Version Description
Additional Security Update
Download this release
Release Info
| Developer | PR-Gateway |
| Plugin |  Blog2Social: Social Media Auto Post & Scheduler |
| Version | 6.9.10 |
| Comparing to | |
| See all releases | |
Code changes from version 6.9.9 to 6.9.10
- blog2social.php +1 -1
- includes/Ajax/Get.php +33 -33
- includes/Ajax/Post.php +67 -75
- includes/Util.php +1 -1
- readme.txt +5 -1
blog2social.php
CHANGED
|
@@ -6,7 +6,7 @@
|
|
| 6 |
* Author: Blog2Social, Adenion
|
| 7 |
* Text Domain: blog2social
|
| 8 |
* Domain Path: /languages
|
| 9 |
-
* Version: 6.9.
|
| 10 |
* Author URI: https://www.blog2social.com
|
| 11 |
* License: GPL2+
|
| 12 |
*/
|
| 6 |
* Author: Blog2Social, Adenion
|
| 7 |
* Text Domain: blog2social
|
| 8 |
* Domain Path: /languages
|
| 9 |
+
* Version: 6.9.10
|
| 10 |
* Author URI: https://www.blog2social.com
|
| 11 |
* License: GPL2+
|
| 12 |
*/
|
includes/Ajax/Get.php
CHANGED
|
@@ -46,7 +46,7 @@ class Ajax_Get {
|
|
| 46 |
}
|
| 47 |
|
| 48 |
public function getBlogPostStatus() {
|
| 49 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 50 |
$status = '';
|
| 51 |
if(isset($_GET['post_id'])) {
|
| 52 |
$status = ((int) $_GET['post_id'] > 0) ? get_post_status((int) $_GET['post_id']) : '';
|
|
@@ -60,7 +60,7 @@ class Ajax_Get {
|
|
| 60 |
}
|
| 61 |
|
| 62 |
public function scrapeUrl() {
|
| 63 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 64 |
if (isset($_POST['url']) && !empty($_POST['url'])) {
|
| 65 |
$data = B2S_Util::scrapeUrl(esc_url_raw(wp_unslash($_POST['url'])));
|
| 66 |
$scrapeError = ($data !== false) ? false : true;
|
|
@@ -91,7 +91,7 @@ class Ajax_Get {
|
|
| 91 |
}
|
| 92 |
|
| 93 |
public function getSortData() {
|
| 94 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 95 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 96 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
| 97 |
/* Sort */
|
|
@@ -153,7 +153,7 @@ class Ajax_Get {
|
|
| 153 |
}
|
| 154 |
|
| 155 |
public function getNetworkBoardAndGroup() {
|
| 156 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 157 |
if (isset($_POST['networkId']) && !empty($_POST['networkId']) && isset($_POST['networkAuthId']) && !empty($_POST['networkAuthId'])) {
|
| 158 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getNetworkBoardAndGroup', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'networkId' => (int) $_POST['networkId'], 'lang' => substr(B2S_LANGUAGE, 0, 2))));
|
| 159 |
if (is_object($result) && !empty($result) && isset($result->data) && !empty($result->data) && isset($result->result) && (int) $result->result == 1) {
|
|
@@ -171,7 +171,7 @@ class Ajax_Get {
|
|
| 171 |
}
|
| 172 |
|
| 173 |
public function getFaqEntries() {
|
| 174 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 175 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getFaqEntries', 'lang' => substr(B2S_LANGUAGE, 0, 2), 'token' => B2S_PLUGIN_TOKEN)));
|
| 176 |
if (isset($result->result) && isset($result->content) && !empty($result->content)) {
|
| 177 |
echo json_encode(array('result' => true, 'content' => B2S_Notice::getFaqEntriesHtml($result->content)));
|
|
@@ -186,7 +186,7 @@ class Ajax_Get {
|
|
| 186 |
}
|
| 187 |
|
| 188 |
public function getShipItemFullText() {
|
| 189 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 190 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 191 |
$userLang = isset($_POST['userLang']) ? trim(sanitize_text_field($_POST['userLang'])) : strtolower(substr(B2S_LANGUAGE, 0, 2));
|
| 192 |
$data = get_post((int) $_POST['postId']);
|
|
@@ -207,7 +207,7 @@ class Ajax_Get {
|
|
| 207 |
}
|
| 208 |
|
| 209 |
public function getShipItem() {
|
| 210 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 211 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 212 |
//TOS XING Group
|
| 213 |
if ((int) $_POST['networkId'] == 19 && isset($_POST['networkTosGroupId']) && !empty($_POST['networkTosGroupId'])) {
|
|
@@ -264,7 +264,7 @@ class Ajax_Get {
|
|
| 264 |
}
|
| 265 |
|
| 266 |
public function getPublishPostData() {
|
| 267 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 268 |
if ((int) $_POST['postId']) {
|
| 269 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 270 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
|
@@ -288,7 +288,7 @@ class Ajax_Get {
|
|
| 288 |
}
|
| 289 |
|
| 290 |
public function getApprovePostData() {
|
| 291 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 292 |
if ((int) $_POST['postId']) {
|
| 293 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 294 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
|
@@ -309,7 +309,7 @@ class Ajax_Get {
|
|
| 309 |
}
|
| 310 |
|
| 311 |
public function getSchedPostsByUserAuth() {
|
| 312 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 313 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 314 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 315 |
$networkData = new B2S_Network_Item(false);
|
|
@@ -350,7 +350,7 @@ class Ajax_Get {
|
|
| 350 |
}
|
| 351 |
|
| 352 |
public function getSchedPostData() {
|
| 353 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 354 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0) {
|
| 355 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 356 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
|
@@ -373,7 +373,7 @@ class Ajax_Get {
|
|
| 373 |
}
|
| 374 |
|
| 375 |
public function getNavbarItem() {
|
| 376 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 377 |
if (isset($_POST['networkId']) && isset($_POST['networkAuthId']) && isset($_POST['networkType']) && isset($_POST['displayName']) && isset($_POST['mandandId'])) {
|
| 378 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Ship/Navbar.php');
|
| 379 |
global $wpdb;
|
|
@@ -405,7 +405,7 @@ class Ajax_Get {
|
|
| 405 |
}
|
| 406 |
|
| 407 |
public function getSettingsSchedTimeDefault() {
|
| 408 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 409 |
$userTimes = B2S_Tools::getRandomBestTimeSettings();
|
| 410 |
if (!empty($userTimes) && is_array($userTimes)) {
|
| 411 |
echo json_encode(array('result' => true, 'times' => $userTimes));
|
|
@@ -421,7 +421,7 @@ class Ajax_Get {
|
|
| 421 |
|
| 422 |
//NEW V5.1.0
|
| 423 |
public function getUserTimeSettings() {
|
| 424 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 425 |
$lang = substr(B2S_LANGUAGE, 0, 2);
|
| 426 |
$options = new B2S_Options(get_current_user_id());
|
| 427 |
$userSchedData = $options->_getOption('auth_sched_time');
|
|
@@ -462,7 +462,7 @@ class Ajax_Get {
|
|
| 462 |
}
|
| 463 |
|
| 464 |
public function getShipItemReloadUrl() {
|
| 465 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 466 |
if (isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['url']) && !empty($_POST['url'])) {
|
| 467 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['defaultUrl']) && esc_url_raw(wp_unslash($_POST['defaultUrl'])) == esc_url_raw(wp_unslash($_POST['url'])) && (!isset($_POST['postType']) || sanitize_text_field(wp_unslash($_POST['postType'])) != 'ex')) {
|
| 468 |
$postData = get_post((int) $_POST['postId']);
|
|
@@ -487,7 +487,7 @@ class Ajax_Get {
|
|
| 487 |
}
|
| 488 |
|
| 489 |
public function getCalendarEvents() {
|
| 490 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 491 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 492 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Image.php');
|
| 493 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Settings/Item.php');
|
|
@@ -514,7 +514,7 @@ class Ajax_Get {
|
|
| 514 |
}
|
| 515 |
|
| 516 |
public function getCalendarFilterNetworkAuth() {
|
| 517 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 518 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 519 |
$network_id = (isset($_POST['network_id']) && (int) $_POST['network_id'] >= 1) ? (int) $_POST['network_id'] : 0; // 0=all
|
| 520 |
if ($network_id != 0) {
|
|
@@ -533,7 +533,7 @@ class Ajax_Get {
|
|
| 533 |
}
|
| 534 |
|
| 535 |
public function getPostEditModal() {
|
| 536 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 537 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 538 |
if (isset($_POST['id']) && (int) $_POST['id'] > 0) {
|
| 539 |
$item = B2S_Calendar_Filter::getById((int) $_POST['id']);
|
|
@@ -565,7 +565,7 @@ class Ajax_Get {
|
|
| 565 |
}
|
| 566 |
|
| 567 |
public function getImageModal() {
|
| 568 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 569 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Image.php');
|
| 570 |
if (isset($_POST['id']) && (int) $_POST['id'] > 0) {
|
| 571 |
$postData = get_post((int) $_POST['id']);
|
|
@@ -584,7 +584,7 @@ class Ajax_Get {
|
|
| 584 |
}
|
| 585 |
|
| 586 |
public function getMultiWidgetContent() {
|
| 587 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 588 |
$option = get_option("B2S_MULTI_WIDGET");
|
| 589 |
if ($option !== false) {
|
| 590 |
if (is_array($option) && isset($option['timestamp']) && isset($option['content']) && !empty($option['content']) && $option['timestamp'] > date('Y-m-d H:i:s', strtotime("-1 hours"))) {
|
|
@@ -621,7 +621,7 @@ class Ajax_Get {
|
|
| 621 |
}
|
| 622 |
|
| 623 |
public function getStats() {
|
| 624 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 625 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Stats.php');
|
| 626 |
$stats = new B2S_Stats();
|
| 627 |
if (isset($_GET['from']) && !empty($_GET['from']) && preg_match("#^[0-9\-.\]]+$#", sanitize_text_field(wp_unslash($_GET['from'])))) {
|
|
@@ -636,7 +636,7 @@ class Ajax_Get {
|
|
| 636 |
}
|
| 637 |
|
| 638 |
public function b2sSupportSystemRequirements() {
|
| 639 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 640 |
if (!current_user_can('administrator')) {
|
| 641 |
echo json_encode(array('result' => false, 'error' => 'admin'));
|
| 642 |
wp_die();
|
|
@@ -660,7 +660,7 @@ class Ajax_Get {
|
|
| 660 |
}
|
| 661 |
|
| 662 |
public function searchUser() {
|
| 663 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 664 |
if (isset($_GET['search_user']) && !empty($_GET['search_user'])) {
|
| 665 |
$options = B2S_Tools::searchUser(sanitize_text_field($_GET['search_user']));
|
| 666 |
echo json_encode(array('result' => true, 'options' => $options));
|
|
@@ -675,7 +675,7 @@ class Ajax_Get {
|
|
| 675 |
}
|
| 676 |
|
| 677 |
public function getSelectMandantUser() {
|
| 678 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 679 |
if (isset($_GET['owner']) && (int) $_GET['owner'] > 0) {
|
| 680 |
$owner = stripslashes(get_user_by('id', (int) $_GET['owner'])->display_name);
|
| 681 |
$owner = (empty($owner) || $owner == false) ? esc_html("Unknown username", "blog2social") : esc_html($owner);
|
|
@@ -706,7 +706,7 @@ class Ajax_Get {
|
|
| 706 |
}
|
| 707 |
|
| 708 |
public function getEditTemplateForm() {
|
| 709 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 710 |
if (isset($_GET['networkId']) && (int) $_GET['networkId'] > 0) {
|
| 711 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 712 |
$networkItem = new B2S_Network_Item(false);
|
|
@@ -725,7 +725,7 @@ class Ajax_Get {
|
|
| 725 |
}
|
| 726 |
|
| 727 |
public function checkDraftExists() {
|
| 728 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 729 |
if (isset($_GET['postId']) && (int) $_GET['postId'] > 0) {
|
| 730 |
global $wpdb;
|
| 731 |
if ($wpdb->get_var("SHOW TABLES LIKE '{$wpdb->prefix}b2s_posts_drafts'") == $wpdb->prefix . 'b2s_posts_drafts') {
|
|
@@ -746,7 +746,7 @@ class Ajax_Get {
|
|
| 746 |
}
|
| 747 |
|
| 748 |
public function getCurationShipDetails() {
|
| 749 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 750 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Curation/View.php');
|
| 751 |
$curation = new B2S_Curation_View();
|
| 752 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getProfileUserAuth', 'token' => B2S_PLUGIN_TOKEN)));
|
|
@@ -763,7 +763,7 @@ class Ajax_Get {
|
|
| 763 |
}
|
| 764 |
|
| 765 |
public function getNetworkAuthSettings() {
|
| 766 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 767 |
$result = array();
|
| 768 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 769 |
$networkItem = new B2S_Network_Item();
|
|
@@ -799,8 +799,8 @@ class Ajax_Get {
|
|
| 799 |
}
|
| 800 |
|
| 801 |
public function updatePostBox() {
|
| 802 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 803 |
-
if(isset($_GET['post_id']) && (int) $_GET['post_id'] > 0) {
|
| 804 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/PostBox.php');
|
| 805 |
$postBox = new B2S_PostBox();
|
| 806 |
$updateInfo = $postBox->updateInfo((int) $_GET['post_id']);
|
|
@@ -814,8 +814,8 @@ class Ajax_Get {
|
|
| 814 |
}
|
| 815 |
|
| 816 |
public function getImageCaption() {
|
| 817 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 818 |
-
if(isset($_GET['image_id']) && (int) $_GET['image_id'] > 0) {
|
| 819 |
$image = get_post((int) $_GET['image_id']);
|
| 820 |
$caption = (($image->post_content != false && $image->post_content != '') ? $image->post_content : '');
|
| 821 |
echo json_encode(array('result' => true, 'caption' => $caption));
|
|
@@ -828,7 +828,7 @@ class Ajax_Get {
|
|
| 828 |
}
|
| 829 |
|
| 830 |
public function loadInsights() {
|
| 831 |
-
if (isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 832 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Metrics/Item.php');
|
| 833 |
$metrics = new B2S_Metrics_Item();
|
| 834 |
$filterNetwork = ((isset($_GET['filter_network']) && sanitize_text_field(wp_unslash($_GET['filter_network'])) !== 'all' && (int) $_GET['filter_network'] > 0) ? (int) $_GET['filter_network'] : 0);
|
| 46 |
}
|
| 47 |
|
| 48 |
public function getBlogPostStatus() {
|
| 49 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 50 |
$status = '';
|
| 51 |
if(isset($_GET['post_id'])) {
|
| 52 |
$status = ((int) $_GET['post_id'] > 0) ? get_post_status((int) $_GET['post_id']) : '';
|
| 60 |
}
|
| 61 |
|
| 62 |
public function scrapeUrl() {
|
| 63 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 64 |
if (isset($_POST['url']) && !empty($_POST['url'])) {
|
| 65 |
$data = B2S_Util::scrapeUrl(esc_url_raw(wp_unslash($_POST['url'])));
|
| 66 |
$scrapeError = ($data !== false) ? false : true;
|
| 91 |
}
|
| 92 |
|
| 93 |
public function getSortData() {
|
| 94 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 95 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 96 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
| 97 |
/* Sort */
|
| 153 |
}
|
| 154 |
|
| 155 |
public function getNetworkBoardAndGroup() {
|
| 156 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 157 |
if (isset($_POST['networkId']) && !empty($_POST['networkId']) && isset($_POST['networkAuthId']) && !empty($_POST['networkAuthId'])) {
|
| 158 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getNetworkBoardAndGroup', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'networkId' => (int) $_POST['networkId'], 'lang' => substr(B2S_LANGUAGE, 0, 2))));
|
| 159 |
if (is_object($result) && !empty($result) && isset($result->data) && !empty($result->data) && isset($result->result) && (int) $result->result == 1) {
|
| 171 |
}
|
| 172 |
|
| 173 |
public function getFaqEntries() {
|
| 174 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 175 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getFaqEntries', 'lang' => substr(B2S_LANGUAGE, 0, 2), 'token' => B2S_PLUGIN_TOKEN)));
|
| 176 |
if (isset($result->result) && isset($result->content) && !empty($result->content)) {
|
| 177 |
echo json_encode(array('result' => true, 'content' => B2S_Notice::getFaqEntriesHtml($result->content)));
|
| 186 |
}
|
| 187 |
|
| 188 |
public function getShipItemFullText() {
|
| 189 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 190 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 191 |
$userLang = isset($_POST['userLang']) ? trim(sanitize_text_field($_POST['userLang'])) : strtolower(substr(B2S_LANGUAGE, 0, 2));
|
| 192 |
$data = get_post((int) $_POST['postId']);
|
| 207 |
}
|
| 208 |
|
| 209 |
public function getShipItem() {
|
| 210 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 211 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 212 |
//TOS XING Group
|
| 213 |
if ((int) $_POST['networkId'] == 19 && isset($_POST['networkTosGroupId']) && !empty($_POST['networkTosGroupId'])) {
|
| 264 |
}
|
| 265 |
|
| 266 |
public function getPublishPostData() {
|
| 267 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 268 |
if ((int) $_POST['postId']) {
|
| 269 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 270 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
| 288 |
}
|
| 289 |
|
| 290 |
public function getApprovePostData() {
|
| 291 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 292 |
if ((int) $_POST['postId']) {
|
| 293 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 294 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
| 309 |
}
|
| 310 |
|
| 311 |
public function getSchedPostsByUserAuth() {
|
| 312 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 313 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 314 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 315 |
$networkData = new B2S_Network_Item(false);
|
| 350 |
}
|
| 351 |
|
| 352 |
public function getSchedPostData() {
|
| 353 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 354 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0) {
|
| 355 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Item.php');
|
| 356 |
require_once (B2S_PLUGIN_DIR . 'includes/Util.php');
|
| 373 |
}
|
| 374 |
|
| 375 |
public function getNavbarItem() {
|
| 376 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 377 |
if (isset($_POST['networkId']) && isset($_POST['networkAuthId']) && isset($_POST['networkType']) && isset($_POST['displayName']) && isset($_POST['mandandId'])) {
|
| 378 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Ship/Navbar.php');
|
| 379 |
global $wpdb;
|
| 405 |
}
|
| 406 |
|
| 407 |
public function getSettingsSchedTimeDefault() {
|
| 408 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 409 |
$userTimes = B2S_Tools::getRandomBestTimeSettings();
|
| 410 |
if (!empty($userTimes) && is_array($userTimes)) {
|
| 411 |
echo json_encode(array('result' => true, 'times' => $userTimes));
|
| 421 |
|
| 422 |
//NEW V5.1.0
|
| 423 |
public function getUserTimeSettings() {
|
| 424 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 425 |
$lang = substr(B2S_LANGUAGE, 0, 2);
|
| 426 |
$options = new B2S_Options(get_current_user_id());
|
| 427 |
$userSchedData = $options->_getOption('auth_sched_time');
|
| 462 |
}
|
| 463 |
|
| 464 |
public function getShipItemReloadUrl() {
|
| 465 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 466 |
if (isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['url']) && !empty($_POST['url'])) {
|
| 467 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['defaultUrl']) && esc_url_raw(wp_unslash($_POST['defaultUrl'])) == esc_url_raw(wp_unslash($_POST['url'])) && (!isset($_POST['postType']) || sanitize_text_field(wp_unslash($_POST['postType'])) != 'ex')) {
|
| 468 |
$postData = get_post((int) $_POST['postId']);
|
| 487 |
}
|
| 488 |
|
| 489 |
public function getCalendarEvents() {
|
| 490 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 491 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 492 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Image.php');
|
| 493 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Settings/Item.php');
|
| 514 |
}
|
| 515 |
|
| 516 |
public function getCalendarFilterNetworkAuth() {
|
| 517 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 518 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 519 |
$network_id = (isset($_POST['network_id']) && (int) $_POST['network_id'] >= 1) ? (int) $_POST['network_id'] : 0; // 0=all
|
| 520 |
if ($network_id != 0) {
|
| 533 |
}
|
| 534 |
|
| 535 |
public function getPostEditModal() {
|
| 536 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 537 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Filter.php');
|
| 538 |
if (isset($_POST['id']) && (int) $_POST['id'] > 0) {
|
| 539 |
$item = B2S_Calendar_Filter::getById((int) $_POST['id']);
|
| 565 |
}
|
| 566 |
|
| 567 |
public function getImageModal() {
|
| 568 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 569 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Image.php');
|
| 570 |
if (isset($_POST['id']) && (int) $_POST['id'] > 0) {
|
| 571 |
$postData = get_post((int) $_POST['id']);
|
| 584 |
}
|
| 585 |
|
| 586 |
public function getMultiWidgetContent() {
|
| 587 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 588 |
$option = get_option("B2S_MULTI_WIDGET");
|
| 589 |
if ($option !== false) {
|
| 590 |
if (is_array($option) && isset($option['timestamp']) && isset($option['content']) && !empty($option['content']) && $option['timestamp'] > date('Y-m-d H:i:s', strtotime("-1 hours"))) {
|
| 621 |
}
|
| 622 |
|
| 623 |
public function getStats() {
|
| 624 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 625 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Stats.php');
|
| 626 |
$stats = new B2S_Stats();
|
| 627 |
if (isset($_GET['from']) && !empty($_GET['from']) && preg_match("#^[0-9\-.\]]+$#", sanitize_text_field(wp_unslash($_GET['from'])))) {
|
| 636 |
}
|
| 637 |
|
| 638 |
public function b2sSupportSystemRequirements() {
|
| 639 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 640 |
if (!current_user_can('administrator')) {
|
| 641 |
echo json_encode(array('result' => false, 'error' => 'admin'));
|
| 642 |
wp_die();
|
| 660 |
}
|
| 661 |
|
| 662 |
public function searchUser() {
|
| 663 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 664 |
if (isset($_GET['search_user']) && !empty($_GET['search_user'])) {
|
| 665 |
$options = B2S_Tools::searchUser(sanitize_text_field($_GET['search_user']));
|
| 666 |
echo json_encode(array('result' => true, 'options' => $options));
|
| 675 |
}
|
| 676 |
|
| 677 |
public function getSelectMandantUser() {
|
| 678 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 679 |
if (isset($_GET['owner']) && (int) $_GET['owner'] > 0) {
|
| 680 |
$owner = stripslashes(get_user_by('id', (int) $_GET['owner'])->display_name);
|
| 681 |
$owner = (empty($owner) || $owner == false) ? esc_html("Unknown username", "blog2social") : esc_html($owner);
|
| 706 |
}
|
| 707 |
|
| 708 |
public function getEditTemplateForm() {
|
| 709 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 710 |
if (isset($_GET['networkId']) && (int) $_GET['networkId'] > 0) {
|
| 711 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 712 |
$networkItem = new B2S_Network_Item(false);
|
| 725 |
}
|
| 726 |
|
| 727 |
public function checkDraftExists() {
|
| 728 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 729 |
if (isset($_GET['postId']) && (int) $_GET['postId'] > 0) {
|
| 730 |
global $wpdb;
|
| 731 |
if ($wpdb->get_var("SHOW TABLES LIKE '{$wpdb->prefix}b2s_posts_drafts'") == $wpdb->prefix . 'b2s_posts_drafts') {
|
| 746 |
}
|
| 747 |
|
| 748 |
public function getCurationShipDetails() {
|
| 749 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 750 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Curation/View.php');
|
| 751 |
$curation = new B2S_Curation_View();
|
| 752 |
$result = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, array('action' => 'getProfileUserAuth', 'token' => B2S_PLUGIN_TOKEN)));
|
| 763 |
}
|
| 764 |
|
| 765 |
public function getNetworkAuthSettings() {
|
| 766 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 767 |
$result = array();
|
| 768 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php');
|
| 769 |
$networkItem = new B2S_Network_Item();
|
| 799 |
}
|
| 800 |
|
| 801 |
public function updatePostBox() {
|
| 802 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 803 |
+
if (isset($_GET['post_id']) && (int) $_GET['post_id'] > 0) {
|
| 804 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/PostBox.php');
|
| 805 |
$postBox = new B2S_PostBox();
|
| 806 |
$updateInfo = $postBox->updateInfo((int) $_GET['post_id']);
|
| 814 |
}
|
| 815 |
|
| 816 |
public function getImageCaption() {
|
| 817 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 818 |
+
if (isset($_GET['image_id']) && (int) $_GET['image_id'] > 0) {
|
| 819 |
$image = get_post((int) $_GET['image_id']);
|
| 820 |
$caption = (($image->post_content != false && $image->post_content != '') ? $image->post_content : '');
|
| 821 |
echo json_encode(array('result' => true, 'caption' => $caption));
|
| 828 |
}
|
| 829 |
|
| 830 |
public function loadInsights() {
|
| 831 |
+
if (current_user_can('read') && isset($_GET['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 832 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Metrics/Item.php');
|
| 833 |
$metrics = new B2S_Metrics_Item();
|
| 834 |
$filterNetwork = ((isset($_GET['filter_network']) && sanitize_text_field(wp_unslash($_GET['filter_network'])) !== 'all' && (int) $_GET['filter_network'] > 0) ? (int) $_GET['filter_network'] : 0);
|
includes/Ajax/Post.php
CHANGED
|
@@ -72,7 +72,7 @@ class Ajax_Post {
|
|
| 72 |
|
| 73 |
public function curationDraft() {
|
| 74 |
//save as blog post
|
| 75 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) { //0-24hours lifetime
|
| 76 |
if (isset($_POST['postFormat'])) {
|
| 77 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 78 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
|
@@ -149,7 +149,7 @@ class Ajax_Post {
|
|
| 149 |
|
| 150 |
public function curationShare() {
|
| 151 |
//save as blog post
|
| 152 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 153 |
if (isset($_POST['postFormat'])) {
|
| 154 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 155 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
|
@@ -331,7 +331,7 @@ class Ajax_Post {
|
|
| 331 |
}
|
| 332 |
|
| 333 |
public function curationCustomize() {
|
| 334 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 335 |
if (isset($_POST['postFormat'])) {
|
| 336 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 337 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
|
@@ -401,7 +401,7 @@ class Ajax_Post {
|
|
| 401 |
}
|
| 402 |
|
| 403 |
public function b2sPluginDeactivate() {
|
| 404 |
-
if (isset($_POST['b2s_deactivate_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_deactivate_nonce'])), 'b2s_deactivate_nonce') > 0) {
|
| 405 |
if (isset($_POST['delete_sched_post']) && (int) $_POST['delete_sched_post'] == 1) {
|
| 406 |
update_option("B2S_PLUGIN_DEACTIVATE_SCHED_POST", 1, false);
|
| 407 |
} else {
|
|
@@ -416,7 +416,7 @@ class Ajax_Post {
|
|
| 416 |
}
|
| 417 |
|
| 418 |
public function prgShip() {
|
| 419 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 420 |
if (!empty($_POST) && isset($_POST['token']) && !empty($_POST['token']) && isset($_POST['prg_id']) && (int) $_POST['prg_id'] > 0 && isset($_POST['blog_user_id']) && (int) $_POST['blog_user_id'] > 0 && isset($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 421 |
$dataPost = $_POST;
|
| 422 |
$type = sanitize_text_field(wp_unslash($dataPost['publish']));
|
|
@@ -470,7 +470,7 @@ class Ajax_Post {
|
|
| 470 |
}
|
| 471 |
|
| 472 |
public function lockAutoPostImport() {
|
| 473 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 474 |
if (isset($_POST['userId']) && (int) $_POST['userId'] > 0) {
|
| 475 |
update_option('B2S_LOCK_AUTO_POST_IMPORT_' . (int) $_POST['userId'], 1, false);
|
| 476 |
}
|
|
@@ -483,7 +483,7 @@ class Ajax_Post {
|
|
| 483 |
}
|
| 484 |
|
| 485 |
public function prgLogin() {
|
| 486 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 487 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {
|
| 488 |
$pubKey = json_decode(PRG_Api_Get::get(B2S_PLUGIN_PRG_API_ENDPOINT . 'auth.php?publicKey=true', array()));
|
| 489 |
if (!empty($pubKey) && is_object($pubKey) && isset($pubKey->publicKey) && !empty($pubKey->publicKey) && function_exists('openssl_public_encrypt')) {
|
|
@@ -522,7 +522,7 @@ class Ajax_Post {
|
|
| 522 |
}
|
| 523 |
|
| 524 |
public function prgLogout() {
|
| 525 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 526 |
delete_option('B2S_PLUGIN_PRG_' . B2S_PLUGIN_BLOG_USER_ID);
|
| 527 |
echo json_encode(array('result' => true));
|
| 528 |
wp_die();
|
|
@@ -533,7 +533,7 @@ class Ajax_Post {
|
|
| 533 |
}
|
| 534 |
|
| 535 |
public function saveShipData() {
|
| 536 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 537 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Save.php');
|
| 538 |
$post = $_POST;
|
| 539 |
$metaOg = false;
|
|
@@ -760,7 +760,7 @@ class Ajax_Post {
|
|
| 760 |
}
|
| 761 |
|
| 762 |
public function saveSocialMetaTags() {
|
| 763 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 764 |
$result = array('result' => true);
|
| 765 |
if (isset($_POST['is_admin']) && (int) $_POST['is_admin'] == 1) {
|
| 766 |
|
|
@@ -802,7 +802,7 @@ class Ajax_Post {
|
|
| 802 |
}
|
| 803 |
|
| 804 |
public function resetSocialMetaTags() {
|
| 805 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 806 |
global $wpdb;
|
| 807 |
$sql = "DELETE FROM " . $wpdb->postmeta . " WHERE meta_key = %s";
|
| 808 |
$sql = $wpdb->prepare($sql, "_b2s_post_meta");
|
|
@@ -816,7 +816,7 @@ class Ajax_Post {
|
|
| 816 |
}
|
| 817 |
|
| 818 |
public function saveNetworkBoardAndGroup() {
|
| 819 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 820 |
if (isset($_POST['networkAuthId']) && !empty($_POST['networkAuthId']) && isset($_POST['networkType']) && isset($_POST['boardAndGroup']) && !empty($_POST['boardAndGroup']) && isset($_POST['networkId']) && !empty($_POST['networkId']) && isset($_POST['lang']) && !empty($_POST['lang'])) {
|
| 821 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 822 |
'action' => 'saveNetworkBoardAndGroup',
|
|
@@ -841,7 +841,7 @@ class Ajax_Post {
|
|
| 841 |
}
|
| 842 |
|
| 843 |
public function saveUserNetworkSettings() {
|
| 844 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 845 |
if (isset($_POST['short_url'])) {
|
| 846 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 847 |
'action' => 'saveSettings',
|
|
@@ -920,7 +920,7 @@ class Ajax_Post {
|
|
| 920 |
}
|
| 921 |
|
| 922 |
public function saveAutoPostSettings() {
|
| 923 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 924 |
if (isset($_POST['b2s-import-auto-post']) && (int) $_POST['b2s-import-auto-post'] == 1 && !isset($_POST['b2s-import-auto-post-network-auth-id'])) {
|
| 925 |
echo json_encode(array('result' => false, 'type' => 'no-auth-selected'));
|
| 926 |
wp_die();
|
|
@@ -1060,7 +1060,7 @@ class Ajax_Post {
|
|
| 1060 |
}
|
| 1061 |
|
| 1062 |
public function autoPostAssignByDisconnect() {
|
| 1063 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1064 |
$options = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 1065 |
$auto_post_options = $options->_getOption('auto_post');
|
| 1066 |
|
|
@@ -1102,7 +1102,7 @@ class Ajax_Post {
|
|
| 1102 |
}
|
| 1103 |
|
| 1104 |
public function saveUserMandant() {
|
| 1105 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1106 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Save.php');
|
| 1107 |
$mandant = (isset($_POST['mandant']) && !empty($_POST['mandant'])) ? sanitize_text_field($_POST['mandant']) : '';
|
| 1108 |
if (empty($mandant)) {
|
|
@@ -1119,7 +1119,7 @@ class Ajax_Post {
|
|
| 1119 |
}
|
| 1120 |
|
| 1121 |
public function deleteUserMandant() {
|
| 1122 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1123 |
if (isset($_POST['mandantId'])) {
|
| 1124 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 1125 |
'action' => 'deleteUserMandant',
|
|
@@ -1141,7 +1141,7 @@ class Ajax_Post {
|
|
| 1141 |
}
|
| 1142 |
|
| 1143 |
public function deleteUserAuth() {
|
| 1144 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1145 |
$assignList = array();
|
| 1146 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Tools.php');
|
| 1147 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType'])) {
|
|
@@ -1224,7 +1224,7 @@ class Ajax_Post {
|
|
| 1224 |
}
|
| 1225 |
|
| 1226 |
public function updateUserVersion() {
|
| 1227 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1228 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1229 |
if (isset($_POST['key']) && !empty($_POST['key'])) {
|
| 1230 |
$isCurrentUser = true;
|
|
@@ -1286,7 +1286,7 @@ class Ajax_Post {
|
|
| 1286 |
}
|
| 1287 |
|
| 1288 |
public function acceptPrivacyPolicy() {
|
| 1289 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1290 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1291 |
if (isset($_POST['accept'])) {
|
| 1292 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
|
@@ -1308,7 +1308,7 @@ class Ajax_Post {
|
|
| 1308 |
}
|
| 1309 |
|
| 1310 |
public function createTrail() {
|
| 1311 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1312 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1313 |
if (isset($_POST['vorname']) && !empty($_POST['vorname']) && isset($_POST['nachname']) && !empty($_POST['nachname']) && isset($_POST['email']) && !empty($_POST['email']) && isset($_POST['url']) && !empty($_POST['url'])) {
|
| 1314 |
$data = array('token' => B2S_PLUGIN_TOKEN,
|
|
@@ -1336,7 +1336,7 @@ class Ajax_Post {
|
|
| 1336 |
}
|
| 1337 |
|
| 1338 |
public function deleteUserPublishPost() {
|
| 1339 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1340 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1341 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 1342 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
|
@@ -1354,7 +1354,7 @@ class Ajax_Post {
|
|
| 1354 |
}
|
| 1355 |
|
| 1356 |
public function deleteUserApprovePost() {
|
| 1357 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1358 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1359 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 1360 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
|
@@ -1372,7 +1372,7 @@ class Ajax_Post {
|
|
| 1372 |
}
|
| 1373 |
|
| 1374 |
public function deleteUserCcDraftPost() {
|
| 1375 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1376 |
if (isset($_POST['postId']) && !empty($_POST['postId']) && (int) $_POST['postId'] > 0) {
|
| 1377 |
$res = wp_update_post(array('ID' => (int) $_POST['postId'], 'post_status' => 'trash'), true);
|
| 1378 |
if ((int) $res > 0) {
|
|
@@ -1389,7 +1389,7 @@ class Ajax_Post {
|
|
| 1389 |
}
|
| 1390 |
|
| 1391 |
public function sendTrailFeedback() {
|
| 1392 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1393 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1394 |
if (isset($_POST['feedback']) && !empty($_POST['feedback'])) {
|
| 1395 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
|
@@ -1411,7 +1411,7 @@ class Ajax_Post {
|
|
| 1411 |
|
| 1412 |
//NEW V5.1.0
|
| 1413 |
public function saveUserTimeSettings() {
|
| 1414 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1415 |
if (isset($_POST['b2s-user-sched-data']) && !empty($_POST['b2s-user-sched-data']) && isset($_POST['b2s-user-sched-data']['time']) && isset($_POST['b2s-user-sched-data']['delay_day'])) {
|
| 1416 |
foreach (B2S_Tools::sanitize_array($_POST['b2s-user-sched-data']['time']) as $k => $v) {
|
| 1417 |
$_POST['b2s-user-sched-data']['time'][$k] = date('H:i', strtotime(date('Y-m-d') . ' ' . $v));
|
|
@@ -1430,7 +1430,7 @@ class Ajax_Post {
|
|
| 1430 |
}
|
| 1431 |
|
| 1432 |
public function b2sShipNavbarSaveSettings() {
|
| 1433 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1434 |
if (isset($_POST['mandantId'])) {
|
| 1435 |
global $wpdb;
|
| 1436 |
|
|
@@ -1453,7 +1453,7 @@ class Ajax_Post {
|
|
| 1453 |
}
|
| 1454 |
|
| 1455 |
public function saveAuthToSettings() {
|
| 1456 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1457 |
if (isset($_POST['mandandId']) && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType']) && isset($_POST['displayName']) && !empty($_POST['displayName'])) {
|
| 1458 |
global $wpdb;
|
| 1459 |
$networkDetailsIdSelect = $wpdb->get_col($wpdb->prepare("SELECT postNetworkDetails.id FROM {$wpdb->prefix}b2s_posts_network_details AS postNetworkDetails WHERE postNetworkDetails.network_auth_id = %s", sanitize_text_field(wp_unslash($_POST['networkAuthId']))));
|
|
@@ -1480,7 +1480,7 @@ class Ajax_Post {
|
|
| 1480 |
}
|
| 1481 |
|
| 1482 |
public function b2sPostMailUpdate() {
|
| 1483 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1484 |
if (isset($_POST['email']) && !empty($_POST['email'])) {
|
| 1485 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1486 |
$post = array('action' => 'updateMail',
|
|
@@ -1498,7 +1498,7 @@ class Ajax_Post {
|
|
| 1498 |
}
|
| 1499 |
|
| 1500 |
public function updateApprovePost() {
|
| 1501 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1502 |
//post_id
|
| 1503 |
if (is_numeric($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 1504 |
global $wpdb;
|
|
@@ -1507,17 +1507,13 @@ class Ajax_Post {
|
|
| 1507 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 1508 |
$optionUserTimeZone = $option->_getOption('user_time_zone');
|
| 1509 |
$userTimeZone = ($optionUserTimeZone !== false) ? $optionUserTimeZone : get_option('timezone_string');
|
| 1510 |
-
$userTimeZoneOffset = (empty($userTimeZone)) ? get_option('gmt_offset') : B2S_Util::getOffsetToUtcByTimeZone($userTimeZone);
|
|
|
|
|
|
|
| 1511 |
|
| 1512 |
-
$
|
| 1513 |
-
|
| 1514 |
-
|
| 1515 |
-
. "publish_date = '" . B2S_Util::getbyIdentLocalDate($userTimeZoneOffset) . "', "
|
| 1516 |
-
. "publish_link = '" . ((isset($_POST['publish_link']) && !empty($_POST['publish_link'])) ? esc_url_raw($_POST['publish_link']) : '') . "', "
|
| 1517 |
-
. "publish_error_code = '" . ((isset($_POST['publish_error_code']) && !empty($_POST['publish_error_code'])) ? addslashes(sanitize_text_field($_POST['publish_error_code'])) : '') . "', "
|
| 1518 |
-
. "post_for_approve = 0 "
|
| 1519 |
-
. "WHERE id = " . (int) $_POST['post_id'];
|
| 1520 |
-
$wpdb->query($sql);
|
| 1521 |
echo json_encode(array('result' => true));
|
| 1522 |
wp_die();
|
| 1523 |
}
|
|
@@ -1528,7 +1524,7 @@ class Ajax_Post {
|
|
| 1528 |
}
|
| 1529 |
|
| 1530 |
public function b2sCalendarMovePost() {
|
| 1531 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1532 |
global $wpdb;
|
| 1533 |
if (is_numeric($_POST['b2s_id']) && is_string($_POST['sched_date']) && isset($_POST['user_timezone'])) {
|
| 1534 |
|
|
@@ -1546,7 +1542,8 @@ class Ajax_Post {
|
|
| 1546 |
|
| 1547 |
//is post for relay?
|
| 1548 |
if (isset($_POST['post_for_relay']) && (int) $_POST['post_for_relay'] == 1) {
|
| 1549 |
-
|
|
|
|
| 1550 |
if (is_array($res) && !empty($res)) {
|
| 1551 |
foreach ($res as $item) {
|
| 1552 |
if (isset($item->id) && (int) $item->id > 0 && isset($item->relay_delay_min) && (int) $item->relay_delay_min > 0) {
|
|
@@ -1573,7 +1570,7 @@ class Ajax_Post {
|
|
| 1573 |
}
|
| 1574 |
|
| 1575 |
public function deleteUserSchedPost() {
|
| 1576 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1577 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1578 |
|
| 1579 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
|
@@ -1592,7 +1589,7 @@ class Ajax_Post {
|
|
| 1592 |
}
|
| 1593 |
|
| 1594 |
public function b2sDeletePost() {
|
| 1595 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1596 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1597 |
|
| 1598 |
if (isset($_POST['b2s_id']) && !empty($_POST['b2s_id']) && isset($_POST['post_id']) && !empty($_POST['post_id'])) {
|
|
@@ -1614,7 +1611,7 @@ class Ajax_Post {
|
|
| 1614 |
}
|
| 1615 |
|
| 1616 |
public function b2sEditSavePost() {
|
| 1617 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1618 |
global $wpdb;
|
| 1619 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Save.php');
|
| 1620 |
|
|
@@ -1790,7 +1787,8 @@ class Ajax_Post {
|
|
| 1790 |
//is post for relay ?
|
| 1791 |
//get all relays in primary post id by b2s id & change sched_date + utc
|
| 1792 |
if (isset($post['post_for_relay']) && (int) $post['post_for_relay'] == 1 && isset($data['date'][0]) && isset($data['time'][0]) && (int) $b2s_id > 0) {
|
| 1793 |
-
|
|
|
|
| 1794 |
if (is_array($res) && !empty($res)) {
|
| 1795 |
foreach ($res as $item) {
|
| 1796 |
if (isset($item->id) && (int) $item->id > 0 && isset($item->relay_delay_min) && (int) $item->relay_delay_min > 0) {
|
|
@@ -1821,14 +1819,8 @@ class Ajax_Post {
|
|
| 1821 |
}
|
| 1822 |
}
|
| 1823 |
|
| 1824 |
-
public function getAllRelayByPrimaryPostId($primary_post_id = 0) {
|
| 1825 |
-
global $wpdb;
|
| 1826 |
-
$sqlData = $wpdb->prepare("SELECT `id`, `relay_delay_min` FROM `{$wpdb->prefix}b2s_posts` WHERE `hide` = 0 AND `sched_type` = 4 AND `{$wpdb->prefix}b2s_posts`.`publish_date` = '0000-00-00 00:00:00' AND `relay_primary_post_id` = %d ", $primary_post_id);
|
| 1827 |
-
return $wpdb->get_results($sqlData);
|
| 1828 |
-
}
|
| 1829 |
-
|
| 1830 |
public function releaseLocks() {
|
| 1831 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1832 |
require_once(B2S_PLUGIN_DIR . 'includes/Options.php');
|
| 1833 |
$options = new B2S_Options(get_current_user_id());
|
| 1834 |
$lock = $options->_getOption("B2S_PLUGIN_USER_CALENDAR_BLOCKED");
|
|
@@ -1848,7 +1840,7 @@ class Ajax_Post {
|
|
| 1848 |
}
|
| 1849 |
|
| 1850 |
public function hideRating() {
|
| 1851 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1852 |
$forever = (isset($_POST['forever']) && $_POST['forever'] === true) ? true : false;
|
| 1853 |
B2S_Rating::hide($forever);
|
| 1854 |
} else {
|
|
@@ -1858,7 +1850,7 @@ class Ajax_Post {
|
|
| 1858 |
}
|
| 1859 |
|
| 1860 |
public function hidePremiumMessage() {
|
| 1861 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1862 |
update_option("B2S_HIDE_PREMIUM_MESSAGE", true, false);
|
| 1863 |
} else {
|
| 1864 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
|
@@ -1867,7 +1859,7 @@ class Ajax_Post {
|
|
| 1867 |
}
|
| 1868 |
|
| 1869 |
public function hideTrailMessage() {
|
| 1870 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1871 |
update_option("B2S_HIDE_TRAIL_MESSAGE", true, false);
|
| 1872 |
} else {
|
| 1873 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
|
@@ -1876,7 +1868,7 @@ class Ajax_Post {
|
|
| 1876 |
}
|
| 1877 |
|
| 1878 |
public function hideTrailEndedMessage() {
|
| 1879 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1880 |
update_option("B2S_HIDE_TRAIL_ENDED", true, false);
|
| 1881 |
} else {
|
| 1882 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
|
@@ -1885,7 +1877,7 @@ class Ajax_Post {
|
|
| 1885 |
}
|
| 1886 |
|
| 1887 |
public function moveUserAuthToProfile() {
|
| 1888 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1889 |
if (isset($_POST['mandantId']) && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 1890 |
$data = array('action' => 'moveUserAuthToProfile', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'mandantId' => (int) $_POST['mandantId']);
|
| 1891 |
$moveUserAuth = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, $data, 30));
|
|
@@ -1910,7 +1902,7 @@ class Ajax_Post {
|
|
| 1910 |
}
|
| 1911 |
|
| 1912 |
public function assignNetworkUserAuth() {
|
| 1913 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1914 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['assignBlogUserId']) && (int) $_POST['assignBlogUserId'] > 0) {
|
| 1915 |
$assignToken = B2S_Tools::getTokenById((int) $_POST['assignBlogUserId']);
|
| 1916 |
$data = array('action' => 'approveUserAuth', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'assignToken' => $assignToken, 'tokenBlogUserId' => B2S_PLUGIN_BLOG_USER_ID, 'assignTokenBlogUserId' => (int) $_POST['assignBlogUserId']);
|
|
@@ -2026,7 +2018,7 @@ class Ajax_Post {
|
|
| 2026 |
}
|
| 2027 |
|
| 2028 |
public function savePostTemplate() {
|
| 2029 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2030 |
if (isset($_POST['template_data']) && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0) {
|
| 2031 |
require_once(B2S_PLUGIN_DIR . 'includes/Options.php');
|
| 2032 |
$options = new B2S_Options(get_current_user_id());
|
|
@@ -2121,7 +2113,7 @@ class Ajax_Post {
|
|
| 2121 |
}
|
| 2122 |
|
| 2123 |
public function loadDefaultPostTemplate() {
|
| 2124 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2125 |
if (isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType']) && isset(unserialize(B2S_PLUGIN_NETWORK_SETTINGS_TEMPLATE_DEFAULT)[(int) $_POST['networkId']])) {
|
| 2126 |
$default = unserialize(B2S_PLUGIN_NETWORK_SETTINGS_TEMPLATE_DEFAULT)[(int) $_POST['networkId']];
|
| 2127 |
require_once B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php';
|
|
@@ -2139,7 +2131,7 @@ class Ajax_Post {
|
|
| 2139 |
}
|
| 2140 |
|
| 2141 |
public function saveDraftData() {
|
| 2142 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2143 |
if (isset($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 2144 |
global $wpdb;
|
| 2145 |
if ($wpdb->get_var("SHOW TABLES LIKE '{$wpdb->prefix}b2s_posts_drafts'") == $wpdb->prefix . 'b2s_posts_drafts') {
|
|
@@ -2170,7 +2162,7 @@ class Ajax_Post {
|
|
| 2170 |
}
|
| 2171 |
|
| 2172 |
public function deleteDraft() {
|
| 2173 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2174 |
if (isset($_POST['draftId']) && (int) $_POST['draftId'] > 0) {
|
| 2175 |
global $wpdb;
|
| 2176 |
$wpdb->delete($wpdb->prefix . 'b2s_posts_drafts', array('id' => (int) $_POST['draftId'], 'blog_user_id' => B2S_PLUGIN_BLOG_USER_ID), array('%d', '%d'));
|
|
@@ -2186,7 +2178,7 @@ class Ajax_Post {
|
|
| 2186 |
}
|
| 2187 |
|
| 2188 |
public function authNetworkLogin() {
|
| 2189 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2190 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {
|
| 2191 |
require_once(B2S_PLUGIN_DIR . 'includes/B2S/Api/Network/Pinterest.php');
|
| 2192 |
$location = 'en';
|
|
@@ -2229,7 +2221,7 @@ class Ajax_Post {
|
|
| 2229 |
}
|
| 2230 |
|
| 2231 |
public function authNetworkConfirm() {
|
| 2232 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2233 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['boardId']) && !empty($_POST['boardId']) && isset($_POST['identData']) && !empty($_POST['identData'])) {
|
| 2234 |
$mandantId = ((isset($_POST['mandantId']) && (int) $_POST['mandantId'] >= 0) ? (int) $_POST['mandantId'] : 0);
|
| 2235 |
$publicKey = B2S_PLUGIN_DIR . '/includes/B2S/Api/Network/public_key.pem';
|
|
@@ -2270,7 +2262,7 @@ class Ajax_Post {
|
|
| 2270 |
}
|
| 2271 |
|
| 2272 |
public function changeFavoriteStatus() {
|
| 2273 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2274 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['setStatus']) && (int) $_POST['setStatus'] >= 0) {
|
| 2275 |
global $wpdb;
|
| 2276 |
if ((int) $_POST['setStatus'] == 1) {
|
|
@@ -2294,7 +2286,7 @@ class Ajax_Post {
|
|
| 2294 |
}
|
| 2295 |
|
| 2296 |
public function saveUrlParameter() {
|
| 2297 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2298 |
if (isset($_POST['originNetworkAuthId']) && (int) $_POST['originNetworkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networks']) && !empty($_POST['networks']) && isset($_POST['urlParameter'])) {
|
| 2299 |
$inputParams = json_decode(stripslashes_deep(sanitize_text_field(wp_unslash($_POST['urlParameter']))), true);
|
| 2300 |
if ($inputParams === false) {
|
|
@@ -2358,7 +2350,7 @@ class Ajax_Post {
|
|
| 2358 |
}
|
| 2359 |
|
| 2360 |
public function rePostSubmit() {
|
| 2361 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2362 |
if (isset($_POST['b2s-re-post-profil-dropdown']) && (int) $_POST['b2s-re-post-profil-dropdown'] >= 0 && isset($_POST['b2s-re-post-profil-data-' . sanitize_text_field(wp_unslash($_POST['b2s-re-post-profil-dropdown']))]) && !empty($_POST['b2s-re-post-profil-data-' . sanitize_text_field(wp_unslash($_POST['b2s-re-post-profil-dropdown']))])) {
|
| 2363 |
$networkData = json_decode(base64_decode(sanitize_text_field($_POST['b2s-re-post-profil-data-' . sanitize_text_field($_POST['b2s-re-post-profil-dropdown'])])));
|
| 2364 |
if ($networkData !== false && is_array($networkData) && !empty($networkData)) {
|
|
@@ -2564,7 +2556,7 @@ class Ajax_Post {
|
|
| 2564 |
}
|
| 2565 |
|
| 2566 |
public function deleteRePostSched() {
|
| 2567 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2568 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 2569 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
| 2570 |
if (is_array($postIds) && !empty($postIds)) {
|
|
@@ -2599,7 +2591,7 @@ class Ajax_Post {
|
|
| 2599 |
}
|
| 2600 |
|
| 2601 |
public function communityRegister() {
|
| 2602 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2603 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']) && isset($_POST['email']) && !empty($_POST['email'])) {
|
| 2604 |
$username = '';
|
| 2605 |
$password = '';
|
|
@@ -2633,7 +2625,7 @@ class Ajax_Post {
|
|
| 2633 |
}
|
| 2634 |
|
| 2635 |
public function networkCheckUserData() {
|
| 2636 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2637 |
$wpCookie = array();
|
| 2638 |
$tempCookies = array();
|
| 2639 |
foreach ($_POST['networkUserData']['accData'] as $key => $value) {
|
|
@@ -2667,7 +2659,7 @@ class Ajax_Post {
|
|
| 2667 |
}
|
| 2668 |
|
| 2669 |
public function metricsStartingConfirm() {
|
| 2670 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2671 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2672 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2673 |
$option->_setOption('metrics_started', true);
|
|
@@ -2680,7 +2672,7 @@ class Ajax_Post {
|
|
| 2680 |
}
|
| 2681 |
|
| 2682 |
public function metricsBannerClose() {
|
| 2683 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2684 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2685 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2686 |
$option->_setOption('metrics_banner', true);
|
|
@@ -2693,7 +2685,7 @@ class Ajax_Post {
|
|
| 2693 |
}
|
| 2694 |
|
| 2695 |
public function continueTrialOption() {
|
| 2696 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2697 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2698 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2699 |
$option->_setOption('hide_7_day_trail', true);
|
|
@@ -2706,7 +2698,7 @@ class Ajax_Post {
|
|
| 2706 |
}
|
| 2707 |
|
| 2708 |
public function hideFinalTrialOption() {
|
| 2709 |
-
if (isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2710 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2711 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2712 |
$option->_setOption('hide_final_trail', true);
|
| 72 |
|
| 73 |
public function curationDraft() {
|
| 74 |
//save as blog post
|
| 75 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) { //0-24hours lifetime
|
| 76 |
if (isset($_POST['postFormat'])) {
|
| 77 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 78 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
| 149 |
|
| 150 |
public function curationShare() {
|
| 151 |
//save as blog post
|
| 152 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 153 |
if (isset($_POST['postFormat'])) {
|
| 154 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 155 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
| 331 |
}
|
| 332 |
|
| 333 |
public function curationCustomize() {
|
| 334 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 335 |
if (isset($_POST['postFormat'])) {
|
| 336 |
if ((int) $_POST['postFormat'] == 1) { //Imagepost
|
| 337 |
if (isset($_POST['image_id']) && !empty($_POST['image_id']) && isset($_POST['comment_image']) && !empty($_POST['comment_image'])) {
|
| 401 |
}
|
| 402 |
|
| 403 |
public function b2sPluginDeactivate() {
|
| 404 |
+
if (current_user_can('administrator') && isset($_POST['b2s_deactivate_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_deactivate_nonce'])), 'b2s_deactivate_nonce') > 0) {
|
| 405 |
if (isset($_POST['delete_sched_post']) && (int) $_POST['delete_sched_post'] == 1) {
|
| 406 |
update_option("B2S_PLUGIN_DEACTIVATE_SCHED_POST", 1, false);
|
| 407 |
} else {
|
| 416 |
}
|
| 417 |
|
| 418 |
public function prgShip() {
|
| 419 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 420 |
if (!empty($_POST) && isset($_POST['token']) && !empty($_POST['token']) && isset($_POST['prg_id']) && (int) $_POST['prg_id'] > 0 && isset($_POST['blog_user_id']) && (int) $_POST['blog_user_id'] > 0 && isset($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 421 |
$dataPost = $_POST;
|
| 422 |
$type = sanitize_text_field(wp_unslash($dataPost['publish']));
|
| 470 |
}
|
| 471 |
|
| 472 |
public function lockAutoPostImport() {
|
| 473 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 474 |
if (isset($_POST['userId']) && (int) $_POST['userId'] > 0) {
|
| 475 |
update_option('B2S_LOCK_AUTO_POST_IMPORT_' . (int) $_POST['userId'], 1, false);
|
| 476 |
}
|
| 483 |
}
|
| 484 |
|
| 485 |
public function prgLogin() {
|
| 486 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 487 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {
|
| 488 |
$pubKey = json_decode(PRG_Api_Get::get(B2S_PLUGIN_PRG_API_ENDPOINT . 'auth.php?publicKey=true', array()));
|
| 489 |
if (!empty($pubKey) && is_object($pubKey) && isset($pubKey->publicKey) && !empty($pubKey->publicKey) && function_exists('openssl_public_encrypt')) {
|
| 522 |
}
|
| 523 |
|
| 524 |
public function prgLogout() {
|
| 525 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 526 |
delete_option('B2S_PLUGIN_PRG_' . B2S_PLUGIN_BLOG_USER_ID);
|
| 527 |
echo json_encode(array('result' => true));
|
| 528 |
wp_die();
|
| 533 |
}
|
| 534 |
|
| 535 |
public function saveShipData() {
|
| 536 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 537 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Ship/Save.php');
|
| 538 |
$post = $_POST;
|
| 539 |
$metaOg = false;
|
| 760 |
}
|
| 761 |
|
| 762 |
public function saveSocialMetaTags() {
|
| 763 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 764 |
$result = array('result' => true);
|
| 765 |
if (isset($_POST['is_admin']) && (int) $_POST['is_admin'] == 1) {
|
| 766 |
|
| 802 |
}
|
| 803 |
|
| 804 |
public function resetSocialMetaTags() {
|
| 805 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 806 |
global $wpdb;
|
| 807 |
$sql = "DELETE FROM " . $wpdb->postmeta . " WHERE meta_key = %s";
|
| 808 |
$sql = $wpdb->prepare($sql, "_b2s_post_meta");
|
| 816 |
}
|
| 817 |
|
| 818 |
public function saveNetworkBoardAndGroup() {
|
| 819 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 820 |
if (isset($_POST['networkAuthId']) && !empty($_POST['networkAuthId']) && isset($_POST['networkType']) && isset($_POST['boardAndGroup']) && !empty($_POST['boardAndGroup']) && isset($_POST['networkId']) && !empty($_POST['networkId']) && isset($_POST['lang']) && !empty($_POST['lang'])) {
|
| 821 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 822 |
'action' => 'saveNetworkBoardAndGroup',
|
| 841 |
}
|
| 842 |
|
| 843 |
public function saveUserNetworkSettings() {
|
| 844 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 845 |
if (isset($_POST['short_url'])) {
|
| 846 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 847 |
'action' => 'saveSettings',
|
| 920 |
}
|
| 921 |
|
| 922 |
public function saveAutoPostSettings() {
|
| 923 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 924 |
if (isset($_POST['b2s-import-auto-post']) && (int) $_POST['b2s-import-auto-post'] == 1 && !isset($_POST['b2s-import-auto-post-network-auth-id'])) {
|
| 925 |
echo json_encode(array('result' => false, 'type' => 'no-auth-selected'));
|
| 926 |
wp_die();
|
| 1060 |
}
|
| 1061 |
|
| 1062 |
public function autoPostAssignByDisconnect() {
|
| 1063 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1064 |
$options = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 1065 |
$auto_post_options = $options->_getOption('auto_post');
|
| 1066 |
|
| 1102 |
}
|
| 1103 |
|
| 1104 |
public function saveUserMandant() {
|
| 1105 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1106 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Network/Save.php');
|
| 1107 |
$mandant = (isset($_POST['mandant']) && !empty($_POST['mandant'])) ? sanitize_text_field($_POST['mandant']) : '';
|
| 1108 |
if (empty($mandant)) {
|
| 1119 |
}
|
| 1120 |
|
| 1121 |
public function deleteUserMandant() {
|
| 1122 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1123 |
if (isset($_POST['mandantId'])) {
|
| 1124 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 1125 |
'action' => 'deleteUserMandant',
|
| 1141 |
}
|
| 1142 |
|
| 1143 |
public function deleteUserAuth() {
|
| 1144 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1145 |
$assignList = array();
|
| 1146 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Tools.php');
|
| 1147 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType'])) {
|
| 1224 |
}
|
| 1225 |
|
| 1226 |
public function updateUserVersion() {
|
| 1227 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1228 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1229 |
if (isset($_POST['key']) && !empty($_POST['key'])) {
|
| 1230 |
$isCurrentUser = true;
|
| 1286 |
}
|
| 1287 |
|
| 1288 |
public function acceptPrivacyPolicy() {
|
| 1289 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1290 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1291 |
if (isset($_POST['accept'])) {
|
| 1292 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 1308 |
}
|
| 1309 |
|
| 1310 |
public function createTrail() {
|
| 1311 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1312 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1313 |
if (isset($_POST['vorname']) && !empty($_POST['vorname']) && isset($_POST['nachname']) && !empty($_POST['nachname']) && isset($_POST['email']) && !empty($_POST['email']) && isset($_POST['url']) && !empty($_POST['url'])) {
|
| 1314 |
$data = array('token' => B2S_PLUGIN_TOKEN,
|
| 1336 |
}
|
| 1337 |
|
| 1338 |
public function deleteUserPublishPost() {
|
| 1339 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1340 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1341 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 1342 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
| 1354 |
}
|
| 1355 |
|
| 1356 |
public function deleteUserApprovePost() {
|
| 1357 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1358 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1359 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 1360 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
| 1372 |
}
|
| 1373 |
|
| 1374 |
public function deleteUserCcDraftPost() {
|
| 1375 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1376 |
if (isset($_POST['postId']) && !empty($_POST['postId']) && (int) $_POST['postId'] > 0) {
|
| 1377 |
$res = wp_update_post(array('ID' => (int) $_POST['postId'], 'post_status' => 'trash'), true);
|
| 1378 |
if ((int) $res > 0) {
|
| 1389 |
}
|
| 1390 |
|
| 1391 |
public function sendTrailFeedback() {
|
| 1392 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1393 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1394 |
if (isset($_POST['feedback']) && !empty($_POST['feedback'])) {
|
| 1395 |
$post = array('token' => B2S_PLUGIN_TOKEN,
|
| 1411 |
|
| 1412 |
//NEW V5.1.0
|
| 1413 |
public function saveUserTimeSettings() {
|
| 1414 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1415 |
if (isset($_POST['b2s-user-sched-data']) && !empty($_POST['b2s-user-sched-data']) && isset($_POST['b2s-user-sched-data']['time']) && isset($_POST['b2s-user-sched-data']['delay_day'])) {
|
| 1416 |
foreach (B2S_Tools::sanitize_array($_POST['b2s-user-sched-data']['time']) as $k => $v) {
|
| 1417 |
$_POST['b2s-user-sched-data']['time'][$k] = date('H:i', strtotime(date('Y-m-d') . ' ' . $v));
|
| 1430 |
}
|
| 1431 |
|
| 1432 |
public function b2sShipNavbarSaveSettings() {
|
| 1433 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1434 |
if (isset($_POST['mandantId'])) {
|
| 1435 |
global $wpdb;
|
| 1436 |
|
| 1453 |
}
|
| 1454 |
|
| 1455 |
public function saveAuthToSettings() {
|
| 1456 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1457 |
if (isset($_POST['mandandId']) && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType']) && isset($_POST['displayName']) && !empty($_POST['displayName'])) {
|
| 1458 |
global $wpdb;
|
| 1459 |
$networkDetailsIdSelect = $wpdb->get_col($wpdb->prepare("SELECT postNetworkDetails.id FROM {$wpdb->prefix}b2s_posts_network_details AS postNetworkDetails WHERE postNetworkDetails.network_auth_id = %s", sanitize_text_field(wp_unslash($_POST['networkAuthId']))));
|
| 1480 |
}
|
| 1481 |
|
| 1482 |
public function b2sPostMailUpdate() {
|
| 1483 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1484 |
if (isset($_POST['email']) && !empty($_POST['email'])) {
|
| 1485 |
require_once (B2S_PLUGIN_DIR . '/includes/Tools.php');
|
| 1486 |
$post = array('action' => 'updateMail',
|
| 1498 |
}
|
| 1499 |
|
| 1500 |
public function updateApprovePost() {
|
| 1501 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1502 |
//post_id
|
| 1503 |
if (is_numeric($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 1504 |
global $wpdb;
|
| 1507 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 1508 |
$optionUserTimeZone = $option->_getOption('user_time_zone');
|
| 1509 |
$userTimeZone = ($optionUserTimeZone !== false) ? $optionUserTimeZone : get_option('timezone_string');
|
| 1510 |
+
$userTimeZoneOffset = (empty($userTimeZone)) ? get_option('gmt_offset') : B2S_Util::getOffsetToUtcByTimeZone($userTimeZone);
|
| 1511 |
+
$publishLink = (isset($_POST['publish_link']) && !empty($_POST['publish_link'])) ? sanitize_text_field(esc_url_raw($_POST['publish_link'])) : '';
|
| 1512 |
+
$publishError = (isset($_POST['publish_error_code']) && !empty($_POST['publish_error_code'])) ? addslashes(sanitize_text_field($_POST['publish_error_code'])) : '';
|
| 1513 |
|
| 1514 |
+
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->prefix}b2s_posts SET sched_date = %s, sched_date_utc= %s, publish_date = %s, publish_link = %s, publish_error_code = %s, post_for_approve = %d WHERE id = %d",
|
| 1515 |
+
'0000-00-00 00:00:00', '0000-00-00 00:00:00', B2S_Util::getbyIdentLocalDate($userTimeZoneOffset), $publishLink, $publishError, 0, (int) $_POST['post_id']));
|
| 1516 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1517 |
echo json_encode(array('result' => true));
|
| 1518 |
wp_die();
|
| 1519 |
}
|
| 1524 |
}
|
| 1525 |
|
| 1526 |
public function b2sCalendarMovePost() {
|
| 1527 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1528 |
global $wpdb;
|
| 1529 |
if (is_numeric($_POST['b2s_id']) && is_string($_POST['sched_date']) && isset($_POST['user_timezone'])) {
|
| 1530 |
|
| 1542 |
|
| 1543 |
//is post for relay?
|
| 1544 |
if (isset($_POST['post_for_relay']) && (int) $_POST['post_for_relay'] == 1) {
|
| 1545 |
+
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Tools.php');
|
| 1546 |
+
$res = B2S_Post_Tools::getAllRelayByPrimaryPostId((int) $_POST['b2s_id']);
|
| 1547 |
if (is_array($res) && !empty($res)) {
|
| 1548 |
foreach ($res as $item) {
|
| 1549 |
if (isset($item->id) && (int) $item->id > 0 && isset($item->relay_delay_min) && (int) $item->relay_delay_min > 0) {
|
| 1570 |
}
|
| 1571 |
|
| 1572 |
public function deleteUserSchedPost() {
|
| 1573 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1574 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1575 |
|
| 1576 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 1589 |
}
|
| 1590 |
|
| 1591 |
public function b2sDeletePost() {
|
| 1592 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1593 |
require_once (B2S_PLUGIN_DIR . '/includes/B2S/Post/Tools.php');
|
| 1594 |
|
| 1595 |
if (isset($_POST['b2s_id']) && !empty($_POST['b2s_id']) && isset($_POST['post_id']) && !empty($_POST['post_id'])) {
|
| 1611 |
}
|
| 1612 |
|
| 1613 |
public function b2sEditSavePost() {
|
| 1614 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1615 |
global $wpdb;
|
| 1616 |
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Calendar/Save.php');
|
| 1617 |
|
| 1787 |
//is post for relay ?
|
| 1788 |
//get all relays in primary post id by b2s id & change sched_date + utc
|
| 1789 |
if (isset($post['post_for_relay']) && (int) $post['post_for_relay'] == 1 && isset($data['date'][0]) && isset($data['time'][0]) && (int) $b2s_id > 0) {
|
| 1790 |
+
require_once (B2S_PLUGIN_DIR . 'includes/B2S/Post/Tools.php');
|
| 1791 |
+
$res = B2S_Post_Tools::getAllRelayByPrimaryPostId((int) $_POST['b2s_id']);
|
| 1792 |
if (is_array($res) && !empty($res)) {
|
| 1793 |
foreach ($res as $item) {
|
| 1794 |
if (isset($item->id) && (int) $item->id > 0 && isset($item->relay_delay_min) && (int) $item->relay_delay_min > 0) {
|
| 1819 |
}
|
| 1820 |
}
|
| 1821 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1822 |
public function releaseLocks() {
|
| 1823 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1824 |
require_once(B2S_PLUGIN_DIR . 'includes/Options.php');
|
| 1825 |
$options = new B2S_Options(get_current_user_id());
|
| 1826 |
$lock = $options->_getOption("B2S_PLUGIN_USER_CALENDAR_BLOCKED");
|
| 1840 |
}
|
| 1841 |
|
| 1842 |
public function hideRating() {
|
| 1843 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1844 |
$forever = (isset($_POST['forever']) && $_POST['forever'] === true) ? true : false;
|
| 1845 |
B2S_Rating::hide($forever);
|
| 1846 |
} else {
|
| 1850 |
}
|
| 1851 |
|
| 1852 |
public function hidePremiumMessage() {
|
| 1853 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1854 |
update_option("B2S_HIDE_PREMIUM_MESSAGE", true, false);
|
| 1855 |
} else {
|
| 1856 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
| 1859 |
}
|
| 1860 |
|
| 1861 |
public function hideTrailMessage() {
|
| 1862 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1863 |
update_option("B2S_HIDE_TRAIL_MESSAGE", true, false);
|
| 1864 |
} else {
|
| 1865 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
| 1868 |
}
|
| 1869 |
|
| 1870 |
public function hideTrailEndedMessage() {
|
| 1871 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1872 |
update_option("B2S_HIDE_TRAIL_ENDED", true, false);
|
| 1873 |
} else {
|
| 1874 |
echo json_encode(array('result' => false, 'error' => 'nonce'));
|
| 1877 |
}
|
| 1878 |
|
| 1879 |
public function moveUserAuthToProfile() {
|
| 1880 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1881 |
if (isset($_POST['mandantId']) && isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0) {
|
| 1882 |
$data = array('action' => 'moveUserAuthToProfile', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'mandantId' => (int) $_POST['mandantId']);
|
| 1883 |
$moveUserAuth = json_decode(B2S_Api_Post::post(B2S_PLUGIN_API_ENDPOINT, $data, 30));
|
| 1902 |
}
|
| 1903 |
|
| 1904 |
public function assignNetworkUserAuth() {
|
| 1905 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 1906 |
if (isset($_POST['networkAuthId']) && (int) $_POST['networkAuthId'] > 0 && isset($_POST['assignBlogUserId']) && (int) $_POST['assignBlogUserId'] > 0) {
|
| 1907 |
$assignToken = B2S_Tools::getTokenById((int) $_POST['assignBlogUserId']);
|
| 1908 |
$data = array('action' => 'approveUserAuth', 'token' => B2S_PLUGIN_TOKEN, 'networkAuthId' => (int) $_POST['networkAuthId'], 'assignToken' => $assignToken, 'tokenBlogUserId' => B2S_PLUGIN_BLOG_USER_ID, 'assignTokenBlogUserId' => (int) $_POST['assignBlogUserId']);
|
| 2018 |
}
|
| 2019 |
|
| 2020 |
public function savePostTemplate() {
|
| 2021 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2022 |
if (isset($_POST['template_data']) && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0) {
|
| 2023 |
require_once(B2S_PLUGIN_DIR . 'includes/Options.php');
|
| 2024 |
$options = new B2S_Options(get_current_user_id());
|
| 2113 |
}
|
| 2114 |
|
| 2115 |
public function loadDefaultPostTemplate() {
|
| 2116 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2117 |
if (isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networkType']) && isset(unserialize(B2S_PLUGIN_NETWORK_SETTINGS_TEMPLATE_DEFAULT)[(int) $_POST['networkId']])) {
|
| 2118 |
$default = unserialize(B2S_PLUGIN_NETWORK_SETTINGS_TEMPLATE_DEFAULT)[(int) $_POST['networkId']];
|
| 2119 |
require_once B2S_PLUGIN_DIR . 'includes/B2S/Network/Item.php';
|
| 2131 |
}
|
| 2132 |
|
| 2133 |
public function saveDraftData() {
|
| 2134 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2135 |
if (isset($_POST['post_id']) && (int) $_POST['post_id'] > 0) {
|
| 2136 |
global $wpdb;
|
| 2137 |
if ($wpdb->get_var("SHOW TABLES LIKE '{$wpdb->prefix}b2s_posts_drafts'") == $wpdb->prefix . 'b2s_posts_drafts') {
|
| 2162 |
}
|
| 2163 |
|
| 2164 |
public function deleteDraft() {
|
| 2165 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2166 |
if (isset($_POST['draftId']) && (int) $_POST['draftId'] > 0) {
|
| 2167 |
global $wpdb;
|
| 2168 |
$wpdb->delete($wpdb->prefix . 'b2s_posts_drafts', array('id' => (int) $_POST['draftId'], 'blog_user_id' => B2S_PLUGIN_BLOG_USER_ID), array('%d', '%d'));
|
| 2178 |
}
|
| 2179 |
|
| 2180 |
public function authNetworkLogin() {
|
| 2181 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2182 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) {
|
| 2183 |
require_once(B2S_PLUGIN_DIR . 'includes/B2S/Api/Network/Pinterest.php');
|
| 2184 |
$location = 'en';
|
| 2221 |
}
|
| 2222 |
|
| 2223 |
public function authNetworkConfirm() {
|
| 2224 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2225 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['boardId']) && !empty($_POST['boardId']) && isset($_POST['identData']) && !empty($_POST['identData'])) {
|
| 2226 |
$mandantId = ((isset($_POST['mandantId']) && (int) $_POST['mandantId'] >= 0) ? (int) $_POST['mandantId'] : 0);
|
| 2227 |
$publicKey = B2S_PLUGIN_DIR . '/includes/B2S/Api/Network/public_key.pem';
|
| 2262 |
}
|
| 2263 |
|
| 2264 |
public function changeFavoriteStatus() {
|
| 2265 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2266 |
if (isset($_POST['postId']) && (int) $_POST['postId'] > 0 && isset($_POST['setStatus']) && (int) $_POST['setStatus'] >= 0) {
|
| 2267 |
global $wpdb;
|
| 2268 |
if ((int) $_POST['setStatus'] == 1) {
|
| 2286 |
}
|
| 2287 |
|
| 2288 |
public function saveUrlParameter() {
|
| 2289 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2290 |
if (isset($_POST['originNetworkAuthId']) && (int) $_POST['originNetworkAuthId'] > 0 && isset($_POST['networkId']) && (int) $_POST['networkId'] > 0 && isset($_POST['networks']) && !empty($_POST['networks']) && isset($_POST['urlParameter'])) {
|
| 2291 |
$inputParams = json_decode(stripslashes_deep(sanitize_text_field(wp_unslash($_POST['urlParameter']))), true);
|
| 2292 |
if ($inputParams === false) {
|
| 2350 |
}
|
| 2351 |
|
| 2352 |
public function rePostSubmit() {
|
| 2353 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2354 |
if (isset($_POST['b2s-re-post-profil-dropdown']) && (int) $_POST['b2s-re-post-profil-dropdown'] >= 0 && isset($_POST['b2s-re-post-profil-data-' . sanitize_text_field(wp_unslash($_POST['b2s-re-post-profil-dropdown']))]) && !empty($_POST['b2s-re-post-profil-data-' . sanitize_text_field(wp_unslash($_POST['b2s-re-post-profil-dropdown']))])) {
|
| 2355 |
$networkData = json_decode(base64_decode(sanitize_text_field($_POST['b2s-re-post-profil-data-' . sanitize_text_field($_POST['b2s-re-post-profil-dropdown'])])));
|
| 2356 |
if ($networkData !== false && is_array($networkData) && !empty($networkData)) {
|
| 2556 |
}
|
| 2557 |
|
| 2558 |
public function deleteRePostSched() {
|
| 2559 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2560 |
if (isset($_POST['postId']) && !empty($_POST['postId'])) {
|
| 2561 |
$postIds = explode(',', sanitize_text_field(wp_unslash($_POST['postId'])));
|
| 2562 |
if (is_array($postIds) && !empty($postIds)) {
|
| 2591 |
}
|
| 2592 |
|
| 2593 |
public function communityRegister() {
|
| 2594 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2595 |
if (isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password']) && isset($_POST['email']) && !empty($_POST['email'])) {
|
| 2596 |
$username = '';
|
| 2597 |
$password = '';
|
| 2625 |
}
|
| 2626 |
|
| 2627 |
public function networkCheckUserData() {
|
| 2628 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2629 |
$wpCookie = array();
|
| 2630 |
$tempCookies = array();
|
| 2631 |
foreach ($_POST['networkUserData']['accData'] as $key => $value) {
|
| 2659 |
}
|
| 2660 |
|
| 2661 |
public function metricsStartingConfirm() {
|
| 2662 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2663 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2664 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2665 |
$option->_setOption('metrics_started', true);
|
| 2672 |
}
|
| 2673 |
|
| 2674 |
public function metricsBannerClose() {
|
| 2675 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2676 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2677 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2678 |
$option->_setOption('metrics_banner', true);
|
| 2685 |
}
|
| 2686 |
|
| 2687 |
public function continueTrialOption() {
|
| 2688 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2689 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2690 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2691 |
$option->_setOption('hide_7_day_trail', true);
|
| 2698 |
}
|
| 2699 |
|
| 2700 |
public function hideFinalTrialOption() {
|
| 2701 |
+
if (current_user_can('read') && isset($_POST['b2s_security_nonce']) && (int) wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['b2s_security_nonce'])), 'b2s_security_nonce') > 0) {
|
| 2702 |
require_once (B2S_PLUGIN_DIR . '/includes/Options.php');
|
| 2703 |
$option = new B2S_Options(B2S_PLUGIN_BLOG_USER_ID);
|
| 2704 |
$option->_setOption('hide_final_trail', true);
|
includes/Util.php
CHANGED
|
@@ -152,7 +152,7 @@ class B2S_Util {
|
|
| 152 |
'redirection' => '5',
|
| 153 |
'user-agent' => "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0"
|
| 154 |
);
|
| 155 |
-
$response =
|
| 156 |
if (!is_wp_error($response)) {
|
| 157 |
return wp_remote_retrieve_body($response);
|
| 158 |
} else if ($extern) {
|
| 152 |
'redirection' => '5',
|
| 153 |
'user-agent' => "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0"
|
| 154 |
);
|
| 155 |
+
$response = wp_safe_remote_get($url, $args);
|
| 156 |
if (!is_wp_error($response)) {
|
| 157 |
return wp_remote_retrieve_body($response);
|
| 158 |
} else if ($extern) {
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: auto post, auto publish, social media scheduling, social media calendar, s
|
|
| 5 |
Donate link: https://paypal.me/adenion
|
| 6 |
Requires at least: 4.7.0
|
| 7 |
Tested up to: 6.0
|
| 8 |
-
Stable tag: 6.9.
|
| 9 |
License: GPLv3
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
|
@@ -234,6 +234,8 @@ To get started with the basics of Blog2Social and maybe find some useful tips an
|
|
| 234 |
7. Keep track of your shared posts and scheduling plan with the Social Media Calendar.
|
| 235 |
|
| 236 |
== Changelog ==
|
|
|
|
|
|
|
| 237 |
= 6.9.9 =
|
| 238 |
Usability Optimization
|
| 239 |
= 6.9.8 =
|
|
@@ -326,6 +328,8 @@ Usability Optimization, Rebrandly integration, url parameter settings
|
|
| 326 |
New Image Posts, Imgur, Animated Gifs and Emojis
|
| 327 |
|
| 328 |
== Upgrade Notice ==
|
|
|
|
|
|
|
| 329 |
= 6.9.9 =
|
| 330 |
Usability Optimization
|
| 331 |
= 6.9.8 =
|
| 5 |
Donate link: https://paypal.me/adenion
|
| 6 |
Requires at least: 4.7.0
|
| 7 |
Tested up to: 6.0
|
| 8 |
+
Stable tag: 6.9.10
|
| 9 |
License: GPLv3
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
| 234 |
7. Keep track of your shared posts and scheduling plan with the Social Media Calendar.
|
| 235 |
|
| 236 |
== Changelog ==
|
| 237 |
+
= 6.9.10 =
|
| 238 |
+
Additional Security Update
|
| 239 |
= 6.9.9 =
|
| 240 |
Usability Optimization
|
| 241 |
= 6.9.8 =
|
| 328 |
New Image Posts, Imgur, Animated Gifs and Emojis
|
| 329 |
|
| 330 |
== Upgrade Notice ==
|
| 331 |
+
= 6.9.10 =
|
| 332 |
+
Additional Security Update
|
| 333 |
= 6.9.9 =
|
| 334 |
Usability Optimization
|
| 335 |
= 6.9.8 =
|
