Version Description
Important security update.
Download this release
Release Info
| Developer | Viper007Bond |
| Plugin |  SyntaxHighlighter Evolved |
| Version | 3.1.6 |
| Comparing to | |
| See all releases | |
Code changes from version 3.1.5 to 3.1.6
- readme.txt +12 -0
- syntaxhighlighter.php +38 -44
- syntaxhighlighter2/scripts/clipboard.swf +0 -0
readme.txt
CHANGED
|
@@ -55,6 +55,13 @@ Make sure your theme's `footer.php` file has `<?php wp_footer(); ?>` somewhere i
|
|
| 55 |
|
| 56 |
== ChangeLog ==
|
| 57 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 58 |
= Version 3.1.5 =
|
| 59 |
|
| 60 |
* The slashing changes made in WordPress 3.6 (alpha) have been reverted -- we're back to the old way again. This release restores the code back to Syntaxhighlighter v3.1.3. See [ticket #21767](http://core.trac.wordpress.org/ticket/21767).
|
|
@@ -210,3 +217,8 @@ Localizations:
|
|
| 210 |
= Version 1.0.0 =
|
| 211 |
|
| 212 |
* Initial release!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 55 |
|
| 56 |
== ChangeLog ==
|
| 57 |
|
| 58 |
+
= Version 3.1.6 =
|
| 59 |
+
|
| 60 |
+
* Kill off v2 copy-to-clipboard SWF file due to XSS security issue with the file. If you want to be able to copy/paste, use the better v3.
|
| 61 |
+
* Switch from using a `<meta>` tag to a `<style>` tag as the JavaScript anchor in the `<head>`. This should fix the validation error under HTML5.
|
| 62 |
+
* Remove an old forced font-size function -- it wasn't actually used.
|
| 63 |
+
* Remove references.
|
| 64 |
+
|
| 65 |
= Version 3.1.5 =
|
| 66 |
|
| 67 |
* The slashing changes made in WordPress 3.6 (alpha) have been reverted -- we're back to the old way again. This release restores the code back to Syntaxhighlighter v3.1.3. See [ticket #21767](http://core.trac.wordpress.org/ticket/21767).
|
| 217 |
= Version 1.0.0 =
|
| 218 |
|
| 219 |
* Initial release!
|
| 220 |
+
|
| 221 |
+
== Upgrade Notice ==
|
| 222 |
+
|
| 223 |
+
= 3.1.6 =
|
| 224 |
+
Important security update.
|
syntaxhighlighter.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
|
| 5 |
Plugin Name: SyntaxHighlighter Evolved
|
| 6 |
Plugin URI: http://www.viper007bond.com/wordpress-plugins/syntaxhighlighter/
|
| 7 |
-
Version: 3.1.
|
| 8 |
Description: Easily post syntax-highlighted code to your site without having to modify the code at all. Uses Alex Gorbatchev's <a href="http://alexgorbatchev.com/wiki/SyntaxHighlighter">SyntaxHighlighter</a>. <strong>TIP:</strong> Don't use the Visual editor if you don't want your code mangled. TinyMCE will "clean up" your HTML.
|
| 9 |
Author: Viper007Bond
|
| 10 |
Author URI: http://www.viper007bond.com/
|
|
@@ -21,7 +21,7 @@ Thanks to:
|
|
| 21 |
|
| 22 |
class SyntaxHighlighter {
|
| 23 |
// All of these variables are private. Filters are provided for things that can be modified.
|
| 24 |
-
var $pluginver = '3.1.
|
| 25 |
var $agshver = false; // Alex Gorbatchev's SyntaxHighlighter version (dynamically set below due to v2 vs v3)
|
| 26 |
var $shfolder = false; // Controls what subfolder to load SyntaxHighlighter from (v2 or v3)
|
| 27 |
var $settings = array(); // Contains the user's settings
|
|
@@ -43,43 +43,43 @@ class SyntaxHighlighter {
|
|
| 43 |
load_plugin_textdomain( 'syntaxhighlighter', false, '/syntaxhighlighter/localization' );
|
| 44 |
|
| 45 |
// Display hooks
|
| 46 |
-
add_filter( 'the_content', array(
|
| 47 |
-
add_filter( 'comment_text', array(
|
| 48 |
-
add_filter( 'bp_get_the_topic_post_content', array(
|
| 49 |
|
| 50 |
// Into the database
|
| 51 |
-
add_filter( 'content_save_pre', array(
|
| 52 |
-
add_filter( 'pre_comment_content', array(
|
| 53 |
-
add_filter( 'group_forum_post_text_before_save', array(
|
| 54 |
-
add_filter( 'group_forum_topic_text_before_save', array(
|
| 55 |
|
| 56 |
// Out of the database for editing
|
| 57 |
-
add_filter( 'the_editor_content', array(
|
| 58 |
-
add_filter( 'comment_edit_pre', array(
|
| 59 |
-
add_filter( 'bp_get_the_topic_text', array(
|
| 60 |
-
add_filter( 'bp_get_the_topic_post_edit_text', array(
|
| 61 |
|
| 62 |
// Outputting SyntaxHighlighter's JS and CSS
|
| 63 |
-
add_action( 'wp_head', array(
|
| 64 |
-
add_action( 'admin_head', array(
|
| 65 |
-
add_action( 'wp_footer', array(
|
| 66 |
-
add_action( 'admin_footer', array(
|
| 67 |
|
| 68 |
// Admin hooks
|
| 69 |
-
add_action( 'admin_init', array(
|
| 70 |
-
add_action( 'admin_menu', array(
|
| 71 |
-
add_action( 'admin_head', array(
|
| 72 |
-
add_filter( 'mce_external_plugins', array(
|
| 73 |
-
add_filter( 'tiny_mce_version', array(
|
| 74 |
-
add_filter( 'save_post', array(
|
| 75 |
-
add_filter( 'plugin_action_links', array(
|
| 76 |
|
| 77 |
// Register widget hooks
|
| 78 |
// Requires change added in WordPress 2.9
|
| 79 |
if ( class_exists('WP_Embed') ) {
|
| 80 |
-
add_filter( 'widget_text', array(
|
| 81 |
-
add_filter( 'widget_update_callback', array(
|
| 82 |
-
add_filter( 'widget_form_callback', array(
|
| 83 |
}
|
| 84 |
|
| 85 |
|
|
@@ -266,13 +266,13 @@ class SyntaxHighlighter {
|
|
| 266 |
|
| 267 |
// Register the settings page
|
| 268 |
function register_settings_page() {
|
| 269 |
-
add_options_page( __( 'SyntaxHighlighter Settings', 'syntaxhighlighter' ), __( 'SyntaxHighlighter', 'syntaxhighlighter' ), 'manage_options', 'syntaxhighlighter', array(
|
| 270 |
}
|
| 271 |
|
| 272 |
|
| 273 |
// Register the plugin's setting
|
| 274 |
function register_setting() {
|
| 275 |
-
register_setting( 'syntaxhighlighter_settings', 'syntaxhighlighter_settings', array(
|
| 276 |
}
|
| 277 |
|
| 278 |
|
|
@@ -292,7 +292,7 @@ class SyntaxHighlighter {
|
|
| 292 |
// Add a "Settings" link to the plugins page
|
| 293 |
function settings_link( $links, $file ) {
|
| 294 |
static $this_plugin;
|
| 295 |
-
|
| 296 |
if( empty($this_plugin) )
|
| 297 |
$this_plugin = plugin_basename(__FILE__);
|
| 298 |
|
|
@@ -316,12 +316,6 @@ class SyntaxHighlighter {
|
|
| 316 |
}
|
| 317 |
|
| 318 |
|
| 319 |
-
// Additional CSS for the front end (to ensure themes don't screw too much with the code)
|
| 320 |
-
function enforce_font_size() {
|
| 321 |
-
echo ' <style type="text/css">.syntaxhighlighter { font-size: 12px !important; }</style>' . "\n";
|
| 322 |
-
}
|
| 323 |
-
|
| 324 |
-
|
| 325 |
// A filter function that runs do_shortcode() but only with this plugin's shortcodes
|
| 326 |
function shortcode_hack( $content, $callback ) {
|
| 327 |
global $shortcode_tags;
|
|
@@ -354,7 +348,7 @@ class SyntaxHighlighter {
|
|
| 354 |
return $content;
|
| 355 |
|
| 356 |
$pattern = get_shortcode_regex();
|
| 357 |
-
return preg_replace_callback('/'.$pattern.'/s', array(
|
| 358 |
}
|
| 359 |
|
| 360 |
|
|
@@ -383,13 +377,13 @@ class SyntaxHighlighter {
|
|
| 383 |
|
| 384 |
// The main filter for the post contents. The regular shortcode filter can't be used as it's post-wpautop().
|
| 385 |
function parse_shortcodes( $content ) {
|
| 386 |
-
return $this->shortcode_hack( $content, array(
|
| 387 |
}
|
| 388 |
|
| 389 |
|
| 390 |
// HTML entity encode the contents of shortcodes
|
| 391 |
function encode_shortcode_contents( $content ) {
|
| 392 |
-
return $this->shortcode_hack( $content, array(
|
| 393 |
}
|
| 394 |
|
| 395 |
|
|
@@ -419,7 +413,7 @@ class SyntaxHighlighter {
|
|
| 419 |
|
| 420 |
// HTML entity decode the contents of shortcodes
|
| 421 |
function decode_shortcode_contents( $content ) {
|
| 422 |
-
return $this->shortcode_hack( $content, array(
|
| 423 |
}
|
| 424 |
|
| 425 |
|
|
@@ -480,7 +474,7 @@ class SyntaxHighlighter {
|
|
| 480 |
// Run SyntaxHighlighter::decode_shortcode_contents_callback() on the contents of the text widget form
|
| 481 |
function widget_text_form( $instance, $widgetclass ) {
|
| 482 |
if ( 'text' == $widgetclass->id_base && !empty($instance['syntaxhighlighter_encoded']) ) {
|
| 483 |
-
$instance['text'] = $this->shortcode_hack( $instance['text'], array(
|
| 484 |
}
|
| 485 |
|
| 486 |
return $instance;
|
|
@@ -564,10 +558,10 @@ class SyntaxHighlighter {
|
|
| 564 |
}
|
| 565 |
|
| 566 |
|
| 567 |
-
// Output an anchor in the header for the Javascript to use
|
| 568 |
-
//
|
| 569 |
function output_header_placeholder() {
|
| 570 |
-
echo '<
|
| 571 |
}
|
| 572 |
|
| 573 |
|
| 4 |
|
| 5 |
Plugin Name: SyntaxHighlighter Evolved
|
| 6 |
Plugin URI: http://www.viper007bond.com/wordpress-plugins/syntaxhighlighter/
|
| 7 |
+
Version: 3.1.6
|
| 8 |
Description: Easily post syntax-highlighted code to your site without having to modify the code at all. Uses Alex Gorbatchev's <a href="http://alexgorbatchev.com/wiki/SyntaxHighlighter">SyntaxHighlighter</a>. <strong>TIP:</strong> Don't use the Visual editor if you don't want your code mangled. TinyMCE will "clean up" your HTML.
|
| 9 |
Author: Viper007Bond
|
| 10 |
Author URI: http://www.viper007bond.com/
|
| 21 |
|
| 22 |
class SyntaxHighlighter {
|
| 23 |
// All of these variables are private. Filters are provided for things that can be modified.
|
| 24 |
+
var $pluginver = '3.1.6'; // Plugin version
|
| 25 |
var $agshver = false; // Alex Gorbatchev's SyntaxHighlighter version (dynamically set below due to v2 vs v3)
|
| 26 |
var $shfolder = false; // Controls what subfolder to load SyntaxHighlighter from (v2 or v3)
|
| 27 |
var $settings = array(); // Contains the user's settings
|
| 43 |
load_plugin_textdomain( 'syntaxhighlighter', false, '/syntaxhighlighter/localization' );
|
| 44 |
|
| 45 |
// Display hooks
|
| 46 |
+
add_filter( 'the_content', array( $this, 'parse_shortcodes' ), 7 ); // Posts
|
| 47 |
+
add_filter( 'comment_text', array( $this, 'parse_shortcodes_comment' ), 7 ); // Comments
|
| 48 |
+
add_filter( 'bp_get_the_topic_post_content', array( $this, 'parse_shortcodes' ), 7 ); // BuddyPress
|
| 49 |
|
| 50 |
// Into the database
|
| 51 |
+
add_filter( 'content_save_pre', array( $this, 'encode_shortcode_contents_slashed_noquickedit' ), 1 ); // Posts
|
| 52 |
+
add_filter( 'pre_comment_content', array( $this, 'encode_shortcode_contents_slashed' ), 1 ); // Comments
|
| 53 |
+
add_filter( 'group_forum_post_text_before_save', array( $this, 'encode_shortcode_contents_slashed' ), 1 ); // BuddyPress
|
| 54 |
+
add_filter( 'group_forum_topic_text_before_save', array( $this, 'encode_shortcode_contents_slashed' ), 1 ); // BuddyPress
|
| 55 |
|
| 56 |
// Out of the database for editing
|
| 57 |
+
add_filter( 'the_editor_content', array( $this, 'the_editor_content' ), 1 ); // Posts
|
| 58 |
+
add_filter( 'comment_edit_pre', array( $this, 'decode_shortcode_contents' ), 1 ); // Comments
|
| 59 |
+
add_filter( 'bp_get_the_topic_text', array( $this, 'decode_shortcode_contents' ), 1 ); // BuddyPress
|
| 60 |
+
add_filter( 'bp_get_the_topic_post_edit_text', array( $this, 'decode_shortcode_contents' ), 1 ); // BuddyPress
|
| 61 |
|
| 62 |
// Outputting SyntaxHighlighter's JS and CSS
|
| 63 |
+
add_action( 'wp_head', array( $this, 'output_header_placeholder' ), 15 );
|
| 64 |
+
add_action( 'admin_head', array( $this, 'output_header_placeholder' ), 15 ); // For comments
|
| 65 |
+
add_action( 'wp_footer', array( $this, 'maybe_output_scripts' ), 15 );
|
| 66 |
+
add_action( 'admin_footer', array( $this, 'maybe_output_scripts' ), 15 ); // For comments
|
| 67 |
|
| 68 |
// Admin hooks
|
| 69 |
+
add_action( 'admin_init', array( $this, 'register_setting' ) );
|
| 70 |
+
add_action( 'admin_menu', array( $this, 'register_settings_page' ) );
|
| 71 |
+
add_action( 'admin_head', array( $this, 'output_shortcodes_for_tinymce' ) );
|
| 72 |
+
add_filter( 'mce_external_plugins', array( $this, 'add_tinymce_plugin' ) );
|
| 73 |
+
add_filter( 'tiny_mce_version', array( $this, 'break_tinymce_cache' ) );
|
| 74 |
+
add_filter( 'save_post', array( $this, 'mark_as_encoded' ), 10, 2 );
|
| 75 |
+
add_filter( 'plugin_action_links', array( $this, 'settings_link' ), 10, 2 );
|
| 76 |
|
| 77 |
// Register widget hooks
|
| 78 |
// Requires change added in WordPress 2.9
|
| 79 |
if ( class_exists('WP_Embed') ) {
|
| 80 |
+
add_filter( 'widget_text', array( $this, 'widget_text_output' ), 7, 2 );
|
| 81 |
+
add_filter( 'widget_update_callback', array( $this, 'widget_text_save' ), 1, 4 );
|
| 82 |
+
add_filter( 'widget_form_callback', array( $this, 'widget_text_form' ), 1, 2 );
|
| 83 |
}
|
| 84 |
|
| 85 |
|
| 266 |
|
| 267 |
// Register the settings page
|
| 268 |
function register_settings_page() {
|
| 269 |
+
add_options_page( __( 'SyntaxHighlighter Settings', 'syntaxhighlighter' ), __( 'SyntaxHighlighter', 'syntaxhighlighter' ), 'manage_options', 'syntaxhighlighter', array( $this, 'settings_page' ) );
|
| 270 |
}
|
| 271 |
|
| 272 |
|
| 273 |
// Register the plugin's setting
|
| 274 |
function register_setting() {
|
| 275 |
+
register_setting( 'syntaxhighlighter_settings', 'syntaxhighlighter_settings', array( $this, 'validate_settings' ) );
|
| 276 |
}
|
| 277 |
|
| 278 |
|
| 292 |
// Add a "Settings" link to the plugins page
|
| 293 |
function settings_link( $links, $file ) {
|
| 294 |
static $this_plugin;
|
| 295 |
+
|
| 296 |
if( empty($this_plugin) )
|
| 297 |
$this_plugin = plugin_basename(__FILE__);
|
| 298 |
|
| 316 |
}
|
| 317 |
|
| 318 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 319 |
// A filter function that runs do_shortcode() but only with this plugin's shortcodes
|
| 320 |
function shortcode_hack( $content, $callback ) {
|
| 321 |
global $shortcode_tags;
|
| 348 |
return $content;
|
| 349 |
|
| 350 |
$pattern = get_shortcode_regex();
|
| 351 |
+
return preg_replace_callback('/'.$pattern.'/s', array( $this, 'do_shortcode_tag_keep_escaped_tags' ), $content);
|
| 352 |
}
|
| 353 |
|
| 354 |
|
| 377 |
|
| 378 |
// The main filter for the post contents. The regular shortcode filter can't be used as it's post-wpautop().
|
| 379 |
function parse_shortcodes( $content ) {
|
| 380 |
+
return $this->shortcode_hack( $content, array( $this, 'shortcode_callback' ) );
|
| 381 |
}
|
| 382 |
|
| 383 |
|
| 384 |
// HTML entity encode the contents of shortcodes
|
| 385 |
function encode_shortcode_contents( $content ) {
|
| 386 |
+
return $this->shortcode_hack( $content, array( $this, 'encode_shortcode_contents_callback' ) );
|
| 387 |
}
|
| 388 |
|
| 389 |
|
| 413 |
|
| 414 |
// HTML entity decode the contents of shortcodes
|
| 415 |
function decode_shortcode_contents( $content ) {
|
| 416 |
+
return $this->shortcode_hack( $content, array( $this, 'decode_shortcode_contents_callback' ) );
|
| 417 |
}
|
| 418 |
|
| 419 |
|
| 474 |
// Run SyntaxHighlighter::decode_shortcode_contents_callback() on the contents of the text widget form
|
| 475 |
function widget_text_form( $instance, $widgetclass ) {
|
| 476 |
if ( 'text' == $widgetclass->id_base && !empty($instance['syntaxhighlighter_encoded']) ) {
|
| 477 |
+
$instance['text'] = $this->shortcode_hack( $instance['text'], array( $this, 'decode_shortcode_contents_callback' ) );
|
| 478 |
}
|
| 479 |
|
| 480 |
return $instance;
|
| 558 |
}
|
| 559 |
|
| 560 |
|
| 561 |
+
// Output an anchor in the header for the Javascript to use.
|
| 562 |
+
// In the <head>, we don't know if we'll need this plugin's CSS and JavaScript yet but we will in the footer.
|
| 563 |
function output_header_placeholder() {
|
| 564 |
+
echo '<style id="syntaxhighlighteranchor"></style>' . "\n";
|
| 565 |
}
|
| 566 |
|
| 567 |
|
syntaxhighlighter2/scripts/clipboard.swf
CHANGED
|
Binary file
|
