示例#1
0
/**
 * Display "Are You Sure" message to confirm the action being taken.
 *
 * If the action has the nonce explain message, then it will be displayed
 * along with the "Are you sure?" message.
 *
 * @since 0.0.1
 *
 * @param string $action The nonce action.
 */
function hq_nonce_ays($action)
{
    if ('log-out' == $action) {
        $html = sprintf(__('You are attempting to log out of %s'), get_bloginfo('name')) . '</p><p>';
        $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
        $html .= sprintf(__("Do you really want to <a href='%s'>log out</a>?"), hq_logout_url($redirect_to));
    } else {
        $html = __('Are you sure you want to do this?');
        if (hq_get_referer()) {
            $html .= "</p><p><a href='" . esc_url(remove_query_arg('updated', hq_get_referer())) . "'>" . __('Please try again.') . "</a>";
        }
    }
    hq_die($html, __('HiveQueen Failure Notice'), 403);
}
示例#2
0
    ?>
</a></p>

<?php 
} elseif (!$php_compat || !$mysql_compat) {
    if (!$mysql_compat && !$php_compat) {
        printf(__('You cannot update because <a href="://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires PHP version %2$s or higher and MySQL version %3$s or higher. You are running PHP version %4$s and MySQL version %5$s.'), $hq_version, $required_php_version, $required_mysql_version, $php_version, $mysql_version);
    } elseif (!$php_compat) {
        printf(__('You cannot update because <a href="https://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires PHP version %2$s or higher. You are running version %3$s.'), $hq_version, $required_php_version, $php_version);
    } elseif (!$mysql_compat) {
        printf(__('You cannot update because <a href="https://github.com/gcorral/hivequeen">HiveQueen %1$s</a> requires MySQL version %2$s or higher. You are running version %3$s.'), $hq_version, $required_mysql_version, $mysql_version);
    }
} else {
    switch ($step) {
        case 0:
            $goback = hq_get_referer();
            if ($goback) {
                $goback = esc_url_raw($goback);
                $goback = urlencode($goback);
            }
            ?>
<h2><?php 
            _e('Database Update Required');
            ?>
</h2>
<p><?php 
            _e('HiveQueen has been updated! Before we send you on your way, we have to update your database to the newest version.');
            ?>
</p>
<p><?php 
            _e('The update process may take a little while, so please be patient.');
示例#3
0
/**
 * Saves option for number of rows when listing posts, pages, comments, etc.
 *
 * @since 0.0.1
 */
function set_screen_options()
{
    if (isset($_POST['hq_screen_options']) && is_array($_POST['hq_screen_options'])) {
        check_admin_referer('screen-options-nonce', 'screenoptionnonce');
        if (!($user = hq_get_current_user())) {
            return;
        }
        $option = $_POST['hq_screen_options']['option'];
        $value = $_POST['hq_screen_options']['value'];
        if ($option != sanitize_key($option)) {
            return;
        }
        $map_option = $option;
        $type = str_replace('edit_', '', $map_option);
        $type = str_replace('_per_page', '', $type);
        if (in_array($type, get_taxonomies())) {
            $map_option = 'edit_tags_per_page';
        } elseif (in_array($type, get_post_types())) {
            $map_option = 'edit_per_page';
        } else {
            $option = str_replace('-', '_', $option);
        }
        switch ($map_option) {
            case 'edit_per_page':
            case 'users_per_page':
            case 'edit_comments_per_page':
            case 'upload_per_page':
            case 'edit_tags_per_page':
            case 'plugins_per_page':
                // Network admin
            // Network admin
            case 'sites_network_per_page':
            case 'users_network_per_page':
            case 'site_users_network_per_page':
            case 'plugins_network_per_page':
            case 'themes_network_per_page':
            case 'site_themes_network_per_page':
                $value = (int) $value;
                if ($value < 1 || $value > 999) {
                    return;
                }
                break;
            default:
                /**
                 * Filter a screen option value before it is set.
                 *
                 * The filter can also be used to modify non-standard [items]_per_page
                 * settings. See the parent function for a full list of standard options.
                 *
                 * Returning false to the filter will skip saving the current option.
                 *
                 * @since 0.0.1
                 *
                 * @see set_screen_options()
                 *
                 * @param bool|int $value  Screen option value. Default false to skip.
                 * @param string   $option The option name.
                 * @param int      $value  The number of rows to use.
                 */
                $value = apply_filters('set-screen-option', false, $option, $value);
                if (false === $value) {
                    return;
                }
                break;
        }
        update_user_meta($user->ID, $option, $value);
        hq_safe_redirect(remove_query_arg(array('pagenum', 'apage', 'paged'), hq_get_referer()));
        exit;
    }
}
示例#4
0
 /**
  * Makes sure that a user was referred from another admin page.
  *
  * To avoid security exploits.
  *
  * @since 0.0.1
  *
  * @param int|string $action    Action nonce.
  * @param string     $query_arg Optional. Key to check for nonce in `$_REQUEST` (since 2.5).
  *                              Default '_hqnonce'.
  * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
  *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
  */
 function check_admin_referer($action = -1, $query_arg = '_hqnonce')
 {
     if (-1 == $action) {
         _doing_it_wrong(__FUNCTION__, __('You should specify a nonce action to be verified by using the first parameter.'), '3.2');
     }
     $adminurl = strtolower(admin_url());
     $referer = strtolower(hq_get_referer());
     $result = isset($_REQUEST[$query_arg]) ? hq_verify_nonce($_REQUEST[$query_arg], $action) : false;
     /**
      * Fires once the admin request has been validated or not.
      *
      * @since 0.0.1
      *
      * @param string    $action The nonce action.
      * @param false|int $result False if the nonce is invalid, 1 if the nonce is valid and generated between
      *                          0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
      */
     do_action('check_admin_referer', $action, $result);
     if (!$result && !(-1 == $action && strpos($referer, $adminurl) === 0)) {
         hq_nonce_ays($action);
         die;
     }
     return $result;
 }
示例#5
0
     require_once ABSPATH . HQINC . '/class-phpass.php';
     $hasher = new PasswordHash(8, true);
     /**
      * Filter the life span of the post password cookie.
      *
      * By default, the cookie expires 10 days from creation. To turn this
      * into a session cookie, return 0.
      *
      * @since 0.0.1
      *
      * @param int $expires The expiry time, as passed to setcookie().
      */
     $expire = apply_filters('post_password_expires', time() + 10 * DAY_IN_SECONDS);
     $secure = 'https' === parse_url(home_url(), PHP_URL_SCHEME);
     setcookie('hq-postpass_' . COOKIEHASH, $hasher->HashPassword(hq_unslash($_POST['post_password'])), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure);
     hq_safe_redirect(hq_get_referer());
     exit;
 case 'logout':
     check_admin_referer('log-out');
     $user = hq_get_current_user();
     hq_logout();
     if (!empty($_REQUEST['redirect_to'])) {
         $redirect_to = $requested_redirect_to = $_REQUEST['redirect_to'];
     } else {
         $redirect_to = 'hq-login.php?loggedout=true';
         $requested_redirect_to = '';
     }
     /**
      * Filter the log out redirect URL.
      *
      * @since 0.0.1