/** * {@internal Missing Short Description}} * * @since 2.5.0 * * @param unknown_type $entry * @param unknown_type $count * @return unknown */ function file_gallery_list_meta_row($entry, &$count) { static $update_nonce = false; if (is_protected_meta($entry['meta_key'], 'post')) { return; } if (!$update_nonce) { $update_nonce = wp_create_nonce('add-meta'); } $r = ''; ++$count; if ($count % 2) { $style = 'alternate'; } else { $style = ''; } if (is_serialized($entry['meta_value'])) { if (is_serialized_string($entry['meta_value'])) { // this is a serialized string, so we should display it $entry['meta_value'] = maybe_unserialize($entry['meta_value']); } else { // this is a serialized array/object so we should NOT display it --$count; return; } } $entry['meta_key'] = esc_attr($entry['meta_key']); $entry['meta_value'] = esc_textarea($entry['meta_value']); // using a <textarea /> $entry['meta_id'] = (int) $entry['meta_id']; $delete_nonce = wp_create_nonce('delete-meta_' . $entry['meta_id']); $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='{$style}'>"; $r .= "\n\t\t<td class='left'><label class='screen-reader-text' for='meta[{$entry['meta_id']}][key]'>" . __('Key') . "</label><input name='meta[{$entry['meta_id']}][key]' id='meta[{$entry['meta_id']}][key]' type='text' size='20' value='{$entry['meta_key']}' />"; $r .= "\n\t\t<div class='submit'>"; $r .= get_submit_button(__('Delete'), 'deletemeta small', "deletemeta[{$entry['meta_id']}]", false, array('data-wp-lists' => "delete:attachment-the-list:meta-{$entry['meta_id']}::_ajax_nonce={$delete_nonce}")); $r .= "\n\t\t"; $r .= get_submit_button(__('Update'), 'updatemeta small', "meta-{$entry['meta_id']}-submit", false, array('data-wp-lists' => "add:attachment-the-list:meta-{$entry['meta_id']}::_ajax_nonce-add-meta={$update_nonce}")); $r .= "</div>"; $r .= wp_nonce_field('change-meta', '_ajax_nonce', false, false); $r .= "</td>"; $r .= "\n\t\t<td><label class='screen-reader-text' for='meta[{$entry['meta_id']}][value]'>" . __('Value') . "</label><textarea name='meta[{$entry['meta_id']}][value]' id='meta[{$entry['meta_id']}][value]' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>\n\t</tr>"; return $r; }
/** * {@internal Missing Short Description}} * * @since unknown * * @param unknown_type $entry * @param unknown_type $count * @return unknown */ function _list_meta_row( $entry, &$count ) { static $update_nonce = false; if ( !$update_nonce ) $update_nonce = wp_create_nonce( 'add-meta' ); $r = ''; ++ $count; if ( $count % 2 ) $style = 'alternate'; else $style = ''; if ('_' == $entry['meta_key'] { 0 } ) $style .= ' hidden'; if ( is_serialized( $entry['meta_value'] ) ) { if ( is_serialized_string( $entry['meta_value'] ) ) { // this is a serialized string, so we should display it $entry['meta_value'] = maybe_unserialize( $entry['meta_value'] ); } else { // this is a serialized array/object so we should NOT display it --$count; return; } } $entry['meta_key'] = attribute_escape($entry['meta_key']); $entry['meta_value'] = htmlspecialchars($entry['meta_value']); // using a <textarea /> $entry['meta_id'] = (int) $entry['meta_id']; $delete_nonce = wp_create_nonce( 'delete-meta_' . $entry['meta_id'] ); $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='$style'>"; $r .= "\n\t\t<td class='left'><label class='hidden' for='meta[{$entry['meta_id']}][key]'>" . __( 'Key' ) . "</label><input name='meta[{$entry['meta_id']}][key]' id='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' />"; $r .= "\n\t\t<div class='submit'><input name='deletemeta[{$entry['meta_id']}]' type='submit' "; $r .= "class='delete:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$delete_nonce deletemeta' tabindex='6' value='".attribute_escape(__( 'Delete' ))."' />"; $r .= "\n\t\t<input name='updatemeta' type='submit' tabindex='6' value='".attribute_escape(__( 'Update' ))."' class='add:the-list:meta-{$entry['meta_id']}::_ajax_nonce=$update_nonce updatemeta' /></div>"; $r .= wp_nonce_field( 'change-meta', '_ajax_nonce', false, false ); $r .= "</td>"; $r .= "\n\t\t<td><label class='hidden' for='meta[{$entry['meta_id']}][value]'>" . __( 'Value' ) . "</label><textarea name='meta[{$entry['meta_id']}][value]' id='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>\n\t</tr>"; return $r; }
/** * Prepares meta data for return as an object. * * @param stdClass $data Metadata row from database * @param WP_REST_Request $request * @param boolean $is_raw Is the value field still serialized? (False indicates the value has been unserialized) * @return WP_REST_Response|WP_Error Meta object data on success, WP_Error otherwise */ public function prepare_item_for_response($data, $request, $is_raw = false) { $id_column = $this->get_id_column(); $id = $data->{$id_column}; $key = $data->meta_key; $value = $data->meta_value; // Don't expose protected fields. if (is_protected_meta($key)) { return new WP_Error('rest_meta_protected', sprintf(__('%s is marked as a protected field.'), $key), array('status' => 403)); } // Normalize serialized strings if ($is_raw && is_serialized_string($value)) { $value = unserialize($value); } // Don't expose serialized data if (is_serialized($value) || !is_string($value)) { return new WP_Error('rest_meta_protected', sprintf(__('%s contains serialized data.'), $key), array('status' => 403)); } $meta = array('id' => (int) $id, 'key' => $key, 'value' => $value); $response = rest_ensure_response($meta); $parent_column = $this->get_parent_column(); $response->add_link('about', rest_url('wp/' . $this->parent_base . '/' . $data->{$parent_column}), array('embeddable' => true)); /** * Filter a meta value returned from the API. * * Allows modification of the meta value right before it is returned. * * @param array $response Key value array of meta data: id, key, value. * @param WP_REST_Request $request Request used to generate the response. */ return apply_filters('rest_prepare_meta_value', $response, $request); }
function get_post_meta_by_id( $mid ) { global $wpdb; $mid = (int) $mid; $meta = $wpdb->get_row( "SELECT * FROM $wpdb->postmeta WHERE meta_id = '$mid'" ); if ( is_serialized_string( $meta->meta_value ) ) $meta->meta_value = maybe_unserialize( $meta->meta_value ); return $meta; }
} $xtpl = new XTemplate($op . '.tpl', NV_ROOTDIR . '/themes/' . $global_config['module_theme'] . '/modules/' . $module_file); $xtpl->assign('LANG', $lang_module); $xtpl->assign('REQUEST', $request); $xtpl->assign('NV_BASE_ADMINURL', NV_BASE_ADMINURL); $xtpl->assign('NV_LANG_VARIABLE', NV_LANG_VARIABLE); $xtpl->assign('NV_LANG_DATA', NV_LANG_DATA); $xtpl->assign('NV_NAME_VARIABLE', NV_NAME_VARIABLE); $xtpl->assign('MODULE_NAME', $module_name); $NV_Http = new NukeViet\Http\Http($global_config, NV_TEMP_DIR); $stored_cookies = nv_get_cookies(); // Debug $args = array('headers' => array('Referer' => NUKEVIET_STORE_APIURL), 'cookies' => $stored_cookies, 'body' => $request); $array = $NV_Http->post(NUKEVIET_STORE_APIURL, $args); $cookies = $array['cookies']; $array = !empty($array['body']) ? is_serialized_string($array['body']) ? unserialize($array['body']) : array() : array(); $error = ''; if (!empty(NukeViet\Http\Http::$error)) { $error = nv_http_get_lang(NukeViet\Http\Http::$error); } elseif (empty($array['status']) or !isset($array['error']) or !isset($array['data']) or !isset($array['pagination']) or !is_array($array['error']) or !is_array($array['data']) or !is_array($array['pagination']) or !empty($array['error']) and (!isset($array['error']['level']) or empty($array['error']['message']))) { $error = $lang_global['error_valid_response']; } elseif (!empty($array['error']['message'])) { $error = $array['error']['message']; } // Show error if (!empty($error)) { $xtpl->assign('ERROR', $error); $xtpl->parse('main.error'); } elseif ($array['status'] == 'notlogin') { $xtpl->assign('LOGIN_NOTE', sprintf($lang_module['login_require'], NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=login&redirect=' . nv_redirect_encrypt($client_info['selfurl']))); $xtpl->parse('main.login');
* Check whether serialized data is of string type. * * @since 2.0.5 * * @param mixed $data Serialized data * @return bool False if not a serialized string, true if it is. */ function is_serialized_string($data) { // if it isn't a string, it isn't a serialized string if (!is_string($data)) { return false; } //$data = trim( $data ); $length = strlen($data); if ($length < 4) { return false; } elseif (':' !== $data[1]) { return false; } elseif (';' !== $data[$length - 1]) { return false; } elseif ($data[0] !== 's') { return false; } elseif ('"' !== $data[$length - 2]) { return false; } else { return true; } } $result = is_serialized_string(user_input()); label("after-call");
/** * Prepares meta data for return as an object. * * @param stdClass $data Metadata row from database * @param WP_REST_Request $request * @param boolean $is_raw Is the value field still serialized? (False indicates the value has been unserialized) * @return WP_REST_Response|WP_Error Meta object data on success, WP_Error otherwise */ public function prepare_item_for_response($data, $request, $is_raw = false) { $id_column = $this->get_id_column(); $id = $data->{$id_column}; $key = $data->meta_key; $value = $data->meta_value; // Don't expose protected fields. if (is_protected_meta($key)) { return new WP_Error('rest_meta_protected', sprintf(__('%s is marked as a protected field.'), $key), array('status' => 403)); } // Normalize serialized strings if ($is_raw && is_serialized_string($value)) { $value = unserialize($value); } // Don't expose serialized data if (is_serialized($value) || !is_string($value)) { return new WP_Error('rest_meta_protected', sprintf(__('%s contains serialized data.'), $key), array('status' => 403)); } $meta = array('id' => (int) $id, 'key' => $key, 'value' => $value); $response = rest_ensure_response($meta); $parent_column = $this->get_parent_column(); $response->add_link('about', rest_url('wp/' . $this->parent_base . '/' . $data->{$parent_column}), array('embeddable' => true)); return apply_filters('rest_prepare_meta_value', $response, $request); }
function list_meta($meta) { global $post_ID; // Exit if no meta if (!$meta) { return; } $count = 0; ?> <table id='meta-list' cellpadding="3"> <tr> <th><?php _e('Key'); ?> </th> <th><?php _e('Value'); ?> </th> <th colspan='2'><?php _e('Action'); ?> </th> </tr> <?php foreach ($meta as $entry) { ++$count; if ($count % 2) { $style = 'alternate'; } else { $style = ''; } if ('_' == $entry['meta_key'][0]) { $style .= ' hidden'; } if (is_serialized($entry['meta_value'])) { if (is_serialized_string($entry['meta_value'])) { // this is a serialized string, so we should display it $entry['meta_value'] = maybe_unserialize($entry['meta_value']); } else { // this is a serialized array/object so we should NOT display it --$count; continue; } } $entry['meta_key'] = attribute_escape($entry['meta_key']); $entry['meta_value'] = attribute_escape($entry['meta_value']); $entry['meta_id'] = (int) $entry['meta_id']; echo "\n\t\t\t<tr class='{$style}'>\n\t\t\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>\n\t\t\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>\n\t\t\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='" . attribute_escape(__('Update')) . "' /><br />\n\t\t\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' class='deletemeta' tabindex='6' value='" . attribute_escape(__('Delete')) . "' /></td>\n\t\t\t</tr>\n\t\t"; } echo "\n\t\t</table>\n\t"; }
protected static function unpack_variable($variable) { if (is_string($variable) && is_serialized_string($variable)) { $variable = unserialize($variable); } else { if (is_string($variable) && self::is_json($variable)) { $variable = json_decode($variable); } } return $variable; }
<?php /** * @Project NUKEVIET 4.x * @Author VINADES.,JSC (contact@vinades.vn) * @Copyright (C) 2014 VINADES.,JSC. All rights reserved * @License GNU/GPL version 2 or any later version * @Createdate 2-1-2010 22:5 */ if (!defined('NV_IS_FILE_EXTENSIONS')) { die('Stop!!!'); } $contents = ''; $array = $nv_Request->get_string('data', 'post', ''); $array = $array ? nv_base64_decode($array) : ''; if ($array and is_serialized_string($array)) { $array = @unserialize($array); } else { $array = array(); } $request = array(); $request['id'] = isset($array['id']) ? intval($array['id']) : 0; $request['fid'] = isset($array['compatible']['id']) ? intval($array['compatible']['id']) : 0; // Fixed request $request['lang'] = NV_LANG_INTERFACE; $request['basever'] = $global_config['version']; $request['mode'] = 'download'; if (empty($request['id']) or empty($request['fid']) or !isset($array['tid'])) { $contents = "ERR|" . $lang_module['download_error_preparam']; } else { $filename = NV_TEMPNAM_PREFIX . 'auto_' . md5($global_config['sitekey'] . session_id()) . '.zip';
</table> <h3><?php printf(__('Blog options (wp_%s_options)'), $id); ?> </h3> <table class="form-table"> <?php $editblog_default_role = 'subscriber'; foreach ($options as $key => $val) { if ($val['option_name'] == 'default_role') { $editblog_default_role = $val['option_value']; } $disabled = ''; if (is_serialized($val['option_value'])) { if (is_serialized_string($val['option_value'])) { $val['option_value'] = wp_specialchars(maybe_unserialize($val['option_value']), 'single'); } else { $val['option_value'] = "SERIALIZED DATA"; $disabled = ' disabled="disabled"'; } } if (stristr($val['option_value'], "\r") || stristr($val['option_value'], "\n") || stristr($val['option_value'], "\r\n")) { ?> <tr class="form-field"> <th scope="row"><?php echo ucwords(str_replace("_", " ", $val['option_name'])); ?> </th> <td><textarea rows="5" cols="40" name="option[<?php echo $val['option_name'];
/** * member_id 会员id platform_id 第三方平台会员id char nick_name 昵称 type 会员类型 type_name 会员类型名称 avatar_url 头像地址 bind_time 绑定时间 bind_ip 绑定ip * Enter description here ... */ public function bind() { $memberUpdataField = array(); //主表修改字段 $member_id = intval($this->user['user_id']); if (!$member_id) { $this->errorOutput(USER_NO_LOGIN); } $platform_id = trim($this->input['platform_id']); $password = $this->input['password'] ? trim($this->input['password']) : ''; $type = trim($this->input['type']); $platformInfo = $this->Members->get_platform_name($type); $identifierUserSystem = new identifierUserSystem(); $identifier = $identifierUserSystem->setIdentifier((int) $this->input['identifier'])->checkIdentifier(); //多用户系统 if (in_array($type, array('m2o', 'uc')) || empty($platformInfo)) { $this->errorOutput(BIND_MEMBER_TYPE_ERROR); } else { if (!$platformInfo['status']) { $this->errorOutput(BIND_MEMBER_TYPE_CLOSE); } } $type_name = $platformInfo['name']; $device_token = $this->Members->check_device_token(trim($this->input['device_token'])); $udid = $this->Members->check_udid(trim($this->input['uuid'])); //唯一设备号 if ($device_token === 0) { $this->errorOutput(ERROR_DEVICE_TOKEN); } if ($udid === 0) { $this->errorOutput(ERROR_UDID); } $avatar_url = trim($this->input['avatar_url']); $ip = hg_getip(); //验证会员是否存在 $condition = " AND m.member_id=" . $member_id; $left_join = 'LEFT JOIN ' . DB_PREFIX . 'member_bind as mb ON m.member_id=mb.member_id AND m.type=mb.type'; $ret_member = $this->mMember->get_member_info($condition, 'm.*,mb.nick_name', $left_join, 0); $ret_member = $ret_member[0]; if (empty($ret_member)) { $this->errorOutput(NO_MEMBER); } $callback_sql = ''; if (!empty($ret_member['nick_name'])) { $nick_name = $ret_member['nick_name']; } else { $nick_name = $platform_id; } if (empty($avatar_url)) { $avatar = array('host' => '', 'dir' => '', 'filepath' => '', 'filename' => ''); if (is_serialized_string($ret_member['avatar'])) { $avatar = unserialize($ret_member['avatar']); } $avatar_url = $avatar['host'] . $avatar['dir'] . $avatar['filepath'] . $avatar['filename']; } else { $avatar_url = trim($this->input['avatar_url']); } if (hg_check_email_format($platform_id)) { $sql = 'SELECT platform_id FROM ' . DB_PREFIX . 'member_bind WHERE platform_id="' . $platform_id . '" AND identifier=' . $identifier; $result = $this->db->query_first($sql); if ($result) { $this->errorOutput(EMAIL_HAS_BINDED); } if (defined(BIND_EMAIL_NEED_VERIFYCODE)) { $email_verifycode = trim($this->input['email_verifycode']); if (!$email_verifycode) { $this->errorOutput(VERIFY_NULL); } if ($this->memberverifycode->get_verifycode_info($platform_id, $email_verifycode, 1, $action = 1)) { //验证成功之后删除 $this->memberverifycode->verifycode_delete($platform_id, $email_verifycode, 1, $action = 1); } else { $this->errorOutput(VERIFY_FAILED); } } $type = 'email'; $type_name = '邮箱'; } elseif (hg_verify_mobile($platform_id)) { $type = 'shouji'; $type_name = '手机'; } $need_password_type = array('shouji', 'm2o', 'email'); if (in_array($type, $need_password_type) && $password) { //随机串 $salt = hg_generate_salt(); //密码md5 $md5_password = md5(md5($password) . $salt); $memberUpdataField['password'] = $md5_password; $memberUpdataField['salt'] = $salt; } elseif (in_array($type, $need_password_type) && empty($ret_member['password'])) { $this->errorOutput(NO_PASSWORD); //如果绑定类型为手机,M2O,email,但是主表未设置密码,则需要设置密码 } if (!$member_id) { $this->errorOutput(NO_MEMBER_ID); } if (!$platform_id) { $this->errorOutput(NO_EXTERNAL_MEMBER_ID); } if (!$nick_name) { $this->errorOutput(NO_NICKNAME); } if (!$type) { $this->errorOutput(NO_EXTERNAL_TYPE); } //验证手机验证码 if ($type == 'shouji') { $mobile_verifycode = trim($this->input['mobile_verifycode']); if (!$mobile_verifycode) { $this->errorOutput(MOBILE_NOT_VERIFY); } $mobile = $platform_id; //简单验证手机号格式 if (!hg_verify_mobile($mobile)) { $this->errorOutput(MOBILE_NUMBER_FORMAT_ERROR); } //验证码 $verifycode = $this->mSmsServer->get_verifycode_info($mobile, $mobile_verifycode); if (empty($verifycode)) { $this->errorOutput(VERIFY_FAILED); } //删除验证码 $this->mSmsServer->mobile_verifycode_delete($mobile, $mobile_verifycode); if (TIMENOW > $verifycode['create_time'] + VERIFYCODE_EXPIRED_TIME) { $this->errorOutput(VERIFY_EXPIRED); } } $condition = " AND mb.platform_id = '" . $platform_id . "' AND mb.type = '" . $type . "' AND mb.identifier=" . $identifier; $_bind = $this->mMember->get_bind_info($condition); if ($_bind[0] && $member_id != $_bind[0]['member_id']) { $this->errorOutput(ACCOUNT_BIND); //验证此账户类型是否已被其他用户绑定 } $condition = " AND mb.member_id = '" . $member_id . "' AND mb.type = '" . $type . "' AND mb.identifier=" . $identifier; $bind = $this->mMember->get_bind_info($condition); $bind = $bind[0]; if ($bind) { $this->errorOutput(BIND_TYPE_EXISTS); //强制用户解除已有该类型绑定,防止原先绑定信息未经验证被串改! } $avatar_array = $this->mMember->update_avatar($avatar_url, $bind, $member_id); if ($avatar_array && is_array($avatar_array)) { $sql = 'UPDATE ' . DB_PREFIX . 'member SET avatar =\'' . daddslashes(serialize($avatar_array)) . '\' WHERE member_id=' . intval($member_id); $this->db->query($sql); } $bind_data = array('member_id' => $member_id, 'platform_id' => $platform_id, 'nick_name' => $nick_name, 'type' => $type, 'type_name' => $type_name, 'avatar_url' => $avatar_url, 'identifier' => $identifier, 'reg_device_token' => $device_token, 'reg_udid' => $udid); if (empty($bind)) { $checkBind = new check_Bind(); $isUc = 0; $isUc = $checkBind->check_Bind($member_id, 'uc'); if (empty($isUc)) { $isUc = $checkBind->check_uc($member_id); if ($isUc) { $bind_data['inuc'] = $isUc; } } //新增绑定表 $bind_data['bind_time'] = TIMENOW; $bind_data['bind_ip'] = $ip; $ret_bind = $this->mMember->bind_create($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } } else { //更新绑定表 $ret_bind = $this->mMember->bind_update($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_UPDATE_FAILED); } } if ($type == 'shouji') { $memberUpdataField['mobile'] = $platform_id; } elseif ($type == 'email') { $memberUpdataField['email'] = $platform_id; } if ($ret_member['type'] == 'email' || $ret_member['type'] == 'shouji') { $memberUpdataField['member_name'] = $platform_id; } $return = array('member_id' => $member_id, 'member_name' => in_array($ret_member['member_name'], array('m2o', 'uc')) ? $ret_member['member_name'] : $platform_id, 'type' => $type, 'nick_name' => $nick_name, 'is_exist_password' => $ret_member['password'] ? 1 : 0); if ($memberUpdataField && $this->mMember->update($memberUpdataField, array('member_id' => $member_id))) { if ($this->settings['ucenter']['open']) { if ($ret_member['type'] == 'm2o' && $type == 'email') { $this->mMember->uc_user_edit($ret_member['member_name'], '', $password, $platform_id, 1); } } } $this->addItem($return); $this->output(); }
/** * @since 1.6.3 * * @param $entry * @param string $meta_type * * @return string|void */ function _list_meta_item($entry, $meta_type = 'gmedia') { if (is_serialized($entry['meta_value'])) { if (is_serialized_string($entry['meta_value'])) { // This is a serialized string, so we should display it. $entry['meta_value'] = maybe_unserialize($entry['meta_value']); } else { // This is a serialized array/object so we should NOT display it. return; } } $entry['meta_key'] = esc_attr($entry['meta_key']); $entry['meta_value'] = esc_textarea($entry['meta_value']); // using a <textarea /> $entry['meta_id'] = (int) $entry['meta_id']; $colsm = 'gmedia' == $meta_type ? 6 : 4; //$delete_nonce = wp_create_nonce( 'gmedia_custom_field', '_customfield_nonce' ); $item = ' <div class="form-group col-sm-' . $colsm . ' gm-custom-meta-' . $entry['meta_id'] . '"> <span class="delete-custom-field glyphicon glyphicon-remove pull-right text-danger"></span> <label>' . $entry['meta_key'] . '</label> <textarea name="meta[' . $entry['meta_id'] . ']" class="gmedia-custom-field gm-custom-field-' . $entry['meta_id'] . ' vert form-control input-sm" style="height:30px;" placeholder="' . __('Value', 'grand-media') . '" rows="1" cols="30">' . $entry['meta_value'] . '</textarea> </div> '; return $item; }
function nebula_initialization_email_prev_settings() { $email_admin_timeout = get_transient('nebula_email_admin_timeout'); if (!empty($email_admin_timeout) || !nebula_is_initialized_before()) { return; } global $wpdb; $current_user = wp_get_current_user(); $to = $current_user->user_email; $headers[] = 'From: ' . get_bloginfo('name'); //Carbon copy the admin if reset was done by another user. $admin_user_email = get_option('nebula_contact_email', get_option('admin_email')); if ($admin_user_email != $current_user->user_email) { $headers[] = 'Cc: ' . $admin_user_email; } $subject = 'Wordpress theme settings reset for ' . get_bloginfo('name'); $message = '<p>Wordpress theme settings have been reset for <strong>' . get_bloginfo('name') . '</strong> by <strong>' . $current_user->display_name . ' <' . $current_user->user_email . '></strong> on <strong>' . date('F j, Y') . '</strong> at <strong> ' . date('g:ia') . '</strong>.</p><p>Below is a record of the previous settings prior to the reset for backup purposes:</p>'; $message .= '<table style="width: 100%;>'; $options = $wpdb->get_results("SELECT * FROM {$wpdb->options} ORDER BY option_name"); foreach ($options as $option) { if ($option->option_name != '') { if (is_serialized($option->option_value)) { if (is_serialized_string($option->option_value)) { $value = maybe_unserialize($option->option_value); $options_to_update[] = $option->option_name; } else { $value = 'SERIALIZED DATA'; } } else { $value = $option->option_value; $options_to_update[] = $option->option_name; } $message .= '<tr><td style="width: 40%; min-width: 330px;">'; if (strpos(esc_html($option->option_name), 'nebula') !== false) { $message .= '<strong style="color: #0098d7;">' . esc_html($option->option_name) . '</strong>'; } else { $message .= '<strong>' . esc_html($option->option_name) . '</strong>'; } $message .= '</td><td style="width: 60%;">'; if (strpos($value, "\n") !== false) { $message .= '<textarea rows="5" style="width: 95%; resize: vertical;">' . esc_textarea($value) . '</textarea>'; } else { $message .= '<input type="text" value="' . esc_attr($value) . '" style="width: 95%;" />'; } $message .= '</td></tr>'; } } $message .= '</table>'; //Set the content type to text/html for the email. Don't forget to reset after wp_mail()! add_filter('wp_mail_content_type', 'set_html_content_type'); function set_html_content_type() { return 'text/html'; } wp_mail($to, $subject, $message, $headers); remove_filter('wp_mail_content_type', 'set_html_content_type'); //This resets the content type for the email. set_transient('nebula_email_admin_timeout', 'true', 60 * 15); //15 minute expiration }
_e('Add meta', 'woocommerce'); ?> </button></td> </tr> </tfoot> <tbody class="meta_items"> <?php if ($metadata = $order->has_meta($item_id)) { foreach ($metadata as $meta) { // Skip hidden core fields if (in_array($meta['meta_key'], apply_filters('woocommerce_hidden_order_itemmeta', array('_qty', '_tax_class', '_product_id', '_variation_id', '_line_subtotal', '_line_subtotal_tax', '_line_total', '_line_tax')))) { continue; } // Handle serialised fields if (is_serialized($meta['meta_value'])) { if (is_serialized_string($meta['meta_value'])) { // this is a serialized string, so we should display it $meta['meta_value'] = maybe_unserialize($meta['meta_value']); } else { continue; } } $meta['meta_key'] = esc_attr($meta['meta_key']); $meta['meta_value'] = esc_textarea($meta['meta_value']); // using a <textarea /> $meta['meta_id'] = (int) $meta['meta_id']; echo '<tr data-meta_id="' . $meta['meta_id'] . '"> <td><input type="text" name="meta_key[' . $meta['meta_id'] . ']" value="' . $meta['meta_key'] . '" /></td> <td><input type="text" name="meta_value[' . $meta['meta_id'] . ']" value="' . $meta['meta_value'] . '" /></td> <td width="1%"><button class="remove_order_item_meta button">×</button></td> </tr>';
function list_meta($meta) { global $post_ID; // Exit if no meta if (!$meta) { echo '<tbody id="the-list"><tr style="display: none;"><td> </td></tr></tbody>'; //TBODY needed for list-manipulation JS return; } $count = 0; ?> <thead> <tr> <th><?php _e('Key'); ?> </th> <th><?php _e('Value'); ?> </th> <th colspan='2'><?php _e('Action'); ?> </th> </tr> </thead> <?php $r = "\n\t<tbody id='the-list'>"; foreach ($meta as $entry) { ++$count; if ($count % 2) { $style = 'alternate'; } else { $style = ''; } if ('_' == $entry['meta_key'][0]) { $style .= ' hidden'; } if (is_serialized($entry['meta_value'])) { if (is_serialized_string($entry['meta_value'])) { // this is a serialized string, so we should display it $entry['meta_value'] = maybe_unserialize($entry['meta_value']); } else { // this is a serialized array/object so we should NOT display it --$count; continue; } } $key_js = js_escape($entry['meta_key']); $entry['meta_key'] = attribute_escape($entry['meta_key']); $entry['meta_value'] = attribute_escape($entry['meta_value']); $entry['meta_id'] = (int) $entry['meta_id']; $r .= "\n\t<tr id='meta-{$entry['meta_id']}' class='{$style}'>"; $r .= "\n\t\t<td valign='top'><input name='meta[{$entry['meta_id']}][key]' tabindex='6' type='text' size='20' value='{$entry['meta_key']}' /></td>"; $r .= "\n\t\t<td><textarea name='meta[{$entry['meta_id']}][value]' tabindex='6' rows='2' cols='30'>{$entry['meta_value']}</textarea></td>"; $r .= "\n\t\t<td align='center'><input name='updatemeta' type='submit' class='updatemeta' tabindex='6' value='" . attribute_escape(__('Update')) . "' /><br />"; $r .= "\n\t\t<input name='deletemeta[{$entry['meta_id']}]' type='submit' onclick=\"return deleteSomething( 'meta', {$entry['meta_id']}, '"; $r .= js_escape(sprintf(__("You are about to delete the '%s' custom field on this post.\n'OK' to delete, 'Cancel' to stop."), $key_js)); $r .= "' );\" class='deletemeta' tabindex='6' value='" . attribute_escape(__('Delete')) . "' /></td>"; $r .= "\n\t</tr>"; } echo $r; echo "\n\t</tbody>"; }
/** * {@internal Missing Short Description}} * * @since unknown * * @param unknown_type $mid * @return unknown */ function get_post_meta_by_id($mid) { global $wpdb; $mid = (int) $mid; $meta = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->postmeta} WHERE meta_id = %d", $mid)); if (is_serialized_string($meta->meta_value)) { $meta->meta_value = maybe_unserialize($meta->meta_value); } return $meta; }
/** * @dataProvider data_is_serialized_string */ public function test_is_serialized_string($value, $result) { $this->assertSame(is_serialized_string($value), $result); }
<form name="form" action="options.php" method="post" id="all-options"> <?php wp_nonce_field('options-options'); ?> <input type="hidden" name="action" value="update" /> <input type='hidden' name='option_page' value='options' /> <table class="form-table"> <?php $options = $wpdb->get_results("SELECT * FROM {$wpdb->options} ORDER BY option_name"); foreach ((array) $options as $option) { $disabled = false; if ($option->option_name == '') { continue; } if (is_serialized($option->option_value)) { if (is_serialized_string($option->option_value)) { // this is a serialized string, so we should display it $value = maybe_unserialize($option->option_value); $options_to_update[] = $option->option_name; $class = 'all-options'; } else { $value = 'SERIALIZED DATA'; $disabled = true; $class = 'all-options disabled'; } } else { $value = $option->option_value; $options_to_update[] = $option->option_name; $class = 'all-options'; } $name = esc_attr($option->option_name);
/** * Prepares meta data for return as an object * * @param int $post Post ID * @param stdClass $data Metadata row from database * @param boolean $is_serialized Is the value field still serialized? (False indicates the value has been unserialized) * @return array|WP_Error Meta object data on success, WP_Error otherwise */ protected function prepare_meta($post, $data, $is_raw = false) { $ID = $data->meta_id; $key = $data->meta_key; $value = $data->meta_value; // Don't expose protected fields. if (is_protected_meta($key)) { return new WP_Error('json_meta_protected', sprintf(__('%s is marked as a protected field.'), $key), array('status' => 403)); } // Normalize serialized strings if ($is_raw && is_serialized_string($value)) { $value = unserialize($value); } // Don't expose serialized data if (is_serialized($value) || !is_string($value)) { return new WP_Error('json_meta_protected', sprintf(__('%s contains serialized data.'), $key), array('status' => 403)); } $meta = array('ID' => (int) $ID, 'key' => $key, 'value' => $value); return apply_filters('json_prepare_meta_value', $meta, $post); }