Example #1
0
/**
 * Loads the Hybrid theme settings once and allows the input of the specific field the user would 
 * like to show.  Hybrid theme settings are added with 'autoload' set to 'yes', so the settings are 
 * only loaded once on each page load.
 *
 * @since 0.7.0
 * @access public
 * @uses get_option() Gets an option from the database.
 * @uses hybrid_get_prefix() Gets the prefix of the theme.
 * @global object $hybrid The global Hybrid object.
 * @param string $option The specific theme setting the user wants.
 * @return mixed $settings[$option] Specific setting asked for.
 */
function hybrid_get_setting($option = '')
{
    global $hybrid;
    /* If no specific option was requested, return false. */
    if (!$option) {
        return false;
    }
    /* Get the default settings. */
    $defaults = hybrid_get_default_theme_settings();
    /* If the settings array hasn't been set, call get_option() to get an array of theme settings. */
    if (!isset($hybrid->settings) || !is_array($hybrid->settings)) {
        $hybrid->settings = get_option(hybrid_get_prefix() . '_theme_settings', $defaults);
    }
    /* If the option isn't set but the default is, set the option to the default. */
    if (!isset($hybrid->settings[$option]) && isset($defaults[$option])) {
        $hybrid->settings[$option] = $defaults[$option];
    }
    /* If no option is found at this point, return false. */
    if (!isset($hybrid->settings[$option])) {
        return false;
    }
    /* If the specific option is an array, return it. */
    if (is_array($hybrid->settings[$option])) {
        return $hybrid->settings[$option];
    } else {
        return wp_kses_stripslashes($hybrid->settings[$option]);
    }
}
 /**
  * Handles the sections for 
  * both quizzes and surveys.
  * 
  * @since 2.0
  */
 public function _doSections()
 {
     if ($_SERVER['REQUEST_METHOD'] == "POST") {
         $nameNeeded = array();
         for ($row = 0; $row < intval($_POST['row_count']); $row++) {
             if (!isset($_POST['section_name'][$row]) || $_POST['section_name'][$row] == "") {
                 $nameNeeded[] = $row;
                 continue;
             }
             $sectionName = wp_kses_stripslashes($_POST['section_name'][$row]);
             if (!isset($_POST['number'][$row]) || $_POST['number'][$row] == "") {
                 $_POST['number'][$row] = 0;
             }
             if (!isset($_POST['sectionid'][$row]) || empty($_POST['sectionid'][$row])) {
                 $difficulty = isset($_POST['difficulty'][$row]) ? $_POST['difficulty'][$row] : false;
                 Wpsqt_System::insertSection($_GET['id'], $sectionName, $_POST['number'][$row], $_POST['order'][$row], $difficulty);
                 continue;
             }
             if (isset($_POST['delete'][$row]) && !empty($_POST['delete'][$row])) {
                 Wpsqt_System::deleteSection($_POST['sectionid'][$row]);
             } else {
                 $difficulty = isset($_POST['difficulty'][$row]) ? $_POST['difficulty'][$row] : false;
                 Wpsqt_System::updateSection($_POST['sectionid'][$row], $sectionName, $_POST['number'][$row], $_POST['order'][$row], $difficulty);
             }
         }
         $this->_pageVars['successMessage'] = "Sections updated";
     }
     $validData = Wpsqt_System::fetchSections($_GET['id']);
     if (!empty($validData)) {
         $this->_pageVars['validData'] = $validData;
     }
 }
Example #3
0
function of_sanitize_textarea($input)
{
    // global $allowedposttags;
    // $output = wp_kses( $input, $allowedposttags);
    $output = wp_kses_stripslashes($input);
    return $output;
}
function wp_kses_split2($string, $allowed_html, $allowed_protocols)
{
    $string = wp_kses_stripslashes($string);
    if (substr($string, 0, 1) != '<') {
        return '&gt;';
    }
    # It matched a ">" character
    if (preg_match('%^<!--(.*?)(-->)?$%', $string, $matches)) {
        $string = str_replace(array('<!--', '-->'), '', $matches[1]);
        while ($string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols))) {
            $string = $newstring;
        }
        if ($string == '') {
            return '';
        }
        return "<!--{$string}-->";
    }
    # Allow HTML comments
    if (!preg_match('%^<\\s*(/\\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
        return '';
    }
    # It's seriously malformed
    $slash = trim($matches[1]);
    $elem = $matches[2];
    $attrlist = $matches[3];
    if (!@isset($allowed_html[strtolower($elem)])) {
        return '';
    }
    # They are using a not allowed HTML element
    if ($slash != '') {
        return "<{$slash}{$elem}>";
    }
    # No attributes are allowed for closing elements
    return wp_kses_attr("{$slash}{$elem}", $attrlist, $allowed_html, $allowed_protocols);
}
 function wp_kses_split2($string, $allowed_html, $allowed_protocols, $cutoff = true)
 {
     $string = wp_kses_stripslashes($string);
     if (substr($string, 0, 1) != '<') {
         return '&gt;';
     }
     # It matched a ">" character
     if (!preg_match('%^<\\s*(/\\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
         # It's seriously malformed
         if ($cutoff) {
             //hacked by NobuNobu to display not allowed element with &lt; &gt;
             return '';
         } else {
             return str_replace(array('<', '>'), array('&lt;', '&gt;'), $string);
         }
     }
     $slash = trim($matches[1]);
     $elem = $matches[2];
     $attrlist = $matches[3];
     if (!isset($allowed_html[strtolower($elem)]) || !is_array($allowed_html[strtolower($elem)])) {
         # They are using a not allowed HTML element
         if ($cutoff) {
             return '';
         } else {
             //hacked by NobuNobu to display not allowed element with &lt; &gt;
             return str_replace(array('<', '>'), array('&lt;', '&gt;'), $string);
         }
     }
     if ($slash != '') {
         return "<{$slash}{$elem}>";
     }
     # No attributes are allowed for closing elements
     return wp_kses_attr("{$slash}{$elem}", $attrlist, $allowed_html, $allowed_protocols);
 }
Example #6
0
	/**
	 * update the particular instant  
	 * 
	 * This function should check that $new_instance is set correctly.
	 * The newly calculated value of $instance should be returned.
	 * If "false" is returned, the instance won't be saved/updated.
	 *
	 * $new_instance New settings for this instance as input by the user via form()
	 * $old_instance Old settings for this instance
	 * Settings to save or bool false to cancel saving
	 */
	function update( $new_instance, $old_instance ) {
		$instance = $old_instance;
		$instance['title'] = stripslashes($new_instance['title']);
		$instance['adcode'] = wp_kses_stripslashes($new_instance['adcode']);
		$instance['image'] = esc_url_raw($new_instance['image']);
		$instance['href'] = esc_url_raw($new_instance['href']);
		$instance['alt'] = sanitize_text_field($new_instance['alt']);
		
		return $instance;
	}	
Example #7
0
/**
 * Runs the footer content posted via Ajax through the do_shortcode() function.  This makes sure the 
 * shortcodes are output correctly in the live preview.
 *
 * @since 1.4.0
 * @access private
 */
function omega_customize_footer_content_ajax()
{
    /* Check the AJAX nonce to make sure this is a valid request. */
    check_ajax_referer('omega_customize_footer_content_nonce');
    /* If footer content has been posted, run it through the do_shortcode() function. */
    if (isset($_POST['footer_content'])) {
        echo do_shortcode(wp_kses_stripslashes($_POST['footer_content']));
    }
    /* Always die() when handling Ajax. */
    die;
}
function genesis_get_custom_field($field)
{
    global $post;
    $custom_field = get_post_meta($post->ID, $field, true);
    if ($custom_field) {
        // sanitize and return the value of the custom field
        return wp_kses_stripslashes(wp_kses_decode_entities($custom_field));
    } else {
        // return FALSE if custom field is empty
        return FALSE;
    }
}
Example #9
0
/**
 * Pull an Simple Hooks option from the database, return value
 *
 * @since 0.1
 */
function simplehooks_get_option($hook = null, $field = null, $all = false)
{
    static $options = array();
    $options = $options ? $options : get_option(SIMPLEHOOKS_SETTINGS_FIELD);
    if ($all) {
        return $options;
    }
    if (!array_key_exists($hook, (array) $options)) {
        return '';
    }
    $option = isset($options[$hook][$field]) ? $options[$hook][$field] : '';
    return wp_kses_stripslashes(wp_kses_decode_entities($option));
}
 public function update($new, $old)
 {
     $instance = $old;
     $instance['title'] = strip_tags($new['title']);
     $instance['headline'] = wp_kses_stripslashes($new['headline']);
     $instance['tagline'] = wp_kses_stripslashes($new['tagline']);
     $instance['image'] = $new['image'];
     $instance['thumbnail'] = $new['thumbnail'];
     $instance['action_url'] = esc_url_raw($new['action_url']);
     $instance['action_label'] = wp_kses_stripslashes($new['action_label']);
     $instance['action_color'] = wp_kses_stripslashes($new['action_color']);
     $instance['alignment'] = wp_kses_stripslashes($new['alignment']);
     return $instance;
 }
Example #11
0
function mt_register_settings()
{
    if (!empty($_POST['lib_options']) && check_admin_referer('maintenance_edit_post', 'maintenance_nonce')) {
        if (!isset($_POST['lib_options']['state'])) {
            $_POST['lib_options']['state'] = 0;
        } else {
            $_POST['lib_options']['state'] = 1;
        }
        if (isset($_POST['lib_options']['htmlcss'])) {
            $_POST['lib_options']['htmlcss'] = wp_kses_stripslashes($_POST['lib_options']['htmlcss']);
        }
        if (isset($_POST['lib_options'])) {
            update_option('maintenance_options', $_POST['lib_options']);
        }
    }
}
function wp_kses_split2($string, $allowed_html, $allowed_protocols)
{
    $string = wp_kses_stripslashes($string);
    if (substr($string, 0, 1) != '<') {
        return '&gt;';
    }
    # It matched a ">" character
    if (!preg_match('%^<\\s*(/\\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
        return '';
    }
    # It's seriously malformed
    $slash = trim($matches[1]);
    $elem = $matches[2];
    $attrlist = $matches[3];
    if (!is_array($allowed_html[strtolower($elem)])) {
        return '';
    }
    # They are using a not allowed HTML element
    return wp_kses_attr("{$slash}{$elem}", $attrlist, $allowed_html, $allowed_protocols);
}
Example #13
0
 public function process()
 {
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
         global $wp_version;
         $errorArray = array();
         if (!isset($_POST['email']) || empty($_POST['email'])) {
             $errorArray[] = 'Email is required';
         } elseif (!is_email($_POST['email'])) {
             $errorArray[] = 'Invalid from email';
         }
         if (!isset($_POST['name']) || empty($_POST['name'])) {
             $errorArray[] = 'Name is required';
         }
         if (!isset($_POST['message']) || empty($_POST['message'])) {
             $errorArray[] = 'Message is required';
         }
         if (!isset($_POST['reason']) || empty($_POST['reason'])) {
             $errorArray[] = 'Reason is required';
             // Tho this should never be blank or empty!
         } elseif ($_POST['reason'] != "Bug" && $_POST['reason'] != 'Suggestion' && $_POST['reason'] != 'You guys rock!' && $_POST['reason'] != 'You guys are the suck!' && $_POST['reason'] != 'Moving to CatN') {
             $errorArray[] = 'Invalid reason';
             // Definetly something a miss here
         }
         if (empty($errorArray)) {
             $fromEmail = get_option('wpsqt_from_email') ? get_option('wpsqt_from_email') : get_option('admin_email');
             $headers = 'From: WPSQT Contact Form' . PHP_EOL;
             $headers .= 'Reply-To: ' . trim($_POST['name']) . ' <' . $_POST['email'] . '>' . PHP_EOL;
             $message = 'From: ' . trim($_POST['name']) . ' <' . $fromEmail . '>' . PHP_EOL;
             $message .= 'WPSQT Version: ' . WPSQT_VERSION . PHP_EOL;
             $message .= 'PHP Version: ' . PHP_VERSION . PHP_EOL;
             $message .= 'WordPress Version: ' . $wp_version . PHP_EOL;
             $message .= 'Message: ' . esc_html(wp_kses_stripslashes($_POST['message'])) . PHP_EOL;
             if (!wp_mail(WPSQT_CONTACT_EMAIL, 'WPSQT : ' . stripslashes($_POST['reason']), $message, $headers)) {
                 $errorArray[] = 'Unable to send email, please check wordpress settings';
             } else {
                 $successMessage = 'Email sent! Thank you for reponse';
             }
         }
     }
     $this->_pageView = "admin/misc/contact.php";
 }
function uz_ace_editor_input($label, $input_name, $input_value, $mode = 'css')
{
    $label_string = "label_{$input_name}";
    ?>

	<div class="uz_input">

		<label> <?php 
    echo $label;
    ?>
 </label>

		<div id="<?php 
    echo $mode;
    ?>
_container">
			<div name="<?php 
    echo $input_name;
    ?>
" id="<?php 
    echo $mode;
    ?>
_editor"></div>
		</div>

		<textarea id="<?php 
    echo $mode;
    ?>
_textarea" name="<?php 
    echo $input_name;
    ?>
" style="display: none;"><?php 
    echo wp_kses_stripslashes($input_value);
    ?>
</textarea>

	</div>

	<?php 
}
Example #15
0
/**
 * Loads the Hybrid theme settings once and allows the input of the specific field the user would 
 * like to show.  Hybrid theme settings are added with 'autoload' set to 'yes', so the settings are 
 * only loaded once on each page load.
 *
 * @since 0.7.0
 * @access public
 * @uses get_option() Gets an option from the database.
 * @uses hybrid_get_prefix() Gets the prefix of the theme.
 * @global object $hybrid The global Hybrid object.
 * @param string $option The specific theme setting the user wants.
 * @return mixed $settings[$option] Specific setting asked for.
 */
function hybrid_get_setting($option = '')
{
    global $hybrid;
    /* If no specific option was requested, return false. */
    if (!$option) {
        return false;
    }
    /* If the settings array hasn't been set, call get_option() to get an array of theme settings. */
    if (!isset($hybrid->settings)) {
        $hybrid->settings = get_option(hybrid_get_prefix() . '_theme_settings', hybrid_get_default_theme_settings());
    }
    /* If the settings isn't an array or the specific option isn't in the array, return false. */
    if (!is_array($hybrid->settings) || empty($hybrid->settings[$option])) {
        return false;
    }
    /* If the specific option is an array, return it. */
    if (is_array($hybrid->settings[$option])) {
        return $hybrid->settings[$option];
    } else {
        return wp_kses_stripslashes($hybrid->settings[$option]);
    }
}
Example #16
0
 function widget($args, $instance)
 {
     extract($args);
     $image = $instance['image'];
     $url = $instance['url'];
     $alt = $instance['alt'];
     $code = $instance['code'];
     $target = !empty($instance['target']) ? ' target="_blank"' : '';
     $nofollow = !empty($instance['nofollow']) ? ' rel="nofollow"' : '';
     echo $before_widget;
     if ($instance['title']) {
         echo $before_title . apply_filters('widget_title', $instance['title'], $instance, $this->id_base) . $after_title;
     }
     echo '<div class="ad-widget">';
     if (!empty($code)) {
         echo wp_kses_stripslashes($code);
     } else {
         echo '<a' . $target . $nofollow . ' href="' . $url . '"><img src="' . $image . '" alt="' . $alt . '" /></a>';
     }
     echo '</div>';
     echo $after_widget;
 }
 /** 
  * This is a modified version of the WordPress function wp_kses_split2.
  *
  * @since 1.4
  *
  * @param array $match
  * @return string Fixed HTML element
  */
 private static function kses_split($match)
 {
     $string = wp_kses_stripslashes($match[0]);
     // Encode the ">" character
     if (substr($string, 0, 1) != '<') {
         return '&gt;';
     }
     // Do not allow HTML comments
     if ('<!--' == substr($string, 0, 4)) {
         return '';
     }
     // It's seriously malformed
     if (!preg_match('%^<\\s*(/\\s*)?([a-zA-Z0-9:]+)([^>]*)>?$%', $string, $matches)) {
         return '';
     }
     $slash = trim($matches[1]);
     $elem = $matches[2];
     //$attrlist = $matches[3];
     // They are using a not allowed HTML element
     if (!isset(self::$xmlTags[strtolower($elem)])) {
         return '';
     }
     return $slash ? "</{$elem}>" : "<{$elem}>";
 }
Example #18
0
 /**
  * Sends Updated Actions to the List Table View
  *
  * @todo fix reliability issues with sidebar widgets
  *
  * @uses gather_updated_items
  * @uses generate_row
  *
  * @param  array  Response to heartbeat
  * @param  array  Response from heartbeat
  *
  * @return array  Data sent to heartbeat
  */
 public static function live_update($response, $data)
 {
     if (!isset($data['wp-stream-heartbeat-last-id'])) {
         return;
     }
     $last_id = intval($data['wp-stream-heartbeat-last-id']);
     $query = $data['wp-stream-heartbeat-query'];
     if (empty($query)) {
         $query = array();
     }
     // Decode the query
     $query = json_decode(wp_kses_stripslashes($query));
     $updated_items = WP_Stream_Dashboard_Widget::gather_updated_items($last_id, $query);
     if (!empty($updated_items)) {
         ob_start();
         foreach ($updated_items as $item) {
             self::$list_table->single_row($item);
         }
         $send = ob_get_clean();
     } else {
         $send = '';
     }
     return $send;
 }
Example #19
0
 function update($new, $old)
 {
     $instance = $old;
     $instance['title'] = strip_tags($new['title']);
     $instance['category'] = (int) $new['category'];
     $instance['archive'] = (int) $new['archive'];
     $instance['recent'] = (int) $new['recent'];
     $instance['tag'] = (int) $new['tag'];
     $instance['menu'] = (int) $new['menu'];
     $instance['text'] = (int) $new['text'];
     $instance['showcount'] = (int) $new['showcount'];
     $instance['limits'] = (int) $new['limits'];
     $instance['category_label'] = wp_kses_stripslashes($new['category_label']);
     $instance['archive_label'] = wp_kses_stripslashes($new['archive_label']);
     $instance['recent_label'] = wp_kses_stripslashes($new['recent_label']);
     $instance['tag_label'] = wp_kses_stripslashes($new['tag_label']);
     $instance['menu_label'] = wp_kses_stripslashes($new['menu_label']);
     $instance['menu_id'] = $new['menu_id'];
     $instance['text_label'] = wp_kses_stripslashes($new['text_label']);
     $instance['textcontent'] = wp_kses_stripslashes($new['textcontent']);
     $instance['data'] = $new['data'];
     $items = array();
     parse_str($instance['data'], $items);
     if (!empty($items['tab'])) {
         $ii = 1;
         foreach ($items['tab'] as $item) {
             if ($instance[$item]) {
                 $instance[$item] = $ii;
                 $ii = $ii + 1;
             }
         }
     }
     return $instance;
 }
Example #20
0
/**
 * Callback for wp_kses_split for fixing malformed HTML tags.
 *
 * This function does a lot of work. It rejects some very malformed things like
 * <:::>. It returns an empty string, if the element isn't allowed (look ma, no
 * strip_tags()!). Otherwise it splits the tag into an element and an attribute
 * list.
 *
 * After the tag is split into an element and an attribute list, it is run
 * through another filter which will remove illegal attributes and once that is
 * completed, will be returned.
 *
 * @access private
 * @since 1.0.0
 *
 * @param string $string            Content to filter
 * @param array  $allowed_html      Allowed HTML elements
 * @param array  $allowed_protocols Allowed protocols to keep
 * @return string Fixed HTML element
 */
function wp_kses_split2($string, $allowed_html, $allowed_protocols)
{
    $string = wp_kses_stripslashes($string);
    if (substr($string, 0, 1) != '<') {
        return '&gt;';
    }
    // It matched a ">" character
    if ('<!--' == substr($string, 0, 4)) {
        $string = str_replace(array('<!--', '-->'), '', $string);
        while ($string != ($newstring = wp_kses($string, $allowed_html, $allowed_protocols))) {
            $string = $newstring;
        }
        if ($string == '') {
            return '';
        }
        // prevent multiple dashes in comments
        $string = preg_replace('/--+/', '-', $string);
        // prevent three dashes closing a comment
        $string = preg_replace('/-$/', '', $string);
        return "<!--{$string}-->";
    }
    // Allow HTML comments
    if (!preg_match('%^<\\s*(/\\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
        return '';
    }
    // It's seriously malformed
    $slash = trim($matches[1]);
    $elem = $matches[2];
    $attrlist = $matches[3];
    if (!is_array($allowed_html)) {
        $allowed_html = wp_kses_allowed_html($allowed_html);
    }
    if (!isset($allowed_html[strtolower($elem)])) {
        return '';
    }
    // They are using a not allowed HTML element
    if ($slash != '') {
        return "</{$elem}>";
    }
    // No attributes are allowed for closing elements
    return wp_kses_attr($elem, $attrlist, $allowed_html, $allowed_protocols);
}
Example #21
0
/**
 * Sanitize and validate input. Accepts an array, return a sanitized array.
 */
function responsive_theme_options_validate($input)
{
    // checkbox value is either 0 or 1
    foreach (array('breadcrumb', 'cta_button') as $checkbox) {
        if (!isset($input[$checkbox])) {
            $input[$checkbox] = null;
        }
        $input[$checkbox] = $input[$checkbox] == 1 ? 1 : 0;
    }
    $input['home_headline'] = wp_kses_stripslashes($input['home_headline']);
    $input['home_subheadline'] = wp_kses_stripslashes($input['home_subheadline']);
    $input['home_content_area'] = wp_kses_stripslashes($input['home_content_area']);
    $input['cta_text'] = wp_kses_stripslashes($input['cta_text']);
    $input['cta_url'] = esc_url_raw($input['cta_url']);
    $input['featured_content'] = wp_kses_stripslashes($input['featured_content']);
    $input['google_site_verification'] = wp_filter_post_kses($input['google_site_verification']);
    $input['bing_site_verification'] = wp_filter_post_kses($input['bing_site_verification']);
    $input['yahoo_site_verification'] = wp_filter_post_kses($input['yahoo_site_verification']);
    $input['site_statistics_tracker'] = wp_kses_stripslashes($input['site_statistics_tracker']);
    $input['twitter_uid'] = esc_url_raw($input['twitter_uid']);
    $input['facebook_uid'] = esc_url_raw($input['facebook_uid']);
    $input['linkedin_uid'] = esc_url_raw($input['linkedin_uid']);
    $input['youtube_uid'] = esc_url_raw($input['youtube_uid']);
    $input['stumble_uid'] = esc_url_raw($input['stumble_uid']);
    $input['rss_uid'] = esc_url_raw($input['rss_uid']);
    $input['google_plus_uid'] = esc_url_raw($input['google_plus_uid']);
    $input['instagram_uid'] = esc_url_raw($input['instagram_uid']);
    $input['pinterest_uid'] = esc_url_raw($input['pinterest_uid']);
    $input['yelp_uid'] = esc_url_raw($input['yelp_uid']);
    $input['vimeo_uid'] = esc_url_raw($input['vimeo_uid']);
    $input['foursquare_uid'] = esc_url_raw($input['foursquare_uid']);
    $input['responsive_inline_css'] = wp_kses_stripslashes($input['responsive_inline_css']);
    $input['responsive_inline_js_head'] = wp_kses_stripslashes($input['responsive_inline_js_head']);
    $input['responsive_inline_css_js_footer'] = wp_kses_stripslashes($input['responsive_inline_css_js_footer']);
    return $input;
}
 /**
  * Shortcode render.
  * 
  * @since 1.0.0
  * @access public
  * @return json
  */
 public function shortcode_render()
 {
     // Check ajax referer
     check_ajax_referer($this->action_nonce, $this->field_nonce);
     $type = isset($_POST['type']) ? $_POST['type'] : '';
     $method = isset($_POST['method']) ? $_POST['method'] : 'add';
     $mode = isset($_POST['mode']) ? $_POST['mode'] : 'frontend';
     $data = array();
     switch ($method) {
         case 'duplicate':
             global $TF_Layout;
             if ('module' == $type) {
                 global $tf_modules, $tf_styles;
                 $module_instance = $tf_modules->get_module($_POST['module']);
                 $atts = isset($_POST['shortcode_params']) ? $_POST['shortcode_params'] : '';
                 $content = isset($_POST['shortcode_content']) ? wp_kses_stripslashes($_POST['shortcode_content']) : '';
                 $template_id = (int) $_POST['template_id'];
                 $data_styling = isset($_POST['data_styling']) ? json_decode(stripslashes($_POST['data_styling']), true) : array();
                 $styles = array();
                 $atts['sc_id'] = TF_Model::generate_block_id();
                 // generate new sc_id
                 if (is_array($data_styling) && count($data_styling) > 0) {
                     $data_styling['ID'] = $atts['sc_id'];
                     $styles[$atts['sc_id']] = array('module' => $data_styling['module']);
                     if (isset($data_styling['settings']) && count($data_styling['settings']) > 0) {
                         foreach ($data_styling['settings'] as $fields) {
                             $setting_key = '';
                             foreach ($fields as $key => $val) {
                                 if ('SettingKey' == $key) {
                                     $setting_key = $val;
                                 } else {
                                     $styles[$atts['sc_id']]['settings'][$setting_key][$key] = stripslashes_deep($val);
                                 }
                             }
                         }
                     }
                 }
                 $render_style = '';
                 if (count($styles) > 0) {
                     $render_style = '<style type="text/css" id="tf-template-temp-' . $atts['sc_id'] . '-css">' . $tf_styles->generate_css($styles) . '</style>';
                 }
                 if (isset($atts['editable_markup'])) {
                     unset($atts['editable_markup']);
                 }
                 if (get_magic_quotes_gpc()) {
                     $atts = stripslashes_deep($atts);
                 }
                 $shortcode_string = $module_instance->to_shortcode($atts, $content);
                 global $post;
                 $post = get_post($template_id);
                 setup_postdata($post);
                 $shortcode = $TF_Layout->render($shortcode_string);
                 $data = array('module' => sanitize_text_field($_POST['module']), 'content' => tf_escape_atts($content), 'atts' => $atts, 'caption' => $module_instance->name, 'element' => $shortcode, 'styles' => $render_style, 'model' => $data_styling);
             } else {
                 if ('row' == $type) {
                     global $tf_editor_ui;
                     $row_data = isset($_POST['row_data']) ? stripslashes_deep($_POST['row_data']) : array();
                     tf_recursive_unset($row_data, 'sc_id');
                     tf_recursive_unset($row_data, 'editable_markup');
                     $shortcode = TF_Model::array_to_shortcode(array($row_data));
                     $tf_editor_ui->force_editable_shortcode($mode);
                     $data = $TF_Layout->render($shortcode);
                 }
             }
             break;
     }
     wp_send_json_success($data);
 }
Example #23
0
/**
 * Validate content options
 * @param array $options
 * @uses esc_url_raw, absint, esc_textarea, sanitize_text_field, ecvetstep_invalidate_caches
 * @return array
 */
function ecvetstep_theme_options_validate($options)
{
    global $ecvetstep_options_settings, $ecvetstep_options_defaults;
    $input_validated = $ecvetstep_options_settings;
    $defaults = $ecvetstep_options_defaults;
    $input = array();
    $input = $options;
    // Data Validation for Resonsive Design
    if (isset($input['disable_responsive'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['disable_responsive'] = $input['disable_responsive'];
    }
    if (isset($input['enable_menus'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['enable_menus'] = $input['enable_menus'];
    }
    // Data Validation for Favicon
    if (isset($input['fav_icon'])) {
        $input_validated['fav_icon'] = esc_url_raw($input['fav_icon']);
    }
    if (isset($input['remove_favicon'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['remove_favicon'] = $input['remove_favicon'];
    }
    // Data Validation for web clip icon
    if (isset($input['web_clip'])) {
        $input_validated['web_clip'] = esc_url_raw($input['web_clip']);
    }
    if (isset($input['remove_web_clip'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['remove_web_clip'] = $input['remove_web_clip'];
    }
    // Data Validation for Homepage Headline Message
    if (isset($input['homepage_headline'])) {
        $input_validated['homepage_headline'] = sanitize_text_field($input['homepage_headline']) ? $input['homepage_headline'] : $defaults['homepage_headline'];
    }
    if (isset($input['homepage_subheadline'])) {
        $input_validated['homepage_subheadline'] = sanitize_text_field($input['homepage_subheadline']) ? $input['homepage_subheadline'] : $defaults['homepage_subheadline'];
    }
    if (isset($input['homepage_headline_button'])) {
        $input_validated['homepage_headline_button'] = sanitize_text_field($input['homepage_headline_button']) ? $input['homepage_headline_button'] : $defaults['homepage_headline_button'];
    }
    if (isset($input['homepage_headline_url'])) {
        $input_validated['homepage_headline_url'] = esc_url_raw($input['homepage_headline_url']) ? $input['homepage_headline_url'] : $defaults['homepage_headline_url'];
    }
    if (isset($input['disable_homepage_headline'])) {
        $input_validated['disable_homepage_headline'] = $input['disable_homepage_headline'];
    }
    if (isset($input['disable_homepage_subheadline'])) {
        $input_validated['disable_homepage_subheadline'] = $input['disable_homepage_subheadline'];
    }
    if (isset($input['disable_homepage_button'])) {
        $input_validated['disable_homepage_button'] = $input['disable_homepage_button'];
    }
    // Data Validation for Header Sidebar
    if (isset($input['disable_header_right_sidebar'])) {
        $input_validated['disable_header_right_sidebar'] = $input['disable_header_right_sidebar'];
    }
    // Data validation for Large Header Image
    if (isset($input['enable_featured_header_image'])) {
        $input_validated['enable_featured_header_image'] = $input['enable_featured_header_image'];
    }
    if (isset($input['page_featured_image'])) {
        $input_validated['page_featured_image'] = $input['page_featured_image'];
    }
    if (isset($input['featured_header_image'])) {
        $input_validated['featured_header_image'] = esc_url_raw($input['featured_header_image']) ? $input['featured_header_image'] : $defaults['featured_header_image'];
    }
    if (isset($input['featured_header_image_alt'])) {
        $input_validated['featured_header_image_alt'] = sanitize_text_field($input['featured_header_image_alt']);
    }
    if (isset($input['featured_header_image_url'])) {
        $input_validated['featured_header_image_url'] = esc_url_raw($input['featured_header_image_url']);
    }
    if (isset($input['featured_header_image_base'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['featured_header_image_base'] = $input['featured_header_image_base'];
    }
    if (isset($input['reset_featured_image'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['reset_featured_image'] = $input['reset_featured_image'];
    }
    //Reset Header Featured Image Options
    if ($input['reset_featured_image'] == 1) {
        $input_validated['enable_featured_header_image'] = $defaults['enable_featured_header_image'];
        $input_validated['page_featured_image'] = $defaults['page_featured_image'];
        $input_validated['featured_header_image'] = $defaults['featured_header_image'];
        $input_validated['featured_header_image_alt'] = $defaults['featured_header_image_alt'];
        $input_validated['featured_header_image_url'] = $defaults['featured_header_image_url'];
        $input_validated['featured_header_image_base'] = $defaults['featured_header_image_base'];
    }
    // data validation for Color Scheme
    if (isset($input['color_scheme'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['color_scheme'] = $input['color_scheme'];
    }
    // Data Validation for Custom CSS Style
    if (isset($input['custom_css'])) {
        $input_validated['custom_css'] = wp_kses_stripslashes($input['custom_css']);
    }
    // Data Validation for Homepage Featured Content
    if (isset($input['disable_homepage_featured'])) {
        $input_validated['disable_homepage_featured'] = $input['disable_homepage_featured'];
    }
    if (isset($input['homepage_featured_headline'])) {
        $input_validated['homepage_featured_headline'] = sanitize_text_field($input['homepage_featured_headline']) ? $input['homepage_featured_headline'] : $defaults['homepage_featured_headline'];
    }
    if (isset($input['homepage_featured_image'])) {
        $input_validated['homepage_featured_image'] = array();
    }
    if (isset($input['homepage_featured_url'])) {
        $input_validated['homepage_featured_url'] = array();
    }
    if (isset($input['homepage_featured_base'])) {
        $input_validated['homepage_featured_base'] = array();
    }
    if (isset($input['homepage_featured_title'])) {
        $input_validated['homepage_featured_title'] = array();
    }
    if (isset($input['homepage_featured_content'])) {
        $input_validated['homepage_featured_content'] = array();
    }
    if (isset($input['homepage_featured_layout'])) {
        $input_validated['homepage_featured_layout'] = $input['homepage_featured_layout'];
    }
    if (isset($input['homepage_featured_qty'])) {
        $input_validated['homepage_featured_qty'] = absint($input['homepage_featured_qty']) ? $input['homepage_featured_qty'] : $defaults['homepage_featured_qty'];
        for ($i = 1; $i <= $input['homepage_featured_qty']; $i++) {
            if (!empty($input['homepage_featured_image'][$i])) {
                $input_validated['homepage_featured_image'][$i] = esc_url_raw($input['homepage_featured_image'][$i]);
            }
            if (!empty($input['homepage_featured_url'][$i])) {
                $input_validated['homepage_featured_url'][$i] = esc_url_raw($input['homepage_featured_url'][$i]);
            }
            if (!empty($input['homepage_featured_base'][$i])) {
                $input_validated['homepage_featured_base'][$i] = $input['homepage_featured_base'][$i];
            }
            if (!empty($input['homepage_featured_title'][$i])) {
                $input_validated['homepage_featured_title'][$i] = sanitize_text_field($input['homepage_featured_title'][$i]);
            }
            if (!empty($input['homepage_featured_content'][$i])) {
                $input_validated['homepage_featured_content'][$i] = wp_kses_stripslashes($input['homepage_featured_content'][$i]);
            }
        }
    }
    // Data Validation for Homepage
    if (isset($input['enable_posts_home'])) {
        $input_validated['enable_posts_home'] = $input['enable_posts_home'];
    }
    if (isset($input['move_posts_home'])) {
        $input_validated['move_posts_home'] = $input['move_posts_home'];
    }
    if (isset($input['exclude_slider_post'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['exclude_slider_post'] = $input['exclude_slider_post'];
    }
    // Front page posts categories
    if (isset($input['front_page_category'])) {
        $input_validated['front_page_category'] = $input['front_page_category'];
    }
    // data validation for Slider Type
    if (isset($input['select_slider_type'])) {
        $input_validated['select_slider_type'] = $input['select_slider_type'];
    }
    // data validation for Enable Slider
    if (isset($input['enable_slider'])) {
        $input_validated['enable_slider'] = $input['enable_slider'];
    }
    // data validation for number of slides
    if (isset($input['slider_qty'])) {
        $input_validated['slider_qty'] = absint($input['slider_qty']) ? $input['slider_qty'] : 4;
    }
    // data validation for transition effect
    if (isset($input['transition_effect'])) {
        $input_validated['transition_effect'] = wp_filter_nohtml_kses($input['transition_effect']);
    }
    // data validation for transition delay
    if (isset($input['transition_delay']) && is_numeric($input['transition_delay'])) {
        $input_validated['transition_delay'] = $input['transition_delay'];
    }
    // data validation for transition length
    if (isset($input['transition_duration']) && is_numeric($input['transition_duration'])) {
        $input_validated['transition_duration'] = $input['transition_duration'];
    }
    // data validation for Featured Post and Page Slider
    if (isset($input['featured_slider'])) {
        $input_validated['featured_slider'] = array();
    }
    if (isset($input['featured_slider_page'])) {
        $input_validated['featured_slider_page'] = array();
    }
    if (isset($input['slider_qty'])) {
        for ($i = 1; $i <= $input['slider_qty']; $i++) {
            if (!empty($input['featured_slider'][$i]) && intval($input['featured_slider'][$i])) {
                $input_validated['featured_slider'][$i] = absint($input['featured_slider'][$i]);
            }
            if (!empty($input['featured_slider_page'][$i]) && intval($input['featured_slider_page'][$i])) {
                $input_validated['featured_slider_page'][$i] = absint($input['featured_slider_page'][$i]);
            }
        }
    }
    //Featured Catgory Slider
    if (isset($input['slider_category'])) {
        $input_validated['slider_category'] = $input['slider_category'];
    }
    // data validation for Featured Image SLider
    if (isset($input['featured_image_slider_image'])) {
        $input_validated['featured_image_slider_image'] = array();
    }
    if (isset($input['featured_image_slider_link'])) {
        $input_validated['featured_image_slider_link'] = array();
    }
    if (isset($input['featured_image_slider_base'])) {
        $input_validated['featured_image_slider_base'] = array();
    }
    if (isset($input['featured_image_slider_title'])) {
        $input_validated['featured_image_slider_title'] = array();
    }
    if (isset($input['featured_image_slider_content'])) {
        $input_validated['featured_image_slider_content'] = array();
    }
    if (isset($input['slider_qty'])) {
        for ($i = 1; $i <= $input['slider_qty']; $i++) {
            if (!empty($input['featured_image_slider_image'][$i])) {
                $input_validated['featured_image_slider_image'][$i] = esc_url_raw($input['featured_image_slider_image'][$i]);
            }
            if (!empty($input['featured_image_slider_link'][$i])) {
                $input_validated['featured_image_slider_link'][$i] = esc_url_raw($input['featured_image_slider_link'][$i]);
            }
            if (!empty($input['featured_image_slider_base'][$i])) {
                $input_validated['featured_image_slider_base'][$i] = $input['featured_image_slider_base'][$i];
            }
            if (!empty($input['featured_image_slider_title'][$i])) {
                $input_validated['featured_image_slider_title'][$i] = sanitize_text_field($input['featured_image_slider_title'][$i]);
            }
            if (!empty($input['featured_image_slider_content'][$i])) {
                $input_validated['featured_image_slider_content'][$i] = wp_kses_stripslashes($input['featured_image_slider_content'][$i]);
            }
        }
    }
    // data validation for Social Icons
    if (isset($input['social_facebook'])) {
        $input_validated['social_facebook'] = esc_url_raw($input['social_facebook']);
    }
    if (isset($input['social_twitter'])) {
        $input_validated['social_twitter'] = esc_url_raw($input['social_twitter']);
    }
    if (isset($input['social_googleplus'])) {
        $input_validated['social_googleplus'] = esc_url_raw($input['social_googleplus']);
    }
    if (isset($input['social_pinterest'])) {
        $input_validated['social_pinterest'] = esc_url_raw($input['social_pinterest']);
    }
    if (isset($input['social_youtube'])) {
        $input_validated['social_youtube'] = esc_url_raw($input['social_youtube']);
    }
    if (isset($input['social_vimeo'])) {
        $input_validated['social_vimeo'] = esc_url_raw($input['social_vimeo']);
    }
    if (isset($input['social_linkedin'])) {
        $input_validated['social_linkedin'] = esc_url_raw($input['social_linkedin']);
    }
    if (isset($input['social_slideshare'])) {
        $input_validated['social_slideshare'] = esc_url_raw($input['social_slideshare']);
    }
    if (isset($input['social_foursquare'])) {
        $input_validated['social_foursquare'] = esc_url_raw($input['social_foursquare']);
    }
    if (isset($input['social_flickr'])) {
        $input_validated['social_flickr'] = esc_url_raw($input['social_flickr']);
    }
    if (isset($input['social_tumblr'])) {
        $input_validated['social_tumblr'] = esc_url_raw($input['social_tumblr']);
    }
    if (isset($input['social_deviantart'])) {
        $input_validated['social_deviantart'] = esc_url_raw($input['social_deviantart']);
    }
    if (isset($input['social_dribbble'])) {
        $input_validated['social_dribbble'] = esc_url_raw($input['social_dribbble']);
    }
    if (isset($input['social_myspace'])) {
        $input_validated['social_myspace'] = esc_url_raw($input['social_myspace']);
    }
    if (isset($input['social_wordpress'])) {
        $input_validated['social_wordpress'] = esc_url_raw($input['social_wordpress']);
    }
    if (isset($input['social_rss'])) {
        $input_validated['social_rss'] = esc_url_raw($input['social_rss']);
    }
    if (isset($input['social_delicious'])) {
        $input_validated['social_delicious'] = esc_url_raw($input['social_delicious']);
    }
    if (isset($input['social_lastfm'])) {
        $input_validated['social_lastfm'] = esc_url_raw($input['social_lastfm']);
    }
    if (isset($input['social_instagram'])) {
        $input_validated['social_instagram'] = esc_url_raw($input['social_instagram']);
    }
    if (isset($input['social_github'])) {
        $input_validated['social_github'] = esc_url_raw($input['social_github']);
    }
    if (isset($input['social_vkontakte'])) {
        $input_validated['social_vkontakte'] = esc_url_raw($input['social_vkontakte']);
    }
    if (isset($input['social_myworld'])) {
        $input_validated['social_myworld'] = esc_url_raw($input['social_myworld']);
    }
    if (isset($input['social_odnoklassniki'])) {
        $input_validated['social_odnoklassniki'] = esc_url_raw($input['social_odnoklassniki']);
    }
    if (isset($input['social_goodreads'])) {
        $input_validated['social_goodreads'] = esc_url_raw($input['social_goodreads']);
    }
    if (isset($input['social_skype'])) {
        $input_validated['social_skype'] = sanitize_text_field($input['social_skype']);
    }
    if (isset($input['social_soundcloud'])) {
        $input_validated['social_soundcloud'] = esc_url_raw($input['social_soundcloud']);
    }
    // data validation for Custom Social Icons
    if (isset($input['social_custom_qty'])) {
        $input_validated['social_custom_qty'] = absint($input['social_custom_qty']) ? $input['social_custom_qty'] : 1;
    }
    if (isset($input['social_custom_name'])) {
        $input_validated['social_custom_name'] = array();
    }
    if (isset($input['social_custom_image'])) {
        $input_validated['social_custom_image'] = array();
    }
    if (isset($input['social_custom_url'])) {
        $input_validated['social_custom_url'] = array();
    }
    if (isset($input['social_custom_qty'])) {
        for ($i = 1; $i <= $input['social_custom_qty']; $i++) {
            if (!empty($input['social_custom_name'][$i])) {
                $input_validated['social_custom_name'][$i] = sanitize_text_field($input['social_custom_name'][$i]);
            }
            if (!empty($input['social_custom_image'][$i])) {
                $input_validated['social_custom_image'][$i] = esc_url_raw($input['social_custom_image'][$i]);
            }
            if (!empty($input['social_custom_url'][$i])) {
                $input_validated['social_custom_url'][$i] = esc_url_raw($input['social_custom_url'][$i]);
            }
        }
    }
    //Webmaster Tool Verification
    if (isset($input['google_verification'])) {
        $input_validated['google_verification'] = wp_filter_post_kses($input['google_verification']);
    }
    if (isset($input['yahoo_verification'])) {
        $input_validated['yahoo_verification'] = wp_filter_post_kses($input['yahoo_verification']);
    }
    if (isset($input['bing_verification'])) {
        $input_validated['bing_verification'] = wp_filter_post_kses($input['bing_verification']);
    }
    if (isset($input['analytic_header'])) {
        $input_validated['analytic_header'] = wp_kses_stripslashes($input['analytic_header']);
    }
    if (isset($input['analytic_footer'])) {
        $input_validated['analytic_footer'] = wp_kses_stripslashes($input['analytic_footer']);
    }
    // Layout settings verification
    if (isset($input['sidebar_layout'])) {
        $input_validated['sidebar_layout'] = $input['sidebar_layout'];
    }
    if (isset($input['content_layout'])) {
        $input_validated['content_layout'] = $input['content_layout'];
    }
    //data validation for more text
    if (isset($input['more_tag_text'])) {
        $input_validated['more_tag_text'] = htmlentities(sanitize_text_field($input['more_tag_text']), ENT_QUOTES, 'UTF-8');
    }
    //data validation for excerpt length
    if (isset($input['excerpt_length'])) {
        $input_validated['excerpt_length'] = absint($input['excerpt_length']) ? $input['excerpt_length'] : $defaults['excerpt_length'];
    }
    if (isset($input['reset_moretag'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['reset_moretag'] = $input['reset_moretag'];
    }
    //Reset Color Options
    if ($input['reset_moretag'] == 1) {
        $input_validated['more_tag_text'] = $defaults['more_tag_text'];
        $input_validated['excerpt_length'] = $defaults['excerpt_length'];
    }
    if (isset($input['search_display_text'])) {
        $input_validated['search_display_text'] = sanitize_text_field($input['search_display_text']) ? $input['search_display_text'] : $defaults['search_display_text'];
    }
    // Data Validation for Featured Image
    if (isset($input['featured_image'])) {
        $input_validated['featured_image'] = $input['featured_image'];
    }
    if (isset($input['reset_layout'])) {
        // Our checkbox value is either 0 or 1
        $input_validated['reset_layout'] = $input['reset_layout'];
    }
    //Reset Color Options
    if ($input['reset_layout'] == 1) {
        $input_validated['sidebar_layout'] = $defaults['sidebar_layout'];
        $input_validated['content_layout'] = $defaults['content_layout'];
        $input_validated['featured_image'] = $defaults['featured_image'];
    }
    //Feed Redirect
    if (isset($input['feed_url'])) {
        $input_validated['feed_url'] = esc_url_raw($input['feed_url']);
    }
    //Clearing the theme option cache
    if (function_exists('ecvetstep_themeoption_invalidate_caches')) {
        ecvetstep_themeoption_invalidate_caches();
    }
    return $input_validated;
}
/**
 * Sanitizes iframe code etc by stripping slashes
 *
 * @param $input code e.g. iframe
 *
 * @return string
 */
function responsive_pro_code_sanitize($input)
{
    $input = wp_kses_stripslashes($input);
    return $input;
}
 /**
  * Validates the javascript textarea
  *
  * @param $input
  * @param $key
  *
  * @return string
  */
 protected function validate_js($input, $key)
 {
     $input = wp_kses_stripslashes($input);
     return $input;
 }
Example #26
0
function add_css_fields()
{
    $mt_option = mt_get_plugin_options(true);
    echo '<table class="form-table">';
    echo '<tbody>';
    generate_textarea_filed(__('CSS Code', 'maintenance'), 'custom_css', 'custom_css', wp_kses_stripslashes($mt_option['custom_css']));
    echo '</tbody>';
    echo '</table>';
}
 public function responsive_addons_sanitize($input)
 {
     $output = array();
     foreach ($input as $key => $test) {
         switch ($key) {
             case 'google_site_verification':
                 $output[$key] = wp_filter_post_kses($test);
                 break;
             case 'yahoo_site_verification':
                 $output[$key] = wp_filter_post_kses($test);
                 break;
             case 'bing_site_verification':
                 $output[$key] = wp_filter_post_kses($test);
                 break;
             case 'site_statistics_tracker':
                 $output[$key] = wp_kses_stripslashes($test);
                 break;
         }
     }
     return $output;
 }
Example #28
0
 /**
  * Saves field content sent by ajax
  * Hookable through action 'wa_fronted_save'
  * @return json $result
  */
 public function wa_fronted_save()
 {
     $return = array('success' => true);
     if (isset($_POST['data']) && wp_verify_nonce($_POST['wa_fronted_save_nonce'], 'wa_fronted_save_nonce')) {
         $data = $_POST['data'];
         foreach ($data as $this_data) {
             $safe_content = trim(wp_kses_stripslashes($this->unfilter_shortcodes($this_data['content'])));
             $field_type = $this_data['options']['field_type'];
             $post_id = (int) $this_data['options']['post_id'];
             if ($field_type == 'post_content' || $field_type == 'post_title' || $field_type == 'post_excerpt') {
                 wp_update_post(array('ID' => $post_id, $field_type => $safe_content));
             } else {
                 if (strpos($field_type, 'meta_') !== false && array_key_exists('meta_key', $this_data['options'])) {
                     switch ($field_type) {
                         case 'text':
                         case 'email':
                         case 'url':
                         case 'number':
                             $safe_content = trim(strip_tags($safe_content));
                         case 'textarea':
                             if (!$this_data['options']['paragraphs']) {
                                 $safe_content = strip_tags($safe_content);
                             }
                             $safe_content = trim($safe_content);
                             break;
                     }
                     update_post_meta($post_id, $this_data['options']['meta_key'], $safe_content);
                 } else {
                     if ($field_type == 'option' && array_key_exists('option_name', $this_data['options'])) {
                         update_option($this_data['options']['option_name'], $safe_content);
                     }
                 }
             }
         }
         do_action('wa_fronted_save', $data);
     } else {
         $return['success'] = false;
         $return['error'] = __('Sent data not valid', 'wa-fronted');
     }
     wp_send_json($return);
 }
Example #29
0
/**
 * Adds sanitization callback function: Strip Slashes
 * @package phg_gold
 */
function phg_gold_sanitize_strip_slashes($input)
{
    return wp_kses_stripslashes($input);
}
Example #30
0
 /**
  * Validate settings for options
  * @uses   normalize_whitespace
  * @access public
  *
  * @param  array $value
  *
  * @since  2.0.0
  * @return string $value
  */
 public function validate_settings($value)
 {
     // Save core buttons changes
     if (isset($value['core_buttons'])) {
         $core_buttons = $value['core_buttons'];
     }
     // Save Code buttons
     if (isset($value['code_buttons'])) {
         $code_buttons = $value['code_buttons'];
     }
     // set allowed values for import, only the defaults of plugin and custom post types
     $allowed_settings = (array) array_merge($this->get_post_types_for_js(), array('text', 'title', 'start', 'end', 'access', 'order', 'visual'));
     $buttons = '';
     // filter for allowed values
     foreach ($value['buttons'] as $key => $button) {
         foreach ($button as $label => $val) {
             if (!in_array($label, $allowed_settings)) {
                 unset($button[$label]);
             }
         }
         $buttons[] = $button;
     }
     // return filtered array
     $filtered_values['buttons'] = $buttons;
     $value = $filtered_values;
     $buttons = array();
     for ($i = 0; $i < count($value['buttons']); $i++) {
         $b = $value['buttons'][$i];
         if (!empty($b['text']) && !empty($b['start'])) {
             //preg_replace( '~[^\p{L}]~u', '', $string );
             $b['text'] = sanitize_text_field($b['text']);
             $b['title'] = sanitize_text_field($b['title']);
             $b['start'] = wp_kses_stripslashes($b['start']);
             $b['end'] = wp_kses_stripslashes($b['end']);
             if (isset($b['access'])) {
                 $b['access'] = esc_html($b['access']);
             }
             if (isset($b['order'])) {
                 $b['order'] = intval($b['order']);
             }
             // visual settings
             if (isset($b['visual'])) {
                 $b['visual'] = intval($b['visual']);
             } else {
                 $b['visual'] = 0;
             }
             // post types
             foreach ($this->get_post_types_for_js() as $post_type) {
                 if (isset($b[$post_type])) {
                     $b[$post_type] = intval($b[$post_type]);
                 } else {
                     $b[$post_type] = 0;
                 }
             }
             $buttons[] = $b;
         }
     }
     $value['buttons'] = $buttons;
     // Check for wrong empty values and kill
     foreach ($value['buttons'] as $key => $b) {
         if (empty($b['text']) && empty($b['start'])) {
             unset($value['buttons'][$key]);
         }
     }
     // reorder the array
     $value['buttons'] = array_values($value['buttons']);
     // Filter core button values, strings and convert to integer
     if (!empty($core_buttons)) {
         /**
          * $key is core-string
          * 'core_buttons' =>
          * array (size=1)
          * 'strong' =>
          * array (size=2)
          * 'post' => string '1' (length=1)
          * 'page' => string '1' (length=1)
          */
         $filtered_core_buttons = array();
         foreach ($core_buttons as $key => $var) {
             $core_button = array();
             foreach ($var as $post_type => $val) {
                 $core_button[$post_type] = intval($val);
             }
             $filtered_core_buttons[$key] = $core_button;
         }
         $value['core_buttons'] = $filtered_core_buttons;
     }
     // Filter code button values, strings and convert to integer
     if (!empty($code_buttons)) {
         $filtered_code_buttons = array();
         foreach ($code_buttons as $key => $var) {
             $code_button = array();
             foreach ($var as $post_type => $val) {
                 $code_button[$post_type] = intval($val);
             }
             $filtered_code_buttons[$key] = $code_button;
         }
         $value['code_buttons'] = $filtered_code_buttons;
     }
     return $value;
 }