$results = $wpdb->get_results("SELECT id FROM `{$table_name}`");
$ids = array();
foreach ($results as $result) {
$ids[] = $result->id;
}
//update_option('gcb_update_prompt_v2',1);
} else {
$ids = explode(";", $_GET["gcb"]);
}
$final_text = array();
foreach ($ids as $id) {
if (intval($id) > 0) {
if ($_GET["gcb"] == 'all') {
$entry = $wpdb->get_row("SELECT * FROM `{$table_name}` WHERE id=" . $id, ARRAY_A);
} else {
$entry = gcb::get_entry_by_id(intval($id));
}
$final_text[] = base64_encode($entry['name']) . "<;>" . base64_encode($entry['description']) . "<;>" . base64_encode($entry['value']) . "<;>" . base64_encode($entry['type']) . "<;>" . base64_encode($entry['custom_id']);
}
}
$final = implode("\r\n", $final_text);
header("Content-Type: text/plain");
header("Content-disposition: attachment; filename=" . ($backup ? "backup" : "export") . "_gcb_" . date("d_m_y_H_i") . ".gcb;");
header("Content-Length: " . strlen($final));
header('Content-Transfer-Encoding: Binary');
header('Accept-Ranges: bytes');
header('ETag: "' . md5($final) . '"');
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
echo $final;
die;
function gcb($id, $attributes = array())
{
//determine condition, since we can fetch blocks by 2 types of ids
if (is_numeric($id)) {
$entry = gcb::get_entry_by_id(intval($id));
} else {
$entry = gcb::get_entry_by_custom_id($id);
}
if (is_array($entry)) {
$content = htmlspecialchars_decode(stripslashes($entry['value']));
//process the attributes
if (is_array($attributes) && count($attributes)) {
foreach ($attributes as $attribute_key => $attribute_value) {
$content = str_replace("%%" . $attribute_key . "%%", $attribute_value, $content);
}
}
if ($entry['type'] == "php") {
//execute the php code
ob_start();
$result = eval(" " . $content);
$output = ob_get_contents();
ob_end_clean();
return apply_filters('gcb_block_output', do_shortcode($output . $result));
//run the shortcodes as well
} elseif ($entry['type'] == "html") {
// alloyphoto: enable PHP code in < ?php ... ? > tags inside blocks
ob_start();
eval("?>{$content}<?php ");
$output = ob_get_contents();
ob_end_clean();
return apply_filters('gcb_block_output', do_shortcode($output));
//run the shortcodes as well
} else {
return apply_filters('gcb_block_output', do_shortcode($content));
//make sure we also run the shortcodes in here
}
} else {
return "";
}
}
<?php
require_once '../../../../../wp-load.php';
if (!isset($_POST["name"]) || !isset($_POST["content"])) {
die("invalid call!");
}
//check user rights, only editors and above can add
if (!current_user_can('publish_pages')) {
die("disallowed.");
}
$name = $_POST["name"];
$description = htmlspecialchars($_POST['description']);
$type = htmlspecialchars($_POST['type']);
$value = htmlspecialchars($_POST['content']);
if (!strlen($name) || !strlen($value)) {
die("invalid call.");
}
$available_types = gcb::get_available_types();
$entry_data = array("name" => $name, "description" => $description, "value" => $value, "type" => $type);
$new_id = gcb::add_entry($entry_data);
$return = array("id" => $new_id, "name" => $name, "img" => $available_types[$type]["img"]);
echo json_encode($return);
die;
<?php
require_once '../../../../../wp-load.php';
//$list = gcb::get_entries();
$list = gcb::get_entries_by_name();
//define the available types,and their image
$available_types = gcb::get_available_types();
?>
<html>
<head>
<title>Global Content Blocks</title>
<script type="text/javascript" src="<?php
echo get_option('siteurl') . "/wp-includes/js/jquery/jquery.js";
?>
"></script>
<script type="text/javascript" src="<?php
echo get_option('siteurl') . "/wp-includes/js/tinymce/tiny_mce_popup.js?ver=327-1235";
?>
"></script>
<script type="text/javascript">
function do_s() {
var opt = document.getElementById("gcb_sel").options[document.getElementById("gcb_sel").selectedIndex];
var continue_send = true;
if(opt.value != "0")
{
var actual = document.getElementById("gcb_actual").checked;
if(!actual) {
var img = opt.id;
var html = "<img src='<?php
echo WP_PLUGIN_URL;
function gcb_submenu()
{
global $wpdb;
$msg = "";
if (isset($_POST["gcb_delete"])) {
if (isset($_POST["gcb_del"]) && is_array($_POST["gcb_del"])) {
foreach ($_POST["gcb_del"] as $bd) {
$wpdb->query("delete from " . $wpdb->prefix . "gcb where id=" . intval($bd) . " limit 1");
}
$msg = "Deleted!";
}
}
if (isset($_POST["gcb_unin"])) {
if (isset($_POST["ch_unin"])) {
update_option("gcb_complete_uninstall", "yes");
} else {
update_option("gcb_complete_uninstall", "no");
}
}
if (isset($_POST["gcb_import"])) {
//importing files
$msg = gcb_import();
}
if (isset($_POST["gcb_save"])) {
$name = $_POST["gcb_name"];
$description = mysql_real_escape_string(htmlspecialchars($_POST['gcb_description']));
$type = mysql_real_escape_string(htmlspecialchars($_POST['gcb_type']));
$value = mysql_real_escape_string(htmlspecialchars($_POST['gcb_value']));
if (strlen($name) && strlen($value)) {
if (isset($_POST["update_it"])) {
$wpdb->query("update " . $wpdb->prefix . "gcb set name='" . $name . "',\r\r\n description='" . $description . "',\r\r\n value='" . $value . "',\r\r\n type='" . $type . "' \r\r\n where id=" . intval($_POST["update_it"] . " limit 1"));
$msg = "Entry updated!";
} else {
$wpdb->query("insert into " . $wpdb->prefix . "gcb (name,description,value,type) VALUES ('" . $name . "','" . $description . "','" . $value . "','" . $type . "')");
$msg = "Entry inserted!";
}
} else {
$msg = "Name and Content are mandatory!";
}
}
echo gcb::main_page($msg);
}
