Example #1
0
 function test_optionally_escapes_quotes()
 {
     $source = "\"'hello!'\"";
     $this->assertEquals('"'hello!'"', _wp_specialchars($source, 'single'));
     $this->assertEquals(""'hello!'"", _wp_specialchars($source, 'double'));
     $this->assertEquals('"'hello!'"', _wp_specialchars($source, true));
     $this->assertEquals($source, _wp_specialchars($source));
 }
Example #2
0
 function layers_sanitize_js($value = FALSE)
 {
     $safe_text = _wp_specialchars($value, ENT_QUOTES);
     $safe_text = preg_replace('/&#(x)?0*(?(1)27|39);?/i', '"', stripslashes($safe_text));
     $safe_text = str_replace("\r", '', $safe_text);
     $safe_text = str_replace("\n", '\\n', addslashes($safe_text));
     return trim($safe_text);
 }
Example #3
0
 public function build_csp()
 {
     $csp = $this->options['content_security_policy'];
     if (!empty($this->options['csp_report_url'])) {
         $csp .= "; report-uri ";
         $csp .= $this->options['csp_report_url'];
     }
     $this->csp = _wp_specialchars(wp_check_invalid_utf8($csp), 'double');
     if (!$this->options['enforce_csp']) {
         $this->csp_type .= '-Report-Only';
     }
 }
    /**
     * (non-PHPdoc)
     * @see \GTO\Framework\Posts\PostMetabox::display()
     *
     * @param \Ekko\Core\CoursePost $course
     */
    public final function display($course, $metabox)
    {
        $complete = json_encode($course->complete);
        ?>
			<input type="hidden" name="<?php 
        echo self::EKKO_COMPLETE;
        ?>
" value="<?php 
        echo _wp_specialchars($complete, ENT_QUOTES, 'UTF8', true);
        ?>
" />
			<div class="ekko-bootstrap container-fluid">

				<div ng-controller="CourseCompleteController">
					<!--
					<div class="row-fluid course-nav">
						<div class="span12">
							<h1 class="pull-left"><?php 
        esc_html_e('Course Completed', \Ekko\TEXT_DOMAIN);
        ?>
</h1>
						</div>
					</div>
				-->
					<div class="ekko-item">
						<div class="navbar ekko-item-yellow">
							<div class="navbar-inner">
								<div class="container">
									<div class="pull-left section-toggle" title="<?php 
        esc_attr_e('click to toggle', \Ekko\TEXT_DOMAIN);
        ?>
" ng-click="complete.active = !complete.active">
										<span ng-class="{'icon-chevron-right':!complete.active, 'icon-chevron-down':complete.active}"></span>
									</div>
									<div class="brand"><?php 
        esc_html_e('Course Complete', \Ekko\TEXT_DOMAIN);
        ?>
</div>
								</div>
							</div>
							<div collapse="!complete.active" ng-class="{in:icomplete.active}">
								<div class="well">
									<textarea ck-editor="ckeditor" ng-model="complete.message"></textarea>
								</div>
							</div>
						</div>
					</div>

				</div>
			</div>
		<?php 
    }
Example #5
0
 public function saving(&$temp, $post_id, $val, $oval = null)
 {
     //$val not cleaned
     if (is_array($val)) {
         if (isset($val['img_url'])) {
             if ('' != $val['img_url']) {
                 $val['img_url'] = _wp_specialchars($val['img_url']);
                 $val = array($this->ftype => $val);
                 array_push($temp, update_post_meta($post_id, $this->name, $val));
             }
         }
     }
 }
    /**
     * (non-PHPdoc)
     * @see \GTO\Framework\Posts\PostMetabox::display()
     *
     * @param \Ekko\Core\CoursePost $course
     * @param array|null            $metabox
     */
    public final function display($course, $metabox)
    {
        $lessons = json_encode($course->lessons);
        ?>
			<input type="hidden" name="<?php 
        echo self::EKKO_LESSONS;
        ?>
" value="<?php 
        echo _wp_specialchars($lessons, ENT_QUOTES, 'UTF8', true);
        ?>
" />
			<div class="ekko-bootstrap container-fluid">
				<div ng-controller="CourseController">

					<div class="row-fluid course-nav">
						<div class="span12">
							<h1 class="pull-left"><?php 
        esc_html_e('Course Content', \Ekko\TEXT_DOMAIN);
        ?>
</h1>

							<div class="pull-right ekko-content-buttons">
								<a class="btn btn-ekko" href ng-click="addItem( $ekko.lesson() )"><i class="icon-plus icon-white"></i> <?php 
        echo esc_html_x('Lesson', 'add lesson button', \Ekko\TEXT_DOMAIN);
        ?>
								</a>
								<a class="btn btn-pimp" href ng-click="addItem( $ekko.quiz() )"><i class="icon-plus icon-white"></i> <?php 
        echo esc_html_x('Quiz', 'add quiz button', \Ekko\TEXT_DOMAIN);
        ?>
								</a>
							</div>
						</div>
					</div>

					<div class="course-items" ui-sortable="sortableOpts" ng-model="lessons">
						<div ng-repeat="item in lessons" ng-include="'ekko-' + item.type" id="{{item.id}}"></div>
					</div>

				</div>
			</div>
		<?php 
    }
Example #7
0
/**
 * Updgrade fixes for versions before DB version 4 (plugin versions before 1.3.3)
 */
function iphorm_upgrade_4()
{
    $forms = iphorm_get_all_forms();
    foreach ($forms as $form) {
        if (isset($form['conditional_recipients'])) {
            foreach ($form['conditional_recipients'] as &$recipient) {
                $crElement = iphorm_get_element_config($recipient['element'], $form);
                if ($crElement['type'] == 'radio') {
                    $recipient['value'] = _wp_specialchars($recipient['value'], ENT_NOQUOTES);
                }
            }
        }
        foreach ($form['elements'] as &$element) {
            // Go through the logic rules and escape the value if the element that the rule is referring to is a checkbox or radio element
            if (isset($element['logic_rules']) && is_array($element['logic_rules'])) {
                foreach ($element['logic_rules'] as &$logicRule) {
                    $lrElement = iphorm_get_element_config($logicRule['element_id'], $form);
                    if (in_array($lrElement['type'], array('checkbox', 'radio'))) {
                        $logicRule['value'] = _wp_specialchars($logicRule['value'], ENT_NOQUOTES);
                    }
                }
            }
            if ($element['type'] == 'groupstart') {
                // Escape Group title and description
                $element['title'] = _wp_specialchars($element['title'], ENT_NOQUOTES);
                $element['description'] = _wp_specialchars($element['description'], ENT_NOQUOTES);
            } elseif (in_array($element['type'], array('radio', 'checkbox'))) {
                // Escape options labels and values for radio and checkbox elements
                foreach ($element['options'] as &$option) {
                    $option['label'] = _wp_specialchars($option['label'], ENT_NOQUOTES);
                    $option['value'] = _wp_specialchars($option['value'], ENT_NOQUOTES);
                }
            }
        }
        iphorm_save_form($form);
    }
}
 /**
  * Parse search criteria for a entries search.
  *
  * array(
  * 	'search_field' => 1, // ID of the field
  *  'search_value' => '', // Value of the field to search
  *  'search_operator' => 'contains', // 'is', 'isnot', '>', '<', 'contains'
  *  'show_only_approved' => 0 or 1 // Boolean
  * )
  *
  * @param  array $args    Array of args
  * @param  int $form_id Gravity Forms form ID
  * @return array          Array of search parameters, formatted in Gravity Forms mode, using `status` key set to "active" by default, `field_filters` array with `key`, `value` and `operator` keys.
  */
 public static function get_search_criteria($args, $form_id)
 {
     /**
      * @filter `gravityview_fe_search_criteria` Modify the search criteria
      * @see GravityView_Widget_Search::filter_entries Adds the default search criteria
      * @param array $search_criteria Empty `field_filters` key
      * @param int $form_id ID of the Gravity Forms form that is being searched
      */
     $search_criteria = apply_filters('gravityview_fe_search_criteria', array('field_filters' => array()), $form_id);
     $original_search_criteria = $search_criteria;
     do_action('gravityview_log_debug', '[get_search_criteria] Search Criteria after hook gravityview_fe_search_criteria: ', $search_criteria);
     // implicity search
     if (!empty($args['search_value'])) {
         // Search operator options. Options: `is` or `contains`
         $operator = !empty($args['search_operator']) && in_array($args['search_operator'], array('is', 'isnot', '>', '<', 'contains')) ? $args['search_operator'] : 'contains';
         $search_criteria['field_filters'][] = array('key' => rgget('search_field', $args), 'value' => _wp_specialchars($args['search_value']), 'operator' => $operator);
     }
     if ($search_criteria !== $original_search_criteria) {
         do_action('gravityview_log_debug', '[get_search_criteria] Search Criteria after implicity search: ', $search_criteria);
     }
     // Handle setting date range
     $search_criteria = self::process_search_dates($args, $search_criteria);
     if ($search_criteria !== $original_search_criteria) {
         do_action('gravityview_log_debug', '[get_search_criteria] Search Criteria after date params: ', $search_criteria);
     }
     // remove not approved entries
     $search_criteria = self::process_search_only_approved($args, $search_criteria);
     /**
      * @filter `gravityview_status` Modify entry status requirements to be included in search results.
      * @param string $status Default: `active`. Accepts all Gravity Forms entry statuses, including `spam` and `trash`
      */
     $search_criteria['status'] = apply_filters('gravityview_status', 'active', $args);
     return $search_criteria;
 }
Example #9
0
 /**
  * Prepare Bulk Edit field-level updates
  *
  * @since 2.11
  *
  * @param	integer	$post_id Current post ID
  * @param	array	$request Form elements, e.g., from $_REQUEST
  * @param	array	$custom_field_map Form id to field name mapping
  *
  * @return	array	Non-empty form elements
  */
 public static function mla_prepare_bulk_edits($post_id, $request, $custom_field_map)
 {
     /*
      * Copy the edit form contents to $new_data
      * Trim text values for testing purposes only
      */
     $new_data = array();
     if (isset($request['post_title'])) {
         $test_value = self::_process_bulk_value($post_id, $request['post_title']);
         if (!empty($test_value)) {
             $new_data['post_title'] = $test_value;
         } elseif (is_null($test_value)) {
             $new_data['post_title'] = '';
         }
     }
     if (isset($request['post_excerpt'])) {
         $test_value = self::_process_bulk_value($post_id, $request['post_excerpt']);
         if (!empty($test_value)) {
             $new_data['post_excerpt'] = $test_value;
         } elseif (is_null($test_value)) {
             $new_data['post_excerpt'] = '';
         }
     }
     if (isset($request['post_content'])) {
         $test_value = self::_process_bulk_value($post_id, $request['post_content']);
         if (!empty($test_value)) {
             $new_data['post_content'] = $test_value;
         } elseif (is_null($test_value)) {
             $new_data['post_content'] = '';
         }
     }
     /*
      * image_alt requires a separate key because some attachment types
      * should not get a value, e.g., text or PDF documents
      */
     if (isset($request['image_alt'])) {
         $test_value = self::_process_bulk_value($post_id, $request['image_alt']);
         if (!empty($test_value)) {
             $new_data['bulk_image_alt'] = $test_value;
         } elseif (is_null($test_value)) {
             $new_data['bulk_image_alt'] = '';
         }
     }
     if (isset($request['post_parent'])) {
         if (is_numeric($request['post_parent'])) {
             $new_data['post_parent'] = $request['post_parent'];
         }
     }
     if (isset($request['post_author'])) {
         if (-1 != $request['post_author']) {
             $new_data['post_author'] = $request['post_author'];
         }
     }
     if (isset($request['comment_status'])) {
         if (-1 != $request['comment_status']) {
             $new_data['comment_status'] = $request['comment_status'];
         }
     }
     if (isset($request['ping_status'])) {
         if (-1 != $request['ping_status']) {
             $new_data['ping_status'] = $request['ping_status'];
         }
     }
     /*
      * Custom field support
      */
     $custom_fields = array();
     if (is_array($custom_field_map)) {
         foreach ($custom_field_map as $slug => $details) {
             if (isset($request[$slug])) {
                 $test_value = self::_process_bulk_value($post_id, $request[$slug]);
                 if (!empty($test_value)) {
                     $custom_fields[$details['name']] = $test_value;
                 } elseif (is_null($test_value)) {
                     if ($details['no_null']) {
                         $custom_fields[$details['name']] = NULL;
                     } else {
                         $custom_fields[$details['name']] = '';
                     }
                 }
             }
         }
         // foreach
     }
     if (!empty($custom_fields)) {
         $new_data['custom_updates'] = $custom_fields;
     }
     /*
      * Taxonomy Support
      */
     $tax_inputs = array();
     $tax_actions = array();
     self::mla_debug_add("mla_prepare_bulk_edits( {$post_id} ) tax_input = " . var_export($request['tax_input'], true), MLA::MLA_DEBUG_CATEGORY_AJAX);
     if (isset($request['tax_input']) && is_array($request['tax_input'])) {
         foreach ($request['tax_input'] as $taxonomy => $terms) {
             if (!empty($request['tax_action'])) {
                 $tax_action = $request['tax_action'][$taxonomy];
             } else {
                 $tax_action = 'replace';
             }
             self::mla_debug_add("mla_prepare_bulk_edits( {$post_id}, {$taxonomy}, {$tax_action} ) terms = " . var_export($terms, true), MLA::MLA_DEBUG_CATEGORY_AJAX);
             /*
              * Ignore empty updates
              */
             if ($hierarchical = is_array($terms)) {
                 if (false !== ($index = array_search(0, $terms))) {
                     unset($terms[$index]);
                 }
             } else {
                 /*
                  * Parse out individual terms
                  */
                 $comma = _x(',', 'tag_delimiter', 'media-library-assistant');
                 if (',' !== $comma) {
                     $tags = str_replace($comma, ',', $terms);
                 }
                 $fragments = explode(',', trim($terms, " \n\t\r\v,"));
                 $terms = array();
                 foreach ($fragments as $fragment) {
                     // WordPress encodes special characters, e.g., "&" as HTML entities in term names
                     if (MLATest::$wp_3dot5) {
                         $fragment = _wp_specialchars(trim(stripslashes_deep($fragment)));
                     } else {
                         $fragment = _wp_specialchars(trim(wp_unslash($fragment)));
                     }
                     if (!empty($fragment)) {
                         $terms[] = $fragment;
                     }
                 }
                 // foreach fragment
                 $terms = array_unique($terms);
             }
             if (empty($terms) && 'replace' != $tax_action) {
                 continue;
             }
             $post_terms = get_object_term_cache($post_id, $taxonomy);
             if (false === $post_terms) {
                 $post_terms = wp_get_object_terms($post_id, $taxonomy);
                 wp_cache_add($post_id, $post_terms, $taxonomy . '_relationships');
             }
             $current_terms = array();
             foreach ($post_terms as $new_term) {
                 if ($hierarchical) {
                     $current_terms[$new_term->term_id] = $new_term->term_id;
                 } else {
                     $current_terms[$new_term->name] = $new_term->name;
                 }
             }
             self::mla_debug_add("mla_prepare_bulk_edits( {$post_id}, {$taxonomy}, {$tax_action} ) current_terms = " . var_export($current_terms, true), MLA::MLA_DEBUG_CATEGORY_AJAX);
             if ('add' == $tax_action) {
                 /*
                  * Add new terms; remove existing terms
                  */
                 foreach ($terms as $index => $new_term) {
                     if (isset($current_terms[$new_term])) {
                         unset($terms[$index]);
                     }
                 }
                 $do_update = !empty($terms);
             } elseif ('remove' == $tax_action) {
                 /*
                  * Remove only the existing terms
                  */
                 foreach ($terms as $index => $new_term) {
                     if (!isset($current_terms[$new_term])) {
                         unset($terms[$index]);
                     }
                 }
                 $do_update = !empty($terms);
             } else {
                 /*
                  * Replace all terms; if the new terms match the term
                  * cache, we can skip the update
                  */
                 foreach ($terms as $new_term) {
                     if (isset($current_terms[$new_term])) {
                         unset($current_terms[$new_term]);
                     } else {
                         $current_terms[$new_term] = $new_term;
                         break;
                         // not a match; stop checking
                     }
                 }
                 $do_update = !empty($current_terms);
             }
             self::mla_debug_add("mla_prepare_bulk_edits( {$post_id}, {$taxonomy}, {$tax_action} ) do_update = " . var_export($do_update, true), MLA::MLA_DEBUG_CATEGORY_AJAX);
             self::mla_debug_add("mla_prepare_bulk_edits( {$post_id}, {$taxonomy}, {$tax_action} ) new terms = " . var_export($terms, true), MLA::MLA_DEBUG_CATEGORY_AJAX);
             if ($do_update) {
                 $tax_inputs[$taxonomy] = $terms;
                 $tax_actions[$taxonomy] = $tax_action;
             }
         }
         // foreach taxonomy
     }
     $new_data['tax_input'] = $tax_inputs;
     $new_data['tax_action'] = $tax_actions;
     return $new_data;
 }
Example #10
0
 /**
  * Build the <url> tag for a given URL.
  *
  * @param array $url Array of parts that make up this entry
  *
  * @return string
  */
 function sitemap_url($url)
 {
     // Create a DateTime object date in the correct timezone
     if (isset($url['mod'])) {
         $date = new DateTime($url['mod'], new DateTimeZone($this->get_timezone_string()));
     } else {
         $date = new DateTime(date('y-m-d H:i:s'), new DateTimeZone($this->get_timezone_string()));
     }
     $url['loc'] = htmlspecialchars($url['loc']);
     $output = "\t<url>\n";
     $output .= "\t\t<loc>" . $url['loc'] . "</loc>\n";
     $output .= "\t\t<lastmod>" . $date->format('c') . "</lastmod>\n";
     $output .= "\t\t<changefreq>" . $url['chf'] . "</changefreq>\n";
     $output .= "\t\t<priority>" . str_replace(',', '.', $url['pri']) . "</priority>\n";
     if (isset($url['images']) && (is_array($url['images']) && $url['images'] !== array())) {
         foreach ($url['images'] as $img) {
             if (!isset($img['src']) || empty($img['src'])) {
                 continue;
             }
             $output .= "\t\t<image:image>\n";
             $output .= "\t\t\t<image:loc>" . esc_html($img['src']) . "</image:loc>\n";
             if (isset($img['title']) && !empty($img['title'])) {
                 $output .= "\t\t\t<image:title><![CDATA[" . _wp_specialchars(html_entity_decode($img['title'], ENT_QUOTES, $this->charset)) . "]]></image:title>\n";
             }
             if (isset($img['alt']) && !empty($img['alt'])) {
                 $output .= "\t\t\t<image:caption><![CDATA[" . _wp_specialchars(html_entity_decode($img['alt'], ENT_QUOTES, $this->charset)) . "]]></image:caption>\n";
             }
             $output .= "\t\t</image:image>\n";
         }
     }
     $output .= "\t</url>\n";
     return $output;
 }
 /**
  * Cleans a string for XML display purposes.
  *
  * @since 1.2.1
  *
  * @link  http://php.net/html-entity-decode#98697 Modified for WP from here.
  *
  * @param string $in     The string to clean.
  * @param int    $offset Offset of the string to start the cleaning at.
  *
  * @return string Cleaned string.
  */
 public function clean_string($in, $offset = null)
 {
     $out = trim($in);
     $out = $this->strip_shortcodes($out);
     $out = html_entity_decode($out, ENT_QUOTES, 'ISO-8859-15');
     $out = html_entity_decode($out, ENT_QUOTES, get_bloginfo('charset'));
     if (!empty($out)) {
         $entity_start = strpos($out, '&', $offset);
         if ($entity_start === false) {
             // ideal
             return _wp_specialchars($out);
         } else {
             $entity_end = strpos($out, ';', $entity_start);
             if ($entity_end === false) {
                 return _wp_specialchars($out);
             } elseif ($entity_end > $entity_start + 7) {
                 // und weiter gehts
                 $out = $this->clean_string($out, $entity_start + 1);
             } else {
                 $clean = substr($out, 0, $entity_start);
                 $subst = substr($out, $entity_start + 1, 1);
                 // &scaron; => "s" / &#353; => "_"
                 $clean .= $subst != '#' ? $subst : '_';
                 $clean .= substr($out, $entity_end + 1);
                 // und weiter gehts
                 $out = $this->clean_string($clean, $entity_start + 1);
             }
         }
     }
     return _wp_specialchars($out);
 }
Example #12
0
/**
 * Escapes HTML. Double-encodes existing entities (ideal for editable HTML).
 * 
 * @since 1.5
 * 
 * @param string $str The string that potentially contains HTML.
 * @return string The filtered string.
 */
function su_esc_editable_html($str)
{
    return _wp_specialchars($str, ENT_QUOTES, false, true);
}
Example #13
0
/**
 * Escaping for HTML attributes.
 *
 * @since 2.8.0
 *
 * @param string $text
 * @return string
 */
function esc_attr($text)
{
    $safe_text = wp_check_invalid_utf8($text);
    $safe_text = _wp_specialchars($safe_text, ENT_QUOTES);
    return apply_filters('attribute_escape', $safe_text, $text);
}
Example #14
0
 /**
  * Creates a select2 input.
  *
  * @param array $args The arguments of the input.
  *
  * @return Ai1ec_File_Twig
  */
 public function create_select2_input(array $args)
 {
     if (!isset($args['name'])) {
         $args['name'] = $args['id'];
     }
     // Get tags.
     $tags = get_terms('events_tags', array('orderby' => 'name', 'hide_empty' => 0));
     // Build tags array to pass as JSON.
     $tags_json = array();
     foreach ($tags as $term) {
         $tags_json[] = $term->name;
     }
     $tags_json = json_encode($tags_json);
     $tags_json = _wp_specialchars($tags_json, 'single', 'UTF-8');
     $loader = $this->_registry->get('theme.loader');
     $select2_args = array('data-placeholder' => __('Tags (optional)', AI1EC_PLUGIN_NAME), 'class' => 'ai1ec-tags-selector span12', 'data-ai1ec-tags' => $tags_json);
     $select2 = $loader->get_file('select2_input.twig', array('name' => $args['name'], 'id' => $args['id'], 'select2_args' => $select2_args), true);
     return $select2;
 }
Example #15
0
/**
 * Escaping for HTML attributes.
 *
 * @since 2.8.0
 *
 * @param string $text
 * @return string
 */
function esc_attr($text)
{
    $safe_text = wp_check_invalid_utf8($text);
    $safe_text = _wp_specialchars($safe_text, ENT_QUOTES);
    /**
     * Filter a string cleaned and escaped for output in an HTML attribute.
     *
     * Text passed to esc_attr() is stripped of invalid or special characters
     * before output.
     *
     * @since 2.0.6
     *
     * @param string $safe_text The text after it has been escaped.
     * @param string $text      The text prior to being escaped.
     */
    return apply_filters('attribute_escape', $safe_text, $text);
}
Example #16
0
 /**
  * Render the slideshow js
  *
  * Returns the necessary markup and js to fire a slideshow.
  *
  * @uses $this->enqueue_scripts()
  */
 function slideshow_js($attr)
 {
     // Enqueue scripts
     $this->enqueue_scripts();
     $output = '';
     if (defined('JSON_HEX_AMP')) {
         // This is nice to have, but not strictly necessary since we use _wp_specialchars() below
         $gallery = json_encode($attr['gallery'], JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT);
     } else {
         $gallery = json_encode($attr['gallery']);
     }
     $output .= '<p class="jetpack-slideshow-noscript robots-nocontent">' . esc_html__('This slideshow requires JavaScript.', 'jetpack') . '</p>';
     $output .= sprintf('<div id="%s" class="slideshow-window jetpack-slideshow slideshow-%s" data-trans="%s" data-autostart="%s" data-gallery="%s"></div>', esc_attr($attr['selector'] . '-slideshow'), esc_attr($attr['color']), esc_attr($attr['trans']), esc_attr($attr['autostart']), _wp_specialchars(wp_check_invalid_utf8($gallery), ENT_QUOTES, false, true));
     return $output;
 }
Example #17
0
function bp_album_get_picture_title_truncate($length)
{
    global $pictures_template;
    $title = $pictures_template->picture->title;
    $title = apply_filters('bp_album_get_picture_title_truncate', $title);
    $r = wp_specialchars_decode($title, ENT_QUOTES);
    if (function_exists('mb_strlen') && strlen($r) > mb_strlen($r)) {
        $length = round($length / 2);
    }
    if (function_exists('mb_substr')) {
        $r = mb_substr($r, 0, $length);
    } else {
        $r = substr($r, 0, $length);
    }
    $result = _wp_specialchars($r) . '&#8230;';
    return $result;
}
/**
 * Similar to esc_html() but allows double-encoding.
 */
function esc_translation($text)
{
    return _wp_specialchars($text, ENT_NOQUOTES, false, true);
}
Example #19
0
 /**
  * Adds a keyword search to the WHERE clause, if required
  * 
  * Defined as public because it's a filter.
  *
  * @since 0.60
  *
  * @param	string	query clause before modification
  * @param	object	WP_Query object
  *
  * @return	string	query clause after keyword search addition
  */
 public static function mla_query_posts_search_filter($search_string, &$query_object)
 {
     global $wpdb;
     $numeric_clause = '';
     $search_clause = '';
     $tax_clause = '';
     $tax_connector = 'AND';
     $tax_index = 0;
     /*
      * Process the Terms Search arguments, if present.
      */
     if (isset(self::$search_parameters['mla_terms_search']['phrases'])) {
         $terms_search_parameters = self::$search_parameters['mla_terms_search'];
         $terms = array_map('trim', explode(',', $terms_search_parameters['phrases']));
         if (1 < count($terms)) {
             $terms_connector = '(';
         } else {
             $terms_connector = '';
         }
         foreach ($terms as $term) {
             preg_match_all('/".*?("|$)|\'.*?(\'|$)|((?<=[\\t ",+])|^)[^\\t ",+]+/', $term, $matches);
             $phrases = array_map('MLAQuery::mla_search_terms_tidy', $matches[0]);
             /*
              * Find the quoted phrases for a word-boundary check
              */
             $quoted = array();
             foreach ($phrases as $index => $phrase) {
                 $quoted[$index] = '"' == $matches[1][$index] || "'" == $matches[2][$index];
             }
             $tax_terms = array();
             $tax_counts = array();
             foreach ($phrases as $index => $phrase) {
                 if (isset($terms_search_parameters['exact'])) {
                     $the_terms = array();
                     foreach ($terms_search_parameters['taxonomies'] as $taxonomy) {
                         // WordPress encodes special characters, e.g., "&" as HTML entities in term names
                         $the_term = get_term_by('name', _wp_specialchars($phrase), $taxonomy);
                         if (false !== $the_term) {
                             $the_terms[] = $the_term;
                         }
                     }
                 } else {
                     $is_wildcard_search = !$quoted[$index] && self::_wildcard_search_string($phrase);
                     if ($is_wildcard_search) {
                         add_filter('terms_clauses', 'MLAQuery::mla_query_terms_clauses_filter', 0x7fffffff, 3);
                     }
                     // WordPress encodes special characters, e.g., "&" as HTML entities in term names
                     $the_terms = get_terms($terms_search_parameters['taxonomies'], array('name__like' => _wp_specialchars($phrase), 'fields' => 'all', 'hide_empty' => false));
                     if ($is_wildcard_search) {
                         remove_filter('terms_clauses', 'MLAQuery::mla_query_terms_clauses_filter', 0x7fffffff);
                     }
                     // Invalid taxonomy will return WP_Error object
                     if (!is_array($the_terms)) {
                         $the_terms = array();
                     }
                     if ($quoted[$index]) {
                         foreach ($the_terms as $term_index => $the_term) {
                             if (!self::_match_quoted_phrase($phrase, $the_term->name)) {
                                 unset($the_terms[$term_index]);
                             }
                         }
                     }
                     // quoted phrase
                 }
                 // not exact
                 foreach ($the_terms as $the_term) {
                     $tax_terms[$the_term->taxonomy][$the_term->term_id] = (int) $the_term->term_taxonomy_id;
                     if (isset($tax_counts[$the_term->taxonomy][$the_term->term_id])) {
                         $tax_counts[$the_term->taxonomy][$the_term->term_id]++;
                     } else {
                         $tax_counts[$the_term->taxonomy][$the_term->term_id] = 1;
                     }
                 }
             }
             // foreach phrase
             /*
              * For the AND connector, a taxonomy term must have all of the search terms within it
              */
             if ('AND' == $terms_search_parameters['radio_phrases']) {
                 $search_term_count = count($phrases);
                 foreach ($tax_terms as $taxonomy => $term_ids) {
                     foreach ($term_ids as $term_id => $term_taxonomy_id) {
                         if ($search_term_count != $tax_counts[$taxonomy][$term_id]) {
                             unset($term_ids[$term_id]);
                         }
                     }
                     if (empty($term_ids)) {
                         unset($tax_terms[$taxonomy]);
                     } else {
                         $tax_terms[$taxonomy] = $term_ids;
                     }
                 }
                 // foreach taxonomy
             }
             // AND (i.e., All phrases)
             if (!empty($tax_terms)) {
                 $inner_connector = '';
                 $tax_clause .= $terms_connector;
                 foreach ($tax_terms as $tax_term) {
                     if ('AND' == $terms_search_parameters['radio_terms']) {
                         $prefix = 'mlatt' . $tax_index++;
                     } else {
                         $prefix = 'mlatt0';
                         $tax_index = 1;
                         // only one JOIN needed for the "Any Term" case
                     }
                     $tax_clause .= sprintf('%1$s %2$s.term_taxonomy_id IN (%3$s)', $inner_connector, $prefix, implode(',', $tax_term));
                     $inner_connector = ' OR';
                 }
                 // foreach tax_term
                 $terms_connector = ' ) ' . $terms_search_parameters['radio_terms'] . ' (';
             }
             // tax_terms present
         }
         // foreach term
         if (1 < count($terms) && !empty($tax_clause)) {
             $tax_clause .= ')';
         }
         if (empty($tax_clause)) {
             $tax_clause = '1=0';
         } else {
             self::$search_parameters['tax_terms_count'] = $tax_index;
         }
     }
     // isset mla_terms_search
     /*
      * Process the keyword search argument, if present.
      */
     if (!empty(self::$search_parameters['s'])) {
         // WordPress v3.7 says: there are no line breaks in <input /> fields
         $keyword_string = stripslashes(str_replace(array("\r", "\n"), '', self::$search_parameters['s']));
         $is_wildcard_search = self::_wildcard_search_string($keyword_string);
         if ($is_wildcard_search || self::$search_parameters['sentence'] || self::$search_parameters['exact']) {
             $keyword_array = array($keyword_string);
         } else {
             // v3.6.1 was '/".*?("|$)|((?<=[\r\n\t ",+])|^)[^\r\n\t ",+]+/'
             preg_match_all('/".*?("|$)|((?<=[\\t ",+])|^)[^\\t ",+]+/', $keyword_string, $matches);
             $keyword_array = array_map('MLAQuery::mla_search_terms_tidy', $matches[0]);
             $numeric_array = array_filter($keyword_array, 'is_numeric');
             /*
              * If all the "keywords" are numeric, interpret it/them as the ID(s) of a specific attachment
              * or the ID(s) of a parent post/page; add it/them to the regular text-based search.
              */
             if (count($keyword_array) && count($keyword_array) == count($numeric_array)) {
                 $numeric_array = implode(',', $numeric_array);
                 $numeric_clause = '( ( ' . $wpdb->posts . '.ID IN (' . $numeric_array . ') ) OR ( ' . $wpdb->posts . '.post_parent IN (' . $numeric_array . ') ) ) OR ';
             }
         }
         $fields = self::$search_parameters['mla_search_fields'];
         $allow_terms_search = in_array('terms', $fields) && !$is_wildcard_search;
         $percent = self::$search_parameters['exact'] ? '' : '%';
         $connector = '';
         if (empty($fields)) {
             $search_clause = '1=0';
         } else {
             $tax_terms = array();
             $tax_counts = array();
             foreach ($keyword_array as $term) {
                 if ($is_wildcard_search) {
                     /*
                      * Escape any % in the source string
                      */
                     if (self::$wp_4dot0_plus) {
                         $sql_term = $wpdb->esc_like($term);
                         $sql_term = $wpdb->prepare('%s', $sql_term);
                     } else {
                         $sql_term = "'" . esc_sql(like_escape($term)) . "'";
                     }
                     /*
                      * Convert wildcard * to SQL %
                      */
                     $sql_term = str_replace('*', '%', $sql_term);
                 } else {
                     if (self::$wp_4dot0_plus) {
                         $sql_term = $percent . $wpdb->esc_like($term) . $percent;
                         $sql_term = $wpdb->prepare('%s', $sql_term);
                     } else {
                         $sql_term = "'" . $percent . esc_sql(like_escape($term)) . $percent . "'";
                     }
                 }
                 $inner_connector = '';
                 $inner_clause = '';
                 if (in_array('content', $fields)) {
                     $inner_clause .= "{$inner_connector}({$wpdb->posts}.post_content LIKE {$sql_term})";
                     $inner_connector = ' OR ';
                 }
                 if (in_array('title', $fields)) {
                     $inner_clause .= "{$inner_connector}({$wpdb->posts}.post_title LIKE {$sql_term})";
                     $inner_connector = ' OR ';
                 }
                 if (in_array('excerpt', $fields)) {
                     $inner_clause .= "{$inner_connector}({$wpdb->posts}.post_excerpt LIKE {$sql_term})";
                     $inner_connector = ' OR ';
                 }
                 if (in_array('alt-text', $fields)) {
                     $view_name = self::$mla_alt_text_view;
                     $inner_clause .= "{$inner_connector}({$view_name}.meta_value LIKE {$sql_term})";
                     $inner_connector = ' OR ';
                 }
                 if (in_array('name', $fields)) {
                     $inner_clause .= "{$inner_connector}({$wpdb->posts}.post_name LIKE {$sql_term})";
                 }
                 $inner_clause = apply_filters('mla_list_table_search_filter_inner_clause', $inner_clause, $inner_connector, $wpdb->posts, $sql_term);
                 if (!empty($inner_clause)) {
                     $search_clause .= "{$connector}({$inner_clause})";
                     $connector = ' ' . self::$search_parameters['mla_search_connector'] . ' ';
                 }
                 /*
                  * Convert search term text to term_taxonomy_id value(s),
                  * separated by taxonomy.
                  */
                 if ($allow_terms_search) {
                     // WordPress encodes special characters, e.g., "&" as HTML entities in term names
                     $the_terms = get_terms(self::$search_parameters['mla_search_taxonomies'], array('name__like' => _wp_specialchars($term), 'fields' => 'all', 'hide_empty' => false));
                     // Invalid taxonomy will return WP_Error object
                     if (!is_array($the_terms)) {
                         $the_terms = array();
                     }
                     foreach ($the_terms as $the_term) {
                         $tax_terms[$the_term->taxonomy][$the_term->term_id] = (int) $the_term->term_taxonomy_id;
                         if (isset($tax_counts[$the_term->taxonomy][$the_term->term_id])) {
                             $tax_counts[$the_term->taxonomy][$the_term->term_id]++;
                         } else {
                             $tax_counts[$the_term->taxonomy][$the_term->term_id] = 1;
                         }
                     }
                 }
                 // in_array terms
             }
             // foreach term
             if ($allow_terms_search) {
                 /*
                  * For the AND connector, a taxonomy term must have all of the search terms within it
                  */
                 if ('AND' == self::$search_parameters['mla_search_connector']) {
                     $search_term_count = count($keyword_array);
                     foreach ($tax_terms as $taxonomy => $term_ids) {
                         foreach ($term_ids as $term_id => $term_taxonomy_id) {
                             if ($search_term_count != $tax_counts[$taxonomy][$term_id]) {
                                 unset($term_ids[$term_id]);
                             }
                         }
                         if (empty($term_ids)) {
                             unset($tax_terms[$taxonomy]);
                         } else {
                             $tax_terms[$taxonomy] = $term_ids;
                         }
                     }
                     // foreach taxonomy
                 }
                 // AND connector
                 if (empty($tax_terms)) {
                     /*
                      * If "Terms" is the only field and no terms are present,
                      * the search must fail.
                      */
                     if (1 == count($fields) && 'terms' == array_shift($fields)) {
                         $tax_clause = '1=0';
                     }
                 } else {
                     $tax_index = 0;
                     $inner_connector = '';
                     foreach ($tax_terms as $tax_term) {
                         $prefix = 'mlatt' . $tax_index++;
                         $tax_clause .= sprintf('%1$s %2$s.term_taxonomy_id IN (%3$s)', $inner_connector, $prefix, implode(',', $tax_term));
                         $inner_connector = ' OR';
                     }
                     // foreach tax_term
                     self::$search_parameters['tax_terms_count'] = $tax_index;
                     $tax_connector = 'OR';
                 }
                 // tax_terms present
             }
             // terms in fields
         }
         // fields not empty
     }
     // isset 's'
     if (!empty($tax_clause) && !empty($search_clause)) {
         $tax_clause = " {$tax_connector} ({$tax_clause} )";
     }
     if (!empty($search_clause) || !empty($tax_clause)) {
         $search_clause = " AND ( {$numeric_clause}{$search_clause}{$tax_clause} ) ";
         if (!is_user_logged_in()) {
             $search_clause .= " AND ( {$wpdb->posts}.post_password = '' ) ";
         }
     }
     if ('none' != self::$search_parameters['debug']) {
         $debug_array['search_string'] = $search_string;
         $debug_array['search_parameters'] = self::$search_parameters;
         $debug_array['search_clause'] = $search_clause;
         if ('shortcode' == self::$search_parameters['debug']) {
             MLACore::mla_debug_add('<strong>mla_debug posts_search filter</strong> = ' . var_export($debug_array, true));
         } else {
             /* translators: 1: DEBUG tag 2: search filter details */
             MLACore::mla_debug_add(sprintf(_x('%1$s: mla_query_posts_search_filter = "%2$s".', 'error_log', 'media-library-assistant'), __('DEBUG', 'media-library-assistant'), var_export($debug_array, true)));
         }
     }
     // debug
     return $search_clause;
 }
 /**
  * Display a form for adding and editing h5p content.
  *
  * @since 1.1.0
  */
 public function display_new_content_page()
 {
     $contentExists = $this->content !== NULL;
     $plugin = H5P_Plugin::get_instance();
     $core = $plugin->get_h5p_instance('core');
     // Prepare form
     $title = $this->get_input('title', $contentExists ? $this->content['title'] : '');
     $library = $this->get_input('library', $contentExists ? H5PCore::libraryToString($this->content['library']) : 0);
     $parameters = $this->get_input('parameters', $contentExists ? $core->filterParameters($this->content) : '{}');
     // Determine upload or create
     if (!$contentExists && !$this->has_libraries()) {
         $upload = TRUE;
     } else {
         $upload = filter_input(INPUT_POST, 'action') === 'upload';
     }
     // Filter/escape parameters, double escape that is...
     $safe_text = wp_check_invalid_utf8($parameters);
     $safe_text = _wp_specialchars($safe_text, ENT_QUOTES, false, true);
     $parameters = apply_filters('attribute_escape', $safe_text, $parameters);
     include_once 'views/new-content.php';
     $this->add_editor_assets($contentExists ? $this->content['id'] : NULL);
     H5P_Plugin_Admin::add_script('jquery', 'h5p-php-library/js/jquery.js');
     H5P_Plugin_Admin::add_script('disable', 'h5p-php-library/js/disable.js');
     H5P_Plugin_Admin::add_script('toggle', 'admin/scripts/h5p-toggle.js');
     // Log editor opened
     if ($contentExists) {
         new H5P_Event('content', 'edit', $this->content['id'], $this->content['title'], $this->content['library']['name'], $this->content['library']['majorVersion'] . '.' . $this->content['library']['minorVersion']);
     } else {
         new H5P_Event('content', 'new');
     }
 }
Example #21
0
/**
 * Filter the content and encode any bad HTML tags
 *
 * @since bbPress (r4641)
 *
 * @param string $content Topic and reply content
 * @return string Partially encodedd content
 */
function bbp_encode_bad($content = '')
{
    // Setup variables
    $content = _wp_specialchars($content, ENT_NOQUOTES);
    $content = preg_split('@(`[^`]*`)@m', $content, -1, PREG_SPLIT_NO_EMPTY + PREG_SPLIT_DELIM_CAPTURE);
    $allowed = bbp_kses_allowed_tags();
    $empty = array('br' => true, 'hr' => true, 'img' => true, 'input' => true, 'param' => true, 'area' => true, 'col' => true, 'embed' => true);
    // Loop through allowed tags and compare for empty and normal tags
    foreach ($allowed as $tag => $args) {
        $preg = $args ? "{$tag}(?:\\s.*?)?" : $tag;
        // Which walker to use based on the tag and arguments
        if (isset($empty[$tag])) {
            array_walk($content, 'bbp_encode_empty_callback', $preg);
        } else {
            array_walk($content, 'bbp_encode_normal_callback', $preg);
        }
    }
    // Return the joined content array
    return implode('', $content);
}
Example #22
0
the_title();
?>
</h2>
				<h3 class="page-title"><span>From</span> <a href="<?php 
echo get_permalink($post->post_parent);
?>
" rev="attachment"><?php 
echo get_the_title($post->post_parent);
?>
</a></h3>
				<div class="entry-content">
					<div class="entry-attachment"><a href="<?php 
echo wp_get_attachment_url($post->ID);
?>
" title="<?php 
echo _wp_specialchars(get_the_title($post->ID), 1);
?>
" rel="attachment"><?php 
echo wp_get_attachment_image($post->ID, 'large');
?>
</a></div>
					<div class="entry-caption"><?php 
if (!empty($post->post_excerpt)) {
    the_excerpt();
}
?>
</div>
<?php 
the_content('<span class="more-link">' . __('Continue reading &rsaquo;', 'barthelme') . '</span>');
?>
echo esc_url(wp_get_attachment_url($item->image->ID));
?>
"
data-orig-size="<?php 
echo esc_attr($item->meta_width());
?>
,<?php 
echo esc_attr($item->meta_height());
?>
"
data-comments-opened="<?php 
echo esc_attr(comments_open($item->image->ID));
?>
"
data-image-meta="<?php 
echo _wp_specialchars(wp_check_invalid_utf8($fuzzy_image_meta), ENT_QUOTES, false, true);
?>
"
data-image-title="<?php 
echo esc_attr(wptexturize($item->image->post_title));
?>
"
data-image-description="<?php 
echo esc_attr(wpautop(wptexturize($item->image->post_content)));
?>
"
data-medium-file="<?php 
echo esc_url($item->medium_file());
?>
"
data-large-file="<?php 
Example #24
0
));" <?php 
    echo in_array($option['value'], $element['default_value'], true) ? 'checked="checked"' : '';
    ?>
 />
                    <input class="ifb-option-label" type="text" value="<?php 
    echo _wp_specialchars($option['label'], ENT_COMPAT, false, true);
    ?>
" onkeyup="iPhorm.updateOptions(iPhorm.getElementById(<?php 
    echo $id;
    ?>
));" onclick="iPhorm.maybeSelectOptionText(this);" onblur="iPhorm.updateLogicOptions(iPhorm.getElementById(<?php 
    echo $id;
    ?>
));" />
                    <input class="ifb-option-value" type="text" value="<?php 
    echo _wp_specialchars($option['value'], ENT_COMPAT, false, true);
    ?>
" onkeyup="iPhorm.updateOptions(iPhorm.getElementById(<?php 
    echo $id;
    ?>
));" onblur="iPhorm.updateLogicOptions(iPhorm.getElementById(<?php 
    echo $id;
    ?>
));" />
                    <span class="ifb-add-option" onclick="iPhorm.addOption(this, iPhorm.getElementById(<?php 
    echo $id;
    ?>
));">+</span>
                    <span class="ifb-remove-option" onclick="iPhorm.removeOption(this, iPhorm.getElementById(<?php 
    echo $id;
    ?>
 /**
  * Finds a $relevant_term (if defined) given a key and (optional) a language
  *
  * @since 2.11
  * @uses MLA_WPML::$relevant_terms
  *
  * @param	string	$field to search in; 'id', 'name', or 'term_taxonomy_id'
  * @param	mixed	$value to search for; integer, string or integer
  * @param	string	$taxonomy to search in; slug
  * @param	string	$language code; string; optional
  * @param	boolean	$test_only false (default) to add missing term, true to leave term out
  * @param	boolean	Ignore the Sitepress terms cache; optional
  */
 private static function _get_relevant_term($field, $value, $taxonomy, $language = NULL, $test_only = false, $skip_cache = false)
 {
     /*
      * WordPress encodes special characters, e.g., "&" as HTML entities in term names
      */
     if ('name' == $field) {
         $value = _wp_specialchars($value);
     }
     $relevant_term = false;
     foreach (self::$relevant_terms as $term_taxonomy_id => $candidate) {
         if ($taxonomy != $candidate['term']->taxonomy) {
             continue;
         }
         switch ($field) {
             case 'id':
                 if ($value == $candidate['term']->term_id) {
                     $relevant_term = $candidate;
                 }
                 break;
             case 'name':
                 if ($value == $candidate['term']->name) {
                     $relevant_term = $candidate;
                 }
                 break;
             case 'term_taxonomy_id':
                 if ($value == $term_taxonomy_id) {
                     $relevant_term = $candidate;
                 }
                 break;
         }
         // field
         if (!empty($relevant_term)) {
             break;
         }
     }
     // relevant term
     if (false === $relevant_term && $test_only) {
         return false;
     }
     /*
      * If no match, try to add it and its translations
      */
     if (false === $relevant_term && ($candidate = get_term_by($field, $value, $taxonomy))) {
         $relevant_term = self::_add_relevant_term($candidate, NULL, $skip_cache);
         foreach ($relevant_term['translations'] as $translation) {
             if (array_key_exists($translation->element_id, self::$relevant_terms)) {
                 continue;
             }
             $term_object = get_term_by('term_taxonomy_id', $translation->element_id, $taxonomy);
             self::_add_relevant_term($term_object, $relevant_term['translations'], $skip_cache);
         }
         // translation
     }
     // new term
     /*
      * Find the language-specific value, if requested
      */
     if ($relevant_term && !empty($language)) {
         if ($relevant_term && array_key_exists($language, $relevant_term['translations'])) {
             $relevant_term = self::$relevant_terms[$relevant_term['translations'][$language]->element_id];
         } else {
             $relevant_term = false;
         }
     }
     return $relevant_term;
 }
Example #26
0
 function ajax_mts_translation_panel()
 {
     $poparser = new PoParser();
     $mts_translations = get_option('mts_translations_' . MTS_THEME_NAME);
     //$this->options['translations'];
     $entries = $poparser->read(get_template_directory() . '/lang/default.po');
     $i = 0;
     $page = empty($_POST['page']) ? 1 : (int) $_POST['page'];
     $search_query = empty($_POST['search']) ? '' : $_POST['search'];
     $strings_per_page = 20;
     $strings_tmp = array();
     if ($search_query) {
         foreach ($entries as $string_id => $object) {
             $message = '';
             foreach ($object['msgid'] as $line) {
                 $message .= $line;
             }
             $value = empty($mts_translations[$message]) ? '' : $mts_translations[$message];
             if (stristr($value, $search_query) !== false || stristr($message, $search_query) !== false) {
                 $strings_tmp[$string_id] = $object;
             }
         }
         $entries = $strings_tmp;
     }
     $number = count($entries);
     $number_translated = 0;
     $this->mts_translation_pagination($number, $strings_per_page, $page);
     $form = '';
     foreach ($entries as $string_id => $object) {
         $i++;
         $message = '';
         foreach ($object['msgid'] as $line) {
             $message .= $line;
         }
         if (!empty($mts_translations[$message])) {
             $number_translated++;
         }
         if ($i > ($page - 1) * $strings_per_page && $i <= $page * $strings_per_page) {
             $reference = implode(' ', $object['reference']);
             $reference = implode(', ', explode(' ', $reference));
             $value = empty($mts_translations[$message]) ? '' : $mts_translations[$message];
             $form .= '<div class="translate-string-wrapper">';
             // debug
             //echo '<!-- '.print_r($object,1).' -->';
             $form .= '<label for="translate-string-' . $i . '">' . esc_html($message) . ' <span>(' . $reference . ')</span></label>';
             //echo '<input type="text" name="'.$this->args['opt_name'].'[translations]['._wp_specialchars( $message, ENT_QUOTES, false, true ).']" id="translate-string-'.$i.'" value="'._wp_specialchars( $value, ENT_QUOTES, false, true ).'">';
             $form .= '<textarea id="translate-string-' . $i . '" data-id="' . _wp_specialchars($message, ENT_QUOTES, false, true) . '" class="mts_translate_textarea">';
             $form .= esc_textarea($value);
             $form .= '</textarea>';
             $form .= '</div>';
         }
     }
     echo $form;
     if ($number == 0) {
         $percent = 0;
     } else {
         $percent = $number_translated / $number * 100;
     }
     echo '<div class="translation_info">' . sprintf(__('Translated <span class="translated">%1$d</span> strings out of <span class="total">%2$d</span> <span class="percent">(%3$.2f%%)</span>', 'mythemeshop'), $number_translated, $number, $percent) . '</div>';
     $this->mts_translation_pagination($number, $strings_per_page, $page);
     exit;
     // required for AJAX in WP
 }
Example #27
0
 /**
  * Build the <url> tag for a given URL.
  *
  * @param array $url Array of parts that make up this entry
  * @return string
  */
 function sitemap_url($url)
 {
     if (isset($url['mod'])) {
         $date = mysql2date("Y-m-d\\TH:i:s+00:00", $url['mod']);
     } else {
         $date = date('c');
     }
     $output = "\t<url>\n";
     $output .= "\t\t<loc>" . $url['loc'] . "</loc>\n";
     $output .= "\t\t<lastmod>" . $date . "</lastmod>\n";
     $output .= "\t\t<changefreq>" . $url['chf'] . "</changefreq>\n";
     $output .= "\t\t<priority>" . str_replace(',', '.', $url['pri']) . "</priority>\n";
     if (isset($url['images']) && count($url['images']) > 0) {
         foreach ($url['images'] as $img) {
             if (!isset($img['src']) || empty($img['src'])) {
                 continue;
             }
             $output .= "\t\t<image:image>\n";
             $output .= "\t\t\t<image:loc>" . esc_html($img['src']) . "</image:loc>\n";
             if (isset($img['title']) && !empty($img['title'])) {
                 $output .= "\t\t\t<image:title>" . _wp_specialchars(html_entity_decode($img['title'], ENT_QUOTES, get_bloginfo('charset'))) . "</image:title>\n";
             }
             if (isset($img['alt']) && !empty($img['alt'])) {
                 $output .= "\t\t\t<image:caption>" . _wp_specialchars(html_entity_decode($img['alt'], ENT_QUOTES, get_bloginfo('charset'))) . "</image:caption>\n";
             }
             $output .= "\t\t</image:image>\n";
         }
     }
     $output .= "\t</url>\n";
     return $output;
 }
    // This is nice to have, but not strictly necessary since we use _wp_specialchars() below
    $extra = json_encode($this->get_container_extra_data(), JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT);
} else {
    $extra = json_encode($this->get_container_extra_data());
}
?>
<div
	class="tiled-gallery type-<?php 
echo $this->type;
?>
 tiled-gallery-unresized"
	data-original-width="<?php 
echo esc_attr(Jetpack_Tiled_Gallery::get_content_width());
?>
"
	<?php 
if (isset($extra)) {
    ?>
		data-carousel-extra='<?php 
    echo _wp_specialchars(wp_check_invalid_utf8($extra), ENT_QUOTES, false, true);
    ?>
'
	<?php 
}
?>
	>
	<?php 
$this->template("{$this->type}-layout", $context);
?>
</div>
 function esc_attr($value)
 {
     if (is_array($value)) {
         return array_map(array($this, 'esc_attr'), $value);
     }
     $value = Grunion_Contact_Form_Plugin::strip_tags($value);
     $value = _wp_specialchars($value, ENT_QUOTES, false, true);
     // Shortcode attributes can't contain "]"
     $value = str_replace(']', '', $value);
     $value = str_replace(',', '&#x002c;', $value);
     // store commas encoded
     $value = strtr($value, array('%' => '%25', '&' => '%26'));
     // shortcode_parse_atts() does stripcslashes()
     $value = addslashes($value);
     return $value;
 }
Example #30
0
<?php 
    } else {
        ?>

	<div class="formcontainer">	

		<form id="commentform" action="<?php 
        echo get_option('siteurl');
        ?>
/wp-comments-post.php" method="post">
<?php 
        if ($user_ID) {
            ?>

			<div id="loggedin"><?php 
            printf(__('Logged in as <a href="%1$s" title="View your profile" class="fn">%2$s</a>. <a href="%3$s" title="Log out of this account">Log out?</a>', 'barthelme'), get_option('siteurl') . '/wp-admin/profile.php', _wp_specialchars($user_identity, true), get_option('siteurl') . '/wp-login.php?action=logout&amp;redirect_to=' . get_permalink());
            ?>
</div>

<?php 
        } else {
            ?>

			<div id="comment-notes"><?php 
            _e('Your email is <em>never</em> published nor shared.', 'barthelme');
            ?>
 <?php 
            if ($req) {
                _e('Required fields are marked <span class="req-field">*</span>', 'barthelme');
            }
            ?>