/** * Function to process [codesyntax] tag in comments * * @param array $m * @return string */ function wp_synhighlight_do_shortcode_tag($m) { $attr = shortcode_parse_atts($m[2]); if (isset($m[4])) { // enclosing tag - extra parameter return fr_codesyntax_handler($attr, html_entity_decode($m[4]), false, true); } else { // self-closing tag return fr_codesyntax_handler($attr, NULL, false, true); } }
function fr_filesyntax_handler($atts, $content = null, $cleanHTML = true) { global $wpsh_upload_dir; if (!get_option('wp_synhighlight_filesyntax_on')) { return '<font color="red"><b>' . __('WP-SYNHIGHLIGHT PLUGIN: [FILESYNTAX SHORTCODE IS DISABLED IN PLUGIN SETTINGS! PLEASE READ README.TXT IN PLUGIN FOLDER!', 'wp-synhighlighter') . '</b></font>'; } if (!isset($atts['filename'])) { return '<font color="red"><b>' . __('WP-SYNHIGHLIGHT PLUGIN: NOTHING TO HIGHLIGHT USING FILESYNTAX TAG! FILENAME REQUIRED. PLEASE READ README.TXT IN PLUGIN FOLDER!', 'wp-synhighlighter') . '</b></font>'; } $wpsh_exts = get_option('wp_synhighlight_filesyntax_ext') ? get_option('wp_synhighlight_filesyntax_ext') : "filesyntax phps source"; $wpsh_exts = preg_split('/\\s+/', $wpsh_exts, null, PREG_SPLIT_NO_EMPTY); $fileToHighlight = realpath($wpsh_upload_dir . '/' . $atts['filename']); if (strpos($fileToHighlight, $wpsh_upload_dir) !== 0) { return '<font color="red"><b>' . __('WP-SYNHIGHLIGHT PLUGIN: SECURITY VIOLATION! FILENAME FOR [FILESYNTAX] TAG DOES NOT EXIST OR IS OUTSIDE ALLOWED DIR! PLEASE READ README.TXT IN PLUGIN FOLDER!', 'wp-synhighlighter') . '</b></font>'; } $pathinfo = pathinfo($fileToHighlight); if (!in_array($pathinfo['extension'], $wpsh_exts)) { return '<font color="red"><b>' . __('WP-SYNHIGHLIGHT PLUGIN: SECURITY VIOLATION! FILENAME FOR [FILESYNTAX] TAG DOES HAVE ALLOWED EXTENSIONS! PLEASE READ README.TXT IN PLUGIN FOLDER!', 'wp-synhighlighter') . '</b></font>'; } return fr_codesyntax_handler($atts, file_get_contents($fileToHighlight), false); }