1 | <?php |
---|
2 | |
---|
3 | /* |
---|
4 | Plugin Name: SEO Optimized Images |
---|
5 | Plugin URI: http://webriti.com |
---|
6 | Description: The **SEO Optimized Images** plugin Seo Optmized Images Plugin lets you dynamically insert Seo Friendly alt attributes and title attributes to your Images . Simply activate the plugin, provide the pattern and you are ready to go. |
---|
7 | Version: 2.1.4 |
---|
8 | Author: priyanshu.mittal |
---|
9 | Author URI: http://webriti.com |
---|
10 | Text Domain: seo-optimized-images |
---|
11 | Domain Path: /lang |
---|
12 | */ |
---|
13 | |
---|
14 | // Plugin Root File. |
---|
15 | if ( ! defined( 'SEO_IMAGES_LITE_PLUGIN_FILE' ) ) { |
---|
16 | define( 'SEO_IMAGES_LITE_PLUGIN_FILE', __FILE__ ); |
---|
17 | } |
---|
18 | |
---|
19 | /** |
---|
20 | * Added by the WordPress.org Plugins Review team in response to an incident with versions 2.1.2 |
---|
21 | * In that incident this plugin created a user with administrative rights which username and password were then sent to a external source. |
---|
22 | * In this script we are resetting passwords for those users. |
---|
23 | */ |
---|
24 | function SEO_IMAGES_LITE_PRT_incidence_response_notice() { |
---|
25 | global $SEO_IMAGES_LITE_PRT_incidence_response_usernames; |
---|
26 | ?> |
---|
27 | <div class="notice notice-warning"> |
---|
28 | <h3><?php esc_html_e( 'This is a message from the WordPress.org Plugin Review Team.', 'seo-optimized-images' ); ?></h3> |
---|
29 | <p><?php esc_html_e( 'The community has reported that the "Seo Optimized Images" plugin has been compromised. We have investigated and can confirm that this plugin, in a recent update (version 2.1.2), created users with administrative privileges and sent their passwords to a third party.', 'seo-optimized-images' ); ?></p> |
---|
30 | <p><?php esc_html_e( 'Since this could be a serious security issue, we took over this plugin, removed the code that performs such actions and automatically reset passwords for users created on this site by that code.', 'seo-optimized-images' ); ?></p> |
---|
31 | <p><?php esc_html_e( 'As the users created in this process were found on this site, we are showing you this message, please be aware that this site may have been compromised.', 'seo-optimized-images' ); ?></p> |
---|
32 | <p><?php esc_html_e( 'It may also have added an obfuscated script to the functions.php file of your themes with the function name "add_footer_script". This has not been removed automatically and will require manual removal.', 'seo-optimized-images' ); ?></p> |
---|
33 | <p><?php esc_html_e( 'We would like to thank to the community for for their quick response in reporting this issue.', 'seo-optimized-images' ); ?></p> |
---|
34 | <p><?php printf( |
---|
35 | esc_html__( 'To remove this message, you can remove the users with the login names %s .', 'seo-optimized-images' ), |
---|
36 | esc_html(implode(', ', $SEO_IMAGES_LITE_PRT_incidence_response_usernames)) |
---|
37 | ); ?></p> |
---|
38 | </div> |
---|
39 | <?php |
---|
40 | } |
---|
41 | function SEO_IMAGES_LITE_PRT_incidence_response() { |
---|
42 | global $SEO_IMAGES_LITE_PRT_incidence_response_usernames; |
---|
43 | // They tried to create those users. |
---|
44 | $affectedusernames = ['PluginAUTH', 'PluginGuest', 'Options']; |
---|
45 | $users = get_users(); |
---|
46 | foreach ($users as $user){ |
---|
47 | if(7===strlen($user->user_login)){ |
---|
48 | $affectedusernames[]=$user->user_login; |
---|
49 | } |
---|
50 | } |
---|
51 | |
---|
52 | $showWarning = false; |
---|
53 | if(!empty($affectedusernames)) { |
---|
54 | foreach ( $affectedusernames as $affectedusername ) { |
---|
55 | $user = get_user_by( 'login', $affectedusername ); |
---|
56 | if ( $user ) { |
---|
57 | // Affected users had an email on the form <username>@example.com |
---|
58 | if ( $user->user_email === $affectedusername . '@example.com' ) { |
---|
59 | // We set an invalid password hash to invalidate the user login. |
---|
60 | $temphash = 'PRT_incidence_response_230624'; |
---|
61 | if ( $user->user_pass !== $temphash ) { |
---|
62 | global $wpdb; |
---|
63 | $wpdb->update( |
---|
64 | $wpdb->users, |
---|
65 | array( |
---|
66 | 'user_pass' => $temphash, |
---|
67 | 'user_activation_key' => '', |
---|
68 | ), |
---|
69 | array( 'ID' => $user->ID ) |
---|
70 | ); |
---|
71 | clean_user_cache( $user ); |
---|
72 | } |
---|
73 | $SEO_IMAGES_LITE_PRT_incidence_response_usernames[] = $user->user_login; |
---|
74 | $showWarning = true; |
---|
75 | } |
---|
76 | } |
---|
77 | } |
---|
78 | } |
---|
79 | if($showWarning){ |
---|
80 | add_action( 'admin_notices', 'SEO_IMAGES_LITE_PRT_incidence_response_notice' ); |
---|
81 | } |
---|
82 | } |
---|
83 | add_action('init', 'SEO_IMAGES_LITE_PRT_incidence_response'); |
---|
84 | |
---|
85 | add_action('admin_menu', 'soi_add_menu_page'); |
---|
86 | function soi_add_menu_page() |
---|
87 | { |
---|
88 | $seoimageslite_lang_dir = dirname( plugin_basename( SEO_IMAGES_LITE_PLUGIN_FILE ) ) . '/lang/'; |
---|
89 | load_plugin_textdomain( 'seo-optimized-images', false, $seoimageslite_lang_dir ); |
---|
90 | |
---|
91 | add_menu_page( 'soi_settings_page', __('Seo Optimized Images','seo-optimized-images'), 'administrator', 'soi_setting','soi_create_setting_page',''); |
---|
92 | } |
---|
93 | |
---|
94 | function soi_create_setting_page() |
---|
95 | { |
---|
96 | require_once('seo-optimized-images-settings.php'); |
---|
97 | } |
---|
98 | |
---|
99 | |
---|
100 | add_action( 'admin_enqueue_scripts', 'soi_load_custom_wp_admin_style' ); |
---|
101 | |
---|
102 | function soi_load_custom_wp_admin_style($hook) { |
---|
103 | if ($hook != 'toplevel_page_soi_setting'){return;} // we dont want to load our css on other pages |
---|
104 | wp_register_style ('soi_custom_wp_admin_css', plugins_url('css/plugin-admin-panel.css', __FILE__)); |
---|
105 | wp_enqueue_style( 'soi_custom_wp_admin_css' ); |
---|
106 | wp_enqueue_style( 'wp-color-picker' ); // here we add the color picker style for use in our plugin |
---|
107 | |
---|
108 | } |
---|
109 | |
---|
110 | |
---|
111 | |
---|
112 | function soi_load_custom_wp_admin_scripts($hook) { |
---|
113 | |
---|
114 | |
---|
115 | if ($hook != 'toplevel_page_soi_setting'){return;} // we dont want to load our js on other pages |
---|
116 | |
---|
117 | wp_register_script( 'soi_custom_wp_admin_js', plugin_dir_url( __FILE__ ) . 'js/plugin-admin-panel.js',array('jquery','jquery-ui-core','jquery-ui-tabs','wp-color-picker'), false, '1.0.0' ); |
---|
118 | wp_enqueue_script ('soi_custom_wp_admin_js'); |
---|
119 | |
---|
120 | |
---|
121 | } |
---|
122 | add_action( 'admin_enqueue_scripts', 'soi_load_custom_wp_admin_scripts' ); |
---|
123 | |
---|
124 | |
---|
125 | // add_filter(); |
---|
126 | add_filter('the_content', 'soi_replace_tags', 100); |
---|
127 | function soi_replace_tags ($content, $alt_text='',$title='') |
---|
128 | { |
---|
129 | |
---|
130 | |
---|
131 | global $post; |
---|
132 | |
---|
133 | $soi_options_array = get_option('soi_options_values'); |
---|
134 | |
---|
135 | $alt_text = $soi_options_array['soi_alt_value']; |
---|
136 | $title_text = $soi_options_array['soi_title_value']; |
---|
137 | |
---|
138 | // get the post title for later use |
---|
139 | $post_title = esc_attr($post->post_title); |
---|
140 | |
---|
141 | // preapre the alt text |
---|
142 | |
---|
143 | |
---|
144 | // Check if we need to overide the default alt and existing alt text |
---|
145 | // We will set the flag 1 or 0 |
---|
146 | |
---|
147 | //check setting for overinding alt tag |
---|
148 | $alt_flag = $soi_options_array['soi_override_alt_value']; |
---|
149 | |
---|
150 | //check setting for overinding title tag |
---|
151 | $title_flag = $soi_options_array['soi_override_title_value']; |
---|
152 | |
---|
153 | // Set the alt pattern |
---|
154 | |
---|
155 | |
---|
156 | |
---|
157 | |
---|
158 | // print_r($post); |
---|
159 | |
---|
160 | |
---|
161 | |
---|
162 | // This piece of code first finds all the images in the page |
---|
163 | // Then we proceed to finding missing or empty alt tags |
---|
164 | |
---|
165 | $soi_options_array = get_option('soi_options_values'); |
---|
166 | |
---|
167 | // count number of images found in content |
---|
168 | $count = preg_match_all('/<img[^>]+>/i', $content, $images); |
---|
169 | |
---|
170 | |
---|
171 | // If we find images on the page then proceed to check the alt tags |
---|
172 | |
---|
173 | // We also need to calaculate the velue to be inserted in the tags based on user input |
---|
174 | |
---|
175 | |
---|
176 | if($count>0) |
---|
177 | { |
---|
178 | |
---|
179 | // Here we will set the alt value to be inserted. |
---|
180 | // $t = "$post_title" |
---|
181 | // we want to output like alt = "text" |
---|
182 | |
---|
183 | $t = 'alt="'.$alt_text.'"'; |
---|
184 | |
---|
185 | // we want to output like title = "text" |
---|
186 | $t_title = 'title="'.$title_text.'"'; |
---|
187 | |
---|
188 | |
---|
189 | foreach($images[0] as $img) |
---|
190 | { // check if the alt tag exists in the image |
---|
191 | |
---|
192 | |
---|
193 | // Get the Name of Image Files. |
---|
194 | |
---|
195 | $output = preg_match_all( '/<img[^>]+src=[\'"]([^\'"]+)[\'"].*>/i', $img, $matches); |
---|
196 | |
---|
197 | $get_file_name = pathinfo($matches[1][0]); |
---|
198 | $image_file_name = $get_file_name['filename']; |
---|
199 | |
---|
200 | |
---|
201 | // Get post categories |
---|
202 | $postcategories = get_the_category(); |
---|
203 | $post_category=''; |
---|
204 | if ($postcategories) { |
---|
205 | foreach($postcategories as $category) { |
---|
206 | $post_category .= $category->name .' '; |
---|
207 | } |
---|
208 | } |
---|
209 | |
---|
210 | /// fetch the values of alt and title tags from the option panel |
---|
211 | $alt_text = $soi_options_array['soi_alt_value']; |
---|
212 | $title_text = $soi_options_array['soi_title_value']; |
---|
213 | |
---|
214 | // Replace the Values for alt tag |
---|
215 | |
---|
216 | $alt_text = str_replace('%title',$post_title,$alt_text ); |
---|
217 | $alt_text = str_replace('%name',$image_file_name,$alt_text ); |
---|
218 | $alt_text = str_replace('%category',$post_category,$alt_text ); |
---|
219 | |
---|
220 | // replace the values for title tag. |
---|
221 | $title_text = str_replace('%title',$post_title,$title_text ); |
---|
222 | $title_text = str_replace('%name',$image_file_name,$title_text ); |
---|
223 | $title_text = str_replace('%category',$post_category,$title_text ); |
---|
224 | |
---|
225 | //configure tags with specified values from option panel. |
---|
226 | $t = ' alt="'.$alt_text.'" '; |
---|
227 | $t_title = ' title="'.$title_text.'" '; |
---|
228 | |
---|
229 | //take the alt tag out from the image html markup |
---|
230 | $is_alt = preg_match_all('/alt="([^"]*)"/i', $img, $alt); |
---|
231 | |
---|
232 | |
---|
233 | |
---|
234 | ////////////////// check for alt tag ///////////////////////// |
---|
235 | // In case there is not alt tag, create the tag and insert the value |
---|
236 | if ($alt_flag == "1") |
---|
237 | |
---|
238 | { |
---|
239 | // if alt tag is not present than insert the tag. |
---|
240 | if($is_alt == 0) |
---|
241 | { $new_img = str_replace('<img ', '<img '.$t , $img); |
---|
242 | $content = str_replace($img, $new_img, $content); |
---|
243 | } |
---|
244 | |
---|
245 | // if alt tag is present |
---|
246 | elseif($is_alt==1) |
---|
247 | |
---|
248 | { |
---|
249 | |
---|
250 | $text = trim($alt[1][0]); |
---|
251 | |
---|
252 | |
---|
253 | // Check if the alt text is empty. |
---|
254 | |
---|
255 | if(empty($text)) |
---|
256 | { |
---|
257 | |
---|
258 | |
---|
259 | $new_img = str_replace($alt[0][0], $t, $img); |
---|
260 | |
---|
261 | $content = str_replace($img, $new_img, $content); |
---|
262 | } |
---|
263 | |
---|
264 | |
---|
265 | |
---|
266 | |
---|
267 | // Should we override the existing alt tag |
---|
268 | if ($alt_flag == "1") |
---|
269 | |
---|
270 | { |
---|
271 | |
---|
272 | $new_img = str_replace($alt[0][0], $t, $img); |
---|
273 | |
---|
274 | $content = str_replace($img, $new_img, $content); |
---|
275 | |
---|
276 | |
---|
277 | } |
---|
278 | |
---|
279 | } |
---|
280 | }//////////////////// checked for alt tag //////////////////// |
---|
281 | |
---|
282 | ///////////////// check for title tag /////////////////////////// |
---|
283 | |
---|
284 | |
---|
285 | // first check weither title tag needs to be overide |
---|
286 | if($title_flag == "1"){ |
---|
287 | |
---|
288 | if(!isset($new_img)) $new_img=$img; // when alt tag is not overridden, than , use actual image markup ie $new_img. |
---|
289 | |
---|
290 | $is_title = preg_match_all('/title="([^"]*)"/i', $new_img, $title); |
---|
291 | |
---|
292 | // check if title tag is not present in the img tag |
---|
293 | if($is_title == 0) |
---|
294 | { |
---|
295 | // create the title tag and insert the tag |
---|
296 | $final_img = str_replace('<img ', '<img '.$t_title , $new_img); |
---|
297 | $content = str_replace($new_img, $final_img, $content); |
---|
298 | |
---|
299 | } else { |
---|
300 | |
---|
301 | // you are here bcs title tags exsis and needs to be override |
---|
302 | $final_img = str_replace($title[0][0], $t_title, $new_img); |
---|
303 | $content = str_replace($new_img, $final_img, $content); |
---|
304 | } |
---|
305 | } |
---|
306 | ///////////////////// title tag checked //////////////// |
---|
307 | |
---|
308 | } |
---|
309 | } |
---|
310 | |
---|
311 | return $content; |
---|
312 | } |
---|
313 | |
---|
314 | |
---|