Пример #1
0
function ecu_options_page()
{
    // Handle changed options
    if (isset($_POST['submitted'])) {
        check_admin_referer('easy-comment-uploads');
        // Update options
        update_option('ecu_images_only', $_POST['images_only'] != null);
        if (isset($_POST['permission_required'])) {
            update_option('ecu_permission_required', $_POST['permission_required']);
        }
        update_option('ecu_hide_comment_form', (int) ($_POST['hide_comment_form'] != null));
        update_option('ecu_show_full_file_path', (int) ($_POST['show_full_file_path'] != null));
        if (isset($_POST['max_file_size']) && preg_match('/[0-9]+/', $_POST['max_file_size']) && $_POST['max_file_size'] >= 0) {
            update_option('ecu_max_file_size', $_POST['max_file_size']);
        }
        if (isset($_POST['upload_files_uploads_per_hour']) && preg_match('/[-]?[0-9]+/', $_POST['upload_files_uploads_per_hour']) && $_POST['upload_files_uploads_per_hour'] >= -1) {
            $uploads_per_hour = get_option('ecu_uploads_per_hour');
        }
        $uploads_per_hour['upload_files'] = $_POST['upload_files_uploads_per_hour'];
        update_option('ecu_uploads_per_hour', $uploads_per_hour);
        if (isset($_POST['edit_posts_uploads_per_hour']) && preg_match('/[-]?[0-9]+/', $_POST['edit_posts_uploads_per_hour']) && $_POST['edit_posts_uploads_per_hour'] >= -1) {
            $uploads_per_hour = get_option('ecu_uploads_per_hour');
        }
        $uploads_per_hour['edit_posts'] = $_POST['edit_posts_uploads_per_hour'];
        update_option('ecu_uploads_per_hour', $uploads_per_hour);
        if (isset($_POST['read_uploads_per_hour']) && preg_match('/[-]?[0-9]+/', $_POST['read_uploads_per_hour']) && $_POST['read_uploads_per_hour'] >= -1) {
            $uploads_per_hour = get_option('ecu_uploads_per_hour');
        }
        $uploads_per_hour['read'] = $_POST['read_uploads_per_hour'];
        update_option('ecu_uploads_per_hour', $uploads_per_hour);
        if (isset($_POST['none_uploads_per_hour']) && preg_match('/[-]?[0-9]+/', $_POST['none_uploads_per_hour']) && $_POST['none_uploads_per_hour'] >= -1) {
            $uploads_per_hour = get_option('ecu_uploads_per_hour');
        }
        $uploads_per_hour['none'] = $_POST['none_uploads_per_hour'];
        update_option('ecu_uploads_per_hour', $uploads_per_hour);
        if (isset($_POST['enabled_pages']) && preg_match('/^(all)|(([0-9]+ )*[0-9]+)$/', $_POST['enabled_pages'])) {
            update_option('ecu_enabled_pages', $_POST['enabled_pages']);
        }
        if (isset($_POST['file_extension_blacklist']) && $_POST['file_extension_blacklist'] != implode(', ', ecu_get_blacklist()) && preg_match('/^[a-z0-9]+([, ][ ]*[a-z0-9]+)*$/i', $_POST['file_extension_blacklist'])) {
            if ($_POST['file_extension_blacklist'] == 'default') {
                delete_option('ecu_file_extension_blacklist');
            } else {
                if ($_POST['file_extension_blacklist'] == 'none') {
                    update_option('ecu_file_extension_blacklist', array());
                } else {
                    update_option('ecu_file_extension_blacklist', preg_split("/[, ][ ]*/", $_POST['file_extension_blacklist']));
                }
            }
        }
        if (isset($_POST['file_extension_whitelist']) && preg_match('/^[a-z0-9]+([, ][ ]*[a-z0-9]+)*$/i', $_POST['file_extension_whitelist'])) {
            if ($_POST['file_extension_whitelist'] == 'ignore') {
                delete_option('ecu_file_extension_whitelist');
            } else {
                update_option('ecu_file_extension_whitelist', preg_split("/[, ][ ]*/", $_POST['file_extension_whitelist']));
            }
        }
        // Inform user
        echo '<div id="message" class="updated fade"><p>' . __('Easy Comment Uploads options saved.') . '</p></div>';
    }
    update_user_meta(get_current_user_id(), 'ecu_test', 'test');
    // Store current values for fields
    $images_only = get_option('ecu_images_only') ? 'checked' : '';
    $hide_comment_form = get_option('ecu_hide_comment_form') ? 'checked' : '';
    $show_full_file_path = get_option('ecu_show_full_file_path') ? 'checked' : '';
    $premission_required = array();
    foreach (array('none', 'read', 'edit_posts', 'upload_files') as $elem) {
        $permission_required[] = get_option('ecu_permission_required') == $elem ? 'checked' : '';
    }
    $max_file_size = get_option('ecu_max_file_size');
    $enabled_pages = get_option('ecu_enabled_pages');
    $file_extension_blacklist = ecu_get_blacklist() ? implode(', ', ecu_get_blacklist()) : 'none';
    $file_extension_whitelist = get_option('ecu_file_extension_whitelist') === false ? 'ignore' : implode(', ', get_option('ecu_file_extension_whitelist'));
    $uploads_per_hour = get_option('ecu_uploads_per_hour');
    // Info for form
    $actionurl = $_SERVER['REQUEST_URI'];
    $nonce_field = wp_nonce_field('easy-comment-uploads');
    echo <<<END
        <div class="wrap" style="max-width:950px !important;">
        <h2>Easy Comment Uploads</h2>

        <form name="ecuform" action="{$action_url}" method="post">
            <input type="hidden" name="submitted" value="1" />
            {$nonce_field}

            <h3>Allowed Files</h3>

            <ul>
            <li><input id="images_only" type="checkbox" name="images_only" {$images_only} />
            <label for="images_only">Only allow images to be uploaded.</label></li>
            </p>

            <li>Limit the size of uploaded files:
            <input id="max_file_size" type="text" name="max_file_size" value="{$max_file_size}" />
            <label for="max_file_size">(KiB, 0 = unlimited)</label></li>

            <li>Blacklist the following file extensions:
            <input id="file_extenstion_blacklist" type="text" name="file_extension_blacklist" value="{$file_extension_blacklist}" />
            <br />
            <label for="file_extenstion_blacklist">(extensions seperated with spaces, 'none' to allow all (not recommended) or 'default' to restore the default list)</label>
            </li>

            <li>Allow only the following file extensions:
            <input id="file_extenstion_whitelist" type="text" name="file_extension_whitelist" value="{$file_extension_whitelist}" />
            <br />
            <label for="file_extension_whitelist">(extensions seperated with spaces or 'ignore' to disable the whitelist)</label>
            </li>
            </ul>

            <h3>User Permissions</h3>
            <ul>
            <li><input id="all_users" type="radio" name="permission_required" value="none" {$permission_required['0']} />
            <label for="all_users">Allow all users to upload files with their comments.</label></li>

            <li><input id="registered_users_only" type="radio" name="permission_required"
                value="read" {$permission_required['1']} />
            <label for="registered_users_only">Only allow registered users to upload files.</label></li>

            <li><input id="edit_rights_only" type="radio" name="permission_required"
                value="edit_posts" {$permission_required['2']} />
            <label for="edit_rights_only">Require "Contributor" rights to upload files.</label></li>

            <li><input id="upload_rights_only" type="radio" name="permission_required"
                value="upload_files" {$permission_required['3']} />
            <label for="upload_rights_only">Require "Upload" rights to uploads files
                (e.g. only admin, editors and authors).</label></li>


            <li><table class="widefat">
                <tr>
                    <th></th>
                    <th>Uploads allowed per hour
                    <br /><em>(-1 = unlimited)</em></th>
                </tr>
                <tr>
                    <th>users with upload rights
                    <br /><em>(e.g. only admin, editors and authors)</em></th>
                    <td><input id="upload_files_uploads_per_hour" type="text" name="upload_files_uploads_per_hour" value="{$uploads_per_hour['upload_files']}" /></td>
                </tr>
                <tr>
                    <th>contributors</th>
                    <td><input id="edit_posts_uploads_per_hour" type="text" name="edit_posts_uploads_per_hour" value="{$uploads_per_hour['edit_posts']}" /></td>
                </tr>
                <tr>
                    <th>registered users</th>
                    <td><input id="read_uploads_per_hour" type="text" name="read_uploads_per_hour" value="{$uploads_per_hour['read']}" /></td>
                </tr>
                <tr>
                    <th>unregistered users</th>
                    <td><input id="none_uploads_per_hour" type="text" name="none_uploads_per_hour" value="{$uploads_per_hour['none']}" /></td>
                </tr>
            </table></li>
            </ul>

            <h3>Upload Form</h3>
            <ul>
            <li><input id="hide_comment_form" type="checkbox" name="hide_comment_form" {$hide_comment_form} />
            <label for="hide_comment_form">Hide from comment forms</li>

            <li>
            Only allow uploads on these pages:
            <input id="enabled_pages" type="text" name="enabled_pages" value="{$enabled_pages}" />
            <br />
            <label for="enabled_pages">(<a href="http://www.techtrot.com/wordpress-page-id/">page_ids</a> seperated with spaces or 'all' to enable globally)</label>
            </li>
            </ul>

            <h3>Comments</h3>
            <ul>
            <li><input id="show_full_file_path" type="checkbox" name="show_full_file_path" {$show_full_file_path} />
            <label for="show_full_file_path">Show full url in links to files</label></li>
            </ul>

            <p class="submit"><input type="submit" class="button-primary" name="Submit" value="Save Changes" /></p>
        </form>
END;
    echo "\n    <div style='margin : auto auto auto 2em; width : 40em;\n     background-color : ghostwhite; border : 1px dashed gray;\n     padding : 0 1em 0 1em'>\n    ";
    ecu_upload_form_default(false);
    echo "</div>";
}
Пример #2
0
function filetype_blacklisted()
{
    $blacklist = ecu_get_blacklist();
    return preg_match("/\\.((" . implode('|', $blacklist) . ")|~)(\\.|\$)/i", $_FILES['file']['name']);
}