Allow PHP in Posts and Pages - Version 2.3

Version Description

  • Addition of Advanced Filter Experimental Feature

=

Download this release

Release Info

Developer Hit Reach
Plugin Icon wp plugin Allow PHP in Posts and Pages
Version 2.3
Comparing to
See all releases

Code changes from version 2.0.0.RC1 to 2.3

Files changed (3) hide show
  1. README.txt +78 -49
  2. allowphp.php +475 -369
  3. alter.php +34 -19
README.txt CHANGED
@@ -1,20 +1,27 @@
1
=== Allow PHP in Posts and Pages ===
2
Contributors: Hit Reach
3
Donate link:
4
- Tags: post, pages, posts, code, php, shortcode,
5
Requires at least: 2.5
6
- Tested up to: 3.0.1
7
- Stable tag: 2.0.0.RC1
8
9
Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages
10
11
== Description ==
12
13
- Allow PHP in posts and pages adds the functionality to include PHP in wordpress posts and pages by adding a simple shortcode [php].code.[/php]
14
15
- This plugin strips away the automatically generated wordpress <p> and <br/> tags but still allows the addition of your own <p> and <br/> tags
16
17
- Please update immeadiatly if using version 1.2.2
18
19
== Usage ==
20
@@ -22,69 +29,65 @@ To add the PHP code to your post or page simply place any PHP code inside the sh
22
23
For example: If you wanted to add content that is visible to a particular user id:
24
25
-
26
-
27
- [php]
28
- global $user_ID;
29
- if($user_ID == 1){
30
- echo "Hello World";
31
- }
32
[/php]
33
-
34
35
This code will output Hello World to only user id #1, and no one else
36
37
- in addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]
38
39
40
- [php debug=1]
41
- global $user_ID;
42
- if($user_ID == 1){
43
- echo "Hello World"
44
- }
45
- [/php]
46
-
47
-
48
- Will result in the output:
49
50
-
51
- Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
52
- global $user_ID;
53
- if($user_ID == 1){
54
- echo "Hello World"
55
- }
56
57
- To use the new saved code parts, just add a function=xxx where xxx is the id to the APIP shortcode.
58
59
60
- [php function=1]
61
62
63
== Some Important Notes ==
64
65
- This plugin strips away all instances of <p> and <br /> therefore code has been added so that if you wish to use tags in your output (e.g.):
66
- [php]
67
- echo "hello <br /> world";
68
- [/php]
69
-
70
71
- the &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).
72
73
- [php]
74
- echo "hello [br /] world";
75
- [/php]
76
77
- == Installation ==
78
79
- 1. Extract the zip file and drop the contents in the wp-content/plugins/ directory of your WordPress installation
80
- 1. Activate the Plugin from Plugins page
81
82
- == Misc ==
83
- Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a>
84
85
- Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a>
86
87
- Version: 1.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support & Comments</a>
88
89
== Change log ==
90
= 1.0 =
@@ -101,15 +104,41 @@ Version: 1.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-p
101
* New Options Pages
102
* TinyMCE editor button
103
* allow shortcodes in text widgets by default
104
105
== Frequently Asked Questions ==
106
= What Tags Are Automatically Removed? =
107
Currently all &lt;br /&gt; and &lt;p&gt; (and its closing counterpart) tags are removed from the input code because these are the tags that Wordpress automatically add.
108
= How Do I Add Tags Without Them Being Stripped? =
109
If you want to echo a paragraph tag or a line break, or any other tag (strong, em etc) instead of enclosing them in &lt; and &gt; tags, enclose them in [ ] brackets for example [p] instead of &lt;p&gt; The square brackets are converted after the inital tags are stripped and function as normal tags.
110
= Thats All Good But I want To Include A [ and ] In My Output! =
111
- To include square brackets in your output simply add a \ before it so [ becomes \[ and ] becomes \], again these are converted and will display as [ and ]
112
= Can I still connect to non-wordpress databases? =
113
Yes you can, just use the standard mysql_connect or the mysql_pconnect and their parameters.
114
= My Question Is Not Answered Here! =
115
If your question is not listed here please look on: <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/</a> and if the answer is not listed there, just leave a comment
1
=== Allow PHP in Posts and Pages ===
2
Contributors: Hit Reach
3
Donate link:
4
+ Tags: post, pages, posts, code, php, shortcode, allow, sidebar, variables
5
Requires at least: 2.5
6
+ Tested up to: 3.3.1
7
+ Stable tag: 2.3
8
9
Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages
10
11
== Description ==
12
13
+ Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode [php] your code [/php]
14
15
+ This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a form of BBcode items such [p][/p] [br /]
16
+
17
+ Also, you can now save your most used PHP codes as "snippets" which you can insert into multiple pages at once.
18
+
19
+ With Version 2.2.0, the tag replacement system has been revamped which should reduce the need to escape [ and ] that shouldnt be changed &lt; and &gt;
20
+
21
+ With Version 3 comes an experimental Advanced Filter Feature which allows you to use full php code inside post and pages, taking advantange of variables thoughout the entire post content, and functions, as well as no pesky tag replacement.
22
+
23
+ Currently the Code snippets and debugging are are not available for the Advanced Filter Feature, but we are working on it! Let us know what you think about the new filter!
24
25
26
== Usage ==
27
29
30
For example: If you wanted to add content that is visible to a particular user id:
31
32
+ [php]
33
+ global $user_ID;
34
+ if($user_ID == 1){
35
+ echo "Hello World";
36
+ }
37
[/php]
38
39
This code will output Hello World to only user id #1, and no one else
40
41
+ In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]
42
43
+ [php debug=1]
44
+ global
45
+ $user_ID; if($user_ID == 1){
46
+ echo "Hello World"
47
+ }
48
+ [/php]
49
50
+ Will result in the output:
51
52
+ Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
53
+ global $user_ID;
54
+ if($user_ID == 1){
55
+ echo "Hello World"
56
+ }
57
58
+ As well as the normal debug tag, you can also enable a silent debug by setting silentdebug in the [php] tag to be 1 ([php debug=1 silentdebug=1]), this will output all debug information as comments in the source code
59
60
+ If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag
61
62
+ To call a pre-defined function from the Code Snippets page, add function=x to the [php] tag, where x is the function id
63
64
65
== Some Important Notes ==
66
67
+ This plugin strips away all instances of <p> and <br /> therefore code has been added so that if you wish to use tags in your output (e.g.):
68
69
+ [php]
70
+ echo "hello <br /> world";
71
+ [/php]
72
73
+ The < and > tags will need to be swapped for [ and ] respectively so <p> becomes [p] and </p> becomes [/p] which is converted back to <p> at runtime. these [ ] work for all tags (p, strong, em etc.).
74
75
+ [php]
76
+ echo "hello [br /] world";
77
+ [/php]
78
79
+ With code written pre-version 2.2.0 you may need to turn on support for the older replacement method as you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag. In the current release, only known html tags are altered by the code, other tags and square bracket items (such as PHP arrays) are no longer affected.
80
81
+ In version 2.2.0:beta-2 arrays cannot effectively access arrays and still convert tags, so you will need to write:
82
+ echo "[p]".$myArray[0]."[/p]"
83
+ as
84
+ $mya = $myArray[0];
85
+ echo "[p]".$mya."[/p];
86
87
+ == Installation ==
88
89
+ 1. Extract the zip file and drop the contents in the wp-content/plugins/ directory of your WordPress installation
90
+ 1. Activate the Plugin from Plugins page
91
92
== Change log ==
93
= 1.0 =
104
* New Options Pages
105
* TinyMCE editor button
106
* allow shortcodes in text widgets by default
107
+ = 2.1.0 =
108
+ * Overall file tightening and maintenance
109
+ = 2.1.05 =
110
+ * fix issue with using the tinyMCE editor while the blog installation is in a sub folder
111
+ = 2.2.0:beta =
112
+ * HTML Tag replacement method changed
113
+ * UI Design Tweeks
114
+ = 2.2.0:beta:3=
115
+ * Tag replacement Tweeks
116
+ = 2.2.0:RC1 =
117
+ * Finalisation of the tag replacement tweeks
118
+ = 2.3 =
119
+ * Addition of Advanced Filter Experimental Feature
120
121
== Frequently Asked Questions ==
122
= What Tags Are Automatically Removed? =
123
Currently all &lt;br /&gt; and &lt;p&gt; (and its closing counterpart) tags are removed from the input code because these are the tags that Wordpress automatically add.
124
+
125
= How Do I Add Tags Without Them Being Stripped? =
126
If you want to echo a paragraph tag or a line break, or any other tag (strong, em etc) instead of enclosing them in &lt; and &gt; tags, enclose them in [ ] brackets for example [p] instead of &lt;p&gt; The square brackets are converted after the inital tags are stripped and function as normal tags.
127
+
128
= Thats All Good But I want To Include A [ and ] In My Output! =
129
+ The tag replacement system only replaces [ and ] when they are paired up and text content inside e.g. it wont replace [] and wont replace [hello[ but it will replace [hello], to prevent this, escape the opening [ with a \ so write \[hello]
130
+
131
= Can I still connect to non-wordpress databases? =
132
Yes you can, just use the standard mysql_connect or the mysql_pconnect and their parameters.
133
+
134
+ = A function that was working before upgrading, no longer works =
135
+ If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag
136
+
137
+ = The sample code provided on the plugin page doesnt work! =
138
+ On the plugin page, the code is written with spaces in the [php] tag, these need to be removed before the tag will work.
139
+
140
+ = I found a bug! =
141
+ Allow PHP in posts and pages is in beta stages, please let us know of any bugs you may find or any improvement suggestions you have.
142
+
143
= My Question Is Not Answered Here! =
144
If your question is not listed here please look on: <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/</a> and if the answer is not listed there, just leave a comment
allowphp.php CHANGED
@@ -1,7 +1,7 @@
1
<?php
2
/*
3
Plugin Name: Allow PHP in posts and pages
4
- version: 2.0.0.RC1
5
Plugin URI: http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/
6
Description: Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages whilst still retaining HTML tags
7
Author: Hit Reach
@@ -13,44 +13,123 @@ add_shortcode('allowphp','php_handler');
13
add_shortcode('ALLOWPHP','php_handler');
14
add_action('admin_menu', 'allow_php_menu');
15
add_filter('widget_text', 'do_shortcode');
16
register_activation_hook(__FILE__, 'allowPHP_activate');
17
- global $dbVersion; $dbVersion = "1.0.0";
18
- define("ALLOWPHPVERSION","2.0.0.RC1");
19
define("APIP_URL", WP_PLUGIN_URL.'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__)));
20
21
22
- function php_handler($args, $content=null){
23
global $is_comment;
24
global $wpdb;
25
if($is_comment){return "";}
26
- extract( shortcode_atts(array('debug' => 0, 'function' => -1), $args));
27
- if($args['debug'] == 1){error_reporting(E_ALL);ini_set("display_errors","1");}
28
- if($args['function'] == -1){
29
- $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#8217;","'",$content);$content = str_replace("&amp;#8216;","'",$content);$content = str_replace("&amp;#8242;","'",$content);$content = str_replace("&amp;#8220;","\"",$content);$content = str_replace("&amp;#8221;","\"",$content);$content = str_replace("&amp;#8243;","\"",$content);$content = str_replace("&amp;#039;","'",$content);$content = str_replace("&#039;","'",$content);$content = str_replace("&amp;#038;","&",$content);$content = str_replace("&amp;lt;br /&amp;gt;"," ", $content);$content = htmlspecialchars_decode($content);$content = str_replace("<br />"," ",$content);$content = str_replace("<p>"," ",$content);$content = str_replace("</p>"," ",$content);$content = str_replace("[br/]","<br/>",$content);$content = str_replace("\\[","&#91;",$content);$content = str_replace("\\]","&#93;",$content);$content = str_replace("[","<",$content);$content = str_replace("]",">",$content);$content = str_replace("&#91;",'[',$content);$content = str_replace("&#93;",']',$content);$content = str_replace("&gt;",'>',$content);$content = str_replace("&lt;",'<',$content);
30
}
31
else{
32
- $options = get_option("allowPHP_options");
33
$show404 = $options['show404'];
34
$fourohfourmsg = $options['fourohfourmsg'];
35
if($fourohfourmsg != 0){
36
- $fourohfourmsg = $wpdb->get_results("SELECT * FROM ".$wpdb->prefix."allowPHP_functions WHERE id = '".$fourohfourmsg."';");
37
- $fourohfourmsg = $fourohfourmsg[0]->function;
38
}
39
else{
40
- $fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';
41
}
42
$id = $args['function'];
43
$sql = "SELECT function FROM ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
44
$res = $wpdb->get_results($wpdb->prepare($sql));
45
- if(sizeof($res) == 0){ if($show404 == 1){$content = $fourohfourmsg;}}
46
- else{$content = $res[0]->function;}
47
}
48
ob_start();
49
- eval ($content);
50
- if($args['debug'] == 1){
51
$content =(htmlspecialchars($content,ENT_QUOTES));
52
- echo ("<pre>".$content."</pre>");
53
}
54
$returned = ob_get_clean();
55
return $returned;
56
}
@@ -58,184 +137,156 @@ $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#
58
function allow_php_menu(){
59
add_menu_page( "Allow PHP in posts and pages", "Allow PHP in posts", "manage_options", "allow-php-menu", "allowPHP_functions");
60
add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
61
- add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
62
}
63
64
function allow_php_information(){
65
?>
66
- <h1>Allow PHP in Posts and Pages</h1>
67
- <div style='width:1145px;'>
68
- <div style='width:500px; float:right;'>
69
- <div style='float:right; display:inline; width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffff00;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffff00), to(#ffffcc));background: -moz-linear-gradient(#ffff00, #ffffcc);background: linear-gradient(#ffff00, #ffffcc);'>
70
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span>
71
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span>
72
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Version: 2.0.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
73
- <hr/>
74
- <h2>Please help! We need your support...</h2>
75
- <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
76
- <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
77
- <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
78
- <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
79
- <ol>
80
- <li>
81
- <strong>Promote this plugin on Twitter</strong><br/>
82
- <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank">
83
- <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/>
84
- </a><br/><br/>
85
- </li>
86
- <li>
87
- <strong>Link to us</strong><br/>
88
- By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/><br/>
89
- </li>
90
- <li>
91
- <strong>Like us on Facebook</strong><br/>
92
- Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="450" show_faces="false" action="like" font="verdana"></fb:like><br/><br/>
93
- </li>
94
- <li>
95
- <strong>Share this plugin on Facebook</strong><br/>
96
- <div id="fb-root"></div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="450" show_faces="false" action="recommend" font="verdana"></fb:like>
97
- Share a link to the plugin page with your friends on Facebook<br/><br/>
98
- </li>
99
- <li>
100
- <strong>Make A Donation</strong><br/>
101
- Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
102
- <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
103
- <input type="hidden" name="cmd" value="_donations">
104
- <input type="hidden" name="business" value="admin@hitreach.co.uk">
105
- <input type="hidden" name="lc" value="GB">
106
- <input type="hidden" name="item_name" value="Hit Reach">
107
- <input type="hidden" name="item_number" value="APIP-Plugin">
108
- <input type="hidden" name="no_note" value="0">
109
- <input type="hidden" name="currency_code" value="GBP">
110
- <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
111
- <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
112
- <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
113
- </form>
114
- </li>
115
- </ol>
116
- </div>
117
- </div>
118
<script type="text/javascript">
119
- var APIP_current = "APIP_general";
120
- var APIP_currentTab = "APIP_generalTab";
121
- function APIP_changeTab(APIP_new, APIP_newTab){
122
- document.getElementById(APIP_current).style.display="none";
123
- document.getElementById(APIP_currentTab).className="APIP_tab";
124
- document.getElementById(APIP_new).style.display="block";
125
- document.getElementById(APIP_newTab).className="APIP_currentTab";
126
- APIP_current = APIP_new;
127
- APIP_currentTab = APIP_newTab;
128
- }
129
- </script>
130
<style type="text/css">
131
- #APIP_navigation{font-size:12px; line-height:25px;}
132
- #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
133
- #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
134
- #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
135
- #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
136
- #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
137
</style>
138
- <div style='width:630px; float:left;'>
139
- <div id='APIP_navigation'>
140
- <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>General Information</a>
141
- <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Usage</a>
142
- <a onclick="APIP_changeTab('APIP_notes','APIP_notesTab')" name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Important Information</a>
143
- <a onclick="APIP_changeTab('APIP_tags','APIP_tagsTab')" name='APIP_tagsTab' id='APIP_tagsTab' class='APIP_tab'>Tag List</a>
144
- <a href="?page=allow-php-menu" name='APIP_optionsTab' id='APIP_optionsTab' class='APIP_tab'>Plugin Options</a>
145
- </div>
146
- <div id='APIP_container'>
147
- <div id='APIP_general'>
148
- <h2>General Information</h2>
149
- <p>Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode <span style='color:green'>[php]</span> <em>your code</em> <span style='color:green'>[/php]</span></p>
150
- <p>This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a tag replacement system.</p>
151
- <p>Also, you can now save your most used PHP codes as &quot;snippets&quot; which you can insert into multiple pages at once.</p>
152
- </div>
153
- <div id='APIP_usage'>
154
- <h2>Usage</h2>
155
- <p>To add the PHP code to your post or page simply place any PHP code inside the shortcode tags.</p>
156
- <em>For example: </em>If you wanted to add content that is visible to a particular user id:</p>
157
- <blockquote>
158
- [php]<br/>
159
- &nbsp;&nbsp;&nbsp;global $user_ID;<br/>
160
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){<br/>
161
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World";<br/>
162
- &nbsp;&nbsp;&nbsp;}<br/>
163
- [/php]
164
- </blockquote>
165
- <p><em>This code will output Hello World to only user id #1, and no one else</em></p>
166
- <p>In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]</p>
167
- <blockquote>
168
- [php debug=1]<br/>
169
- &nbsp;&nbsp;&nbsp;global $user_ID;<br/>
170
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){<br/>
171
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World"<br/>
172
- &nbsp;&nbsp;&nbsp;}<br/>
173
- [/php]
174
- </blockquote>
175
- <p><em>Will result in the output:</em></p>
176
- <blockquote>
177
- &nbsp;&nbsp;&nbsp;Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5<br/>
178
- &nbsp;&nbsp;&nbsp;global $user_ID; <br/>
179
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){ <br/>
180
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World" <br/>
181
- &nbsp;&nbsp;&nbsp;}
182
- </blockquote>
183
- </div>
184
- <div id='APIP_notes'>
185
- <h2>Some Important Notes</h2>
186
- <p>This plugin strips away all instances of &lt;p&gt; and &lt;br /&gt; therefore code has been added so that if you wish to use tags in your output (e.g.):</p>
187
- <blockquote>
188
- [php]<br/>
189
- &nbsp;&nbsp;&nbsp;echo "hello &lt;br /&gt; world";<br/>
190
- [/php]
191
- </blockquote>
192
- <p>The &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).</p>
193
- <blockquote>
194
- [php]<br/>
195
- &nbsp;&nbsp;&nbsp;echo "hello [br /] world";<br/>
196
- [/php]
197
- </blockquote>
198
- </div>
199
- <div id='APIP_tags'>
200
- <h2>Tag list</h2>
201
- <table cellpadding="5" cellspacing="1" style='border:1px #ddd solid' width='60%'>
202
-
203
- <tr>
204
- <th align="left" style="padding:5px; background:#ffffcc">For</th>
205
- <th align="left" style="padding:5px; background:#ffffcc">Write as</th>
206
- </tr>
207
- <tr>
208
- <td align="left" style="padding:5px; background:#ffffcc">&lt;p&gt; ... &lt;/p&gt;</td>
209
- <td align="left" style="padding:5px; background:#ffffcc">[p] ... [/p]</td>
210
- </tr>
211
- <tr>
212
- <td align="left" style="padding:5px; background:#ffffcc">&lt;em&gt;...&lt;/em&gt;</td>
213
- <td align="left" style="padding:5px; background:#ffffcc">[em]...[/em]</td>
214
- </tr>
215
- <tr>
216
- <td align="left" style="padding:5px; background:#ffffcc">&lt;p style=''&gt; ... &lt;/p&gt;</td>
217
- <td align="left" style="padding:5px; background:#ffffcc">[p style=''] ... [/p]</td>
218
- </tr>
219
- <tr>
220
- <td align="left" style="padding:5px; background:#ffffcc">&lt;u&gt; ... &lt;/u&gt;</td>
221
- <td align="left" style="padding:5px; background:#ffffcc">[u] ... [/u]</td>
222
- </tr>
223
- <tr>
224
- <td align="left" style="padding:5px; background:#ffffcc">&lt;br /&gt;</td>
225
- <td align="left" style="padding:5px; background:#ffffcc">[br /]</td>
226
- </tr>
227
-
228
- </table>
229
- </div>
230
- </div>
231
</div>
232
- <?php
233
}
234
235
function allowPHP_functions(){
236
$options = get_option("allowPHP_options");
237
$show404 = $options['show404'];
238
- global $wpdb;
239
$fourohfourmsg = $options['fourohfourmsg'];
240
$fourohfourmsg_id = $options['fourohfourmsg'];
241
if($fourohfourmsg != 0){
@@ -243,195 +294,202 @@ function allowPHP_functions(){
243
$fourohfourmsg = $fourohfourmsg[0]->function;
244
}
245
else{$fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';}
246
-
247
$sql = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
248
$results = $wpdb->get_results($wpdb->prepare($sql));
249
?>
250
- <script type="text/javascript">
251
function confirmMod(id){
252
return confirm("Are you sure you want to modify row id: "+id+"?");
253
}
254
function confirmDel(id){
255
return confirm("Are you sure you want to delete row id: "+id+"?");
256
}
257
</script>
258
<h1>Allow PHP in Posts and Pages</h1>
259
<div style='width:1145px;'>
260
<div style='width:500px; float:right;'>
261
- <div style='float:right; display:inline;width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffff00;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffff00), to(#ffffcc));background: -moz-linear-gradient(#ffff00, #ffffcc);background: linear-gradient(#ffff00, #ffffcc);'>
262
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span>
263
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span>
264
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Version: 2.0.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
265
- <hr/>
266
- <h2>Please help! We need your support...</h2>
267
- <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
268
- <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
269
- <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
270
- <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
271
- <ol>
272
- <li>
273
- <strong>Promote this plugin on Twitter</strong><br/>
274
- <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank">
275
- <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/>
276
- </a><br/><br/>
277
- </li>
278
- <li>
279
- <strong>Link to us</strong><br/>
280
- By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/><br/>
281
- </li>
282
- <li>
283
- <strong>Like us on Facebook</strong><br/>
284
- Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="450" show_faces="false" action="like" font="verdana"></fb:like><br/><br/>
285
- </li>
286
- <li>
287
- <strong>Share this plugin on Facebook</strong><br/>
288
- <div id="fb-root"></div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="450" show_faces="false" action="recommend" font="verdana"></fb:like>
289
- Share a link to the plugin page with your friends on Facebook<br/><br/>
290
- </li>
291
- <li>
292
- <strong>Make A Donation</strong><br/>
293
- Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
294
- <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
295
- <input type="hidden" name="cmd" value="_donations">
296
- <input type="hidden" name="business" value="admin@hitreach.co.uk">
297
- <input type="hidden" name="lc" value="GB">
298
- <input type="hidden" name="item_name" value="Hit Reach">
299
- <input type="hidden" name="item_number" value="APIP-Plugin">
300
- <input type="hidden" name="no_note" value="0">
301
- <input type="hidden" name="currency_code" value="GBP">
302
- <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
303
- <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
304
- <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
305
- </form>
306
- </li>
307
- </ol>
308
- </div>
309
</div>
310
- <script type="text/javascript">
311
- var APIP_current = "APIP_general";
312
- var APIP_currentTab = "APIP_generalTab";
313
- function APIP_changeTab(APIP_new, APIP_newTab){
314
- document.getElementById(APIP_current).style.display="none";
315
- document.getElementById(APIP_currentTab).className="APIP_tab";
316
- document.getElementById(APIP_new).style.display="block";
317
- document.getElementById(APIP_newTab).className="APIP_currentTab";
318
- APIP_current = APIP_new;
319
- APIP_currentTab = APIP_newTab;
320
- }
321
- </script>
322
- <style type="text/css">
323
- #APIP_navigation{font-size:12px; line-height:25px;}
324
- #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
325
- #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
326
- #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
327
- #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
328
- #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
329
- </style>
330
- <div style='width:630px; float:left;'>
331
- <div id='APIP_navigation'>
332
- <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>Plugin Options</a>
333
- <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Code Snippets</a>
334
- <a href='?page=allow-php-information' name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Plugin Information</a>
335
- </div>
336
- <div id='APIP_container'>
337
- <div id='APIP_general'>
338
- <h2>Plugin Options</h2>
339
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
340
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
341
- <input type="hidden" name='action' value='options' />
342
- <input type="hidden" name="id" value="0" />
343
- <p>Current 404 message: <?php echo htmlentities($fourohfourmsg);?></p>
344
- <label for="show404">Show the snippet not found message?: </label><input type='checkbox' name='option_show404' value='1' <?php if($show404 == 1)echo "checked='checked'";?> /><br/>
345
- <label for="fourohfourmsg">Custom 404 message to be displayed: </label>
346
- <select name='option_404msg'>
347
- <option value='0'> - Default Message - </option>
348
- <?php
349
- $res = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
350
- $res = $wpdb->get_results($res);
351
- foreach($res as $row){
352
- echo "<option value='".$row->id."'";
353
- if($row->id == $fourohfourmsg_id){echo "selected='selected'";}
354
- echo"> - Snippet ID: ".$row->id." - </option>";
355
- }
356
- ?>
357
- </select>
358
- <br/>
359
- <input type='submit' class='button-primary' value='Save Plugin Options' />
360
- </form>
361
- </div>
362
- <div id='APIP_usage'>
363
- <h2>Code Snippets</h2>
364
- <p><em>All snippets begin with a <span style='color:red'>&lt;?php</span> and end with a <span style='color:red'>?&gt;</span>So if you wish to use html only you will need to close the php tag, then re-open it at the end.</em></p>
365
- <table cellpadding='5' cellspacing='0' width="600">
366
- <?php if(sizeof($results) != 0){?>
367
- <tr>
368
- <th width='35' style='border-right:1px #ddd solid;'>ID</th>
369
- <th width="15"></th>
370
- <th width="475" align="left">Snippet</th>
371
- <th width="75" align="right">&nbsp;</th>
372
- </tr>
373
- <tr>
374
- <td style='border-right:1px #ddd solid;' height="10"></td>
375
- <td colspan='3'></td>
376
- </tr>
377
- <?php foreach($results as $row){ ?>
378
- <tr>
379
- <th align='center' valign="top" scope="row" style='border-right:1px #ddd solid;'>
380
- <?php echo $row->id; ?>
381
- </th>
382
- <td></td>
383
- <td align="left" valign="top">
384
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmMod(<?php echo $row->id; ?>)">
385
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
386
- <input type='submit' value='Modify' class='button-secondary' style='float:right;' />
387
- <input type='hidden' name='action' value='modify' />
388
- <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
389
- <strong>Name:</strong>
390
- <input type='text' name='name' value='<?php echo $row->name;?>' onblur="javascript:this.style.textDecoration='none'; this.style.cursor='pointer'" onclick="javascript:this.style.textDecoration='underline'; this.style.cursor='text';" title="Click to edit" maxlength="99" style='width:370px; border:0px white solid !important;cursor:pointer; background:none !important;'/><br/>
391
- <span style='color:red; vertical-align:top;'>&lt;?php</span><textarea style="width:475px" rows="2" name='function'><?php echo $row->function; ?></textarea><span style='color:red'>?&gt;</span>
392
- <br/>
393
-
394
- </form>
395
- </td>
396
- <td align="left" valign="top">
397
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmDel(<?php echo $row->id; ?>)">
398
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
399
- <input type='hidden' name='action' value='delete' />
400
- <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
401
- &nbsp;|&nbsp;<input type='submit' value='Delete' class='button-secondary' />
402
- </form>
403
-
404
- </td>
405
- </tr>
406
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3'></td></tr>
407
-
408
- <?php
409
- }}else{?>
410
- <tr><td style='border-right:1px #ddd solid;'></td>
411
- <td colspan='3' align="center"><em>No Snippets Found</em></td></tr>
412
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3'></td></tr>
413
- <?php }?>
414
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3' style='border-top:1px #ddd solid;'></td></tr>
415
- <tr>
416
- <th width="35" style='border-right:1px #ddd solid;'>&nbsp;</th><th width="15"></th>
417
- <th width="475" align="left"><h3>Add A New Snippet</h3></th>
418
- <th width="75" align="right">&nbsp;</th></tr>
419
- <tr><td height="123" style='border-right:1px #ddd solid;'></td><td></td><td colspan="2" >
420
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
421
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
422
- <input type='hidden' name='action' value='add' />
423
- <input type='hidden' name='id' value='0' />
424
- <input type='submit' value='Save Snippet' class='button-primary' style='float:right;' />
425
- <strong>Name: </strong><input type='text' name='name' id='name' style='width:405px;' maxlength="100" />
426
- <br/>
427
- <span style='color:red;vertical-align:top;'>&lt;?php</span><textarea style='width:550px' rows='3' name='function'></textarea><span style='color:red'>?&gt;</span><br/>
428
- </form></td></tr>
429
- </table>
430
- </div>
431
- </div>
432
- </div>
433
- </div>
434
- <?php
435
}
436
437
function allowPHP_activate(){
@@ -448,22 +506,19 @@ function allowPHP_activate(){
448
$fourohfourmsg = $options['fourohfourmsg'];
449
}
450
if($installedVersion != $dbVersion){
451
- $sql = "CREATE TABLE IF NOT EXISTS ".$wpdb->prefix."allowPHP_functions(
452
- id int NOT NULL AUTO_INCREMENT,
453
- name varchar(100) NOT NULL,
454
- function text NOT NULL,
455
- PRIMARY KEY(id)
456
- );";
457
require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
458
dbDelta($sql);
459
}
460
-
461
$options = array("show404" => $show404,"fourohfourmsg" => $fourohfourmsg, "dbVersion" => $dbVersion);
462
update_option("allowPHP_options", $options);
463
}
464
465
-
466
-
467
function add_APIP_button() {
468
if ( ! current_user_can('edit_posts') && ! current_user_can('edit_pages') ){
469
return;
@@ -475,7 +530,7 @@ function add_APIP_button() {
475
}
476
477
define( "APIP_PLUGIN_DIR", "allow-php-in-posts-and-pages" );
478
- define( "APIP_PLUGIN_URL", get_bloginfo('url')."/wp-content/plugins/" . APIP_PLUGIN_DIR );
479
480
function register_APIP_button($buttons) {
481
array_push($buttons, "|", "allowPHP");
@@ -487,10 +542,61 @@ function add_APIP_tinymce_plugin($plugin_array) {
487
}
488
489
function APIP_my_refresh_mce($ver) {
490
- $ver += 2;
491
return $ver;
492
}
493
add_action('init', 'add_APIP_button');
494
add_filter( 'tiny_mce_version', 'APIP_my_refresh_mce');
495
496
- ?>
1
<?php
2
/*
3
Plugin Name: Allow PHP in posts and pages
4
+ version: 2.3
5
Plugin URI: http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/
6
Description: Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages whilst still retaining HTML tags
7
Author: Hit Reach
13
add_shortcode('ALLOWPHP','php_handler');
14
add_action('admin_menu', 'allow_php_menu');
15
add_filter('widget_text', 'do_shortcode');
16
+ add_filter('the_content', 'apip_advanced_filter',0);
17
+
18
register_activation_hook(__FILE__, 'allowPHP_activate');
19
+ global $dbVersion;
20
+ $dbVersion = "1.0.0";
21
+
22
+ define("ALLOWPHPVERSION","2.3");
23
define("APIP_URL", WP_PLUGIN_URL.'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__)));
24
25
+ function apip_advanced_filter($args){
26
+ $options = get_option("allowPHP_options");
27
+ if(isset($options['use_advanced_filter'])){
28
+ if($options['use_advanced_filter'] == "1"){
29
+ remove_shortcode("php");
30
+ $args = str_ireplace("[php]","<?php ",$args);
31
+ $args = str_ireplace("[/php]"," ?>",$args);
32
+ $args = str_ireplace("[php useadvancedfilter]","<?php ",$args);
33
+ $args = str_ireplace("[/php useadvancedfilter]"," ?>",$args);
34
+ ob_start();
35
+ eval("?>".$args);
36
+ $returned = ob_get_clean();
37
+ return $returned;
38
+ }
39
+ }
40
+ $args = str_ireplace("[php useadvancedfilter]","<?php ",$args);
41
+ $args = str_ireplace("[/php useadvancedfilter]"," ?>",$args);
42
+ ob_start();
43
+ eval("?>".$args);
44
+ $returned = ob_get_clean();
45
+ return $returned;
46
+ }
47
48
+ function php_handler($args, $content=""){
49
global $is_comment;
50
global $wpdb;
51
+ $options = get_option("allowPHP_options");
52
+ if(isset($options['preparse'])){$preparse = $options['preparse'];}else{$preparse = 0;}
53
if($is_comment){return "";}
54
+ $res = "";
55
+ extract( shortcode_atts(array('debug' => 0,'silentdebug' => 0, 'function' => -1, 'mode'=>''), $args));
56
+ if(!isset($args['mode'])){$mode="";}else{$mode = $args['mode'];}
57
+ if(!isset($args['debug'])){$debug="0";}else{$debug = $args['debug'];}
58
+ if(!isset($args['silentdebug'])){$silentdebug="0";}else{$silentdebug = $args['silentdebug'];}
59
+ if($debug == 1){error_reporting(E_ALL);ini_set("display_errors","1");}
60
+ if($function == ""){$function == "-1";}
61
+ if($function == -1){
62
+ if(($preparse!= 1 && $mode != "old") || $mode == "new"){
63
+ #goodregextouse: /([\[])([\/]*[\d\w][\s\d\w\=\"\']*)([\]])/
64
+ #stage1 ([\[])([\/]*[\d\w][\s\d\w="'.$;*([\/]*)([\]])*
65
+ #stage2 ([){1}([/]*[\d\w]+[\w\d\s ]*?[ ]*?)([/]*\]){1}
66
+ #stage3 (\[){1}([/]{0,1}[\d\w]+[\w\d\s =\'\"\.\$]*?[ ]*?)([/]*\]){0,1}
67
+ #stage4 (\[{1})([\/]{0,1})([a-zA-z]{1}[a-zA-Z0-9]*[^\'\"])([a-zA-Z0-9 \!\"\£\$\%\^\&\*\*\(\)\_\-\+\=\|\\\,\.\/\?\:\;\@\'\#\~\{\[\}\]\¬\¦\`\<\>]*)([\/]{0,1})(]{1})
68
+ $content = strip_tags($content);
69
+ $count = "";
70
+ $content = preg_replace("/(\[{1})([\/]*)([a-zA-z\/]{1}[a-zA-Z0-9]*[^\'\"])([a-zA-Z0-9 \!\"\£\$\%\^\&\*\*\(\)\_\-\+\=\|\\\,\.\/\?\:\;\@\'\#\~\{\}\¬\¦\`\<\>]*)([\/]*)([\]]{1})/ix","<$3$4>",$content,"-1", $count);
71
+ $content = htmlspecialchars($content, ENT_NOQUOTES);
72
+ $content = str_replace("&amp;#8217;","'",$content);
73
+ $content = str_replace("&amp;#8216;","'",$content);
74
+ $content = str_replace("&amp;#8242;","'",$content);
75
+ $content = str_replace("&amp;#8220;","\"",$content);
76
+ $content = str_replace("&amp;#8221;","\"",$content);
77
+ $content = str_replace("&amp;#8243;","\"",$content);
78
+ $content = str_replace("&amp;#039;","'",$content);
79
+ $content = str_replace("&#039;","'",$content);
80
+ $content = str_replace("&amp;#038;","&",$content);
81
+ $content = str_replace("&amp;gt;",'>',$content);
82
+ $content = str_replace("&amp;lt;",'<',$content);
83
+ $content = htmlspecialchars_decode($content);
84
+ }
85
+ else{
86
+ $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#8217;","'",$content);$content = str_replace("&amp;#8216;","'",$content);$content = str_replace("&amp;#8242;","'",$content);$content = str_replace("&amp;#8220;","\"",$content);$content = str_replace("&amp;#8221;","\"",$content);$content = str_replace("&amp;#8243;","\"",$content);$content = str_replace("&amp;#039;","'",$content);$content = str_replace("&#039;","'",$content);$content = str_replace("&amp;#038;","&",$content);$content = str_replace("&amp;lt;br /&amp;gt;"," ", $content);$content = htmlspecialchars_decode($content);$content = str_replace("<br />"," ",$content);$content = str_replace("<p>"," ",$content);$content = str_replace("</p>"," ",$content);$content = str_replace("[br/]","<br/>",$content);$content = str_replace("\\[","&#91;",$content);$content = str_replace("\\]","&#93;",$content);$content = str_replace("[","<",$content);$content = str_replace("]",">",$content);$content = str_replace("&#91;",'[',$content);$content = str_replace("&#93;",']',$content);$content = str_replace("&gt;",'>',$content);$content = str_replace("&lt;",'<',$content);
87
+ }
88
}
89
else{
90
$show404 = $options['show404'];
91
$fourohfourmsg = $options['fourohfourmsg'];
92
if($fourohfourmsg != 0){
93
+ $fourohfourmsg = $wpdb->get_results("SELECT * FROM ".$wpdb->prefix."allowPHP_functions WHERE id = '".$fourohfourmsg."';");
94
+ $fourohfourmsg = htmlspecialchars_decode($fourohfourmsg[0]->function);
95
}
96
else{
97
+ $fourohfourmsg = '?><div style="font-weight:bold; color:red">Error 404: Function Not Found</div>';
98
}
99
$id = $args['function'];
100
$sql = "SELECT function FROM ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
101
$res = $wpdb->get_results($wpdb->prepare($sql));
102
+ if(sizeof($res) == 0){
103
+ if($show404 == 1){$content = $fourohfourmsg;}
104
+ }
105
+ else{
106
+ $content = htmlspecialchars_decode($res[0]->function);
107
+ }
108
}
109
ob_start();
110
+ eval ($content);
111
+ if($debug == 1||$silentdebug == 1){
112
+ if($silentdebug == 1){
113
+ echo "\n\n<!-- ALLOW PHP SILENT DEBUG MODE - - > \n\n\n";
114
+ }
115
+ else{
116
+ echo "<hr />";
117
+ echo "<p align='center'>Allow PHP Debug</p>";
118
+ }
119
+ if(sizeof($res)==0 && $function != -1){
120
+ $content = "Function id : $function : cannot be found<br/>";
121
+ }else{
122
$content =(htmlspecialchars($content,ENT_QUOTES));
123
}
124
+ echo ("<pre>".$content."</pre>");
125
+ if($silentdebug == 1){
126
+ echo "\n\n\n<- - END ALLOW PHP SILENT DEBUG MODE -->\n\n";
127
+ }
128
+ else{
129
+ echo "<p align='center'>End Allow PHP Debug</p>";
130
+ echo "<hr />";
131
+ }
132
+ }
133
$returned = ob_get_clean();
134
return $returned;
135
}
137
function allow_php_menu(){
138
add_menu_page( "Allow PHP in posts and pages", "Allow PHP in posts", "manage_options", "allow-php-menu", "allowPHP_functions");
139
add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
140
}
141
142
function allow_php_information(){
143
?>
144
<script type="text/javascript">
145
+ var APIP_current = "APIP_general";
146
+ var APIP_currentTab = "APIP_generalTab";
147
+ function APIP_changeTab(APIP_new, APIP_newTab){
148
+ document.getElementById(APIP_current).style.display="none";
149
+ document.getElementById(APIP_currentTab).className="APIP_tab";
150
+ document.getElementById(APIP_new).style.display="block";
151
+ document.getElementById(APIP_newTab).className="APIP_currentTab";
152
+ APIP_current = APIP_new;
153
+ APIP_currentTab = APIP_newTab;
154
+ }
155
+ </script>
156
<style type="text/css">
157
+ #APIP_navigation {
158
+ font-size:12px;
159
+ line-height:25px;
160
+ }
161
+ #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab {
162
+ padding:5px;
163
+ border:1px #ddd solid;
164
+ border-bottom:none;
165
+ line-height:25px;
166
+ cursor:pointer;
167
+ }
168
+ #APIP_navigation a.APIP_currentTab {
169
+ border:1px #666 solid;
170
+ border-bottom:1px white solid;
171
+ background-color:white;
172
+ }
173
+ #APIP_usage, #APIP_notes, #APIP_tags {
174
+ display:none;
175
+ }
176
+ #APIP_navigation, #APIP_container {
177
+ width:98%;
178
+ margin:0 auto;
179
+ }
180
+ #APIP_container {
181
+ border:1px #ddd solid;
182
+ background:white;
183
+ padding:15px;
184
+ }
185
</style>
186
+ <h1>Allow PHP in Posts and Pages</h1>
187
+ <div style='width:1145px;'>
188
+ <div style='width:500px; float:right;'>
189
+ <?php APIP_appeal();?>
190
+ </div>
191
+ <div style='width:630px; float:left;'>
192
+ <div id='APIP_navigation'> <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>General Information</a> <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Usage</a> <a onclick="APIP_changeTab('APIP_notes','APIP_notesTab')" name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Important Information</a> <a onclick="APIP_changeTab('APIP_tags','APIP_tagsTab')" name='APIP_tagsTab' id='APIP_tagsTab' class='APIP_tab'>Tag List</a> <a href="?page=allow-php-menu" name='APIP_optionsTab' id='APIP_optionsTab' class='APIP_tab'>Plugin Options</a> </div>
193
+ <div id='APIP_container'>
194
+ <div id='APIP_general'>
195
+ <h2>General Information</h2>
196
+ <p>Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode <span style='color:green'>[php]</span> <em>your code</em> <span style='color:green'>[/php]</span></p>
197
+ <p>This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a form of BBcode items such [p][/p] [br /]</p>
198
+ <p>Also, you can now save your most used PHP codes as &quot;snippets&quot; which you can insert into multiple pages at once.</p>
199
+ <p>With Version 2.2.0, the tag replacement system has been revamped which should reduce the need to escape [ and ] that shouldnt be changed &lt; and &gt; </p>
200
+ </div>
201
+ <div id='APIP_usage'>
202
+ <h2>Usage</h2>
203
+ <p>To add the PHP code to your post or page simply place any PHP code inside the shortcode tags.</p>
204
+ <p><em>For example: </em>If you wanted to add content that is visible to a particular user id:</p>
205
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
206
+ global $user_ID;
207
+ if($user_ID == 1){
208
+ echo "Hello World";
209
+ }
210
+ [/php]</blockquote>
211
+ <p><em>This code will output Hello World to only user id #1, and no one else</em></p>
212
+ <p>In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]</p>
213
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;"> [php debug=1]
214
+ global $user_ID;
215
+ if($user_ID == 1){
216
+ echo "Hello World"
217
+ }
218
+ [/php] </blockquote>
219
+ <p><em>Will result in the output:</em></p>
220
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
221
+ global $user_ID;
222
+ if($user_ID == 1){
223
+ echo "Hello World"
224
+ }
225
+ </blockquote>
226
+ <p>As well as the normal debug tag, you can also enable a silent debug by setting silentdebug in the <span style='color:green'>[php]</span> tag to be 1 (<span style='color:green'>[php debug=1 silentdebug=1]</span>), this will output all debug information as comments in the source code</p>
227
+ <p>If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the <span style='color:green'>[php]</span> tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the <span style='color:green'>[php]</span> tag</p>
228
+ <p>To call a pre-defined function from the Code Snippets page, add function=x to the <span style='color:green'>[php]</span> tag, where x is the function id</p>
229
+ </div>
230
+ <div id='APIP_notes'>
231
+ <h2>Some Important Notes</h2>
232
+ <p>This plugin strips away all instances of &lt;p&gt; and &lt;br /&gt; therefore code has been added so that if you wish to use tags in your output (e.g.):</p>
233
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
234
+ echo "hello &lt;br /&gt; world";
235
+ [/php]</blockquote>
236
+ <p>The &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).</p>
237
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
238
+ echo "hello [br /] world";
239
+ [/php]</blockquote>
240
+ <p>With code written pre-version 2.2.0 you may need to turn on support for the older replacement method as you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the <span style='color:green'>[php]</span> tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the <span style='color:green'>[php]</span> tag. In the current release, only known html tags are altered by the code, other tags and square bracket items (such as PHP arrays) are no longer affected.</p>
241
+ </div>
242
+ <div id='APIP_tags'>
243
+ <h2>Tag list</h2>
244
+ <table cellpadding="5" cellspacing="1" style='border:1px #ddd solid' width='60%'>
245
+ <tr>
246
+ <th align="left" style="padding:5px; background:#ffffcc">For</th>
247
+ <th align="left" style="padding:5px; background:#ffffcc">Write as</th>
248
+ </tr>
249
+ <tr>
250
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;p&gt; ... &lt;/p&gt;</td>
251
+ <td align="left" style="padding:5px; background:#ffffcc">[p] ... [/p]</td>
252
+ </tr>
253
+ <tr>
254
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;em&gt;...&lt;/em&gt;</td>
255
+ <td align="left" style="padding:5px; background:#ffffcc">[em]...[/em]</td>
256
+ </tr>
257
+ <tr>
258
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;p style=''&gt; ... &lt;/p&gt;</td>
259
+ <td align="left" style="padding:5px; background:#ffffcc">[p style=''] ... [/p]</td>
260
+ </tr>
261
+ <tr>
262
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;u&gt; ... &lt;/u&gt;</td>
263
+ <td align="left" style="padding:5px; background:#ffffcc">[u] ... [/u]</td>
264
+ </tr>
265
+ <tr>
266
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;br /&gt;</td>
267
+ <td align="left" style="padding:5px; background:#ffffcc">[br /]</td>
268
+ </tr>
269
+ </table>
270
+ </div>
271
+ </div>
272
+ </div>
273
</div>
274
+ <?php
275
}
276
277
function allowPHP_functions(){
278
+ $activeTab = "";
279
+ if( isset( $_GET['tab'] ) ){
280
+ if("cs" == $_GET['tab'] ){
281
+ $activeTab = "CS";
282
+ }
283
+ }
284
+ global $wpdb;
285
$options = get_option("allowPHP_options");
286
$show404 = $options['show404'];
287
+ $preparse = $options['preparse'];
288
+ $use_advanced_filter = $options['use_advanced_filter'];
289
+
290
$fourohfourmsg = $options['fourohfourmsg'];
291
$fourohfourmsg_id = $options['fourohfourmsg'];
292
if($fourohfourmsg != 0){
294
$fourohfourmsg = $fourohfourmsg[0]->function;
295
}
296
else{$fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';}
297
+
298
$sql = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
299
$results = $wpdb->get_results($wpdb->prepare($sql));
300
?>
301
+ <script type="text/javascript">
302
function confirmMod(id){
303
return confirm("Are you sure you want to modify row id: "+id+"?");
304
}
305
function confirmDel(id){
306
return confirm("Are you sure you want to delete row id: "+id+"?");
307
}
308
+ var APIP_current = "APIP_general";
309
+ var APIP_currentTab = "APIP_generalTab";
310
+ function APIP_changeTab(APIP_new, APIP_newTab){
311
+ document.getElementById(APIP_current).style.display="none";
312
+ document.getElementById(APIP_currentTab).className="APIP_tab";
313
+ document.getElementById(APIP_new).style.display="block";
314
+ document.getElementById(APIP_newTab).className="APIP_currentTab";
315
+ APIP_current = APIP_new;
316
+ APIP_currentTab = APIP_newTab;
317
+ }
318
</script>
319
+ <style type="text/css">
320
+ #APIP_navigation{font-size:12px; line-height:25px;}
321
+ #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
322
+ #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
323
+ #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
324
+ #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
325
+ #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
326
+ </style>
327
<h1>Allow PHP in Posts and Pages</h1>
328
<div style='width:1145px;'>
329
<div style='width:500px; float:right;'>
330
+ <?php APIP_Appeal()?>
331
</div>
332
+ <div style='width:630px; float:left;'>
333
+ <div id='APIP_navigation'> <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='<?php if( "" == $activeTab){echo "APIP_currentTab";}else{echo "APIP_tab";}?>'>Plugin Options</a> <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='<?php if( "CS" == $activeTab){echo "APIP_currentTab";}else{echo "APIP_tab";}?>'>Code Snippets</a> <a href='?page=allow-php-information' name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Plugin Information</a> </div>
334
+ <div id='APIP_container'>
335
+ <div id='APIP_general'>
336
+ <h2>Plugin Options</h2>
337
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
338
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
339
+ <input type="hidden" name='action' value='options' />
340
+ <input type="hidden" name="id" value="0" />
341
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1("0")));?>'/>
342
+ <p><strong>Current 404 message:</strong></p>
343
+ <blockquote style='background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;'><?php echo htmlspecialchars($fourohfourmsg);?></blockquote>
344
+ <table cellpadding='10' cellspacing='0' width='100%' align='center'>
345
+ <tr>
346
+ <td height='30' align='right' width='60%'>
347
+ <label for="show404">Show the snippet not found message?: </label>
348
+ </td>
349
+ <td width='40%'>
350
+ <input type='checkbox' name='show404' value='1' <?php if($show404 == 1)echo "checked='checked'";?> />
351
+ </td>
352
+ </tr>
353
+ <tr>
354
+ <td height='30' align='right'>
355
+ <label for="preparse">Use the old version (pre 2.2.0) code replacement method: </label>
356
+ </td>
357
+ <td>
358
+ <input type='checkbox' name='preparse' value='1' <?php if($preparse == 1)echo "checked='checked'";?> />
359
+ </td>
360
+ </tr>
361
+ <tr>
362
+ <td height='30' align='right'><label for="fourohfourmsg">Custom 404 message to be displayed: </label></td>
363
+ <td><select name='fourohfourmsg'>
364
+ <option value='0'> - Default Message - </option>
365
+ <?php
366
+ $res = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
367
+ $res = $wpdb->get_results($res);
368
+ foreach($res as $row){
369
+ echo "<option value='".$row->id."'";
370
+ if($row->id == $fourohfourmsg_id){echo "selected='selected'";}
371
+ echo"> - Snippet ID: ".$row->id." - </option>";
372
+ }
373
+ ?>
374
+ </select></td>
375
+ </tr>
376
+ <tr>
377
+ <td align='right' bgcolor="#990000" style='padding:5px;'>
378
+ <label for="use_advanced_filter" style='color:white;'>Use the advanced filter method (Experimental)</label>
379
+ </td>
380
+ <td bgcolor="#990000"style='padding:5px;'>
381
+ <input type='checkbox' name='use_advanced_filter' value='1' <?php if($use_advanced_filter == 1)echo "checked='checked'";?> />
382
+ </td>
383
+ </tr>
384
+ <tr>
385
+ <td colspan="2" align='left' style='border:1px #990000 solid;'><p style="color:red; margin-top:0px;"><strong>Caution::</strong> enabling the advanced filter method renders the code replacement version un-useable, so please be sure to convert all tags be be usable with this method first</p>
386
+ <p style="color:red; margin-top:0px;">The advanced filter method can be enabled manually using the php tag [php useadvancedfilter] <em>php code</em> [/php useadvancedfilter]</p>
387
+ <p style="color:red">Code Snippets are not currently supported with the new method, check back soon though!</p>
388
+ <p style="color:red">Do you like this new filter? Let us know on the blog!</p></td>
389
+ </tr>
390
+ </table>
391
+ <input type='submit' class='button-primary' value='Save Plugin Options' />
392
+ </form>
393
+ </div>
394
+ <div id='APIP_usage'>
395
+ <h2>Code Snippets</h2>
396
+ <p><em>All snippets begin with a <span style='color:red'>&lt;?php</span> and end with a <span style='color:red'>?&gt;</span> So if you wish to use html only you will need to close the php tag, then re-open it at the end.</em></p>
397
+ <table cellpadding='5' cellspacing='0' width="600">
398
+ <?php if(sizeof($results) != 0){?>
399
+ <tr>
400
+ <th width='35' style='border-right:1px #ddd solid;'>ID</th>
401
+ <th width="15"></th>
402
+ <th width="475" align="left">Snippet</th>
403
+ <th width="75" align="right">&nbsp;</th>
404
+ </tr>
405
+ <tr>
406
+ <td style='border-right:1px #ddd solid;' height="10"></td>
407
+ <td colspan='3'></td>
408
+ </tr>
409
+ <?php foreach($results as $row): ?>
410
+ <tr>
411
+ <th align='center' valign="top" scope="row" style='border-right:1px #ddd solid;'> <?php echo $row->id; ?> </th>
412
+ <td></td>
413
+ <td align="left" valign="top">
414
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmMod(<?php echo $row->id; ?>)">
415
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
416
+ <input type='submit' value='Modify' class='button-secondary' style='float:right;' />
417
+ <input type='hidden' name='action' value='modify' />
418
+ <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
419
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1($row->id)))?>'/>
420
+ <strong>Name:</strong>
421
+ <input type='text' name='name' value='<?php echo $row->name;?>' onblur="javascript:this.style.textDecoration='none'; this.style.cursor='pointer'" onclick="javascript:this.style.textDecoration='underline'; this.style.cursor='text';" title="Click to edit" maxlength="99" style='width:370px; border:0px white solid !important;cursor:pointer; background:none !important;'/>
422
+ <br/>
423
+ <span style='color:red; vertical-align:top;'>&lt;?php</span>
424
+ <textarea style="width:475px" rows="2" name='function'><?php echo $row->function; ?></textarea>
425
+ <span style='color:red'>?&gt;</span>
426
+ </form>
427
+ </td>
428
+ <td align="left" valign="top">
429
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmDel(<?php echo $row->id; ?>)">
430
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
431
+ <input type='hidden' name='action' value='delete' />
432
+ <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
433
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1($row->id)))?>'/>
434
+ &nbsp;|&nbsp;
435
+ <input type='submit' value='Delete' class='button-secondary' />
436
+ </form>
437
+ </td>
438
+ </tr>
439
+ <tr>
440
+ <td style='border-right:1px #ddd solid;' height="20"></td>
441
+ <td colspan='3'></td>
442
+ </tr>
443
+ <?php endforeach;
444
+ }
445
+ else{?>
446
+ <tr>
447
+ <td style='border-right:1px #ddd solid;'></td>
448
+ <td colspan='3' align="center"><em>No Snippets Found</em></td>
449
+ </tr>
450
+ <tr>
451
+ <td style='border-right:1px #ddd solid;' height="20"></td>
452
+ <td colspan='3'></td>
453
+ </tr>
454
+ <?php }?>
455
+ <tr>
456
+ <td style='border-right:1px #ddd solid;' height="20"></td>
457
+ <td colspan='3' style='border-top:1px #ddd solid;'></td>
458
+ </tr>
459
+ <tr>
460
+ <th width="35" style='border-right:1px #ddd solid;'>&nbsp;</th>
461
+ <th width="15"></th>
462
+ <th width="475" align="left">
463
+ <h3>Add A New Snippet</h3>
464
+ </th>
465
+ <th width="75" align="right">&nbsp;</th>
466
+ </tr>
467
+ <tr>
468
+ <td height="123" style='border-right:1px #ddd solid;'></td>
469
+ <td></td>
470
+ <td colspan="2" >
471
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
472
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
473
+ <input type='hidden' name='action' value='add' />
474
+ <input type='hidden' name='id' value='0' />
475
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1("0")));?>'/>
476
+ <input type='submit' value='Save Snippet' class='button-primary' style='float:right;' />
477
+ <strong>Name: </strong>
478
+ <input type='text' name='name' id='name' style='width:405px;' maxlength="100" />
479
+ <br/>
480
+ <span style='color:red;vertical-align:top;'>&lt;?php</span>
481
+ <textarea style='width:550px' rows='3' name='function'></textarea>
482
+ <span style='color:red'>?&gt;</span><br/>
483
+ </form>
484
+ </td>
485
+ </tr>
486
+ </table>
487
+ </div>
488
+ </div>
489
+ </div>
490
+ </div>
491
+ <?php if( "CS" == $activeTab){echo "<script type='text/javascript'>APIP_changeTab('APIP_usage','APIP_usageTab');</script>";}?>
492
+ <?php
493
}
494
495
function allowPHP_activate(){
506
$fourohfourmsg = $options['fourohfourmsg'];
507
}
508
if($installedVersion != $dbVersion){
509
+ $sql = "CREATE TABLE IF NOT EXISTS ".$wpdb->prefix."allowPHP_functions(
510
+ id int NOT NULL AUTO_INCREMENT,
511
+ name varchar(100) NOT NULL,
512
+ function text NOT NULL,
513
+ PRIMARY KEY(id)
514
+ );";
515
require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
516
dbDelta($sql);
517
}
518
$options = array("show404" => $show404,"fourohfourmsg" => $fourohfourmsg, "dbVersion" => $dbVersion);
519
update_option("allowPHP_options", $options);
520
}
521
522
function add_APIP_button() {
523
if ( ! current_user_can('edit_posts') && ! current_user_can('edit_pages') ){
524
return;
530
}
531
532
define( "APIP_PLUGIN_DIR", "allow-php-in-posts-and-pages" );
533
+ define( "APIP_PLUGIN_URL", get_bloginfo('wpurl')."/wp-content/plugins/" . APIP_PLUGIN_DIR );
534
535
function register_APIP_button($buttons) {
536
array_push($buttons, "|", "allowPHP");
542
}
543
544
function APIP_my_refresh_mce($ver) {
545
+ $ver += 5;
546
return $ver;
547
}
548
add_action('init', 'add_APIP_button');
549
add_filter( 'tiny_mce_version', 'APIP_my_refresh_mce');
550
551
+ function APIP_Appeal(){
552
+ ?>
553
+ <div style='float:right; display:inline; width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffffaa;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffffaa), to(#ffffee));background: -moz-linear-gradient(#ffffaa, #ffffee);background: linear-gradient(#ffffaa, #ffffee);'> <span style='font-size:1.05em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span> <span style='font-size:1.1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span> <span style='font-size:1.1em; color:#999; display:block; line-height:1.2em;'><strong>Version: <?php echo ALLOWPHPVERSION; ?> <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
554
+ <hr/>
555
+ <h2>Please help! We need your support...</h2>
556
+ <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
557
+ <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
558
+ <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
559
+ <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
560
+ <ol>
561
+ <li> <strong>Promote this plugin on Twitter</strong><br/>
562
+ <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank"> <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/> </a><br/>
563
+ <br/>
564
+ </li>
565
+ <li> <strong>Link to us</strong><br/>
566
+ By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/>
567
+ <br/>
568
+ </li>
569
+ <li> <strong>Like us on Facebook</strong><br/>
570
+ Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
571
+ <fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="400" show_faces="false" action="like" font="verdana"></fb:like>
572
+ <br/>
573
+ <br/>
574
+ </li>
575
+ <li> <strong>Share this plugin on Facebook</strong><br/>
576
+ <div id="fb-root"></div>
577
+ <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
578
+ <fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="420" show_faces="false" action="recommend" font="verdana"></fb:like>
579
+ Share a link to the plugin page with your friends on Facebook<br/>
580
+ <br/>
581
+ </li>
582
+ <li> <strong>Make A Donation</strong><br/>
583
+ Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
584
+ <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
585
+ <input type="hidden" name="cmd" value="_donations">
586
+ <input type="hidden" name="business" value="admin@hitreach.co.uk">
587
+ <input type="hidden" name="lc" value="GB">
588
+ <input type="hidden" name="item_name" value="Hit Reach">
589
+ <input type="hidden" name="item_number" value="APIP-Plugin">
590
+ <input type="hidden" name="no_note" value="0">
591
+ <input type="hidden" name="currency_code" value="GBP">
592
+ <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
593
+ <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
594
+ <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
595
+ </form>
596
+ </li>
597
+ </ol>
598
+ </div>
599
+ <?php
600
+ }
601
+
602
+ ?>
alter.php CHANGED
@@ -3,44 +3,59 @@
3
include_once("../../../wp-load.php");
4
include_once("../../../wp-includes/wp-db.php");
5
global $wpdb;
6
- $refer = $_SERVER['HTTP_REFERER'];
7
- if(!isset($_POST['allowPHPNonce'])){
8
- if ( !wp_verify_nonce( $_POST['allowPHPNonce'], plugin_basename(__FILE__) )) {header("location:".$refer);}
9
}
10
else{
11
- if(!isset($_POST['action']) || !defined ('ABSPATH')){header("location:".$refer);}
12
- if(isset($_POST['id'])){$id = $_POST['id'];}else{$id='0';}
13
- if(isset($_POST['function'])){$function = $_POST['function'];}else{$function="";}
14
- if(isset($_POST['name'])){$name = $_POST['name'];}else{$name="";}
15
$action = $_POST['action'];
16
-
17
#delete
18
- if($action == "delete"){
19
$sql = "delete from ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
20
- $wpdb->query($wpdb->prepare($sql));
21
- header("location:".$refer);
22
}
23
#add
24
elseif($action == "add" && $function != ""){
25
$sql = "insert into ".$wpdb->prefix."allowPHP_functions (function,name) values('".$function."','".$name."')";
26
$results = $wpdb->get_results($wpdb->prepare($sql));
27
- header("location:".$refer);
28
}
29
#modify
30
- elseif($action == "modify" && $function != ""){
31
$sql = "update ".$wpdb->prefix."allowPHP_functions set function='".$function."', name='".$name."' where id = ".$id;
32
$results = $wpdb->get_results($wpdb->prepare($sql));
33
- header("location:".$refer);
34
}
35
- elseif($action == "options" && isset($_POST['option_404msg'])){
36
- if(isset($_POST["option_show404"])){$show404 = $_POST['option_show404'];}else{$show404 = 0;}
37
- if(isset($_POST["option_404msg"])){$fourohfourmsg = $_POST['option_404msg'];}else{$show404 = 0;}
38
$options = get_option("allowPHP_options");
39
- $options = unserialize($options);
40
$options['show404'] = $show404;
41
$options['fourohfourmsg'] = $fourohfourmsg;
42
update_option("allowPHP_options", $options);
43
}
44
}
45
- header("location:".$refer."&noaction");
46
?>
3
include_once("../../../wp-load.php");
4
include_once("../../../wp-includes/wp-db.php");
5
global $wpdb;
6
+ ini_set("display_errors","1");
7
+ error_reporting(E_ALL);
8
+ $refer = get_bloginfo('url')."/wp-admin/admin.php?page=allow-php-menu";
9
+ if( !isset( $_POST['allowPHPNonce'] ) ){ wp_die("Authentication Failed"); }
10
+ else{
11
+ if(!function_exists("wp_verify_nonce") ){ wp_die("Authentication Failed"); }
12
+ if ( !wp_verify_nonce( $_POST['allowPHPNonce'], 'options' ) ) { wp_die("Authentication Failed"); }
13
}
14
+ if( !isset( $_POST['action'] ) || !isset( $_POST['id'] ) || !isset( $_POST['validation'] ) ){ die("Authentication Failed"); }
15
else{
16
$action = $_POST['action'];
17
+ $id = $_POST['id'];
18
+ $validation = $_POST['validation'];
19
+ if(!preg_match("/^[\d]*#x2F;", $id) || $validation != md5( md5( sha1( $id ) ) ) ){ wp_die("Authentication Failed validation"); }
20
+ $function;
21
+ $name;
22
+ if( isset( $_POST['function'] ) ){ $function = htmlspecialchars($_POST['function']); }
23
+ if( isset( $_POST['name'] ) ){ $name = htmlspecialchars( $_POST['name'] ); }
24
#delete
25
+ if($action == "delete" && preg_match("/^[\d]*#x2F;", $id)){
26
$sql = "delete from ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
27
+ $wpdb->query($wpdb->prepare($sql));
28
+ header("location:".$refer."&tab=cs&deleted=$id");
29
}
30
#add
31
elseif($action == "add" && $function != ""){
32
$sql = "insert into ".$wpdb->prefix."allowPHP_functions (function,name) values('".$function."','".$name."')";
33
$results = $wpdb->get_results($wpdb->prepare($sql));
34
+ header("location:".$refer."&tab=cs&functionAdded");
35
}
36
#modify
37
+ elseif( $action == "modify" && $function != "" && preg_match("/^[\d]*#x2F;", $id) ){
38
$sql = "update ".$wpdb->prefix."allowPHP_functions set function='".$function."', name='".$name."' where id = ".$id;
39
$results = $wpdb->get_results($wpdb->prepare($sql));
40
+ header("location:".$refer."&tab=cs&modified=$id");
41
}
42
+ elseif( $action == "options" && isset( $_POST['fourohfourmsg'] ) ) {
43
+ if( isset( $_POST["show404"] ) ){ $show404 = 1; }else{ $show404 = 0 ;}
44
+ if( isset( $_POST["fourohfourmsg"] )){ $fourohfourmsg = $_POST['fourohfourmsg'];}else{ $fourohfourmsg = 0; }
45
+ if( isset( $_POST["preparse"] )){ $preparse = 1;}else{ $preparse = 0; }
46
+ if( !preg_match("/^[\d]*#x2F;", $fourohfourmsg) ){
47
+ wp_die("Authentication Failed");
48
+ }
49
$options = get_option("allowPHP_options");
50
+ if(is_serialized( $options )){
51
+ $options = unserialize($options);
52
+ }
53
$options['show404'] = $show404;
54
$options['fourohfourmsg'] = $fourohfourmsg;
55
+ $options['preparse'] = $preparse;
56
update_option("allowPHP_options", $options);
57
+ header("location:".$refer."&status=optionsupdated");
58
}
59
+
60
}
61
?>