function wfu_ajax_action_edit_shortcode()
{
if (!current_user_can('manage_options')) {
die;
}
if (!isset($_POST['upload_id']) || !isset($_POST['post_id']) || !isset($_POST['post_hash']) || !isset($_POST['shortcode_tag'])) {
die;
}
//sanitize parameters
$upload_id = sanitize_text_field($_POST['upload_id']);
$post_id = wfu_sanitize_int($_POST['post_id']);
$post_hash = wfu_sanitize_code($_POST['post_hash']);
$shortcode_tag = wfu_sanitize_tag($_POST['shortcode_tag']);
$data['post_id'] = $post_id;
$data['post_hash'] = $post_hash;
if (wfu_check_edit_shortcode($data)) {
$post = get_post($data['post_id']);
//get default value for uploadid
$defs = wfu_attribute_definitions();
$default = "";
foreach ($defs as $key => $def) {
if ($def['attribute'] == 'uploadid') {
$default = $def['value'];
break;
}
}
//get page shortcodes
$wfu_shortcodes = wfu_get_content_shortcodes($post, $shortcode_tag);
//find the shortcodes' uploadid and the correct one
$validkey = -1;
foreach ($wfu_shortcodes as $key => $data) {
$shortcode = trim(substr($data['shortcode'], strlen('[' . $shortcode_tag), -1));
$shortcode_attrs = wfu_shortcode_string_to_array($shortcode);
if (array_key_exists('uploadid', $shortcode_attrs)) {
$uploadid = $shortcode_attrs['uploadid'];
} else {
$uploadid = $default;
}
if ($uploadid == $upload_id) {
$validkey = $key;
break;
}
}
if ($validkey == -1) {
die;
}
$data_enc = wfu_safe_store_shortcode_data(wfu_encode_array_to_string($wfu_shortcodes[$validkey]));
$url = site_url() . '/wp-admin/options-general.php?page=wordpress_file_upload&tag=' . $shortcode_tag . '&action=edit_shortcode&data=' . $data_enc;
die("wfu_edit_shortcode:success:" . wfu_plugin_encode_string($url));
} else {
die("wfu_edit_shortcode:check_page_obsolete:" . WFU_ERROR_PAGE_OBSOLETE);
}
}
function wfu_update_option($option, $value)
{
global $wpdb;
$table_name1 = $wpdb->prefix . "options";
if (is_array($value)) {
$value = wfu_encode_array_to_string($value);
}
$wpdb->query($wpdb->prepare("INSERT INTO {$table_name1} (option_name, option_value) VALUES (%s, %s) ON DUPLICATE KEY UPDATE option_value = VALUES(option_value)", $option, $value));
}
function wfu_encode_plugin_options($plugin_options)
{
$encoded_options = 'version=' . $plugin_options['version'] . ';';
$encoded_options .= 'shortcode=' . wfu_plugin_encode_string($plugin_options['shortcode']) . ';';
$encoded_options .= 'hashfiles=' . $plugin_options['hashfiles'] . ';';
$encoded_options .= 'basedir=' . wfu_plugin_encode_string($plugin_options['basedir']) . ';';
$encoded_options .= 'postmethod=' . $plugin_options['postmethod'] . ';';
$encoded_options .= 'relaxcss=' . $plugin_options['relaxcss'] . ';';
$encoded_options .= 'captcha_sitekey=' . wfu_plugin_encode_string($plugin_options['captcha_sitekey']) . ';';
$encoded_options .= 'captcha_secretkey=' . wfu_plugin_encode_string($plugin_options['captcha_secretkey']) . ';';
$encoded_options .= 'browser_permissions=' . wfu_encode_array_to_string($plugin_options['browser_permissions']);
return $encoded_options;
}
function wfu_prepare_message_block_skeleton($sid, $styles, $test)
{
/* Prepare header styles for all upload states */
$header_styles["State0"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE0"));
$header_styles["State0"]['message'] = WFU_UPLOAD_STATE0;
$header_styles["State1"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE1"));
$header_styles["State1"]['message'] = WFU_UPLOAD_STATE1;
$header_styles["State2"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE2"));
$header_styles["State2"]['message'] = WFU_UPLOAD_STATE2;
$header_styles["State3"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE3"));
$header_styles["State3"]['message'] = WFU_UPLOAD_STATE3;
$header_styles["State4"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE4"));
$header_styles["State4"]['message'] = WFU_UPLOAD_STATE4;
$header_styles["State5"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE5"));
$header_styles["State5"]['message'] = WFU_UPLOAD_STATE5;
$header_styles["State5_singlefile"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE5"));
$header_styles["State5_singlefile"]['message'] = WFU_UPLOAD_STATE5_SINGLEFILE;
$header_styles["State6"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE6"));
$header_styles["State6"]['message'] = WFU_UPLOAD_STATE6;
$header_styles["State7"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE7"));
$header_styles["State7"]['message'] = WFU_UPLOAD_STATE7;
$header_styles["State7_singlefile"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE7"));
$header_styles["State7_singlefile"]['message'] = WFU_UPLOAD_STATE7_SINGLEFILE;
$header_styles["State8"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE8"));
$header_styles["State8"]['message'] = WFU_UPLOAD_STATE8;
$header_styles["State9"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE9"));
$header_styles["State9"]['message'] = WFU_UPLOAD_STATE9;
$header_styles["State10"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE10"));
$header_styles["State10"]['message'] = WFU_UPLOAD_STATE10;
$header_styles["State11"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE11"));
$header_styles["State11"]['message'] = WFU_UPLOAD_STATE11;
$header_styles["State12"] = wfu_prepare_message_colors(WFU_VAR("WFU_HEADERMESSAGECOLORS_STATE12"));
$header_styles["State12"]['message'] = WFU_UPLOAD_STATE12;
$ExposedStateIndex = array("0", "1", "2", "3", "4", "5", "5_singlefile", "6", "7", "7_singlefile", "8", "11", "12");
/* set general variables */
$messageblock_main = 'wfu_messageblock_' . $sid;
$messageblock_header = 'wfu_messageblock_header_' . $sid;
$messageblock_arrow = 'wfu_messageblock_arrow_' . $sid;
$messageblock_subheader = 'wfu_messageblock_subheader_' . $sid;
$dlp = "\n\t\t\t\t\t\t\t";
/* Prepare header HTML template
Variables:
[header_safe]: suffix having the value "_safe" in case of State10 upload state, or empty otherwise,
[header_color]: text color of header,
[header_bgcolor]: background color of header,
[header_borcolor]: border color of header,
[header_message]: text shown in header */
$i = 1;
$messageblock_headers[$i++] = "\t\t\t" . '<div id="' . $messageblock_header . '[header_safe]" class="file_messageblock_header" style="color:[header_color]; background-color:[header_bgcolor]; border:1px solid [header_borcolor];">';
$messageblock_headers[$i++] = "\t\t\t\t" . '<label id="' . $messageblock_header . '_label[header_safe]" class="file_messageblock_header_label">[header_message]</label>';
$messageblock_headers[$i++] = "\t\t\t" . '</div>';
/* Prepare the file block HTML template
Variables:
[file_id]: replaced by the id of the file (1, 2, ...),
[filenumber_display]: display:none if single file upload, otherwise empty,
[fileheader_color], [fileheader_bgcolor], [fileheader_borcolor], [fileheader_message]: replaced by the returned values,
[filesubheadermessage_display]: display:none if there is no message, otherwise empty,
[filesubheader_message]: replaced by the returned value,
[filesubheaderadminmessage_display]: display:none if there is no admin message, otherwise empty,
[filesubheader_adminmessage]: replaced by the returned value */
/* Prepare the files header block HTML template */
$i = 1;
$file_count = $test ? 2 : 1;
for ($ii = 1; $ii <= $file_count; $ii++) {
if ($test) {
$file_props = wfu_prepare_message_colors(WFU_VAR("WFU_TESTMESSAGECOLORS"));
$file_id = $ii;
$filenumber_display = "";
$fileheader_color = $file_props['color'];
$fileheader_bgcolor = $file_props['bgcolor'];
$fileheader_borcolor = $file_props['borcolor'];
$fileheader_message = constant('WFU_TESTMESSAGE_FILE' . $ii . '_HEADER');
$filesubheadermessage_display = "";
$filesubheader_message = constant('WFU_TESTMESSAGE_FILE' . $ii . '_MESSAGE');
$filesubheaderadminmessage_display = "";
$filesubheader_adminmessage = constant('WFU_TESTMESSAGE_FILE' . $ii . '_ADMINMESSAGE');
} else {
$file_id = '[file_id]';
$filenumber_display = '[filenumber_display]';
$fileheader_color = '[fileheader_color]';
$fileheader_bgcolor = '[fileheader_bgcolor]';
$fileheader_borcolor = '[fileheader_borcolor]';
$fileheader_message = '[fileheader_message]';
$filesubheadermessage_display = '[filesubheadermessage_display]';
$filesubheader_message = '[filesubheader_message]';
$filesubheaderadminmessage_display = '[filesubheaderadminmessage_display]';
$filesubheader_adminmessage = '[filesubheader_adminmessage]';
}
$messageblock_file[$i++] = "\t" . '<tr id="' . $messageblock_main . '_' . $file_id . '" class="file_messageblock_fileheader_tr" style="display:none;">';
$messageblock_file[$i++] = "\t\t" . '<td id="' . $messageblock_main . '_filenumber_' . $file_id . '" class="file_messageblock_filenumber_td"' . $filenumber_display . '>' . $file_id . '</td>';
$messageblock_file[$i++] = "\t\t" . '<td id="' . $messageblock_header . '_container_' . $file_id . '" class="file_messageblock_fileheader_td">';
$messageblock_file[$i++] = "\t\t\t" . '<div id="' . $messageblock_header . '_' . $file_id . '" class="file_messageblock_fileheader" style="color:' . $fileheader_color . '; background-color:' . $fileheader_bgcolor . '; border:1px solid ' . $fileheader_borcolor . ';">';
$messageblock_file[$i++] = "\t\t\t\t" . '<label id="' . $messageblock_header . '_label_' . $file_id . '" class="file_messageblock_fileheader_label">' . $fileheader_message . '</label>';
/* The following hidden input holds state of arrow (open or close) */
$messageblock_file[$i++] = "\t\t\t\t" . '<input id="' . $messageblock_header . '_state_' . $file_id . '" type="hidden" value="none" />';
$messageblock_file[$i++] = "\t\t\t" . '</div>';
$messageblock_file[$i++] = "\t\t" . '</td>';
/* Add a drop down arrow to the file header (file has always details to be shown) */
$messageblock_file[$i++] = "\t\t" . '<td id="' . $messageblock_arrow . '_' . $file_id . '" class="file_messageblock_filearrow_td" onclick="wfu_filedetails_toggle(' . $sid . ', ' . $file_id . ');">';
$messageblock_file[$i++] = "\t\t\t" . '<div id="' . $messageblock_arrow . '_up_' . $file_id . '" class="file_messageblock_file_arrow_up" style="display:none;"></div>';
$messageblock_file[$i++] = "\t\t\t" . '<div id="' . $messageblock_arrow . '_down_' . $file_id . '" class="file_messageblock_file_arrow_down"></div>';
$messageblock_file[$i++] = "\t\t" . '</td>';
$messageblock_file[$i++] = "\t" . '</tr>';
/* Prepare the files subheader block HTML template */
$messageblock_file[$i++] = "\t" . '<tr id="' . $messageblock_subheader . '_' . $file_id . '" class="file_messageblock_filesubheader_tr" style="display:none;">';
$messageblock_file[$i++] = "\t\t" . '<td id="' . $messageblock_subheader . '_fileempty_' . $file_id . '" class="file_messageblock_filesubheaderempty_td"' . $filenumber_display . '></td>';
$messageblock_file[$i++] = "\t\t" . '<td colspan="2" id="' . $messageblock_subheader . '_container_' . $file_id . '" class="file_messageblock_filesubheader_td">';
$messageblock_file[$i++] = "\t\t\t" . '<div id="' . $messageblock_subheader . '_message_' . $file_id . '" class="file_messageblock_filesubheader_message"' . $filesubheadermessage_display . '>';
$messageblock_file[$i++] = "\t\t\t\t" . '<label id="' . $messageblock_subheader . '_messagelabel_' . $file_id . '" class="file_messageblock_filesubheader_messagelabel">' . $filesubheader_message . '</label>';
$messageblock_file[$i++] = "\t\t\t" . '</div>';
$messageblock_file[$i++] = "\t\t\t" . '<div id="' . $messageblock_subheader . '_adminmessage_' . $file_id . '" class="file_messageblock_filesubheader_adminmessage"' . $filesubheaderadminmessage_display . '>';
$messageblock_file[$i++] = "\t\t\t\t" . '<label id="' . $messageblock_subheader . '_adminmessagelabel_' . $file_id . '" class="file_messageblock_filesubheader_adminmessagelabel">' . $filesubheader_adminmessage . '</label>';
$messageblock_file[$i++] = "\t\t\t" . '</div>';
$messageblock_file[$i++] = "\t\t" . '</td>';
$messageblock_file[$i++] = "\t" . '</tr>';
}
/* Construct the main header block HTML text
/* Construct the header block HTML text */
$i = 1;
$messageblock["msgblock"]["line" . $i++] = '<table id="' . $messageblock_main . '" class="file_messageblock_table"' . $styles . '><tbody>';
$messageblock["msgblock"]["line" . $i++] = "\t" . '<tr id="' . $messageblock_header . '" class="file_messageblock_header_tr"' . ($test ? '' : ' style="display:none;"') . '>';
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '<td colspan="2" id="' . $messageblock_header . '_container" class="file_messageblock_header_td">';
/* Inside this td element the appropriate upload state HTML block is going to be inserted using Javascript
If the plugin is in test mode, then State9 HTML block is inserted now */
if ($test) {
foreach ($messageblock_headers as $messageblock_header_part) {
$messageblock["msgblock"]["line" . $i++] = strtr($messageblock_header_part, array("[header_safe]" => "", "[header_color]" => $header_styles["State9"]["color"], "[header_bgcolor]" => $header_styles["State9"]["bgcolor"], "[header_borcolor]" => $header_styles["State9"]["borcolor"], "[header_message]" => $header_styles["State9"]["message"]));
}
}
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '</td>';
/* Add a drop down arrow to the header */
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '<td id="' . $messageblock_arrow . '" class="file_messageblock_arrow_td"' . ($test ? '' : ' style="display:none;"') . ' onclick="wfu_headerdetails_toggle(' . $sid . ');">';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '<input id="' . $messageblock_header . '_state" type="hidden" value="none" />';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '<div id="' . $messageblock_arrow . '_up" class="file_messageblock_header_arrow_up" style="display:none;"></div>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '<div id="' . $messageblock_arrow . '_down" class="file_messageblock_header_arrow_down"></div>';
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '</td>';
$messageblock["msgblock"]["line" . $i++] = "\t" . '</tr>';
/* Construct the subheader block HTML text if exists */
$messageblock["msgblock"]["line" . $i++] = "\t" . '<tr id="' . $messageblock_subheader . '" class="file_messageblock_subheader_tr" style="display:none;">';
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '<td colspan="3" id="' . $messageblock_subheader . '_td" class="file_messageblock_subheader_td">';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '<div id="' . $messageblock_subheader . '_message" class="file_messageblock_subheader_message"' . ($test ? '' : ' style="display:none;"') . '>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t\t" . '<label id="' . $messageblock_subheader . '_messagelabel" class="file_messageblock_subheader_messagelabel">' . ($test ? WFU_TESTMESSAGE_MESSAGE : '') . '</label>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '</div>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '<div id="' . $messageblock_subheader . '_adminmessage" class="file_messageblock_subheader_adminmessage"' . ($test ? '' : ' style="display:none;"') . '>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t\t" . '<label id="' . $messageblock_subheader . '_adminmessagelabel" class="file_messageblock_subheader_adminmessagelabel">' . ($test ? WFU_TESTMESSAGE_ADMINMESSAGE : '') . '</label>';
$messageblock["msgblock"]["line" . $i++] = "\t\t\t" . '</div>';
$messageblock["msgblock"]["line" . $i++] = "\t\t" . '</td>';
$messageblock["msgblock"]["line" . $i++] = "\t" . '</tr>';
/* After the above tr the file blocks are appended by Javascript dynamically as additional tr elements
If the plugin is in test mode, then two test file blocks are appended now */
if ($test) {
foreach ($messageblock_file as $messageblock_file_part) {
$messageblock["msgblock"]["line" . $i++] = $messageblock_file_part;
}
}
$messageblock["msgblock"]["line" . $i++] = '</tbody></table>';
/* Construct a div element that will hold the State10 header and use it in case JSON parse fails and upload results cannot be decoded */
$messageblock["msgblock"]["line" . $i++] = '<div id="' . $messageblock_header . '_safecontainer" style="display:none;">';
foreach ($messageblock_headers as $messageblock_header_part) {
$messageblock["msgblock"]["line" . $i++] = strtr($messageblock_header_part, array("[header_safe]" => "_safe", "[header_color]" => $header_styles["State10"]["color"], "[header_bgcolor]" => $header_styles["State10"]["bgcolor"], "[header_borcolor]" => $header_styles["State10"]["borcolor"], "[header_message]" => $header_styles["State10"]["message"]));
}
$messageblock["msgblock"]["line" . $i++] = '</div>';
/* Construct header HTML text for all upload states and save it to hidden input, to be used later on by Javascript to adjust the upload state dynamically */
$messageblock_header_template = "";
foreach ($messageblock_headers as $messageblock_header_part) {
$messageblock_header_template .= $dlp . $messageblock_header_part;
}
foreach ($ExposedStateIndex as $ii) {
$messageblock["header"]["State" . $ii] = strtr($messageblock_header_template, array("[header_safe]" => "", "[header_color]" => $header_styles["State" . $ii]["color"], "[header_bgcolor]" => $header_styles["State" . $ii]["bgcolor"], "[header_borcolor]" => $header_styles["State" . $ii]["borcolor"], "[header_message]" => $header_styles["State" . $ii]["message"]));
}
$messageblock_header_str = wfu_encode_array_to_string($messageblock["header"]);
$messageblock["msgblock"]["line" . $i++] = '<input id="' . $messageblock_header . '_states" type="hidden" value="' . $messageblock_header_str . '" />';
/* Construct file HTML block template and save it to hidden div to be used later on by Javascript to add file results to the upload message dynamically */
$messageblock_file_str = "";
foreach ($messageblock_file as $messageblock_file_part) {
$messageblock_file_str .= $dlp . $messageblock_file_part;
}
$messageblock_file_str = wfu_plugin_encode_string($messageblock_file_str);
$messageblock["msgblock"]["line" . $i++] = '<input id="' . $messageblock_main . '_filetemplate" type="hidden" value="' . $messageblock_file_str . '" />';
$messageblock["msgblock"]["line" . $i++] = '<div id="' . $messageblock_main . '_door" style="display:none;"></div>';
return $messageblock;
}
function wfu_manage_instances_of_shortcode($tag, $title, $slug, $inc)
{
global $wp_registered_widgets, $wp_registered_sidebars;
$siteurl = site_url();
$args = array('post_type' => array("post", "page"), 'post_status' => "publish,private,draft", 'posts_per_page' => -1);
$posts = get_posts($args);
$wfu_shortcodes = array();
//get shortcode instances from page/posts
foreach ($posts as $post) {
$ret = wfu_get_content_shortcodes($post, $tag);
if ($ret !== false) {
$wfu_shortcodes = array_merge($wfu_shortcodes, $ret);
}
}
//get shortcode instances from sidebars
$data = array();
$widget_base = $tag . '_widget';
if (is_array($wp_registered_widgets)) {
foreach ($wp_registered_widgets as $id => $widget) {
if (substr($id, 0, strlen($widget_base)) == $widget_base) {
$widget_obj = isset($widget['callback']) ? isset($widget['callback'][0]) ? $widget['callback'][0] instanceof WP_Widget ? $widget['callback'][0] : false : false : false;
$widget_sidebar = is_active_widget(false, $id, $widget_base);
if ($widget_obj !== false && $widget_sidebar !== false) {
if (isset($wp_registered_sidebars[$widget_sidebar]) && isset($wp_registered_sidebars[$widget_sidebar]['name'])) {
$widget_sidebar = $wp_registered_sidebars[$widget_sidebar]['name'];
}
$data['post_id'] = "";
$data['post_hash'] = "";
$data['shortcode'] = $widget_obj->shortcode();
$data['position'] = 0;
$data['widgetid'] = $id;
$data['sidebar'] = $widget_sidebar;
array_push($wfu_shortcodes, $data);
}
}
}
}
$list = wfu_construct_post_list($posts);
$pagelist = wfu_flatten_post_list($list["page"]);
$postlist = wfu_flatten_post_list($list["post"]);
$echo_str = "\n\t\t" . '<h3 style="margin-bottom: 10px; margin-top: 40px;">' . $title . '</h3>';
$onchange_js = 'document.getElementById(\'wfu_add_plugin_ok_' . $inc . '\').disabled = !((document.getElementById(\'wfu_page_type_' . $inc . '\').value == \'page\' && document.getElementById(\'wfu_page_list_' . $inc . '\').value != \'\') || (document.getElementById(\'wfu_page_type_' . $inc . '\').value == \'post\' && document.getElementById(\'wfu_post_list_' . $inc . '\').value != \'\'));';
$no_shortcodes = count($wfu_shortcodes) == 0;
$echo_str .= "\n\t\t" . '<div id="wfu_add_plugin_button_' . $inc . '" style="' . (!$no_shortcodes ? '' : 'color:blue; font-weight:bold; font-size:larger;') . 'margin-bottom: 20px; margin-top: 10px;">';
$addbutton_pre = !$no_shortcodes ? '' : '<label>Press </label>';
$addbutton_post = !$no_shortcodes ? '' : '<label> to get started and add the ' . $slug . ' in a page</label>';
$echo_str .= "\n\t\t\t" . $addbutton_pre . '<button onclick="document.getElementById(\'wfu_add_plugin_button_' . $inc . '\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_' . $inc . '\').style.display = \'inline-block\'; ' . $onchange_js . '">' . (!$no_shortcodes ? 'Add Plugin Instance' : 'here') . '</button>' . $addbutton_post;
$echo_str .= "\n\t\t" . '</div>';
$echo_str .= "\n\t\t" . '<div id="wfu_add_plugin_' . $inc . '" style="margin-bottom: 20px; margin-top: 10px; position:relative; display:none;">';
$echo_str .= "\n\t\t\t" . '<div id="wfu_add_plugin_' . $inc . '_overlay" style="position:absolute; top:0; left:0; width:100%; height:100%; background-color:rgba(255,255,255,0.8); border:none; display:none;">';
$echo_str .= "\n\t\t\t\t" . '<table style="background:none; border:none; margin:0; padding:0; line-height:1; border-spacing:0; width:100%; height:100%; table-layout:fixed;"><tbody><tr><td style="text-align:center; vertical-align:middle;"><div style="display:inline-block;"><span class="spinner" style="opacity:1; float:left; margin:0; display:inline;"></span><label style="margin-left:4px;">please wait...</label></div></td></tr></tbody></table>';
$echo_str .= "\n\t\t\t" . '</div>';
$echo_str .= "\n\t\t\t" . '<label>Add ' . $slug . ' to </label><select id="wfu_page_type_' . $inc . '" onchange="document.getElementById(\'wfu_page_list_' . $inc . '\').style.display = (this.value == \'page\' ? \'inline-block\' : \'none\'); document.getElementById(\'wfu_post_list_' . $inc . '\').style.display = (this.value == \'post\' ? \'inline-block\' : \'none\'); ' . $onchange_js . '"><option value="page" selected="selected">Page</option><option value="post">Post</option></select>';
$echo_str .= "\n\t\t\t" . '<select id="wfu_page_list_' . $inc . '" style="margin-bottom:6px;" onchange="' . $onchange_js . '">';
$echo_str .= "\n\t\t\t\t" . '<option value=""></option>';
foreach ($pagelist as $item) {
$echo_str .= "\n\t\t\t\t" . '<option value="' . $item['id'] . '">' . str_repeat(' ', 4 * $item['level']) . ($item['status'] == 1 ? '[Private]' : ($item['status'] == 2 ? '[Draft]' : '')) . $item['title'] . '</option>';
}
$echo_str .= "\n\t\t\t" . '</select>';
$echo_str .= "\n\t\t\t" . '<select id="wfu_post_list_' . $inc . '" style="display:none; margin-bottom:6px;" onchange="' . $onchange_js . '">';
$echo_str .= "\n\t\t\t\t" . '<option value=""></option>';
foreach ($postlist as $item) {
$echo_str .= "\n\t\t\t\t" . '<option value="' . $item['id'] . '">' . str_repeat(' ', 4 * $item['level']) . ($item['status'] == 1 ? '[Private]' : ($item['status'] == 2 ? '[Draft]' : '')) . $item['title'] . '</option>';
}
$echo_str .= "\n\t\t\t" . '</select><br />';
$add_shortcode_ticket = wfu_create_random_string(16);
$_SESSION['wfu_add_shortcode_ticket_for_' . $tag] = $add_shortcode_ticket;
$echo_str .= "\n\t\t" . '<button id="wfu_add_plugin_ok_' . $inc . '" style="float:right; margin: 0 2px 0 4px;" disabled="disabled" onclick="document.getElementById(\'wfu_add_plugin_' . $inc . '_overlay\').style.display = \'block\'; window.location = \'' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload&action=add_shortcode&tag=' . $tag . '&postid=\' + (document.getElementById(\'wfu_page_type_' . $inc . '\').value == \'page\' ? document.getElementById(\'wfu_page_list_' . $inc . '\').value : document.getElementById(\'wfu_post_list_' . $inc . '\').value) + \'&nonce=' . $add_shortcode_ticket . '\';">Ok</button>';
$echo_str .= "\n\t\t" . '<button style="float:right;" onclick="document.getElementById(\'wfu_page_type_' . $inc . '\').value = \'page\'; document.getElementById(\'wfu_page_list_' . $inc . '\').value = \'\'; document.getElementById(\'wfu_post_list_' . $inc . '\').value = \'\'; document.getElementById(\'wfu_add_plugin_' . $inc . '\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_button_' . $inc . '\').style.display = \'inline-block\';">Cancel</button>';
$echo_str .= "\n\t\t" . '</div>';
$echo_str .= "\n\t\t" . '<table class="wp-list-table widefat fixed striped">';
$echo_str .= "\n\t\t\t" . '<thead>';
$echo_str .= "\n\t\t\t\t" . '<tr>';
$echo_str .= "\n\t\t\t\t\t" . '<th scope="col" width="5%" style="text-align:center;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<label>#</label>';
$echo_str .= "\n\t\t\t\t\t" . '</th>';
// $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="10%" style="text-align:center;">';
// $echo_str .= "\n\t\t\t\t\t\t".'<label>ID</label>';
// $echo_str .= "\n\t\t\t\t\t".'</th>';
$echo_str .= "\n\t\t\t\t\t" . '<th scope="col" width="10%" style="text-align:center;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<label>Type</label>';
$echo_str .= "\n\t\t\t\t\t" . '</th>';
$echo_str .= "\n\t\t\t\t\t" . '<th scope="col" width="30%" style="text-align:center;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<label>Title</label>';
$echo_str .= "\n\t\t\t\t\t" . '</th>';
$echo_str .= "\n\t\t\t\t\t" . '<th scope="col" width="45%" style="text-align:center;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<label>Shortcode</label>';
$echo_str .= "\n\t\t\t\t\t" . '</th>';
$echo_str .= "\n\t\t\t\t" . '</tr>';
$echo_str .= "\n\t\t\t" . '</thead>';
$echo_str .= "\n\t\t\t" . '<tbody>';
$i = 1;
foreach ($wfu_shortcodes as $key => $data) {
$widget_id = isset($data['widgetid']) ? $data['widgetid'] : '';
if ($widget_id == "") {
$id = $data['post_id'];
$posttype_obj = get_post_type_object(get_post_type($id));
$type = $posttype_obj ? $posttype_obj->labels->singular_name : "";
$title = get_the_title($id);
if (trim($title) == "") {
$title = 'ID: ' . $id;
}
} else {
$type = 'Sidebar';
$title = $data['sidebar'];
}
$data_enc = wfu_safe_store_shortcode_data(wfu_encode_array_to_string($data));
$echo_str .= "\n\t\t\t\t" . '<tr onmouseover="var actions=document.getElementsByName(\'wfu_shortcode_actions_' . $inc . '\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';} document.getElementById(\'wfu_shortcode_actions_' . $inc . '_' . $i . '\').style.visibility=\'visible\'" onmouseout="var actions=document.getElementsByName(\'wfu_shortcode_actions_' . $inc . '\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';}">';
$echo_str .= "\n\t\t\t\t\t" . '<td style="padding: 5px 5px 5px 10px; text-align:center;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<a class="row-title" href="' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag=' . $tag . '&data=' . $data_enc . '" title="Instance #' . $i . '">Instance ' . $i . '</a>';
$echo_str .= "\n\t\t\t\t\t\t" . '<div id="wfu_shortcode_actions_' . $inc . '_' . $i . '" name="wfu_shortcode_actions_' . $inc . '" style="visibility:hidden;">';
$echo_str .= "\n\t\t\t\t\t\t\t" . '<span>';
$echo_str .= "\n\t\t\t\t\t\t\t\t" . '<a href="' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag=' . $tag . '&data=' . $data_enc . '" title="Edit this shortcode">Edit</a>';
$echo_str .= "\n\t\t\t\t\t\t\t\t" . ' | ';
$echo_str .= "\n\t\t\t\t\t\t\t" . '</span>';
$echo_str .= "\n\t\t\t\t\t\t\t" . '<span>';
$echo_str .= "\n\t\t\t\t\t\t\t\t" . '<a href="' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload&action=delete_shortcode&data=' . $data_enc . '" title="Delete this shortcode">Delete</a>';
$echo_str .= "\n\t\t\t\t\t\t\t" . '</span>';
$echo_str .= "\n\t\t\t\t\t\t" . '</div>';
$echo_str .= "\n\t\t\t\t\t" . '</td>';
// $echo_str .= "\n\t\t\t\t\t".'<td style="padding: 5px 5px 5px 10px; text-align:center;">'.$id.'</td>';
$echo_str .= "\n\t\t\t\t\t" . '<td style="padding: 5px 5px 5px 10px; text-align:center;">' . $type . '</td>';
$echo_str .= "\n\t\t\t\t\t" . '<td style="padding: 5px 5px 5px 10px; text-align:center;">' . $title . '</td>';
$echo_str .= "\n\t\t\t\t\t" . '<td style="padding: 5px 5px 5px 10px; text-align:left;">';
$echo_str .= "\n\t\t\t\t\t\t" . '<textarea rows="3" disabled="disabled" style="width:100%;">' . trim($data['shortcode']) . '</textarea>';
$echo_str .= "\n\t\t\t\t\t" . '</td>';
$echo_str .= "\n\t\t\t\t" . '</tr>';
$i++;
}
$echo_str .= "\n\t\t\t" . '</tbody>';
$echo_str .= "\n\t\t" . '</table>';
return $echo_str;
}
function wordpress_file_upload_function($incomingfromhandler)
{
global $post;
global $blog_id;
$shortcode_tag = 'wordpress_file_upload';
$params = wfu_plugin_parse_array($incomingfromhandler);
$sid = $params["uploadid"];
$widgetid = $params["widgetid"];
// store current page and blog id in params array
$params["pageid"] = $post->ID;
$params["blogid"] = $blog_id;
if (!isset($_SESSION['wfu_token_' . $sid]) || $_SESSION['wfu_token_' . $sid] == "") {
$_SESSION['wfu_token_' . $sid] = uniqid(mt_rand(), TRUE);
}
//store the server environment (32 or 64bit) for use when checking file size limits
$params["php_env"] = wfu_get_server_environment();
$user = wp_get_current_user();
$widths = wfu_decode_dimensions($params["widths"]);
$heights = wfu_decode_dimensions($params["heights"]);
//additional parameters to pass to visualization routines
$additional_params = array();
$additional_params['widths'] = $widths;
$additional_params['heights'] = $heights;
$uploadedfile = 'uploadedfile_' . $sid;
$hiddeninput = 'hiddeninput_' . $sid;
$adminerrorcodes = 'adminerrorcodes_' . $sid;
$upload_clickaction = 'wfu_redirect_to_classic(' . $sid . ', \'' . $_SESSION['wfu_token_' . $sid] . '\' , 0, 0);';
//check if user is allowed to view plugin, otherwise do not generate it
$uploadroles = explode(",", $params["uploadrole"]);
foreach ($uploadroles as &$uploadrole) {
$uploadrole = trim($uploadrole);
}
$plugin_upload_user_role = wfu_get_user_role($user, $uploadroles);
if ($plugin_upload_user_role == 'nomatch') {
return;
}
//activate debug mode only for admins
if ($plugin_upload_user_role != 'administrator') {
$params["debugmode"] = "false";
}
$params["adminmessages"] = $params["adminmessages"] == "true" && $plugin_upload_user_role == 'administrator';
// define variable to hold any additional admin errors coming before processing of files (e.g. due to redirection)
$params["adminerrors"] = "";
/* Define dynamic upload path from variables */
$search = array('/%userid%/', '/%username%/', '/%blogid%/', '/%pageid%/', '/%pagetitle%/');
if (is_user_logged_in()) {
$username = $user->user_login;
} else {
$username = "******";
}
$replace = array($user->ID, $username, $blog_id, $post->ID, get_the_title($post->ID));
$params["uploadpath"] = preg_replace($search, $replace, $params["uploadpath"]);
/* Determine if userdata fields have been defined */
$userdata_fields = array();
$userdata_occurrencies = substr_count($params["placements"], "userdata");
if ($userdata_occurrencies == 0) {
$userdata_occurrencies = 1;
}
if ($params["userdata"] == "true") {
for ($i = 1; $i <= $userdata_occurrencies; $i++) {
$userdata_fields2 = wfu_parse_userdata_attribute($params["userdatalabel" . ($i > 1 ? $i : "")]);
foreach ($userdata_fields2 as $key => $item) {
$userdata_fields2[$key]["occurrence"] = $i;
}
$userdata_fields = array_merge($userdata_fields, $userdata_fields2);
}
}
$params["userdata_fields"] = $userdata_fields;
/* If medialink or postlink is activated, then subfolders are deactivated */
if ($params["medialink"] == "true" || $params["postlink"] == "true") {
$params["askforsubfolders"] = "false";
}
/* Generate the array of subfolder paths */
$params['subfoldersarray'] = wfu_get_subfolders_paths($params);
//____________________________________________________________________________________________________________________________________________________________________________________
if ($params['forceclassic'] != "true") {
//**************section to put additional options inside params array**************
$params['subdir_selection_index'] = "-1";
//**************end of section of additional options inside params array**************
// below this line no other changes to params array are allowed
//**************section to save params as Wordpress options**************
// every params array is indexed (uniquely identified) by three fields:
// - the page that contains the shortcode
// - the id of the shortcode instance (because there may be more than one instances of the shortcode inside a page)
// - the user that views the plugin (because some items of the params array are affected by the user name)
// the wordpress option "wfu_params_index" holds an array of combinations of these three fields, together with a randomly generated string that corresponds to these fields.
// the wordpress option "wfu_params_xxx", where xxx is the randomly generated string, holds the params array (encoded to string) that corresponds to this string.
// the structure of the "wfu_params_index" option is as follows: "a1||b1||c1||d1&&a2||b2||c2||d2&&...", where
// - a is the randomly generated string (16 characters)
// - b is the page id
// - c is the shortcode id
// - d is the user name
$params_index = wfu_generate_current_params_index($sid, $user->user_login);
$params_str = wfu_encode_array_to_string($params);
update_option('wfu_params_' . $params_index, $params_str);
$ajax_params['shortcode_id'] = $sid;
$ajax_params['params_index'] = $params_index;
$ajax_params['debugmode'] = $params["debugmode"];
$ajax_params['is_admin'] = $plugin_upload_user_role == 'administrator' ? "true" : "false";
$ajax_params["error_header"] = $params["errormessage"];
$ajax_params["fail_colors"] = $params["failmessagecolors"];
$ajax_params_str = wfu_encode_array_to_string($ajax_params);
$upload_clickaction = 'wfu_HTML5UploadFile(' . $sid . ', \'' . $ajax_params_str . '\', \'' . $_SESSION['wfu_token_' . $sid] . '\')';
}
$upload_onclick = ' onclick="' . $upload_clickaction . '"';
$additional_params['clickaction'] = $upload_clickaction;
/* Compose the html code for the plugin */
$wordpress_file_upload_output = "";
$plugin_style = "";
if ($widths["plugin"] != "") {
$plugin_style .= 'width: ' . $widths["plugin"] . '; ';
}
if ($heights["plugin"] != "") {
$plugin_style .= 'height: ' . $heights["plugin"] . '; ';
}
if ($plugin_style != "") {
$plugin_style = ' style="' . $plugin_style . '"';
}
$wordpress_file_upload_output .= '<div id="' . $shortcode_tag . '_block_' . $sid . '" class="file_div_clean' . ($params["fitmode"] == "responsive" ? '_responsive_container' : '') . ' wfu_container"' . $plugin_style . '>';
$wordpress_file_upload_output .= "\n\t" . '<input type="hidden" id="' . $shortcode_tag . '_' . $sid . '_widgetid" value="' . $widgetid . '" />';
//add visual editor overlay if the current user is administrator
if (current_user_can('manage_options')) {
$wordpress_file_upload_output .= wfu_add_visual_editor_button($shortcode_tag, $sid);
}
//read indexed component definitions
$components = wfu_component_definitions();
$components_indexed = array();
foreach ($components as $component) {
$components_indexed[$component['id']] = $component;
$components_indexed[$component['id']]['occurrencies'] = 0;
}
$itemplaces = explode("/", $params["placements"]);
foreach ($itemplaces as $section) {
$items_in_section = explode("+", trim($section));
$section_array = array($params["fitmode"]);
foreach ($items_in_section as $item_in_section) {
$item_in_section = strtolower(trim($item_in_section));
if (isset($components_indexed[$item_in_section]) && ($components_indexed[$item_in_section]['multiplacements'] || $components_indexed[$item_in_section]['occurrencies'] == 0)) {
$components_indexed[$item_in_section]['occurrencies']++;
$occurrence_index = $components_indexed[$item_in_section]['multiplacements'] ? $components_indexed[$item_in_section]['occurrencies'] : 0;
if ($item_in_section == "title") {
array_push($section_array, wfu_prepare_title_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "filename") {
array_push($section_array, wfu_prepare_textbox_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "selectbutton") {
array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "uploadbutton" && $params["singlebutton"] != "true") {
array_push($section_array, wfu_prepare_submit_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "subfolders") {
array_push($section_array, wfu_prepare_subfolders_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "progressbar") {
array_push($section_array, wfu_prepare_progressbar_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "message") {
array_push($section_array, wfu_prepare_message_block($params, $additional_params, $occurrence_index));
} elseif ($item_in_section == "userdata" && $params["userdata"] == "true") {
array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, $occurrence_index));
}
}
}
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
/* Append mandatory blocks, if have not been included in placements attribute */
if ($params["userdata"] == "true" && strpos($params["placements"], "userdata") === false) {
$section_array = array($params["fitmode"]);
array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, 0));
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
if (strpos($params["placements"], "selectbutton") === false) {
$section_array = array($params["fitmode"]);
array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, 0));
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
/* Pass constants to javascript and run plugin post-load actions */
$consts = wfu_set_javascript_constants();
$handler = 'function() { wfu_Initialize_Consts("' . $consts . '"); wfu_plugin_load_action(' . $sid . '); }';
$wordpress_file_upload_output .= "\n\t" . '<script type="text/javascript">if(window.addEventListener) { window.addEventListener("load", ' . $handler . ', false); } else if(window.attachEvent) { window.attachEvent("onload", ' . $handler . '); } else { window["onload"] = ' . $handler . '; }</script>';
$wordpress_file_upload_output .= '</div>';
// $wordpress_file_upload_output .= '<div>';
// $wordpress_file_upload_output .= wfu_test_admin();
// $wordpress_file_upload_output .= '</div>';
// The plugin uses sessions in order to detect if the page was loaded due to file upload or
// because the user pressed the Refresh button (or F5) of the page.
// In the second case we do not want to perform any file upload, so we abort the rest of the script.
if (!isset($_SESSION['wfu_check_refresh_' . $sid]) || $_SESSION['wfu_check_refresh_' . $sid] != "form button pressed") {
$_SESSION['wfu_check_refresh_' . $sid] = 'do not process';
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
$_SESSION['wfu_check_refresh_' . $sid] = 'do not process';
$params["upload_start_time"] = $_SESSION['wfu_start_time_' . $sid];
// The plugin uses two ways to upload the file:
// - The first one uses classic functionality of an HTML form (highest compatibility with browsers but few capabilities).
// - The second uses ajax (HTML5) functionality (medium compatibility with browsers but many capabilities, like no page refresh and progress bar).
// The plugin loads using ajax functionality by default, however if it detects that ajax functionality is not supported, it will automatically switch to classic functionality.
// The next line checks to see if the form was submitted using ajax or classic functionality.
// If the uploaded file variable stored in $_FILES ends with "_redirected", then it means that ajax functionality is not supported and the plugin must switch to classic functionality.
if (isset($_FILES[$uploadedfile . '_redirected'])) {
$params['forceclassic'] = "true";
}
if ($params['forceclassic'] != "true") {
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
// The following code is executed in case of non-ajax uploads to process the files.
// Consecutive checks are performed in order to verify and approve the upload of files
$wfu_checkpass = true;
// First we test that WP nonce passes the check
$wfu_checkpass = $wfu_checkpass && isset($_REQUEST["wfu_uploader_nonce"]) && wp_verify_nonce($_REQUEST["wfu_uploader_nonce"], "wfu-uploader-nonce") !== false;
$unique_id = isset($_POST['uniqueuploadid_' . $sid]) ? sanitize_text_field($_POST['uniqueuploadid_' . $sid]) : "";
// Check that upload_id is valid
$wfu_checkpass = $wfu_checkpass && strlen($unique_id) == 10;
if ($wfu_checkpass) {
//process any error messages due to redirection to non-ajax upload
if (isset($_POST[$adminerrorcodes])) {
$code = $_POST[$adminerrorcodes];
if ($code == "") {
$params['adminerrors'] = "";
} elseif ($code == "1" || $code == "2" || $code == "3") {
$params['adminerrors'] = constant('WFU_ERROR_REDIRECTION_ERRORCODE' . $code);
} else {
$params['adminerrors'] = WFU_ERROR_REDIRECTION_ERRORCODE0;
}
}
$params['subdir_selection_index'] = -1;
if (isset($_POST[$hiddeninput])) {
$params['subdir_selection_index'] = sanitize_text_field($_POST[$hiddeninput]);
}
$wfu_process_file_array = wfu_process_files($params, 'no_ajax');
$safe_output = $wfu_process_file_array["general"]['safe_output'];
unset($wfu_process_file_array["general"]['safe_output']);
//javascript code generated from individual wfu_after_upload_filters is not executed in non-ajax uploads
unset($wfu_process_file_array["general"]['js_script']);
$wfu_process_file_array_str = wfu_encode_array_to_string($wfu_process_file_array);
$ProcessUploadComplete_functiondef = 'function(){wfu_ProcessUploadComplete(' . $sid . ', 1, "' . $wfu_process_file_array_str . '", "no-ajax", "", "", "' . $safe_output . '", ["false", "", "false"]);}';
$wordpress_file_upload_output .= '<script type="text/javascript">window.onload=' . $ProcessUploadComplete_functiondef . '</script>';
}
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
function wfu_delete_shortcode_prompt($data)
{
$siteurl = site_url();
$postid = $data['post_id'];
$data_enc = wfu_encode_array_to_string($data);
$echo_str = "\n" . '<div class="wrap">';
$echo_str .= "\n\t" . '<h2>Wordpress File Upload Control Panel</h2>';
$echo_str .= "\n\t" . '<div style="margin-top:20px;">';
$echo_str .= "\n\t\t" . '<a href="' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload&action=manage_mainmenu" class="button" title="go back">Go to Main Menu</a>';
$echo_str .= "\n\t" . '</div>';
$echo_str .= "\n\t" . '<h2 style="margin-bottom: 10px; margin-top: 20px;">Delete Shortcode</h2>';
$echo_str .= "\n\t" . '<form enctype="multipart/form-data" name="deletefile" id="deleteshortcode" method="post" action="' . $siteurl . '/wp-admin/options-general.php?page=wordpress_file_upload" class="validate">';
$echo_str .= "\n\t\t" . '<input type="hidden" name="action" value="deleteshortcode">';
$echo_str .= "\n\t\t" . '<input type="hidden" name="data" value="' . $data_enc . '">';
$echo_str .= "\n\t\t" . '<label>Are you sure that you want to delete shortcode for <strong>' . get_post_type($postid) . ' "' . get_the_title($postid) . '" (' . $postid . ') Position ' . $data['position'] . '</strong> ?</label><br/>';
$echo_str .= "\n\t\t" . '<p class="submit">';
$echo_str .= "\n\t\t\t" . '<input type="submit" class="button-primary" name="submit" value="Delete">';
$echo_str .= "\n\t\t\t" . '<input type="submit" class="button-primary" name="submit" value="Cancel">';
$echo_str .= "\n\t\t" . '</p>';
$echo_str .= "\n\t" . '</form>';
$echo_str .= "\n" . '</div>';
return $echo_str;
}
function wordpress_file_upload_function($incomingfromhandler)
{
global $post;
global $blog_id;
$params = wfu_plugin_parse_array($incomingfromhandler);
$sid = $params["uploadid"];
// store current page id in params array
$params["pageid"] = $post->ID;
if (!isset($_SESSION['wfu_token_' . $sid]) || $_SESSION['wfu_token_' . $sid] == "") {
$_SESSION['wfu_token_' . $sid] = uniqid(mt_rand(), TRUE);
}
//store the server environment (32 or 64bit) for use when checking file size limits
$params["php_env"] = wfu_get_server_environment();
$user = wp_get_current_user();
$widths = wfu_decode_dimensions($params["widths"]);
$heights = wfu_decode_dimensions($params["heights"]);
$uploadedfile = 'uploadedfile_' . $sid;
$hiddeninput = 'hiddeninput_' . $sid;
$adminerrorcodes = 'adminerrorcodes_' . $sid;
$upload_clickaction = 'wfu_redirect_to_classic(' . $sid . ', \'' . $_SESSION['wfu_token_' . $sid] . '\' , 0, 0);';
//check if user is allowed to view plugin, otherwise do not generate it
$uploadroles = explode(",", $params["uploadrole"]);
foreach ($uploadroles as &$uploadrole) {
$uploadrole = strtolower(trim($uploadrole));
}
$plugin_upload_user_role = wfu_get_user_role($user, $uploadroles);
if (!in_array($plugin_upload_user_role, $uploadroles) && $plugin_upload_user_role != 'administrator' && $params["uploadrole"] != 'all') {
return;
}
//activate debug mode only for admins
if ($plugin_upload_user_role != 'administrator') {
$params["debugmode"] = "false";
}
$params["adminmessages"] = $params["adminmessages"] == "true" && $plugin_upload_user_role == 'administrator';
// define variable to hold any additional admin errors coming before processing of files (e.g. due to redirection)
$params["adminerrors"] = "";
/* Define dynamic upload path from variables */
$search = array('/%userid%/', '/%username%/', '/%blogid%/', '/%pageid%/', '/%pagetitle%/');
if (is_user_logged_in()) {
$username = $user->user_login;
} else {
$username = "******";
}
$replace = array($user->ID, $username, $blog_id, $post->ID, get_the_title($post->ID));
$params["uploadpath"] = preg_replace($search, $replace, $params["uploadpath"]);
/* Determine if userdata fields have been defined */
$userdata_fields = array();
if ($params["userdata"] == "true" && $params["userdatalabel"] != "") {
$userdata_rawfields = explode("/", $params["userdatalabel"]);
foreach ($userdata_rawfields as $userdata_rawitem) {
if ($userdata_rawitem != "") {
$is_required = $userdata_rawitem[0] == "*" ? "true" : "false";
if ($is_required == "true") {
$userdata_rawitem = substr($userdata_rawitem, 1);
}
if ($userdata_rawitem != "") {
array_push($userdata_fields, array("label" => $userdata_rawitem, "required" => $is_required));
}
}
}
}
$params["userdata_fields"] = $userdata_fields;
/* If medialink or postlink is activated, then subfolders are deactivated */
if ($params["medialink"] == "true" || $params["postlink"] == "true") {
$params["askforsubfolders"] = "false";
}
/* Prepare information about directory or selection of target subdirectory */
$subfolders = wfu_prepare_subfolders_block($params, $widths, $heights);
$subfolders_item = $subfolders['item'];
$params['subfoldersarray'] = $subfolders['paths'];
//____________________________________________________________________________________________________________________________________________________________________________________
if ($params['forceclassic'] != "true") {
//**************section to put additional options inside params array**************
$params['subdir_selection_index'] = "-1";
//**************end of section of additional options inside params array**************
// below this line no other changes to params array are allowed
//**************section to save params as Wordpress options**************
// every params array is indexed (uniquely identified) by three fields:
// - the page that contains the shortcode
// - the id of the shortcode instance (because there may be more than one instances of the shortcode inside a page)
// - the user that views the plugin (because some items of the params array are affected by the user name)
// the wordpress option "wfu_params_index" holds an array of combinations of these three fields, together with a randomly generated string that corresponds to these fields.
// the wordpress option "wfu_params_xxx", where xxx is the randomly generated string, holds the params array (encoded to string) that corresponds to this string.
// the structure of the "wfu_params_index" option is as follows: "a1||b1||c1||d1&&a2||b2||c2||d2&&...", where
// - a is the randomly generated string (16 characters)
// - b is the page id
// - c is the shortcode id
// - d is the user name
$params_index = wfu_generate_current_params_index($sid, $user->user_login);
$params_str = wfu_encode_array_to_string($params);
update_option('wfu_params_' . $params_index, $params_str);
$ajax_params['shortcode_id'] = $sid;
$ajax_params['params_index'] = $params_index;
$ajax_params['debugmode'] = $params["debugmode"];
$ajax_params['is_admin'] = $plugin_upload_user_role == 'administrator' ? "true" : "false";
$ajax_params["error_header"] = $params["errormessage"];
$ajax_params["fail_colors"] = $params["failmessagecolors"];
$ajax_params_str = wfu_encode_array_to_string($ajax_params);
$upload_clickaction = 'wfu_HTML5UploadFile(' . $sid . ', \'' . $ajax_params_str . '\', \'' . $_SESSION['wfu_token_' . $sid] . '\')';
}
$upload_onclick = ' onclick="' . $upload_clickaction . '"';
/* Prepare the title */
$title_item = wfu_prepare_title_block($params, $widths, $heights);
/* Prepare the text box showing filename */
$textbox_item = wfu_prepare_textbox_block($params, $widths, $heights);
/* Prepare the upload form */
$additional_params = array();
$uploadform_item = wfu_prepare_uploadform_block($params, $widths, $heights, $upload_clickaction, $additional_params);
/* Prepare the submit button */
$submit_item = wfu_prepare_submit_block($params, $widths, $heights, $upload_clickaction);
/* Prepare the progress bar */
$progressbar_item = wfu_prepare_progressbar_block($params, $widths, $heights);
/* Prepare the message */
$message_item = wfu_prepare_message_block($params, $widths, $heights);
/* Prepare user data */
$userdata_item = wfu_prepare_userdata_block($params, $widths, $heights);
/* Compose the html code for the plugin */
$wordpress_file_upload_output = "";
$wordpress_file_upload_output .= '<div id="wordpress_file_upload_block_' . $sid . '" class="file_div_clean wfu_container">';
//add visual editor overlay if the current user is administrator
if (current_user_can('manage_options')) {
$wordpress_file_upload_output .= "\n\t" . '<div id="wordpress_file_upload_editor_' . $sid . '" class="wfu_overlay_editor">';
$wordpress_file_upload_output .= "\n\t\t" . '<button class="wfu_overlay_editor_button" title="' . WFU_PAGE_PLUGINEDITOR_BUTTONTITLE . '" onclick="wfu_invoke_shortcode_editor(' . $sid . ', ' . $post->ID . ', \'' . hash('md5', $post->post_content) . '\');"><img src="' . WFU_IMAGE_OVERLAY_EDITOR . '" width="20px" height="20px" /></button>';
$wordpress_file_upload_output .= "\n\t" . '</div>';
$wordpress_file_upload_output .= "\n\t" . '<div id="wordpress_file_upload_overlay_' . $sid . '" class="wfu_overlay_container">';
$wordpress_file_upload_output .= "\n\t\t" . '<table class="wfu_overlay_table"><tbody><tr><td><img src="' . WFU_IMAGE_OVERLAY_LOADING . '" /><label>' . WFU_PAGE_PLUGINEDITOR_LOADING . '</label></td></tr></tbody></table>';
$wordpress_file_upload_output .= "\n\t\t" . '<div class="wfu_overlay_container_inner"></div>';
$wordpress_file_upload_output .= "\n\t" . '</div>';
}
$itemplaces = explode("/", $params["placements"]);
foreach ($itemplaces as $section) {
$items_in_section = explode("+", trim($section));
$section_array = array();
foreach ($items_in_section as $item_in_section) {
$item_in_section = strtolower(trim($item_in_section));
if ($item_in_section == "title") {
array_push($section_array, $title_item);
} elseif ($item_in_section == "filename") {
array_push($section_array, $textbox_item);
} elseif ($item_in_section == "selectbutton") {
array_push($section_array, $uploadform_item);
} elseif ($item_in_section == "confirmbox" && preg_match("/(^|,)\\s*checkbox\\s*(,|\$)/", $params['security_active']) && $params["singlebutton"] != "true") {
array_push($section_array, $confirmbox_item);
} elseif ($item_in_section == "uploadbutton" && $params["singlebutton"] != "true") {
array_push($section_array, $submit_item);
} elseif ($item_in_section == "subfolders") {
array_push($section_array, $subfolders_item);
} elseif ($item_in_section == "progressbar") {
array_push($section_array, $progressbar_item);
} elseif ($item_in_section == "message") {
array_push($section_array, $message_item);
} elseif ($item_in_section == "userdata" && $params["userdata"] == "true") {
array_push($section_array, $userdata_item);
}
}
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
/* Append mandatory blocks, if have not been included in placements attribute */
if ($params["userdata"] == "true" && strpos($params["placements"], "userdata") === false) {
$section_array = array();
array_push($section_array, $userdata_item);
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
if (strpos($params["placements"], "selectbutton") === false) {
$section_array = array();
array_push($section_array, $uploadform_item);
$wordpress_file_upload_output .= call_user_func_array("wfu_add_div", $section_array);
}
/* Pass constants to javascript and run plugin post-load actions */
$consts = wfu_set_javascript_constants();
$handler = 'function() { wfu_Initialize_Consts("' . $consts . '"); wfu_plugin_load_action(' . $sid . '); }';
$wordpress_file_upload_output .= "\n\t" . '<script type="text/javascript">if(window.addEventListener) { window.addEventListener("load", ' . $handler . ', false); } else if(window.attachEvent) { window.attachEvent("onload", ' . $handler . '); } else { window["onload"] = ' . $handler . '; }</script>';
$wordpress_file_upload_output .= '</div>';
// $wordpress_file_upload_output .= '<div>';
// $wordpress_file_upload_output .= wfu_test_admin();
// $wordpress_file_upload_output .= '</div>';
// The plugin uses sessions in order to detect if the page was loaded due to file upload or
// because the user pressed the Refresh button (or F5) of the page.
// In the second case we do not want to perform any file upload, so we abort the rest of the script.
if (!isset($_SESSION['wfu_check_refresh_' . $sid]) || $_SESSION['wfu_check_refresh_' . $sid] != "form button pressed") {
$_SESSION['wfu_check_refresh_' . $sid] = 'do not process';
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
$_SESSION['wfu_check_refresh_' . $sid] = 'do not process';
$params["upload_start_time"] = $_SESSION['wfu_start_time_' . $sid];
// The plugin uses two ways to upload the file:
// - The first one uses classic functionality of an HTML form (highest compatibility with browsers but few capabilities).
// - The second uses ajax (HTML5) functionality (medium compatibility with browsers but many capabilities, like no page refresh and progress bar).
// The plugin loads using ajax functionality by default, however if it detects that ajax functionality is not supported, it will automatically switch to classic functionality.
// The next line checks to see if the form was submitted using ajax or classic functionality.
// If the uploaded file variable stored in $_FILES ends with "_redirected", then it means that ajax functionality is not supported and the plugin must switch to classic functionality.
if (isset($_FILES[$uploadedfile . '_redirected'])) {
$params['forceclassic'] = "true";
}
if ($params['forceclassic'] != "true") {
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
// The section below is executed when using classic upload methods
if (isset($_POST[$adminerrorcodes])) {
$code = $_POST[$adminerrorcodes];
if ($code == "") {
$params['adminerrors'] = "";
} elseif ($code == "1" || $code == "2" || $code == "3") {
$params['adminerrors'] = constant('WFU_ERROR_REDIRECTION_ERRORCODE' . $code);
} else {
$params['adminerrors'] = WFU_ERROR_REDIRECTION_ERRORCODE0;
}
}
$params['subdir_selection_index'] = -1;
if (isset($_POST[$hiddeninput])) {
$params['subdir_selection_index'] = $_POST[$hiddeninput];
}
$wfu_process_file_array = wfu_process_files($params, 'no_ajax');
$safe_output = $wfu_process_file_array["general"]['safe_output'];
unset($wfu_process_file_array["general"]['safe_output']);
$wfu_process_file_array_str = wfu_encode_array_to_string($wfu_process_file_array);
$ProcessUploadComplete_functiondef = 'function(){wfu_ProcessUploadComplete(' . $sid . ', 1, "' . $wfu_process_file_array_str . '", "no-ajax", "", "", "' . $safe_output . '", ["false", "", "false"]);}';
$wordpress_file_upload_output .= '<script type="text/javascript">window.onload=' . $ProcessUploadComplete_functiondef . '</script>';
$wordpress_file_upload_output .= wfu_post_plugin_actions($params);
return $wordpress_file_upload_output . "\n";
}
