Header Footer Code Manager

Version Description

2022-11-09 * FIXED: Proper checks for user access and capabilities * UPDATED: Compatibility with WordPress 6.1

Release Info

Developer	99robots
Plugin	Header Footer Code Manager
Version	1.1.30
Comparing to
See all releases

Code changes from version 1.1.29 to 1.1.30

Files changed (2) hide show

99robots-header-footer-code-manager.php +371 -357
readme.txt +6 -2

99robots-header-footer-code-manager.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* Plugin Name: Header Footer Code Manager
4	* Plugin URI: https://draftpress.com/products
5	* Description: Header Footer Code Manager by 99 Robots is a quick and simple way for you to add tracking code snippets, conversion pixels, or other scripts required by third party services for analytics, tracking, marketing, or chat functions. For detailed documentation, please visit the plugin's <a href="https://draftpress.com/"> official page</a>.
6	- * Version: 1.1.29
7	* Requires at least: 4.9
8	* Requires PHP: 5.6.20
9	* Author: 99robots
	@@ -16,32 +16,32 @@
16	/*
17	* If this file is called directly, abort.
18	*/
19	- if (!defined('WPINC') ) {
20	die;
21	}
22
23	- register_activation_hook(__FILE__, array( 'NNR_HFCM', 'hfcm_options_install' ));
24	- add_action('plugins_loaded', array( 'NNR_HFCM', 'hfcm_db_update_check' ));
25	- add_action('admin_enqueue_scripts', array( 'NNR_HFCM', 'hfcm_enqueue_assets' ));
26	- add_action('plugins_loaded', array( 'NNR_HFCM', 'hfcm_load_translation_files' ));
27	- add_action('admin_menu', array( 'NNR_HFCM', 'hfcm_modifymenu' ));
28	add_filter(
29	- 'plugin_action_links_' . plugin_basename(__FILE__), array(
30	'NNR_HFCM',
31	'hfcm_add_plugin_page_settings_link'
32	)
33	);
34	- add_action('admin_init', array( 'NNR_HFCM', 'hfcm_init' ));
35	- add_shortcode('hfcm', array( 'NNR_HFCM', 'hfcm_shortcode' ));
36	- add_action('wp_head', array( 'NNR_HFCM', 'hfcm_header_scripts' ));
37	- add_action('wp_footer', array( 'NNR_HFCM', 'hfcm_footer_scripts' ));
38	- add_action('the_content', array( 'NNR_HFCM', 'hfcm_content_scripts' ));
39	- add_action('wp_ajax_hfcm-request', array( 'NNR_HFCM', 'hfcm_request_handler' ));
40
41	// Files containing submenu functions
42	- require_once plugin_dir_path(__FILE__) . 'includes/class-hfcm-snippets-list.php';
43
44	- if (!class_exists('NNR_HFCM') ) :
45
46	class NNR_HFCM
47	{
	@@ -64,9 +64,9 @@ if (!class_exists('NNR_HFCM') ) :
64	*/
65	public static function hfcm_options_install()
66	{
67	- $hfcm_now = strtotime("now");
68	- add_option('hfcm_activation_date', $hfcm_now);
69	- update_option('hfcm_activation_date', $hfcm_now);
70
71	global $wpdb;
72
	@@ -97,8 +97,8 @@ if (!class_exists('NNR_HFCM') ) :
97	) $charset_collate";
98
99	include_once ABSPATH . 'wp-admin/includes/upgrade.php';
100	- dbDelta($sql);
101	- add_option('hfcm_db_version', self::$nnr_hfcm_db_version);
102	}
103
104	/*
	@@ -109,10 +109,10 @@ if (!class_exists('NNR_HFCM') ) :
109	global $wpdb;
110
111	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
112	- if (get_option('hfcm_db_version') != self::$nnr_hfcm_db_version ) {
113	$wpdb->show_errors();
114
115	- if (!empty($wpdb->dbname) ) {
116	// Check for Exclude Pages
117	$nnr_column_ex_pages = 'ex_pages';
118	$nnr_check_column_ex_pages = $wpdb->get_results(
	@@ -123,9 +123,9 @@ if (!class_exists('NNR_HFCM') ) :
123	$nnr_column_ex_pages
124	)
125	);
126	- if (empty($nnr_check_column_ex_pages) ) {
127	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_pages` varchar(300) DEFAULT 0 AFTER `s_pages`";
128	- $wpdb->query($nnr_alter_sql);
129	}
130
131	// Check for Exclude Posts
	@@ -138,9 +138,9 @@ if (!class_exists('NNR_HFCM') ) :
138	$nnr_column_ex_posts
139	)
140	);
141	- if (empty($nnr_check_column_ex_posts) ) {
142	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_posts` varchar(300) DEFAULT 0 AFTER `s_posts`";
143	- $wpdb->query($nnr_alter_sql);
144	}
145
146	// Check for Snippet Type
	@@ -153,23 +153,23 @@ if (!class_exists('NNR_HFCM') ) :
153	$nnr_column_snippet_type
154	)
155	);
156	- if (empty($nnr_check_column_snippet_type) ) {
157	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `snippet_type` enum('html', 'js', 'css') DEFAULT 'html' AFTER `snippet`";
158	- $wpdb->query($nnr_alter_sql);
159	}
160
161	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `snippet` `snippet` LONGTEXT NULL";
162	- $wpdb->query($nnr_alter_sql);
163
164	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `display_on` `display_on` ENUM('All','s_pages','s_posts','s_categories','s_custom_posts','s_tags','s_is_home','s_is_archive','s_is_search','latest_posts','manual') DEFAULT 'All' NOT NULL";
165	- $wpdb->query($nnr_alter_sql);
166
167	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `s_pages` `s_pages` MEDIUMTEXT NULL, CHANGE `ex_pages` `ex_pages` MEDIUMTEXT NULL, CHANGE `s_posts` `s_posts` MEDIUMTEXT NULL, CHANGE `ex_posts` `ex_posts` MEDIUMTEXT NULL";
168	- $wpdb->query($nnr_alter_sql);
169	}
170	self::hfcm_options_install();
171	}
172	- update_option('hfcm_db_version', self::$nnr_hfcm_db_version);
173	}
174
175	/*
	@@ -183,27 +183,27 @@ if (!class_exists('NNR_HFCM') ) :
183	'admin_page_hfcm-update',
184	);
185
186	- wp_register_style('hfcm_general_admin_assets', plugins_url('css/style-general-admin.css', __FILE__));
187	- wp_enqueue_style('hfcm_general_admin_assets');
188
189	- if (in_array($hook, $allowed_pages) ) {
190	// Plugin's CSS
191	- wp_register_style('hfcm_assets', plugins_url('css/style-admin.css', __FILE__));
192	- wp_enqueue_style('hfcm_assets');
193	}
194
195	// Remove hfcm-list from $allowed_pages
196	- array_shift($allowed_pages);
197
198	- if (in_array($hook, $allowed_pages) ) {
199	// selectize.js plugin CSS and JS files
200	- wp_register_style('selectize-css', plugins_url('css/selectize.bootstrap3.css', __FILE__));
201	- wp_enqueue_style('selectize-css');
202
203	- wp_register_script('selectize-js', plugins_url('js/selectize.min.js', __FILE__), array( 'jquery' ));
204	- wp_enqueue_script('selectize-js');
205
206	- wp_enqueue_code_editor(array( 'type' => 'text/html' ));
207	}
208	}
209
	@@ -213,7 +213,7 @@ if (!class_exists('NNR_HFCM') ) :
213
214	public static function hfcm_load_translation_files()
215	{
216	- load_plugin_textdomain('header-footer-code-manager', false, dirname(plugin_basename(__FILE__)) . '/languages');
217	}
218
219	/*
	@@ -224,8 +224,8 @@ if (!class_exists('NNR_HFCM') ) :
224
225	// This is the main item for the menu
226	add_menu_page(
227	- __('Header Footer Code Manager', 'header-footer-code-manager'),
228	- __('HFCM', 'header-footer-code-manager'),
229	'manage_options',
230	'hfcm-list',
231	array( 'NNR_HFCM', 'hfcm_list' ),
	@@ -235,8 +235,8 @@ if (!class_exists('NNR_HFCM') ) :
235	// This is a submenu
236	add_submenu_page(
237	'hfcm-list',
238	- __('All Snippets', 'header-footer-code-manager'),
239	- __('All Snippets', 'header-footer-code-manager'),
240	'manage_options',
241	'hfcm-list',
242	array( 'NNR_HFCM', 'hfcm_list' )
	@@ -245,8 +245,8 @@ if (!class_exists('NNR_HFCM') ) :
245	// This is a submenu
246	add_submenu_page(
247	'hfcm-list',
248	- __('Add New Snippet', 'header-footer-code-manager'),
249	- __('Add New', 'header-footer-code-manager'),
250	'manage_options',
251	'hfcm-create',
252	array( 'NNR_HFCM', 'hfcm_create' )
	@@ -255,8 +255,8 @@ if (!class_exists('NNR_HFCM') ) :
255	// This is a submenu
256	add_submenu_page(
257	'hfcm-list',
258	- __('Tools', 'header-footer-code-manager'),
259	- __('Tools', 'header-footer-code-manager'),
260	'manage_options',
261	'hfcm-tools',
262	array( 'NNR_HFCM', 'hfcm_tools' )
	@@ -265,8 +265,8 @@ if (!class_exists('NNR_HFCM') ) :
265	// This submenu is HIDDEN, however, we need to add it anyways
266	add_submenu_page(
267	null,
268	- __('Update Script', 'header-footer-code-manager'),
269	- __('Update', 'header-footer-code-manager'),
270	'manage_options',
271	'hfcm-update',
272	array( 'NNR_HFCM', 'hfcm_update' )
	@@ -275,8 +275,8 @@ if (!class_exists('NNR_HFCM') ) :
275	// This submenu is HIDDEN, however, we need to add it anyways
276	add_submenu_page(
277	null,
278	- __('Request Handler Script', 'header-footer-code-manager'),
279	- __('Request Handler', 'header-footer-code-manager'),
280	'manage_options',
281	'hfcm-request-handler',
282	array( 'NNR_HFCM', 'hfcm_request_handler' )
	@@ -289,7 +289,7 @@ if (!class_exists('NNR_HFCM') ) :
289	public static function hfcm_add_plugin_page_settings_link( $links )
290	{
291	$links = array_merge(
292	- array( '<a href="' . admin_url('admin.php?page=hfcm-list') . '">' . __('Settings') . '</a>' ),
293	$links
294	);
295	return $links;
	@@ -300,13 +300,13 @@ if (!class_exists('NNR_HFCM') ) :
300	*/
301	public static function hfcm_check_installation_date()
302	{
303	- $install_date = get_option('hfcm_activation_date');
304	- $past_date = strtotime('-7 days');
305
306	- if ($past_date >= $install_date ) {
307	- add_action('admin_notices', array( 'NNR_HFCM', 'hfcm_review_push_notice' ));
308	}
309	- add_action('admin_notices', array( 'NNR_HFCM', 'hfcm_static_notices' ));
310	}
311
312	/*
	@@ -323,13 +323,13 @@ if (!class_exists('NNR_HFCM') ) :
323
324	$user_id = get_current_user_id();
325	// Check if current user has already dismissed it
326	- $install_date = get_option('hfcm_activation_date');
327
328	- if (!get_user_meta($user_id, 'hfcm_plugin_notice_dismissed') && in_array($screen, $allowed_pages_notices) ) {
329	?>
330	<div id="hfcm-message" class="notice notice-success">
331	<a class="hfcm-dismiss-alert notice-dismiss" href="?hfcm-admin-notice-dismissed">Dismiss</a>
332	- <p><?php _e('Hey there! You’ve been using the <strong>Header Footer Code Manager</strong> plugin for a while now. If you like the plugin, please support our awesome development and support team by leaving a <a class="hfcm-review-stars" href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/"><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span></a> rating. <a href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/">Rate it!</a> It’ll mean the world to us and keep this plugin free and constantly updated. <a href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/">Leave A Review</a>', 'header-footer-code-manager'); ?>
333	</p>
334	</div>
335	<?php
	@@ -348,7 +348,7 @@ if (!class_exists('NNR_HFCM') ) :
348	);
349	$screen = get_current_screen()->id;
350
351	- if (in_array($screen, $allowed_pages_notices) ) {
352	?>
353	<div id="hfcm-message" class="notice notice-success">
354	<p>
	@@ -370,11 +370,11 @@ if (!class_exists('NNR_HFCM') ) :
370	{
371	$user_id = get_current_user_id();
372	// Checking if user clicked on the Dismiss button
373	- if (isset($_GET['hfcm-admin-notice-dismissed']) ) {
374	- add_user_meta($user_id, 'hfcm_plugin_notice_dismissed', 'true', true);
375	// Redirect to original page the user was on
376	$current_url = wp_get_referer();
377	- wp_redirect($current_url);
378	exit;
379	}
380	}
	@@ -384,7 +384,7 @@ if (!class_exists('NNR_HFCM') ) :
384	*/
385	public static function hfcm_render_snippet( $scriptdata )
386	{
387	- $output = "<!-- HFCM by 99 Robots - Snippet # " . absint($scriptdata->script_id) . ": " . esc_html($scriptdata->name) . " -->\n" . html_entity_decode($scriptdata->snippet) . "\n<!-- /end HFCM by 99 Robots -->\n";
388
389	return $output;
390	}
	@@ -396,8 +396,8 @@ if (!class_exists('NNR_HFCM') ) :
396	{
397	global $wpdb;
398	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
399	- if (!empty($atts['id']) ) {
400	- $id = absint($atts['id']);
401	$hide_device = wp_is_mobile() ? 'desktop' : 'mobile';
402	$script = $wpdb->get_results(
403	$wpdb->prepare(
	@@ -406,8 +406,8 @@ if (!class_exists('NNR_HFCM') ) :
406	$id
407	)
408	);
409	- if (!empty($script) ) {
410	- return self::hfcm_render_snippet($script[0]);
411	}
412	}
413	}
	@@ -417,8 +417,8 @@ if (!class_exists('NNR_HFCM') ) :
417	*/
418	public static function hfcm_not_empty( $scriptdata, $prop_name )
419	{
420	- $data = json_decode($scriptdata->{$prop_name});
421	- if (empty($data) ) {
422	return false;
423	}
424	return true;
	@@ -439,7 +439,7 @@ if (!class_exists('NNR_HFCM') ) :
439	$nnr_hfcm_snippets_sql = "SELECT * FROM `{$table_name}` WHERE status='active' AND device_type!=%s";
440	$nnr_hfcm_snippet_placeholder_args = [ $hide_device ];
441
442	- if ($location && in_array($location, array( 'header', 'footer' )) ) {
443	$nnr_hfcm_snippets_sql .= " AND location=%s";
444	$nnr_hfcm_snippet_placeholder_args[] = $location;
445	} else {
	@@ -452,117 +452,117 @@ if (!class_exists('NNR_HFCM') ) :
452	)
453	);
454
455	- if (!empty($script) ) {
456	foreach ( $script as $key => $scriptdata ) {
457	$out = '';
458	switch ( $scriptdata->display_on ) {
459	- case 'All':
460
461	- $is_not_empty_ex_pages = self::hfcm_not_empty($scriptdata, 'ex_pages');
462	- $is_not_empty_ex_posts = self::hfcm_not_empty($scriptdata, 'ex_posts');
463	- if (($is_not_empty_ex_pages && is_page(json_decode($scriptdata->ex_pages))) \|\| ($is_not_empty_ex_posts && is_single(json_decode($scriptdata->ex_posts))) ) {
464	- $out = '';
465	- } else {
466	- $out = self::hfcm_render_snippet($scriptdata);
467	- }
468	- break;
469	- case 'latest_posts':
470	- if (is_single() ) {
471	- if (!empty($scriptdata->lp_count) ) {
472	- $nnr_hfcm_latest_posts = wp_get_recent_posts(
473	- array(
474	- 'numberposts' => absint($scriptdata->lp_count),
475	- )
476	- );
477	} else {
478	- $~~nnr_hfcm_latest_posts~~ = ~~wp_get_recent_posts~~(
479	- array(
480	- 'numberposts' => 5
481	- )
482	- );
483	}
















484
485	- foreach ( $nnr_hfcm_latest_posts as $key => $lpostdata ) {
486	- if (get_the_ID() == $lpostdata['ID'] ) {
487	- $out = self::hfcm_render_snippet($scriptdata);

488	}
489	}
490	- }
491	- ~~break;~~
492	- ~~case~~ 's_categories':
493	- $is_not_empty_s_categories = ~~self::hfcm_not_empty~~($scriptdata, ~~'s_categories'~~);
494	- if (~~$is_not_empty_s_categories~~ && ~~in_category(~~json_decode($scriptdata->s_categories)) ) {
495	- if (~~is_category(json_decode(~~$scriptdata~~->s_categories))~~ ) {
496	- ~~$out = self::hfcm_render_snippet($scriptdata);~~



497	}
498	- ~~if (!is_archive() && !is_home() ) {~~
499	- ~~$out~~ ~~= self::hfcm_render_snippet($scriptdata);~~



500	}
501	- }
502	- ~~break;~~
503	- ~~case~~ '~~s_custom_posts~~':
504	- $~~is_not_empty_s_custom_posts~~ = ~~self::hfcm_not_empty~~($scriptdata, ~~'s_custom_posts'~~);
505	- ~~if (~~$~~is_not_empty_s_custom_posts~~ && ~~is_singular~~(~~json_decode(~~$scriptdata~~->s_custom_posts))~~ ) {
506	- $out = self::hfcm_render_snippet($scriptdata);
507	- }
508	- break;
509	- case 's_posts':
510	- $is_not_empty_s_posts = self::hfcm_not_empty($scriptdata, 's_posts');
511	- if ($is_not_empty_s_posts && is_single(json_decode($scriptdata->s_posts)) ) {
512	- $out = self::hfcm_render_snippet($scriptdata);
513	- }
514	- break;
515	- case 's_is_home':
516	- if (is_home() \|\| is_front_page() ) {
517	- $out = self::hfcm_render_snippet($scriptdata);
518	- }
519	- break;
520	- case 's_is_archive':
521	- if (is_archive() ) {
522	- $out = self::hfcm_render_snippet($scriptdata);
523	- }
524	- break;
525	- case 's_is_search':
526	- if (is_search() ) {
527	- $out = self::hfcm_render_snippet($scriptdata);
528	- }
529	- break;
530	- case 's_pages':
531	- $is_not_empty_s_pages = self::hfcm_not_empty($scriptdata, 's_pages');
532	- if ($is_not_empty_s_pages ) {
533	- // Gets the page ID of the blog page
534	- $blog_page = get_option('page_for_posts');
535	- // Checks if the blog page is present in the array of selected pages
536	- if (in_array($blog_page, json_decode($scriptdata->s_pages)) ) {
537	- if (is_page(json_decode($scriptdata->s_pages)) \|\| (!is_front_page() && is_home()) ) {
538	- $out = self::hfcm_render_snippet($scriptdata);
539	- }
540	- } elseif (is_page(json_decode($scriptdata->s_pages)) ) {
541	- $out = self::hfcm_render_snippet($scriptdata);
542	}
543	- }
544	- ~~break;~~
545	- ~~case~~ ~~'s_tags':~~
546	- $~~is_not_empty_s_tags~~ = self::~~hfcm_not_empty~~($scriptdata, ~~'s_tags'~~);
547	- if ($is_not_empty_s_tags && has_tag(json_decode($scriptdata->s_tags)) ) {
548	- if (is_tag(json_decode($scriptdata->s_tags)) ) {
549	- $out = self::hfcm_render_snippet($scriptdata);
550	}
551	- ~~if (!is_archive() && !is_home() ) {~~
552	- ~~$out~~ ~~= self::hfcm_render_snippet($scriptdata);~~

































553	}
554	- }
555	}
556
557	switch ( $scriptdata->location ) {
558	- case 'before_content':
559	- $beforecontent .= $out;
560	- break;
561	- case 'after_content':
562	- $aftercontent .= $out;
563	- break;
564	- default:
565	- echo $out;
566	}
567	}
568	}
	@@ -575,8 +575,8 @@ if (!class_exists('NNR_HFCM') ) :
575	*/
576	public static function hfcm_header_scripts()
577	{
578	- if(!is_feed()) {
579	- self::hfcm_add_snippets('header');
580	}
581	}
582
	@@ -585,7 +585,7 @@ if (!class_exists('NNR_HFCM') ) :
585	*/
586	public static function hfcm_footer_scripts()
587	{
588	- if(!is_feed()) {
589	self::hfcm_add_snippets( 'footer' );
590	}
591	}
	@@ -595,7 +595,7 @@ if (!class_exists('NNR_HFCM') ) :
595	*/
596	public static function hfcm_content_scripts( $content )
597	{
598	- if(!is_feed()) {
599	return self::hfcm_add_snippets( false, $content );
600	} else {
601	return $content;
	@@ -608,14 +608,14 @@ if (!class_exists('NNR_HFCM') ) :
608	public static function hfcm_redirect( $url = '' )
609	{
610	// Register the script
611	- wp_register_script('hfcm_redirection', plugins_url('js/location.js', __FILE__));
612
613	// Localize the script with new data
614	$translation_array = array( 'url' => $url );
615	- wp_localize_script('hfcm_redirection', 'hfcm_location', $translation_array);
616
617	// Enqueued script with localized data.
618	- wp_enqueue_script('hfcm_redirection');
619	}
620
621	/*
	@@ -623,12 +623,12 @@ if (!class_exists('NNR_HFCM') ) :
623	*/
624	public static function hfcm_sanitize_text( $key, $is_not_snippet = true )
625	{
626	- if (!empty($_POST['data'][ $key ]) ) {
627	- $post_data = stripslashes_deep($_POST['data'][ $key ]);
628	- if ($is_not_snippet ) {
629	- $post_data = sanitize_text_field($post_data);
630	} else {
631	- $post_data = htmlentities($post_data);
632	}
633	return $post_data;
634	}
	@@ -641,19 +641,19 @@ if (!class_exists('NNR_HFCM') ) :
641	*/
642	public static function hfcm_sanitize_array( $key, $type = 'integer' )
643	{
644	- if (!empty($_POST['data'][ $key ]) ) {
645	$arr = $_POST['data'][ $key ];
646
647	- if (!is_array($arr) ) {
648	return array();
649	}
650
651	- if ('integer' === $type ) {
652	- return array_map('absint', $arr);
653	} else { // strings
654	$new_array = array();
655	foreach ( $arr as $val ) {
656	- $new_array[] = sanitize_text_field($val);
657	}
658	}
659
	@@ -668,9 +668,13 @@ if (!class_exists('NNR_HFCM') ) :
668	*/
669	public static function hfcm_create()
670	{
671	-
672	// check user capabilities
673	- current_user_can('~~administrator~~');





674
675	// prepare variables for includes/hfcm-add-edit.php
676	$name = '';
	@@ -692,7 +696,7 @@ if (!class_exists('NNR_HFCM') ) :
692	// Notify hfcm-add-edit.php NOT to make changes for update
693	$update = false;
694
695	- include_once plugin_dir_path(__FILE__) . 'includes/hfcm-add-edit.php';
696	}
697
698	/*
	@@ -701,30 +705,35 @@ if (!class_exists('NNR_HFCM') ) :
701	public static function hfcm_request_handler()
702	{
703
704	- // ~~Check~~ user capabilities
705	- current_user_can('~~administrator~~');





706
707	- if (isset($_POST['insert']) ) {
708	// Check nonce
709	- check_admin_referer('create-snippet');
710	} else {
711	- if (empty($_REQUEST['id']) ) {
712	- die('Missing ID parameter.');
713	}
714	- $id = absint($_REQUEST['id']);
715	}
716	- if (isset($_POST['update']) ) {
717	// Check nonce
718	- check_admin_referer('update-snippet_' . $id);
719	}
720
721	// Handle AJAX on/off toggle for snippets
722	- if (isset($_REQUEST['toggle']) && !empty($_REQUEST['togvalue']) ) {
723
724	// Check nonce
725	- check_ajax_referer('hfcm-toggle-snippet', 'security');
726
727	- if ('on' === $_REQUEST['togvalue'] ) {
728	$status = 'active';
729	} else {
730	$status = 'inactive';
	@@ -742,31 +751,31 @@ if (!class_exists('NNR_HFCM') ) :
742	array( '%s' ) //where format
743	);
744
745	- } elseif (isset($_POST['insert']) \|\| isset($_POST['update']) ) {
746
747	// Create / update snippet
748
749	// Sanitize fields
750	- $name = self::hfcm_sanitize_text('name');
751	- $snippet = self::hfcm_sanitize_text('snippet', false);
752	- $nnr_snippet_type = self::hfcm_sanitize_text('snippet_type');
753	- $device_type = self::hfcm_sanitize_text('device_type');
754	- $display_on = self::hfcm_sanitize_text('display_on');
755	- $location = self::hfcm_sanitize_text('location');
756	- $lp_count = self::hfcm_sanitize_text('lp_count');
757	- $status = self::hfcm_sanitize_text('status');
758	- $s_pages = self::hfcm_sanitize_array('s_pages');
759	- $ex_pages = self::hfcm_sanitize_array('ex_pages');
760	- $s_posts = self::hfcm_sanitize_array('s_posts');
761	- $ex_posts = self::hfcm_sanitize_array('ex_posts');
762	- $s_custom_posts = self::hfcm_sanitize_array('s_custom_posts', 'string');
763	- $s_categories = self::hfcm_sanitize_array('s_categories');
764	- $s_tags = self::hfcm_sanitize_array('s_tags');
765	-
766	- if ('manual' === $display_on ) {
767	$location = '';
768	}
769	- $lp_count = max(1, (int) $lp_count);
770
771	// Global vars
772	global $wpdb;
	@@ -774,7 +783,7 @@ if (!class_exists('NNR_HFCM') ) :
774	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
775
776	// Update snippet
777	- if (isset($id) ) {
778
779	$wpdb->update(
780	$table_name, //table
	@@ -788,15 +797,15 @@ if (!class_exists('NNR_HFCM') ) :
788	'display_on' => $display_on,
789	'status' => $status,
790	'lp_count' => $lp_count,
791	- 's_pages' => wp_json_encode($s_pages),
792	- 'ex_pages' => wp_json_encode($ex_pages),
793	- 's_posts' => wp_json_encode($s_posts),
794	- 'ex_posts' => wp_json_encode($ex_posts),
795	- 's_custom_posts' => wp_json_encode($s_custom_posts),
796	- 's_categories' => wp_json_encode($s_categories),
797	- 's_tags' => wp_json_encode($s_tags),
798	- 'last_revision_date' => current_time('Y-m-d H:i:s'),
799	- 'last_modified_by' => sanitize_text_field($current_user->display_name),
800	),
801	// Where
802	array( 'script_id' => $id ),
	@@ -815,7 +824,7 @@ if (!class_exists('NNR_HFCM') ) :
815	// Where format
816	array( '%s' )
817	);
818	- self::hfcm_redirect(admin_url('admin.php?page=hfcm-update&message=1&id=' . $id));
819	} else {
820
821	// Create new snippet
	@@ -830,15 +839,15 @@ if (!class_exists('NNR_HFCM') ) :
830	'display_on' => $display_on,
831	'status' => $status,
832	'lp_count' => $lp_count,
833	- 's_pages' => wp_json_encode($s_pages),
834	- 'ex_pages' => wp_json_encode($ex_pages),
835	- 's_posts' => wp_json_encode($s_posts),
836	- 'ex_posts' => wp_json_encode($ex_posts),
837	- 's_custom_posts' => wp_json_encode($s_custom_posts),
838	- 's_categories' => wp_json_encode($s_categories),
839	- 's_tags' => wp_json_encode($s_tags),
840	- 'created' => current_time('Y-m-d H:i:s'),
841	- 'created_by' => sanitize_text_field($current_user->display_name),
842	), array(
843	'%s',
844	'%s',
	@@ -860,32 +869,32 @@ if (!class_exists('NNR_HFCM') ) :
860	)
861	);
862	$lastid = $wpdb->insert_id;
863	- self::hfcm_redirect(admin_url('admin.php?page=hfcm-update&message=6&id=' . $lastid));
864	}
865	- } elseif (isset($_POST['get_posts']) ) {
866
867	// JSON return posts for AJAX
868
869	// Check nonce
870	- check_ajax_referer('hfcm-get-posts', 'security');
871
872	// Global vars
873	global $wpdb;
874	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
875	// Get all selected posts
876	- if (-1 === $id ) {
877	$s_posts = array();
878	$ex_posts = array();
879	} else {
880	// Select value to update
881	$script = $wpdb->get_results(
882	- $wpdb->prepare("SELECT s_posts FROM `{$table_name}` WHERE script_id=%s", $id)
883	);
884	$s_posts = array();
885	- if (!empty($script) ) {
886	foreach ( $script as $s ) {
887	- $s_posts = json_decode($s->s_posts);
888	- if (!is_array($s_posts) ) {
889	$s_posts = array();
890	}
891	}
	@@ -893,12 +902,12 @@ if (!class_exists('NNR_HFCM') ) :
893
894	$ex_posts = array();
895	$script_ex = $wpdb->get_results(
896	- $wpdb->prepare("SELECT ex_posts FROM `{$table_name}` WHERE script_id=%s", $id)
897	);
898	- if (!empty($script_ex) ) {
899	foreach ( $script_ex as $s ) {
900	- $ex_posts = json_decode($s->ex_posts);
901	- if (!is_array($ex_posts) ) {
902	$ex_posts = array();
903	}
904	}
	@@ -914,7 +923,7 @@ if (!class_exists('NNR_HFCM') ) :
914	$output = 'names'; // names or objects, note names is the default
915	$operator = 'and'; // 'and' or 'or'
916
917	- $c_posttypes = get_post_types($args, $output, $operator);
918	$posttypes = array( 'post' );
919	foreach ( $c_posttypes as $cpdata ) {
920	$posttypes[] = $cpdata;
	@@ -935,29 +944,29 @@ if (!class_exists('NNR_HFCM') ) :
935	'excluded' => array(),
936	);
937
938	- if (!empty($posts) ) {
939	foreach ( $posts as $pdata ) {
940	- $nnr_hfcm_post_title = trim($pdata->post_title);
941
942	- if (empty($nnr_hfcm_post_title) ) {
943	$nnr_hfcm_post_title = "(no title)";
944	}
945	- if (!empty($ex_posts) && in_array($pdata->ID, $ex_posts) ) {
946	$json_output['excluded'][] = $pdata->ID;
947	}
948
949	- if (!empty($s_posts) && in_array($pdata->ID, $s_posts) ) {
950	$json_output['selected'][] = $pdata->ID;
951	}
952
953	$json_output['posts'][] = array(
954	- 'text' => sanitize_text_field($nnr_hfcm_post_title),
955	'value' => $pdata->ID,
956	);
957	}
958	}
959
960	- echo wp_json_encode($json_output);
961	wp_die();
962	}
963	}
	@@ -968,22 +977,27 @@ if (!class_exists('NNR_HFCM') ) :
968	public static function hfcm_update()
969	{
970
971	- add_action('wp_enqueue_scripts', 'hfcm_selectize_enqueue');
972
973	// check user capabilities
974	- current_user_can('~~administrator~~');
975
976	- if (~~empty($_GET['id'])~~ ) {
977	- ~~die(~~'~~Missing~~ ID ~~parameter~~.');

978	}
979	- ~~$id = absint($_GET['id']);~~




980
981	global $wpdb;
982	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
983
984	//selecting value to update
985	$nnr_hfcm_snippets = $wpdb->get_results(
986	- $wpdb->prepare("SELECT * FROM `{$table_name}` WHERE script_id=%s", $id)
987	);
988	foreach ( $nnr_hfcm_snippets as $s ) {
989	$name = $s->name;
	@@ -994,66 +1008,66 @@ if (!class_exists('NNR_HFCM') ) :
994	$display_on = $s->display_on;
995	$status = $s->status;
996	$lp_count = $s->lp_count;
997	- if (empty($lp_count) ) {
998	$lp_count = 5;
999	}
1000	- $s_pages = json_decode($s->s_pages);
1001	- $ex_pages = json_decode($s->ex_pages);
1002	- $ex_posts = json_decode($s->ex_posts);
1003
1004	- if (!is_array($s_pages) ) {
1005	$s_pages = array();
1006	}
1007
1008	- if (!is_array($ex_pages) ) {
1009	$ex_pages = array();
1010	}
1011
1012	- $s_posts = json_decode($s->s_posts);
1013	- if (!is_array($s_posts) ) {
1014	$s_posts = array();
1015	}
1016
1017	- $ex_posts = json_decode($s->ex_posts);
1018	- if (!is_array($ex_posts) ) {
1019	$ex_posts = array();
1020	}
1021
1022	- $s_custom_posts = json_decode($s->s_custom_posts);
1023	- if (!is_array($s_custom_posts) ) {
1024	$s_custom_posts = array();
1025	}
1026
1027	- $s_categories = json_decode($s->s_categories);
1028	- if (!is_array($s_categories) ) {
1029	$s_categories = array();
1030	}
1031
1032	- $s_tags = json_decode($s->s_tags);
1033	- if (!is_array($s_tags) ) {
1034	$s_tags = array();
1035	}
1036
1037	- $createdby = esc_html($s->created_by);
1038	- $lastmodifiedby = esc_html($s->last_modified_by);
1039	- $createdon = esc_html($s->created);
1040	- $lastrevisiondate = esc_html($s->last_revision_date);
1041	}
1042
1043	// escape for html output
1044	- $name = esc_textarea($name);
1045	- $snippet = esc_textarea($snippet);
1046	- $nnr_snippet_type = esc_textarea($nnr_snippet_type);
1047	- $device_type = esc_html($device_type);
1048	- $location = esc_html($location);
1049	- $display_on = esc_html($display_on);
1050	- $status = esc_html($status);
1051	- $lp_count = esc_html($lp_count);
1052	- $i = esc_html($lp_count);
1053	// Notify hfcm-add-edit.php to make necesary changes for update
1054	$update = true;
1055
1056	- include_once plugin_dir_path(__FILE__) . 'includes/hfcm-add-edit.php';
1057	}
1058
1059	/*
	@@ -1071,7 +1085,7 @@ if (!class_exists('NNR_HFCM') ) :
1071
1072	$is_pro_version_active = self::is_hfcm_pro_active();
1073
1074	- if ($is_pro_version_active ) {
1075	?>
1076	<div class="notice hfcm-warning-notice notice-warning">
1077	<?php _e(
	@@ -1082,8 +1096,8 @@ if (!class_exists('NNR_HFCM') ) :
1082	<?php
1083	}
1084
1085	- if (!empty($_GET['import']) ) {
1086	- if ($_GET['import'] == 2 ) {
1087	$message = "Header Footer Code Manager has successfully imported all snippets and set them as INACTIVE. Please review each snippet individually and ACTIVATE those that are needed for this site. Snippet types that are only available in the PRO version are skipped";
1088	} else {
1089	$message = "Header Footer Code Manager has successfully imported all snippets and set them as INACTIVE. Please review each snippet individually and ACTIVATE those that are needed for this site.";
	@@ -1091,35 +1105,35 @@ if (!class_exists('NNR_HFCM') ) :
1091	?>
1092	<div id="hfcm-message" class="notice notice-success is-dismissible">
1093	<p>
1094	- <?php _e($message, 'header-footer-code-manager'); ?>
1095	</p>
1096	</div>
1097	<?php
1098	}
1099	- if (!empty($_GET['script_status']) && in_array(
1100	- $_GET['script_status'], array( 'active', 'inactive' )
1101	- )
1102	) {
1103	$allclass = '';
1104	- if ('active' === $_GET['script_status'] ) {
1105	$activeclass = 'current';
1106	}
1107	- if ('inactive' === $_GET['script_status'] ) {
1108	$inactiveclass = 'current';
1109	}
1110	}
1111	?>
1112	<div class="wrap">
1113	- <h1><?php esc_html_e('Snippets', 'header-footer-code-manager') ?>
1114	- <a href="<?php echo admin_url('admin.php?page=hfcm-create') ?>" class="page-title-action">
1115	- <?php esc_html_e('Add New Snippet', 'header-footer-code-manager') ?>
1116	</a>
1117	</h1>
1118
1119	<form method="post">
1120	<?php
1121	$snippet_obj->prepare_items();
1122	- $snippet_obj->search_box(__('Search Snippets', 'header-footer-code-manager'), 'search_id');
1123	$snippet_obj->display();
1124	?>
1125	</form>
	@@ -1128,17 +1142,17 @@ if (!class_exists('NNR_HFCM') ) :
1128	<?php
1129
1130	// Register the script
1131	- wp_register_script('hfcm_toggle', plugins_url('js/toggle.js', __FILE__));
1132
1133	// Localize the script with new data
1134	$translation_array = array(
1135	- 'url' => admin_url('admin.php'),
1136	- 'security' => wp_create_nonce('hfcm-toggle-snippet'),
1137	);
1138	- wp_localize_script('hfcm_toggle', 'hfcm_ajax', $translation_array);
1139
1140	// Enqueued script with localized data.
1141	- wp_enqueue_script('hfcm_toggle');
1142	}
1143
1144	/*
	@@ -1149,9 +1163,9 @@ if (!class_exists('NNR_HFCM') ) :
1149	global $wpdb;
1150	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1151
1152	- $nnr_hfcm_snippets = $wpdb->get_results("SELECT * from `{$nnr_hfcm_table_name}`");
1153
1154	- include_once plugin_dir_path(__FILE__) . 'includes/hfcm-tools.php';
1155	}
1156
1157	/*
	@@ -1162,36 +1176,36 @@ if (!class_exists('NNR_HFCM') ) :
1162	global $wpdb;
1163	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1164
1165	- if (!empty($_POST['nnr_hfcm_snippets']) && !empty($_POST['action']) && ($_POST['action'] == "download") && check_admin_referer('hfcm-nonce') ) {
1166	$nnr_hfcm_snippets_comma_separated = "";
1167	foreach ( $_POST['nnr_hfcm_snippets'] as $nnr_hfcm_key => $nnr_hfcm_snippet ) {
1168	- $nnr_hfcm_snippet = str_replace("snippet_", "", sanitize_text_field($nnr_hfcm_snippet));
1169	- $nnr_hfcm_snippet = absint($nnr_hfcm_snippet);
1170	- if (!empty($nnr_hfcm_snippet) ) {
1171	- if (empty($nnr_hfcm_snippets_comma_separated) ) {
1172	$nnr_hfcm_snippets_comma_separated .= $nnr_hfcm_snippet;
1173	} else {
1174	$nnr_hfcm_snippets_comma_separated .= "," . $nnr_hfcm_snippet;
1175	}
1176	}
1177	}
1178	- if (!empty($nnr_hfcm_snippets_comma_separated) ) {
1179	$nnr_hfcm_snippets = $wpdb->get_results(
1180	- "SELECT * FROM `{$nnr_hfcm_table_name}` WHERE script_id IN (".$nnr_hfcm_snippets_comma_separated.")"
1181	);
1182
1183	- if (!empty($nnr_hfcm_snippets) ) {
1184	$nnr_hfcm_export_snippets = array( "title" => "Header Footer Code Manager" );
1185
1186	foreach ( $nnr_hfcm_snippets as $nnr_hfcm_snippet_key => $nnr_hfcm_snippet_item ) {
1187	- unset($nnr_hfcm_snippet_item->script_id);
1188	$nnr_hfcm_export_snippets['snippets'][ $nnr_hfcm_snippet_key ] = $nnr_hfcm_snippet_item;
1189	}
1190	- $file_name = 'hfcm-export-' . date('Y-m-d') . '.json';
1191	- header("Content-Description: File Transfer");
1192	- header("Content-Disposition: attachment; filename={$file_name}");
1193	- header("Content-Type: application/json; charset=utf-8");
1194	- echo json_encode($nnr_hfcm_export_snippets, JSON_PRETTY_PRINT \| JSON_UNESCAPED_UNICODE);
1195	}
1196	}
1197	die;
	@@ -1203,11 +1217,11 @@ if (!class_exists('NNR_HFCM') ) :
1203	*/
1204	public static function hfcm_import_snippets()
1205	{
1206	- if (!empty($_FILES['nnr_hfcm_import_file']['tmp_name']) && check_admin_referer('hfcm-nonce') ) {
1207	- if (!empty($_FILES['nnr_hfcm_pro_import_file']['type']) && $_FILES['nnr_hfcm_pro_import_file']['type'] != "application/json" ) {
1208	?>
1209	<div class="notice hfcm-warning-notice notice-warning">
1210	- <?php _e('Please upload a valid import file', 'header-footer-code-manager'); ?>
1211	</div>
1212	<?php
1213	return;
	@@ -1216,13 +1230,13 @@ if (!class_exists('NNR_HFCM') ) :
1216	global $wpdb;
1217	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1218
1219	- $nnr_hfcm_snippets_json = file_get_contents($_FILES['nnr_hfcm_import_file']['tmp_name']);
1220	- $nnr_hfcm_snippets = json_decode($nnr_hfcm_snippets_json);
1221
1222	- if (empty($nnr_hfcm_snippets->title) \|\| (!empty($nnr_hfcm_snippets->title) && $nnr_hfcm_snippets->title != "Header Footer Code Manager") ) {
1223	?>
1224	<div class="notice hfcm-warning-notice notice-warning">
1225	- <?php _e('Please upload a valid import file', 'header-footer-code-manager'); ?>
1226	</div>
1227	<?php
1228	return;
	@@ -1231,17 +1245,17 @@ if (!class_exists('NNR_HFCM') ) :
1231	$nnr_non_script_snippets = 1;
1232	foreach ( $nnr_hfcm_snippets->snippets as $nnr_hfcm_key => $nnr_hfcm_snippet ) {
1233	$nnr_hfcm_snippet = (array) $nnr_hfcm_snippet;
1234	- if (!empty($nnr_hfcm_snippet['snippet_type']) && !in_array(
1235	- $nnr_hfcm_snippet['snippet_type'], array( "html", "css", "js" )
1236	- )
1237	) {
1238	$nnr_non_script_snippets = 2;
1239	continue;
1240	}
1241	- if (!empty($nnr_hfcm_snippet['location']) && !in_array(
1242	- $nnr_hfcm_snippet['location'], array( 'header', 'before_content', 'after_content',
1243	'footer' )
1244	- )
1245	) {
1246	$nnr_non_script_snippets = 2;
1247	continue;
	@@ -1254,12 +1268,12 @@ if (!class_exists('NNR_HFCM') ) :
1254	"created_by", "last_modified_by", "created", "last_revision_date"
1255	);
1256	foreach ( $nnr_hfcm_snippet as $nnr_key => $nnr_item ) {
1257	- $nnr_key = sanitize_text_field($nnr_key);
1258	- if (in_array($nnr_key, $nnr_hfcm_keys) ) {
1259	- if ($nnr_key == "lp_count" ) {
1260	- $nnr_item = absint($nnr_item);
1261	- } elseif ($nnr_key != "snippet" ) {
1262	- $nnr_item = sanitize_text_field($nnr_item);
1263	}
1264	$nnr_hfcm_sanitizes_snippet[ $nnr_key ] = $nnr_item;
1265	}
	@@ -1291,7 +1305,7 @@ if (!class_exists('NNR_HFCM') ) :
1291	);
1292	}
1293
1294	- self::hfcm_redirect(admin_url('admin.php?page=hfcm-list&import=' . $nnr_non_script_snippets));
1295	}
1296	}
1297
	@@ -1302,7 +1316,7 @@ if (!class_exists('NNR_HFCM') ) :
1302	*/
1303	public static function is_hfcm_pro_active()
1304	{
1305	- if (is_plugin_active('header-footer-code-manager-pro/header-footer-code-manager-pro.php') ) {
1306	return true;
1307	}
1308
	@@ -1317,7 +1331,7 @@ if (!class_exists('NNR_HFCM') ) :
1317	);
1318	$output = 'objects'; // or objects
1319	$operator = 'and'; // 'and' or 'or'
1320	- $taxonomies = get_taxonomies($args, $output, $operator);
1321
1322	$nnr_hfcm_categories = [];
1323
	@@ -1347,7 +1361,7 @@ if (!class_exists('NNR_HFCM') ) :
1347	);
1348	$output = 'objects'; // or objects
1349	$operator = 'and'; // 'and' or 'or'
1350	- $taxonomies = get_taxonomies($args, $output, $operator);
1351
1352	$nnr_hfcm_tags = [];
1353


3	* Plugin Name: Header Footer Code Manager
4	* Plugin URI: https://draftpress.com/products
5	* Description: Header Footer Code Manager by 99 Robots is a quick and simple way for you to add tracking code snippets, conversion pixels, or other scripts required by third party services for analytics, tracking, marketing, or chat functions. For detailed documentation, please visit the plugin's <a href="https://draftpress.com/"> official page</a>.
6	+ * Version: 1.1.30
7	* Requires at least: 4.9
8	* Requires PHP: 5.6.20
9	* Author: 99robots

16	/*
17	* If this file is called directly, abort.
18	*/
19	+ if ( !defined( 'WPINC' ) ) {
20	die;
21	}
22
23	+ register_activation_hook( __FILE__, array( 'NNR_HFCM', 'hfcm_options_install' ) );
24	+ add_action( 'plugins_loaded', array( 'NNR_HFCM', 'hfcm_db_update_check' ) );
25	+ add_action( 'admin_enqueue_scripts', array( 'NNR_HFCM', 'hfcm_enqueue_assets' ) );
26	+ add_action( 'plugins_loaded', array( 'NNR_HFCM', 'hfcm_load_translation_files' ) );
27	+ add_action( 'admin_menu', array( 'NNR_HFCM', 'hfcm_modifymenu' ) );
28	add_filter(
29	+ 'plugin_action_links_' . plugin_basename( __FILE__ ), array(
30	'NNR_HFCM',
31	'hfcm_add_plugin_page_settings_link'
32	)
33	);
34	+ add_action( 'admin_init', array( 'NNR_HFCM', 'hfcm_init' ) );
35	+ add_shortcode( 'hfcm', array( 'NNR_HFCM', 'hfcm_shortcode' ) );
36	+ add_action( 'wp_head', array( 'NNR_HFCM', 'hfcm_header_scripts' ) );
37	+ add_action( 'wp_footer', array( 'NNR_HFCM', 'hfcm_footer_scripts' ) );
38	+ add_action( 'the_content', array( 'NNR_HFCM', 'hfcm_content_scripts' ) );
39	+ add_action( 'wp_ajax_hfcm-request', array( 'NNR_HFCM', 'hfcm_request_handler' ) );
40
41	// Files containing submenu functions
42	+ require_once plugin_dir_path( __FILE__ ) . 'includes/class-hfcm-snippets-list.php';
43
44	+ if ( !class_exists( 'NNR_HFCM' ) ) :
45
46	class NNR_HFCM
47	{

64	*/
65	public static function hfcm_options_install()
66	{
67	+ $hfcm_now = strtotime( "now" );
68	+ add_option( 'hfcm_activation_date', $hfcm_now );
69	+ update_option( 'hfcm_activation_date', $hfcm_now );
70
71	global $wpdb;
72

97	) $charset_collate";
98
99	include_once ABSPATH . 'wp-admin/includes/upgrade.php';
100	+ dbDelta( $sql );
101	+ add_option( 'hfcm_db_version', self::$nnr_hfcm_db_version );
102	}
103
104	/*

109	global $wpdb;
110
111	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
112	+ if ( get_option( 'hfcm_db_version' ) != self::$nnr_hfcm_db_version ) {
113	$wpdb->show_errors();
114
115	+ if ( !empty( $wpdb->dbname ) ) {
116	// Check for Exclude Pages
117	$nnr_column_ex_pages = 'ex_pages';
118	$nnr_check_column_ex_pages = $wpdb->get_results(

123	$nnr_column_ex_pages
124	)
125	);
126	+ if ( empty( $nnr_check_column_ex_pages ) ) {
127	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_pages` varchar(300) DEFAULT 0 AFTER `s_pages`";
128	+ $wpdb->query( $nnr_alter_sql );
129	}
130
131	// Check for Exclude Posts

138	$nnr_column_ex_posts
139	)
140	);
141	+ if ( empty( $nnr_check_column_ex_posts ) ) {
142	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `ex_posts` varchar(300) DEFAULT 0 AFTER `s_posts`";
143	+ $wpdb->query( $nnr_alter_sql );
144	}
145
146	// Check for Snippet Type

153	$nnr_column_snippet_type
154	)
155	);
156	+ if ( empty( $nnr_check_column_snippet_type ) ) {
157	$nnr_alter_sql = "ALTER TABLE `{$table_name}` ADD `snippet_type` enum('html', 'js', 'css') DEFAULT 'html' AFTER `snippet`";
158	+ $wpdb->query( $nnr_alter_sql );
159	}
160
161	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `snippet` `snippet` LONGTEXT NULL";
162	+ $wpdb->query( $nnr_alter_sql );
163
164	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `display_on` `display_on` ENUM('All','s_pages','s_posts','s_categories','s_custom_posts','s_tags','s_is_home','s_is_archive','s_is_search','latest_posts','manual') DEFAULT 'All' NOT NULL";
165	+ $wpdb->query( $nnr_alter_sql );
166
167	$nnr_alter_sql = "ALTER TABLE `{$table_name}` CHANGE `s_pages` `s_pages` MEDIUMTEXT NULL, CHANGE `ex_pages` `ex_pages` MEDIUMTEXT NULL, CHANGE `s_posts` `s_posts` MEDIUMTEXT NULL, CHANGE `ex_posts` `ex_posts` MEDIUMTEXT NULL";
168	+ $wpdb->query( $nnr_alter_sql );
169	}
170	self::hfcm_options_install();
171	}
172	+ update_option( 'hfcm_db_version', self::$nnr_hfcm_db_version );
173	}
174
175	/*

183	'admin_page_hfcm-update',
184	);
185
186	+ wp_register_style( 'hfcm_general_admin_assets', plugins_url( 'css/style-general-admin.css', __FILE__ ) );
187	+ wp_enqueue_style( 'hfcm_general_admin_assets' );
188
189	+ if ( in_array( $hook, $allowed_pages ) ) {
190	// Plugin's CSS
191	+ wp_register_style( 'hfcm_assets', plugins_url( 'css/style-admin.css', __FILE__ ) );
192	+ wp_enqueue_style( 'hfcm_assets' );
193	}
194
195	// Remove hfcm-list from $allowed_pages
196	+ array_shift( $allowed_pages );
197
198	+ if ( in_array( $hook, $allowed_pages ) ) {
199	// selectize.js plugin CSS and JS files
200	+ wp_register_style( 'selectize-css', plugins_url( 'css/selectize.bootstrap3.css', __FILE__ ) );
201	+ wp_enqueue_style( 'selectize-css' );
202
203	+ wp_register_script( 'selectize-js', plugins_url( 'js/selectize.min.js', __FILE__ ), array( 'jquery' ) );
204	+ wp_enqueue_script( 'selectize-js' );
205
206	+ wp_enqueue_code_editor( array( 'type' => 'text/html' ) );
207	}
208	}
209

213
214	public static function hfcm_load_translation_files()
215	{
216	+ load_plugin_textdomain( 'header-footer-code-manager', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
217	}
218
219	/*

224
225	// This is the main item for the menu
226	add_menu_page(
227	+ __( 'Header Footer Code Manager', 'header-footer-code-manager' ),
228	+ __( 'HFCM', 'header-footer-code-manager' ),
229	'manage_options',
230	'hfcm-list',
231	array( 'NNR_HFCM', 'hfcm_list' ),

235	// This is a submenu
236	add_submenu_page(
237	'hfcm-list',
238	+ __( 'All Snippets', 'header-footer-code-manager' ),
239	+ __( 'All Snippets', 'header-footer-code-manager' ),
240	'manage_options',
241	'hfcm-list',
242	array( 'NNR_HFCM', 'hfcm_list' )

245	// This is a submenu
246	add_submenu_page(
247	'hfcm-list',
248	+ __( 'Add New Snippet', 'header-footer-code-manager' ),
249	+ __( 'Add New', 'header-footer-code-manager' ),
250	'manage_options',
251	'hfcm-create',
252	array( 'NNR_HFCM', 'hfcm_create' )

255	// This is a submenu
256	add_submenu_page(
257	'hfcm-list',
258	+ __( 'Tools', 'header-footer-code-manager' ),
259	+ __( 'Tools', 'header-footer-code-manager' ),
260	'manage_options',
261	'hfcm-tools',
262	array( 'NNR_HFCM', 'hfcm_tools' )

265	// This submenu is HIDDEN, however, we need to add it anyways
266	add_submenu_page(
267	null,
268	+ __( 'Update Script', 'header-footer-code-manager' ),
269	+ __( 'Update', 'header-footer-code-manager' ),
270	'manage_options',
271	'hfcm-update',
272	array( 'NNR_HFCM', 'hfcm_update' )

275	// This submenu is HIDDEN, however, we need to add it anyways
276	add_submenu_page(
277	null,
278	+ __( 'Request Handler Script', 'header-footer-code-manager' ),
279	+ __( 'Request Handler', 'header-footer-code-manager' ),
280	'manage_options',
281	'hfcm-request-handler',
282	array( 'NNR_HFCM', 'hfcm_request_handler' )

289	public static function hfcm_add_plugin_page_settings_link( $links )
290	{
291	$links = array_merge(
292	+ array( '<a href="' . admin_url( 'admin.php?page=hfcm-list' ) . '">' . __( 'Settings' ) . '</a>' ),
293	$links
294	);
295	return $links;

300	*/
301	public static function hfcm_check_installation_date()
302	{
303	+ $install_date = get_option( 'hfcm_activation_date' );
304	+ $past_date = strtotime( '-7 days' );
305
306	+ if ( $past_date >= $install_date ) {
307	+ add_action( 'admin_notices', array( 'NNR_HFCM', 'hfcm_review_push_notice' ) );
308	}
309	+ add_action( 'admin_notices', array( 'NNR_HFCM', 'hfcm_static_notices' ) );
310	}
311
312	/*

323
324	$user_id = get_current_user_id();
325	// Check if current user has already dismissed it
326	+ $install_date = get_option( 'hfcm_activation_date' );
327
328	+ if ( !get_user_meta( $user_id, 'hfcm_plugin_notice_dismissed' ) && in_array( $screen, $allowed_pages_notices ) ) {
329	?>
330	<div id="hfcm-message" class="notice notice-success">
331	<a class="hfcm-dismiss-alert notice-dismiss" href="?hfcm-admin-notice-dismissed">Dismiss</a>
332	+ <p><?php _e( 'Hey there! You’ve been using the <strong>Header Footer Code Manager</strong> plugin for a while now. If you like the plugin, please support our awesome development and support team by leaving a <a class="hfcm-review-stars" href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/"><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span><span class="dashicons dashicons-star-filled"></span></a> rating. <a href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/">Rate it!</a> It’ll mean the world to us and keep this plugin free and constantly updated. <a href="https://wordpress.org/support/plugin/header-footer-code-manager/reviews/">Leave A Review</a>', 'header-footer-code-manager' ); ?>
333	</p>
334	</div>
335	<?php

348	);
349	$screen = get_current_screen()->id;
350
351	+ if ( in_array( $screen, $allowed_pages_notices ) ) {
352	?>
353	<div id="hfcm-message" class="notice notice-success">
354	<p>

370	{
371	$user_id = get_current_user_id();
372	// Checking if user clicked on the Dismiss button
373	+ if ( isset( $_GET['hfcm-admin-notice-dismissed'] ) ) {
374	+ add_user_meta( $user_id, 'hfcm_plugin_notice_dismissed', 'true', true );
375	// Redirect to original page the user was on
376	$current_url = wp_get_referer();
377	+ wp_redirect( $current_url );
378	exit;
379	}
380	}

384	*/
385	public static function hfcm_render_snippet( $scriptdata )
386	{
387	+ $output = "<!-- HFCM by 99 Robots - Snippet # " . absint( $scriptdata->script_id ) . ": " . esc_html( $scriptdata->name ) . " -->\n" . html_entity_decode( $scriptdata->snippet ) . "\n<!-- /end HFCM by 99 Robots -->\n";
388
389	return $output;
390	}

396	{
397	global $wpdb;
398	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
399	+ if ( !empty( $atts['id'] ) ) {
400	+ $id = absint( $atts['id'] );
401	$hide_device = wp_is_mobile() ? 'desktop' : 'mobile';
402	$script = $wpdb->get_results(
403	$wpdb->prepare(

406	$id
407	)
408	);
409	+ if ( !empty( $script ) ) {
410	+ return self::hfcm_render_snippet( $script[0] );
411	}
412	}
413	}

417	*/
418	public static function hfcm_not_empty( $scriptdata, $prop_name )
419	{
420	+ $data = json_decode( $scriptdata->{$prop_name} );
421	+ if ( empty( $data ) ) {
422	return false;
423	}
424	return true;

439	$nnr_hfcm_snippets_sql = "SELECT * FROM `{$table_name}` WHERE status='active' AND device_type!=%s";
440	$nnr_hfcm_snippet_placeholder_args = [ $hide_device ];
441
442	+ if ( $location && in_array( $location, array( 'header', 'footer' ) ) ) {
443	$nnr_hfcm_snippets_sql .= " AND location=%s";
444	$nnr_hfcm_snippet_placeholder_args[] = $location;
445	} else {

452	)
453	);
454
455	+ if ( !empty( $script ) ) {
456	foreach ( $script as $key => $scriptdata ) {
457	$out = '';
458	switch ( $scriptdata->display_on ) {
459	+ case 'All':
460
461	+ $is_not_empty_ex_pages = self::hfcm_not_empty( $scriptdata, 'ex_pages' );
462	+ $is_not_empty_ex_posts = self::hfcm_not_empty( $scriptdata, 'ex_posts' );
463	+ if ( ($is_not_empty_ex_pages && is_page( json_decode( $scriptdata->ex_pages ) )) \|\| ($is_not_empty_ex_posts && is_single( json_decode( $scriptdata->ex_posts ) )) ) {
464	+ $out = '';












465	} else {
466	+ $out = self::hfcm_render_snippet( $scriptdata );




467	}
468	+ break;
469	+ case 'latest_posts':
470	+ if ( is_single() ) {
471	+ if ( !empty( $scriptdata->lp_count ) ) {
472	+ $nnr_hfcm_latest_posts = wp_get_recent_posts(
473	+ array(
474	+ 'numberposts' => absint( $scriptdata->lp_count ),
475	+ )
476	+ );
477	+ } else {
478	+ $nnr_hfcm_latest_posts = wp_get_recent_posts(
479	+ array(
480	+ 'numberposts' => 5
481	+ )
482	+ );
483	+ }
484
485	+ foreach ( $nnr_hfcm_latest_posts as $key => $lpostdata ) {
486	+ if ( get_the_ID() == $lpostdata['ID'] ) {
487	+ $out = self::hfcm_render_snippet( $scriptdata );
488	+ }
489	}
490	}
491	+ break;
492	+ case 's_categories':
493	+ $is_not_empty_s_categories = self::hfcm_not_empty( $scriptdata, 's_categories' );
494	+ if ( $is_not_empty_s_categories && in_category( json_decode( $scriptdata->s_categories ) ) ) {
495	+ if ( is_category( json_decode( $scriptdata->s_categories ) ) ) {
496	+ $out = self::hfcm_render_snippet( $scriptdata );
497	+ }
498	+ if ( !is_archive() && !is_home() ) {
499	+ $out = self::hfcm_render_snippet( $scriptdata );
500	+ }
501	}
502	+ break;
503	+ case 's_custom_posts':
504	+ $is_not_empty_s_custom_posts = self::hfcm_not_empty( $scriptdata, 's_custom_posts' );
505	+ if ( $is_not_empty_s_custom_posts && is_singular( json_decode( $scriptdata->s_custom_posts ) ) ) {
506	+ $out = self::hfcm_render_snippet( $scriptdata );
507	}
508	+ break;
509	+ case 's_posts':
510	+ $is_not_empty_s_posts = self::hfcm_not_empty( $scriptdata, 's_posts' );
511	+ if ( $is_not_empty_s_posts && is_single( json_decode( $scriptdata->s_posts ) ) ) {
512	+ $out = self::hfcm_render_snippet( $scriptdata );




































513	}
514	+ break;
515	+ case 's_is_home':
516	+ if ( is_home() \|\| is_front_page() ) {
517	+ $out = self::hfcm_render_snippet( $scriptdata );



518	}
519	+ break;
520	+ case 's_is_archive':
521	+ if ( is_archive() ) {
522	+ $out = self::hfcm_render_snippet( $scriptdata );
523	+ }
524	+ break;
525	+ case 's_is_search':
526	+ if ( is_search() ) {
527	+ $out = self::hfcm_render_snippet( $scriptdata );
528	+ }
529	+ break;
530	+ case 's_pages':
531	+ $is_not_empty_s_pages = self::hfcm_not_empty( $scriptdata, 's_pages' );
532	+ if ( $is_not_empty_s_pages ) {
533	+ // Gets the page ID of the blog page
534	+ $blog_page = get_option( 'page_for_posts' );
535	+ // Checks if the blog page is present in the array of selected pages
536	+ if ( in_array( $blog_page, json_decode( $scriptdata->s_pages ) ) ) {
537	+ if ( is_page( json_decode( $scriptdata->s_pages ) ) \|\| (!is_front_page() && is_home()) ) {
538	+ $out = self::hfcm_render_snippet( $scriptdata );
539	+ }
540	+ } elseif ( is_page( json_decode( $scriptdata->s_pages ) ) ) {
541	+ $out = self::hfcm_render_snippet( $scriptdata );
542	+ }
543	+ }
544	+ break;
545	+ case 's_tags':
546	+ $is_not_empty_s_tags = self::hfcm_not_empty( $scriptdata, 's_tags' );
547	+ if ( $is_not_empty_s_tags && has_tag( json_decode( $scriptdata->s_tags ) ) ) {
548	+ if ( is_tag( json_decode( $scriptdata->s_tags ) ) ) {
549	+ $out = self::hfcm_render_snippet( $scriptdata );
550	+ }
551	+ if ( !is_archive() && !is_home() ) {
552	+ $out = self::hfcm_render_snippet( $scriptdata );
553	+ }
554	}

555	}
556
557	switch ( $scriptdata->location ) {
558	+ case 'before_content':
559	+ $beforecontent .= $out;
560	+ break;
561	+ case 'after_content':
562	+ $aftercontent .= $out;
563	+ break;
564	+ default:
565	+ echo $out;
566	}
567	}
568	}

575	*/
576	public static function hfcm_header_scripts()
577	{
578	+ if ( !is_feed() ) {
579	+ self::hfcm_add_snippets( 'header' );
580	}
581	}
582

585	*/
586	public static function hfcm_footer_scripts()
587	{
588	+ if ( !is_feed() ) {
589	self::hfcm_add_snippets( 'footer' );
590	}
591	}

595	*/
596	public static function hfcm_content_scripts( $content )
597	{
598	+ if ( !is_feed() ) {
599	return self::hfcm_add_snippets( false, $content );
600	} else {
601	return $content;

608	public static function hfcm_redirect( $url = '' )
609	{
610	// Register the script
611	+ wp_register_script( 'hfcm_redirection', plugins_url( 'js/location.js', __FILE__ ) );
612
613	// Localize the script with new data
614	$translation_array = array( 'url' => $url );
615	+ wp_localize_script( 'hfcm_redirection', 'hfcm_location', $translation_array );
616
617	// Enqueued script with localized data.
618	+ wp_enqueue_script( 'hfcm_redirection' );
619	}
620
621	/*

623	*/
624	public static function hfcm_sanitize_text( $key, $is_not_snippet = true )
625	{
626	+ if ( !empty( $_POST['data'][ $key ] ) ) {
627	+ $post_data = stripslashes_deep( $_POST['data'][ $key ] );
628	+ if ( $is_not_snippet ) {
629	+ $post_data = sanitize_text_field( $post_data );
630	} else {
631	+ $post_data = htmlentities( $post_data );
632	}
633	return $post_data;
634	}

641	*/
642	public static function hfcm_sanitize_array( $key, $type = 'integer' )
643	{
644	+ if ( !empty( $_POST['data'][ $key ] ) ) {
645	$arr = $_POST['data'][ $key ];
646
647	+ if ( !is_array( $arr ) ) {
648	return array();
649	}
650
651	+ if ( 'integer' === $type ) {
652	+ return array_map( 'absint', $arr );
653	} else { // strings
654	$new_array = array();
655	foreach ( $arr as $val ) {
656	+ $new_array[] = sanitize_text_field( $val );
657	}
658	}
659

668	*/
669	public static function hfcm_create()
670	{

671	// check user capabilities
672	+ $nnr_hfcm_can_edit = current_user_can( 'manage_options' );
673	+
674	+ if ( !$nnr_hfcm_can_edit ) {
675	+ echo 'Sorry, you do not have access to this page.';
676	+ return false;
677	+ }
678
679	// prepare variables for includes/hfcm-add-edit.php
680	$name = '';

696	// Notify hfcm-add-edit.php NOT to make changes for update
697	$update = false;
698
699	+ include_once plugin_dir_path( __FILE__ ) . 'includes/hfcm-add-edit.php';
700	}
701
702	/*

705	public static function hfcm_request_handler()
706	{
707
708	+ // check user capabilities
709	+ $nnr_hfcm_can_edit = current_user_can( 'manage_options' );
710	+
711	+ if ( !$nnr_hfcm_can_edit ) {
712	+ echo 'Sorry, you do not have access to this page.';
713	+ return false;
714	+ }
715
716	+ if ( isset( $_POST['insert'] ) ) {
717	// Check nonce
718	+ check_admin_referer( 'create-snippet' );
719	} else {
720	+ if ( empty( $_REQUEST['id'] ) ) {
721	+ die( 'Missing ID parameter.' );
722	}
723	+ $id = absint( $_REQUEST['id'] );
724	}
725	+ if ( isset( $_POST['update'] ) ) {
726	// Check nonce
727	+ check_admin_referer( 'update-snippet_' . $id );
728	}
729
730	// Handle AJAX on/off toggle for snippets
731	+ if ( isset( $_REQUEST['toggle'] ) && !empty( $_REQUEST['togvalue'] ) ) {
732
733	// Check nonce
734	+ check_ajax_referer( 'hfcm-toggle-snippet', 'security' );
735
736	+ if ( 'on' === $_REQUEST['togvalue'] ) {
737	$status = 'active';
738	} else {
739	$status = 'inactive';

751	array( '%s' ) //where format
752	);
753
754	+ } elseif ( isset( $_POST['insert'] ) \|\| isset( $_POST['update'] ) ) {
755
756	// Create / update snippet
757
758	// Sanitize fields
759	+ $name = self::hfcm_sanitize_text( 'name' );
760	+ $snippet = self::hfcm_sanitize_text( 'snippet', false );
761	+ $nnr_snippet_type = self::hfcm_sanitize_text( 'snippet_type' );
762	+ $device_type = self::hfcm_sanitize_text( 'device_type' );
763	+ $display_on = self::hfcm_sanitize_text( 'display_on' );
764	+ $location = self::hfcm_sanitize_text( 'location' );
765	+ $lp_count = self::hfcm_sanitize_text( 'lp_count' );
766	+ $status = self::hfcm_sanitize_text( 'status' );
767	+ $s_pages = self::hfcm_sanitize_array( 's_pages' );
768	+ $ex_pages = self::hfcm_sanitize_array( 'ex_pages' );
769	+ $s_posts = self::hfcm_sanitize_array( 's_posts' );
770	+ $ex_posts = self::hfcm_sanitize_array( 'ex_posts' );
771	+ $s_custom_posts = self::hfcm_sanitize_array( 's_custom_posts', 'string' );
772	+ $s_categories = self::hfcm_sanitize_array( 's_categories' );
773	+ $s_tags = self::hfcm_sanitize_array( 's_tags' );
774	+
775	+ if ( 'manual' === $display_on ) {
776	$location = '';
777	}
778	+ $lp_count = max( 1, (int) $lp_count );
779
780	// Global vars
781	global $wpdb;

783	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
784
785	// Update snippet
786	+ if ( isset( $id ) ) {
787
788	$wpdb->update(
789	$table_name, //table

797	'display_on' => $display_on,
798	'status' => $status,
799	'lp_count' => $lp_count,
800	+ 's_pages' => wp_json_encode( $s_pages ),
801	+ 'ex_pages' => wp_json_encode( $ex_pages ),
802	+ 's_posts' => wp_json_encode( $s_posts ),
803	+ 'ex_posts' => wp_json_encode( $ex_posts ),
804	+ 's_custom_posts' => wp_json_encode( $s_custom_posts ),
805	+ 's_categories' => wp_json_encode( $s_categories ),
806	+ 's_tags' => wp_json_encode( $s_tags ),
807	+ 'last_revision_date' => current_time( 'Y-m-d H:i:s' ),
808	+ 'last_modified_by' => sanitize_text_field( $current_user->display_name ),
809	),
810	// Where
811	array( 'script_id' => $id ),

824	// Where format
825	array( '%s' )
826	);
827	+ self::hfcm_redirect( admin_url( 'admin.php?page=hfcm-update&message=1&id=' . $id ) );
828	} else {
829
830	// Create new snippet

839	'display_on' => $display_on,
840	'status' => $status,
841	'lp_count' => $lp_count,
842	+ 's_pages' => wp_json_encode( $s_pages ),
843	+ 'ex_pages' => wp_json_encode( $ex_pages ),
844	+ 's_posts' => wp_json_encode( $s_posts ),
845	+ 'ex_posts' => wp_json_encode( $ex_posts ),
846	+ 's_custom_posts' => wp_json_encode( $s_custom_posts ),
847	+ 's_categories' => wp_json_encode( $s_categories ),
848	+ 's_tags' => wp_json_encode( $s_tags ),
849	+ 'created' => current_time( 'Y-m-d H:i:s' ),
850	+ 'created_by' => sanitize_text_field( $current_user->display_name ),
851	), array(
852	'%s',
853	'%s',

869	)
870	);
871	$lastid = $wpdb->insert_id;
872	+ self::hfcm_redirect( admin_url( 'admin.php?page=hfcm-update&message=6&id=' . $lastid ) );
873	}
874	+ } elseif ( isset( $_POST['get_posts'] ) ) {
875
876	// JSON return posts for AJAX
877
878	// Check nonce
879	+ check_ajax_referer( 'hfcm-get-posts', 'security' );
880
881	// Global vars
882	global $wpdb;
883	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
884	// Get all selected posts
885	+ if ( -1 === $id ) {
886	$s_posts = array();
887	$ex_posts = array();
888	} else {
889	// Select value to update
890	$script = $wpdb->get_results(
891	+ $wpdb->prepare( "SELECT s_posts FROM `{$table_name}` WHERE script_id=%s", $id )
892	);
893	$s_posts = array();
894	+ if ( !empty( $script ) ) {
895	foreach ( $script as $s ) {
896	+ $s_posts = json_decode( $s->s_posts );
897	+ if ( !is_array( $s_posts ) ) {
898	$s_posts = array();
899	}
900	}

902
903	$ex_posts = array();
904	$script_ex = $wpdb->get_results(
905	+ $wpdb->prepare( "SELECT ex_posts FROM `{$table_name}` WHERE script_id=%s", $id )
906	);
907	+ if ( !empty( $script_ex ) ) {
908	foreach ( $script_ex as $s ) {
909	+ $ex_posts = json_decode( $s->ex_posts );
910	+ if ( !is_array( $ex_posts ) ) {
911	$ex_posts = array();
912	}
913	}

923	$output = 'names'; // names or objects, note names is the default
924	$operator = 'and'; // 'and' or 'or'
925
926	+ $c_posttypes = get_post_types( $args, $output, $operator );
927	$posttypes = array( 'post' );
928	foreach ( $c_posttypes as $cpdata ) {
929	$posttypes[] = $cpdata;

944	'excluded' => array(),
945	);
946
947	+ if ( !empty( $posts ) ) {
948	foreach ( $posts as $pdata ) {
949	+ $nnr_hfcm_post_title = trim( $pdata->post_title );
950
951	+ if ( empty( $nnr_hfcm_post_title ) ) {
952	$nnr_hfcm_post_title = "(no title)";
953	}
954	+ if ( !empty( $ex_posts ) && in_array( $pdata->ID, $ex_posts ) ) {
955	$json_output['excluded'][] = $pdata->ID;
956	}
957
958	+ if ( !empty( $s_posts ) && in_array( $pdata->ID, $s_posts ) ) {
959	$json_output['selected'][] = $pdata->ID;
960	}
961
962	$json_output['posts'][] = array(
963	+ 'text' => sanitize_text_field( $nnr_hfcm_post_title ),
964	'value' => $pdata->ID,
965	);
966	}
967	}
968
969	+ echo wp_json_encode( $json_output );
970	wp_die();
971	}
972	}

977	public static function hfcm_update()
978	{
979
980	+ add_action( 'wp_enqueue_scripts', 'hfcm_selectize_enqueue' );
981
982	// check user capabilities
983	+ $nnr_hfcm_can_edit = current_user_can( 'manage_options' );
984
985	+ if ( !$nnr_hfcm_can_edit ) {
986	+ echo 'Sorry, you do not have access to this page.';
987	+ return false;
988	}
989	+
990	+ if ( empty( $_GET['id'] ) ) {
991	+ die( 'Missing ID parameter.' );
992	+ }
993	+ $id = absint( $_GET['id'] );
994
995	global $wpdb;
996	$table_name = $wpdb->prefix . self::$nnr_hfcm_table;
997
998	//selecting value to update
999	$nnr_hfcm_snippets = $wpdb->get_results(
1000	+ $wpdb->prepare( "SELECT * FROM `{$table_name}` WHERE script_id=%s", $id )
1001	);
1002	foreach ( $nnr_hfcm_snippets as $s ) {
1003	$name = $s->name;

1008	$display_on = $s->display_on;
1009	$status = $s->status;
1010	$lp_count = $s->lp_count;
1011	+ if ( empty( $lp_count ) ) {
1012	$lp_count = 5;
1013	}
1014	+ $s_pages = json_decode( $s->s_pages );
1015	+ $ex_pages = json_decode( $s->ex_pages );
1016	+ $ex_posts = json_decode( $s->ex_posts );
1017
1018	+ if ( !is_array( $s_pages ) ) {
1019	$s_pages = array();
1020	}
1021
1022	+ if ( !is_array( $ex_pages ) ) {
1023	$ex_pages = array();
1024	}
1025
1026	+ $s_posts = json_decode( $s->s_posts );
1027	+ if ( !is_array( $s_posts ) ) {
1028	$s_posts = array();
1029	}
1030
1031	+ $ex_posts = json_decode( $s->ex_posts );
1032	+ if ( !is_array( $ex_posts ) ) {
1033	$ex_posts = array();
1034	}
1035
1036	+ $s_custom_posts = json_decode( $s->s_custom_posts );
1037	+ if ( !is_array( $s_custom_posts ) ) {
1038	$s_custom_posts = array();
1039	}
1040
1041	+ $s_categories = json_decode( $s->s_categories );
1042	+ if ( !is_array( $s_categories ) ) {
1043	$s_categories = array();
1044	}
1045
1046	+ $s_tags = json_decode( $s->s_tags );
1047	+ if ( !is_array( $s_tags ) ) {
1048	$s_tags = array();
1049	}
1050
1051	+ $createdby = esc_html( $s->created_by );
1052	+ $lastmodifiedby = esc_html( $s->last_modified_by );
1053	+ $createdon = esc_html( $s->created );
1054	+ $lastrevisiondate = esc_html( $s->last_revision_date );
1055	}
1056
1057	// escape for html output
1058	+ $name = esc_textarea( $name );
1059	+ $snippet = esc_textarea( $snippet );
1060	+ $nnr_snippet_type = esc_textarea( $nnr_snippet_type );
1061	+ $device_type = esc_html( $device_type );
1062	+ $location = esc_html( $location );
1063	+ $display_on = esc_html( $display_on );
1064	+ $status = esc_html( $status );
1065	+ $lp_count = esc_html( $lp_count );
1066	+ $i = esc_html( $lp_count );
1067	// Notify hfcm-add-edit.php to make necesary changes for update
1068	$update = true;
1069
1070	+ include_once plugin_dir_path( __FILE__ ) . 'includes/hfcm-add-edit.php';
1071	}
1072
1073	/*

1085
1086	$is_pro_version_active = self::is_hfcm_pro_active();
1087
1088	+ if ( $is_pro_version_active ) {
1089	?>
1090	<div class="notice hfcm-warning-notice notice-warning">
1091	<?php _e(

1096	<?php
1097	}
1098
1099	+ if ( !empty( $_GET['import'] ) ) {
1100	+ if ( $_GET['import'] == 2 ) {
1101	$message = "Header Footer Code Manager has successfully imported all snippets and set them as INACTIVE. Please review each snippet individually and ACTIVATE those that are needed for this site. Snippet types that are only available in the PRO version are skipped";
1102	} else {
1103	$message = "Header Footer Code Manager has successfully imported all snippets and set them as INACTIVE. Please review each snippet individually and ACTIVATE those that are needed for this site.";

1105	?>
1106	<div id="hfcm-message" class="notice notice-success is-dismissible">
1107	<p>
1108	+ <?php _e( $message, 'header-footer-code-manager' ); ?>
1109	</p>
1110	</div>
1111	<?php
1112	}
1113	+ if ( !empty( $_GET['script_status'] ) && in_array(
1114	+ $_GET['script_status'], array( 'active', 'inactive' )
1115	+ )
1116	) {
1117	$allclass = '';
1118	+ if ( 'active' === $_GET['script_status'] ) {
1119	$activeclass = 'current';
1120	}
1121	+ if ( 'inactive' === $_GET['script_status'] ) {
1122	$inactiveclass = 'current';
1123	}
1124	}
1125	?>
1126	<div class="wrap">
1127	+ <h1><?php esc_html_e( 'Snippets', 'header-footer-code-manager' ) ?>
1128	+ <a href="<?php echo admin_url( 'admin.php?page=hfcm-create' ) ?>" class="page-title-action">
1129	+ <?php esc_html_e( 'Add New Snippet', 'header-footer-code-manager' ) ?>
1130	</a>
1131	</h1>
1132
1133	<form method="post">
1134	<?php
1135	$snippet_obj->prepare_items();
1136	+ $snippet_obj->search_box( __( 'Search Snippets', 'header-footer-code-manager' ), 'search_id' );
1137	$snippet_obj->display();
1138	?>
1139	</form>

1142	<?php
1143
1144	// Register the script
1145	+ wp_register_script( 'hfcm_toggle', plugins_url( 'js/toggle.js', __FILE__ ) );
1146
1147	// Localize the script with new data
1148	$translation_array = array(
1149	+ 'url' => admin_url( 'admin.php' ),
1150	+ 'security' => wp_create_nonce( 'hfcm-toggle-snippet' ),
1151	);
1152	+ wp_localize_script( 'hfcm_toggle', 'hfcm_ajax', $translation_array );
1153
1154	// Enqueued script with localized data.
1155	+ wp_enqueue_script( 'hfcm_toggle' );
1156	}
1157
1158	/*

1163	global $wpdb;
1164	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1165
1166	+ $nnr_hfcm_snippets = $wpdb->get_results( "SELECT * from `{$nnr_hfcm_table_name}`" );
1167
1168	+ include_once plugin_dir_path( __FILE__ ) . 'includes/hfcm-tools.php';
1169	}
1170
1171	/*

1176	global $wpdb;
1177	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1178
1179	+ if ( !empty( $_POST['nnr_hfcm_snippets'] ) && !empty( $_POST['action'] ) && ($_POST['action'] == "download") && check_admin_referer( 'hfcm-nonce' ) ) {
1180	$nnr_hfcm_snippets_comma_separated = "";
1181	foreach ( $_POST['nnr_hfcm_snippets'] as $nnr_hfcm_key => $nnr_hfcm_snippet ) {
1182	+ $nnr_hfcm_snippet = str_replace( "snippet_", "", sanitize_text_field( $nnr_hfcm_snippet ) );
1183	+ $nnr_hfcm_snippet = absint( $nnr_hfcm_snippet );
1184	+ if ( !empty( $nnr_hfcm_snippet ) ) {
1185	+ if ( empty( $nnr_hfcm_snippets_comma_separated ) ) {
1186	$nnr_hfcm_snippets_comma_separated .= $nnr_hfcm_snippet;
1187	} else {
1188	$nnr_hfcm_snippets_comma_separated .= "," . $nnr_hfcm_snippet;
1189	}
1190	}
1191	}
1192	+ if ( !empty( $nnr_hfcm_snippets_comma_separated ) ) {
1193	$nnr_hfcm_snippets = $wpdb->get_results(
1194	+ "SELECT * FROM `{$nnr_hfcm_table_name}` WHERE script_id IN (" . $nnr_hfcm_snippets_comma_separated . ")"
1195	);
1196
1197	+ if ( !empty( $nnr_hfcm_snippets ) ) {
1198	$nnr_hfcm_export_snippets = array( "title" => "Header Footer Code Manager" );
1199
1200	foreach ( $nnr_hfcm_snippets as $nnr_hfcm_snippet_key => $nnr_hfcm_snippet_item ) {
1201	+ unset( $nnr_hfcm_snippet_item->script_id );
1202	$nnr_hfcm_export_snippets['snippets'][ $nnr_hfcm_snippet_key ] = $nnr_hfcm_snippet_item;
1203	}
1204	+ $file_name = 'hfcm-export-' . date( 'Y-m-d' ) . '.json';
1205	+ header( "Content-Description: File Transfer" );
1206	+ header( "Content-Disposition: attachment; filename={$file_name}" );
1207	+ header( "Content-Type: application/json; charset=utf-8" );
1208	+ echo json_encode( $nnr_hfcm_export_snippets, JSON_PRETTY_PRINT \| JSON_UNESCAPED_UNICODE );
1209	}
1210	}
1211	die;

1217	*/
1218	public static function hfcm_import_snippets()
1219	{
1220	+ if ( !empty( $_FILES['nnr_hfcm_import_file']['tmp_name'] ) && check_admin_referer( 'hfcm-nonce' ) ) {
1221	+ if ( !empty( $_FILES['nnr_hfcm_pro_import_file']['type'] ) && $_FILES['nnr_hfcm_pro_import_file']['type'] != "application/json" ) {
1222	?>
1223	<div class="notice hfcm-warning-notice notice-warning">
1224	+ <?php _e( 'Please upload a valid import file', 'header-footer-code-manager' ); ?>
1225	</div>
1226	<?php
1227	return;

1230	global $wpdb;
1231	$nnr_hfcm_table_name = $wpdb->prefix . self::$nnr_hfcm_table;
1232
1233	+ $nnr_hfcm_snippets_json = file_get_contents( $_FILES['nnr_hfcm_import_file']['tmp_name'] );
1234	+ $nnr_hfcm_snippets = json_decode( $nnr_hfcm_snippets_json );
1235
1236	+ if ( empty( $nnr_hfcm_snippets->title ) \|\| (!empty( $nnr_hfcm_snippets->title ) && $nnr_hfcm_snippets->title != "Header Footer Code Manager") ) {
1237	?>
1238	<div class="notice hfcm-warning-notice notice-warning">
1239	+ <?php _e( 'Please upload a valid import file', 'header-footer-code-manager' ); ?>
1240	</div>
1241	<?php
1242	return;

1245	$nnr_non_script_snippets = 1;
1246	foreach ( $nnr_hfcm_snippets->snippets as $nnr_hfcm_key => $nnr_hfcm_snippet ) {
1247	$nnr_hfcm_snippet = (array) $nnr_hfcm_snippet;
1248	+ if ( !empty( $nnr_hfcm_snippet['snippet_type'] ) && !in_array(
1249	+ $nnr_hfcm_snippet['snippet_type'], array( "html", "css", "js" )
1250	+ )
1251	) {
1252	$nnr_non_script_snippets = 2;
1253	continue;
1254	}
1255	+ if ( !empty( $nnr_hfcm_snippet['location'] ) && !in_array(
1256	+ $nnr_hfcm_snippet['location'], array( 'header', 'before_content', 'after_content',
1257	'footer' )
1258	+ )
1259	) {
1260	$nnr_non_script_snippets = 2;
1261	continue;

1268	"created_by", "last_modified_by", "created", "last_revision_date"
1269	);
1270	foreach ( $nnr_hfcm_snippet as $nnr_key => $nnr_item ) {
1271	+ $nnr_key = sanitize_text_field( $nnr_key );
1272	+ if ( in_array( $nnr_key, $nnr_hfcm_keys ) ) {
1273	+ if ( $nnr_key == "lp_count" ) {
1274	+ $nnr_item = absint( $nnr_item );
1275	+ } elseif ( $nnr_key != "snippet" ) {
1276	+ $nnr_item = sanitize_text_field( $nnr_item );
1277	}
1278	$nnr_hfcm_sanitizes_snippet[ $nnr_key ] = $nnr_item;
1279	}

1305	);
1306	}
1307
1308	+ self::hfcm_redirect( admin_url( 'admin.php?page=hfcm-list&import=' . $nnr_non_script_snippets ) );
1309	}
1310	}
1311

1316	*/
1317	public static function is_hfcm_pro_active()
1318	{
1319	+ if ( is_plugin_active( 'header-footer-code-manager-pro/header-footer-code-manager-pro.php' ) ) {
1320	return true;
1321	}
1322

1331	);
1332	$output = 'objects'; // or objects
1333	$operator = 'and'; // 'and' or 'or'
1334	+ $taxonomies = get_taxonomies( $args, $output, $operator );
1335
1336	$nnr_hfcm_categories = [];
1337

1361	);
1362	$output = 'objects'; // or objects
1363	$operator = 'and'; // 'and' or 'or'
1364	+ $taxonomies = get_taxonomies( $args, $output, $operator );
1365
1366	$nnr_hfcm_tags = [];
1367

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: DraftPress, 99robots, charliepatel
3	Tags: header, footer, code manager, snippet, functions.php, tracking, google analytics, adsense, verification, pixel
4	Requires at least: 4.9
5	Requires PHP: 5.6.20
6	- Tested up to: 6.~~0.2~~
7	- Stable tag: 1.1.29
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10	Donate link: https://draftpress.com
	@@ -114,6 +114,10 @@ A. Free plugins rely on user feedback. Therefore, the best thing you can do for
114	A. If your script is not supported, just let us know and we'll look into it immediately. We will do our best to ensure all reputable services are supported. When requesting support for a particular script, it would be nice to get a sample of the script so that we can see its structure.
115
116	== Changelog ==




117	= 1.1.29 = 2022-09-21
118	* FIXED: Description not showing on the RSS feed page
119


3	Tags: header, footer, code manager, snippet, functions.php, tracking, google analytics, adsense, verification, pixel
4	Requires at least: 4.9
5	Requires PHP: 5.6.20
6	+ Tested up to: 6.1
7	+ Stable tag: 1.1.30
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10	Donate link: https://draftpress.com

114	A. If your script is not supported, just let us know and we'll look into it immediately. We will do our best to ensure all reputable services are supported. When requesting support for a particular script, it would be nice to get a sample of the script so that we can see its structure.
115
116	== Changelog ==
117	+ = 1.1.30 = 2022-11-09
118	+ * FIXED: Proper checks for user access and capabilities
119	+ * UPDATED: Compatibility with WordPress 6.1
120	+
121	= 1.1.29 = 2022-09-21
122	* FIXED: Description not showing on the RSS feed page
123

Header Footer Code Manager - Version 1.1.30

Version Description

Release Info

Code changes from version 1.1.29 to 1.1.30