exit; } global $wpseo_admin_pages; $options = get_site_option('wpseo_ms'); if (isset($_POST['wpseo_submit'])) { check_admin_referer('wpseo-network-settings'); foreach (array('access', 'defaultblog') as $opt) { $options[$opt] = $_POST['wpseo_ms'][$opt]; } WPSEO_Options::update_site_option('wpseo_ms', $options); add_settings_error('wpseo_ms', 'settings_updated', __('Settings Updated.', 'wordpress-seo'), 'updated'); } if (isset($_POST['wpseo_restore_blog'])) { check_admin_referer('wpseo-network-restore'); if (isset($_POST['wpseo_ms']['restoreblog']) && is_numeric($_POST['wpseo_ms']['restoreblog'])) { $restoreblog = (int) WPSEO_Option::validate_int($_POST['wpseo_ms']['restoreblog']); $blog = get_blog_details($restoreblog); if ($blog) { WPSEO_Options::reset_ms_blog($restoreblog); add_settings_error('wpseo_ms', 'settings_updated', sprintf(__('%s restored to default SEO settings.', 'wordpress-seo'), esc_html($blog->blogname)), 'updated'); } else { add_settings_error('wpseo_ms', 'settings_updated', sprintf(__('Blog %s not found.', 'wordpress-seo'), esc_html($restoreblog)), 'error'); } unset($restoreblog); } } /* Set up selectbox dropdowns for smaller networks (usability) */ $use_dropdown = true; if (get_blog_count() > 100) { $use_dropdown = false; } else {
/** * Validate the post meta values * * @static * * @param mixed $meta_value The new value * @param string $meta_key The full meta key (including prefix) * @return string Validated meta value */ public static function sanitize_post_meta($meta_value, $meta_key) { $field_def = self::$meta_fields[self::$fields_index[$meta_key]['subset']][self::$fields_index[$meta_key]['key']]; $clean = self::$defaults[$meta_key]; switch (true) { case $meta_key === self::$meta_prefix . 'linkdex': $int = WPSEO_Option::validate_int($meta_value); if ($int !== false && $int >= 0) { $clean = strval($int); // Convert to string to make sure default check works } break; case $field_def['type'] === 'checkbox': // Only allow value if it's one of the predefined options if (in_array($meta_value, array('on', 'off'), true)) { $clean = $meta_value; } break; case $field_def['type'] === 'select' || $field_def['type'] === 'radio': // Only allow value if it's one of the predefined options if (isset($field_def['options'][$meta_value])) { $clean = $meta_value; } break; case $field_def['type'] === 'multiselect' && $meta_key === self::$meta_prefix . 'meta-robots-adv': $clean = self::validate_meta_robots_adv($meta_value); break; case $field_def['type'] === 'text' && $meta_key === self::$meta_prefix . 'canonical': case $field_def['type'] === 'text' && $meta_key === self::$meta_prefix . 'redirect': // Validate as url(-part) $url = WPSEO_Option::sanitize_url($meta_value); if ($url !== '') { $clean = $url; } break; case $field_def['type'] === 'upload' && $meta_key === self::$meta_prefix . 'opengraph-image': // Validate as url $url = WPSEO_Option::sanitize_url($meta_value, array('http', 'https', 'ftp', 'ftps')); if ($url !== '') { $clean = $url; } break; case $field_def['type'] === 'textarea': if (is_string($meta_value)) { // Remove line breaks and tabs // @todo [JRF => Yoast] verify that line breaks and the likes aren't allowed/recommended in meta header fields $meta_value = str_replace(array("\n", "\r", "\t", ' '), ' ', $meta_value); $clean = WPSEO_Option::sanitize_text_field(trim($meta_value)); } break; case 'multiselect' === $field_def['type']: $clean = $meta_value; break; case $field_def['type'] === 'text': default: if (is_string($meta_value)) { $clean = WPSEO_Option::sanitize_text_field(trim($meta_value)); } break; } $clean = apply_filters('wpseo_sanitize_post_meta_' . $meta_key, $clean, $meta_value, $field_def, $meta_key); return $clean; }
/** * Returns post in metabox context * * @returns WP_Post */ private function get_metabox_post() { if (isset($_GET['post'])) { $post_id = (int) WPSEO_Option::validate_int($_GET['post']); $post = get_post($post_id); } else { global $post; } return $post; }
/** * Generate a snippet preview. * * @return string */ function snippet() { if (isset($_GET['post'])) { $post_id = (int) WPSEO_Option::validate_int($_GET['post']); $post = get_post($post_id); } else { global $post; } $options = WPSEO_Options::get_all(); $date = ''; if (is_object($post) && isset($options['showdate-' . $post->post_type]) && $options['showdate-' . $post->post_type] === true) { $date = $this->get_post_date($post); } $title = self::get_value('title'); $desc = self::get_value('metadesc'); $slug = is_object($post) && isset($post->post_name) ? $post->post_name : ''; if ($slug !== '') { $slug = sanitize_title($title); } if (is_string($date) && $date !== '') { $datestr = '<span class="date">' . $date . ' - </span>'; } else { $datestr = ''; } $content = '<div id="wpseosnippet"> <a class="title" id="wpseosnippet_title" href="#">' . esc_html($title) . '</a>'; $content .= '<span class="url">' . str_replace('http://', '', get_bloginfo('url')) . '/' . esc_html($slug) . '/</span>'; $content .= '<p class="desc">' . $datestr . '<span class="autogen"></span><span class="content">' . esc_html($desc) . '</span></p>'; $content .= '</div>'; $content = apply_filters('wpseo_snippet', $content, $post, compact('title', 'desc', 'date', 'slug')); return $content; }
/** * Fallback function for WP SEO functionality, Validate INT * * @param $string * * @return mixed */ public static function yoast_wpseo_video_validate_int($string) { if (method_exists('WPSEO_Utils', 'validate_int')) { return WPSEO_Utils::validate_int($string); } return WPSEO_Option::validate_int($string); }