function safecss_init() { // Register safecss as a custom post_type register_post_type('safecss', array('supports' => array('revisions'))); // Short-circuit WP if this is a CSS stylesheet request if (isset($_GET['custom-css'])) { header('Content-Type: text/css', true, 200); header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT'); // 1 year $blog_id = $_GET['csblog']; if (is_int($blog_id)) { switch_to_blog($blog_id); $current_plugins = apply_filters('active_plugins', get_option('active_plugins')); } safecss_print(); exit; } // Do migration routine if necessary if (!empty($_GET['page']) && 'editcss' == $_GET['page'] && is_admin()) { migrate(); } add_action('wp_head', 'safecss_style', 101); if (!current_user_can('switch_themes') && !is_super_admin()) { return; } add_action('admin_menu', 'safecss_menu'); if (isset($_POST['safecss']) && false == strstr($_SERVER['REQUEST_URI'], 'options.php')) { check_admin_referer('safecss'); // Remove wp_filter_post_kses, this causes CSS escaping issues remove_filter('content_save_pre', 'wp_filter_post_kses'); remove_filter('content_filtered_save_pre', 'wp_filter_post_kses'); remove_all_filters('content_save_pre'); safecss_class(); $csstidy = new csstidy(); $csstidy->optimise = new safecss($csstidy); $csstidy->set_cfg('remove_bslash', false); $csstidy->set_cfg('compress_colors', false); $csstidy->set_cfg('compress_font-weight', false); $csstidy->set_cfg('discard_invalid_properties', true); $csstidy->set_cfg('merge_selectors', false); $css = $orig = stripslashes($_POST['safecss']); $css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $prev = $css); if ($css != $prev) { $warnings[] = 'preg_replace found stuff'; } // Some people put weird stuff in their CSS, KSES tends to be greedy $css = str_replace('<=', '<=', $css); // Why KSES instead of strip_tags? Who knows? $css = wp_kses_split($prev = $css, array(), array()); $css = str_replace('>', '>', $css); // kses replaces lone '>' with > // Why both KSES and strip_tags? Because we just added some '>'. $css = strip_tags($css); if ($css != $prev) { $warnings[] = 'kses found stuff'; } $csstidy->parse($css); $css = $csstidy->print->plain(); if (intval($_POST['custom_content_width']) > 0) { $custom_content_width = intval($_POST['custom_content_width']); } else { $custom_content_width = false; } if ($_POST['add_to_existing'] == 'true') { $add_to_existing = 'yes'; } else { $add_to_existing = 'no'; } if ('preview' == $_POST['action'] || safecss_is_freetrial()) { $is_preview = true; // Save the CSS save_revision($css, $is_preview); // Cache Buster update_option('safecss_preview_rev', intval(get_option('safecss_preview_rev')) + 1); update_option('safecss_preview_add', $add_to_existing); update_option('safecss_preview_content_width', $custom_content_width); wp_redirect(add_query_arg('csspreview', 'true', get_option('home'))); exit; } // Save the CSS save_revision($css); update_option('safecss_rev', intval(get_option('safecss_rev')) + 1); update_option('safecss_add', $add_to_existing); update_option('safecss_content_width', $custom_content_width); add_action('admin_notices', 'safecss_saved'); } // Modify all internal links so that preview state persists if (safecss_is_preview()) { ob_start('safecss_buffer'); } }
/** * Reset all aspects of Custom CSS on a theme switch so that changing * themes is a sure-fire way to get a clean start. */ function custom_css_reset() { $safecss_post_id = save_revision(''); $safecss_revision = get_current_revision(); update_option('safecss_rev', intval(get_option('safecss_rev')) + 1); update_post_meta($safecss_post_id, 'custom_css_add', 'yes'); update_post_meta($safecss_post_id, 'content_width', false); update_metadata('post', $safecss_revision['ID'], 'custom_css_add', 'yes'); update_metadata('post', $safecss_revision['ID'], 'content_width', false); }