/** * PHP shortcode to process PHP in posts * * @global object $openhook Main OpenHook class object */ public function php($atts, $content = null) { global $openhook; # Only process this shortcode if the author of the post has the authority $auth = $openhook->get_auth_level(); if (author_can(get_the_ID(), $auth)) { # Buffer the output of the PHP as we don't want to echo anything here ob_start(); eval("?>{$content}<?php "); return ob_get_clean(); } else { return ''; } }
/** * The {@link do_shortcode()} callback function. * * Attempts to convert a URL into embed HTML. Starts by checking the URL against the regex of the registered embed handlers. * If none of the regex matches and it's enabled, then the URL will be given to the {@link WP_oEmbed} class. * * @param array $attr { * Shortcode attributes. Optional. * * @type int $width Width of the embed in pixels. * @type int $height Height of the embed in pixels. * } * @param string $url The URL attempting to be embedded. * @return string|false The embed HTML on success, otherwise the original URL. * `->maybe_make_link()` can return false on failure. */ public function shortcode($attr, $url = '') { $post = get_post(); if (empty($url) && !empty($attr['src'])) { $url = $attr['src']; } $this->last_url = $url; if (empty($url)) { $this->last_attr = $attr; return ''; } $rawattr = $attr; $attr = wp_parse_args($attr, wp_embed_defaults($url)); $this->last_attr = $attr; // kses converts & into & and we need to undo this // See https://core.trac.wordpress.org/ticket/11311 $url = str_replace('&', '&', $url); // Look for known internal handlers ksort($this->handlers); foreach ($this->handlers as $priority => $handlers) { foreach ($handlers as $id => $handler) { if (preg_match($handler['regex'], $url, $matches) && is_callable($handler['callback'])) { if (false !== ($return = call_user_func($handler['callback'], $matches, $attr, $url, $rawattr))) { /** * Filter the returned embed handler. * * @since 2.9.0 * * @see WP_Embed::shortcode() * * @param mixed $return The shortcode callback function to call. * @param string $url The attempted embed URL. * @param array $attr An array of shortcode attributes. */ return apply_filters('embed_handler_html', $return, $url, $attr); } } } } $post_ID = !empty($post->ID) ? $post->ID : null; if (!empty($this->post_ID)) { // Potentially set by WP_Embed::cache_oembed() $post_ID = $this->post_ID; } // Unknown URL format. Let oEmbed have a go. if ($post_ID) { // Check for a cached result (stored in the post meta) $key_suffix = md5($url . serialize($attr)); $cachekey = '_oembed_' . $key_suffix; $cachekey_time = '_oembed_time_' . $key_suffix; /** * Filter the oEmbed TTL value (time to live). * * @since 4.0.0 * * @param int $time Time to live (in seconds). * @param string $url The attempted embed URL. * @param array $attr An array of shortcode attributes. * @param int $post_ID Post ID. */ $ttl = apply_filters('oembed_ttl', DAY_IN_SECONDS, $url, $attr, $post_ID); $cache = get_post_meta($post_ID, $cachekey, true); $cache_time = get_post_meta($post_ID, $cachekey_time, true); if (!$cache_time) { $cache_time = 0; } $cached_recently = time() - $cache_time < $ttl; if ($this->usecache || $cached_recently) { // Failures are cached. Serve one if we're using the cache. if ('{{unknown}}' === $cache) { return $this->maybe_make_link($url); } if (!empty($cache)) { /** * Filter the cached oEmbed HTML. * * @since 2.9.0 * * @see WP_Embed::shortcode() * * @param mixed $cache The cached HTML result, stored in post meta. * @param string $url The attempted embed URL. * @param array $attr An array of shortcode attributes. * @param int $post_ID Post ID. */ return apply_filters('embed_oembed_html', $cache, $url, $attr, $post_ID); } } /** * Filter whether to inspect the given URL for discoverable link tags. * * @since 2.9.0 * * @see WP_oEmbed::discover() * * @param bool $enable Whether to enable `<link>` tag discovery. Default false. */ $attr['discover'] = apply_filters('embed_oembed_discover', false) && author_can($post_ID, 'unfiltered_html'); // Use oEmbed to get the HTML $html = wp_oembed_get($url, $attr); // Maybe cache the result if ($html) { update_post_meta($post_ID, $cachekey, $html); update_post_meta($post_ID, $cachekey_time, time()); } elseif (!$cache) { update_post_meta($post_ID, $cachekey, '{{unknown}}'); } // If there was a result, return it if ($html) { /** This filter is documented in wp-includes/class-wp-embed.php */ return apply_filters('embed_oembed_html', $html, $url, $attr, $post_ID); } } // Still unknown return $this->maybe_make_link($url); }
/** * The {@link do_shortcode()} callback function. * * Attempts to convert a URL into embed HTML. Starts by checking the URL against the regex of the registered embed handlers. * If none of the regex matches and it's enabled, then the URL will be given to the {@link WP_oEmbed} class. * * @uses wp_oembed_get() * @uses wp_parse_args() * @uses wp_embed_defaults() * @uses WP_Embed::maybe_make_link() * @uses get_option() * @uses current_user_can() * @uses wp_cache_get() * @uses wp_cache_set() * @uses get_post_meta() * @uses update_post_meta() * * @param array $attr Shortcode attributes. * @param string $url The URL attempting to be embedded. * @return string The embed HTML on success, otherwise the original URL. */ function shortcode($attr, $url = '') { global $post; if (empty($url)) { return ''; } $rawattr = $attr; $attr = wp_parse_args($attr, wp_embed_defaults()); // kses converts & into & and we need to undo this // See http://core.trac.wordpress.org/ticket/11311 $url = str_replace('&', '&', $url); // Look for known internal handlers ksort($this->handlers); foreach ($this->handlers as $priority => $handlers) { foreach ($handlers as $id => $handler) { if (preg_match($handler['regex'], $url, $matches) && is_callable($handler['callback'])) { if (false !== ($return = call_user_func($handler['callback'], $matches, $attr, $url, $rawattr))) { return apply_filters('embed_handler_html', $return, $url, $attr); } } } } $post_ID = !empty($post->ID) ? $post->ID : null; if (!empty($this->post_ID)) { // Potentially set by WP_Embed::cache_oembed() $post_ID = $this->post_ID; } // Unknown URL format. Let oEmbed have a go. if ($post_ID) { // Check for a cached result (stored in the post meta) $cachekey = '_oembed_' . md5($url . serialize($attr)); if ($this->usecache) { $cache = get_post_meta($post_ID, $cachekey, true); // Failures are cached if ('{{unknown}}' === $cache) { return $this->maybe_make_link($url); } if (!empty($cache)) { return apply_filters('embed_oembed_html', $cache, $url, $attr, $post_ID); } } // Use oEmbed to get the HTML $attr['discover'] = apply_filters('embed_oembed_discover', false) && author_can($post_ID, 'unfiltered_html'); $html = wp_oembed_get($url, $attr); // Cache the result $cache = $html ? $html : '{{unknown}}'; update_post_meta($post_ID, $cachekey, $cache); // If there was a result, return it if ($html) { return apply_filters('embed_oembed_html', $html, $url, $attr, $post_ID); } } // Still unknown return $this->maybe_make_link($url); }
function shortcode($attr, $url = '') { global $post; if (empty($url)) { return ''; } $rawattr = $attr; $attr = wp_parse_args($attr, wp_embed_defaults()); // kses converts & into & and we need to undo this // See http://core.trac.wordpress.org/ticket/11311 $url = str_replace('&', '&', $url); // Look for known internal handlers ksort($this->handlers); foreach ($this->handlers as $priority => $handlers) { foreach ($handlers as $id => $handler) { if (preg_match($handler['regex'], $url, $matches) && is_callable($handler['callback'])) { if (false !== ($return = call_user_func($handler['callback'], $matches, $attr, $url, $rawattr))) { return apply_filters('embed_handler_html', $return, $url, $attr); } } } } $transient_name = $this->widget_id . '_' . md5($url); // Store the value of the disable_related option. // If it changes we need to clear transient data containing the html // and update the transient containing the disable_related value $related_transient = get_transient($transient_name . '_related'); if (false !== $related_transient && $related_transient != $this->disable_related) { delete_transient($transient_name); set_transient($transient_name . '_related', $this->disable_related, 60 * 60 * 12); } $transient = get_transient($transient_name); // return the transient html value if its available if (false !== $transient) { return apply_filters('embed_oembed_html', $transient, $url, $attr, $post_ID); } // Use oEmbed to get the HTML $attr['discover'] = apply_filters('embed_oembed_discover', false) && author_can($post_ID, 'unfiltered_html'); $html = wp_oembed_get($url, $attr); // If there was a result, return it if ($html) { // if 'youtube' is found in the html and disable related is true, add rel=0 paramater if (false !== strpos($html, 'youtube') && true == $this->disable_related) { $html = $this->disable_youtube_related($html); } set_transient($transient_name, $html, 60 * 60 * 12); // We need to know if the disable_related value of this widget changes // and clear transient data when it does set_transient($transient_name . '_related', $this->disable_related, 60 * 60 * 12); return apply_filters('embed_oembed_html', $html, $url, $attr, $post_ID); } return $this->maybe_make_link($url); }
function Shortcode_handler($atts, $content, $code) { // Check if in RSS feed if (is_feed() && !WPShortcodeExecPHP::Get_option(c_scep_option_rss)) { return '[' . $code . ']' . ($content ? $content . '[/' . $code . ']' : ''); } // Security check global $post; global $in_comment_loop; if (!in_the_loop() || !empty($in_comment_loop) || author_can($post, WPShortcodeExecPHP::Get_option(c_scep_option_author_cap))) { // Log last used parameters if ($atts) { WPShortcodeExecPHP::Update_option(c_scep_option_param . $code, $atts); } else { WPShortcodeExecPHP::Delete_option(c_scep_option_param . $code); } $buffer = WPShortcodeExecPHP::Get_option(c_scep_option_buffer . $code); if ($buffer) { ob_start(); } $result = eval(WPShortcodeExecPHP::Get_option(c_scep_option_phpcode . $code)); if ($buffer) { $output = ob_get_contents(); ob_end_clean(); } else { $output = ''; } return $output . $result; } else { return '[' . $code . ']?'; } }
/** * The {@link do_shortcode()} callback function. * * Attempts to convert a URL into embed HTML. Starts by checking the URL against the regex of the registered embed handlers. * If none of the regex matches and it's enabled, then the URL will be given to the {@link WP_oEmbed} class. * * @uses wp_oembed_get() * @uses wp_parse_args() * @uses wp_embed_defaults() * @uses WP_Embed::maybe_make_link() * @uses get_option() * @uses current_user_can() * @uses wp_cache_get() * @uses wp_cache_set() * @uses get_post_meta() * @uses update_post_meta() * * @param array $attr Shortcode attributes. * @param string $url The URL attempting to be embeded. * @return string The embed HTML on success, otherwise the original URL. */ function shortcode($attr, $url = '') { global $post, $_wp_using_ext_object_cache; if (empty($url)) { return ''; } $rawattr = $attr; $attr = wp_parse_args($attr, wp_embed_defaults()); // Look for known internal handlers ksort($this->handlers); foreach ($this->handlers as $priority => $handlers) { foreach ($handlers as $id => $handler) { if (preg_match($handler['regex'], $url, $matches) && is_callable($handler['callback'])) { if (false !== ($return = call_user_func($handler['callback'], $matches, $attr, $url, $rawattr))) { return $return; } } } } $post_ID = !empty($post->ID) ? $post->ID : null; if (!empty($this->post_ID)) { // Potentially set by WP_Embed::cache_oembed() $post_ID = $this->post_ID; } // Unknown URL format. Let oEmbed have a go. if ($post_ID && get_option('embed_useoembed')) { // Check for a cached result (stored in the post meta) $cachekey = '_oembed_' . md5($url . implode('|', $attr)); if ($this->usecache) { $cache = $_wp_using_ext_object_cache ? wp_cache_get("{$post_ID}_{$cachekey}", 'oembed') : get_post_meta($post_ID, $cachekey, true); // Failures are cached if ('{{unknown}}' === $cache) { return $this->maybe_make_link($url); } if (!empty($cache)) { return $cache; } } // Use oEmbed to get the HTML $attr['discover'] = author_can($post_ID, 'unfiltered_html'); $html = wp_oembed_get($url, $attr); // Cache the result $cache = $html ? $html : '{{unknown}}'; if ($_wp_using_ext_object_cache) { wp_cache_set("{$post_ID}_{$cachekey}", $cache, 'oembed'); } else { update_post_meta($post_ID, $cachekey, $cache); } // If there was a result, return it if ($html) { return $html; } } // Still unknown return $this->maybe_make_link($url); }
/** * The {@link do_shortcode()} callback function. * * Attempts to convert a URL into embed HTML. Starts by checking the URL against the regex of the registered embed handlers. * If none of the regex matches and it's enabled, then the URL will be given to the {@link WP_oEmbed} class. * * @uses wp_oembed_get() * @uses wp_parse_args() * @uses wp_embed_defaults() * @uses WP_Embed::maybe_make_link() * @uses get_option() * @uses author_can() * @uses wp_cache_get() * @uses wp_cache_set() * @uses get_post_meta() * @uses update_post_meta() * * @param array $attr Shortcode attributes. * @param string $url The URL attempting to be embedded. * @return string The embed HTML on success, otherwise the original URL. */ function shortcode( $attr, $url = '' ) { $post = get_post(); if ( empty( $url ) ) return ''; $rawattr = $attr; $attr = wp_parse_args( $attr, wp_embed_defaults() ); // kses converts & into & and we need to undo this // See http://core.trac.wordpress.org/ticket/11311 $url = str_replace( '&', '&', $url ); // Look for known internal handlers ksort( $this->handlers ); foreach ( $this->handlers as $priority => $handlers ) { foreach ( $handlers as $id => $handler ) { if ( preg_match( $handler['regex'], $url, $matches ) && is_callable( $handler['callback'] ) ) { if ( false !== $return = call_user_func( $handler['callback'], $matches, $attr, $url, $rawattr ) ) /** * Filter the returned embed handler. * * @since 2.9.0 * * @param mixed $return The shortcode callback function to call. * @param string $url The attempted embed URL. * @param array $attr An array of shortcode attributes. */ return apply_filters( 'embed_handler_html', $return, $url, $attr ); } } } $post_ID = ( ! empty( $post->ID ) ) ? $post->ID : null; if ( ! empty( $this->post_ID ) ) // Potentially set by WP_Embed::cache_oembed() $post_ID = $this->post_ID; // Unknown URL format. Let oEmbed have a go. if ( $post_ID ) { // Check for a cached result (stored in the post meta) $cachekey = '_oembed_' . md5( $url . serialize( $attr ) ); if ( $this->usecache ) { $cache = get_post_meta( $post_ID, $cachekey, true ); // Failures are cached if ( '{{unknown}}' === $cache ) return $this->maybe_make_link( $url ); if ( ! empty( $cache ) ) /** * Filter the cached oEmbed HTML. * * @since 2.9.0 * * @param mixed $cache The cached HTML result, stored in post meta. * @param string $url The attempted embed URL. * @param array $attr An array of shortcode attributes. * @param int $post_ID Post ID. */ return apply_filters( 'embed_oembed_html', $cache, $url, $attr, $post_ID ); } /** * Filter whether to inspect the given URL for discoverable <link> tags. * * @see WP_oEmbed::discover() * * @param bool false Whether to enable <link> tag discovery. Default false. */ $attr['discover'] = ( apply_filters( 'embed_oembed_discover', false ) && author_can( $post_ID, 'unfiltered_html' ) ); // Use oEmbed to get the HTML $html = wp_oembed_get( $url, $attr ); // Cache the result $cache = ( $html ) ? $html : '{{unknown}}'; update_post_meta( $post_ID, $cachekey, $cache ); // If there was a result, return it if ( $html ) { /** This filter is documented in wp-includes/class-wp-embed.php */ return apply_filters( 'embed_oembed_html', $html, $url, $attr, $post_ID ); } } // Still unknown return $this->maybe_make_link( $url ); }