googleapps.php — Jetpack – WP Security, Backup, Speed, & Growth 11.1.1

jetpack / modules / shortcodes / googleapps.php

jetpack / modules / shortcodes Last commit date

css 4 years ago images 12 years ago img 13 years ago js 4 years ago archiveorg-book.php 4 years ago archiveorg.php 4 years ago archives.php 5 years ago bandcamp.php 5 years ago brightcove.php 5 years ago cartodb.php 5 years ago class.filter-embedded-html-objects.php 5 years ago codepen.php 5 years ago crowdsignal.php 5 years ago dailymotion.php 4 years ago descript.php 4 years ago facebook.php 5 years ago flatio.php 5 years ago flickr.php 5 years ago getty.php 5 years ago gist.php 5 years ago googleapps.php 5 years ago googlemaps.php 5 years ago googleplus.php 5 years ago gravatar.php 5 years ago houzz.php 5 years ago inline-pdfs.php 4 years ago instagram.php 4 years ago kickstarter.php 5 years ago mailchimp.php 5 years ago medium.php 5 years ago mixcloud.php 5 years ago others.php 5 years ago pinterest.php 5 years ago presentations.php 5 years ago quiz.php 4 years ago recipe.php 5 years ago scribd.php 5 years ago sitemap.php 5 years ago slideshare.php 5 years ago slideshow.php 4 years ago smartframe.php 4 years ago soundcloud.php 4 years ago spotify.php 4 years ago ted.php 5 years ago tweet.php 5 years ago twitchtv.php 5 years ago twitter-timeline.php 5 years ago unavailable.php 4 years ago untappd-menu.php 5 years ago upcoming-events.php 5 years ago ustream.php 5 years ago videopress.php 5 years ago vimeo.php 4 years ago vine.php 5 years ago vr.php 4 years ago wordads.php 5 years ago wufoo.php 4 years ago youtube.php 4 years ago

googleapps.php

256 lines

1	<?php
2	/**
3	* Google Docs and Google Calendar Shortcode
4	*
5	* Presentation:
6	* <iframe src="https://docs.google.com/present/embed?id=dhfhrphh_123drp8s65c&interval=15&autoStart=true&loop=true&size=l" frameborder="0" width="700" height="559"></iframe>
7	* <iframe src="https://docs.google.com/presentation/embed?id=13ItX4jV0SOSdr-ZjHarcpTh9Lr4omfsHAp87jpxv8-0&start=false&loop=false&delayms=3000" frameborder="0" width="960" height="749" allowfullscreen="true" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe>
8	*
9	* Document:
10	* <iframe src="https://docs.google.com/document/pub?id=1kDatklacdZ_tZUOpWtt_ONzY97Ldj2zFcuO9LBY2Ln4&embedded=true"></iframe>
11	* <iframe src="https://docs.google.com/document/d/1kDatklacdZ_tZUOpWtt_ONzY97Ldj2zFcuO9LBY2Ln4/pub?embedded=true"></iframe>
12	* <iframe src="https://docs.google.com/document/d/e/2PACX-1vRkpIdasKL-eKXDjJgpEONduUspZTz0YmKaajfie0eJYnzikuyusuG1_V8X8T9XflN9l8A1oCM2sgEA/pub?embedded=true"></iframe>
13	*
14	* External document:
15	* <iframe width=100% height=560px frameborder=0 src=https://docs.google.com/a/pranab.in/viewer?a=v&pid=explorer&chrome=false&embedded=true&srcid=1VTMwdgGiDMt8MCr75-YkQP-4u9WmEp1Qvf6C26KYBgFilxU2qndpd-VHhBIn&hl=en></iframe>
16	*
17	* Spreadsheet Form:
18	* <iframe src="https://spreadsheets.google.com/embeddedform?formkey=dEVOYnMzZG5jMUpGbjFMYjFYNVB3NkE6MQ" width="760" height="710" frameborder="0" marginheight="0" marginwidth="0">Loading...</iframe>
19	*
20	* Spreadsheet Widget:
21	* <iframe width='500' height='300' frameborder='0' src='https://spreadsheets1.google.com/a/petedavies.com/pub?hl=en&hl=en&key=0AjSij7nlnXvKdHNsNjRSWG12YmVfOEFwdlMxQ3J1S1E&single=true&gid=0&output=html&widget=true'></iframe>
22	* <iframe width='500' height='300' frameborder='0' src='https://spreadsheets.google.com/spreadsheet/pub?hl=en&hl=en&key=0AhInIwfvYrIUdGJiTXhtUEhBSFVPUzdRZU5OMDlqdnc&output=html&widget=true'></iframe>
23	*
24	* Calendar:
25	* <iframe src="https://www.google.com/calendar/embed?src=serjant%40gmail.com&ctz=Europe/Sofia" style="border: 0" width="800" height="600" frameborder="0" scrolling="no"></iframe>
26	* <iframe src="http://www.google.com/calendar/hosted/belcastro.com/embed?src=n8nr8sd6v9hnus3nmlk7ed1238%40group.calendar.google.com&ctz=Europe/Zurich" style="border: 0" width="800" height="600" frameborder="0" scrolling="no"></iframe>
27	*
28	* Customized calendar:
29	* <iframe src="https://www.google.com/calendar/embed?title=asdf&showTitle=0&showNav=0&showDate=0&showPrint=0&showTabs=0&showCalendars=0&
30	* showTz=0&mode=AGENDA&height=300&wkst=2&hl=fi&bgcolor=%23ffcccc&src=m52gdmbgelo3itf00u1v44g0ns%40group.calendar.google.com&color=%234E5D6C&
31	* src=serjant%40gmail.com&color=%235229A3&ctz=Europe%2FRiga" style=" border:solid 1px #777 " width="500" height="300" frameborder="0" scrolling="no"></iframe>
32	*
33	* Generic
34	* <iframe src="https://docs.google.com/file/d/0B0SIdZW7iu-zX1RWREJpMXVHZVU/preview" width="640" height="480"></iframe>
35	*
36	* @package automattic/jetpack
37	*/
38
39	add_filter( 'pre_kses', 'googleapps_embed_to_shortcode' );
40	add_shortcode( 'googleapps', 'googleapps_shortcode' );
41
42	/**
43	* Reverse iframe embed to shortcode mapping HTML attributes to shortcode attributes.
44	*
45	* @since 4.5.0
46	*
47	* @param string $content Post content.
48	*
49	* @return mixed
50	*/
51	function googleapps_embed_to_shortcode( $content ) {
52	if (
53	! is_string( $content )
54	\|\| false === stripos( $content, '<iframe' )
55	&& false === stripos( $content, '.google.com' )
56	) {
57	return $content;
58	}
59
60	$regexp = '#<iframe((?:\s+\w+="[^"]")?)\ssrc="https?://(docs\|drive\|spreadsheets\d\|calendar\|www)\.google\.com/(?!maps)([-\w\./]+)(?:\?)?([^"]+)?"\s((?:\s+\w+="[^"]")?)>.*?</iframe>#i';
61	$regexp_ent = str_replace( '&#058;', '&#058;\|&#0*58;', htmlspecialchars( $regexp, ENT_NOQUOTES ) );
62	$regexp_squot = str_replace( '"', "'", $regexp );
63	$regexp_ent_squot = str_replace( '"', "'", $regexp_ent );
64	$regexp_noquot = '!<iframe(.?)src=https://(docs\|drive)\.google\.com/[-\.\w/]?(viewer)\?(.?)>(.?)</iframe>!';
65	$regexp_ent_noquot = str_replace( '&#058;', '&#058;\|&#0*58;', htmlspecialchars( $regexp_noquot, ENT_NOQUOTES ) );
66
67	foreach ( compact( 'regexp', 'regexp_ent', 'regexp_squot', 'regexp_ent_squot', 'regexp_noquot', 'regexp_ent_noquot' ) as $reg => $regexp ) {
68	if ( ! preg_match_all( $regexp, $content, $matches, PREG_SET_ORDER ) ) {
69	continue;
70	}
71
72	foreach ( $matches as $match ) {
73	$params = $match[1] . $match[5];
74	if ( in_array( $reg, array( 'regexp_ent', 'regexp_ent_squot' ), true ) ) {
75	$params = html_entity_decode( $params );
76	}
77
78	$params = wp_kses_hair( $params, array( 'http' ) );
79
80	$width = 0;
81	$height = 0;
82
83	if ( isset( $params['width'] ) ) {
84	$width = (int) $params['width']['value'];
85	}
86
87	if ( isset( $params['height'] ) ) {
88	$height = (int) $params['height']['value'];
89	}
90
91	// allow the user to specify width greater than 200 inside text widgets.
92	if (
93	$width > 400
94	// We don't need to check a nonce here. A nonce is already checked "further up" in most code paths.
95	// In the case where no nonce is ever checked, setting this $_POST parameter doesn't do anything the submitter couldn't already do (set the width/height).
96	&& isset( $_POST['widget-text'] ) // phpcs:ignore WordPress.Security.NonceVerification.Missing
97	) {
98	$width = 200;
99	$height = 200;
100	}
101
102	$attributes = '';
103	if ( isset( $params['width'] ) && '100%' === $params['width']['value'] ) {
104	$width = '100%';
105	}
106
107	if ( $width ) {
108	$attributes = ' width="' . $width . '"';
109	}
110
111	if ( $height ) {
112	$attributes .= ' height="' . $height . '"';
113	}
114
115	$domain = 'spreadsheets';
116	if ( in_array( $match[2], array( 'docs', 'drive', 'www', 'calendar' ), true ) ) {
117	$domain = $match[2];
118	}
119
120	// Make sure this is actually something that the shortcode supports. If it's not, leave the HTML alone.
121	if ( ! googleapps_validate_domain_and_dir( $domain, $match[3] ) ) {
122	continue;
123	}
124
125	/** This action is documented in modules/widgets/social-media-icons.php */
126	do_action( 'jetpack_bump_stats_extras', 'html_to_shortcode', googleapps_service_name( $domain, $match[3] ) );
127
128	$content = str_replace( $match[0], '[googleapps domain="' . $domain . '" dir="' . $match[3] . '" query="' . esc_attr( $match[4] ) . '"' . $attributes . ' /]', $content );
129	}
130	}
131
132	return $content;
133	}
134
135	/**
136	* Parse shortcode attributes and output a Google Docs embed.
137	*
138	* @since 4.5.0
139	*
140	* @param array $atts Shortcode attributes.
141	*
142	* @return string
143	*/
144	function googleapps_shortcode( $atts ) {
145	global $content_width;
146
147	$attr = shortcode_atts(
148	array(
149	'width' => '100%',
150	'height' => '560',
151	'domain' => 'docs',
152	'dir' => 'document',
153	'query' => '',
154	'src' => '',
155	),
156	$atts
157	);
158
159	if ( isset( $content_width ) && is_numeric( $attr['width'] ) && $attr['width'] > $content_width ) {
160	$attr['width'] = $content_width;
161	}
162
163	if ( isset( $content_width ) && '560' === $attr['height'] ) {
164	$attr['height'] = floor( $content_width * 3 / 4 );
165	}
166
167	if ( isset( $atts[0] ) && $atts[0] ) {
168	$attr['src'] = $atts[0];
169	}
170
171	if ( $attr['src'] && preg_match( '!https?://(docs\|drive\|spreadsheets\d\|calendar\|www)\.google\.com/([-\w\./]+)\?([^"]+)!', $attr['src'], $matches ) ) {
172	$attr['domain'] = $matches[1];
173	$attr['dir'] = $matches[2];
174	parse_str( htmlspecialchars_decode( $matches[3] ), $query_ar );
175	$query_ar['chrome'] = 'false';
176	$query_ar['embedded'] = 'true';
177	$attr['query'] = http_build_query( $query_ar );
178	}
179
180	if ( ! googleapps_validate_domain_and_dir( $attr['domain'], $attr['dir'] ) ) {
181	return '<!-- Unsupported URL -->';
182	}
183
184	$attr['query'] = $attr['dir'] . '?' . $attr['query'];
185
186	/** This action is documented in modules/widgets/social-media-icons.php */
187	do_action( 'jetpack_bump_stats_extras', 'embeds', googleapps_service_name( $attr['domain'], $attr['dir'] ) );
188
189	return sprintf(
190	'<iframe src="%s" frameborder="0" width="%s" height="%s" marginheight="0" marginwidth="0" allowfullscreen="true" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe>',
191	esc_url( 'https://' . $attr['domain'] . '.google.com/' . $attr['query'] ),
192	esc_attr( $attr['width'] ),
193	esc_attr( $attr['height'] )
194	);
195	}
196
197	/**
198	* Check that the domain blogs to a Google Apps domain.
199	*
200	* @since 4.5.0
201	*
202	* @param string $domain Google subdomain.
203	* @param string $dir Subdirectory of the shared URL.
204	*
205	* @return bool
206	*/
207	function googleapps_validate_domain_and_dir( $domain, $dir ) {
208	if ( ! in_array( $domain, array( 'docs', 'drive', 'www', 'spreadsheets', 'calendar' ), true ) ) {
209	return false;
210	}
211
212	// Calendars.
213	if ( ( 'www' === $domain \|\| 'calendar' === $domain ) && 'calendar/' !== substr( $dir, 0, 9 ) ) {
214	return false;
215	}
216
217	// Docs.
218	if ( in_array( $domain, array( 'docs', 'drive' ), true ) && ! preg_match( '![-\.\w/](presentation/embed\|presentation/d/(.)\|present/embed\|document/pub\|spreadsheets/d/(.)\|document/d/(e/)?[\w-]+/pub\|file/d/[\w-]+/preview\|viewer\|forms/d/(.)/viewform\|spreadsheet/\w+)$!', $dir ) ) {
219	return false;
220	}
221
222	// Spreadsheets.
223	if ( 'spreadsheets' === $domain && ! preg_match( '!^([-\.\w/]+/pub\|[-\.\w/]*embeddedform)$!', $dir ) ) {
224	return false;
225	}
226
227	return true;
228	}
229
230	/**
231	* Get the name of the service we'll be embedding.
232	*
233	* @since 4.5.0
234	*
235	* @param string $domain Google subdomain.
236	* @param string $dir Subdirectory of the shared URL.
237	*
238	* @return string
239	*/
240	function googleapps_service_name( $domain, $dir ) {
241	switch ( $domain ) {
242	case 'drive':
243	case 'docs':
244	$service_name = ( 'present/embed' === $dir ) ? 'googledocs_presentation' : 'googledocs_document';
245	break;
246	case 'spreadsheets':
247	$service_name = ( 'embeddedform' === $dir ) ? 'googledocs_form' : 'googledocs_spreadsheet';
248	break;
249	case 'calendar':
250	default:
251	$service_name = 'google_calendar';
252	}
253
254	return $service_name;
255	}
256