/**
* Catch and process the Requests page.
*/
function friends_screen_requests()
{
if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_accept_friendship');
if (friends_accept_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship accepted', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_reject_friendship');
if (friends_reject_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship rejected', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
} elseif (bp_is_action_variable('cancel', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_withdraw_friendship');
if (friends_withdraw_friendship(bp_loggedin_user_id(), bp_action_variable(1))) {
bp_core_add_message(__('Friendship request withdrawn', 'buddypress'));
} else {
bp_core_add_message(__('Friendship request could not be withdrawn', 'buddypress'), 'error');
}
bp_core_redirect(trailingslashit(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action()));
}
do_action('friends_screen_requests');
bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home'));
}
/**
* Registered callback function for the WordPress Importer
*
* Manages the three separate stages of the CSV import process
*/
function dispatch()
{
$this->header();
if (!empty($_POST['delimiter'])) {
$this->delimiter = stripslashes(trim($_POST['delimiter']));
}
if (!$this->delimiter) {
$this->delimiter = ',';
}
$step = empty($_GET['step']) ? 0 : (int) $_GET['step'];
switch ($step) {
case 0:
$this->greet();
break;
case 1:
check_admin_referer('import-upload');
if ($this->handle_upload()) {
if ($this->id) {
$file = get_attached_file($this->id);
} else {
$file = ABSPATH . $this->file_url;
}
add_filter('http_request_timeout', array($this, 'bump_request_timeout'));
if (function_exists('gc_enable')) {
gc_enable();
}
@set_time_limit(0);
@ob_flush();
@flush();
$this->import($file);
}
break;
}
$this->footer();
}
protected function prepare()
{
include ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
try {
$this->api = $api = Sputnik::get_plugin($this->id);
} catch (Exception $e) {
status_header(500);
$this->header();
echo '<p>' . $e->getMessage() . '</p>';
$this->footer();
return;
}
if (!Sputnik::is_purchased($this->api->slug)) {
wp_redirect(Sputnik_Admin::build_url(array('buy' => $this->id)));
die;
}
if (!current_user_can('install_plugins')) {
wp_die(__('You do not have sufficient permissions to install plugins for this site.', 'sputnik'));
}
check_admin_referer($this->nonce_prefix . $this->api->slug);
include_once ABSPATH . 'wp-admin/includes/plugin-install.php';
$title = sprintf($this->title_format, $this->api->name . ' ' . $this->api->version);
$nonce = $this->nonce_prefix . $this->id;
$url = 'update.php?action=install-plugin&plugin=' . $this->id;
if (isset($_GET['from'])) {
$url .= '&from=' . urlencode(stripslashes($_GET['from']));
}
$type = 'web';
//Install plugin type, From Web or an Upload.
if ($this->api->is_theme) {
$this->upgrader = new Sputnik_ThemeUpgrader(new Sputnik_View_Install_Skin(compact('title', 'url', 'nonce', 'plugin', 'api')));
} else {
$this->upgrader = new Sputnik_Upgrader(new Sputnik_View_Install_Skin(compact('title', 'url', 'nonce', 'plugin', 'api')));
}
}
/**
* Called on load action.
*
* @return void
*/
public static function load()
{
global $wpdb;
if (isset($_GET['action']) && $_GET['action'] == 'dbdumpdl') {
//check permissions
check_admin_referer('backwpupdbdumpdl');
if (!current_user_can('backwpup_jobs_edit')) {
die;
}
//doing dump
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/octet-stream; charset=" . get_bloginfo('charset'));
header("Content-Disposition: attachment; filename=" . DB_NAME . ".sql;");
try {
$sql_dump = new BackWPup_MySQLDump();
foreach ($sql_dump->tables_to_dump as $key => $table) {
if ($wpdb->prefix != substr($table, 0, strlen($wpdb->prefix))) {
unset($sql_dump->tables_to_dump[$key]);
}
}
$sql_dump->execute();
unset($sql_dump);
} catch (Exception $e) {
die($e->getMessage());
}
die;
}
}
/**
* Catch and process Remove Friendship requests.
*
* @since 1.0.1
*/
function friends_action_remove_friend()
{
if (!bp_is_friends_component() || !bp_is_current_action('remove-friend')) {
return false;
}
if (!($potential_friend_id = (int) bp_action_variable(0))) {
return false;
}
if ($potential_friend_id == bp_loggedin_user_id()) {
return false;
}
$friendship_status = BP_Friends_Friendship::check_is_friend(bp_loggedin_user_id(), $potential_friend_id);
if ('is_friend' == $friendship_status) {
if (!check_admin_referer('friends_remove_friend')) {
return false;
}
if (!friends_remove_friend(bp_loggedin_user_id(), $potential_friend_id)) {
bp_core_add_message(__('Friendship could not be canceled.', 'buddypress'), 'error');
} else {
bp_core_add_message(__('Friendship canceled', 'buddypress'));
}
} elseif ('is_friends' == $friendship_status) {
bp_core_add_message(__('You are not yet friends with this user', 'buddypress'), 'error');
} else {
bp_core_add_message(__('You have a pending friendship request with this user', 'buddypress'), 'error');
}
bp_core_redirect(wp_get_referer());
return false;
}
public function printUi()
{
if (!$this->currentUserCanManageLicense()) {
wp_die("You don't have sufficient permissions to manage licenses for this product.");
}
$action = isset($_REQUEST['license_action']) ? strval($_REQUEST['license_action']) : '';
if (empty($action)) {
$action = 'show_license';
}
check_admin_referer($action);
$this->triedLicenseKey = isset($_POST['license_key']) ? trim(strval($_POST['license_key'])) : $this->licenseManager->getLicenseKey();
if (isset($_REQUEST['tab']) && is_string($_REQUEST['tab']) && array_key_exists($_REQUEST['tab'], $this->tabs)) {
$this->currentTab = $_REQUEST['tab'];
}
$this->printHeader();
$this->dispatchAction($action);
$this->printLogo();
$this->printTabList();
?>
<div class="wrap" id="wslm-section-holder">
<?php
foreach ($this->tabs as $id => $tab) {
printf('<div id="section-%1$s" class="wslm-section%2$s">', esc_attr($id), $this->currentTab !== $id ? ' hidden' : '');
call_user_func($tab['callback']);
echo '</div>';
}
?>
</div> <!-- #wslm-section-holder -->
<?php
exit;
}
function ninja_forms_update_screen_options()
{
global $ninja_forms_screen_options;
$current_tab = ninja_forms_get_current_tab();
if (isset($_POST['_wpnonce'])) {
$nonce = $_POST['_wpnonce'];
} else {
$nonce = '';
}
if (!empty($_POST) and $_POST['ninja_forms_save_screen_options'] == 1 and wp_verify_nonce($nonce, 'ninja_forms_update_options') and check_admin_referer('ninja_forms_update_options', '_wpnonce')) {
if (!empty($ninja_forms_screen_options) and is_array($ninja_forms_screen_options)) {
//print_r($ninja_forms_screen_options);
if (isset($ninja_forms_screen_options['_universal_']) and is_array($ninja_forms_screen_options['_universal_'])) {
foreach ($ninja_forms_screen_options['_universal_'] as $slug => $option) {
$save_function = $option['save_function'];
$arguments = func_get_args();
array_shift($arguments);
// We need to remove the first arg ($function_name)
call_user_func_array($save_function, $arguments);
}
}
if (isset($ninja_forms_screen_options[$current_tab]) and is_array($ninja_forms_screen_options[$current_tab])) {
foreach ($ninja_forms_screen_options[$current_tab] as $slug => $option) {
$save_function = $option['save_function'];
$arguments = func_get_args();
array_shift($arguments);
// We need to remove the first arg ($function_name)
call_user_func_array($save_function, $arguments);
}
}
}
}
}
function import_export()
{
$ocwsqt_option_name = get_option('stylesheet');
if (isset($_GET['action']) && $_GET['action'] == 'download') {
header("Cache-Control: public, must-revalidate");
header("Pragma: hack");
header("Content-Type: text/plain");
header('Content-Disposition: attachment; filename="' . $ocwsqt_option_name . '-options-' . date("dMy") . '.dat"');
echo serialize($this->_get_options());
die;
}
if (isset($_POST['upload']) && check_admin_referer('shapeSpace_restoreOptions', 'shapeSpace_restoreOptions')) {
if ($_FILES["file"]["error"] > 0) {
// error
} else {
$options = unserialize(file_get_contents($_FILES["file"]["tmp_name"]));
if ($options) {
foreach ($options as $option) {
update_option($option->option_name, unserialize($option->option_value));
}
}
}
wp_redirect(admin_url('themes.php?page=backup-options'));
exit;
}
}
public function save()
{
// Check that the current request carries a valid nonce.
check_admin_referer('sme-save-options', 'sme_save_options_nonce');
// Selected options.
$selected = array();
if (isset($_POST['opt']) && is_array($_POST['opt'])) {
$selected = $_POST['opt'];
}
// Make sure array of selected options only consists of strings.
$selected = array_filter($selected, function ($option) {
return is_string($option);
});
// Save selected options.
update_option('sme_wp_options', $selected);
// Allow third party developers to hook in.
do_action('sme_wp_options_saved', $selected);
// Handle input data.
$updated = '';
if (isset($_POST['submit'])) {
$updated = '&options-updated';
}
// Redirect user to this URL when options has been saved.
$redirect_url = admin_url('admin.php?page=sme-wp-options' . $updated);
// Redirect user.
wp_redirect($redirect_url);
exit;
}
public function save_general_settings()
{
if (isset($_POST) && check_admin_referer($this->nonce_save_general_settings['action'], $this->nonce_save_general_settings['name'])) {
$message = '';
if (isset($_POST[MAXGALLERIA_SETTING_REWRITE_SLUG]) && $_POST[MAXGALLERIA_SETTING_REWRITE_SLUG] != '') {
update_option(MAXGALLERIA_SETTING_REWRITE_SLUG, $_POST[MAXGALLERIA_SETTING_REWRITE_SLUG]);
} else {
update_option(MAXGALLERIA_SETTING_REWRITE_SLUG, 'gallery');
}
if (isset($_POST[MAXGALLERIA_SETTING_EXCLUDE_GALLERIES_FROM_SEARCH]) && $_POST[MAXGALLERIA_SETTING_EXCLUDE_GALLERIES_FROM_SEARCH] == 'on') {
update_option(MAXGALLERIA_SETTING_EXCLUDE_GALLERIES_FROM_SEARCH, $_POST[MAXGALLERIA_SETTING_EXCLUDE_GALLERIES_FROM_SEARCH]);
} else {
update_option(MAXGALLERIA_SETTING_EXCLUDE_GALLERIES_FROM_SEARCH, '');
}
if (isset($_POST[MAXGALLERIA_SETTING_DEFAULT_IMAGE_GALLERY_TEMPLATE]) && $_POST[MAXGALLERIA_SETTING_DEFAULT_IMAGE_GALLERY_TEMPLATE] != '') {
update_option(MAXGALLERIA_SETTING_DEFAULT_IMAGE_GALLERY_TEMPLATE, $_POST[MAXGALLERIA_SETTING_DEFAULT_IMAGE_GALLERY_TEMPLATE]);
} else {
update_option(MAXGALLERIA_SETTING_DEFAULT_IMAGE_GALLERY_TEMPLATE, 'image-tiles');
}
if (isset($_POST[MAXGALLERIA_SETTING_DEFAULT_VIDEO_GALLERY_TEMPLATE]) && $_POST[MAXGALLERIA_SETTING_DEFAULT_VIDEO_GALLERY_TEMPLATE] != '') {
update_option(MAXGALLERIA_SETTING_DEFAULT_VIDEO_GALLERY_TEMPLATE, $_POST[MAXGALLERIA_SETTING_DEFAULT_VIDEO_GALLERY_TEMPLATE]);
} else {
update_option(MAXGALLERIA_SETTING_DEFAULT_VIDEO_GALLERY_TEMPLATE, 'video-tiles');
}
$message = 'success';
echo $message;
die;
}
}
function dispatch()
{
if (empty($_GET['step'])) {
$step = 0;
} else {
$step = (int) $_GET['step'];
}
// load the header
$this->header();
switch ($step) {
case 0:
$this->greet();
break;
case 1:
check_admin_referer('import-stp');
$this->import_posts();
break;
case 2:
check_admin_referer('import-stp');
$this->import_t2p();
break;
case 3:
check_admin_referer('import-stp');
$this->cleanup_import();
break;
}
// load the footer
$this->footer();
}
/**
* Registered callback function for the WordPress Importer
*
* Manages the three separate stages of the WXR import process
*/
function dispatch()
{
$this->header();
$step = $this->framework->request->empty_GET('step') ? 0 : (int) $this->framework->request->GET('step');
switch ($step) {
case 0:
$this->greet();
break;
case 1:
check_admin_referer('import-upload');
if ($this->handle_upload()) {
$this->import_options();
}
break;
case 2:
check_admin_referer('import-wordpress');
$this->fetch_attachments = !$this->framework->request->empty_POST('fetch_attachments') && $this->allow_fetch_attachments();
$this->id = (int) $this->framework->request->POST('import_id');
$file = get_attached_file($this->id);
set_time_limit(0);
$this->import($file);
break;
}
$this->footer();
}
/**
* wpsc_admin_submit_product function
*
* @return nothing
*/
function wpsc_admin_submit_product()
{
check_admin_referer('edit-product', 'wpsc-edit-product');
$post_data = wpsc_sanitise_product_forms();
if (isset($post_data['title']) && $post_data['title'] != '' && isset($post_data['category'])) {
$product_id = wpsc_insert_product($post_data, true);
if ($product_id > 0) {
$sendback = add_query_arg('product_id', $product_id);
}
$sendback = add_query_arg('message', 1, $sendback);
//exit('<pre>'.print_r($sendback,true).'</pre>');
wp_redirect($sendback);
} else {
$_SESSION['product_error_messages'] = array();
if ($post_data['title'] == '') {
$_SESSION['product_error_messages'][] = __('<strong>ERROR</strong>: Please enter a Product name.<br />');
}
if (!isset($post_data['category'])) {
$_SESSION['product_error_messages'][] = __('<strong>ERROR</strong>: Please enter a Product Category.<br />');
}
$_SESSION['wpsc_failed_product_post_data'] = $post_data;
// exit('<pre>'.print_r($_SESSION['product_error_messages'], true).'</pre>');
$sendback = add_query_arg('ErrMessage', 1);
wp_redirect($sendback);
}
exit;
}
/**
*shows the page template
*/
public function show_page()
{
if (array_key_exists('action', $_POST) && 'sql_export' === $_POST['action'] && check_admin_referer('sql_export', 'insr_nonce')) {
$this->handle_sql_export_event();
}
require_once 'templates/db_backup.php';
}
/**
* Main tab handler
*
* @param noting.
* @return nothing.
*
* Note that wp_iframe() will add the css for the "media" page when the callback
* function begins with "media".
**/
function media_upload_pac_pickapictab()
{
// Two things can happen here, either we need to show the first page after the search button has been hit
// or we need to display the paginated results for previous searches.
if (isset($_POST['pac_pickapic_search_term']) && isset($_POST['pac_pickapic_results_per_page']) || isset($_GET['pac_pickapic_search_term']) && isset($_GET['pac_pickapic_results_per_page']) && isset($_GET['paged']) && !isset($_POST['pac_pickapic_choose'])) {
// Displays the search results
$search_term = sanitize_text_field($_REQUEST['pac_pickapic_search_term'], '');
$results = absint($_REQUEST['pac_pickapic_results_per_page']);
$paged = 0;
if (isset($_REQUEST['paged'])) {
$paged = absint($_REQUEST['paged']);
}
wp_iframe('media_pac_pickapic_search_results', $search_term, $results, $paged);
return;
} else {
if (isset($_POST['pac_pickapic_choose'])) {
// A picture has been selected so we must download it from flickr and show it to the user.
//TODO: Implement better error handling
check_admin_referer('pac_pickapic_nonce', 'pac_pickapic_nonce_field');
//Show the selected image using get_media_item
wp_iframe('media_pac_pickapic_final_form');
return;
} else {
if (isset($_POST['send'])) {
// Check the final form arguments generated by get_media_item() function
// and if they are ok the image will be inserted to the editor
media_upload_form_handler();
}
}
}
wp_iframe('media_pac_pickapic_search');
}
public static function update_plugin()
{
if (!current_user_can('upload_plugins')) {
wp_die(esc_html__('Sorry, you are not allowed to install plugins on this site.'));
}
check_admin_referer('plugin-upload');
$file_upload = new File_Upload_Upgrader('pluginzip', 'package');
$title = __('Upload Plugin');
$parent_file = 'plugins.php';
$submenu_file = 'plugin-install.php';
require_once ABSPATH . 'wp-admin/admin-header.php';
$title = sprintf(__('Installing Plugin from uploaded file: %s'), esc_html(basename($file_upload->filename)));
$nonce = 'plugin-upload';
$url = add_query_arg(array('package' => $file_upload->id), 'update.php?action=upload-plugin');
$type = 'upload';
// Install plugin type, From Web or an Upload.
require_once dirname(__FILE__) . '/custom-plugin-upgrader.php';
$upgrader = new CAJ_ETPU_Plugin_Upgrader(new Plugin_Installer_Skin(compact('type', 'title', 'nonce', 'url')));
$result = $upgrader->install($file_upload->package);
if ($result || is_wp_error($result)) {
$file_upload->cleanup();
}
include ABSPATH . 'wp-admin/admin-footer.php';
exit;
}
function optimizer_assign_widgets()
{
$optimizer = get_option('optimizer');
$active_widgets = get_option('sidebars_widgets');
if (isset($_POST['assign_widgets']) && check_admin_referer('optimizer_assign_widgets', 'optimizer_assign_widgets')) {
if (empty($active_widgets['front_sidebar']) && empty($optimizer)) {
//ABOUT SECTION--------------------------------------------
$active_widgets['front_sidebar'][] = 'optimizer_front_about-1';
$about_content[1] = array('title' => __('THE OPTIMIZER', 'optimizer'), 'subtitle' => __('a little about..', 'optimizer'), 'content' => __('Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits. Dramatically visualize customer directed convergence without revolutionary ROI.', 'optimizer'), 'divider' => 'fa-stop', 'title_color' => '#222222', 'content_color' => '#a8b4bf', 'content_bg' => '#ffffff');
update_option('widget_optimizer_front_about', $about_content);
//BLOCKS SECTION--------------------------------------------
$active_widgets['front_sidebar'][] = 'optimizer_front_blocks-1';
$blocks_content[1] = array('block1title' => __('Lorem Ipsum', 'optimizer'), 'block1img' => '', 'block1content' => __('Lorem ipsum dolor sit amet, consectetur dol adipiscing elit. Nam nec rhoncus risus. In ultrices lacinia ipsum, posuere faucibus velit bibe.', 'optimizer'), 'block2title' => __('Lorem Ipsum', 'optimizer'), 'block2img' => '', 'block2content' => __('Lorem ipsum dolor sit amet, consectetur dol adipiscing elit. Nam nec rhoncus risus. In ultrices lacinia ipsum, posuere faucibus velit bibe.', 'optimizer'), 'block3title' => __('Lorem Ipsum', 'optimizer'), 'block3img' => '', 'block3content' => __('Lorem ipsum dolor sit amet, consectetur dol adipiscing elit. Nam nec rhoncus risus. In ultrices lacinia ipsum, posuere faucibus velit bibe.', 'optimizer'), 'block4title' => '', 'block4img' => '', 'block4content' => '', 'block5title' => '', 'block5img' => '', 'block5content' => '', 'block6title' => '', 'block6img' => '', 'block6content' => '', 'blockstitlecolor' => '#555555', 'blockstxtcolor' => '#999999', 'blocksbgcolor' => '#f5f5f5');
update_option('widget_optimizer_front_blocks', $blocks_content);
//WELCOME TEXT SECTION--------------------------------------------
$active_widgets['front_sidebar'][] = 'optimizer_front_text-1';
$text_content[1] = array('title' => __('This Title wont be shown', 'optimizer'), 'content' => __('Collaboratively administrate empowered markets via plug-and-play networks. Dynamically procrastinate B2C users after installed base benefits. Dramatically visualize customer directed convergence without revolutionary ROI.', 'optimizer'), 'padtopbottom' => '2', 'paddingside' => '2', 'parallax' => '', 'content_color' => '#ffffff;', 'content_bg' => '#333333;', 'content_bgimg' => '');
update_option('widget_optimizer_front_text', $text_content);
//POSTS SECTION--------------------------------------------
$active_widgets['front_sidebar'][] = 'optimizer_front_posts-1';
$posts_content[1] = array('title' => __('Our Work', 'optimizer'), 'subtitle' => __('Checkout Our Work', 'optimizer'), 'layout' => '1', 'type' => 'post', 'pages' => '', 'count' => '6', 'category' => '', 'divider' => 'fa-stop', 'navigation' => 'numbered', 'postbgcolor' => '', 'titlecolor' => '#333333', 'secbgcolor' => '#ffffff');
update_option('widget_optimizer_front_posts', $posts_content);
//Update the empty frontpage sidebar with widgets
update_option('sidebars_widgets', $active_widgets);
$redirect = admin_url('/customize.php');
wp_redirect($redirect);
}
}
}
function ct_tracks_full_width_deactivate_license()
{
// listen for our activate button to be clicked
if (isset($_POST['ct_tracks_full_width_license_deactivate'])) {
// run a quick security check
if (!check_admin_referer('ct_tracks_full_width_nonce', 'ct_tracks_full_width_nonce')) {
return;
}
// get out if we didn't click the Activate button
// retrieve the license from the database
$license = trim(get_option('ct_tracks_full_width_license_key'));
// data to send in our API request
$api_params = array('edd_action' => 'deactivate_license', 'license' => $license, 'item_name' => urlencode(CT_TRACKS_FULL_WIDTH), 'url' => home_url());
// Call the custom API.
$response = wp_remote_get(add_query_arg($api_params, CT_TRACKS_STORE_URL), array('timeout' => 15, 'sslverify' => false));
// make sure the response came back okay
if (is_wp_error($response)) {
return false;
}
// decode the license data
$license_data = json_decode(wp_remote_retrieve_body($response));
// $license_data->license will be either "deactivated" or "failed"
if ($license_data->license == 'deactivated') {
delete_option('ct_tracks_full_width_license_key_status');
}
}
}
public function printUi()
{
if (!$this->currentUserCanManageLicense()) {
wp_die("You don't have sufficient permissions to manage licenses for this product.");
}
$action = isset($_REQUEST['license_action']) ? strval($_REQUEST['license_action']) : '';
if (empty($action)) {
$action = 'show_license';
}
check_admin_referer($action);
$this->triedLicenseKey = isset($_POST['license_key']) ? trim(strval($_POST['license_key'])) : $this->licenseManager->getLicenseKey();
$this->printHeader();
$this->dispatchAction($action);
$this->printLogo();
$this->printTabList();
?>
<div class="wrap" id="wslm-section-holder">
<div id="section-current-license" class="wslm-section">
<?php
$this->tabCurrentLicense();
?>
</div>
<div id="section-manage-sites" class="wslm-section hidden">
<?php
$this->tabManageSites();
?>
</div>
</div> <!-- #wslm-section-holder -->
<?php
exit;
}
function add_new_bookmark()
{
if (!current_user_can('publish_posts')) {
wp_redirect(get_bloginfo('url'));
exit;
}
check_admin_referer('new-post');
$user = get_userdata($current_user->ID);
$post_title = urldecode($_POST['posttitle']);
$post_url = urldecode($_POST['posturl']);
$post_content = urldecode($_POST['posttext']);
$tags = urldecode($_POST['tags']);
$status = urldecode($_POST['status']);
global $wpdb;
// Search existing post with this pressmark-url
$existing_post_id = $wpdb->get_var("SELECT post_id FROM {$wpdb->postmeta} \n\t\t\t\t\t\t\t\t\tWHERE meta_key = 'pressmark-url' AND meta_value = '{$post_url}'");
if ($existing_post_id) {
// If exists, add coauthor
add_post_meta($existing_post_id, 'coauthor', (int) $user->ID, false);
// Place post on top
$post_modified = current_time('mysql');
$post_modified_gmt = current_time('mysql', 1);
$wpdb->query("UPDATE {$wpdb->posts} \n\t\t\t\t\tSET post_date = {$post_modified} \n\t\t\t\t\tSET post_date_gmt = {$post_modified_gmt}\n\t\t\t\t\tWHERE ID = '{$existing_post_id}'");
} else {
// If not exists, insert new post
$post_id = wp_insert_post(array('post_author' => $user->ID, 'post_title' => $post_title, 'post_content' => $post_content, 'tags_input' => $tags, 'post_status' => $status));
$wpdb->query("\n\t\t\t\tINSERT INTO {$wpdb->postmeta}\n\t\t\t\t(post_id,meta_key,meta_value )\n\t\t\t\tVALUES ('{$post_id}','pressmark-url','{$post_url}' )\n\t\t\t");
}
}
/**
* Process content of CSV file
*
* @since 0.1
**/
public function process_csv()
{
if (isset($_POST['_wpnonce-is-iu-import-users-users-page_import'])) {
check_admin_referer('is-iu-import-users-users-page_import', '_wpnonce-is-iu-import-users-users-page_import');
if (!empty($_FILES['users_csv']['tmp_name'])) {
// Setup settings variables
$filename = $_FILES['users_csv']['tmp_name'];
$password_nag = isset($_POST['password_nag']) ? $_POST['password_nag'] : false;
$users_update = isset($_POST['users_update']) ? $_POST['users_update'] : false;
$new_user_notification = isset($_POST['new_user_notification']) ? $_POST['new_user_notification'] : false;
$results = self::import_csv($filename, array('password_nag' => $password_nag, 'new_user_notification' => $new_user_notification, 'users_update' => $users_update));
// No users imported?
if (!$results['user_ids']) {
wp_redirect(add_query_arg('import', 'fail', wp_get_referer()));
} elseif ($results['errors']) {
wp_redirect(add_query_arg('import', 'errors', wp_get_referer()));
} else {
wp_redirect(add_query_arg('import', 'success', wp_get_referer()));
}
exit;
}
wp_redirect(add_query_arg('import', 'file', wp_get_referer()));
exit;
}
}
public function admin_init()
{
if (!empty($_GET['developer_plugin_reset']) && current_user_can('manage_options')) {
delete_option(self::OPTION);
}
$this->recommended_plugins = array('debug-bar' => array('project_type' => 'all', 'name' => esc_html__('Debug Bar', 'a8c-developer'), 'active' => class_exists('Debug_Bar')), 'debug-bar-console' => array('project_type' => 'all', 'name' => esc_html__('Debug Bar Console', 'a8c-developer'), 'active' => function_exists('debug_bar_console_panel')), 'debug-bar-cron' => array('project_type' => 'all', 'name' => esc_html__('Debug Bar Cron', 'a8c-developer'), 'active' => function_exists('zt_add_debug_bar_cron_panel')), 'debug-bar-extender' => array('project_type' => 'all', 'name' => esc_html__('Debug Bar Extender', 'a8c-developer'), 'active' => class_exists('Debug_Bar_Extender')), 'rewrite-rules-inspector' => array('project_type' => 'all', 'name' => esc_html__('Rewrite Rules Inspector', 'a8c-developer'), 'active' => class_exists('Rewrite_Rules_Inspector')), 'log-deprecated-notices' => array('project_type' => 'all', 'name' => esc_html__('Log Deprecated Notices', 'a8c-developer'), 'active' => class_exists('Deprecated_Log')), 'log-viewer' => array('project_type' => 'all', 'name' => esc_html__('Log Viewer', 'a8c-developer'), 'active' => class_exists('ciLogViewer')), 'vip-scanner' => array('project_type' => 'wpcom-vip', 'name' => esc_html__('VIP Scanner', 'a8c-developer'), 'active' => class_exists('VIP_Scanner')), 'jetpack' => array('project_type' => 'wpcom-vip', 'name' => esc_html__('Jetpack', 'a8c-developer'), 'active' => class_exists('Jetpack')), 'polldaddy' => array('project_type' => 'wpcom-vip', 'name' => esc_html__('Polldaddy Polls & Ratings', 'a8c-developer'), 'active' => class_exists('WP_Polldaddy')), 'monster-widget' => array('project_type' => 'all', 'name' => esc_html__('Monster Widget', 'a8c-developer'), 'active' => class_exists('Monster_Widget')), 'user-switching' => array('project_type' => 'all', 'name' => esc_html__('User Switching', 'a8c-developer'), 'active' => class_exists('user_switching')), 'piglatin' => array('project_type' => array('wporg-theme', 'wporg'), 'name' => esc_html__('Pig Latin', 'a8c-developer'), 'active' => class_exists('PigLatin')), 'rtl-tester' => array('project_type' => 'wporg-theme', 'name' => esc_html__('RTL Tester', 'a8c-developer'), 'active' => class_exists('RTLTester')), 'regenerate-thumbnails' => array('project_type' => 'wporg-theme', 'name' => esc_html__('Regenerate Thumbnails', 'a8c-developer'), 'active' => class_exists('RegenerateThumbnails')), 'simply-show-ids' => array('project_type' => 'wporg-theme', 'name' => esc_html__('Simply Show IDs', 'a8c-developer'), 'active' => function_exists('ssid_add')), 'theme-test-drive' => array('project_type' => 'wporg-theme', 'name' => esc_html__('Theme Test Drive', 'a8c-developer'), 'active' => function_exists('TTD_filters'), 'filename' => 'themedrive.php'), 'theme-check' => array('project_type' => 'wporg-theme', 'name' => esc_html__('Theme Check', 'a8c-developer'), 'active' => function_exists('tc_add_headers')));
if (!self::is_dev_version()) {
$this->recommended_plugins['wordpress-beta-tester'] = array('project_type' => 'all', 'name' => esc_html__('Beta Tester', 'a8c-developer'), 'active' => class_exists('wp_beta_tester'), 'filename' => 'wp-beta-tester.php');
}
$this->recommended_constants = array('WP_DEBUG' => array('project_type' => 'all', 'description' => __('Enables <a href="http://codex.wordpress.org/Debugging_in_WordPress" target="_blank">debug mode</a> which helps identify and resolve issues', 'a8c-developer')), 'SAVEQUERIES' => array('project_type' => 'all', 'description' => esc_html__('Logs database queries to an array so you can review them. The Debug Bar plugin will list out database queries if you set this constant.', 'a8c-developer')), 'JETPACK_DEV_DEBUG' => array('project_type' => 'wpcom-vip', 'description' => __('Enables <a href="http://jetpack.me/2013/03/28/jetpack-dev-mode-release/">Development Mode</a> in Jetpack for testing features without a connection to WordPress.com.', 'a8c-developer')));
register_setting(self::OPTION, self::OPTION, array($this, 'settings_validate'));
wp_register_script('a8c-developer', plugins_url('developer.js', __FILE__), array('jquery'), self::VERSION);
$strings = array('settings_slug' => self::PAGE_SLUG, 'go_to_step_2' => current_user_can('install_plugins') && current_user_can('activate_plugins') && 'direct' == get_filesystem_method() ? 'yes' : 'no', 'lightbox_title' => __('Developer: Plugin Setup', 'a8c-developer'), 'saving' => __('Saving...', 'a8c-developer'), 'installing' => '<img src="images/loading.gif" alt="" /> ' . esc_html__('Installing...', 'a8c-developer'), 'installed' => __('Installed', 'a8c-developer'), 'activating' => '<img src="images/loading.gif" alt="" /> ' . esc_html__('Activating...', 'a8c-developer'), 'activated' => __('Activated', 'a8c-developer'), 'error' => __('Error!', 'a8c-developer'), 'ACTIVE' => __('ACTIVE', 'a8c-developer'), 'INSTALLED' => __('INSTALLED', 'a8c-developer'), 'ERROR' => __('ERROR!', 'a8c-developer'));
wp_localize_script('a8c-developer', 'a8c_developer_i18n', $strings);
wp_register_style('a8c-developer', plugins_url('developer.css', __FILE__), array(), self::VERSION);
// Handle the submission of the lightbox form if step 2 won't be shown
if (!empty($_POST['action']) && 'a8c_developer_lightbox_step_1' == $_POST['action'] && !empty($_POST['a8c_developer_project_type']) && check_admin_referer('a8c_developer_lightbox_step_1')) {
$this->save_project_type($_POST['a8c_developer_project_type']);
add_settings_error('general', 'settings_updated', __('Settings saved.'), 'updated');
}
if (!get_option(self::OPTION)) {
if (!empty($_GET['a8cdev_errorsaving'])) {
add_settings_error(self::PAGE_SLUG, self::PAGE_SLUG . '_error_saving', __('Error saving settings. Please try again.', 'a8c-developer'));
} elseif (!is_network_admin() && current_user_can('manage_options')) {
add_action('admin_enqueue_scripts', array($this, 'load_lightbox_scripts_and_styles'));
add_action('admin_footer', array($this, 'output_setup_box_html'));
}
}
}
/**
* Callback for the menu page from above
* If we are to process an action do it
* Otherwise display the appropriate activate otr deactivate page.
*
* @since Migrate Multisite Files 1.0
*/
function migrate_multisite_files_page()
{
echo '<div class="wrap">';
echo '<h2>' . __('Migrate Multisite Files') . '</h2>';
if (!empty($_POST['action'])) {
// check and then go
check_admin_referer('migrate_multisite_files');
$update_content = isset($_POST['migrate_multisite_files_update_content']) ? true : false;
$migrate_files = isset($_POST['migrate_multisite_files_migrate_files']) ? true : false;
if ($_POST['action'] == 'update') {
migrate_multisite_files_update('update', $update_content, $migrate_files);
}
if ($_POST['action'] == 'undo') {
migrate_multisite_files_update('undo', $update_content, false);
}
} else {
// check our ms files is enabled. If so, then show the ability to undo it
// otherwise allow for us to change it
if (get_site_option('ms_files_rewriting') == 0) {
show_migrate_multisite_files_undo_info();
} else {
show_migrate_multisite_files_update_info();
}
}
echo '</div>';
}
/**
* Process network options
*/
function process_network_settings()
{
if (current_user_can('manage_network')) {
$opts = array('recaptcha_publickey' => 'trim', 'recaptcha_privatekey' => 'trim', 'recaptcha_enable_comments' => 'intval', 'recaptcha_enable_signup' => 'intval', 'recaptcha_enable_login' => 'intval', 'recaptcha_enable_lostpw' => 'intval', 'recaptcha_enable_wc_order' => 'intval', 'recaptcha_disable_for_known_users' => 'intval', 'recaptcha_noscript' => 'intval', 'recaptcha_comment_use_42_filter' => 'intval');
if (array_intersect(array_keys($_POST), array_keys($opts))) {
check_admin_referer('recaptcha-network-settings');
}
$updated = false;
foreach ($opts as $option_name => $sanitize_cb) {
if (isset($_POST[$option_name])) {
$option_value = sanitize_text_field($_POST[$option_name]);
if (is_callable($sanitize_cb)) {
$option_value = call_user_func($sanitize_cb, $_POST[$option_name]);
}
update_site_option($option_name, $option_value);
$updated = true;
}
}
if ($updated) {
$redirect = $this->remove_new_apikey_url(add_query_arg(array('updated' => 'true')));
wp_redirect($redirect);
}
} else {
wp_die('Cheating, uh?');
}
// expecting api keys,
}
function hide_notice()
{
if (isset($_GET['wpupg_hide_new_notice'])) {
check_admin_referer('wpupg_hide_new_notice', 'wpupg_hide_new_notice');
update_user_meta(get_current_user_id(), '_wpupg_hide_new_notice', get_option(WPUltimatePostGrid::get()->pluginName . '_version'));
}
}
function ds_delete_stale()
{
global $wpdb;
$query = "SELECT * FROM {$wpdb->signups} ORDER BY registered DESC";
$results = $wpdb->get_results($query, ARRAY_A);
if (isset($_GET['delete'])) {
$delete = $_GET['delete'];
}
if (isset($_GET['del_stale_active'])) {
$del_stale_active = $_GET['del_stale_active'];
}
if (isset($_GET['del_stale_inactive'])) {
$del_stale_inactive = $_GET['del_stale_inactive'];
}
$location = network_admin_url('users.php?page=act_keys');
if (!empty($delete)) {
check_admin_referer('activation_key');
$wpdb->query("DELETE FROM {$wpdb->signups} WHERE activation_key = '{$delete}'");
echo "<meta http-equiv='refresh' content='0;url={$location}' />";
exit;
}
if (!empty($del_stale_active)) {
check_admin_referer('activation_key');
$wpdb->query("DELETE FROM {$wpdb->signups} WHERE active = 1 AND DATE(registered) < DATE_SUB(curdate(), INTERVAL 30 DAY)");
echo "<meta http-equiv='refresh' content='0;url={$location}' />";
exit;
}
if (!empty($del_stale_inactive)) {
check_admin_referer('activation_key');
$wpdb->query("DELETE FROM {$wpdb->signups} WHERE active = 0 AND DATE(registered) < DATE_SUB(curdate(), INTERVAL 30 DAY)");
echo "<meta http-equiv='refresh' content='0;url={$location}' />";
exit;
}
echo '<div class="wrap">';
echo "<h2>User Activation Keys</h2>";
if ($results) {
echo '<p>The following is a list of user activation keys from $wpdb->signups. Delete a key to allow the username to (re)signup and bypass the "couple days" it takes WP to free up its hold on a user name. You can also manually approve users that for whatever reason have not completed their activation.</p>';
echo '<div class="tablenav"> <span class="alignleft">';
echo '<a class="button-secondary" href="' . wp_nonce_url($location . '&del_stale_active', 'activation_key') . '" class="delete">' . __('Delete stale active signup keys older than 30 days') . '</a>';
echo '<a class="button-secondary" href="' . wp_nonce_url($location . '&del_stale_inactive', 'activation_key') . '" class="delete">' . __('Delete stale inactive signup keys older than 30 days') . '</a>';
echo '</span>';
echo '</div><br class="clear" />';
echo '<table class="widefat"><tbody>';
echo '<thead><th>#</th><th>Registered</th><th>User</th><th>Email</th><th>Approve</th></thead>';
foreach ($results as $rows) {
global $ct;
echo '<tr><td>' . ++$ct . '</td><td>' . $rows['registered'] . '</td><td>' . $rows['user_login'] . '</td><td>' . $rows['user_email'] . '</td>';
if ($rows['active'] != '1') {
echo '<td><a href="' . site_url('wp-activate.php?key=' . $rows['activation_key']) . '" target="_blank">approve</a> | <a href="' . wp_nonce_url($location . '&delete=' . $rows['activation_key'], 'activation_key') . '">delete unused key</a></td>';
} else {
echo '<td>User Activated ' . $rows['activated'] . ' | <a href="' . wp_nonce_url($location . '&delete=' . $rows['activation_key'], 'activation_key') . '">delete uncecessary key</a></td>';
}
echo '</tr>';
}
echo '</tbody></table>';
} else {
echo '<p>No user activation keys in $wpdb->signups. If you delete a user, you should be able to reuse the username immediatley. If the user still had a registration key, it would need to be deleted before you could signup again right away with the same username. You can also manually approve users that for whatever reason have not completed their activation.</p>';
}
echo '</div>';
}
function friends_screen_requests()
{
if (bp_is_action_variable('accept', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_accept_friendship');
if (friends_accept_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship accepted', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be accepted', 'buddypress'), 'error');
}
bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action());
} elseif (bp_is_action_variable('reject', 0) && is_numeric(bp_action_variable(1))) {
// Check the nonce
check_admin_referer('friends_reject_friendship');
if (friends_reject_friendship(bp_action_variable(1))) {
bp_core_add_message(__('Friendship rejected', 'buddypress'));
} else {
bp_core_add_message(__('Friendship could not be rejected', 'buddypress'), 'error');
}
bp_core_redirect(bp_loggedin_user_domain() . bp_current_component() . '/' . bp_current_action());
}
do_action('friends_screen_requests');
if (isset($_GET['new'])) {
bp_core_delete_notifications_by_type(bp_loggedin_user_id(), 'friends', 'friendship_request');
}
bp_core_load_template(apply_filters('friends_template_requests', 'members/single/home'));
}
/**
* Add the custom CSS editor to the admin menu.
*/
function siteorigin_custom_css_admin_menu()
{
add_theme_page(__('Custom CSS', 'vantage'), __('Custom CSS', 'vantage'), 'edit_theme_options', 'siteorigin_custom_css', 'siteorigin_custom_css_page');
if (current_user_can('edit_theme_options') && isset($_POST['siteorigin_custom_css_save'])) {
check_admin_referer('custom_css', '_sononce');
$theme = basename(get_template_directory());
// Sanitize CSS input. Should keep most tags, apart from script and style tags.
$custom_css = siteorigin_custom_css_clean(filter_input(INPUT_POST, 'custom_css'));
$current = get_option('siteorigin_custom_css[' . $theme . ']');
if ($current === false) {
add_option('siteorigin_custom_css[' . $theme . ']', $custom_css, '', 'no');
} else {
update_option('siteorigin_custom_css[' . $theme . ']', $custom_css);
}
// If this has changed, then add a revision.
if ($current != $custom_css) {
$revisions = get_option('siteorigin_custom_css_revisions[' . $theme . ']');
if (empty($revisions)) {
add_option('siteorigin_custom_css_revisions[' . $theme . ']', array(), '', 'no');
$revisions = array();
}
$revisions[time()] = $custom_css;
// Sort the revisions and cut off any old ones.
krsort($revisions);
$revisions = array_slice($revisions, 0, 15, true);
update_option('siteorigin_custom_css_revisions[' . $theme . ']', $revisions);
}
}
}
/**
* Registered callback function for the WordPress Importer
*
* Manages the three separate stages of the WXR import process
*/
function dispatch()
{
$this->header();
$step = empty($_GET['step']) ? 0 : (int) $_GET['step'];
switch ($step) {
case 0:
$this->greet();
break;
case 1:
check_admin_referer('import-upload');
if ($this->handle_upload()) {
$this->import_options();
}
break;
case 2:
check_admin_referer('import-wordpress');
$this->fetch_attachments = !empty($_POST['fetch_attachments']) && $this->allow_fetch_attachments();
$this->id = (int) $_POST['import_id'];
$file = get_attached_file($this->id);
set_time_limit(0);
$this->import($file);
break;
}
$this->footer();
}
/**
* Resets roles to WordPress defaults.
*
* @return void
*/
function backupToolReset()
{
check_admin_referer('capsman-reset-defaults');
require_once ABSPATH . 'wp-admin/includes/schema.php';
if (!function_exists('populate_roles')) {
ak_admin_error(__('Needed function to create default roles not found!', 'capsman-enhanced'));
return;
}
$roles = array_keys(ak_get_roles(true));
foreach ($roles as $role) {
remove_role($role);
}
populate_roles();
$this->cm->setAdminCapability();
$msg = __('Roles and Capabilities reset to WordPress defaults', 'capsman-enhanced');
if (function_exists('pp_populate_roles')) {
pp_populate_roles();
} else {
// force PP to repopulate roles
$pp_ver = get_option('pp_c_version', true);
if ($pp_ver && is_array($pp_ver)) {
$pp_ver['version'] = preg_match("/dev|alpha|beta|rc/i", $pp_ver['version']) ? '0.1-beta' : 0.1;
} else {
$pp_ver = array('version' => '0.1', 'db_version' => '1.0');
}
update_option('pp_c_version', $pp_ver);
delete_option('ppperm_added_role_caps_10beta');
}
ak_admin_notify($msg);
}
