/**
* Set nocache constants and headers.
*
* @access private
* @return void
*/
private function nocache()
{
if (!defined('DONOTCACHEPAGE')) {
define("DONOTCACHEPAGE", "true");
}
nocache_headers();
}
public function create_post()
{
global $json_api;
if (!$json_api->query->nonce) {
$json_api->error("You must include a 'nonce' value to create posts. Use the `get_nonce` Core API method.");
}
if (!$json_api->query->cookie) {
$json_api->error("You must include a 'cookie' authentication cookie. Use the `create_auth_cookie` Auth API method.");
}
$nonce_id = $json_api->get_nonce_id('posts', 'create_post');
if (!wp_verify_nonce($json_api->query->nonce, $nonce_id)) {
$json_api->error("Your 'nonce' value was incorrect. Use the 'get_nonce' API method.");
}
$user_id = wp_validate_auth_cookie($json_api->query->cookie, 'logged_in');
if (!$user_id) {
$json_api->error("Invalid authentication cookie. Use the `generate_auth_cookie` Auth API method.");
}
if (!user_can($user_id, 'edit_posts')) {
$json_api->error("You need to login with a user capable of creating posts.");
}
nocache_headers();
$post = new JSON_API_Post();
$id = $post->create($_REQUEST);
if (empty($id)) {
$json_api->error("Could not create post.");
}
return array('post' => $post);
}
/**
* Check if data update is needed after version update
*/
function init()
{
global $userMeta;
$history = $userMeta->getData('history');
$lastVersion = null;
if (!empty($history)) {
if (isset($history['version']['last_version'])) {
$lastVersion = $history['version']['last_version'];
}
}
if (version_compare($userMeta->version, $lastVersion, '<=')) {
return;
}
// Determine last version and run data update
if ($lastVersion) {
self::runUpgrade($lastVersion);
} else {
if (get_option('user_meta_fields')) {
self::runUpgrade('1.1.0');
} elseif (get_option('user_meta_field')) {
self::runUpgrade('1.0.3');
}
}
// Saveing last version data
$history['version']['last_version'] = $userMeta->version;
$history['version'][$userMeta->version] = array('timestamp' => time());
$userMeta->updateData('history', $history);
nocache_headers();
}
/**
* Sets the nonce cookie then redirects to Sopresto.
*
* @return void
*/
public function action_authorize()
{
$proxy = apply_filters('social_authorize_url', Social::$api_url . $this->request->query('key') . '/authorize/', $this->request->query('key'));
if (strpos($proxy, Social::$api_url) !== false) {
$salt = $this->auth_nonce_salt();
$id = Social::wp39_create_nonce($this->auth_nonce_key($salt));
$url = home_url('index.php');
$args = array('social_controller' => 'auth', 'social_action' => 'authorized', 'salt' => $salt);
if (is_admin()) {
$args['is_admin'] = 'true';
$args['user_id'] = get_current_user_id();
if (defined('IS_PROFILE_PAGE')) {
$args['personal'] = 'true';
$url = add_query_arg('personal', 'true', $url);
}
} else {
$post_id = $this->request->query('post_id');
if ($post_id !== null) {
$args['p'] = $post_id;
}
// Set the nonce cookie
setcookie('social_auth_nonce', $id, 0, '/');
}
$proxy = add_query_arg(array('v' => '2', 'id' => $id, 'response_url' => urlencode(add_query_arg($args, $url))), $proxy);
$proxy = apply_filters('social_proxy_url', $proxy);
}
nocache_headers();
Social::log('Authorizing with URL: ' . $proxy);
wp_redirect($proxy);
exit;
}
public function wp()
{
global $post;
if (is_singular() && post_password_required($post->ID)) {
nocache_headers();
}
}
private function set_cookie()
{
nocache_headers();
if (isset($_GET['mid']) || isset($_GET['cond'])) {
return false;
}
global $upload;
$upload = false;
if (isset($_POST['upload'])) {
if ($_POST['upload'] === 'Font Upload') {
if (move_uploaded_file($_FILES['font']['tmp_name'], dirname(__FILE__) . '/fonts/' . $_FILES['font']['name'])) {
update_option('meme_message', '<div class="updated" style="margin-left:0;"><p>Font uploaded Successfully</p></div>');
}
return false;
}
global $guploaderr;
$guploaderr = true;
include 'meme-image-upload.php';
if ($guploaderr) {
return false;
}
if (get_option('meme_message')) {
$upload = $_FILES['image']['name'];
$upload = str_replace(array('.jpeg', '.png', '.JPG', '.PNG', '.JPEG', '.gif', '.GIF'), '.jpg', $upload);
if ($upload) {
unset($_COOKIE['meme_uploaded_image']);
}
}
}
if (isset($_COOKIE['meme_uploaded_image'])) {
$upload = $_COOKIE['meme_uploaded_image'];
} else {
setcookie("meme_uploaded_image", $upload, 0);
}
}
function wpui_export_settings()
{
if (empty($_POST['wpui_action']) || 'export_settings' != $_POST['wpui_action']) {
return;
}
if (!wp_verify_nonce($_POST['wpui_export_nonce'], 'wpui_export_nonce')) {
return;
}
if (!current_user_can('manage_options')) {
return;
}
$settings["wpui_option_name"] = get_option('wpui_option_name');
$settings["wpui_login_option_name"] = get_option('wpui_login_option_name');
$settings["wpui_global_option_name"] = get_option('wpui_global_option_name');
$settings["wpui_dashboard_option_name"] = get_option('wpui_dashboard_option_name');
$settings["wpui_admin_menu_option_name"] = get_option('wpui_admin_menu_option_name');
$settings["wpui_admin_bar_option_name"] = get_option('wpui_admin_bar_option_name');
$settings["wpui_editor_option_name"] = get_option('wpui_editor_option_name');
$settings["wpui_metaboxes_option_name"] = get_option('wpui_metaboxes_option_name');
$settings["wpui_columns_option_name"] = get_option('wpui_columns_option_name');
$settings["wpui_library_option_name"] = get_option('wpui_library_option_name');
$settings["wpui_profil_option_name"] = get_option('wpui_profil_option_name');
$settings["wpui_plugins_option_name"] = get_option('wpui_plugins_option_name');
$settings["wpui_roles_option_name"] = get_option('wpui_roles_option_name');
ignore_user_abort(true);
nocache_headers();
header('Content-Type: application/json; charset=utf-8');
header('Content-Disposition: attachment; filename=wpui-settings-export-' . date('m-d-Y') . '.json');
header("Expires: 0");
echo json_encode($settings);
exit;
}
function app_login_init()
{
nocache_headers();
if (isset($_REQUEST['action'])) {
$action = $_REQUEST['action'];
} else {
$action = 'login';
}
//Set a cookie now to see if they are supported by the browser.
setcookie(TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN);
if (SITECOOKIEPATH != COOKIEPATH) {
setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN);
}
// allow plugins to override the default actions, and to add extra actions if they want
do_action('login_init');
do_action('login_form_' . $action);
switch ($action) {
case 'lostpassword':
case 'retrievepassword':
app_show_password();
break;
case 'register':
app_show_registration();
break;
case 'login':
default:
app_show_login();
break;
}
exit;
}
public function delete_post()
{
global $json_api;
$post = $json_api->introspector->get_current_post();
if (empty($post)) {
$json_api->error("Post not found.");
}
if (!current_user_can('edit_post', $post->ID)) {
$json_api->error("You need to login with a user that has the 'edit_post' capacity for that post.");
}
if (!current_user_can('delete_posts')) {
$json_api->error("You need to login with a user that has the 'delete_posts' capacity.");
}
if ($post->post_author != get_current_user_id() && !current_user_can('delete_other_posts')) {
$json_api->error("You need to login with a user that has the 'delete_other_posts' capacity.");
}
if (!$json_api->query->nonce) {
$json_api->error("You must include a 'nonce' value to update posts. Use the `get_nonce` Core API method.");
}
$nonce_id = $json_api->get_nonce_id('posts', 'delete_post');
if (!wp_verify_nonce($json_api->query->nonce, $nonce_id)) {
$json_api->error("Your 'nonce' value was incorrect. Use the 'get_nonce' API method.");
}
nocache_headers();
wp_delete_post($post->ID);
return array();
}
/**
* Exports a Soliloquy slider.
*
* @since 1.0.0
*
* @return null Return early if failing proper checks to export the slider.
*/
public function export_slider()
{
if (!$this->has_exported_slider()) {
return;
}
if (!$this->verify_exported_slider()) {
return;
}
if (!$this->can_export_slider()) {
return;
}
// Ignore the user aborting the action.
ignore_user_abort(true);
// Grab the proper data.
$post_id = absint($_POST['soliloquy_post_id']);
$data = get_post_meta($post_id, '_sol_slider_data', true);
// Append the in_slider data checker to the data array.
$data['in_slider'] = get_post_meta($post_id, '_sol_in_slider', true);
// Set the proper headers.
nocache_headers();
header('Content-Type: application/json; charset=utf-8');
header('Content-Disposition: attachment; filename=soliloquy-' . $post_id . '-' . date('m-d-Y') . '.json');
header('Expires: 0');
// Make the settings downloadable to a JSON file and die.
die(json_encode($data));
}
/**
* Export your settings
* @author Julien Maury
* @return bool|void
*/
public function export_settings()
{
if (empty($_POST['export_facetwp']) || empty($_POST['action']) || 'export_facetwp_settings' !== $_POST['action']) {
return;
}
if (!current_user_can('manage_options')) {
return;
}
if (!wp_verify_nonce($_POST['export_facetwp_nonce'], 'export_facetwp_nonce')) {
return;
}
$items = $_POST['export_facetwp'];
if (!empty($items)) {
foreach ($items as $item) {
if ('facet' == substr($item, 0, 5)) {
$item_name = substr($item, 6);
$output['facets'][] = FacetWP::instance()->helper->get_facet_by_name($item_name);
} elseif ('template' == substr($item, 0, 8)) {
$item_name = substr($item, 9);
$output['templates'][] = FacetWP::instance()->helper->get_template_by_name($item_name);
}
}
}
ignore_user_abort(true);
nocache_headers();
header('Content-Type: application/json; charset=utf-8');
header('Content-Disposition: attachment; filename=facetwp-settings-export-' . strtotime('now') . '.json');
header('Expires: 0');
echo json_encode($output);
exit;
}
/**
* Send a download.
*
* @since 0.1.0
*
* @param string $file An absolute file path.
*/
function satispress_send_file($file)
{
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
if (get_magic_quotes_runtime()) {
@set_magic_quotes_runtime(0);
}
@ini_set('zlib.output_compression', 'Off');
@set_time_limit(0);
@ob_end_clean();
if (ob_get_level()) {
@ob_end_clean();
// Zip corruption fix.
}
nocache_headers();
header('Robots: none');
header('Content-Type: application/force-download');
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename="' . basename($file) . '";');
header('Content-Transfer-Encoding: binary');
if ($size = @filesize($file)) {
header('Content-Length: ' . $size);
}
@readfile_chunked($file) or wp_die(__('File not found', 'satispress'));
exit;
}
private static function listen()
{
if ($key = filter_input(INPUT_GET, self::PURGE_QUERY_VAR)) {
$response = new stdClass();
if ($key === self::get_purge_key()) {
delete_transient(EXTEND_UPDATE);
delete_transient('pagelines_extend_themes');
delete_transient('pagelines_extend_sections');
delete_transient('pagelines_extend_plugins');
delete_transient('pagelines_extend_integrations');
delete_transient('pagelines_sections_cache');
remove_theme_mod('available_updates');
remove_theme_mod('pending_updates');
do_action('extend_flush');
$response->status = 'success';
$response->message = 'Cache purged.';
$status_code = 200;
} else {
$response->status = 'fail';
$response->message = 'Invalid key.';
$status_code = 422;
}
if (!headers_sent()) {
nocache_headers();
@header("Content-type: application/json");
status_header($status_code);
echo json_encode($response);
exit;
} else {
wp_die($response->message, $response->status, array('response' => $status_code));
}
// silence
}
}
/**
* Process a settings export from config
* @since 1.0.0
*/
public function settings_export()
{
if (empty($_POST['pn_action']) || 'export_settings' != $_POST['pn_action']) {
return;
}
if (!wp_verify_nonce($_POST['pn_export_nonce'], 'pn_export_nonce')) {
return;
}
if (!current_user_can('manage_options')) {
return;
}
$settings[0] = get_option($this->plugin_slug . '-settings');
$settings[1] = get_option($this->plugin_slug . '-settings-second');
ignore_user_abort(true);
nocache_headers();
header('Content-Type: application/json; charset=utf-8');
header('Content-Disposition: attachment; filename=pn-settings-export-' . date('m-d-Y') . '.json');
header("Expires: 0");
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
echo json_encode($settings, JSON_PRETTY_PRINT);
} else {
echo json_encode($settings);
}
exit;
}
/**
* API request - Trigger any API requests.
*
* @since 2.0
* @version 2.4
*/
public function handle_api_requests()
{
global $wp;
if (!empty($_GET['wc-api'])) {
$wp->query_vars['wc-api'] = $_GET['wc-api'];
}
// wc-api endpoint requests.
if (!empty($wp->query_vars['wc-api'])) {
// Buffer, we won't want any output here.
ob_start();
// No cache headers.
nocache_headers();
// Clean the API request.
$api_request = strtolower(wc_clean($wp->query_vars['wc-api']));
// Trigger generic action before request hook.
do_action('woocommerce_api_request', $api_request);
// Is there actually something hooked into this API request? If not trigger 400 - Bad request.
status_header(has_action('woocommerce_api_' . $api_request) ? 200 : 400);
// Trigger an action which plugins can hook into to fulfill the request.
do_action('woocommerce_api_' . $api_request);
// Done, clear buffer and exit.
ob_end_clean();
die('-1');
}
}
/**
* Constructor
*/
public function __construct($request)
{
global $wpdb;
$wpdb->hide_errors();
nocache_headers();
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if (stristr($user_agent, 'WordPress') === false) {
die;
}
if (isset($request['request'])) {
$this->request = array_map('sanitize_text_field', $request);
} else {
die;
}
switch ($this->request['request']) {
case 'pluginupdatecheck':
$this->plugin_update_check();
break;
case 'plugininformation':
$this->plugin_information();
break;
default:
die;
break;
}
}
public function authenticate()
{
nocache_headers();
if ($is_allowed = $this->isAllowed()) {
return true;
}
// here
$token = $this->http->get('access_token');
if (empty($token) && $this->http->header('Authorization')) {
list($type, $auth) = explode(' ', $this->http->header('Authorization'));
if (strtolower($type) === 'bearer') {
$token = base64_decode($auth);
}
}
if (!$token) {
status_header(401);
wp_send_json_error('no access token provided');
}
$users = get_users(array('fields' => 'ids', 'meta_key' => 'access_token', 'meta_value' => $token));
if ($users && !is_wp_error($users)) {
$user_id = reset($users);
wp_set_current_user($user_id);
} else {
status_header(401);
wp_send_json_error('invalid access token provided');
}
}
/**
* Session handler assigned by session_set_save_handler().
*
* This function is used to handle any initialization, such as file paths or
* database connections, that is needed before accessing session data. The plugin
* does not need to initialize anything in this function.
*
* This function should not be called directly.
*
* @return true
*/
function _pantheon_session_open() {
// We use !empty() in the following check to ensure that blank session IDs are not valid.
if ( ! empty( $_COOKIE[ session_name() ] ) || ( is_ssl() && ! empty( $_COOKIE[ substr(session_name(), 1) ] ) ) ) {
// If a session cookie exists, initialize the session. Otherwise the
// session is only started on demand in _pantheon_session_write(), making
// anonymous users not use a session cookie unless something is stored in
// $_SESSION. This allows HTTP proxies to cache anonymous pageviews.
if ( get_current_user_id() || ! empty( $_SESSION ) ) {
nocache_headers();
}
} else {
// Set a session identifier for this request. This is necessary because
// we lazily start sessions at the end of this request
require_once( ABSPATH . 'wp-includes/class-phpass.php');
$hasher = new PasswordHash( 8, false );
session_id( md5( $hasher->get_random_bytes( 32 ) ) );
if ( is_ssl() ) {
$insecure_session_name = substr( session_name(), 1 );
$insecure_session_id = md5( $hasher->get_random_bytes( 32 ) );
//set custom expire time during cookie session creation
$lifetime = (int) apply_filters( 'pantheon_session_expiration', 0 );
setcookie( $insecure_session_name, $insecure_session_id, $_SERVER['REQUEST_TIME'] + $lifetime);
}
}
return true;
}
/**
* Sends json response.
*
* @since 1.0.0
*
* @access private
* @param array $results The response array.
*/
private function _sendResponse($results)
{
header('Content-type: application/json');
nocache_headers();
echo json_encode($results);
exit;
}
/**
* Hook in to filter the content as late as possible.
*/
public function pageLoading()
{
add_filter('the_content', array($this, 'wrap_content'), -9999999);
add_action('wp_footer', array($this, 'process_content'), -999999);
do_action('cornerstone_load_preview');
nocache_headers();
}
public function index()
{
nocache_headers();
$data['razdel'] = $this->Mdl_add->mylist();
$data['img'] = $this->get_miniaturs();
$this->lib_view->admin_page('add', $data, 'Добавление страницы');
//$this->imgtiny(); Раскоментировать для просмотра массива картинок.
}
static function site_lockout_tasks()
{
nocache_headers();
header("HTTP/1.0 503 Service Unavailable");
remove_action('wp_head', 'head_addons', 7);
include_once AIO_WP_SECURITY_PATH . '/other-includes/wp-security-visitor-lockout-page.php';
exit;
}
/**
* Checks if a user is logged in, if not redirect them to the login page.
*/
function appthemes_auth_redirect_login()
{
if (!is_user_logged_in()) {
nocache_headers();
wp_redirect(wp_login_url(scbUtil::get_current_url()));
exit;
}
}
function auth_redirect()
{
global $Ktai_Style;
nocache_headers();
$uri = preg_replace('!^.*/wp-admin/!', KtaiStyle::ADMIN_DIR . '/', $_SERVER['REQUEST_URI']);
wp_redirect($Ktai_Style->get('plugin_url') . KtaiStyle::LOGIN_PAGE . '?redirect_to=' . urlencode($uri));
exit;
}
/**
* Checks if a user is logged in, if not redirect them to the login page.
*/
function appthemes_auth_redirect_login()
{
if (!is_user_logged_in()) {
nocache_headers();
wp_redirect(get_bloginfo('wpurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
exit;
}
}
/**
* If the user isn't logged in, redirect
* to the login page
*
* @since version 0.1
* @author Tareq Hasan
*/
function wpuf_auth_redirect_login()
{
$user = wp_get_current_user();
if ($user->ID == 0) {
nocache_headers();
wp_redirect(get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
exit;
}
}
/**
* Clear theme choice if reset variable is present in request.
*/
public static function check_reset()
{
if (!empty(filter_input(INPUT_GET, 'tts_reset'))) {
setcookie(self::get_cookie_name(), '', 1);
nocache_headers();
wp_safe_redirect(home_url());
die;
}
}
/**
* Send headers for WC Ajax Requests
* @since 2.5.0
*/
private static function wc_ajax_headers()
{
send_origin_headers();
@header('Content-Type: text/html; charset=' . get_option('blog_charset'));
@header('X-Robots-Tag: noindex');
send_nosniff_header();
nocache_headers();
status_header(200);
}
/**
* Set the export headers
*
* @access public
* @since 2.5
* @return void
*/
public function headers()
{
ignore_user_abort(true);
set_time_limit(0);
nocache_headers();
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename=' . apply_filters('gmw_pt_locations_export_filename', 'gmw-export-' . $this->export_type . '-' . date('m-d-Y')) . '.csv');
header("Expires: 0");
}
/**
* Set the export headers
*
* @access public
* @since 1.0
* @return void
*/
public function headers()
{
ignore_user_abort(true);
set_time_limit(0);
nocache_headers();
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename=bbp-export-' . sanitize_file_name(get_the_title($this->forum_id)) . '-' . date('m-d-Y') . '.csv');
header("Expires: 0");
}
