,
]);
}
public static function ajax_as3v3_create_post() {
self::check_nonce();
if (!current_user_can('edit_posts')) {
wp_send_json_error(['message' => __('You do not have permission to create posts.', 'brassgate-assistants-deluxe')], 403);
}
$title = isset($_POST['title']) ? sanitize_text_field(wp_unslash($_POST['title'])) : '';
$content = isset($_POST['content']) ? wp_kses_post(wp_unslash($_POST['content'])) : '';
if ($content === '') {
wp_send_json_error(['message' => __('Content is required to create a draft post.', 'brassgate-assistants-deluxe')], 400);
}
if ($title === '') {
$title = wp_trim_words(wp_strip_all_tags($content), 12, '…');
}
if ($title === '') {
$title = __('Draft article', 'brassgate-assistants-deluxe');
}
$postarr = [
'post_title' => $title,
'post_content' => $content,
'post_status' => 'draft',
'post_type' => 'post',
];
$post_id = wp_insert_post($postarr, true);
if (is_wp_error($post_id)) {
wp_send_json_error(['message' => $post_id->get_error_message()], 500);
}
$edit_link = get_edit_post_link($post_id, 'raw');
wp_send_json([
'ok' => true,
'post_id' => intval($post_id),
'edit_link' => $edit_link ? esc_url_raw($edit_link) : '',
]);
}
/** ---------------- Social Tracking AJAX ---------------- */
public static function ajax_social_state() {
self::check_nonce();
$user_id = get_current_user_id();
$window = isset($_POST['window']) ? intval($_POST['window']) : 7;
if (!$user_id) {
wp_send_json_error(['message' => 'unauthorized'], 403);
}
if (!function_exists('bgad_social_get_state')) {
wp_send_json_error(['message' => 'missing_social_module'], 500);
}
$state = bgad_social_get_state($user_id, $window);
wp_send_json_success($state);
}
public static function ajax_social_connect() {
self::check_nonce();
$user_id = get_current_user_id();
if (!$user_id) {
wp_send_json_error(['message' => 'unauthorized'], 403);
}
$platform = isset($_POST['platform']) ? sanitize_key(wp_unslash($_POST['platform'])) : '';
$connect = isset($_POST['connect']) ? (intval($_POST['connect']) === 1) : true;
$token = isset($_POST['token']) ? sanitize_text_field(wp_unslash($_POST['token'])) : '';
if ($platform === '' || !function_exists('bgad_social_set_connection')) {
wp_send_json_error(['message' => 'invalid_platform'], 400);
}
if ($platform === 'facebook' && $connect) {
wp_send_json_error(['message' => 'oauth_required'], 400);
}
$pull_at = $connect ? current_time('mysql') : null;
if ($connect) {
bgad_social_set_connection($user_id, $platform, $connect, $token, $pull_at);
if (function_exists('bgad_social_collect_for_user')) {
bgad_social_collect_for_user($user_id, array($platform));
}
} else {
if (function_exists('bgad_social_disconnect')) {
bgad_social_disconnect($user_id, $platform);
} else {
bgad_social_set_connection($user_id, $platform, false, '', null);
}
}
$state = function_exists('bgad_social_get_state') ? bgad_social_get_state($user_id, 7) : array();
wp_send_json_success(array('state' => $state));
}
public static function ajax_social_refresh() {
self::check_nonce();
$user_id = get_current_user_id();
if (!$user_id) {
wp_send_json_error(['message' => 'unauthorized'], 403);
}
$platform = isset($_POST['platform']) ? sanitize_key(wp_unslash($_POST['platform'])) : '';
$window = isset($_POST['window']) ? intval($_POST['window']) : 7;
if (function_exists('bgad_social_collect_for_user')) {
$connections = function_exists('bgad_social_connections_for_user') ? bgad_social_connections_for_user($user_id) : array();
$targets = array();
if ($platform) {
$status = $connections[$platform]['connection_status'] ?? 'not_connected';
if (in_array($status, array('connected_verified','connected_no_data_yet'), true)) {
$targets[] = $platform;
}
} else {
foreach ($connections as $slug => $conn) {
$st = $conn['connection_status'] ?? 'not_connected';
if (in_array($st, array('connected_verified','connected_no_data_yet'), true)) {
$targets[] = $slug;
}
}
}
if (!empty($targets)) {
bgad_social_collect_for_user($user_id, $targets);
}
}
$state = function_exists('bgad_social_get_state') ? bgad_social_get_state($user_id, $window) : array();
wp_send_json_success($state);
}
public static function ajax_social_fb_save_app() {
$valid = check_ajax_referer(self::NONCE, 'nonce', false);
if (!$valid) {
wp_send_json_error(['message' => 'invalid_nonce'], 403);
}
if (!current_user_can('read')) {
wp_send_json_error(['message' => 'unauthorized'], 403);
}
$user_id = get_current_user_id();
if (!$user_id) {
wp_send_json_error(['message' => 'unauthorized'], 403);
}
$app_id = isset($_POST['app_id']) ? sanitize_text_field(wp_unslash($_POST['app_id'])) : '';
$app_secret = isset($_POST['app_secret']) ? sanitize_text_field(wp_unslash($_POST['app_secret'])) : '';
if ($app_id === '' || $app_secret === '') {
wp_send_json_error(['message' => 'missing_creds'], 400);
}
update_user_meta($user_id, 'bgad_fb_app_id', $app_id);
update_user_meta($user_id, 'bgad_fb_app_secret', $app_secret);
// Server-stored per-user map for admins who prefer central storage.
$map = get_option('bgad_fb_user_creds', array());
if (!is_array($map)) {
$map = array();
}
$map[$user_id] = array('app_id' => $app_id, 'app_secret' => $app_secret);
update_option('bgad_fb_user_creds', $map, false);
wp_send_json_success(array('fbConfigured' => true));
}
private static function fb_creds() {
$user_id = get_current_user_id();
$app_id = $user_id ? trim((string) get_user_meta($user_id, 'bgad_fb_app_id', true)) : '';
$app_secret = $user_id ? trim((string) get_user_meta($user_id, 'bgad_fb_app_secret', true)) : '';
// Server-stored per-user map (array option keyed by user ID).
if ($user_id && ($app_id === '' || $app_secret === '')) {
$map = get_option('bgad_fb_user_creds', array());
if (is_array($map) && isset($map[$user_id]) && is_array($map[$user_id])) {
$app_id = $app_id ?: (string) ($map[$user_id]['app_id'] ?? '');
$app_secret = $app_secret ?: (string) ($map[$user_id]['app_secret'] ?? '');
}
}
// Fallbacks (deprecated site-wide)
if ($app_id === '' && defined('BGAD_FB_APP_ID')) {
$app_id = (string) BGAD_FB_APP_ID;
}
if ($app_secret === '' && defined('BGAD_FB_APP_SECRET')) {
$app_secret = (string) BGAD_FB_APP_SECRET;
}
if ($app_id === '') {
$app_id = trim((string) get_option('bgad_fb_app_id', ''));
}
if ($app_secret === '') {
$app_secret = trim((string) get_option('bgad_fb_app_secret', ''));
}
if ($app_id === '' && getenv('BGAD_FB_APP_ID')) {
$app_id = (string) getenv('BGAD_FB_APP_ID');
}
if ($app_secret === '' && getenv('BGAD_FB_APP_SECRET')) {
$app_secret = (string) getenv('BGAD_FB_APP_SECRET');
}
$creds = array($app_id, $app_secret);
$creds = apply_filters('bgad_fb_app_creds', $creds);
return $creds;
}
private static function fb_render_popup($title, $body, $ok_script = '') {
$safe_title = esc_html($title);
echo '' . $safe_title . ' ';
echo '';
echo '
' . $safe_title . ' ' . $body . '';
if ($ok_script) {
echo '';
}
echo '';
exit;
}
private static function fb_store_connection($user_id, $page_id, $page_name, $page_token, $expires_in = 0) {
$meta = array(
'page_id' => $page_id,
'page_name' => $page_name,
'page_token' => $page_token,
'connected_at' => current_time('mysql'),
);
if ($expires_in && is_numeric($expires_in)) {
$meta['token_expires_at'] = gmdate('Y-m-d H:i:s', time() + (int) $expires_in);
}
bgad_social_set_connection($user_id, 'facebook', true, $page_token, null, $meta, 'connected_no_data_yet');
}
public static function fb_oauth_start() {
if (!is_user_logged_in() || !current_user_can('read')) {
wp_die('Unauthorized', 403);
}
list($app_id, $app_secret) = self::fb_creds();
if ($app_id === '' || $app_secret === '') {
self::fb_render_popup('Facebook Connect', 'Missing Facebook App ID/Secret for this user. A server admin must store per-user credentials (user meta bgad_fb_app_id/bgad_fb_app_secret or option bgad_fb_user_creds[user_id]) or supply them via the bgad_fb_app_creds filter. Shared site-wide defaults are deprecated.
');
}
$state = wp_generate_password(24, false, false);
$payload = array(
'user_id' => get_current_user_id(),
'nonce' => wp_generate_password(10, false, false),
'created' => time(),
);
set_transient('bgad_fb_state_' . $state, $payload, 10 * MINUTE_IN_SECONDS);
$redirect = admin_url('admin-post.php?action=bgad_fb_oauth_callback');
$auth_url = add_query_arg(array(
'client_id' => $app_id,
'redirect_uri' => $redirect,
'scope' => 'pages_show_list,pages_read_engagement,read_insights',
'response_type' => 'code',
'state' => $state,
), 'https://www.facebook.com/v18.0/dialog/oauth');
wp_safe_redirect($auth_url);
exit;
}
public static function fb_oauth_callback() {
$state = isset($_GET['state']) ? sanitize_text_field(wp_unslash($_GET['state'])) : '';
$error = isset($_GET['error']) ? sanitize_text_field(wp_unslash($_GET['error'])) : '';
$error_desc = isset($_GET['error_description']) ? sanitize_text_field(wp_unslash($_GET['error_description'])) : '';
$code = isset($_GET['code']) ? sanitize_text_field(wp_unslash($_GET['code'])) : '';
$payload = $state ? get_transient('bgad_fb_state_' . $state) : null;
if (!$payload || empty($payload['user_id'])) {
self::fb_render_popup('Facebook Connect', 'Invalid or expired state.
');
}
$user_id = (int) $payload['user_id'];
$user = get_user_by('id', $user_id);
if (!$user) {
self::fb_render_popup('Facebook Connect', 'User not found.
');
}
wp_set_current_user($user_id);
if (!is_user_logged_in() || get_current_user_id() !== $user_id || !current_user_can('read')) {
self::fb_render_popup('Facebook Connect', 'Unauthorized.
');
}
if ($error) {
self::fb_render_popup('Facebook Connect', 'Authorization failed: ' . esc_html($error_desc ?: $error) . '
Close ');
}
if ($code === '') {
self::fb_render_popup('Facebook Connect', 'No authorization code returned.
');
}
list($app_id, $app_secret) = self::fb_creds();
if ($app_id === '' || $app_secret === '') {
self::fb_render_popup('Facebook Connect', 'Missing Facebook App credentials for this user. A server admin must store per-user credentials (user meta bgad_fb_app_id/bgad_fb_app_secret or option bgad_fb_user_creds[user_id]) or provide them via the bgad_fb_app_creds filter.
');
}
$redirect = admin_url('admin-post.php?action=bgad_fb_oauth_callback');
$token_url = add_query_arg(array(
'client_id' => $app_id,
'redirect_uri' => $redirect,
'client_secret' => $app_secret,
'code' => $code,
), 'https://graph.facebook.com/v18.0/oauth/access_token');
$resp = wp_remote_get($token_url, array('timeout' => 15));
if (is_wp_error($resp)) {
self::fb_render_popup('Facebook Connect', 'Token exchange failed: ' . esc_html($resp->get_error_message()) . '
');
}
$body = json_decode((string) wp_remote_retrieve_body($resp), true);
$user_token = is_array($body) && !empty($body['access_token']) ? $body['access_token'] : '';
$expires_in = is_array($body) && isset($body['expires_in']) ? (int) $body['expires_in'] : 0;
if (!$user_token) {
self::fb_render_popup('Facebook Connect', 'Token exchange did not return an access token.
');
}
$pages_resp = bgad_social_fb_graph('me/accounts', array('fields' => 'id,name,access_token', 'limit' => 200), $user_token);
if (empty($pages_resp['ok']) || empty($pages_resp['body']['data'])) {
self::fb_render_popup('Facebook Connect', 'No Facebook Pages found for this account.
');
}
$pages = $pages_resp['body']['data'];
set_transient('bgad_fb_pages_' . $state, array('pages' => $pages, 'user_id' => $user_id, 'expires_in' => $expires_in), 10 * MINUTE_IN_SECONDS);
if (count($pages) === 1) {
$page = $pages[0];
self::fb_store_connection($user_id, $page['id'], $page['name'] ?? '', $page['access_token'] ?? '', $expires_in);
if (function_exists('bgad_social_collect_for_user')) {
bgad_social_collect_for_user($user_id, array('facebook'));
}
delete_transient('bgad_fb_state_' . $state);
delete_transient('bgad_fb_pages_' . $state);
$script = "if(window.opener){try{window.opener.postMessage({type:'bgad_social_fb_connected'}, '*');}catch(e){} window.close();}";
self::fb_render_popup('Facebook Connected', 'Facebook connected. You can close this window.
', $script);
}
// Multiple pages: show selector.
$html = 'Select which Facebook Page to track:
';
foreach ($pages as $page) {
$html .= ' Only read-only permissions are requested. This popup will close after selection.
';
self::fb_render_popup('Select Facebook Page', $html);
}
public static function fb_oauth_select() {
$state = isset($_POST['state']) ? sanitize_text_field(wp_unslash($_POST['state'])) : '';
$page_id = isset($_POST['page_id']) ? sanitize_text_field(wp_unslash($_POST['page_id'])) : '';
$stored = $state ? get_transient('bgad_fb_pages_' . $state) : null;
if (!$stored || empty($stored['pages']) || empty($page_id)) {
self::fb_render_popup('Facebook Connect', 'Selection expired. Please restart the connection.
');
}
$user_id = isset($stored['user_id']) ? (int) $stored['user_id'] : 0;
$user = $user_id ? get_user_by('id', $user_id) : null;
if (!$user) {
self::fb_render_popup('Facebook Connect', 'User not found.
');
}
wp_set_current_user($user_id);
if (!is_user_logged_in() || get_current_user_id() !== $user_id || !current_user_can('read')) {
self::fb_render_popup('Facebook Connect', 'Unauthorized.
');
}
$page = null;
foreach ($stored['pages'] as $entry) {
if ((string) ($entry['id'] ?? '') === $page_id) {
$page = $entry;
break;
}
}
if (!$page) {
self::fb_render_popup('Facebook Connect', 'Selected page not found.
');
}
self::fb_store_connection($user_id, $page['id'], $page['name'] ?? '', $page['access_token'] ?? '', $stored['expires_in'] ?? 0);
if (function_exists('bgad_social_collect_for_user')) {
bgad_social_collect_for_user($user_id, array('facebook'));
}
delete_transient('bgad_fb_state_' . $state);
delete_transient('bgad_fb_pages_' . $state);
$script = "if(window.opener){try{window.opener.postMessage({type:'bgad_social_fb_connected'}, '*');}catch(e){} window.close();}";
self::fb_render_popup('Facebook Connected', 'Facebook connected. You can close this window.
', $script);
}
/** ---------------- Embedded Doc Repo AJAX ---------------- */
private static function backend_admin_headers() {
$admin = trim((string)get_option(self::OPT_ADMIN_KEY, ''));
return $admin ? ['X-Admin-Key' => $admin] : [];
}
public static function ajax_doc_list() {
self::check_nonce();
$status = sanitize_text_field($_GET['status'] ?? '');
$scope = sanitize_text_field($_GET['scope'] ?? 'self');
$page = max(1, intval($_GET['page'] ?? 1));
$size = max(1, intval($_GET['page_size'] ?? 25));
$qs = ['status'=>$status?:null, 'page'=>$page, 'page_size'=>$size];
$parts = [];
if ($scope === 'auto') {
$self = self::http('GET', '/v3/documents/list?' . http_build_query(array_filter(array_merge($qs,['scope'=>'self']))));
$team = self::http('GET', '/v3/documents/list?' . http_build_query(array_filter(array_merge($qs,['scope'=>'team']))));
$org = self::http('GET', '/v3/documents/list?' . http_build_query(array_filter(array_merge($qs,['scope'=>'org']))), null, 30, self::backend_admin_headers());
$parts = [ 'self'=>$self, 'team'=>$team, 'org'=>$org ];
$errors = [];
$lists = [];
foreach ($parts as $sc=>$r) {
if (empty($r['ok'])) {
$errors[] = ['scope'=>$sc, 'status'=>$r['status'] ?? 0, 'error'=> is_array($r['data']??null) ? (($r['data']['detail'] ?? $r['data']['error'] ?? '')) : (is_string($r['data']??'') ? ($r['data']) : '') ];
continue;
}
$lists[] = ['body' => $r['data'] ?? []];
}
// merge similar to bgd_merge_doc_lists
$seen = [];$items=[];
foreach ($lists as $entry){ $body = $entry['body'] ?? [];$arr = $body['items'] ?? ($body['documents'] ?? []); if (!is_array($arr)) $arr=[]; foreach ($arr as $doc){ $id = $doc['document_id'] ?? md5(wp_json_encode($doc)); if (isset($seen[$id])) continue; $seen[$id]=true; $items[]=$doc; }}
usort($items, function($a,$b){ $ca=$a['created_at']??''; $cb=$b['created_at']??''; return strcmp($cb,$ca); });
wp_send_json(['list'=>[
'ok'=>true,
'code'=>200,
'body'=>['items'=>$items,'total'=>count($items),'page'=>1,'page_size'=>max(1,count($items))],
'errors'=>$errors,
]]);
} else {
$priv = ($scope === 'org');
$r = self::http('GET', '/v3/documents/list?' . http_build_query(array_filter(array_merge($qs,['scope'=>$scope]))), null, 30, $priv? self::backend_admin_headers(): []);
$body = $r['data'] ?? [];
$items = $body['items'] ?? ($body['documents'] ?? []);
if (empty($r['ok'])) {
wp_send_json(['list'=>[
'ok'=>false,
'code'=>$r['status'] ?? 0,
'error'=> is_array($body) ? ($body['detail'] ?? $body['error'] ?? '') : (is_string($body) ? $body : ''),
'body'=>['items'=>[], 'total'=>0, 'page'=>1, 'page_size'=>0],
]]);
}
$out = [
'ok'=>true,
'code'=>$r['status'] ?? 200,
'body'=>[
'items'=> is_array($items)? $items: [],
'total'=> isset($body['total'])? intval($body['total']) : (is_array($items)? count($items):0),
'page' => $body['page'] ?? 1,
'page_size' => $body['page_size'] ?? ($body['limit'] ?? (is_array($items)? count($items):0)),
],
];
wp_send_json(['list'=>$out]);
}
}
public static function ajax_doc_upload() {
self::check_nonce();
if (!current_user_can('read')) {
wp_send_json([
'upload' => [
'code' => 403,
'error' => 'forbidden',
],
], 403);
}
if (!isset($_FILES['file']) || empty($_FILES['file']['tmp_name'])) {
wp_send_json([
'upload' => [
'code' => 0,
'error' => 'no_file',
],
], 400);
}
$base = self::backend_base();
$url = $base . '/v3/documents/upload';
$headers = self::user_headers();
$boundary = wp_generate_password(24, false, false);
$file = $_FILES['file'];
$body = [];
$body[] = "--$boundary";
$body[] = 'Content-Disposition: form-data; name="file"; filename="'.esc_attr($file['name']).'"';
$body[] = 'Content-Type: '.($file['type'] ?: 'application/octet-stream');
$body[] = '';
$body[] = file_get_contents($file['tmp_name']);
if (isset($_POST['metadata'])) {
$body[] = "--$boundary";
$body[] = 'Content-Disposition: form-data; name="metadata"';
$body[] = '';
$body[] = (string) wp_unslash($_POST['metadata']);
}
$body[] = "--$boundary--";
$args = [
'method' => 'POST',
'timeout' => 60,
'headers' => array_merge($headers, ['Content-Type' => 'multipart/form-data; boundary='.$boundary]),
'body' => implode("\r\n", $body),
];
$res = wp_remote_request($url, $args);
if (is_wp_error($res)) wp_send_json(['upload'=>['ok'=>false,'code'=>0,'error'=>$res->get_error_message(),'body'=>null]]);
$code = wp_remote_retrieve_response_code($res);
$raw = wp_remote_retrieve_body($res);
$json = json_decode($raw, true);
$err = is_array($json) ? ($json['detail'] ?? $json['error'] ?? '') : '';
if ($code >= 200 && $code < 300 && function_exists('bg_increment_user_usage')) {
bg_increment_user_usage(get_current_user_id(), 'docs_upload', 1);
}
wp_send_json(['upload'=>['ok'=>($code>=200 && $code<300), 'code'=>$code, 'error'=>$err, 'body'=>$json]]);
}
public static function ajax_doc_approve() {
self::check_nonce();
if (!current_user_can('read')) {
wp_send_json(['approve' => ['code' => 403]], 403);
}
$doc = sanitize_text_field($_POST['document_id'] ?? '');
if ($doc === '') {
wp_send_json([
'approve' => [
'code' => 400,
'error' => 'missing_document_id',
],
], 400);
}
$r = self::http('POST', '/v3/documents/approve', ['document_id' => $doc], 30, self::backend_admin_headers());
$body = $r['data'] ?? null;
$err = is_array($body) ? ($body['detail'] ?? $body['error'] ?? '') : (is_string($body) ? $body : '');
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
bg_increment_user_usage(get_current_user_id(), 'docs_tag', 1);
}
wp_send_json([
'approve' => [
'ok' => !empty($r['ok']),
'code' => $r['status'] ?? 0,
'error' => $err,
'body' => $body,
],
]);
}
public static function ajax_doc_index() {
self::check_nonce();
if (!current_user_can('read')) {
wp_send_json(['index' => ['code' => 403]], 403);
}
$doc = sanitize_text_field($_POST['document_id'] ?? '');
if ($doc === '') {
wp_send_json([
'index' => [
'code' => 400,
'error' => 'missing_document_id',
],
], 400);
}
$r = self::http('POST', '/v3/documents/index', ['document_id' => $doc], 60, self::backend_admin_headers());
$body = $r['data'] ?? null;
$err = is_array($body) ? ($body['detail'] ?? $body['error'] ?? '') : (is_string($body) ? $body : '');
if (!empty($r['ok']) && function_exists('bg_increment_user_usage')) {
bg_increment_user_usage(get_current_user_id(), 'docs_tag', 1);
}
wp_send_json([
'index' => [
'ok' => !empty($r['ok']),
'code' => $r['status'] ?? 0,
'error' => $err,
'body' => $body,
],
]);
}
public static function ajax_doc_delete() {
self::check_nonce();
if (!current_user_can('read')) {
wp_send_json(['delete' => ['code' => 403]], 403);
}
$doc = sanitize_text_field($_POST['document_id'] ?? '');
if ($doc === '') {
wp_send_json([
'delete' => [
'code' => 400,
'error' => 'missing_document_id',
],
], 400);
}
$r = self::http('DELETE', '/v3/documents/delete', ['document_id' => $doc], 30, self::backend_admin_headers());
$body = $r['data'] ?? null;
$err = is_array($body) ? ($body['detail'] ?? $body['error'] ?? '') : (is_string($body) ? $body : '');
if (!empty($r['ok']) && function_exists('bg_decrement_user_usage')) {
bg_decrement_user_usage(get_current_user_id(), 'docs_upload', 1);
}
wp_send_json([
'delete' => [
'ok' => !empty($r['ok']),
'code' => $r['status'] ?? 0,
'error' => $err,
'body' => $body,
],
]);
}
public static function ajax_quota_refresh() {
if (!current_user_can('read')) {
wp_send_json_error(array('message' => 'forbidden'), 403);
}
$nonce = isset($_POST['nonce']) ? sanitize_text_field(wp_unslash($_POST['nonce'])) : '';
if ($nonce === '' || (!wp_verify_nonce($nonce, 'bgad_quota_refresh') && !wp_verify_nonce($nonce, 'bgad_quota'))) {
wp_send_json_error(array('message' => 'invalid nonce'), 403);
}
$scope_raw = isset($_POST['scope']) ? wp_unslash($_POST['scope']) : '';
$scope = is_string($scope_raw) ? trim($scope_raw) : '';
if ($scope === '') {
$scope = 'auto';
}
$page_raw = isset($_POST['page']) ? wp_unslash($_POST['page']) : '';
$page = is_string($page_raw) ? sanitize_key($page_raw) : '';
$features = array();
if ($page !== '') {
$features = self::features_for_page($page);
}
if (empty($features)) {
$features = self::quota_features_for_scope($scope);
}
$features = array_values(array_unique(array_filter(array_map('sanitize_key', (array) $features))));
if (empty($features)) {
$features = array('video_generate', 'videos_upload');
}
$context = self::quota_context($features);
$snapshot = isset($context['snapshot']) && is_array($context['snapshot']) ? $context['snapshot'] : array();
$limits = array();
foreach ($snapshot as $slug => $row) {
if (!is_array($row)) {
continue;
}
$limits[$slug] = array(
'used' => isset($row['used']) ? (int) $row['used'] : 0,
'limit' => isset($row['limit']) ? (int) $row['limit'] : 0,
'remaining' => isset($row['remaining']) ? (int) $row['remaining'] : 0,
'unlimited' => !empty($row['unlimited']),
'disabled' => !empty($row['disabled']),
);
}
$response = array(
'ok' => true,
'scope' => $scope,
'page' => $page,
'features' => $features,
'limits' => $limits,
'context' => $context,
'updated' => time(),
);
wp_send_json_success($response, 200);
}
public static function ajax_quota_snapshot() {
self::check_nonce(); if (!current_user_can('read')) wp_send_json(['code'=>403]);
$slugs = array(
'images_upload','images_tag','docs_upload','docs_tag','videos_upload','videos_tag',
'chat_messages','articles_from_text','articles_from_image','audio_generate','music_generate',
'shortform_from_user_videos','longform_summaries_trailers','longform_upload_tag'
);
$context = self::quota_context($slugs);
wp_send_json(['code'=>200, 'snapshot'=>$context['snapshot'], 'context'=>$context]);
}
public static function ajax_allowances_refresh() {
if (!current_user_can('read')) {
wp_send_json_error(['message' => 'forbidden'], 403);
}
$nonce = isset($_POST['nonce']) ? sanitize_text_field(wp_unslash($_POST['nonce'])) : '';
if ($nonce === '' || !wp_verify_nonce($nonce, 'bgad_allowances_refresh')) {
wp_send_json_error(['message' => 'invalid nonce'], 403);
}
$current_user_id = get_current_user_id();
$target_user_id = isset($_POST['user_id']) ? (int) $_POST['user_id'] : 0;
if ($target_user_id <= 0) {
$target_user_id = $current_user_id;
}
$is_manager = current_user_can('manage_options') || current_user_can('edit_others_posts');
if (!$is_manager) {
$user = get_userdata($current_user_id);
if ($user && !empty($user->roles)) {
$roles = (array) $user->roles;
$is_manager = in_array('bg_client_owner', $roles, true) || in_array('bg_client_admin', $roles, true);
}
}
$current_client = trim((string) get_user_meta($current_user_id, 'bg_client_id', true));
$target_client = trim((string) get_user_meta($target_user_id, 'bg_client_id', true));
if (!$is_manager || $current_client === '' || $target_client === '' || $current_client !== $target_client) {
$target_user_id = $current_user_id;
$target_client = $current_client;
}
if ($target_client === '') {
wp_send_json_error(['message' => 'missing client'], 400);
}
$data = null;
if (function_exists('brassgate_get_quota_summary_for_user')) {
$data = brassgate_get_quota_summary_for_user($target_user_id);
}
if (!is_array($data)) {
$slugs = array(
'images_upload','images_tag','docs_upload','docs_tag','videos_upload','videos_tag',
'chat_messages','articles_from_text','articles_from_image','audio_generate','music_generate',
'shortform_from_user_videos','longform_summaries_trailers','longform_upload_tag',
'video_generate','assistant_messages','images_generate'
);
$slugs = array_values(array_unique(array_filter(array_map('sanitize_key', $slugs))));
$path = '/v3/dashboard/quota';
if (!empty($slugs)) {
$path .= '?resources=' . rawurlencode(implode(',', $slugs));
}
$response = self::http('GET', $path, null, 20);
if (empty($response['ok']) || !isset($response['data']) || !is_array($response['data'])) {
wp_send_json_error(['message' => 'quota fetch failed'], 502);
}
$data = $response['data'];
}
$base = trim((string) getenv('BG_ORCHESTRATOR_BASE'));
if ($base === '' && function_exists('bgad_backend_base')) {
$base = (string) bgad_backend_base();
}
if ($base !== '') {
$url = rtrim($base, '/') . '/quota-snapshot';
$payload = array(
'client_id' => $target_client,
'user_id' => (string) $target_user_id,
'quota_snapshot' => $data,
);
wp_remote_post($url, array(
'timeout' => 1,
'headers' => array('Content-Type' => 'application/json'),
'body' => wp_json_encode($payload),
));
}
wp_send_json_success([
'ok' => true,
'snapshot' => $data,
], 200);
}
public static function ajax_whoami() {
self::check_nonce(); if (!current_user_can('read')) wp_send_json(['code'=>403]);
$u = wp_get_current_user();
$has_user = !!get_user_meta($u->ID, self::USER_KEY, true);
$has_mgr = !!get_user_meta($u->ID, self::MANAGER_KEY, true);
$has_admin= !!get_option(self::OPT_ADMIN_KEY, '');
wp_send_json(['code'=>200,'uid'=>$u->ID,'has_user_key'=>$has_user,'has_manager_key'=>$has_mgr,'has_admin_key'=>$has_admin]);
}
public static function ajax_image_manager_js() {
if (!current_user_can('read')) {
status_header(403);
wp_die(__('Insufficient permissions.', 'brassgate-assistants-deluxe'));
}
if (!self::user_has_plan()) {
status_header(403);
header('Content-Type: application/javascript; charset=UTF-8');
echo "(() => { console.warn('[BGAD] image-manager.js blocked: plan required'); const el=document.getElementById('bgv3-log'); if(el){el.textContent='BrassGate: upgrade required to load Image Manager.';} })();";
wp_die();
}
$path = __DIR__ . '/assets/js/image-manager.js';
header('Content-Type: application/javascript; charset=UTF-8');
if (is_readable($path)) {
readfile($path);
} else {
echo "(() => { console.warn('[BGAD] image-manager.js missing'); const el=document.getElementById('bgv3-log'); if(el){el.textContent='BrassGate: image-manager.js missing from assets/js.';} })();";
}
wp_die();
}
}
if (!function_exists('bgad_enqueue_common_js')) {
function bgad_enqueue_common_js() {
wp_enqueue_script(
'bgad-common-js',
plugins_url('assets/js/common.js', __FILE__),
array('jquery'),
filemtime(plugin_dir_path(__FILE__) . 'assets/js/common.js'),
true
);
}
}
BrassGate_Assistants_Deluxe::init();
if (!function_exists('bgad_vertical_log_event')) {
function bgad_vertical_log_event($message, array $context = []) {
$prefix = '[BGAD vertical] ' . $message;
if (!empty($context)) {
$json = wp_json_encode($context);
if (is_string($json) && $json !== '') {
$prefix .= ' ' . $json;
}
}
error_log($prefix);
if (function_exists('do_action')) {
do_action('bgad_vertical_activity_log_event', $message, $context);
}
}
}
// ---- Vertical Socials Helper: storage-first submit pipeline ----
add_action('wp_ajax_bgad_vertical_socials_submit', function () {
$started = microtime(true);
try {
if (!isset($_POST['nonce']) || !wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['nonce'])), BrassGate_Assistants_Deluxe::NONCE)) {
return bgad_json_send(['ok' => false, 'error' => 'Bad nonce'], 403);
}
if (!BrassGate_Assistants_Deluxe::user_has_plan()) {
return bgad_json_send(['ok' => false, 'error' => 'Insufficient permissions'], 403);
}
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
if (!$client_key) {
return bgad_json_send(['ok' => false, 'error' => 'Missing BrassGate client key in profile'], 400);
}
$client_hash = substr(sha1($client_key), 0, 12);
if (!function_exists('bgad_user_headers')) {
return bgad_json_send(['ok' => false, 'error' => 'Header helpers missing'], 500);
}
$header_map = bgad_user_headers(false, 'vertical-socials-helper');
$has_user_key = array_reduce(array_keys($header_map), function ($carry, $key) use ($header_map) {
return $carry || (strtolower($key) === 'x-user-api-key' && !empty($header_map[$key]));
}, false);
if (!$has_user_key) {
bgad_vertical_log_event('submit:missing-user-key', ['client' => $client_hash]);
return bgad_json_send(['ok' => false, 'error' => 'Missing BrassGate API key in profile'], 400);
}
$header_map['x-brassgate-client-key'] = $client_key;
$header_map['X-Correlation-Id'] = function_exists('wp_generate_uuid4') ? wp_generate_uuid4() : uniqid('corr_', true);
$text_fields = [
'music_style' => isset($_POST['music_style']) ? sanitize_text_field(wp_unslash($_POST['music_style'])) : 'cinematic',
'overlay_url' => isset($_POST['overlay_url']) ? esc_url_raw(wp_unslash($_POST['overlay_url'])) : '',
'use_blur_background' => (!empty($_POST['use_blur_background']) && $_POST['use_blur_background'] !== 'false') ? 'true' : 'false',
];
$storage_refs_json = isset($_POST['storage_refs']) ? wp_unslash($_POST['storage_refs']) : '';
$storage_refs = [];
if ($storage_refs_json) {
$decoded = json_decode($storage_refs_json, true);
if (is_array($decoded)) {
$storage_refs = $decoded;
}
}
if (empty($storage_refs)) {
return bgad_json_send(['ok' => false, 'error' => 'No storage references provided. The direct upload process may have failed.'], 400);
}
bgad_vertical_log_event('submit:start-with-refs', [
'client' => $client_hash,
'corr' => $header_map['X-Correlation-Id'],
'refs' => array_keys($storage_refs),
]);
$base = function_exists('bgad_backend_base') ? rtrim(bgad_backend_base(), '/') : 'https://brassgate-backend.onrender.com';
$submit_with_refs = bgad_vertical_submit_refs($header_map, $text_fields, $storage_refs, $base);
if ($submit_with_refs['ok']) {
$job_id = '';
$body = $submit_with_refs['body'];
if (is_array($body)) {
$job_id = (string)($body['body']['job_id'] ?? $body['job_id'] ?? '');
}
$corr = $submit_with_refs['corr'] ?? $header_map['X-Correlation-Id'];
bgad_vertical_log_event('submit:success', [
'client' => $client_hash,
'path' => 'storage-first-js',
'job' => $job_id,
'corr' => $corr,
'elapsed' => round((microtime(true) - $started) * 1000),
]);
return bgad_json_send([
'ok' => true,
'corr' => $corr,
'body' => ['job_id' => $job_id],
], 200);
}
$preview = isset($submit_with_refs['raw']) ? substr((string)$submit_with_refs['raw'], 0, 200) : ($submit_with_refs['error'] ?? '');
bgad_vertical_log_event('submit:ref-submit-error', [
'client' => $client_hash,
'status' => $submit_with_refs['status'] ?? 0,
'error' => $submit_with_refs['error'] ?? '',
'corr' => $submit_with_refs['corr'] ?? '',
'preview'=> $preview,
]);
$status = $submit_with_refs['status'] ?? 502;
$message = $submit_with_refs['error'] ?? 'Submission failed';
return bgad_json_send(['ok' => false, 'error' => $message], ($status >= 400 && $status < 600) ? $status : 502);
} catch (Throwable $th) {
$context = [
'error' => $th->getMessage(),
'type' => get_class($th),
'file' => basename($th->getFile()),
'line' => $th->getLine(),
];
bgad_vertical_log_event('submit:exception', $context);
return bgad_json_send(['ok' => false, 'error' => 'Unexpected error during submission. Check server logs.'], 500);
}
});
if (!function_exists('bgad_vertical_ini_bytes')) {
function bgad_vertical_ini_bytes($value) {
if ($value === '' || $value === false || $value === null) {
return 0;
}
if (is_numeric($value)) {
return (int) $value;
}
if (!is_string($value)) {
return 0;
}
$value = trim($value);
if ($value === '') {
return 0;
}
$unit = strtolower(substr($value, -1));
$number = (float) $value;
switch ($unit) {
case 'g':
return (int) ($number * 1024 * 1024 * 1024);
case 'm':
return (int) ($number * 1024 * 1024);
case 'k':
return (int) ($number * 1024);
default:
return (int) $number;
}
}
}
if (!function_exists('bgad_vertical_check_upload_limits')) {
function bgad_vertical_check_upload_limits(array $files) {
$upload_max = bgad_vertical_ini_bytes(ini_get('upload_max_filesize'));
$post_max = bgad_vertical_ini_bytes(ini_get('post_max_size'));
$max_files = (int) ini_get('max_file_uploads');
$total_size = 0;
$count = 0;
foreach ($files as $info) {
if (!is_array($info) || empty($info['file'])) {
continue;
}
$count++;
$size = isset($info['file']['size']) ? (int) $info['file']['size'] : 0;
$total_size += max(0, $size);
if ($upload_max > 0 && $size > $upload_max) {
return sprintf(
'PHP upload limits too low (upload_max_filesize=%s, post_max_size=%s)',
ini_get('upload_max_filesize'),
ini_get('post_max_size')
);
}
}
if ($post_max > 0 && $total_size > $post_max) {
return sprintf(
'PHP upload limits too low (upload_max_filesize=%s, post_max_size=%s)',
ini_get('upload_max_filesize'),
ini_get('post_max_size')
);
}
if ($max_files > 0 && $count > $max_files) {
return sprintf(
'Too many files for current PHP max_file_uploads (%d).',
$max_files
);
}
return '';
}
}
if (!function_exists('bgad_vertical_post_multipart_stream')) {
function bgad_vertical_post_multipart_stream($url, array $headers_map, array $fields, array $files, $timeout = 120) {
$boundary = '----BGAD' . (function_exists('wp_generate_uuid4') ? wp_generate_uuid4() : uniqid('bgad', true));
$stream = fopen('php://temp', 'w+');
if (!$stream) {
return [
'transport_ok' => false,
'status' => 0,
'raw' => '',
'error' => 'Unable to allocate stream buffer',
];
}
foreach ($fields as $name => $value) {
fwrite($stream, "--{$boundary}\r\n");
fwrite($stream, sprintf("Content-Disposition: form-data; name=\"%s\"\r\n\r\n", $name));
fwrite($stream, (string) $value . "\r\n");
}
foreach ($files as $name => $meta) {
if (empty($meta['tmp_name']) || !is_readable($meta['tmp_name'])) {
continue;
}
$filename = sanitize_file_name(isset($meta['name']) ? (string) $meta['name'] : $name);
$type = isset($meta['type']) && $meta['type'] ? (string) $meta['type'] : 'application/octet-stream';
$handle = fopen($meta['tmp_name'], 'rb');
if (!$handle) {
fclose($stream);
return [
'transport_ok' => false,
'status' => 0,
'raw' => '',
'error' => sprintf('Unable to open file stream for %s', $filename),
];
}
fwrite($stream, "--{$boundary}\r\n");
fwrite($stream, sprintf("Content-Disposition: form-data; name=\"%s\"; filename=\"%s\"\r\n", $name, $filename));
fwrite($stream, "Content-Type: {$type}\r\n\r\n");
while (!feof($handle)) {
$chunk = fread($handle, 8192);
if ($chunk === false) {
break;
}
fwrite($stream, $chunk);
}
fclose($handle);
fwrite($stream, "\r\n");
}
fwrite($stream, "--{$boundary}--\r\n");
$body = stream_get_contents($stream, -1, 0);
if ($body === false) {
fclose($stream);
return [
'transport_ok' => false,
'status' => 0,
'raw' => '',
'error' => 'Unable to read multipart payload',
];
}
$length = strlen($body);
fclose($stream);
$headers = $headers_map;
$headers['Content-Type'] = 'multipart/form-data; boundary=' . $boundary;
$headers['Content-Length'] = (string) $length;
$args = [
'method' => 'POST',
'timeout' => $timeout,
'headers' => $headers,
'body' => $body,
'redirection' => 0,
];
$response = wp_remote_post($url, $args);
if (is_wp_error($response)) {
return [
'transport_ok' => false,
'status' => 0,
'raw' => '',
'error' => $response->get_error_message(),
];
}
$status = (int) wp_remote_retrieve_response_code($response);
$raw = (string) wp_remote_retrieve_body($response);
return [
'transport_ok' => true,
'status' => $status,
'raw' => $raw,
'error' => '',
];
}
}
if (!function_exists('bgad_vertical_send_multipart')) {
function bgad_vertical_send_multipart($url, array $headers_map, array $fields, array $files, $timeout = 120) {
$normalized = [];
foreach ($fields as $key => $value) {
if (is_scalar($value) || $value === null) {
$normalized[$key] = (string) $value;
} else {
$normalized[$key] = wp_json_encode($value);
}
}
if (function_exists('curl_init')) {
$post_fields = $normalized;
foreach ($files as $name => $meta) {
if (empty($meta['tmp_name']) || !is_readable($meta['tmp_name'])) {
continue;
}
$filename = sanitize_file_name(isset($meta['name']) ? (string) $meta['name'] : $name);
$type = isset($meta['type']) && $meta['type'] ? (string) $meta['type'] : 'application/octet-stream';
$post_fields[$name] = new CURLFile($meta['tmp_name'], $type ?: 'application/octet-stream', $filename);
}
$header_list = [];
foreach ($headers_map as $header => $value) {
if (!is_string($header) || $header === '') {
continue;
}
if (!is_string($value) || $value === '') {
continue;
}
$header_list[] = $header . ': ' . $value;
}
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => $header_list,
CURLOPT_POSTFIELDS => $post_fields,
CURLOPT_TIMEOUT => $timeout,
]);
$raw = curl_exec($ch);
$error = curl_error($ch);
$status = (int) curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($error) {
return [
'transport_ok' => false,
'status' => 0,
'raw' => '',
'error' => $error,
];
}
return [
'transport_ok' => true,
'status' => $status,
'raw' => (string) $raw,
'error' => '',
];
}
return bgad_vertical_post_multipart_stream($url, $headers_map, $normalized, $files, $timeout);
}
}
if (!function_exists('bgad_vertical_storage_upload')) {
function bgad_vertical_storage_upload($client_key, array $file, $kind, $base) {
if (empty($file['tmp_name']) || !is_uploaded_file($file['tmp_name'])) {
return ['ok' => false, 'error' => 'Invalid upload handle', 'status' => 400];
}
$url = rtrim($base, '/') . '/v3/videos/upload';
$headers = function_exists('bgad_user_headers') ? bgad_user_headers(false, 'videos-v3') : [];
unset($headers['Content-Type']);
$headers['x-brassgate-client-key'] = $client_key;
$headers['X-Brassgate-Client-Key'] = $client_key;
if (!isset($headers['X-BG-Feature'])) {
$headers['X-BG-Feature'] = 'videos-v3';
}
$delays = [0.0, 0.5, 1.5];
$max_delay = end($delays);
reset($delays);
$filename = sanitize_file_name(isset($file['name']) ? (string) $file['name'] : ($kind . '.mp4'));
$mime = isset($file['type']) && $file['type'] ? (string) $file['type'] : 'application/octet-stream';
$fields = [
'role' => $kind,
'orientation' => ($kind === 'portrait') ? 'portrait' : (($kind === 'landscape') ? 'landscape' : 'auto'),
];
$last_error = 'Upload failed';
$last_status = 0;
foreach ($delays as $delay) {
if ($delay > 0) {
usleep((int) ($delay * 1000000));
}
$headers['X-Correlation-Id'] = function_exists('wp_generate_uuid4') ? wp_generate_uuid4() : uniqid('corr_', true);
$response = bgad_vertical_send_multipart($url, $headers, $fields, [
'file' => [
'tmp_name' => $file['tmp_name'],
'type' => $mime,
'name' => $filename,
],
]);
if (!$response['transport_ok']) {
$last_error = $response['error'] ?: 'Transport error';
$last_status = 0;
continue;
}
$status = (int) ($response['status'] ?? 0);
$raw = $response['raw'] ?? '';
$json = json_decode((string) $raw, true);
if ($status >= 200 && $status < 300 && is_array($json) && !empty($json['ok'])) {
return [
'ok' => true,
'status' => $status,
'reference' => [
'filename' => isset($json['filename']) ? (string) $json['filename'] : '',
'url' => isset($json['url']) ? (string) $json['url'] : '',
'duration' => $json['duration'] ?? null,
'kind' => $kind,
'corr' => $headers['X-Correlation-Id'],
],
'response' => $json,
'raw' => $raw,
];
}
if (in_array($status, [429, 502, 503, 504], true) && $delay < $max_delay) {
$last_error = is_string($raw) && $raw !== '' ? substr($raw, 0, 400) : 'Transient error';
$last_status = $status;
continue;
}
$last_status = $status;
if (is_array($json) && isset($json['error'])) {
$last_error = is_string($json['error']) ? $json['error'] : wp_json_encode($json['error']);
} elseif (is_array($json) && isset($json['message'])) {
$last_error = is_string($json['message']) ? $json['message'] : wp_json_encode($json['message']);
} elseif ($raw !== '') {
$last_error = substr((string) $raw, 0, 400);
} else {
$last_error = 'Upload failed';
}
break;
}
return [
'ok' => false,
'error' => $last_error,
'status' => $last_status,
];
}
}
if (!function_exists('bgad_vertical_submit_refs')) {
function bgad_vertical_submit_refs(array $header_map, array $fields, array $storage_refs, $base) {
$url = rtrim($base, '/') . '/v3/vertical/submit';
$headers = $header_map;
unset($headers['Content-Type']);
if (!isset($headers['Accept'])) {
$headers['Accept'] = 'application/json';
}
$payload = $fields;
if (!empty($storage_refs)) {
$payload['storage_refs'] = wp_json_encode($storage_refs);
}
// Use bgad_vertical_send_multipart to ensure correct multipart/form-data encoding
$response = bgad_vertical_send_multipart($url, $headers, $payload, [], 120);
if (!$response['transport_ok']) {
return [
'ok' => false,
'status' => 0,
'error' => $response['error'] ?: 'Transport error',
'raw' => '',
'body' => null,
'corr' => $headers['X-Correlation-Id'] ?? '',
];
}
$status = (int) ($response['status'] ?? 0);
$raw = (string) ($response['raw'] ?? '');
$json = json_decode($raw, true);
$corr = '';
if (is_array($json)) {
$corr = $json['corr'] ?? $json['correlation'] ?? '';
}
if (!$corr && isset($headers['X-Correlation-Id'])) {
$corr = $headers['X-Correlation-Id'];
}
if ($status >= 200 && $status < 300 && is_array($json) && (!empty($json['body']['job_id']) || !empty($json['job_id']))) {
return [
'ok' => true,
'status'=> $status,
'body' => $json,
'raw' => $raw,
'corr' => $corr,
];
}
$error = '';
if (is_array($json) && isset($json['error'])) {
$error = is_string($json['error']) ? $json['error'] : wp_json_encode($json['error']);
} elseif (is_array($json) && isset($json['message'])) {
$error = is_string($json['message']) ? $json['message'] : wp_json_encode($json['message']);
} elseif ($raw !== '') {
$error = substr((string) $raw, 0, 400);
} else {
$error = 'Upstream error';
}
return [
'ok' => false,
'status' => $status,
'error' => $error,
'raw' => $raw,
'body' => $json,
'corr' => $corr,
];
}
}
if (!function_exists('bgad_vertical_submit_curl')) {
function bgad_vertical_submit_curl(array $header_map, array $payload, $base) {
$url = rtrim($base, '/') . '/v3/vertical/submit';
$headers = $header_map;
unset($headers['Content-Type']);
$fields = [];
$files = [];
foreach ($payload as $key => $value) {
if (is_array($value) && isset($value['tmp_name']) && $value['tmp_name']) {
$files[$key] = [
'tmp_name' => $value['tmp_name'],
'type' => isset($value['type']) && $value['type'] ? (string) $value['type'] : 'application/octet-stream',
'name' => sanitize_file_name(isset($value['name']) ? (string) $value['name'] : $key),
];
} else {
$fields[$key] = is_scalar($value) || $value === null ? (string) $value : wp_json_encode($value);
}
}
$response = bgad_vertical_send_multipart($url, $headers, $fields, $files, 120);
if (!$response['transport_ok']) {
return [
'ok' => false,
'status' => 0,
'error' => $response['error'] ?: 'Transport error',
'raw' => '',
'body' => null,
'corr' => $headers['X-Correlation-Id'] ?? '',
];
}
$status = (int) ($response['status'] ?? 0);
$raw = (string) ($response['raw'] ?? '');
$json = json_decode($raw, true);
$corr = '';
if (is_array($json)) {
$corr = $json['corr'] ?? $json['correlation'] ?? '';
}
if (!$corr && isset($headers['X-Correlation-Id'])) {
$corr = $headers['X-Correlation-Id'];
}
if ($status >= 200 && $status < 300 && is_array($json) && (!empty($json['body']['job_id']) || !empty($json['job_id']))) {
return [
'ok' => true,
'status' => $status,
'body' => $json,
'raw' => $raw,
'corr' => $corr,
];
}
$error = '';
if (is_array($json) && isset($json['error'])) {
$error = is_string($json['error']) ? $json['error'] : wp_json_encode($json['error']);
} elseif (is_array($json) && isset($json['message'])) {
$error = is_string($json['message']) ? $json['message'] : wp_json_encode($json['message']);
} elseif ($raw !== '') {
$error = substr((string) $raw, 0, 400);
} else {
$error = 'Upstream error';
}
return [
'ok' => false,
'status' => $status,
'error' => $error,
'raw' => $raw,
'body' => $json,
'corr' => $corr,
];
}
}
if (!function_exists('bgad_vertical_submit_requests')) {
function bgad_vertical_submit_requests(array $header_map, array $payload, $base) {
return bgad_vertical_submit_curl($header_map, $payload, $base);
}
}
if (!function_exists('bgad_get_client_key_for_current_user')) {
function bgad_get_client_key_for_current_user() {
$env = getenv('BRASSGATE_CLIENT_KEY');
if (is_string($env) && $env !== '') {
return $env;
}
$user_id = get_current_user_id();
if ($user_id) {
$meta_keys = [
BrassGate_Assistants_Deluxe::USER_KEY,
'brassgate_client_key',
'bg_api_key',
BrassGate_Assistants_Deluxe::MANAGER_KEY,
];
foreach ($meta_keys as $meta_key) {
$value = trim((string) get_user_meta($user_id, $meta_key, true));
if ($value !== '') {
return $value;
}
}
}
$option = trim((string) get_option('brassgate_client_key', ''));
if ($option !== '') {
return $option;
}
return '';
}
}
if (!function_exists('bgad_json_send')) {
function bgad_json_send($data, $status = 200) {
wp_send_json($data, $status);
}
}
add_action('plugins_loaded', function () {
$dbg = __DIR__ . '/includes/bgvs-debug-proxy.php';
if (file_exists($dbg)) {
require_once $dbg;
}
});
// Ensure calendar assets are available where needed (calendar + Avery pages).
add_action('admin_enqueue_scripts', function ($hook) {
// Calendar page
if ($hook === 'brassgate_page_bgad-calendar') {
wp_enqueue_script('bgad-calendar');
wp_enqueue_style('bgad-calendar');
return;
}
// Avery page
if ($hook === 'brassgate_page_bgad-avery') {
wp_enqueue_script('bgad-calendar');
wp_enqueue_style('bgad-calendar');
return;
}
});
// Audio test page assets
add_action('admin_enqueue_scripts', function ($hook) {
$page = isset($_GET['page']) ? sanitize_text_field(wp_unslash($_GET['page'])) : '';
if ($page !== BrassGate_Assistants_Deluxe::SLUG_AUDIO_TEST) {
return;
}
$ver = defined('BGV3_VER') ? BGV3_VER : time();
$base_url = plugin_dir_url(__FILE__);
wp_enqueue_style('bgad-audio-test-css', $base_url . 'assets/css/vertical-socials-v2.css', [], $ver);
wp_enqueue_script('bgad-audio-test-js', $base_url . 'assets/js/audio-test-music.js', [], $ver, true);
$backend = function_exists('bgad_backend_base') ? bgad_backend_base() : 'https://brassgate-backend.onrender.com';
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
$user_key = function_exists('bgad_get_user_api_key') ? bgad_get_user_api_key() : '';
wp_localize_script('bgad-audio-test-js', 'BGAD_AUDIO_TEST', [
'backend' => rtrim($backend, '/'),
'nonce' => wp_create_nonce(BrassGate_Assistants_Deluxe::NONCE),
'clientKey' => $client_key,
'userKey' => $user_key,
]);
});
add_action('admin_enqueue_scripts', function ($hook) {
// Calendar + Avery pages should both load calendar assets + localization
if (
$hook === 'brassgate_page_bgad-calendar' ||
$hook === 'brassgate_page_bgad-avery'
) {
wp_enqueue_style('bgad-calendar', plugins_url('assets/css/calendar.css', __FILE__), [], BrassGate_Assistants_Deluxe::VERSION);
wp_enqueue_script('bgad-calendar', plugins_url('assets/js/calendar.js', __FILE__), [], BrassGate_Assistants_Deluxe::VERSION, true);
wp_localize_script('bgad-calendar', 'BGAD_CALENDAR', [
'rest_url' => rest_url('brassgate/v1/calendar'),
'nonce' => wp_create_nonce('wp_rest'),
'scope' => 'user',
'user_id' => get_current_user_id(),
'tz' => wp_timezone_string(),
]);
return;
}
// Vertical/horizontal socials helper pages
$page = isset($_GET['page']) ? sanitize_text_field(wp_unslash($_GET['page'])) : '';
if (!in_array($page, array('bgad-vertical-socials-helper', 'bgad-horizontal-socials'), true)) {
return;
}
$ver = defined('BGV3_VER') ? BGV3_VER : time();
$base_url = plugin_dir_url(__FILE__);
wp_enqueue_style(
'bgad-vertical-socials-v2-css',
$base_url . 'assets/css/vertical-socials-v2.css',
[],
$ver
);
if ($page === 'bgad-vertical-socials-helper') {
wp_enqueue_script(
'bgad-vertical-socials-v2-js',
$base_url . 'assets/js/vertical-socials-v2.js',
[],
$ver,
true
);
} else {
wp_enqueue_script(
'bgad-horizontal-socials-js',
$base_url . 'assets/js/horizontal-socials.js',
[],
$ver,
true
);
}
$user_id = get_current_user_id();
$user_key = $user_id ? trim((string) get_user_meta($user_id, BrassGate_Assistants_Deluxe::USER_KEY, true)) : '';
if ($user_key === '' && $user_id) {
$fallback = trim((string) get_user_meta($user_id, 'bg_api_key', true));
if ($fallback !== '') {
$user_key = $fallback;
}
}
$backend = function_exists('bgad_backend_base') ? bgad_backend_base() : 'https://brassgate-backend.onrender.com';
$client_key = function_exists('bgad_get_client_key_for_current_user') ? bgad_get_client_key_for_current_user() : '';
$headers_cfg = [
'Accept' => 'application/json',
];
if ($user_key) { // $user_key is already defined in this scope
$headers_cfg['X-User-API-Key'] = $user_key;
}
if ($client_key) {
$headers_cfg['x-brassgate-client-key'] = $client_key;
}
if ($page === 'bgad-vertical-socials-helper') {
wp_localize_script('bgad-vertical-socials-v2-js', 'BGAD_VERTICAL_SOCIALS_V2', [
'ajax' => admin_url('admin-ajax.php'),
'nonce' => wp_create_nonce(BrassGate_Assistants_Deluxe::NONCE),
'backend' => rtrim($backend, '/'),
'headers' => $headers_cfg,
'pollMs' => 5000,
'ttlSeconds' => 3600,
'missingKey' => ($user_key === ''),
'quotas' => [
'max_uploads' => 50,
'remaining_uploads' => 50,
'max_templates' => 20,
'remaining_templates'=> 20,
'max_outputs' => 100,
'remaining_outputs' => 100,
'max_generations' => 30,
'remaining_generations' => 30,
],
'actions' => [
'submit' => 'bgad_vertical_socials_submit',
'status' => 'bgad_vertical_socials_status',
'download' => 'bgad_vertical_socials_download',
'ping' => 'bgad_vertical_socials_ping',
],
]);
} else {
$bucket = function_exists('bgad_user_bucket') ? bgad_user_bucket() : '';
wp_localize_script('bgad-horizontal-socials-js', 'BGAD_HORIZONTAL_SOCIALS', [
'ajax' => admin_url('admin-ajax.php'),
'nonce' => wp_create_nonce(BrassGate_Assistants_Deluxe::NONCE),
'backend' => rtrim($backend, '/'),
'headers' => $headers_cfg,
'pollMs' => 5000,
'ttlSeconds' => 3600,
'missingKey' => ($user_key === ''),
'quotas' => [
'max_uploads' => 50,
'remaining_uploads' => 50,
'max_templates' => 20,
'remaining_templates'=> 20,
'max_outputs' => 100,
'remaining_outputs' => 100,
'max_generations' => 30,
'remaining_generations' => 30,
],
'actions' => [
'ping' => 'bgad_horizontal_socials_ping',
],
'bucket' => $bucket,
]);
}
});
// Video Studio admin assets (legacy)
if (!empty($is_vs)) {
$base_path = plugin_dir_path(__FILE__);
$css_path = $base_path . "assets/css/video-studio-v3.css";
$js_path = $base_path . "assets/js/video-studio-v3.js";
$css_url = plugins_url("assets/css/video-studio-v3.css", __FILE__);
$js_url = plugins_url("assets/js/video-studio-v3.js", __FILE__);
// Rolling back to legacy assets so the flagship UI stays consistent.
if (is_readable($css_path)) {
wp_enqueue_style("bgad-video-studio", $css_url, [], @filemtime($css_path) ?: $ver);
}
if (is_readable($js_path)) {
wp_enqueue_script("bgad-video-studio", $js_url, [], @filemtime($js_path) ?: $ver, true);
}
}
if (!function_exists('bgad_get_user_api_key')) {
function bgad_get_user_api_key() {
$user_id = get_current_user_id();
$user_key = '';
if ($user_id) {
$user_key = (string) get_user_meta($user_id, 'bg_user_api_key', true);
}
if ($user_key === '') {
$user_key = (string) get_option('bgad_user_api_key', '');
} else {
$stored = (string) get_option('bgad_user_api_key', '');
if ($stored !== $user_key) {
update_option('bgad_user_api_key', $user_key);
}
}
return $user_key;
}
}
if (!function_exists('bgad_get_user_fastapi_client')) {
function bgad_get_user_fastapi_client() {
$user_id = get_current_user_id();
if (!$user_id) {
return '';
}
return trim((string) get_user_meta($user_id, 'fastapi_client', true));
}
}
// Video director helpers are kept near class to access static methods.
if (!function_exists('bgad_video_director_config_array')) {
function bgad_video_director_config_array() {
// --- Backend URL -----------------------------------------------------
$backend = '';
if (function_exists('bgad_backend_base')) {
$backend = bgad_backend_base();
}
$backend = trim($backend ?: get_option(BrassGate_Assistants_Deluxe::OPT_API_URL, ''));
if ($backend === '') {
$backend = 'https://brassgate-backend.onrender.com';
}
$backend = rtrim($backend, '/');
// --- User API Key (v3 requirement) ----------------------------------
$user_key = '';
if (function_exists('bgad_get_user_api_key')) {
$user_key = trim((string) bgad_get_user_api_key());
}
// --- Service / Manager API Key ---------------------------------------
$fastapi_client = '';
if (function_exists('bgad_get_user_fastapi_client')) {
$fastapi_client = trim((string) bgad_get_user_fastapi_client());
}
$service_key = $fastapi_client;
if ($service_key === '' && function_exists('bgad_get_user_service_api_key')) {
$service_key = trim((string) bgad_get_user_service_api_key());
}
if ($service_key === '' && function_exists('bgad_service_api_key')) {
$service_key = trim((string) bgad_service_api_key());
}
if ($fastapi_client !== '' && get_option('bgad_service_api_key') !== $fastapi_client) {
update_option('bgad_service_api_key', $fastapi_client);
}
$api_key = $service_key ?: '';
// --- Client Key / Bucket --------------------------------------------
$client_key = '';
if (function_exists('bgad_get_client_key_for_current_user')) {
$client_key = trim((string) bgad_get_client_key_for_current_user());
}
if ($client_key === '') {
$client_key = trim((string) get_option('brassgate_client_key', ''));
}
$bucket = '';
if (function_exists('bgad_user_bucket')) {
$bucket = trim((string) bgad_user_bucket());
}
if ($bucket === '') {
$bucket = trim((string) get_option('brassgate_default_bucket', ''));
}
// Normalized client ID for backend routing
$client_id = $bucket !== '' ? $bucket : $client_key;
// --- V3 AUTH HEADERS -------------------------------------------------
// These MUST be passed verbatim or backend rejects the request
$auth_headers = array(
'X-User-API-Key' => $user_key,
'X-API-Key' => $api_key,
'X-BrassGate-Client-Key'=> $client_id,
'X-BG-Client' => $client_id,
'X-BG-Feature' => 'video-director',
'X-BGA-Plugin' => 'video-director',
);
// Filter empty values
$auth_headers = array_filter($auth_headers, function($v) {
return $v !== null && $v !== '';
});
return array(
'backend' => $backend,
'apiBase' => $backend . '/v3/',
'clientId' => $client_id,
'bucket' => $client_id,
'auth' => array(
'apiKey' => $api_key,
'headers' => $auth_headers,
),
'featureFlags' => array(
'samplerCooldownS' => 1.5,
'defaultFrameStep' => 30,
),
'ui' => array(
'locale' => get_locale() ?: 'en_US',
'theme' => 'auto',
),
'missingKey' => ($api_key === ''),
);
}
}
add_action('wp_ajax_bgad_video_director_config', function () {
if (!current_user_can('read')) {
wp_send_json_error(['message' => 'Unauthorized'], 403);
}
$cfg = bgad_video_director_config_array();
wp_send_json_success($cfg);
});
if (!function_exists('bgad_get_client_key')) {
function bgad_get_client_key() {
return (string) get_option('bgad_client_key', '');
}
}
if (!function_exists('bgad_render_jimmy_bones')) {
function bgad_render_jimmy_bones() {
$context = class_exists('BrassGate_Assistants_Deluxe')
? BrassGate_Assistants_Deluxe::quota_context(array('jimmy_enabled', 'jimmy_standard_research', 'jimmy_deep_research'))
: array();
if (class_exists('BrassGate_Assistants_Deluxe')) {
}
if (!empty($context['needs_upgrade'])) {
$cta = class_exists('BrassGate_Assistants_Deluxe') ? BrassGate_Assistants_Deluxe::manager_url() : admin_url('admin.php?page=brassgate-plan-access');
echo '';
return;
}
$base_path = plugin_dir_path(__FILE__);
$css_path = $base_path . 'assets/css/jimmy.css';
$js_path = $base_path . 'assets/js/jimmy.js';
$css_url = plugins_url('assets/css/jimmy.css', __FILE__);
$js_url = plugins_url('assets/js/jimmy.js', __FILE__);
if (is_readable($css_path) && !wp_style_is('bgad-jimmy', 'enqueued')) {
wp_enqueue_style('bgad-jimmy', $css_url, [], @filemtime($css_path) ?: BrassGate_Assistants_Deluxe::VERSION);
}
if (is_readable($js_path) && !wp_script_is('bgad-jimmy', 'enqueued')) {
wp_enqueue_script('bgad-jimmy', $js_url, [], @filemtime($js_path) ?: BrassGate_Assistants_Deluxe::VERSION, true);
if (!function_exists('bgad_user_headers')) {
$inc = plugin_dir_path(__FILE__) . 'includes/bg-headers.php';
if (file_exists($inc)) {
require_once $inc;
}
}
$headers = function_exists('bgad_user_headers') ? bgad_user_headers(true, 'jimmy') : ['Accept' => 'application/json'];
$backend = function_exists('bgad_backend_base') ? bgad_backend_base() : BrassGate_Assistants_Deluxe::backend_base();
$cfg = [
'apiBase' => rtrim($backend, '/'),
'headers' => $headers,
'mode' => 'admin',
];
wp_add_inline_script('bgad-jimmy', 'window.BGAD_JIMMY=' . wp_json_encode($cfg) . ';', 'before');
}
require_once __DIR__ . '/pages/jimmy.php';
}
}
add_action('admin_menu', function () {
add_submenu_page(
BrassGate_Assistants_Deluxe::SLUG,
'Jimmy (Sales AI)',
'Jimmy (Sales AI)',
'manage_options',
BrassGate_Assistants_Deluxe::SLUG_JIMMY,
'bgad_render_jimmy_bones',
54
);
}, 220);