function safecss_init()
{
// Register safecss as a custom post_type
register_post_type('safecss', array('supports' => array('revisions')));
// Short-circuit WP if this is a CSS stylesheet request
if (isset($_GET['custom-css'])) {
header('Content-Type: text/css', true, 200);
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
// 1 year
$blog_id = $_GET['csblog'];
if (is_int($blog_id)) {
switch_to_blog($blog_id);
$current_plugins = apply_filters('active_plugins', get_option('active_plugins'));
}
safecss_print();
exit;
}
// Do migration routine if necessary
if (!empty($_GET['page']) && 'editcss' == $_GET['page'] && is_admin()) {
migrate();
}
add_action('wp_head', 'safecss_style', 101);
if (!current_user_can('switch_themes') && !is_super_admin()) {
return;
}
add_action('admin_menu', 'safecss_menu');
if (isset($_POST['safecss']) && false == strstr($_SERVER['REQUEST_URI'], 'options.php')) {
check_admin_referer('safecss');
// Remove wp_filter_post_kses, this causes CSS escaping issues
remove_filter('content_save_pre', 'wp_filter_post_kses');
remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
remove_all_filters('content_save_pre');
safecss_class();
$csstidy = new csstidy();
$csstidy->optimise = new safecss($csstidy);
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('merge_selectors', false);
$css = $orig = stripslashes($_POST['safecss']);
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $prev = $css);
if ($css != $prev) {
$warnings[] = 'preg_replace found stuff';
}
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = str_replace('<=', '<=', $css);
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($prev = $css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
if ($css != $prev) {
$warnings[] = 'kses found stuff';
}
$csstidy->parse($css);
$css = $csstidy->print->plain();
if (intval($_POST['custom_content_width']) > 0) {
$custom_content_width = intval($_POST['custom_content_width']);
} else {
$custom_content_width = false;
}
if ($_POST['add_to_existing'] == 'true') {
$add_to_existing = 'yes';
} else {
$add_to_existing = 'no';
}
if ('preview' == $_POST['action'] || safecss_is_freetrial()) {
$is_preview = true;
// Save the CSS
save_revision($css, $is_preview);
// Cache Buster
update_option('safecss_preview_rev', intval(get_option('safecss_preview_rev')) + 1);
update_option('safecss_preview_add', $add_to_existing);
update_option('safecss_preview_content_width', $custom_content_width);
wp_redirect(add_query_arg('csspreview', 'true', get_option('home')));
exit;
}
// Save the CSS
save_revision($css);
update_option('safecss_rev', intval(get_option('safecss_rev')) + 1);
update_option('safecss_add', $add_to_existing);
update_option('safecss_content_width', $custom_content_width);
add_action('admin_notices', 'safecss_saved');
}
// Modify all internal links so that preview state persists
if (safecss_is_preview()) {
ob_start('safecss_buffer');
}
}
function safecss_init()
{
define('SAFECSS_USE_ACE', !jetpack_is_mobile() && !Jetpack_User_Agent_Info::is_ipad() && apply_filters('safecss_use_ace', true));
// Register safecss as a custom post_type
// Explicit capability definitions are largely unnecessary because the posts are manipulated in code via an options page, managing CSS revisions does check the capabilities, so let's ensure that the proper caps are checked.
register_post_type('safecss', array('supports' => array('revisions'), 'label' => 'Custom CSS', 'can_export' => false, 'rewrite' => false, 'capabilities' => array('edit_post' => 'edit_theme_options', 'read_post' => 'read', 'delete_post' => 'edit_theme_options', 'edit_posts' => 'edit_theme_options', 'edit_others_posts' => 'edit_theme_options', 'publish_posts' => 'edit_theme_options', 'read_private_posts' => 'read')));
// Short-circuit WP if this is a CSS stylesheet request
if (isset($_GET['custom-css'])) {
header('Content-Type: text/css', true, 200);
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
// 1 year
safecss_print();
exit;
}
if (isset($_GET['page']) && 'editcss' == $_GET['page'] && is_admin()) {
// Do migration routine if necessary
migrate();
do_action('safecss_migrate_post');
}
add_action('wp_head', 'safecss_style', 101);
if (!current_user_can('switch_themes') && !is_super_admin()) {
return;
}
add_action('admin_menu', 'safecss_menu');
if (isset($_POST['safecss']) && false == strstr($_SERVER['REQUEST_URI'], 'options.php')) {
check_admin_referer('safecss');
// Remove wp_filter_post_kses, this causes CSS escaping issues
remove_filter('content_save_pre', 'wp_filter_post_kses');
remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
remove_all_filters('content_save_pre');
do_action('safecss_save_pre');
$warnings = array();
safecss_class();
$csstidy = new csstidy();
$csstidy->optimise = new safecss($csstidy);
$csstidy->set_cfg('remove_bslash', false);
$csstidy->set_cfg('compress_colors', false);
$csstidy->set_cfg('compress_font-weight', false);
$csstidy->set_cfg('optimise_shorthands', 0);
$csstidy->set_cfg('remove_last_;', false);
$csstidy->set_cfg('case_properties', false);
$csstidy->set_cfg('discard_invalid_properties', true);
$csstidy->set_cfg('css_level', 'CSS3.0');
$csstidy->set_cfg('preserve_css', true);
$csstidy->set_cfg('template', dirname(__FILE__) . '/csstidy/wordpress-standard.tpl');
$css = $orig = stripslashes($_POST['safecss']);
$css = preg_replace('/\\\\([0-9a-fA-F]{4})/', '\\\\\\\\$1', $prev = $css);
if ($css != $prev) {
$warnings[] = 'preg_replace found stuff';
}
// Some people put weird stuff in their CSS, KSES tends to be greedy
$css = str_replace('<=', '<=', $css);
// Why KSES instead of strip_tags? Who knows?
$css = wp_kses_split($prev = $css, array(), array());
$css = str_replace('>', '>', $css);
// kses replaces lone '>' with >
// Why both KSES and strip_tags? Because we just added some '>'.
$css = strip_tags($css);
if ($css != $prev) {
$warnings[] = 'kses found stuff';
}
do_action('safecss_parse_pre', $csstidy, $css);
$csstidy->parse($css);
do_action('safecss_parse_post', $csstidy, $warnings);
$css = $csstidy->print->plain();
if (isset($_POST['custom_content_width']) && intval($_POST['custom_content_width']) > 0) {
$custom_content_width = intval($_POST['custom_content_width']);
} else {
$custom_content_width = false;
}
if ($_POST['add_to_existing'] == 'true') {
$add_to_existing = 'yes';
} else {
$add_to_existing = 'no';
}
if ($_POST['action'] == 'preview' || safecss_is_freetrial()) {
// Save the CSS
$safecss_revision_id = save_revision($css, true);
// Cache Buster
update_option('safecss_preview_rev', intval(get_option('safecss_preview_rev')) + 1);
update_metadata('post', $safecss_revision_id, 'custom_css_add', $add_to_existing);
update_metadata('post', $safecss_revision_id, 'content_width', $custom_content_width);
if ($_POST['action'] == 'preview') {
wp_safe_redirect(add_query_arg('csspreview', 'true', get_option('home')));
exit;
}
do_action('safecss_save_preview_post');
}
// Save the CSS
$safecss_post_id = save_revision($css);
$safecss_post_revision = get_current_revision();
update_option('safecss_rev', intval(get_option('safecss_rev')) + 1);
update_post_meta($safecss_post_id, 'custom_css_add', $add_to_existing);
update_post_meta($safecss_post_id, 'content_width', $custom_content_width);
update_metadata('post', $safecss_post_revision['ID'], 'custom_css_add', $add_to_existing);
update_metadata('post', $safecss_post_revision['ID'], 'content_width', $custom_content_width);
add_action('admin_notices', 'safecss_saved');
}
// Modify all internal links so that preview state persists
if (safecss_is_preview()) {
ob_start('safecss_buffer');
}
}
