/**
* Display "Are You Sure" message to confirm the action being taken.
*
* If the action has the nonce explain message, then it will be displayed
* along with the "Are you sure?" message.
*
* @since 0.0.1
*
* @param string $action The nonce action.
*/
function hq_nonce_ays($action)
{
if ('log-out' == $action) {
$html = sprintf(__('You are attempting to log out of %s'), get_bloginfo('name')) . '</p><p>';
$redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
$html .= sprintf(__("Do you really want to <a href='%s'>log out</a>?"), hq_logout_url($redirect_to));
} else {
$html = __('Are you sure you want to do this?');
if (hq_get_referer()) {
$html .= "</p><p><a href='" . esc_url(remove_query_arg('updated', hq_get_referer())) . "'>" . __('Please try again.') . "</a>";
}
}
hq_die($html, __('HiveQueen Failure Notice'), 403);
}
?>
</a></p>
<?php
} elseif (!$php_compat || !$mysql_compat) {
if (!$mysql_compat && !$php_compat) {
printf(__('You cannot update because <a href="://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires PHP version %2$s or higher and MySQL version %3$s or higher. You are running PHP version %4$s and MySQL version %5$s.'), $hq_version, $required_php_version, $required_mysql_version, $php_version, $mysql_version);
} elseif (!$php_compat) {
printf(__('You cannot update because <a href="https://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires PHP version %2$s or higher. You are running version %3$s.'), $hq_version, $required_php_version, $php_version);
} elseif (!$mysql_compat) {
printf(__('You cannot update because <a href="https://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires MySQL version %2$s or higher. You are running version %3$s.'), $hq_version, $required_mysql_version, $mysql_version);
}
} else {
switch ($step) {
case 0:
$goback = hq_get_referer();
if ($goback) {
$goback = esc_url_raw($goback);
$goback = urlencode($goback);
}
?>
<h2><?php
_e('Database Update Required');
?>
</h2>
<p><?php
_e('HiveQueen has been updated! Before we send you on your way, we have to update your database to the newest version.');
?>
</p>
<p><?php
_e('The update process may take a little while, so please be patient.');
/**
* Saves option for number of rows when listing posts, pages, comments, etc.
*
* @since 0.0.1
*/
function set_screen_options()
{
if (isset($_POST['hq_screen_options']) && is_array($_POST['hq_screen_options'])) {
check_admin_referer('screen-options-nonce', 'screenoptionnonce');
if (!($user = hq_get_current_user())) {
return;
}
$option = $_POST['hq_screen_options']['option'];
$value = $_POST['hq_screen_options']['value'];
if ($option != sanitize_key($option)) {
return;
}
$map_option = $option;
$type = str_replace('edit_', '', $map_option);
$type = str_replace('_per_page', '', $type);
if (in_array($type, get_taxonomies())) {
$map_option = 'edit_tags_per_page';
} elseif (in_array($type, get_post_types())) {
$map_option = 'edit_per_page';
} else {
$option = str_replace('-', '_', $option);
}
switch ($map_option) {
case 'edit_per_page':
case 'users_per_page':
case 'edit_comments_per_page':
case 'upload_per_page':
case 'edit_tags_per_page':
case 'plugins_per_page':
// Network admin
// Network admin
case 'sites_network_per_page':
case 'users_network_per_page':
case 'site_users_network_per_page':
case 'plugins_network_per_page':
case 'themes_network_per_page':
case 'site_themes_network_per_page':
$value = (int) $value;
if ($value < 1 || $value > 999) {
return;
}
break;
default:
/**
* Filter a screen option value before it is set.
*
* The filter can also be used to modify non-standard [items]_per_page
* settings. See the parent function for a full list of standard options.
*
* Returning false to the filter will skip saving the current option.
*
* @since 0.0.1
*
* @see set_screen_options()
*
* @param bool|int $value Screen option value. Default false to skip.
* @param string $option The option name.
* @param int $value The number of rows to use.
*/
$value = apply_filters('set-screen-option', false, $option, $value);
if (false === $value) {
return;
}
break;
}
update_user_meta($user->ID, $option, $value);
hq_safe_redirect(remove_query_arg(array('pagenum', 'apage', 'paged'), hq_get_referer()));
exit;
}
}
/**
* Makes sure that a user was referred from another admin page.
*
* To avoid security exploits.
*
* @since 0.0.1
*
* @param int|string $action Action nonce.
* @param string $query_arg Optional. Key to check for nonce in `$_REQUEST` (since 2.5).
* Default '_hqnonce'.
* @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
* 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
*/
function check_admin_referer($action = -1, $query_arg = '_hqnonce')
{
if (-1 == $action) {
_doing_it_wrong(__FUNCTION__, __('You should specify a nonce action to be verified by using the first parameter.'), '3.2');
}
$adminurl = strtolower(admin_url());
$referer = strtolower(hq_get_referer());
$result = isset($_REQUEST[$query_arg]) ? hq_verify_nonce($_REQUEST[$query_arg], $action) : false;
/**
* Fires once the admin request has been validated or not.
*
* @since 0.0.1
*
* @param string $action The nonce action.
* @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
* 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
*/
do_action('check_admin_referer', $action, $result);
if (!$result && !(-1 == $action && strpos($referer, $adminurl) === 0)) {
hq_nonce_ays($action);
die;
}
return $result;
}
require_once ABSPATH . HQINC . '/class-phpass.php';
$hasher = new PasswordHash(8, true);
/**
* Filter the life span of the post password cookie.
*
* By default, the cookie expires 10 days from creation. To turn this
* into a session cookie, return 0.
*
* @since 0.0.1
*
* @param int $expires The expiry time, as passed to setcookie().
*/
$expire = apply_filters('post_password_expires', time() + 10 * DAY_IN_SECONDS);
$secure = 'https' === parse_url(home_url(), PHP_URL_SCHEME);
setcookie('hq-postpass_' . COOKIEHASH, $hasher->HashPassword(hq_unslash($_POST['post_password'])), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure);
hq_safe_redirect(hq_get_referer());
exit;
case 'logout':
check_admin_referer('log-out');
$user = hq_get_current_user();
hq_logout();
if (!empty($_REQUEST['redirect_to'])) {
$redirect_to = $requested_redirect_to = $_REQUEST['redirect_to'];
} else {
$redirect_to = 'hq-login.php?loggedout=true';
$requested_redirect_to = '';
}
/**
* Filter the log out redirect URL.
*
* @since 0.0.1
