Context Navigation

source: featured-video-plus/trunk/php/class-backend.php @ 1556378

Last change on this file since 1556378 was 1556378, checked in by a.hoereth, 8 years ago
Commit 2.3.2 changes.
File size: 22.4 KB

Line
1	<?php
2
3	// dependencies
4	require_once( FVP_DIR . 'php/class-html.php' );
5	require_once( FVP_DIR . 'php/class-main.php' );
6
7	/**
8	* Class containing plugin specific WordPress administration panels
9	* functionality.
10	*
11	* Specifically the metabox on post/page edit views.
12	*
13	* @since 1.0.0
14	*/
15	class FVP_Backend extends Featured_Video_Plus {
16
17	/**
18	* Register actions and filters.
19	*/
20	public function __construct() {
21	parent::__construct();
22	FVP_HTML::add_screens( array( 'post.php', 'post-new.php' ) );
23
24	add_action( 'admin_init', array( $this, 'upgrade' ) );
25
26	add_action( 'admin_enqueue_scripts', array( $this, 'enqueue' ) );
27	add_action( 'admin_menu', array( $this, 'metabox_register' ) );
28	add_action( 'save_post', array( $this, 'metabox_save' ) );
29
30	add_filter( 'fvphtml_pointers', array( $this, 'pointers' ), 10, 2 );
31	add_filter( 'plugin_action_links',
32	array( $this, 'plugin_action_link' ),
33	10, 2 );
34	add_filter( 'admin_post_thumbnail_html',
35	array( $this, 'featured_image_box' ),
36	10, 2 );
37
38	if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
39	add_action( 'wp_ajax_fvp_save', array( $this, 'metabox_save_ajax' ) );
40	add_action( 'wp_ajax_fvp_remove_img', array( $this, 'ajax_remove_img' ) );
41	add_action( 'wp_ajax_fvp_get_embed', array( $this, 'ajax_get_embed' ) );
42	add_action( 'wp_ajax_nopriv_fvp_get_embed',
43	array( $this, 'ajax_get_embed' ) );
44	}
45	}
46
47
48	/**
49	* Enqueue all scripts and styles needed when viewing the backend.
50	*
51	* @since 1.0.0
52	*
53	* @param {string} $hook Current view hook.
54	*/
55	public function enqueue( $hook ) {
56	if ( 'post.php' !== $hook && 'post-new.php' !== $hook ) {
57	return;
58	}
59
60	$min = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
61
62	// jQuery script for automatically resizing <textarea>s.
63	wp_register_script(
64	'jquery.autosize',
65	FVP_URL . "js/jquery.autosize$min.js",
66	array( 'jquery' ),
67	FVP_VERSION,
68	false
69	);
70
71	// Script handling featured video form interactions with ajax requests etc.
72	wp_enqueue_script(
73	'fvp-post',
74	FVP_URL . "js/post$min.js",
75	array(
76	'jquery',
77	'jquery.autosize',
78	'wp-mediaelement',
79	),
80	FVP_VERSION
81	);
82
83	// Some variables required in JS context.
84	$upload_dir = wp_upload_dir();
85	wp_localize_script( 'fvp-post', 'fvpPost', array(
86	'wp_upload_dir' => $upload_dir['baseurl'],
87	'loading_gif' => get_admin_url( null, 'images/loading.gif' ),
88	'debug' => defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG
89	));
90
91	// General backend style.
92	wp_enqueue_style(
93	'fvp-backend',
94	FVP_URL . 'styles/backend.css',
95	array(
96	'wp-mediaelement',
97	),
98	FVP_VERSION,
99	'all'
100	);
101	}
102
103
104	/**
105	* Register the metabox on post/page edit views.
106	*
107	* @since 1.0.0
108	*/
109	public function metabox_register() {
110	$post_types = get_post_types( array( 'public' => true ) );
111
112	// Cycle through all post types.
113	foreach ( $post_types AS $post_type ) {
114	// Ignore attachment post type.
115	if ( 'attachment' === $post_type ) {
116	continue;
117	}
118
119	// Register metabox.
120	add_meta_box(
121	'featured-video-plus-box',
122	__( 'Featured Video', 'featured-video-plus' ),
123	array( $this, 'metabox_content' ),
124	$post_type,
125	'side',
126	'high'
127	);
128	}
129	}
130
131
132	/**
133	* Callback function of the metabox; generates the HTML content.
134	*
135	* @since 1.0.0
136	*/
137	public function metabox_content() {
138	$post_id = isset( $_GET['post'] ) ? $_GET['post'] : $GLOBALS['post']->ID;
139	$options = get_option( 'fvp-settings' );
140	$meta = get_post_meta( $post_id, '_fvp_video', true );
141	$has_invalid_video = isset( $meta['valid'] ) && $meta['valid'] === false;
142	$has_post_video = has_post_video( $post_id );
143
144	$content = '';
145
146	// Current featured video.
147	$content .= sprintf(
148	'<div class="fvp-current-video"%s>%s</div>',
149	FVP_HTML::inline_styles( array(
150	'height: 0px' => ! $has_post_video,
151	), true, true ),
152	get_the_post_video( $post_id, array( 256, 144 ) )
153	);
154
155	// Input box containing the featured video URL input.
156	$full = $has_post_video ? get_the_post_video_url( $post_id ) : '';
157
158	// Media gallery wrapper.
159	$content .= sprintf(
160	'<div class="fvp-input-wrapper" data-target=".fvp-video" data-title="%1$s" data-button="%1$s">',
161	esc_attr__( 'Set Featured Video', 'featured-video-plus' )
162	);
163
164	// Video input.
165	$content .= sprintf(
166	'<textarea class="fvp-video" name="fvp_video" type="text" placeholder="%s">%s</textarea>',
167	esc_attr__( 'Video URL', 'featured-video-plus' ),
168	$full
169	);
170
171	// Media gallery button.
172	$content .= sprintf(
173	'<a href="#" class="fvp-video-choose">' .
174	'<span class="fvp-media-icon"%s></span>' .
175	'</a>',
176	FVP_HTML::inline_styles( array(
177	'background-image' => sprintf(
178	'url(%s/wp-admin/images/media-button.png)',
179	get_bloginfo( 'wpurl' )
180	)
181	), true, true)
182	);
183
184	// Close media gallery wrapper.
185	$content .= '</div>';
186
187	// Illegal value warning
188	$content .= sprintf(
189	'<span class="fvp-notice-invalid notice notice-info visible"%s><p>%s</p><button type="button" class="notice-dismiss"/></span>',
190	FVP_HTML::inline_styles( array(
191	'display' => $has_invalid_video ? 'block' : 'none',
192	), true, true ),
193	esc_html__(
194	'Could not resolve the inserted value to a video. Are you sure it is a legal video url and the server can connect to its provider? If you tried to insert a raw embed code, you might need to enable it in the media settings.',
195	'featured-video-plus'
196	)
197	);
198
199	// 'Current theme does not support Featured Images' warning.
200	if (
201	! current_theme_supports( 'post-thumbnails' ) &&
202	'manual' !== $options['mode']
203	) {
204	$content .= '<span class="fvp-notice-theme notice notice-info visible"><p>';
205	$content .= sprintf(
206	'<span style="font-weight: bold;">%s</span> ',
207	esc_html__(
208	'The current theme does not support Featured Images',
209	'featured-video-plus'
210	)
211	);
212
213	$content .= sprintf(
214	esc_html__(
215	'To display Featured Videos you need to use the %1$sShortcode%2$s or %1$sPHP functions%2$s. To hide this notice deactivate %3$sReplace Featured Images%4$s in the %5$sMedia Settings%6$s.',
216	'featured-video-plus'
217	),
218	'<code>', '</code>',
219	'"<em>', '</em>"',
220	'<a href="' . esc_attr( get_admin_url( null, '/options-media.php' ) ) . '">',
221	'</a>'
222	);
223	'</p></span>';
224	}
225
226	echo "\n\n\n<!-- Featured Video Plus Metabox -->\n";
227	wp_nonce_field( self::get_nonce_action( $post_id ), 'fvp_nonce' );
228	echo $content;
229	echo "\n<!-- Featured Video Plus Metabox End-->\n\n\n";
230	}
231
232
233	/**
234	* Saves metabox changes - NON AJAX.
235	*
236	* @since 1.0.0
237	* @uses $this->save()
238	*
239	* @param {int} $post_id
240	*/
241	public function metabox_save( $post_id ) {
242	if ( ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) \|\|
243	( defined( 'DOING_AJAX' ) && DOING_AJAX ) \|\|
244	( ! current_user_can( 'edit_post', $post_id ) ) \|\|
245	( false !== wp_is_post_revision( $post_id ) ) \|\|
246	( ! self::verify_nonce( $post_id ) )
247	) {
248	return;
249	}
250
251	$post = array(
252	'id' => $post_id,
253	'fvp_video' => ! empty( $_POST['fvp_video'] ) ? $_POST['fvp_video'] : ''
254	);
255
256	$this->save( $post );
257
258	return;
259	}
260
261
262	/**
263	* Saves metabox changes - AJAX.
264	*
265	* @since 1.5.0
266	* @uses $this->save()
267	*/
268	public function metabox_save_ajax() {
269	$post_id = ! empty( $_POST['id'] ) ? (int) $_POST['id'] : -1;
270	if (
271	$post_id === -1 \|\|
272	! self::verify_nonce( $post_id, true ) \|\|
273	! current_user_can( 'edit_post', $post_id )
274	) {
275	wp_send_json_error();
276	}
277
278	$post = array(
279	'id' => $post_id,
280	'fvp_video' => ! empty( $_POST['fvp_video'] ) ? $_POST['fvp_video'] : '',
281	'fvp_set_featimg' =>
282	! empty( $_POST['fvp_set_featimg'] ) ? $_POST['fvp_set_featimg'] : '',
283	);
284
285	$meta = $this->save( $post );
286
287	$img = _wp_post_thumbnail_html(
288	get_post_thumbnail_id( $post['id'] ),
289	$post['id']
290	);
291
292	$response = array(
293	'valid' => isset( $meta['valid'] ) ? $meta['valid'] : null,
294	'video' => get_the_post_video( $post['id'], array( 256, 144 ) ),
295	'img' => $img,
296	'full' => $meta['full'],
297	'provider' => isset( $meta['provider'] ) ? $meta['provider'] : null
298	);
299
300	wp_send_json_success( $response );
301	}
302
303
304	/**
305	* Used for processing a save request.
306	*
307	* @since 1.5.0
308	*
309	* @param {assoc} $post
310	* @return {assoc/bool} video meta data on success, false on failure
311	*/
312	private function save( $post ) {
313	// get fvp_video post meta data
314	$meta = get_post_meta( $post['id'], '_fvp_video', true );
315
316	// parse video url
317	$video = ! empty( $post['fvp_video'] ) ? trim( $post['fvp_video'] ) : '';
318
319	// Was this a force-auto-set featimg action?
320	$setimg = ! empty ( $post['fvp_set_featimg'] ) && $post['fvp_set_featimg'];
321
322	// Don't do anything if we are not setting the featured image AND the
323	// URL is empty AND did not change.
324	if ( ! $setimg && (
325	( ! empty( $meta['full'] ) && $video == $meta['full'] ) \|\|
326	( empty( $meta ) && empty( $video ) )
327	) ) {
328	return false;
329	}
330
331	// there was a video and we want to delete it
332	if ( empty( $video ) ) {
333	delete_post_meta( $post['id'], '_fvp_video' );
334	if ( get_post_thumbnail_id( $post['id'] ) == $meta['img'] ) {
335	$this->delete_featured_image( $post['id'], $meta );
336	}
337	return false;
338	}
339
340	$data = $this->get_video_data( $video );
341
342	// Do we have a screen capture to pull?
343	if ( empty( $data['img_url'] ) ) {
344	$data['img_url'] = FVP_URL . 'img/placeholder.png';
345	$data['filename'] = 'Featured Video Plus Placeholder';
346	}
347
348	// Should we set the featured image?
349	if ( $setimg \|\| (
350	! has_post_thumbnail( $post['id'] ) &&
351	( empty( $meta['noimg'] ) \|\| $meta['noimg'] )
352	) ) {
353	$img = $this->set_featured_image( $post['id'], $data );
354	$data['noimg'] = false;
355	}
356
357	// Create the final _fvp_video meta data.
358	$meta = array_merge(
359	array(
360	'valid' => true, // can be overwritten by $data
361	'img' => ! empty( $img ) ? $img : null,
362	),
363	$data
364	);
365
366	update_post_meta( $post['id'], '_fvp_video', $meta );
367	return $meta;
368	}
369
370
371	/**
372	* Returns an array containing video information like id provider imgurl etc.
373	*
374	* @since 1.5.0
375	*
376	* @param {string} $video The video URL
377	* @return {assoc} Associative array containing the video information data
378	*/
379	private function get_video_data( $video ) {
380	$video = trim( self::kses_video( stripslashes( $video ) ) );
381	$provider = null;
382	$data = array();
383
384	$local = wp_upload_dir();
385	$islocal = strpos( $video, $local['baseurl'] );
386	if ( false !== $islocal ) {
387	$provider = 'local';
388	} elseif ( $video !== strip_tags( $video ) ) {
389	$provider = 'raw';
390	} else {
391	$v = $this->oembed->request( $video );
392	if ( ! empty( $v ) && ! empty( $v->provider_name ) ) {
393	$provider = strtolower( $v->provider_name );
394
395	$data = array(
396	'id' => null,
397	'provider' => $provider,
398	'title' => ! empty( $v->title ) ? $v->title : null,
399	'author' => ! empty( $v->author_name ) ? $v->author_name : null,
400	'description' => ! empty( $v->description ) ? $v->description : null,
401	'img_url' => ! empty( $v->thumbnail_url ) ? $v->thumbnail_url : null,
402	'filename' => ! empty( $v->title ) ? $v->title : null,
403	'full' => $video,
404	'parameters' => $this->oembed->get_args( $video, $provider ),
405	);
406	}
407	}
408
409	switch ( $provider ) {
410	case 'dailymotion':
411	$id = $this->oembed->get_video_id( $video );
412	$img = $this->oembed->get_thumbnail_url( $provider, $id );
413	return array_merge( $data, array(
414	'id' => $id,
415	'img_url' => $img !== false ? $img : null,
416	) );
417
418	case 'local':
419	// check if extension is legal
420	$ext_legal = array( 'mp4', 'm4v', 'webm', 'ogv', 'wmv', 'flv' );
421	$ext = pathinfo( $video, PATHINFO_EXTENSION );
422	�� if ( empty( $ext ) \|\| ! in_array( $ext, $ext_legal ) ) {
423	return array(
424	'full' => $video,
425	);
426	}
427
428	return array(
429	'provider' => $provider,
430	'id' => self::get_post_by_url( $video ),
431	'full' => $video,
432	);
433
434	case 'raw':
435	return array(
436	'provider' => $provider,
437	'full' => $video,
438	);
439
440	default:
441	if ( ! empty( $data ) ) {
442	return $data;
443	} else {
444	return array(
445	'valid' => false,
446	'full' => $video,
447	);
448	}
449	}
450	}
451
452
453	/**
454	* Sets a remote image as featured image for the given post.
455	*
456	* @since 1.5.0
457	*
458	* @param {int} $post_id
459	* @param {assoc} $data Video information data containing img_url
460	* @return {int} ID of the inserted attachment
461	*/
462	private function set_featured_image( $post_id, $data ) {
463	// Is this screen capture already existing in our media library?
464	$img = self::get_post_by_custom_meta( '_fvp_image_url', $data['img_url'] );
465
466	if ( empty( $img ) ) {
467	$file = array();
468
469	// Handle YouTube max res image
470	if ( false !== strpos( $data['img_url'], 'hqdefault' ) ) {
471	$file['tmp_name'] = download_url( str_replace(
472	'hqdefault',
473	'maxresdefault',
474	$data['img_url']
475	) );
476	}
477
478	// Handle all others or try normal youtube thumb again on error.
479	if ( ! isset($file['tmp_name'] ) \|\| is_wp_error( $file['tmp_name'] ) ) {
480	$file['tmp_name'] = download_url( $data['img_url'] );
481	if ( is_wp_error( $file['tmp_name'] ) ) {
482	return false;
483	}
484	}
485
486	// Insert into media library
487	$type = image_type_to_extension(
488	self::get_image_type( $file['tmp_name'] ),
489	false
490	);
491	$title = ! empty( $data['title'] ) ?
492	$data['title'] : basename( $data['img_url'], $type );
493	$file['name'] = sanitize_file_name( $title . '.' . $type );
494	$img = media_handle_sideload( $file, $post_id );
495
496	// save picture source url in post meta
497	update_post_meta( $img, '_fvp_image_url', $data['img_url'] );
498	}
499
500	// set featured image
501	if ( ! has_post_thumbnail( $post_id ) ) {
502	set_post_thumbnail( $post_id, $img );
503	}
504
505	return $img;
506	}
507
508
509	/**
510	* Removes the old featured image.
511	*
512	* @since 1.4.0
513	*
514	* @param {int} $post_id
515	* @param {assoc} $meta FVP video meta data containing 'img' with
516	* the FVP image attachment ID.
517	*/
518	private function delete_featured_image( $post_id, $meta ) {
519	// Remove featured image.
520	delete_post_meta( $post_id, '_thumbnail_id' );
521
522	// If the image is a featured video thumbnail we might want to remove it
523	// completely from the media library.
524	if ( empty( $meta['img'] ) ) {
525	return false;
526	}
527
528	// Check if other posts use the image, if not we can delete it completely
529	$other = self::get_post_by_custom_meta( '_thumbnail_id', $meta['img'] );
530	if ( empty( $other ) && ! empty( $meta['img_url'] ) ) {
531	wp_delete_attachment( $meta['img'] );
532	delete_post_meta( $meta['img'], '_fvp_image_url', $meta['img_url'] );
533
534	// pre 2.0.0
535	delete_post_meta(
536	$meta['img'],
537	'_fvp_image',
538	$meta['provider'] . '?' . $meta['id']
539	);
540	}
541	}
542
543
544	/**
545	* Return video embed code.
546	*
547	* Located in backend class because all AJAX requests are handled on the
548	* admin side of WordPress - WordPress only distinguishes between
549	* priv and nopriv requests. This function is only called by the frontend
550	* JavaScript.
551	*
552	* @since 1.7.0
553	*/
554	public function ajax_get_embed() {
555	$post_id = ! empty( $_POST['id'] ) ? (int) $_POST['id'] : -1;
556	if (
557	$post_id === -1 \|\|
558	! self::verify_nonce( $post_id, true )
559	) {
560	wp_send_json_error();
561	}
562
563	if ( has_post_video( $post_id ) ) {
564	// Return featured video html as requested.
565	$video = $this->get_the_post_video( $post_id, null, true );
566	wp_send_json_success( $video );
567	} else {
568	// Post has no video, return featured image html.
569	$image = get_the_post_thumbnail( $post_id );
570	wp_send_json_success( $image );
571	}
572	}
573
574
575	/**
576	* Some people might not want to have a featured image because of whatever
577	* reason. We notify them about the probable incompatibility and offer the
578	* 'auto set' link to set the featured image using the plugin (video
579	* thumbnail or placeholder) but do not want to auto set it on every post
580	* save automatically if they explicitly removed it before. This function
581	* therefor is triggered by an AJAX request when removing a featured image
582	* which was previously set by the plugin.
583	*/
584	public function ajax_remove_img() {
585	$post_id = ! empty( $_POST['id'] ) ? (int) $_POST['id'] : -1;
586	if (
587	$post_id === -1 \|\|
588	! self::verify_nonce( $post_id ) \|\|
589	! current_user_can( 'edit_post', $post_id )
590	) {
591	wp_send_json_error();
592	}
593
594
595	// Retrieve featured video metadata.
596	$meta = get_post_meta( $post_id, '_fvp_video', true );
597
598	// Delete the image from database if feasible. This also again tries to
599	// remove the link of the featured image to the post although it will
600	// probably already be unlinked by WordPress internal functionality.
601	$this->delete_featured_image( $post_id, $meta );
602
603	// Remember that we do not want to set a featured image automatically for
604	// this post.
605	$meta['noimg'] = true;
606
607	// Remove now unnecessary image information from the video meta.
608	$meta['img'] = null;
609
610	// Save meta.
611	update_post_meta( $post_id, '_fvp_video', $meta );
612
613	// Respond to the client.
614	wp_send_json_success(
615	_wp_post_thumbnail_html( get_post_thumbnail_id( $post_id ), $post_id )
616	);
617	}
618
619
620	/**
621	* Add a pointer to the Featured Video Plus box on the post edit screen for
622	* initial explanation.
623	*
624	* @param {array} $pointers
625	* @param {string} $hook
626	* @return {array}
627	*/
628	public function pointers( $pointers, $hook ) {
629	if ( 'post.php' !== $hook && 'post-new.php' !== $hook ) {
630	return $pointers;
631	}
632
633	$pointers['fvp-post-box'] = array(
634	'target' => '#featured-video-plus-box',
635	'title' => esc_html__( 'Featured Videos', 'featured-video-plus' ),
636	'content' => sprintf(
637	esc_html__(
638	'Simply paste a URL into this input to add a bit extra life to your posts. %sTry an example%s.',
639	'featured-video-plus'
640	),
641	'<a href="#" onclick="jQuery(\'.fvp-video\').val(\'https://youtu.be/CfNHleTEpTI\').trigger(\'blur\'); return false;">',
642	'</a>'
643	) . '</p><p>' . sprintf(
644	esc_html__(
645	'To adjust how featured videos are displayed on the frontend checkout the %smedia settings%s.',
646	'featured-video-plus'
647	),
648	sprintf(
649	'<a href="%s/wp-admin/options-media.php#fvp-section">',
650	esc_attr( get_bloginfo( 'wpurl' ) )
651	),
652	'</a>'
653	),
654	'position' => array(
655	'align' => 'middle',
656	'edge' => 'right'
657	)
658	);
659
660	return $pointers;
661	}
662
663
664	/**
665	* Adds a media settings link to the plugin info
666	*
667	* @since 1.2
668	*/
669	public function plugin_action_link( $links, $file ) {
670	if ( $file == FVP_NAME . '/' . FVP_NAME . '.php' ) {
671	$settings_link = sprintf(
672	'<a href="%s/wp-admin/options-media.php">Media Settings</a>',
673	esc_attr( get_bloginfo( 'wpurl' ) )
674	);
675	array_unshift( $links, $settings_link );
676	}
677
678	return $links;
679	}
680
681
682	/**
683	* Add a notice about the requirement of a featured image to the
684	* featured image meta box.
685	*
686	* @param {string} $content
687	* @param {int} $post_id
688	* @return {string}
689	*/
690	public function featured_image_box( $content, $post_id ) {
691	if ( ! has_post_video( $post_id ) ) {
692	// Has no featured video so the plugin does not interfere.
693	return $content;
694	}
695
696	if ( has_post_thumbnail( $post_id ) ) {
697	// Has featured video and featured image.
698	return $content . sprintf(
699	'<p class="hidden"><a href="#" class="fvp-remove-image">%s</a></p>',
700	esc_html__( 'Remove featured image' )
701	);
702	}
703
704	// Has featured video but not featured image.
705	return sprintf(
706	'<p class="fvp-notice">%s <a href="#" class="fvp-set-image hide-if-no-js">%s</a></p>',
707	esc_html__(
708	'Featured Videos require a Featured Image for automatic replacement.',
709	'featured-video-plus'
710	),
711	esc_html__( 'Auto set', 'featured-video-plus' )
712	) . $content;
713	}
714
715
716	/**
717	* Initiates the upgrade (plugin installation or update) logic.
718	*
719	* @since 2.0.0
720	*/
721	public function upgrade() {
722	$version = get_option( 'fvp-version' );
723	$options = $options_org = get_option( 'fvp-settings' );
724
725	// either execute install or upgrade logic
726	if ( empty( $version ) \|\| empty( $options ) ) {
727	include_once( FVP_DIR . 'php/inc-install.php' );
728	} elseif ( $version !== FVP_VERSION ) {
729	include_once( FVP_DIR . 'php/inc-upgrade.php' );
730	}
731	}
732
733
734	/**
735	* Gets post id by it's url / guid.
736	*
737	* @see https://codex.wordpress.org/Class_Reference/wpdb
738	* @since 1.0
739	*
740	* @param {string} $url which url to look for
741	* @return {int} retrieved post ID
742	*/
743	protected static function get_post_by_url( $url ) {
744	global $wpdb;
745
746	$id = $wpdb->get_var( $wpdb->prepare(
747	"SELECT ID FROM {$wpdb->posts} WHERE guid=%s;",
748	$url
749	) );
750
751	return $id;
752	}
753
754
755	/**
756	* Verify the current request's nonce. Nonce is expected in the REQUEST
757	* object's `fvp_nonce` field.
758	*
759	* @param int/string $identifier nonce identifier
760	* @param bool $bool whether to return a boolean or strictly exit
761	* @return bool/none Return bool if $bool is set to true
762	*/
763	private static function verify_nonce( $identifier ) {
764	$action = self::get_nonce_action( $identifier );
765
766	if (
767	! isset( $_REQUEST[ 'fvp_nonce' ] ) \|\|
768	! wp_verify_nonce( $_REQUEST[ 'fvp_nonce' ], $action )
769	) {
770	return false;
771	}
772
773	return true;
774	}
775
776
777	/**
778	* Filter video string to remove bad html. `embed`, `object` and `iframe`
779	* may explicitly whitelisted.
780	*
781	* @param string $video
782	* @return string
783	*/
784	private static function kses_video( $video ) {
785	$opt = get_option( 'fvp-settings' );
786	$tag = ! empty( $opt['legal_html'] ) ? $opt['legal_html'] : array();
787
788	$legal_tags = array_merge(
789	wp_kses_allowed_html( 'post' ),
790	isset( $tag['embed'] ) && $tag['embed'] ? array(
791	'embed' => array(
792	'src' => true,
793	'type' => true,
794	'width' => true,
795	'height' => true,
796	),
797	) : array(),
798	isset( $tag['object'] ) && $tag['object'] ? array(
799	'object' => array(
800	'width' => true,
801	'height' => true,
802	'data' => true,
803	'form' => true,
804	'name' => true,
805	'type' => true,
806	'usemap' => true,
807	),
808	) : array(),
809	isset( $tag['iframe'] ) && $tag['iframe'] ? array(
810	'iframe' => array(
811	'align' => true,
812	'width' => true,
813	'height' => true,
814	'src' => true,
815	'sandbox' => true,
816	'frameborder' => true,
817	'allowfullscreen' => true,
818	),
819	) : array()
820	);
821
822	return wp_kses( $video, $legal_tags, array( 'http', 'https' ) );
823	}
824
825	/**
826	* exif_imagetype function is not available on all systems - fallback wrapper.
827	*
828	* @param {string} $filename
829	* @return Image mime type.
830	*/
831	private static function get_image_type( $filename ) {
832	if ( function_exists( 'exif_imagetype' ) ) {
833	$type = exif_imagetype( $filename );
834	} else {
835	$img = getimagesize( $filename );
836	$type = $img[2];
837	}
838
839	return ! empty( $type ) ? $type : false;
840	}
841
842
843	}

Note: See TracBrowser for help on using the repository browser.

Trac UI Preferences

Download in other formats: