Filter Uncanny Redemption Codes

uncanny_codes_htaccess_folder_protection

Filters whether to protect the .htaccess folder for WooCommerce products when it's accessible.

add_filter( 'uncanny_codes_htaccess_folder_protection', $callback, 10, 1 );

Description

This filter allows developers to conditionally enable or disable the automatic creation of an `.htaccess` file to protect the CSV download directory when using WooCommerce. Return `true` to generate the `.htaccess` file and protect the directory, or `false` to skip this protection.

Usage

add_filter( 'uncanny_codes_htaccess_folder_protection', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

add_filter(
	'uncanny_codes_htaccess_folder_protection',
	function( $should_protect ) {
		/**
		 * This filter allows developers to disable .htaccess folder protection for the CSV directory.
		 * By default, it's enabled (returns true). If a developer wants to disable it,
		 * they can return false. This might be useful in specific server configurations
		 * or if the user has other security measures in place.
		 */

		// Example: Disable protection if a specific option is set in WordPress
		if ( get_option( 'uncanny_codes_disable_htaccess_protection', false ) ) {
			return false;
		}

		// Example: Enable protection for a specific user role
		if ( current_user_can( 'manage_options' ) ) {
			return true; // Keep protection enabled for administrators
		}

		// Default behavior: If no specific conditions are met, return the original value.
		// In this case, the original value is 'true' as per the hook's default.
		return $should_protect;
	},
	10, // Priority
	1   // Accepted args: Only the initial value is passed to the callback.
);

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/classes/integrations/woocommerce/class-woo-automator-codes.php:549

public function generate_csv( $order_id ) {
		$order          = wc_get_order( $order_id );
		$items          = $order->get_items();
		$file_paths     = array();
		$directory_path = UNCANNYC_CODES_CSV_PATH;
		if ( ! file_exists( $directory_path ) ) {
			mkdir( $directory_path, 0755, true );
		}
		// create/update .htaccess to protect directory but allow CSV downloads
		if ( apply_filters( 'uncanny_codes_htaccess_folder_protection', true ) ) {
			$htaccess_path        = "{$directory_path}/.htaccess";
			$new_htaccess_content = "# Protect directory from browsingnOptions -Indexesnn# Allow CSV file downloadsn<Files "*.csv">ntOrder allow,denyntAllow from alln</Files>nn# Deny access to everything elsen<FilesMatch "^(?!.*\.csv$).*">ntOrder deny,allowntDeny from alln</FilesMatch>";

			// Check if .htaccess exists and has old content
			if ( ! file_exists( $htaccess_path ) || file_get_contents( $htaccess_path ) === 'deny from all' ) {
				$f_open = fopen( $htaccess_path, 'w' );
				fwrite( $f_open, $new_htaccess_content );
				fclose( $f_open );
			}
		}

		$base_filename   = sprintf( esc_html__( 'Codes-for-Order %d', 'uncanny-learndash-codes' ), $order_id );
		$secure_filename = $this->generate_secure_filename( $order_id, $base_filename );
		$file_name       = sanitize_file_name( apply_filters( 'uncanny-codes-filter-csv-filename', $secure_filename, $order ) );

		// Save file path separately.
		$file_path = $directory_path . DIRECTORY_SEPARATOR . $file_name;
		// check File permission for writing content.
		$file_path = "{$file_path}.csv";
		$this->render_csv( $order_id, $file_path );
		$file_paths[] = $file_path;

		return $file_paths;
	}
Scroll to Top