From cae89df78302ab6867f75cec386f099382cc3034 Mon Sep 17 00:00:00 2001
From: Dukagjin Surdulli <me@dukagj.in>
Date: Mon, 31 Aug 2020 11:34:50 -0400
Subject: [PATCH 1/5] Use filtered value as the value to store in the db

---
 .../php/class-connect.php                                    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
index 9181cbb15..6faa8d045 100644
--- a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
+++ b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
@@ -155,6 +155,9 @@ public function verify_connection( $data ) {
 			return $data;
 		}
 
+		// Always clear out CNAME when re-saving.
+		delete_option( self::META_KEYS['cname'] );
+
 		$data['cloudinary_url'] = str_replace( 'CLOUDINARY_URL=', '', $data['cloudinary_url'] );
 		$current                = $this->plugin->config['settings']['connect'];
 
@@ -185,7 +188,7 @@ public function verify_connection( $data ) {
 		// Check if the given URL has a cname and store it if present.
 		if ( preg_match( '/(?:@\w+)\/(([a-z0-9|-]+\.)*[a-z0-9|-]+\.[a-z]+)/', $data['cloudinary_url'], $cname ) ) {
 			$cname = filter_var( $cname[1], FILTER_VALIDATE_DOMAIN );
-			update_option( self::META_KEYS['cname'], $cname[1] );
+			update_option( self::META_KEYS['cname'], $cname );
 		}
 
 		add_settings_error(

From d79d45dc1a74195df5b9e83a52ebbb94cde5cc57 Mon Sep 17 00:00:00 2001
From: Dukagjin Surdulli <me@dukagj.in>
Date: Mon, 31 Aug 2020 12:38:29 -0400
Subject: [PATCH 2/5] Remove regex approach to fetch cname and look for more
 potential cname methods

---
 .../php/class-connect.php                     | 74 ++++++++++++++-----
 1 file changed, 55 insertions(+), 19 deletions(-)

diff --git a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
index 6faa8d045..e9aa47132 100644
--- a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
+++ b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
@@ -144,6 +144,7 @@ public function media_library_script() {
 	public function verify_connection( $data ) {
 		if ( empty( $data['cloudinary_url'] ) ) {
 			delete_option( self::META_KEYS['signature'] );
+			delete_option( self::META_KEYS['cname'] );
 
 			add_settings_error(
 				'cloudinary_connect',
@@ -155,16 +156,17 @@ public function verify_connection( $data ) {
 			return $data;
 		}
 
-		// Always clear out CNAME when re-saving.
-		delete_option( self::META_KEYS['cname'] );
-
 		$data['cloudinary_url'] = str_replace( 'CLOUDINARY_URL=', '', $data['cloudinary_url'] );
 		$current                = $this->plugin->config['settings']['connect'];
 
+		// Same URL, return original data.
 		if ( $current['cloudinary_url'] === $data['cloudinary_url'] ) {
 			return $data;
 		}
 
+		// Always clear out CNAME when re-saving.
+		delete_option( self::META_KEYS['cname'] );
+
 		// Pattern match to ensure validity of the provided url
 		if ( ! preg_match( '~' . self::CLOUDINARY_VARIABLE_REGEX . '~', $data['cloudinary_url'] ) ) {
 			add_settings_error(
@@ -186,8 +188,8 @@ public function verify_connection( $data ) {
 		}
 
 		// Check if the given URL has a cname and store it if present.
-		if ( preg_match( '/(?:@\w+)\/(([a-z0-9|-]+\.)*[a-z0-9|-]+\.[a-z]+)/', $data['cloudinary_url'], $cname ) ) {
-			$cname = filter_var( $cname[1], FILTER_VALIDATE_DOMAIN );
+		$cname = $this->extract_cname( wp_parse_url( $data['cloudinary_url'] ) );
+		if ( $cname && $this->validate_domain( $cname ) ) {
 			update_option( self::META_KEYS['cname'], $cname );
 		}
 
@@ -214,6 +216,7 @@ public function is_connected() {
 		if ( null === $signature ) {
 			return false;
 		}
+		
 		// Get the last test transient.
 		if ( get_transient( $signature ) ) {
 			return true;
@@ -282,22 +285,14 @@ function ( $a ) {
 			return $result;
 		}
 
-		// Test if has a cname and is valid.
-		if ( ! empty( $test['path'] ) ) {
-			$cname = ltrim( $test['path'], '/' );
-			if ( defined( 'FILTER_VALIDATE_DOMAIN' ) ) {
-				$is_valid = filter_var( $cname, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
-			} else {
-				$cname    = 'https://' . $cname;
-				$is_valid = filter_var( $cname, FILTER_VALIDATE_URL );
-			}
+		$cname_str		= $this->extract_cname( $test );
+		$cname_valid	= $this->validate_domain( $cname_str );
 
-			if ( ! substr_count( $is_valid, '.' ) || false === $is_valid ) {
-				$result['type']    = 'invalid_cname';
-				$result['message'] = __( 'CNAME is not a valid domain name.', 'cloudinary' );
+		if ( $cname_str && ( ! substr_count( $cname_valid, '.' ) || false === $cname_valid ) ) {
+			$result['type']    = 'invalid_cname';
+			$result['message'] = __( 'CNAME is not a valid domain name.', 'cloudinary' );
 
-				return $result;
-			}
+			return $result;
 		}
 
 		$this->config_from_url( $url );
@@ -316,6 +311,47 @@ function ( $a ) {
 		return $result;
 	}
 
+	/**
+	 * Extracts the CNAME from a parsed connection URL.
+	 *
+	 * @param array $parsed_url
+	 * 
+	 * @return string|null
+	 */
+	protected function extract_cname( $parsed_url ) {
+		$cname = null;
+
+		if ( ! empty( $test['query'] ) ) {
+			$config_params = array();
+			wp_parse_str( $parsed_url['query'], $config_params );
+			$cname = isset( $config_params['cname'] ) ? $config_params['cname'] : $cname;
+		} else if ( ! empty( $parsed_url['path'] ) ) {
+			$cname = ltrim( $parsed_url['path'], '/' );
+		}
+
+		return $cname;
+	}
+
+	/**
+	 * Safely validate a domain.
+	 *
+	 * @param string $domain
+	 * 
+	 * @return bool
+	 */
+	protected function validate_domain( $domain ) {
+		$is_valid = false;
+
+		if ( defined( 'FILTER_VALIDATE_DOMAIN' ) ) {
+			$is_valid	= filter_var( $domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
+		} else {
+			$domain		= 'https://' . $domain;
+			$is_valid	= filter_var( $domain, FILTER_VALIDATE_URL );
+		}
+
+		return $is_valid;
+	}
+
 	/**
 	 * Get the Cloudinary credentials.
 	 *

From 6a95e297a607b195560ccb4ae69688d2bf31865e Mon Sep 17 00:00:00 2001
From: dugajean <dugaxhin.surdulli@xwp.co>
Date: Tue, 1 Sep 2020 09:11:00 -0400
Subject: [PATCH 3/5] Fix whitespaces

Co-authored-by: David Cramer <david.cramer@xwp.co>
---
 .../php/class-connect.php                                     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
index e9aa47132..948593110 100644
--- a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
+++ b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
@@ -285,8 +285,8 @@ function ( $a ) {
 			return $result;
 		}
 
-		$cname_str		= $this->extract_cname( $test );
-		$cname_valid	= $this->validate_domain( $cname_str );
+		$cname_str   = $this->extract_cname( $test );
+		$cname_valid = $this->validate_domain( $cname_str );
 
 		if ( $cname_str && ( ! substr_count( $cname_valid, '.' ) || false === $cname_valid ) ) {
 			$result['type']    = 'invalid_cname';

From 74380a769c54a5bec7421b9e5a802b76ab277fa4 Mon Sep 17 00:00:00 2001
From: dugajean <dugaxhin.surdulli@xwp.co>
Date: Tue, 1 Sep 2020 09:11:30 -0400
Subject: [PATCH 4/5] Use elseif instead of else if

Co-authored-by: David Cramer <david.cramer@xwp.co>
---
 .../php/class-connect.php                                       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
index 948593110..dec7d1925 100644
--- a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
+++ b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
@@ -325,7 +325,7 @@ protected function extract_cname( $parsed_url ) {
 			$config_params = array();
 			wp_parse_str( $parsed_url['query'], $config_params );
 			$cname = isset( $config_params['cname'] ) ? $config_params['cname'] : $cname;
-		} else if ( ! empty( $parsed_url['path'] ) ) {
+		} elseif ( ! empty( $parsed_url['path'] ) ) {
 			$cname = ltrim( $parsed_url['path'], '/' );
 		}
 

From 78daccc332e2c64bff870417915e02e614f1ba41 Mon Sep 17 00:00:00 2001
From: dugajean <dugaxhin.surdulli@xwp.co>
Date: Tue, 1 Sep 2020 09:11:55 -0400
Subject: [PATCH 5/5] Fix whitespaces

Co-authored-by: David Cramer <david.cramer@xwp.co>
---
 .../php/class-connect.php                                   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
index dec7d1925..9445421c7 100644
--- a/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
+++ b/cloudinary-image-management-and-manipulation-in-the-cloud-cdn/php/class-connect.php
@@ -343,10 +343,10 @@ protected function validate_domain( $domain ) {
 		$is_valid = false;
 
 		if ( defined( 'FILTER_VALIDATE_DOMAIN' ) ) {
-			$is_valid	= filter_var( $domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
+			$is_valid = filter_var( $domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
 		} else {
-			$domain		= 'https://' . $domain;
-			$is_valid	= filter_var( $domain, FILTER_VALIDATE_URL );
+			$domain   = 'https://' . $domain;
+			$is_valid = filter_var( $domain, FILTER_VALIDATE_URL );
 		}
 
 		return $is_valid;