public function onAdminMenu() { GooglePublisherPluginUtils::checkAdminRights(); global $wp_version; // Admin menu contains an iframe showing publisherplugin.google.com. // The iframe can communicate with the main page through window.postMessage // API, these are managed in admin.js. $parameters = array(); $parameters['site'] = get_home_url(); $parameters['siteId'] = $this->configuration->getSiteId(); $parameters['adminUrl'] = admin_url(self::ADMIN_PAGE_LOCATION); $parameters['version'] = $this->plugin_version; $parameters['wp_version'] = $wp_version; $parameters['hl'] = get_locale(); $show_get_started = $this->show_get_started; $start_url = self::PUBLISHER_PLUGIN_FRONTEND_URL . '/start?' . http_build_query($parameters); $iframe_url = self::PUBLISHER_PLUGIN_FRONTEND_URL . '?' . http_build_query($parameters); $javascript_url = plugins_url('js/admin.js?ver=' . filter_var($this->plugin_version, FILTER_SANITIZE_STRING), __FILE__); $environment = $this->getEnvironmentData(); $cmsCommandNonce = wp_create_nonce(self::CMS_COMMAND_ACTION); include 'AdminTemplate.php'; }
/** * Processes a CMS command sent from publisherplugin.google.com using the * postMessage API. * * @return mixed Void on success, or a string describing the error on failure. */ public function handleCmsCommandAction() { GooglePublisherPluginUtils::checkAdminRights(); // Reject invalid nonces and nonces that are generated more than // 12 hours ago. if (wp_verify_nonce($_REQUEST['_wpnonce'], GooglePublisherPluginAdmin::CMS_COMMAND_ACTION) != 1) { GooglePublisherPluginUtils::dieSilently(); return; } if (!array_key_exists(self::CMS_COMMAND_PARAM, $_REQUEST)) { return 'Missing param'; } $param = $_REQUEST[self::CMS_COMMAND_PARAM]; // If magic quotes are enabled we need to undo what it did. if (get_magic_quotes_gpc()) { $param = stripslashes($param); } if (array_key_exists(self::CMS_COMMAND, $_REQUEST)) { switch ($_REQUEST[self::CMS_COMMAND]) { case self::CMS_COMMAND_SET_SITE_CONFIG: return $this->configuration->updateConfig($param); case self::CMS_COMMAND_WRITE_SITE_DATA: return $this->handleWriteSiteDataAction($param); } return 'Unknown command'; } return 'Missing command'; }
/** * Runs an action requested through URL or POST parameters. * * @param string $action The action to run. */ public function runAction($action) { switch ($action) { case self::ACTION_PREVIEW: add_filter('show_admin_bar', '__return_false'); break; case self::ACTION_VERIFY: GooglePublisherPluginUtils::checkAdminRights(); $this->admin->setShowGetStarted(false); break; case self::ACTION_TRIGGER_UPDATE: $this->updater->doUpdate(); break; case self::CMS_COMMAND_ACTION: echo esc_html($this->handleCmsCommandAction()); GooglePublisherPluginUtils::dieSilently(); break; } }
/** * Processes a CMS command sent from publisherplugin.google.com using the * postMessage API. * * @return mixed Void on success, or a string describing the error on failure. */ public function handleCmsCommandAction() { GooglePublisherPluginUtils::checkAdminRights(); // Reject invalid nonces. if (!isset($_REQUEST['_wpnonce']) || !wp_verify_nonce($_REQUEST['_wpnonce'], GooglePublisherPluginAdmin::CMS_COMMAND_ACTION)) { GooglePublisherPluginUtils::dieSilently(); return; } $param = $this->getCommandParam(); if (array_key_exists(self::CMS_COMMAND, $_REQUEST)) { switch ($_REQUEST[self::CMS_COMMAND]) { // @codingStandardsIgnoreStart case self::CMS_COMMAND_SET_SITE_CONFIG: if (is_null($param)) { return 'Missing param'; } return $this->configuration->updateConfig($param); case self::CMS_COMMAND_WRITE_SITE_DATA: if (is_null($param)) { return 'Missing param'; } return $this->handleWriteSiteDataAction($param); // @codingStandardsIgnoreEnd // @codingStandardsIgnoreEnd case self::CMS_COMMAND_CHECK_UPDATE_SUPPORT: return self::CMS_COMMAND_SUCCESS . '::' . $this->updater->getUpdateSupport(); } return 'Unknown command'; } return 'Missing command'; }