Ejemplo n.º 1
0
function amt_save_postdata($post_id, $post)
{
    // Verify if this is an auto save routine.
    // If it is our form has not been submitted, so we dont want to do anything
    if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
        return;
    }
    /* Verify the nonce before proceeding. */
    // Verify this came from the our screen and with proper authorization,
    // because save_post can be triggered at other times
    if (!isset($_POST['amt_noncename']) || !wp_verify_nonce($_POST['amt_noncename'], plugin_basename(AMT_PLUGIN_FILE))) {
        return;
    }
    // Get the Metadata metabox permissions (filtered)
    $metabox_permissions = amt_get_metadata_metabox_permissions();
    // Global Metadata metabox permission check (can be user customized via filter).
    if (!current_user_can($metabox_permissions['global_metabox_capability'])) {
        return;
    }
    // Get the Add-Meta-Tags options.
    $options = get_option("add_meta_tags_opts");
    /* Get the post type object. */
    $post_type_obj = get_post_type_object($post->post_type);
    /* Check if the current user has permission to edit the post. */
    if (!current_user_can($post_type_obj->cap->edit_post, $post_id)) {
        return;
    }
    // OK, we're authenticated: we need to find and save the data
    //
    // Sanitize user input
    //
    //
    // Description
    if (isset($_POST['amt_custom_description'])) {
        $description_value = sanitize_text_field(amt_sanitize_description(stripslashes($_POST['amt_custom_description'])));
    }
    // Keywords - sanitize_text_field() removes '%ca' part of '%cats%', so we enclose 'sanitize_text_field()' in amt_(convert|revert)_placeholders()
    if (isset($_POST['amt_custom_keywords'])) {
        $keywords_value = amt_sanitize_keywords(amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($_POST['amt_custom_keywords'])))));
    }
    // Title
    if (isset($_POST['amt_custom_title'])) {
        $title_value = amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($_POST['amt_custom_title']))));
    }
    // News keywords
    if (isset($_POST['amt_custom_newskeywords'])) {
        $newskeywords_value = sanitize_text_field(amt_sanitize_keywords(stripslashes($_POST['amt_custom_newskeywords'])));
    }
    // Full metatags - We allow only <meta> elements.
    if (isset($_POST['amt_custom_full_metatags'])) {
        $full_metatags_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_full_metatags']), amt_get_allowed_html_kses()));
    }
    // Image URL
    if (isset($_POST['amt_custom_image_url'])) {
        $image_url_value = amt_esc_id_or_url_notation(stripslashes($_POST['amt_custom_image_url']));
    }
    // Content locale
    if (isset($_POST['amt_custom_content_locale'])) {
        $content_locale_value = esc_attr(stripslashes($_POST['amt_custom_content_locale']));
    }
    // Express review
    if (isset($_POST['amt_custom_express_review'])) {
        $express_review_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_express_review']), array()));
        //
        // REVIEW_AMPERSAND_NOTE: We replace &amp; to & for (see also REVIEW_AMPERSAND_NOTE in amt-utils.php)
        //
        $express_review_value = str_replace('&amp;', '&', $express_review_value);
    }
    // List of referenced items - We allow no HTML elements.
    if (isset($_POST['amt_custom_referenced_list'])) {
        $referenced_list_value = esc_textarea(wp_kses(stripslashes($_POST['amt_custom_referenced_list']), array()));
    }
    // If a value has not been entered we try to delete existing data from the database
    // If the user has entered data, store it in the database.
    // Add-Meta-Tags custom field names
    $amt_description_field_name = '_amt_description';
    $amt_keywords_field_name = '_amt_keywords';
    $amt_title_field_name = '_amt_title';
    $amt_newskeywords_field_name = '_amt_news_keywords';
    $amt_full_metatags_field_name = '_amt_full_metatags';
    $amt_image_url_field_name = '_amt_image_url';
    $amt_content_locale_field_name = '_amt_content_locale';
    $amt_express_review_field_name = '_amt_express_review';
    $amt_referenced_list_field_name = '_amt_referenced_list';
    // As an extra security measure, here we also check the user-defined per box
    // permissions before we save any data in the database.
    // Description
    if ($options['metabox_enable_description'] == '1' && current_user_can($metabox_permissions['description_box_capability'])) {
        if (empty($description_value)) {
            delete_post_meta($post_id, $amt_description_field_name);
            // Also clean up old description field
            delete_post_meta($post_id, 'description');
        } else {
            update_post_meta($post_id, $amt_description_field_name, $description_value);
            // Also clean up again old description field - no need to exist any more since the new field is used.
            delete_post_meta($post_id, 'description');
        }
    }
    // Keywords
    if ($options['metabox_enable_keywords'] == '1' && current_user_can($metabox_permissions['keywords_box_capability'])) {
        if (empty($keywords_value)) {
            delete_post_meta($post_id, $amt_keywords_field_name);
            // Also clean up old keywords field
            delete_post_meta($post_id, 'keywords');
        } else {
            update_post_meta($post_id, $amt_keywords_field_name, $keywords_value);
            // Also clean up again old keywords field - no need to exist any more since the new field is used.
            delete_post_meta($post_id, 'keywords');
        }
    }
    // Title
    if ($options['metabox_enable_title'] == '1' && current_user_can($metabox_permissions['title_box_capability'])) {
        if (empty($title_value)) {
            delete_post_meta($post_id, $amt_title_field_name);
        } else {
            update_post_meta($post_id, $amt_title_field_name, $title_value);
        }
    }
    // 'news_keywords'
    if ($options['metabox_enable_news_keywords'] == '1' && current_user_can($metabox_permissions['news_keywords_box_capability'])) {
        if (empty($newskeywords_value)) {
            delete_post_meta($post_id, $amt_newskeywords_field_name);
        } else {
            update_post_meta($post_id, $amt_newskeywords_field_name, $newskeywords_value);
        }
    }
    // per post full meta tags
    if ($options['metabox_enable_full_metatags'] == '1' && current_user_can($metabox_permissions['full_metatags_box_capability'])) {
        if (empty($full_metatags_value)) {
            delete_post_meta($post_id, $amt_full_metatags_field_name);
        } else {
            update_post_meta($post_id, $amt_full_metatags_field_name, $full_metatags_value);
        }
    }
    // Image URL
    if ($options['metabox_enable_image_url'] == '1' && current_user_can($metabox_permissions['image_url_box_capability'])) {
        if (empty($image_url_value)) {
            delete_post_meta($post_id, $amt_image_url_field_name);
        } else {
            update_post_meta($post_id, $amt_image_url_field_name, $image_url_value);
        }
    }
    // Content locale
    if ($options['metabox_enable_content_locale'] == '1' && current_user_can($metabox_permissions['content_locale_box_capability'])) {
        if (empty($content_locale_value)) {
            delete_post_meta($post_id, $amt_content_locale_field_name);
        } else {
            update_post_meta($post_id, $amt_content_locale_field_name, $content_locale_value);
        }
    }
    // Express review
    if ($options['metabox_enable_express_review'] == '1' && current_user_can($metabox_permissions['express_review_box_capability'])) {
        if (empty($express_review_value)) {
            delete_post_meta($post_id, $amt_express_review_field_name);
        } else {
            update_post_meta($post_id, $amt_express_review_field_name, $express_review_value);
        }
    }
    // Referenced list
    if ($options['metabox_enable_referenced_list'] == '1' && current_user_can($metabox_permissions['referenced_list_box_capability'])) {
        if (empty($referenced_list_value)) {
            delete_post_meta($post_id, $amt_referenced_list_field_name);
        } else {
            update_post_meta($post_id, $amt_referenced_list_field_name, $referenced_list_value);
        }
    }
}
Ejemplo n.º 2
0
/**
 * Saves the new settings in the database.
 * Accepts the POST request data.
 */
function amt_save_settings($post_payload)
{
    // Default Add-Meta-Tags Settings
    $default_options = amt_get_default_options();
    $add_meta_tags_opts = array();
    foreach ($default_options as $def_key => $def_value) {
        // **Always** use the ``settings_version`` from the defaults
        if ($def_key == 'settings_version') {
            $add_meta_tags_opts['settings_version'] = $def_value;
        } elseif (array_key_exists($def_key, $post_payload)) {
            // Validate and sanitize input before adding to 'add_meta_tags_opts'
            if ($def_key == 'site_description') {
                $add_meta_tags_opts[$def_key] = sanitize_text_field(amt_sanitize_description(stripslashes($post_payload[$def_key])));
            } elseif ($def_key == 'site_keywords') {
                // No placeholders here
                $add_meta_tags_opts[$def_key] = sanitize_text_field(amt_sanitize_keywords(stripslashes($post_payload[$def_key])));
            } elseif ($def_key == 'global_keywords') {
                // placeholder may exist here
                $add_meta_tags_opts[$def_key] = amt_sanitize_keywords(amt_revert_placeholders(sanitize_text_field(amt_convert_placeholders(stripslashes($post_payload[$def_key])))));
            } elseif ($def_key == 'site_wide_meta') {
                $add_meta_tags_opts[$def_key] = esc_textarea(wp_kses(stripslashes($post_payload[$def_key]), amt_get_allowed_html_kses()));
            } elseif ($def_key == 'copyright_url') {
                $add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
            } elseif ($def_key == 'default_image_url') {
                $add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
            } elseif ($def_key == 'social_main_facebook_publisher_profile_url') {
                $add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
            } elseif ($def_key == 'social_main_googleplus_publisher_profile_url') {
                $add_meta_tags_opts[$def_key] = esc_url_raw(stripslashes($post_payload[$def_key]), array('http', 'https'));
            } elseif ($def_key == 'author_profile_source') {
                $author_profile_source_value = sanitize_text_field(stripslashes($post_payload[$def_key]));
                if (!in_array($author_profile_source_value, array('default', 'frontpage', 'buddypress', 'url'))) {
                    $author_profile_source_value = 'default';
                }
                $add_meta_tags_opts[$def_key] = $author_profile_source_value;
            } elseif ($def_key == 'transient_cache_expiration') {
                $transient_cache_expiration_value = sanitize_text_field(stripslashes($post_payload[$def_key]));
                if (!is_numeric($transient_cache_expiration_value) || intval($transient_cache_expiration_value) < 0) {
                    $transient_cache_expiration_value = '0';
                }
                $add_meta_tags_opts[$def_key] = $transient_cache_expiration_value;
            } else {
                $add_meta_tags_opts[$def_key] = sanitize_text_field(stripslashes($post_payload[$def_key]));
            }
        } else {
            // The following settings have a default value of 1, so they can never be
            // deactivated, unless the following check takes place.
            if ($def_key == 'auto_description' || $def_key == 'auto_keywords' || $def_key == 'noindex_search_results' || $def_key == 'metabox_enable_description' || $def_key == 'metabox_enable_keywords' || $def_key == 'metabox_enable_title') {
                if (!isset($post_payload[$def_key])) {
                    $add_meta_tags_opts[$def_key] = "0";
                }
            } else {
                // Else save the default value in the db.
                $add_meta_tags_opts[$def_key] = $def_value;
            }
        }
    }
    // Finally update the Add-Meta-Tags options.
    update_option("add_meta_tags_opts", $add_meta_tags_opts);
    //var_dump($post_payload);
    //var_dump($add_meta_tags_opts);
    amt_show_info_msg(__('Add-Meta-Tags options saved', 'add-meta-tags'));
}