PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.15
Code Manager v1.0.15
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager.php
code-manager / Code_Manager Last commit date
Code_Manager.php 4 years ago Code_Manager_Dashboard.php 4 years ago Code_Manager_Export.php 4 years ago Code_Manager_Form.php 4 years ago Code_Manager_Import.php 4 years ago Code_Manager_Import_File.php 4 years ago Code_Manager_List.php 4 years ago Code_Manager_List_View.php 4 years ago Code_Manager_Model.php 4 years ago Code_Manager_Preview.php 4 years ago Code_Manager_Settings.php 4 years ago Code_Manager_Tabs.php 4 years ago Message_Box.php 4 years ago WP_List_Table.php 4 years ago
Code_Manager.php
336 lines
1 <?php
2 /**
3 * Code Manager main class
4 *
5 * @package Code_Manager
6 */
7
8 namespace Code_Manager {
9
10 /**
11 * Class Code_Manager
12 *
13 * Add plugin actions and runs the code saved in the code manager table.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager {
19
20 const CM_MESSAGE = 'code_manager_alert_off';
21 const PHP_OPEN = '<?php';
22 const PHP_CLOSE = '?>';
23 const CSS_OPEN = '<style>';
24 const CSS_CLOSE = '</style>';
25 const JS_OPEN = '<script>';
26 const JS_CLOSE = '</script>';
27
28 /**
29 * Add Code Manager specific actions
30 *
31 * @param Object $loader Plugin loader.
32 * @since 1.0.0
33 */
34 public function add_actions( $loader ) {
35 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
36 $code_manager_model = new $code_manager_model_class();
37
38 if ( is_admin() ) {
39 // Admin actions.
40 $loader->add_action( 'admin_action_code_manager_export', Code_Manager_Export::class, 'export' );
41 $loader->add_action( 'wp_ajax_code_manager_export', Code_Manager_Export::class, 'export_ajax' );
42 $loader->add_action( 'wp_ajax_nopriv_code_manager_export', Code_Manager_Export::class, 'export_ajax' );
43
44 $loader->add_action( 'wp_ajax_code_manager_update_code', $code_manager_model, 'update_code' );
45 $loader->add_action( 'wp_ajax_code_manager_activate_code', $code_manager_model, 'activate_code' );
46 $loader->add_action( 'wp_ajax_code_manager_activate_code_preview', $code_manager_model, 'activate_code_preview' );
47 $loader->add_action( 'wp_ajax_code_manager_deactivate_code_preview', $code_manager_model, 'deactivate_code_preview' );
48 $loader->add_action( 'wp_ajax_code_manager_reset_preview', $code_manager_model, 'reset_preview' );
49 $loader->add_action( 'wp_ajax_code_manager_get_code_list', $code_manager_model, 'get_code_list' );
50 $loader->add_action( 'wp_ajax_code_manager_code_name_exists', $code_manager_model, 'code_name_exists' );
51 $loader->add_action( 'wp_ajax_code_manager_is_code_preview_enabled', $code_manager_model, 'is_code_preview_enabled' );
52
53 $loader->add_action( 'wp_ajax_code_manager_get_code', $code_manager_model, 'get_code' );
54 $loader->add_action( 'wp_ajax_nopriv_code_manager_get_code', $code_manager_model, 'get_code' );
55
56 $loader->add_action( 'wp_ajax_code_manager_alert_off', Code_Manager::class, 'alert_off' );
57 }
58 }
59
60 /**
61 * Run shortcode
62 *
63 * @since 1.0.0
64 *
65 * @param array $atts Shortcode arguments.
66 * @var array
67 */
68 public function add_shortcode( $atts ) {
69 if ( self::code_manager_disabled() ) {
70 // Code manager disabled.
71 return '';
72 }
73
74 global $pagenow;
75 if ( 'post.php' === $pagenow || 'edit.php' === $pagenow || 'post-new.php' === $pagenow ) {
76 // Prevent errors on execution if shortcode is shown in classic editor.
77 return '';
78 }
79
80 if ( isset( $_SERVER['CONTENT_TYPE'] ) && 'application/json' === $_SERVER['CONTENT_TYPE'] ) {
81 // Prevent errors on execution if shortcode is shown in Gutenberg editor.
82 return null;
83 }
84
85 global $wpda_shortcode_args;
86 $wpda_shortcode_args = $atts; // Allow user to define and use custom parameters.
87
88 $atts = array_change_key_case( (array) $atts, CASE_LOWER );
89 $wp_atts = shortcode_atts(
90 array(
91 'id' => '',
92 'name' => '',
93 ),
94 $atts
95 );
96
97 if ( '' === $wp_atts['id'] && '' === $wp_atts['name'] ) {
98 return '';
99 }
100
101 ob_start();
102
103 $ids = explode( ',', $wp_atts['id'] );
104 foreach ( $ids as $id ) {
105 $this->run_shortcode_id( $id );
106 }
107
108 $names = explode( ',', $wp_atts['name'] );
109 foreach ( $names as $name ) {
110 $this->run_shortcode_name( $name );
111 }
112
113 $content = ob_get_contents();
114 ob_end_clean();
115
116 return $content;
117 }
118
119 /**
120 * Run shortcode from code id
121 *
122 * @param integer $id Code ID.
123 * @return void
124 */
125 protected function run_shortcode_id( $id ) {
126 if ( '' !== $id ) {
127 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
128 $code_manager_model = new $code_manager_model_class();
129 $code_row = $code_manager_model::dml_query( $id );
130 if ( 1 === count( $code_row ) ) {
131 if (
132 '1' === $code_row[0]['code_enabled'] ||
133 Code_Manager_Preview::is_code_id_preview_enabled( $id )
134 ) {
135 $this->run_shortcode( $code_row[0]['code_type'], $code_row[0]['code'] );
136 }
137 }
138 }
139 }
140
141 /**
142 * Run shortcode from code name
143 *
144 * @param string $name Code name.
145 * @return void
146 */
147 protected function run_shortcode_name( $name ) {
148 if ( '' !== $name ) {
149 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
150 $code_manager_model = new $code_manager_model_class();
151 $code_row = $code_manager_model::dml_query_by_name( $name );
152 if ( 1 === count( $code_row ) ) {
153 if (
154 '1' === $code_row[0]['code_enabled'] ||
155 Code_Manager_Preview::is_code_id_preview_enabled( $code_row[0]['code_id'] )
156 ) {
157 $this->run_shortcode( $code_row[0]['code_type'], $code_row[0]['code'] );
158 }
159 }
160 }
161 }
162
163 /**
164 * Adds code de pending on the code type
165 *
166 * @since 1.0.0
167 *
168 * @param string $code_type Code type (shortcodes only).
169 * @param string $code The code (PHP, JS, CSS or HTML).
170 */
171 protected function run_shortcode( $code_type, $code ) {
172 if ( strpos( $code_type, 'html' ) !== false ) {
173 echo wp_unslash( $code ); // phpcs:ignore WordPress.Security.EscapeOutput
174 } elseif ( strpos( $code_type, 'css' ) !== false ) {
175 echo self::CSS_OPEN . wp_unslash( $code ) . self::CSS_CLOSE; // phpcs:ignore WordPress.Security.EscapeOutput
176 } elseif ( strpos( $code_type, 'javascript' ) !== false ) {
177 echo self::JS_OPEN . wp_unslash( $code ) . self::JS_CLOSE; // phpcs:ignore WordPress.Security.EscapeOutput
178 } elseif ( 'php shortcode' === $code_type ) {
179 $this->add_php_code( $code, false );
180 }
181 }
182
183 /**
184 * Run shortcode from back-end code block using code id
185 *
186 * @param integer $id Code ID.
187 * @return void
188 */
189 public function run_shortcode_id_from_anywhere( $id ) {
190 $this->run_shortcode_id( $id );
191 }
192
193 /**
194 * Run shortcode from back-end code block using code name
195 *
196 * @param string $name Code name.
197 * @return void
198 */
199 public function run_shortcode_name_from_anywhere( $name ) {
200 $this->run_shortcode_name( $name );
201 }
202
203 /**
204 * Adds PHP code
205 *
206 * @since 1.0.0
207 *
208 * @param string $php_code PHP code to be added.
209 * @param bool $php7_required Indicates whether PHP7 is required for this code type.
210 */
211 protected function add_php_code( $php_code, $php7_required = true ) {
212 // Do not execute any code on Code Manager pages!!!
213 // This is an admins rescue in case code fails.
214 if ( ! self::is_code_manager_page() ) {
215 eval( $this->strip_code( $php_code ) );
216 }
217 }
218
219 /**
220 * Remove PHP opening and closing tags (when found) from given code
221 *
222 * @since 1.0.0
223 *
224 * @param string $php_code PHP source code.
225 *
226 * @return string PHP code without PHP opening and closing tags
227 */
228 protected function strip_code( $php_code ) {
229 $php_code = rtrim( ltrim( $php_code ) );
230
231 if ( self::PHP_OPEN === strtolower( substr( $php_code, 0, 5 ) ) ) {
232 $php_code = substr( $php_code, 5 );
233 }
234
235 if ( self::PHP_CLOSE === substr( $php_code, strlen( $php_code ) - 2 ) ) {
236 $php_code = substr( $php_code, 0, strlen( $php_code ) - 2 );
237 }
238
239 return $php_code;
240 }
241
242 /**
243 * Checks if Code Manager is disabled
244 *
245 * (1) Disabled in settings page
246 * (2) Disabled in config file
247 *
248 * @since 1.0.0
249 *
250 * @return bool TRUE - Code Manager is disabled
251 */
252 public static function code_manager_disabled() {
253 $plugin_code_execution = get_option( 'code_manager_plugin_code_execution' );
254 if ( false === $plugin_code_execution ) {
255 $plugin_code_execution = 'on';
256 }
257
258 return 'on' !== $plugin_code_execution || ( defined( 'CODE_MANAGER_DISABLED' ) && CODE_MANAGER_DISABLED );
259 }
260
261 /**
262 * Returns true if user is on a Code Manager back-end page
263 *
264 * @return bool
265 */
266 public static function is_code_manager_page() {
267 return (
268 is_admin() &&
269 isset( $_REQUEST['page'] ) &&
270 (
271 CODE_MANAGER_MENU_SLUG === $_REQUEST['page'] ||
272 CODE_MANAGER_SETTINGS_MENU_SLUG === $_REQUEST['page'] ||
273 'code_manager_post' === $_REQUEST['page']
274 )
275 );
276 }
277
278 /**
279 * Get current user login
280 *
281 * @return string
282 */
283 public static function get_current_user_login() {
284 global $current_user;
285 if ( isset( $current_user->user_login ) ) {
286 return $current_user->user_login;
287 } else {
288 $wp_user = wp_get_current_user();
289 if ( isset( $wp_user->data->user_login ) ) {
290 return $wp_user->data->user_login;
291 } else {
292 return 'anonymous';
293 }
294 }
295 }
296
297 /**
298 * Get current user id
299 *
300 * @return string
301 */
302 public static function get_current_user_id() {
303 global $current_user;
304 if ( isset( $current_user->ID ) ) {
305 return $current_user->ID;
306 } else {
307 $wp_user = wp_get_current_user();
308 if ( isset( $wp_user->data->ID ) ) {
309 return $wp_user->data->ID;
310 } else {
311 return -1;
312 }
313 }
314 }
315
316 public static function get_cm_message() {
317 return get_user_meta( self::get_current_user_id(), self::CM_MESSAGE, true );
318 }
319
320 public static function alert_off() {
321 if ( is_user_logged_in() && isset( $_REQUEST['wpnonce'] ) ) {
322 // Check if action is allowed.
323 $wpnonce = sanitize_text_field( wp_unslash( $_REQUEST['wpnonce'] ) ); // input var okay.
324 if ( wp_verify_nonce( $wpnonce, 'code-manager-' . Code_manager::get_current_user_login() ) ) {
325 // Turn off alarm.
326 update_user_meta( self::get_current_user_id(), self::CM_MESSAGE, 'hide' );
327 }
328 }
329
330 wp_die();
331 }
332
333 }
334
335 }
336