Allow PHP in Posts and Pages - Version 2.3

Version Description

  • Addition of Advanced Filter Experimental Feature

=

Download this release

Release Info

Developer Hit Reach
Plugin Icon wp plugin Allow PHP in Posts and Pages
Version 2.3
Comparing to
See all releases

Code changes from version 2.0.0.RC1 to 2.3

Files changed (3) hide show
  1. README.txt +78 -49
  2. allowphp.php +475 -369
  3. alter.php +34 -19
README.txt CHANGED
@@ -1,20 +1,27 @@
1
  === Allow PHP in Posts and Pages ===
2
  Contributors: Hit Reach
3
  Donate link:
4
- Tags: post, pages, posts, code, php, shortcode,
5
  Requires at least: 2.5
6
- Tested up to: 3.0.1
7
- Stable tag: 2.0.0.RC1
8
 
9
  Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages
10
 
11
  == Description ==
12
 
13
- Allow PHP in posts and pages adds the functionality to include PHP in wordpress posts and pages by adding a simple shortcode [php].code.[/php]
14
 
15
- This plugin strips away the automatically generated wordpress <p> and <br/> tags but still allows the addition of your own <p> and <br/> tags
 
 
 
 
 
 
 
 
16
 
17
- Please update immeadiatly if using version 1.2.2
18
 
19
  == Usage ==
20
 
@@ -22,69 +29,65 @@ To add the PHP code to your post or page simply place any PHP code inside the sh
22
 
23
  For example: If you wanted to add content that is visible to a particular user id:
24
 
25
-
26
-
27
- [php]
28
- global $user_ID;
29
- if($user_ID == 1){
30
- echo "Hello World";
31
- }
32
  [/php]
33
-
34
 
35
  This code will output Hello World to only user id #1, and no one else
36
 
37
- in addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]
38
 
 
 
 
 
 
 
39
 
40
- [php debug=1]
41
- global $user_ID;
42
- if($user_ID == 1){
43
- echo "Hello World"
44
- }
45
- [/php]
46
-
47
-
48
- Will result in the output:
49
 
50
-
51
- Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
52
- global $user_ID;
53
- if($user_ID == 1){
54
- echo "Hello World"
55
- }
56
 
57
- To use the new saved code parts, just add a function=xxx where xxx is the id to the APIP shortcode.
58
 
 
59
 
60
- [php function=1]
61
 
62
 
63
  == Some Important Notes ==
64
 
65
- This plugin strips away all instances of <p> and <br /> therefore code has been added so that if you wish to use tags in your output (e.g.):
66
- [php]
67
- echo "hello <br /> world";
68
- [/php]
69
-
70
 
71
- the &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).
 
 
72
 
73
- [php]
74
- echo "hello [br /] world";
75
- [/php]
76
 
77
- == Installation ==
 
 
78
 
79
- 1. Extract the zip file and drop the contents in the wp-content/plugins/ directory of your WordPress installation
80
- 1. Activate the Plugin from Plugins page
81
 
82
- == Misc ==
83
- Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a>
 
 
 
84
 
85
- Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a>
86
 
87
- Version: 1.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support & Comments</a>
 
88
 
89
  == Change log ==
90
  = 1.0 =
@@ -101,15 +104,41 @@ Version: 1.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-p
101
  * New Options Pages
102
  * TinyMCE editor button
103
  * allow shortcodes in text widgets by default
 
 
 
 
 
 
 
 
 
 
 
 
 
104
 
105
  == Frequently Asked Questions ==
106
  = What Tags Are Automatically Removed? =
107
  Currently all &lt;br /&gt; and &lt;p&gt; (and its closing counterpart) tags are removed from the input code because these are the tags that Wordpress automatically add.
 
108
  = How Do I Add Tags Without Them Being Stripped? =
109
  If you want to echo a paragraph tag or a line break, or any other tag (strong, em etc) instead of enclosing them in &lt; and &gt; tags, enclose them in [ ] brackets for example [p] instead of &lt;p&gt; The square brackets are converted after the inital tags are stripped and function as normal tags.
 
110
  = Thats All Good But I want To Include A [ and ] In My Output! =
111
- To include square brackets in your output simply add a \ before it so [ becomes \[ and ] becomes \], again these are converted and will display as [ and ]
 
112
  = Can I still connect to non-wordpress databases? =
113
  Yes you can, just use the standard mysql_connect or the mysql_pconnect and their parameters.
 
 
 
 
 
 
 
 
 
 
114
  = My Question Is Not Answered Here! =
115
  If your question is not listed here please look on: <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/</a> and if the answer is not listed there, just leave a comment
1
  === Allow PHP in Posts and Pages ===
2
  Contributors: Hit Reach
3
  Donate link:
4
+ Tags: post, pages, posts, code, php, shortcode, allow, sidebar, variables
5
  Requires at least: 2.5
6
+ Tested up to: 3.3.1
7
+ Stable tag: 2.3
8
 
9
  Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages
10
 
11
  == Description ==
12
 
13
+ Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode [php] your code [/php]
14
 
15
+ This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a form of BBcode items such [p][/p] [br /]
16
+
17
+ Also, you can now save your most used PHP codes as "snippets" which you can insert into multiple pages at once.
18
+
19
+ With Version 2.2.0, the tag replacement system has been revamped which should reduce the need to escape [ and ] that shouldnt be changed &lt; and &gt;
20
+
21
+ With Version 3 comes an experimental Advanced Filter Feature which allows you to use full php code inside post and pages, taking advantange of variables thoughout the entire post content, and functions, as well as no pesky tag replacement.
22
+
23
+ Currently the Code snippets and debugging are are not available for the Advanced Filter Feature, but we are working on it! Let us know what you think about the new filter!
24
 
 
25
 
26
  == Usage ==
27
 
29
 
30
  For example: If you wanted to add content that is visible to a particular user id:
31
 
32
+ [php]
33
+ global $user_ID;
34
+ if($user_ID == 1){
35
+ echo "Hello World";
36
+ }
 
 
37
  [/php]
 
38
 
39
  This code will output Hello World to only user id #1, and no one else
40
 
41
+ In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]
42
 
43
+ [php debug=1]
44
+ global
45
+ $user_ID; if($user_ID == 1){
46
+ echo "Hello World"
47
+ }
48
+ [/php]
49
 
50
+ Will result in the output:
 
 
 
 
 
 
 
 
51
 
52
+ Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
53
+ global $user_ID;
54
+ if($user_ID == 1){
55
+ echo "Hello World"
56
+ }
 
57
 
58
+ As well as the normal debug tag, you can also enable a silent debug by setting silentdebug in the [php] tag to be 1 ([php debug=1 silentdebug=1]), this will output all debug information as comments in the source code
59
 
60
+ If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag
61
 
62
+ To call a pre-defined function from the Code Snippets page, add function=x to the [php] tag, where x is the function id
63
 
64
 
65
  == Some Important Notes ==
66
 
67
+ This plugin strips away all instances of <p> and <br /> therefore code has been added so that if you wish to use tags in your output (e.g.):
 
 
 
 
68
 
69
+ [php]
70
+ echo "hello <br /> world";
71
+ [/php]
72
 
73
+ The < and > tags will need to be swapped for [ and ] respectively so <p> becomes [p] and </p> becomes [/p] which is converted back to <p> at runtime. these [ ] work for all tags (p, strong, em etc.).
 
 
74
 
75
+ [php]
76
+ echo "hello [br /] world";
77
+ [/php]
78
 
79
+ With code written pre-version 2.2.0 you may need to turn on support for the older replacement method as you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag. In the current release, only known html tags are altered by the code, other tags and square bracket items (such as PHP arrays) are no longer affected.
 
80
 
81
+ In version 2.2.0:beta-2 arrays cannot effectively access arrays and still convert tags, so you will need to write:
82
+ echo "[p]".$myArray[0]."[/p]"
83
+ as
84
+ $mya = $myArray[0];
85
+ echo "[p]".$mya."[/p];
86
 
87
+ == Installation ==
88
 
89
+ 1. Extract the zip file and drop the contents in the wp-content/plugins/ directory of your WordPress installation
90
+ 1. Activate the Plugin from Plugins page
91
 
92
  == Change log ==
93
  = 1.0 =
104
  * New Options Pages
105
  * TinyMCE editor button
106
  * allow shortcodes in text widgets by default
107
+ = 2.1.0 =
108
+ * Overall file tightening and maintenance
109
+ = 2.1.05 =
110
+ * fix issue with using the tinyMCE editor while the blog installation is in a sub folder
111
+ = 2.2.0:beta =
112
+ * HTML Tag replacement method changed
113
+ * UI Design Tweeks
114
+ = 2.2.0:beta:3=
115
+ * Tag replacement Tweeks
116
+ = 2.2.0:RC1 =
117
+ * Finalisation of the tag replacement tweeks
118
+ = 2.3 =
119
+ * Addition of Advanced Filter Experimental Feature
120
 
121
  == Frequently Asked Questions ==
122
  = What Tags Are Automatically Removed? =
123
  Currently all &lt;br /&gt; and &lt;p&gt; (and its closing counterpart) tags are removed from the input code because these are the tags that Wordpress automatically add.
124
+
125
  = How Do I Add Tags Without Them Being Stripped? =
126
  If you want to echo a paragraph tag or a line break, or any other tag (strong, em etc) instead of enclosing them in &lt; and &gt; tags, enclose them in [ ] brackets for example [p] instead of &lt;p&gt; The square brackets are converted after the inital tags are stripped and function as normal tags.
127
+
128
  = Thats All Good But I want To Include A [ and ] In My Output! =
129
+ The tag replacement system only replaces [ and ] when they are paired up and text content inside e.g. it wont replace [] and wont replace [hello[ but it will replace [hello], to prevent this, escape the opening [ with a \ so write \[hello]
130
+
131
  = Can I still connect to non-wordpress databases? =
132
  Yes you can, just use the standard mysql_connect or the mysql_pconnect and their parameters.
133
+
134
+ = A function that was working before upgrading, no longer works =
135
+ If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the [php] tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the [php] tag
136
+
137
+ = The sample code provided on the plugin page doesnt work! =
138
+ On the plugin page, the code is written with spaces in the [php] tag, these need to be removed before the tag will work.
139
+
140
+ = I found a bug! =
141
+ Allow PHP in posts and pages is in beta stages, please let us know of any bugs you may find or any improvement suggestions you have.
142
+
143
  = My Question Is Not Answered Here! =
144
  If your question is not listed here please look on: <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/</a> and if the answer is not listed there, just leave a comment
allowphp.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
  /*
3
  Plugin Name: Allow PHP in posts and pages
4
- version: 2.0.0.RC1
5
  Plugin URI: http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/
6
  Description: Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages whilst still retaining HTML tags
7
  Author: Hit Reach
@@ -13,44 +13,123 @@ add_shortcode('allowphp','php_handler');
13
  add_shortcode('ALLOWPHP','php_handler');
14
  add_action('admin_menu', 'allow_php_menu');
15
  add_filter('widget_text', 'do_shortcode');
 
 
16
  register_activation_hook(__FILE__, 'allowPHP_activate');
17
- global $dbVersion; $dbVersion = "1.0.0";
18
- define("ALLOWPHPVERSION","2.0.0.RC1");
 
 
19
  define("APIP_URL", WP_PLUGIN_URL.'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__)));
20
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
21
 
22
- function php_handler($args, $content=null){
23
  global $is_comment;
24
  global $wpdb;
 
 
25
  if($is_comment){return "";}
26
- extract( shortcode_atts(array('debug' => 0, 'function' => -1), $args));
27
- if($args['debug'] == 1){error_reporting(E_ALL);ini_set("display_errors","1");}
28
- if($args['function'] == -1){
29
- $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#8217;","'",$content);$content = str_replace("&amp;#8216;","'",$content);$content = str_replace("&amp;#8242;","'",$content);$content = str_replace("&amp;#8220;","\"",$content);$content = str_replace("&amp;#8221;","\"",$content);$content = str_replace("&amp;#8243;","\"",$content);$content = str_replace("&amp;#039;","'",$content);$content = str_replace("&#039;","'",$content);$content = str_replace("&amp;#038;","&",$content);$content = str_replace("&amp;lt;br /&amp;gt;"," ", $content);$content = htmlspecialchars_decode($content);$content = str_replace("<br />"," ",$content);$content = str_replace("<p>"," ",$content);$content = str_replace("</p>"," ",$content);$content = str_replace("[br/]","<br/>",$content);$content = str_replace("\\[","&#91;",$content);$content = str_replace("\\]","&#93;",$content);$content = str_replace("[","<",$content);$content = str_replace("]",">",$content);$content = str_replace("&#91;",'[',$content);$content = str_replace("&#93;",']',$content);$content = str_replace("&gt;",'>',$content);$content = str_replace("&lt;",'<',$content);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
30
  }
31
  else{
32
- $options = get_option("allowPHP_options");
33
  $show404 = $options['show404'];
34
  $fourohfourmsg = $options['fourohfourmsg'];
35
  if($fourohfourmsg != 0){
36
- $fourohfourmsg = $wpdb->get_results("SELECT * FROM ".$wpdb->prefix."allowPHP_functions WHERE id = '".$fourohfourmsg."';");
37
- $fourohfourmsg = $fourohfourmsg[0]->function;
38
  }
39
  else{
40
- $fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';
41
  }
42
  $id = $args['function'];
43
  $sql = "SELECT function FROM ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
44
  $res = $wpdb->get_results($wpdb->prepare($sql));
45
- if(sizeof($res) == 0){ if($show404 == 1){$content = $fourohfourmsg;}}
46
- else{$content = $res[0]->function;}
 
 
 
 
47
  }
48
  ob_start();
49
- eval ($content);
50
- if($args['debug'] == 1){
 
 
 
 
 
 
 
 
 
 
51
  $content =(htmlspecialchars($content,ENT_QUOTES));
52
- echo ("<pre>".$content."</pre>");
53
  }
 
 
 
 
 
 
 
 
 
54
  $returned = ob_get_clean();
55
  return $returned;
56
  }
@@ -58,184 +137,156 @@ $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#
58
  function allow_php_menu(){
59
  add_menu_page( "Allow PHP in posts and pages", "Allow PHP in posts", "manage_options", "allow-php-menu", "allowPHP_functions");
60
  add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
61
- add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
62
  }
63
 
64
  function allow_php_information(){
65
  ?>
66
- <h1>Allow PHP in Posts and Pages</h1>
67
- <div style='width:1145px;'>
68
- <div style='width:500px; float:right;'>
69
- <div style='float:right; display:inline; width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffff00;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffff00), to(#ffffcc));background: -moz-linear-gradient(#ffff00, #ffffcc);background: linear-gradient(#ffff00, #ffffcc);'>
70
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span>
71
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span>
72
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Version: 2.0.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
73
- <hr/>
74
- <h2>Please help! We need your support...</h2>
75
- <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
76
- <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
77
- <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
78
- <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
79
- <ol>
80
- <li>
81
- <strong>Promote this plugin on Twitter</strong><br/>
82
- <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank">
83
- <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/>
84
- </a><br/><br/>
85
- </li>
86
- <li>
87
- <strong>Link to us</strong><br/>
88
- By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/><br/>
89
- </li>
90
- <li>
91
- <strong>Like us on Facebook</strong><br/>
92
- Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="450" show_faces="false" action="like" font="verdana"></fb:like><br/><br/>
93
- </li>
94
- <li>
95
- <strong>Share this plugin on Facebook</strong><br/>
96
- <div id="fb-root"></div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="450" show_faces="false" action="recommend" font="verdana"></fb:like>
97
- Share a link to the plugin page with your friends on Facebook<br/><br/>
98
- </li>
99
- <li>
100
- <strong>Make A Donation</strong><br/>
101
- Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
102
- <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
103
- <input type="hidden" name="cmd" value="_donations">
104
- <input type="hidden" name="business" value="admin@hitreach.co.uk">
105
- <input type="hidden" name="lc" value="GB">
106
- <input type="hidden" name="item_name" value="Hit Reach">
107
- <input type="hidden" name="item_number" value="APIP-Plugin">
108
- <input type="hidden" name="no_note" value="0">
109
- <input type="hidden" name="currency_code" value="GBP">
110
- <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
111
- <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
112
- <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
113
- </form>
114
- </li>
115
- </ol>
116
- </div>
117
- </div>
118
  <script type="text/javascript">
119
- var APIP_current = "APIP_general";
120
- var APIP_currentTab = "APIP_generalTab";
121
- function APIP_changeTab(APIP_new, APIP_newTab){
122
- document.getElementById(APIP_current).style.display="none";
123
- document.getElementById(APIP_currentTab).className="APIP_tab";
124
- document.getElementById(APIP_new).style.display="block";
125
- document.getElementById(APIP_newTab).className="APIP_currentTab";
126
- APIP_current = APIP_new;
127
- APIP_currentTab = APIP_newTab;
128
- }
129
- </script>
130
  <style type="text/css">
131
- #APIP_navigation{font-size:12px; line-height:25px;}
132
- #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
133
- #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
134
- #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
135
- #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
136
- #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
137
  </style>
138
- <div style='width:630px; float:left;'>
139
- <div id='APIP_navigation'>
140
- <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>General Information</a>
141
- <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Usage</a>
142
- <a onclick="APIP_changeTab('APIP_notes','APIP_notesTab')" name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Important Information</a>
143
- <a onclick="APIP_changeTab('APIP_tags','APIP_tagsTab')" name='APIP_tagsTab' id='APIP_tagsTab' class='APIP_tab'>Tag List</a>
144
- <a href="?page=allow-php-menu" name='APIP_optionsTab' id='APIP_optionsTab' class='APIP_tab'>Plugin Options</a>
145
- </div>
146
- <div id='APIP_container'>
147
- <div id='APIP_general'>
148
- <h2>General Information</h2>
149
- <p>Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode <span style='color:green'>[php]</span> <em>your code</em> <span style='color:green'>[/php]</span></p>
150
- <p>This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a tag replacement system.</p>
151
- <p>Also, you can now save your most used PHP codes as &quot;snippets&quot; which you can insert into multiple pages at once.</p>
152
- </div>
153
- <div id='APIP_usage'>
154
- <h2>Usage</h2>
155
- <p>To add the PHP code to your post or page simply place any PHP code inside the shortcode tags.</p>
156
- <em>For example: </em>If you wanted to add content that is visible to a particular user id:</p>
157
- <blockquote>
158
- [php]<br/>
159
- &nbsp;&nbsp;&nbsp;global $user_ID;<br/>
160
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){<br/>
161
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World";<br/>
162
- &nbsp;&nbsp;&nbsp;}<br/>
163
- [/php]
164
- </blockquote>
165
- <p><em>This code will output Hello World to only user id #1, and no one else</em></p>
166
- <p>In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]</p>
167
- <blockquote>
168
- [php debug=1]<br/>
169
- &nbsp;&nbsp;&nbsp;global $user_ID;<br/>
170
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){<br/>
171
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World"<br/>
172
- &nbsp;&nbsp;&nbsp;}<br/>
173
- [/php]
174
- </blockquote>
175
- <p><em>Will result in the output:</em></p>
176
- <blockquote>
177
- &nbsp;&nbsp;&nbsp;Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5<br/>
178
- &nbsp;&nbsp;&nbsp;global $user_ID; <br/>
179
- &nbsp;&nbsp;&nbsp;if($user_ID == 1){ <br/>
180
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;echo "Hello World" <br/>
181
- &nbsp;&nbsp;&nbsp;}
182
- </blockquote>
183
- </div>
184
- <div id='APIP_notes'>
185
- <h2>Some Important Notes</h2>
186
- <p>This plugin strips away all instances of &lt;p&gt; and &lt;br /&gt; therefore code has been added so that if you wish to use tags in your output (e.g.):</p>
187
- <blockquote>
188
- [php]<br/>
189
- &nbsp;&nbsp;&nbsp;echo "hello &lt;br /&gt; world";<br/>
190
- [/php]
191
- </blockquote>
192
- <p>The &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).</p>
193
- <blockquote>
194
- [php]<br/>
195
- &nbsp;&nbsp;&nbsp;echo "hello [br /] world";<br/>
196
- [/php]
197
- </blockquote>
198
- </div>
199
- <div id='APIP_tags'>
200
- <h2>Tag list</h2>
201
- <table cellpadding="5" cellspacing="1" style='border:1px #ddd solid' width='60%'>
202
-
203
- <tr>
204
- <th align="left" style="padding:5px; background:#ffffcc">For</th>
205
- <th align="left" style="padding:5px; background:#ffffcc">Write as</th>
206
- </tr>
207
- <tr>
208
- <td align="left" style="padding:5px; background:#ffffcc">&lt;p&gt; ... &lt;/p&gt;</td>
209
- <td align="left" style="padding:5px; background:#ffffcc">[p] ... [/p]</td>
210
- </tr>
211
- <tr>
212
- <td align="left" style="padding:5px; background:#ffffcc">&lt;em&gt;...&lt;/em&gt;</td>
213
- <td align="left" style="padding:5px; background:#ffffcc">[em]...[/em]</td>
214
- </tr>
215
- <tr>
216
- <td align="left" style="padding:5px; background:#ffffcc">&lt;p style=''&gt; ... &lt;/p&gt;</td>
217
- <td align="left" style="padding:5px; background:#ffffcc">[p style=''] ... [/p]</td>
218
- </tr>
219
- <tr>
220
- <td align="left" style="padding:5px; background:#ffffcc">&lt;u&gt; ... &lt;/u&gt;</td>
221
- <td align="left" style="padding:5px; background:#ffffcc">[u] ... [/u]</td>
222
- </tr>
223
- <tr>
224
- <td align="left" style="padding:5px; background:#ffffcc">&lt;br /&gt;</td>
225
- <td align="left" style="padding:5px; background:#ffffcc">[br /]</td>
226
- </tr>
227
-
228
- </table>
229
- </div>
230
- </div>
231
  </div>
232
- <?php
233
  }
234
 
235
  function allowPHP_functions(){
 
 
 
 
 
 
 
236
  $options = get_option("allowPHP_options");
237
  $show404 = $options['show404'];
238
- global $wpdb;
 
 
239
  $fourohfourmsg = $options['fourohfourmsg'];
240
  $fourohfourmsg_id = $options['fourohfourmsg'];
241
  if($fourohfourmsg != 0){
@@ -243,195 +294,202 @@ function allowPHP_functions(){
243
  $fourohfourmsg = $fourohfourmsg[0]->function;
244
  }
245
  else{$fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';}
246
-
247
  $sql = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
248
  $results = $wpdb->get_results($wpdb->prepare($sql));
249
  ?>
250
- <script type="text/javascript">
251
  function confirmMod(id){
252
  return confirm("Are you sure you want to modify row id: "+id+"?");
253
  }
254
  function confirmDel(id){
255
  return confirm("Are you sure you want to delete row id: "+id+"?");
256
  }
 
 
 
 
 
 
 
 
 
 
257
  </script>
 
 
 
 
 
 
 
 
258
  <h1>Allow PHP in Posts and Pages</h1>
259
  <div style='width:1145px;'>
260
  <div style='width:500px; float:right;'>
261
- <div style='float:right; display:inline;width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffff00;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffff00), to(#ffffcc));background: -moz-linear-gradient(#ffff00, #ffffcc);background: linear-gradient(#ffff00, #ffffcc);'>
262
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span>
263
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span>
264
- <span style='font-size:1em; color:#999; display:block; line-height:1.2em;'><strong>Version: 2.0.0 <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
265
- <hr/>
266
- <h2>Please help! We need your support...</h2>
267
- <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
268
- <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
269
- <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
270
- <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
271
- <ol>
272
- <li>
273
- <strong>Promote this plugin on Twitter</strong><br/>
274
- <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank">
275
- <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/>
276
- </a><br/><br/>
277
- </li>
278
- <li>
279
- <strong>Link to us</strong><br/>
280
- By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/><br/>
281
- </li>
282
- <li>
283
- <strong>Like us on Facebook</strong><br/>
284
- Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="450" show_faces="false" action="like" font="verdana"></fb:like><br/><br/>
285
- </li>
286
- <li>
287
- <strong>Share this plugin on Facebook</strong><br/>
288
- <div id="fb-root"></div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script><fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="450" show_faces="false" action="recommend" font="verdana"></fb:like>
289
- Share a link to the plugin page with your friends on Facebook<br/><br/>
290
- </li>
291
- <li>
292
- <strong>Make A Donation</strong><br/>
293
- Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
294
- <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
295
- <input type="hidden" name="cmd" value="_donations">
296
- <input type="hidden" name="business" value="admin@hitreach.co.uk">
297
- <input type="hidden" name="lc" value="GB">
298
- <input type="hidden" name="item_name" value="Hit Reach">
299
- <input type="hidden" name="item_number" value="APIP-Plugin">
300
- <input type="hidden" name="no_note" value="0">
301
- <input type="hidden" name="currency_code" value="GBP">
302
- <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
303
- <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
304
- <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
305
- </form>
306
- </li>
307
- </ol>
308
- </div>
309
  </div>
310
- <script type="text/javascript">
311
- var APIP_current = "APIP_general";
312
- var APIP_currentTab = "APIP_generalTab";
313
- function APIP_changeTab(APIP_new, APIP_newTab){
314
- document.getElementById(APIP_current).style.display="none";
315
- document.getElementById(APIP_currentTab).className="APIP_tab";
316
- document.getElementById(APIP_new).style.display="block";
317
- document.getElementById(APIP_newTab).className="APIP_currentTab";
318
- APIP_current = APIP_new;
319
- APIP_currentTab = APIP_newTab;
320
- }
321
- </script>
322
- <style type="text/css">
323
- #APIP_navigation{font-size:12px; line-height:25px;}
324
- #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
325
- #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
326
- #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
327
- #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
328
- #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
329
- </style>
330
- <div style='width:630px; float:left;'>
331
- <div id='APIP_navigation'>
332
- <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>Plugin Options</a>
333
- <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Code Snippets</a>
334
- <a href='?page=allow-php-information' name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Plugin Information</a>
335
- </div>
336
- <div id='APIP_container'>
337
- <div id='APIP_general'>
338
- <h2>Plugin Options</h2>
339
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
340
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
341
- <input type="hidden" name='action' value='options' />
342
- <input type="hidden" name="id" value="0" />
343
- <p>Current 404 message: <?php echo htmlentities($fourohfourmsg);?></p>
344
- <label for="show404">Show the snippet not found message?: </label><input type='checkbox' name='option_show404' value='1' <?php if($show404 == 1)echo "checked='checked'";?> /><br/>
345
- <label for="fourohfourmsg">Custom 404 message to be displayed: </label>
346
- <select name='option_404msg'>
347
- <option value='0'> - Default Message - </option>
348
- <?php
349
- $res = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
350
- $res = $wpdb->get_results($res);
351
- foreach($res as $row){
352
- echo "<option value='".$row->id."'";
353
- if($row->id == $fourohfourmsg_id){echo "selected='selected'";}
354
- echo"> - Snippet ID: ".$row->id." - </option>";
355
- }
356
- ?>
357
- </select>
358
- <br/>
359
- <input type='submit' class='button-primary' value='Save Plugin Options' />
360
- </form>
361
- </div>
362
- <div id='APIP_usage'>
363
- <h2>Code Snippets</h2>
364
- <p><em>All snippets begin with a <span style='color:red'>&lt;?php</span> and end with a <span style='color:red'>?&gt;</span>So if you wish to use html only you will need to close the php tag, then re-open it at the end.</em></p>
365
- <table cellpadding='5' cellspacing='0' width="600">
366
- <?php if(sizeof($results) != 0){?>
367
- <tr>
368
- <th width='35' style='border-right:1px #ddd solid;'>ID</th>
369
- <th width="15"></th>
370
- <th width="475" align="left">Snippet</th>
371
- <th width="75" align="right">&nbsp;</th>
372
- </tr>
373
- <tr>
374
- <td style='border-right:1px #ddd solid;' height="10"></td>
375
- <td colspan='3'></td>
376
- </tr>
377
- <?php foreach($results as $row){ ?>
378
- <tr>
379
- <th align='center' valign="top" scope="row" style='border-right:1px #ddd solid;'>
380
- <?php echo $row->id; ?>
381
- </th>
382
- <td></td>
383
- <td align="left" valign="top">
384
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmMod(<?php echo $row->id; ?>)">
385
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
386
- <input type='submit' value='Modify' class='button-secondary' style='float:right;' />
387
- <input type='hidden' name='action' value='modify' />
388
- <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
389
- <strong>Name:</strong>
390
- <input type='text' name='name' value='<?php echo $row->name;?>' onblur="javascript:this.style.textDecoration='none'; this.style.cursor='pointer'" onclick="javascript:this.style.textDecoration='underline'; this.style.cursor='text';" title="Click to edit" maxlength="99" style='width:370px; border:0px white solid !important;cursor:pointer; background:none !important;'/><br/>
391
- <span style='color:red; vertical-align:top;'>&lt;?php</span><textarea style="width:475px" rows="2" name='function'><?php echo $row->function; ?></textarea><span style='color:red'>?&gt;</span>
392
- <br/>
393
-
394
- </form>
395
- </td>
396
- <td align="left" valign="top">
397
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmDel(<?php echo $row->id; ?>)">
398
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
399
- <input type='hidden' name='action' value='delete' />
400
- <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
401
- &nbsp;|&nbsp;<input type='submit' value='Delete' class='button-secondary' />
402
- </form>
403
-
404
- </td>
405
- </tr>
406
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3'></td></tr>
407
-
408
- <?php
409
- }}else{?>
410
- <tr><td style='border-right:1px #ddd solid;'></td>
411
- <td colspan='3' align="center"><em>No Snippets Found</em></td></tr>
412
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3'></td></tr>
413
- <?php }?>
414
- <tr><td style='border-right:1px #ddd solid;' height="20"></td><td colspan='3' style='border-top:1px #ddd solid;'></td></tr>
415
- <tr>
416
- <th width="35" style='border-right:1px #ddd solid;'>&nbsp;</th><th width="15"></th>
417
- <th width="475" align="left"><h3>Add A New Snippet</h3></th>
418
- <th width="75" align="right">&nbsp;</th></tr>
419
- <tr><td height="123" style='border-right:1px #ddd solid;'></td><td></td><td colspan="2" >
420
- <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
421
- <?php wp_nonce_field( plugin_basename(__FILE__), 'allowPHPNonce' ); ?>
422
- <input type='hidden' name='action' value='add' />
423
- <input type='hidden' name='id' value='0' />
424
- <input type='submit' value='Save Snippet' class='button-primary' style='float:right;' />
425
- <strong>Name: </strong><input type='text' name='name' id='name' style='width:405px;' maxlength="100" />
426
- <br/>
427
- <span style='color:red;vertical-align:top;'>&lt;?php</span><textarea style='width:550px' rows='3' name='function'></textarea><span style='color:red'>?&gt;</span><br/>
428
- </form></td></tr>
429
- </table>
430
- </div>
431
- </div>
432
- </div>
433
- </div>
434
- <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
435
  }
436
 
437
  function allowPHP_activate(){
@@ -448,22 +506,19 @@ function allowPHP_activate(){
448
  $fourohfourmsg = $options['fourohfourmsg'];
449
  }
450
  if($installedVersion != $dbVersion){
451
- $sql = "CREATE TABLE IF NOT EXISTS ".$wpdb->prefix."allowPHP_functions(
452
- id int NOT NULL AUTO_INCREMENT,
453
- name varchar(100) NOT NULL,
454
- function text NOT NULL,
455
- PRIMARY KEY(id)
456
- );";
457
  require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
458
  dbDelta($sql);
459
  }
460
-
461
  $options = array("show404" => $show404,"fourohfourmsg" => $fourohfourmsg, "dbVersion" => $dbVersion);
462
  update_option("allowPHP_options", $options);
463
  }
464
 
465
-
466
-
467
  function add_APIP_button() {
468
  if ( ! current_user_can('edit_posts') && ! current_user_can('edit_pages') ){
469
  return;
@@ -475,7 +530,7 @@ function add_APIP_button() {
475
  }
476
 
477
  define( "APIP_PLUGIN_DIR", "allow-php-in-posts-and-pages" );
478
- define( "APIP_PLUGIN_URL", get_bloginfo('url')."/wp-content/plugins/" . APIP_PLUGIN_DIR );
479
 
480
  function register_APIP_button($buttons) {
481
  array_push($buttons, "|", "allowPHP");
@@ -487,10 +542,61 @@ function add_APIP_tinymce_plugin($plugin_array) {
487
  }
488
 
489
  function APIP_my_refresh_mce($ver) {
490
- $ver += 2;
491
  return $ver;
492
  }
493
  add_action('init', 'add_APIP_button');
494
  add_filter( 'tiny_mce_version', 'APIP_my_refresh_mce');
495
 
496
- ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  <?php
2
  /*
3
  Plugin Name: Allow PHP in posts and pages
4
+ version: 2.3
5
  Plugin URI: http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/
6
  Description: Allow PHP in posts and pages allows you to add php functionality to Wordpress Posts and Pages whilst still retaining HTML tags
7
  Author: Hit Reach
13
  add_shortcode('ALLOWPHP','php_handler');
14
  add_action('admin_menu', 'allow_php_menu');
15
  add_filter('widget_text', 'do_shortcode');
16
+ add_filter('the_content', 'apip_advanced_filter',0);
17
+
18
  register_activation_hook(__FILE__, 'allowPHP_activate');
19
+ global $dbVersion;
20
+ $dbVersion = "1.0.0";
21
+
22
+ define("ALLOWPHPVERSION","2.3");
23
  define("APIP_URL", WP_PLUGIN_URL.'/'.str_replace(basename( __FILE__),"",plugin_basename(__FILE__)));
24
 
25
+ function apip_advanced_filter($args){
26
+ $options = get_option("allowPHP_options");
27
+ if(isset($options['use_advanced_filter'])){
28
+ if($options['use_advanced_filter'] == "1"){
29
+ remove_shortcode("php");
30
+ $args = str_ireplace("[php]","<?php ",$args);
31
+ $args = str_ireplace("[/php]"," ?>",$args);
32
+ $args = str_ireplace("[php useadvancedfilter]","<?php ",$args);
33
+ $args = str_ireplace("[/php useadvancedfilter]"," ?>",$args);
34
+ ob_start();
35
+ eval("?>".$args);
36
+ $returned = ob_get_clean();
37
+ return $returned;
38
+ }
39
+ }
40
+ $args = str_ireplace("[php useadvancedfilter]","<?php ",$args);
41
+ $args = str_ireplace("[/php useadvancedfilter]"," ?>",$args);
42
+ ob_start();
43
+ eval("?>".$args);
44
+ $returned = ob_get_clean();
45
+ return $returned;
46
+ }
47
 
48
+ function php_handler($args, $content=""){
49
  global $is_comment;
50
  global $wpdb;
51
+ $options = get_option("allowPHP_options");
52
+ if(isset($options['preparse'])){$preparse = $options['preparse'];}else{$preparse = 0;}
53
  if($is_comment){return "";}
54
+ $res = "";
55
+ extract( shortcode_atts(array('debug' => 0,'silentdebug' => 0, 'function' => -1, 'mode'=>''), $args));
56
+ if(!isset($args['mode'])){$mode="";}else{$mode = $args['mode'];}
57
+ if(!isset($args['debug'])){$debug="0";}else{$debug = $args['debug'];}
58
+ if(!isset($args['silentdebug'])){$silentdebug="0";}else{$silentdebug = $args['silentdebug'];}
59
+ if($debug == 1){error_reporting(E_ALL);ini_set("display_errors","1");}
60
+ if($function == ""){$function == "-1";}
61
+ if($function == -1){
62
+ if(($preparse!= 1 && $mode != "old") || $mode == "new"){
63
+ #goodregextouse: /([\[])([\/]*[\d\w][\s\d\w\=\"\']*)([\]])/
64
+ #stage1 ([\[])([\/]*[\d\w][\s\d\w="'.$;*([\/]*)([\]])*
65
+ #stage2 ([){1}([/]*[\d\w]+[\w\d\s ]*?[ ]*?)([/]*\]){1}
66
+ #stage3 (\[){1}([/]{0,1}[\d\w]+[\w\d\s =\'\"\.\$]*?[ ]*?)([/]*\]){0,1}
67
+ #stage4 (\[{1})([\/]{0,1})([a-zA-z]{1}[a-zA-Z0-9]*[^\'\"])([a-zA-Z0-9 \!\"\£\$\%\^\&\*\*\(\)\_\-\+\=\|\\\,\.\/\?\:\;\@\'\#\~\{\[\}\]\¬\¦\`\<\>]*)([\/]{0,1})(]{1})
68
+ $content = strip_tags($content);
69
+ $count = "";
70
+ $content = preg_replace("/(\[{1})([\/]*)([a-zA-z\/]{1}[a-zA-Z0-9]*[^\'\"])([a-zA-Z0-9 \!\"\£\$\%\^\&\*\*\(\)\_\-\+\=\|\\\,\.\/\?\:\;\@\'\#\~\{\}\¬\¦\`\<\>]*)([\/]*)([\]]{1})/ix","<$3$4>",$content,"-1", $count);
71
+ $content = htmlspecialchars($content, ENT_NOQUOTES);
72
+ $content = str_replace("&amp;#8217;","'",$content);
73
+ $content = str_replace("&amp;#8216;","'",$content);
74
+ $content = str_replace("&amp;#8242;","'",$content);
75
+ $content = str_replace("&amp;#8220;","\"",$content);
76
+ $content = str_replace("&amp;#8221;","\"",$content);
77
+ $content = str_replace("&amp;#8243;","\"",$content);
78
+ $content = str_replace("&amp;#039;","'",$content);
79
+ $content = str_replace("&#039;","'",$content);
80
+ $content = str_replace("&amp;#038;","&",$content);
81
+ $content = str_replace("&amp;gt;",'>',$content);
82
+ $content = str_replace("&amp;lt;",'<',$content);
83
+ $content = htmlspecialchars_decode($content);
84
+ }
85
+ else{
86
+ $content =(htmlspecialchars($content,ENT_QUOTES));$content = str_replace("&amp;#8217;","'",$content);$content = str_replace("&amp;#8216;","'",$content);$content = str_replace("&amp;#8242;","'",$content);$content = str_replace("&amp;#8220;","\"",$content);$content = str_replace("&amp;#8221;","\"",$content);$content = str_replace("&amp;#8243;","\"",$content);$content = str_replace("&amp;#039;","'",$content);$content = str_replace("&#039;","'",$content);$content = str_replace("&amp;#038;","&",$content);$content = str_replace("&amp;lt;br /&amp;gt;"," ", $content);$content = htmlspecialchars_decode($content);$content = str_replace("<br />"," ",$content);$content = str_replace("<p>"," ",$content);$content = str_replace("</p>"," ",$content);$content = str_replace("[br/]","<br/>",$content);$content = str_replace("\\[","&#91;",$content);$content = str_replace("\\]","&#93;",$content);$content = str_replace("[","<",$content);$content = str_replace("]",">",$content);$content = str_replace("&#91;",'[',$content);$content = str_replace("&#93;",']',$content);$content = str_replace("&gt;",'>',$content);$content = str_replace("&lt;",'<',$content);
87
+ }
88
  }
89
  else{
 
90
  $show404 = $options['show404'];
91
  $fourohfourmsg = $options['fourohfourmsg'];
92
  if($fourohfourmsg != 0){
93
+ $fourohfourmsg = $wpdb->get_results("SELECT * FROM ".$wpdb->prefix."allowPHP_functions WHERE id = '".$fourohfourmsg."';");
94
+ $fourohfourmsg = htmlspecialchars_decode($fourohfourmsg[0]->function);
95
  }
96
  else{
97
+ $fourohfourmsg = '?><div style="font-weight:bold; color:red">Error 404: Function Not Found</div>';
98
  }
99
  $id = $args['function'];
100
  $sql = "SELECT function FROM ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
101
  $res = $wpdb->get_results($wpdb->prepare($sql));
102
+ if(sizeof($res) == 0){
103
+ if($show404 == 1){$content = $fourohfourmsg;}
104
+ }
105
+ else{
106
+ $content = htmlspecialchars_decode($res[0]->function);
107
+ }
108
  }
109
  ob_start();
110
+ eval ($content);
111
+ if($debug == 1||$silentdebug == 1){
112
+ if($silentdebug == 1){
113
+ echo "\n\n<!-- ALLOW PHP SILENT DEBUG MODE - - > \n\n\n";
114
+ }
115
+ else{
116
+ echo "<hr />";
117
+ echo "<p align='center'>Allow PHP Debug</p>";
118
+ }
119
+ if(sizeof($res)==0 && $function != -1){
120
+ $content = "Function id : $function : cannot be found<br/>";
121
+ }else{
122
  $content =(htmlspecialchars($content,ENT_QUOTES));
 
123
  }
124
+ echo ("<pre>".$content."</pre>");
125
+ if($silentdebug == 1){
126
+ echo "\n\n\n<- - END ALLOW PHP SILENT DEBUG MODE -->\n\n";
127
+ }
128
+ else{
129
+ echo "<p align='center'>End Allow PHP Debug</p>";
130
+ echo "<hr />";
131
+ }
132
+ }
133
  $returned = ob_get_clean();
134
  return $returned;
135
  }
137
  function allow_php_menu(){
138
  add_menu_page( "Allow PHP in posts and pages", "Allow PHP in posts", "manage_options", "allow-php-menu", "allowPHP_functions");
139
  add_submenu_page('allow-php-menu','Information', 'Information', 'manage_options', 'allow-php-information', 'allow_php_information');
 
140
  }
141
 
142
  function allow_php_information(){
143
  ?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
144
  <script type="text/javascript">
145
+ var APIP_current = "APIP_general";
146
+ var APIP_currentTab = "APIP_generalTab";
147
+ function APIP_changeTab(APIP_new, APIP_newTab){
148
+ document.getElementById(APIP_current).style.display="none";
149
+ document.getElementById(APIP_currentTab).className="APIP_tab";
150
+ document.getElementById(APIP_new).style.display="block";
151
+ document.getElementById(APIP_newTab).className="APIP_currentTab";
152
+ APIP_current = APIP_new;
153
+ APIP_currentTab = APIP_newTab;
154
+ }
155
+ </script>
156
  <style type="text/css">
157
+ #APIP_navigation {
158
+ font-size:12px;
159
+ line-height:25px;
160
+ }
161
+ #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab {
162
+ padding:5px;
163
+ border:1px #ddd solid;
164
+ border-bottom:none;
165
+ line-height:25px;
166
+ cursor:pointer;
167
+ }
168
+ #APIP_navigation a.APIP_currentTab {
169
+ border:1px #666 solid;
170
+ border-bottom:1px white solid;
171
+ background-color:white;
172
+ }
173
+ #APIP_usage, #APIP_notes, #APIP_tags {
174
+ display:none;
175
+ }
176
+ #APIP_navigation, #APIP_container {
177
+ width:98%;
178
+ margin:0 auto;
179
+ }
180
+ #APIP_container {
181
+ border:1px #ddd solid;
182
+ background:white;
183
+ padding:15px;
184
+ }
185
  </style>
186
+ <h1>Allow PHP in Posts and Pages</h1>
187
+ <div style='width:1145px;'>
188
+ <div style='width:500px; float:right;'>
189
+ <?php APIP_appeal();?>
190
+ </div>
191
+ <div style='width:630px; float:left;'>
192
+ <div id='APIP_navigation'> <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='APIP_currentTab'>General Information</a> <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='APIP_tab'>Usage</a> <a onclick="APIP_changeTab('APIP_notes','APIP_notesTab')" name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Important Information</a> <a onclick="APIP_changeTab('APIP_tags','APIP_tagsTab')" name='APIP_tagsTab' id='APIP_tagsTab' class='APIP_tab'>Tag List</a> <a href="?page=allow-php-menu" name='APIP_optionsTab' id='APIP_optionsTab' class='APIP_tab'>Plugin Options</a> </div>
193
+ <div id='APIP_container'>
194
+ <div id='APIP_general'>
195
+ <h2>General Information</h2>
196
+ <p>Allow PHP in posts and pages adds the functionality to include PHP in your WordPress posts and pages by adding a simple shortcode <span style='color:green'>[php]</span> <em>your code</em> <span style='color:green'>[/php]</span></p>
197
+ <p>This plugin strips away the automatically generated wordpress &lt;p&gt; and &lt;br/&gt; tags but still allows the addition of your own &lt;p&gt; and &lt;br/&gt; tags using a form of BBcode items such [p][/p] [br /]</p>
198
+ <p>Also, you can now save your most used PHP codes as &quot;snippets&quot; which you can insert into multiple pages at once.</p>
199
+ <p>With Version 2.2.0, the tag replacement system has been revamped which should reduce the need to escape [ and ] that shouldnt be changed &lt; and &gt; </p>
200
+ </div>
201
+ <div id='APIP_usage'>
202
+ <h2>Usage</h2>
203
+ <p>To add the PHP code to your post or page simply place any PHP code inside the shortcode tags.</p>
204
+ <p><em>For example: </em>If you wanted to add content that is visible to a particular user id:</p>
205
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
206
+ global $user_ID;
207
+ if($user_ID == 1){
208
+ echo "Hello World";
209
+ }
210
+ [/php]</blockquote>
211
+ <p><em>This code will output Hello World to only user id #1, and no one else</em></p>
212
+ <p>In addition, should this code not be working (for example a missing ";") simply just change the [php] to be [php debug=1]</p>
213
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;"> [php debug=1]
214
+ global $user_ID;
215
+ if($user_ID == 1){
216
+ echo "Hello World"
217
+ }
218
+ [/php] </blockquote>
219
+ <p><em>Will result in the output:</em></p>
220
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">Parse error: syntax error, unexpected '}', expecting ',' or ';' in XXX : eval()'d code on line 5
221
+ global $user_ID;
222
+ if($user_ID == 1){
223
+ echo "Hello World"
224
+ }
225
+ </blockquote>
226
+ <p>As well as the normal debug tag, you can also enable a silent debug by setting silentdebug in the <span style='color:green'>[php]</span> tag to be 1 (<span style='color:green'>[php debug=1 silentdebug=1]</span>), this will output all debug information as comments in the source code</p>
227
+ <p>If you are upgrading Allow PHP In Posts and Pages from a version before 2.2.0 you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the <span style='color:green'>[php]</span> tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the <span style='color:green'>[php]</span> tag</p>
228
+ <p>To call a pre-defined function from the Code Snippets page, add function=x to the <span style='color:green'>[php]</span> tag, where x is the function id</p>
229
+ </div>
230
+ <div id='APIP_notes'>
231
+ <h2>Some Important Notes</h2>
232
+ <p>This plugin strips away all instances of &lt;p&gt; and &lt;br /&gt; therefore code has been added so that if you wish to use tags in your output (e.g.):</p>
233
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
234
+ echo "hello &lt;br /&gt; world";
235
+ [/php]</blockquote>
236
+ <p>The &lt; and &gt; tags will need to be swapped for [ and ] respectively so &lt;p&gt; becomes [p] and &lt;/p&gt; becomes [/p] which is converted back to &lt;p&gt; at runtime. these [ ] work for all tags (p, strong, em etc.).</p>
237
+ <blockquote style="background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;">[php]
238
+ echo "hello [br /] world";
239
+ [/php]</blockquote>
240
+ <p>With code written pre-version 2.2.0 you may need to turn on support for the older replacement method as you may experience issues with the code being disrupted as the replacement method has been changed, however you can set the tag replacement method to be the older version in the plugin options or by adding mode=old to the <span style='color:green'>[php]</span> tag, similarly, if you wish to use the new method when you have the old method turn on in the plugin options, just add mode=new to the <span style='color:green'>[php]</span> tag. In the current release, only known html tags are altered by the code, other tags and square bracket items (such as PHP arrays) are no longer affected.</p>
241
+ </div>
242
+ <div id='APIP_tags'>
243
+ <h2>Tag list</h2>
244
+ <table cellpadding="5" cellspacing="1" style='border:1px #ddd solid' width='60%'>
245
+ <tr>
246
+ <th align="left" style="padding:5px; background:#ffffcc">For</th>
247
+ <th align="left" style="padding:5px; background:#ffffcc">Write as</th>
248
+ </tr>
249
+ <tr>
250
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;p&gt; ... &lt;/p&gt;</td>
251
+ <td align="left" style="padding:5px; background:#ffffcc">[p] ... [/p]</td>
252
+ </tr>
253
+ <tr>
254
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;em&gt;...&lt;/em&gt;</td>
255
+ <td align="left" style="padding:5px; background:#ffffcc">[em]...[/em]</td>
256
+ </tr>
257
+ <tr>
258
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;p style=''&gt; ... &lt;/p&gt;</td>
259
+ <td align="left" style="padding:5px; background:#ffffcc">[p style=''] ... [/p]</td>
260
+ </tr>
261
+ <tr>
262
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;u&gt; ... &lt;/u&gt;</td>
263
+ <td align="left" style="padding:5px; background:#ffffcc">[u] ... [/u]</td>
264
+ </tr>
265
+ <tr>
266
+ <td align="left" style="padding:5px; background:#ffffcc">&lt;br /&gt;</td>
267
+ <td align="left" style="padding:5px; background:#ffffcc">[br /]</td>
268
+ </tr>
269
+ </table>
270
+ </div>
271
+ </div>
272
+ </div>
 
 
 
 
 
 
273
  </div>
274
+ <?php
275
  }
276
 
277
  function allowPHP_functions(){
278
+ $activeTab = "";
279
+ if( isset( $_GET['tab'] ) ){
280
+ if("cs" == $_GET['tab'] ){
281
+ $activeTab = "CS";
282
+ }
283
+ }
284
+ global $wpdb;
285
  $options = get_option("allowPHP_options");
286
  $show404 = $options['show404'];
287
+ $preparse = $options['preparse'];
288
+ $use_advanced_filter = $options['use_advanced_filter'];
289
+
290
  $fourohfourmsg = $options['fourohfourmsg'];
291
  $fourohfourmsg_id = $options['fourohfourmsg'];
292
  if($fourohfourmsg != 0){
294
  $fourohfourmsg = $fourohfourmsg[0]->function;
295
  }
296
  else{$fourohfourmsg = '<span style="font-weight:bold; color:red">Error 404: Function Not Found</span>';}
297
+
298
  $sql = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
299
  $results = $wpdb->get_results($wpdb->prepare($sql));
300
  ?>
301
+ <script type="text/javascript">
302
  function confirmMod(id){
303
  return confirm("Are you sure you want to modify row id: "+id+"?");
304
  }
305
  function confirmDel(id){
306
  return confirm("Are you sure you want to delete row id: "+id+"?");
307
  }
308
+ var APIP_current = "APIP_general";
309
+ var APIP_currentTab = "APIP_generalTab";
310
+ function APIP_changeTab(APIP_new, APIP_newTab){
311
+ document.getElementById(APIP_current).style.display="none";
312
+ document.getElementById(APIP_currentTab).className="APIP_tab";
313
+ document.getElementById(APIP_new).style.display="block";
314
+ document.getElementById(APIP_newTab).className="APIP_currentTab";
315
+ APIP_current = APIP_new;
316
+ APIP_currentTab = APIP_newTab;
317
+ }
318
  </script>
319
+ <style type="text/css">
320
+ #APIP_navigation{font-size:12px; line-height:25px;}
321
+ #APIP_navigation a.APIP_currentTab, #APIP_navigation a.APIP_tab{padding:5px; border:1px #ddd solid;border-bottom:none; line-height:25px;cursor:pointer;}
322
+ #APIP_navigation a.APIP_currentTab{border:1px #666 solid; border-bottom:1px white solid; background-color:white;}
323
+ #APIP_usage,#APIP_notes,#APIP_tags{display:none;}
324
+ #APIP_navigation, #APIP_container{width:98%; margin:0 auto;}
325
+ #APIP_container{border:1px #ddd solid; background:white; padding:15px;}
326
+ </style>
327
  <h1>Allow PHP in Posts and Pages</h1>
328
  <div style='width:1145px;'>
329
  <div style='width:500px; float:right;'>
330
+ <?php APIP_Appeal()?>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
331
  </div>
332
+ <div style='width:630px; float:left;'>
333
+ <div id='APIP_navigation'> <a onclick="APIP_changeTab('APIP_general','APIP_generalTab')" name='APIP_generalTab' id='APIP_generalTab' class='<?php if( "" == $activeTab){echo "APIP_currentTab";}else{echo "APIP_tab";}?>'>Plugin Options</a> <a onclick="APIP_changeTab('APIP_usage','APIP_usageTab')" name='APIP_usageTab' id='APIP_usageTab' class='<?php if( "CS" == $activeTab){echo "APIP_currentTab";}else{echo "APIP_tab";}?>'>Code Snippets</a> <a href='?page=allow-php-information' name='APIP_notesTab' id='APIP_notesTab' class='APIP_tab'>Plugin Information</a> </div>
334
+ <div id='APIP_container'>
335
+ <div id='APIP_general'>
336
+ <h2>Plugin Options</h2>
337
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
338
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
339
+ <input type="hidden" name='action' value='options' />
340
+ <input type="hidden" name="id" value="0" />
341
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1("0")));?>'/>
342
+ <p><strong>Current 404 message:</strong></p>
343
+ <blockquote style='background:#ffffcc; white-space:pre; padding:10px; border:1px #555 solid;'><?php echo htmlspecialchars($fourohfourmsg);?></blockquote>
344
+ <table cellpadding='10' cellspacing='0' width='100%' align='center'>
345
+ <tr>
346
+ <td height='30' align='right' width='60%'>
347
+ <label for="show404">Show the snippet not found message?: </label>
348
+ </td>
349
+ <td width='40%'>
350
+ <input type='checkbox' name='show404' value='1' <?php if($show404 == 1)echo "checked='checked'";?> />
351
+ </td>
352
+ </tr>
353
+ <tr>
354
+ <td height='30' align='right'>
355
+ <label for="preparse">Use the old version (pre 2.2.0) code replacement method: </label>
356
+ </td>
357
+ <td>
358
+ <input type='checkbox' name='preparse' value='1' <?php if($preparse == 1)echo "checked='checked'";?> />
359
+ </td>
360
+ </tr>
361
+ <tr>
362
+ <td height='30' align='right'><label for="fourohfourmsg">Custom 404 message to be displayed: </label></td>
363
+ <td><select name='fourohfourmsg'>
364
+ <option value='0'> - Default Message - </option>
365
+ <?php
366
+ $res = "SELECT * FROM ".$wpdb->prefix."allowPHP_functions";
367
+ $res = $wpdb->get_results($res);
368
+ foreach($res as $row){
369
+ echo "<option value='".$row->id."'";
370
+ if($row->id == $fourohfourmsg_id){echo "selected='selected'";}
371
+ echo"> - Snippet ID: ".$row->id." - </option>";
372
+ }
373
+ ?>
374
+ </select></td>
375
+ </tr>
376
+ <tr>
377
+ <td align='right' bgcolor="#990000" style='padding:5px;'>
378
+ <label for="use_advanced_filter" style='color:white;'>Use the advanced filter method (Experimental)</label>
379
+ </td>
380
+ <td bgcolor="#990000"style='padding:5px;'>
381
+ <input type='checkbox' name='use_advanced_filter' value='1' <?php if($use_advanced_filter == 1)echo "checked='checked'";?> />
382
+ </td>
383
+ </tr>
384
+ <tr>
385
+ <td colspan="2" align='left' style='border:1px #990000 solid;'><p style="color:red; margin-top:0px;"><strong>Caution::</strong> enabling the advanced filter method renders the code replacement version un-useable, so please be sure to convert all tags be be usable with this method first</p>
386
+ <p style="color:red; margin-top:0px;">The advanced filter method can be enabled manually using the php tag [php useadvancedfilter] <em>php code</em> [/php useadvancedfilter]</p>
387
+ <p style="color:red">Code Snippets are not currently supported with the new method, check back soon though!</p>
388
+ <p style="color:red">Do you like this new filter? Let us know on the blog!</p></td>
389
+ </tr>
390
+ </table>
391
+ <input type='submit' class='button-primary' value='Save Plugin Options' />
392
+ </form>
393
+ </div>
394
+ <div id='APIP_usage'>
395
+ <h2>Code Snippets</h2>
396
+ <p><em>All snippets begin with a <span style='color:red'>&lt;?php</span> and end with a <span style='color:red'>?&gt;</span> So if you wish to use html only you will need to close the php tag, then re-open it at the end.</em></p>
397
+ <table cellpadding='5' cellspacing='0' width="600">
398
+ <?php if(sizeof($results) != 0){?>
399
+ <tr>
400
+ <th width='35' style='border-right:1px #ddd solid;'>ID</th>
401
+ <th width="15"></th>
402
+ <th width="475" align="left">Snippet</th>
403
+ <th width="75" align="right">&nbsp;</th>
404
+ </tr>
405
+ <tr>
406
+ <td style='border-right:1px #ddd solid;' height="10"></td>
407
+ <td colspan='3'></td>
408
+ </tr>
409
+ <?php foreach($results as $row): ?>
410
+ <tr>
411
+ <th align='center' valign="top" scope="row" style='border-right:1px #ddd solid;'> <?php echo $row->id; ?> </th>
412
+ <td></td>
413
+ <td align="left" valign="top">
414
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmMod(<?php echo $row->id; ?>)">
415
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
416
+ <input type='submit' value='Modify' class='button-secondary' style='float:right;' />
417
+ <input type='hidden' name='action' value='modify' />
418
+ <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
419
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1($row->id)))?>'/>
420
+ <strong>Name:</strong>
421
+ <input type='text' name='name' value='<?php echo $row->name;?>' onblur="javascript:this.style.textDecoration='none'; this.style.cursor='pointer'" onclick="javascript:this.style.textDecoration='underline'; this.style.cursor='text';" title="Click to edit" maxlength="99" style='width:370px; border:0px white solid !important;cursor:pointer; background:none !important;'/>
422
+ <br/>
423
+ <span style='color:red; vertical-align:top;'>&lt;?php</span>
424
+ <textarea style="width:475px" rows="2" name='function'><?php echo $row->function; ?></textarea>
425
+ <span style='color:red'>?&gt;</span>
426
+ </form>
427
+ </td>
428
+ <td align="left" valign="top">
429
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post" onsubmit="return confirmDel(<?php echo $row->id; ?>)">
430
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
431
+ <input type='hidden' name='action' value='delete' />
432
+ <input type='hidden' name='id' value='<?php echo $row->id; ?>' />
433
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1($row->id)))?>'/>
434
+ &nbsp;|&nbsp;
435
+ <input type='submit' value='Delete' class='button-secondary' />
436
+ </form>
437
+ </td>
438
+ </tr>
439
+ <tr>
440
+ <td style='border-right:1px #ddd solid;' height="20"></td>
441
+ <td colspan='3'></td>
442
+ </tr>
443
+ <?php endforeach;
444
+ }
445
+ else{?>
446
+ <tr>
447
+ <td style='border-right:1px #ddd solid;'></td>
448
+ <td colspan='3' align="center"><em>No Snippets Found</em></td>
449
+ </tr>
450
+ <tr>
451
+ <td style='border-right:1px #ddd solid;' height="20"></td>
452
+ <td colspan='3'></td>
453
+ </tr>
454
+ <?php }?>
455
+ <tr>
456
+ <td style='border-right:1px #ddd solid;' height="20"></td>
457
+ <td colspan='3' style='border-top:1px #ddd solid;'></td>
458
+ </tr>
459
+ <tr>
460
+ <th width="35" style='border-right:1px #ddd solid;'>&nbsp;</th>
461
+ <th width="15"></th>
462
+ <th width="475" align="left">
463
+ <h3>Add A New Snippet</h3>
464
+ </th>
465
+ <th width="75" align="right">&nbsp;</th>
466
+ </tr>
467
+ <tr>
468
+ <td height="123" style='border-right:1px #ddd solid;'></td>
469
+ <td></td>
470
+ <td colspan="2" >
471
+ <form action='<?php echo WP_PLUGIN_URL . '/' . plugin_basename( dirname(__FILE__) ) . '/';?>alter.php' method="post">
472
+ <?php wp_nonce_field( 'options', 'allowPHPNonce' ); ?>
473
+ <input type='hidden' name='action' value='add' />
474
+ <input type='hidden' name='id' value='0' />
475
+ <input type="hidden" name="validation" value='<?php echo md5(md5(sha1("0")));?>'/>
476
+ <input type='submit' value='Save Snippet' class='button-primary' style='float:right;' />
477
+ <strong>Name: </strong>
478
+ <input type='text' name='name' id='name' style='width:405px;' maxlength="100" />
479
+ <br/>
480
+ <span style='color:red;vertical-align:top;'>&lt;?php</span>
481
+ <textarea style='width:550px' rows='3' name='function'></textarea>
482
+ <span style='color:red'>?&gt;</span><br/>
483
+ </form>
484
+ </td>
485
+ </tr>
486
+ </table>
487
+ </div>
488
+ </div>
489
+ </div>
490
+ </div>
491
+ <?php if( "CS" == $activeTab){echo "<script type='text/javascript'>APIP_changeTab('APIP_usage','APIP_usageTab');</script>";}?>
492
+ <?php
493
  }
494
 
495
  function allowPHP_activate(){
506
  $fourohfourmsg = $options['fourohfourmsg'];
507
  }
508
  if($installedVersion != $dbVersion){
509
+ $sql = "CREATE TABLE IF NOT EXISTS ".$wpdb->prefix."allowPHP_functions(
510
+ id int NOT NULL AUTO_INCREMENT,
511
+ name varchar(100) NOT NULL,
512
+ function text NOT NULL,
513
+ PRIMARY KEY(id)
514
+ );";
515
  require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
516
  dbDelta($sql);
517
  }
 
518
  $options = array("show404" => $show404,"fourohfourmsg" => $fourohfourmsg, "dbVersion" => $dbVersion);
519
  update_option("allowPHP_options", $options);
520
  }
521
 
 
 
522
  function add_APIP_button() {
523
  if ( ! current_user_can('edit_posts') && ! current_user_can('edit_pages') ){
524
  return;
530
  }
531
 
532
  define( "APIP_PLUGIN_DIR", "allow-php-in-posts-and-pages" );
533
+ define( "APIP_PLUGIN_URL", get_bloginfo('wpurl')."/wp-content/plugins/" . APIP_PLUGIN_DIR );
534
 
535
  function register_APIP_button($buttons) {
536
  array_push($buttons, "|", "allowPHP");
542
  }
543
 
544
  function APIP_my_refresh_mce($ver) {
545
+ $ver += 5;
546
  return $ver;
547
  }
548
  add_action('init', 'add_APIP_button');
549
  add_filter( 'tiny_mce_version', 'APIP_my_refresh_mce');
550
 
551
+ function APIP_Appeal(){
552
+ ?>
553
+ <div style='float:right; display:inline; width:450px; margin-left:25px; margin-bottom:10px; margin-right:15px; padding:10px; -webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;-webkit-box-shadow: #666 2px 2px 5px;-moz-box-shadow: #666 2px 2px 5px;box-shadow: #666 2px 2px 5px;background: #ffffaa;background: -webkit-gradient(linear, 0 0, 0 bottom, from(#ffffaa), to(#ffffee));background: -moz-linear-gradient(#ffffaa, #ffffee);background: linear-gradient(#ffffaa, #ffffee);'> <span style='font-size:1.05em; color:#999; display:block; line-height:1.2em;'><strong>Developed by <a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'>Hit Reach</a></strong><a href='http://www.hitreach.co.uk' target="_blank" style='text-decoration:none;'></a></span> <span style='font-size:1.1em; color:#999; display:block; line-height:1.2em;'><strong>Check out our other <a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'>Wordpress Plugins</a></strong><a href='http://www.hitreach.co.uk/services/wordpress-plugins/' target="_blank" style='text-decoration:none;'></a></span> <span style='font-size:1.1em; color:#999; display:block; line-height:1.2em;'><strong>Version: <?php echo ALLOWPHPVERSION; ?> <a href='http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages/' target="_blank" style='text-decoration:none;'>Support, Comments &amp; Questions</a></strong></span>
554
+ <hr/>
555
+ <h2>Please help! We need your support...</h2>
556
+ <p>If this plugin has helped you, your clients or customers then please take a moment to 'say thanks'. </p>
557
+ <p>By spreading the word you help increase awareness of us and our plugins which makes it easier to justify the time we spend on this project.</p>
558
+ <p>Please <strong>help us keep this plugin free</strong> to use and allow us to provide on-going updates and support.</p>
559
+ <p>Here are some quick, easy and free things you can do which all help and we would really appreciate.</p>
560
+ <ol>
561
+ <li> <strong>Promote this plugin on Twitter</strong><br/>
562
+ <a href="http://twitter.com/home?status=I'm using the Allow PHP in Posts and Pages WordPress plugin by @hitreach and it rocks! You can download it here: http://bit.ly/e2Q4Az" target="_blank"> <img src='<?php echo APIP_URL;?>/twitter.gif' border="0" width='55' height='20'/> </a><br/>
563
+ <br/>
564
+ </li>
565
+ <li> <strong>Link to us</strong><br/>
566
+ By linking to <a href='http://www.hitreach.co.uk' target="_blank">www.hitreach.co.uk</a> from your site or blog it means you can help others find the plugin on our site and also let Google know we are trust and link worthy which helps our profile.<br/>
567
+ <br/>
568
+ </li>
569
+ <li> <strong>Like us on Facebook</strong><br/>
570
+ Just visit <a href='http://www.facebook.com/webdesigndundee' target="_blank">www.facebook.com/webdesigndundee</a> and hit the 'Like!' button!<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
571
+ <fb:like href="http://www.facebook.com/webdesigndundee" send="true" width="400" show_faces="false" action="like" font="verdana"></fb:like>
572
+ <br/>
573
+ <br/>
574
+ </li>
575
+ <li> <strong>Share this plugin on Facebook</strong><br/>
576
+ <div id="fb-root"></div>
577
+ <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
578
+ <fb:like href="http://www.hitreach.co.uk/wordpress-plugins/allow-php-in-posts-and-pages" send="true" width="420" show_faces="false" action="recommend" font="verdana"></fb:like>
579
+ Share a link to the plugin page with your friends on Facebook<br/>
580
+ <br/>
581
+ </li>
582
+ <li> <strong>Make A Donation</strong><br/>
583
+ Ok this one isn't really free but hopefully it's still a lot cheaper than if you'd had to buy the plugin or pay for it to be made for your project. Any amount is appreciated
584
+ <form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
585
+ <input type="hidden" name="cmd" value="_donations">
586
+ <input type="hidden" name="business" value="admin@hitreach.co.uk">
587
+ <input type="hidden" name="lc" value="GB">
588
+ <input type="hidden" name="item_name" value="Hit Reach">
589
+ <input type="hidden" name="item_number" value="APIP-Plugin">
590
+ <input type="hidden" name="no_note" value="0">
591
+ <input type="hidden" name="currency_code" value="GBP">
592
+ <input type="hidden" name="bn" value="PP-DonationsBF:btn_donate_LG.gif:NonHostedGuest">
593
+ <input type="image" src="https://www.paypalobjects.com/en_GB/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
594
+ <img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
595
+ </form>
596
+ </li>
597
+ </ol>
598
+ </div>
599
+ <?php
600
+ }
601
+
602
+ ?>
alter.php CHANGED
@@ -3,44 +3,59 @@
3
  include_once("../../../wp-load.php");
4
  include_once("../../../wp-includes/wp-db.php");
5
  global $wpdb;
6
- $refer = $_SERVER['HTTP_REFERER'];
7
- if(!isset($_POST['allowPHPNonce'])){
8
- if ( !wp_verify_nonce( $_POST['allowPHPNonce'], plugin_basename(__FILE__) )) {header("location:".$refer);}
 
 
 
 
9
  }
 
10
  else{
11
- if(!isset($_POST['action']) || !defined ('ABSPATH')){header("location:".$refer);}
12
- if(isset($_POST['id'])){$id = $_POST['id'];}else{$id='0';}
13
- if(isset($_POST['function'])){$function = $_POST['function'];}else{$function="";}
14
- if(isset($_POST['name'])){$name = $_POST['name'];}else{$name="";}
15
  $action = $_POST['action'];
16
-
 
 
 
 
 
 
17
  #delete
18
- if($action == "delete"){
19
  $sql = "delete from ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
20
- $wpdb->query($wpdb->prepare($sql));
21
- header("location:".$refer);
22
  }
23
  #add
24
  elseif($action == "add" && $function != ""){
25
  $sql = "insert into ".$wpdb->prefix."allowPHP_functions (function,name) values('".$function."','".$name."')";
26
  $results = $wpdb->get_results($wpdb->prepare($sql));
27
- header("location:".$refer);
28
  }
29
  #modify
30
- elseif($action == "modify" && $function != ""){
31
  $sql = "update ".$wpdb->prefix."allowPHP_functions set function='".$function."', name='".$name."' where id = ".$id;
32
  $results = $wpdb->get_results($wpdb->prepare($sql));
33
- header("location:".$refer);
34
  }
35
- elseif($action == "options" && isset($_POST['option_404msg'])){
36
- if(isset($_POST["option_show404"])){$show404 = $_POST['option_show404'];}else{$show404 = 0;}
37
- if(isset($_POST["option_404msg"])){$fourohfourmsg = $_POST['option_404msg'];}else{$show404 = 0;}
 
 
 
 
38
  $options = get_option("allowPHP_options");
39
- $options = unserialize($options);
 
 
40
  $options['show404'] = $show404;
41
  $options['fourohfourmsg'] = $fourohfourmsg;
 
42
  update_option("allowPHP_options", $options);
 
43
  }
 
44
  }
45
- header("location:".$refer."&noaction");
46
  ?>
3
  include_once("../../../wp-load.php");
4
  include_once("../../../wp-includes/wp-db.php");
5
  global $wpdb;
6
+ ini_set("display_errors","1");
7
+ error_reporting(E_ALL);
8
+ $refer = get_bloginfo('url')."/wp-admin/admin.php?page=allow-php-menu";
9
+ if( !isset( $_POST['allowPHPNonce'] ) ){ wp_die("Authentication Failed"); }
10
+ else{
11
+ if(!function_exists("wp_verify_nonce") ){ wp_die("Authentication Failed"); }
12
+ if ( !wp_verify_nonce( $_POST['allowPHPNonce'], 'options' ) ) { wp_die("Authentication Failed"); }
13
  }
14
+ if( !isset( $_POST['action'] ) || !isset( $_POST['id'] ) || !isset( $_POST['validation'] ) ){ die("Authentication Failed"); }
15
  else{
 
 
 
 
16
  $action = $_POST['action'];
17
+ $id = $_POST['id'];
18
+ $validation = $_POST['validation'];
19
+ if(!preg_match("/^[\d]*$/", $id) || $validation != md5( md5( sha1( $id ) ) ) ){ wp_die("Authentication Failed validation"); }
20
+ $function;
21
+ $name;
22
+ if( isset( $_POST['function'] ) ){ $function = htmlspecialchars($_POST['function']); }
23
+ if( isset( $_POST['name'] ) ){ $name = htmlspecialchars( $_POST['name'] ); }
24
  #delete
25
+ if($action == "delete" && preg_match("/^[\d]*$/", $id)){
26
  $sql = "delete from ".$wpdb->prefix."allowPHP_functions WHERE id='".$id."'";
27
+ $wpdb->query($wpdb->prepare($sql));
28
+ header("location:".$refer."&tab=cs&deleted=$id");
29
  }
30
  #add
31
  elseif($action == "add" && $function != ""){
32
  $sql = "insert into ".$wpdb->prefix."allowPHP_functions (function,name) values('".$function."','".$name."')";
33
  $results = $wpdb->get_results($wpdb->prepare($sql));
34
+ header("location:".$refer."&tab=cs&functionAdded");
35
  }
36
  #modify
37
+ elseif( $action == "modify" && $function != "" && preg_match("/^[\d]*$/", $id) ){
38
  $sql = "update ".$wpdb->prefix."allowPHP_functions set function='".$function."', name='".$name."' where id = ".$id;
39
  $results = $wpdb->get_results($wpdb->prepare($sql));
40
+ header("location:".$refer."&tab=cs&modified=$id");
41
  }
42
+ elseif( $action == "options" && isset( $_POST['fourohfourmsg'] ) ) {
43
+ if( isset( $_POST["show404"] ) ){ $show404 = 1; }else{ $show404 = 0 ;}
44
+ if( isset( $_POST["fourohfourmsg"] )){ $fourohfourmsg = $_POST['fourohfourmsg'];}else{ $fourohfourmsg = 0; }
45
+ if( isset( $_POST["preparse"] )){ $preparse = 1;}else{ $preparse = 0; }
46
+ if( !preg_match("/^[\d]*$/", $fourohfourmsg) ){
47
+ wp_die("Authentication Failed");
48
+ }
49
  $options = get_option("allowPHP_options");
50
+ if(is_serialized( $options )){
51
+ $options = unserialize($options);
52
+ }
53
  $options['show404'] = $show404;
54
  $options['fourohfourmsg'] = $fourohfourmsg;
55
+ $options['preparse'] = $preparse;
56
  update_option("allowPHP_options", $options);
57
+ header("location:".$refer."&status=optionsupdated");
58
  }
59
+
60
  }
 
61
  ?>