WP Editor - Version 1.2.7

Version Description

  • Security release: fixes SQLi vulnerabilities.
Download this release

Release Info

Developer peterwilsoncc
Plugin Icon 128x128 WP Editor
Version 1.2.7
Comparing to
See all releases

Code changes from version 1.2.6.3 to 1.2.7

Files changed (30) hide show
  1. classes/WPEditor.php +338 -340
  2. classes/WPEditorAjax.php +34 -21
  3. classes/WPEditorPlugins.php +167 -167
  4. classes/WPEditorSetting.php +93 -18
  5. classes/WPEditorThemes.php +213 -213
  6. extensions/attrchange/attrchange.js +5 -5
  7. extensions/fancybox/images/blank.gif +0 -0
  8. extensions/fancybox/images/fancy_close.png +0 -0
  9. extensions/fancybox/images/fancy_loading.png +0 -0
  10. extensions/fancybox/images/fancy_nav_left.png +0 -0
  11. extensions/fancybox/images/fancy_nav_right.png +0 -0
  12. extensions/fancybox/images/fancy_shadow_e.png +0 -0
  13. extensions/fancybox/images/fancy_shadow_n.png +0 -0
  14. extensions/fancybox/images/fancy_shadow_ne.png +0 -0
  15. extensions/fancybox/images/fancy_shadow_nw.png +0 -0
  16. extensions/fancybox/images/fancy_shadow_s.png +0 -0
  17. extensions/fancybox/images/fancy_shadow_se.png +0 -0
  18. extensions/fancybox/images/fancy_shadow_sw.png +0 -0
  19. extensions/fancybox/images/fancy_shadow_w.png +0 -0
  20. extensions/fancybox/images/fancy_title_left.png +0 -0
  21. extensions/fancybox/images/fancy_title_main.png +0 -0
  22. extensions/fancybox/images/fancy_title_over.png +0 -0
  23. extensions/fancybox/images/fancy_title_right.png +0 -0
  24. extensions/fancybox/images/fancybox-x.png +0 -0
  25. extensions/fancybox/images/fancybox-y.png +0 -0
  26. extensions/fancybox/images/fancybox.png +0 -0
  27. extensions/fancybox/jquery.fancybox-1.3.4.css +0 -359
  28. extensions/fancybox/js/jquery.fancybox-1.3.4.pack.js +0 -46
  29. readme.txt +18 -12
  30. wpeditor.php +2 -1
classes/WPEditor.php CHANGED
@@ -1,342 +1,340 @@
1
  <?php
2
  class WPEditor {
3
-
4
- public function install() {
5
-
6
- global $wpdb;
7
- $prefix = $this->get_table_prefix();
8
- $sqlFile = WPEDITOR_PATH . 'sql/database.sql';
9
- $sql = str_replace( '[prefix]', $prefix, file_get_contents( $sqlFile ) );
10
- $queries = explode( ";\n", $sql );
11
- $wpdb->hide_errors();
12
- foreach ( $queries as $sql ) {
13
- if ( strlen( $sql ) > 5 ) {
14
- $wpdb->query( $sql );
15
- }
16
- }
17
-
18
- // Set the version number for this version of WPEditor
19
- require_once( WPEDITOR_PATH . 'classes/WPEditorSetting.php' );
20
- WPEditorSetting::set_value( 'version', WPEDITOR_VERSION_NUMBER );
21
-
22
- if ( ! WPEditorSetting::get_value( 'upgrade' ) ) {
23
- $this->first_install();
24
- }
25
-
26
- }
27
-
28
- public function first_install() {
29
-
30
- // Set the database to upgrade instead of first time install
31
- WPEditorSetting::set_value( 'upgrade', 1 );
32
-
33
- // Check if the post editor has been enabled and enable if not
34
- if ( ! WPEditorSetting::get_value( 'enable_post_editor' ) ) {
35
- WPEditorSetting::set_value( 'enable_post_editor', 1 );
36
- }
37
-
38
- // Check if the plugin and theme editors have been hidden before and hide them if not
39
- if ( ! WPEditorSetting::get_value( 'hide_default_plugin_editor' ) ) {
40
- WPEditorSetting::set_value( 'hide_default_plugin_editor', 1 );
41
- }
42
- if ( ! WPEditorSetting::get_value( 'hide_default_theme_editor' ) ) {
43
- WPEditorSetting::set_value( 'hide_default_theme_editor', 1 );
44
- }
45
-
46
- // Check if the edit link for plugins has been hidden before and hide if not
47
- if ( ! WPEditorSetting::get_value( 'replace_plugin_edit_links' ) ) {
48
- WPEditorSetting::set_value( 'replace_plugin_edit_links', 1 );
49
- }
50
-
51
- // Check if the plugin line numbers have been disabled and enable if not
52
- if ( ! WPEditorSetting::get_value( 'enable_plugin_line_numbers' ) ) {
53
- WPEditorSetting::set_value( 'enable_plugin_line_numbers', 1 );
54
- }
55
-
56
- // Check if the theme line numbers have been disabled and enable if not
57
- if ( ! WPEditorSetting::get_value( 'enable_theme_line_numbers' ) ) {
58
- WPEditorSetting::set_value( 'enable_theme_line_numbers', 1 );
59
- }
60
-
61
- // Check if the post line numbers have been disabled and enable if not
62
- if ( ! WPEditorSetting::get_value( 'enable_post_line_numbers' ) ) {
63
- WPEditorSetting::set_value( 'enable_post_line_numbers', 1 );
64
- }
65
-
66
- // Check if plugin line wrapping has been disabled and enable if not
67
- if ( ! WPEditorSetting::get_value( 'enable_plugin_line_wrapping' ) ) {
68
- WPEditorSetting::set_value( 'enable_plugin_line_wrapping', 1 );
69
- }
70
-
71
- // Check if theme line wrapping has been disabled and enable if not
72
- if ( ! WPEditorSetting::get_value( 'enable_theme_line_wrapping' ) ) {
73
- WPEditorSetting::set_value( 'enable_theme_line_wrapping', 1 );
74
- }
75
-
76
- // Check if post line wrapping has been disabled and enable if not
77
- if ( ! WPEditorSetting::get_value( 'enable_post_line_wrapping' ) ) {
78
- WPEditorSetting::set_value( 'enable_post_line_wrapping', 1 );
79
- }
80
-
81
- // Check if plugin active line highlighting has been disabled and enable if not
82
- if ( ! WPEditorSetting::get_value( 'enable_plugin_active_line' ) ) {
83
- WPEditorSetting::set_value( 'enable_plugin_active_line', 1 );
84
- }
85
-
86
- // Check if theme active line highlighting has been disabled and enable if not
87
- if ( ! WPEditorSetting::get_value( 'enable_theme_active_line' ) ) {
88
- WPEditorSetting::set_value( 'enable_theme_active_line', 1 );
89
- }
90
-
91
- // Check if post active line highlighting has been disabled and enable if not
92
- if ( ! WPEditorSetting::get_value( 'enable_post_active_line' ) ) {
93
- WPEditorSetting::set_value( 'enable_post_active_line', 1 );
94
- }
95
-
96
- // Check if the default allowed extensions for the plugin editor have been set and set if not
97
- if ( ! WPEditorSetting::get_value( 'plugin_editor_allowed_extensions' ) ) {
98
- WPEditorSetting::set_value( 'plugin_editor_allowed_extensions', 'php~js~css~txt~htm~html~jpg~jpeg~png~gif~sql~po~less~xml' );
99
- }
100
-
101
- // Check if the default allowed extensions for the theme editor have been set and set if not
102
- if ( ! WPEditorSetting::get_value( 'theme_editor_allowed_extensions' ) ) {
103
- WPEditorSetting::set_value( 'theme_editor_allowed_extensions', 'php~js~css~txt~htm~html~jpg~jpeg~png~gif~sql~po~less~xml' );
104
- }
105
-
106
- // Check if the upload plugin file option has been set and set if not
107
- if ( ! WPEditorSetting::get_value( 'plugin_file_upload' ) ) {
108
- WPEditorSetting::set_value( 'plugin_file_upload', 1 );
109
- }
110
-
111
- // Check if the upload theme file option has been set and set if not
112
- if ( ! WPEditorSetting::get_value( 'theme_file_upload' ) ) {
113
- WPEditorSetting::set_value( 'theme_file_upload', 1 );
114
- }
115
-
116
- // Check if the plugin indent unit option has been set and set if not
117
- if ( ! WPEditorSetting::get_value( 'plugin_indent_unit' ) ) {
118
- WPEditorSetting::set_value( 'plugin_indent_unit', 2 );
119
- }
120
-
121
- // Check if the theme indent unit option has been set and set if not
122
- if ( ! WPEditorSetting::get_value( 'theme_indent_unit' ) ) {
123
- WPEditorSetting::set_value( 'theme_indent_unit', 2 );
124
- }
125
-
126
- // Check if the post indent unit option has been set and set if not
127
- if ( ! WPEditorSetting::get_value( 'post_indent_unit' ) ) {
128
- WPEditorSetting::set_value( 'post_indent_unit', 2 );
129
- }
130
-
131
- }
132
-
133
- public function init() {
134
- // Load all additional required classes
135
- $this->loadCoreModels();
136
-
137
- // Verify that upgrade has been run
138
- if (IS_ADMIN ) {
139
- if ( version_compare( WPEDITOR_VERSION_NUMBER, WPEditorSetting::get_value( 'version' ) ) ) {
140
- $this->install();
141
- }
142
- }
143
-
144
- // Define debugging and testing info
145
- $wpeditor_logging = WPEditorSetting::get_value( 'wpeditor_logging' ) ? true : false;
146
- define( 'WPEDITOR_DEBUG', $wpeditor_logging );
147
-
148
- $default_wpeditor_roles = array(
149
- 'settings' => 'manage_options',
150
- 'theme-editor' => 'edit_themes',
151
- 'plugin-editor' => 'edit_plugins'
152
- );
153
- // Set default admin page roles if there isn't any
154
- $wpeditor_roles = WPEditorSetting::get_value( 'admin_page_roles' );
155
- if ( empty( $wpeditor_roles ) ) {
156
- WPEditorSetting::set_value( 'admin_page_roles', serialize( $default_wpeditor_roles ) );
157
- }
158
- // Ensure that all admin page roles have been set.
159
- else {
160
- $update_roles = false;
161
- $wpeditor_roles = unserialize( $wpeditor_roles );
162
- foreach ( $default_wpeditor_roles as $key => $value ) {
163
- if ( ! array_key_exists( $key, $wpeditor_roles ) ) {
164
- $wpeditor_roles[ $key ] = $value;
165
- $update_roles = true;
166
- }
167
- }
168
- if ( $update_roles ) {
169
- WPEditorSetting::set_value( 'admin_page_roles', serialize( $wpeditor_roles ) );
170
- }
171
- $wpeditor_roles = serialize( $wpeditor_roles );
172
- }
173
-
174
- if ( IS_ADMIN ) {
175
- // Load default stylesheet
176
- add_action( 'admin_init', array( $this, 'register_default_stylesheet' ) );
177
- // Load default script
178
- add_action( 'admin_init', array( $this, 'register_default_script' ) );
179
- // Register the default settings
180
- add_action( 'admin_init', array( 'WPEditorSetting', 'register_settings' ) );
181
-
182
- // Remove default editor submenus
183
- add_action( 'admin_menu', array( 'WPEditorAdmin', 'remove_default_editor_menus' ) );
184
- // Add WP Editor Settings Page
185
- add_action( 'admin_menu', array( 'WPEditorAdmin', 'build_admin_menu' ) );
186
-
187
- // Add Plugin Editor Page
188
- add_action( 'admin_menu', array( 'WPEditorAdmin', 'add_plugins_page' ) );
189
- // Add Theme Editor Page
190
- add_action( 'admin_menu', array( 'WPEditorAdmin', 'add_themes_page' ) );
191
-
192
- // Ajax request to save settings
193
- add_action( 'wp_ajax_save_wpeditor_settings', array( 'WPEditorAjax', 'save_settings' ) );
194
-
195
- // Ajax request to save files
196
- add_action( 'wp_ajax_save_files', array( 'WPEditorAjax', 'save_file' ) );
197
-
198
- // Ajax request to upload files
199
- add_action( 'wp_ajax_upload_files', array( 'WPEditorAjax', 'upload_file' ) );
200
-
201
- // Ajax request to retrieve files and folders
202
- add_action( 'wp_ajax_ajax_folders', array( 'WPEditorAjax', 'ajax_folders' ) );
203
-
204
- // Replace default plugin edit links
205
- add_filter( 'plugin_action_links', array( $this, 'replace_plugin_edit_links' ), 9, 1 );
206
-
207
- add_filter( 'the_editor', array( 'WPEditorPosts', 'add_posts_jquery' ) );
208
-
209
- if (!current_user_can( 'editor' ) && !current_user_can( 'administrator' ) ) {
210
- global $pagenow;
211
- if ( $pagenow == 'index.php' ) {
212
- add_filter( 'admin_footer', array( 'WPEditorPosts', 'add_posts_jquery' ) );
213
- }
214
- }
215
-
216
- }
217
- }
218
-
219
- public function loadCoreModels() {
220
- require_once( WPEDITOR_PATH . 'classes/WPEditorAdmin.php' );
221
- require_once( WPEDITOR_PATH . 'classes/WPEditorAjax.php' );
222
- require_once( WPEDITOR_PATH . 'classes/WPEditorBrowser.php' );
223
- require_once( WPEDITOR_PATH . 'classes/WPEditorException.php' );
224
- require_once( WPEDITOR_PATH . 'classes/WPEditorLog.php' );
225
- require_once( WPEDITOR_PATH . 'classes/WPEditorPlugins.php' );
226
- require_once( WPEDITOR_PATH . 'classes/WPEditorPosts.php' );
227
- require_once( WPEDITOR_PATH . 'classes/WPEditorSetting.php' );
228
- require_once( WPEDITOR_PATH . 'classes/WPEditorThemes.php' );
229
- }
230
-
231
- public function register_default_stylesheet() {
232
- wp_register_style( 'wpeditor', WPEDITOR_URL . '/wpeditor.css', false, WPEDITOR_VERSION_NUMBER );
233
- wp_register_style( 'nivo-lightbox', WPEDITOR_URL . '/extensions/nivo-lightbox/css/nivo-lightbox.css', false, WPEDITOR_VERSION_NUMBER );
234
- wp_register_style( 'nivo-lightbox-default', WPEDITOR_URL . '/extensions/nivo-lightbox/themes/default/default.css', array( 'nivo-lightbox' ), WPEDITOR_VERSION_NUMBER );
235
- wp_register_style( 'codemirror', WPEDITOR_URL . '/extensions/codemirror/css/codemirror.css', false, WPEDITOR_VERSION_NUMBER );
236
- wp_register_style( 'codemirror_dialog', WPEDITOR_URL . '/extensions/codemirror/css/dialog.css', false, WPEDITOR_VERSION_NUMBER );
237
- wp_register_style( 'codemirror_fullscreen', WPEDITOR_URL . '/extensions/codemirror/css/fullscreen.css', false, WPEDITOR_VERSION_NUMBER );
238
- wp_register_style( 'codemirror_themes', WPEDITOR_URL . '/extensions/codemirror/themes/themes.css', false, WPEDITOR_VERSION_NUMBER );
239
- wp_register_style( 'chosen', WPEDITOR_URL . '/extensions/chosen/css/chosen.min.css', false, WPEDITOR_VERSION_NUMBER );
240
- }
241
-
242
- public function register_default_script() {
243
- wp_deregister_script( 'quicktags' );
244
- wp_register_script( 'quicktags', WPEDITOR_URL . '/js/quicktags.js', false, WPEDITOR_VERSION_NUMBER, true );
245
- wp_localize_script( 'quicktags', 'quicktagsL10n', array(
246
- 'closeAllOpenTags' => __( 'Close all open tags', 'wp-editor' ),
247
- 'closeTags' => __( 'close tags', 'wp-editor' ),
248
- 'enterURL' => __( 'Enter the URL', 'wp-editor' ),
249
- 'enterImageURL' => __( 'Enter the URL of the image', 'wp-editor' ),
250
- 'enterImageDescription' => __( 'Enter a description of the image', 'wp-editor' ),
251
- 'textdirection' => __( 'text direction', 'wp-editor' ),
252
- 'toggleTextdirection' => __( 'Toggle Editor Text Direction', 'wp-editor' ),
253
- 'dfw' => __( 'Distraction-free writing mode', 'wp-editor' ),
254
- 'strong' => __( 'Bold', 'wp-editor' ),
255
- 'strongClose' => __( 'Close bold tag', 'wp-editor' ),
256
- 'em' => __( 'Italic', 'wp-editor' ),
257
- 'emClose' => __( 'Close italic tag', 'wp-editor' ),
258
- 'link' => __( 'Insert link', 'wp-editor' ),
259
- 'blockquote' => __( 'Blockquote', 'wp-editor' ),
260
- 'blockquoteClose' => __( 'Close blockquote tag', 'wp-editor' ),
261
- 'del' => __( 'Deleted text (strikethrough)', 'wp-editor' ),
262
- 'delClose' => __( 'Close deleted text tag', 'wp-editor' ),
263
- 'ins' => __( 'Inserted text', 'wp-editor' ),
264
- 'insClose' => __( 'Close inserted text tag', 'wp-editor' ),
265
- 'image' => __( 'Insert image', 'wp-editor' ),
266
- 'ul' => __( 'Bulleted list', 'wp-editor' ),
267
- 'ulClose' => __( 'Close bulleted list tag', 'wp-editor' ),
268
- 'ol' => __( 'Numbered list', 'wp-editor' ),
269
- 'olClose' => __( 'Close numbered list tag', 'wp-editor' ),
270
- 'li' => __( 'List item', 'wp-editor' ),
271
- 'liClose' => __( 'Close list item tag', 'wp-editor' ),
272
- 'code' => __( 'Code', 'wp-editor' ),
273
- 'codeClose' => __( 'Close code tag', 'wp-editor' ),
274
- 'more' => __( 'Insert Read More tag', 'wp-editor' ),
275
- ) );
276
- wp_register_script( 'wpeditor', WPEDITOR_URL . 'js/wpeditor.js', false, WPEDITOR_VERSION_NUMBER );
277
- wp_localize_script( 'wpeditor', 'WPE', array(
278
- 'wp_editor_ajax_nonce_ajax_folders_themes' => wp_create_nonce( 'wp_editor_ajax_nonce_ajax_folders_themes' ),
279
- 'wp_editor_ajax_nonce_ajax_folders_plugins' => wp_create_nonce( 'wp_editor_ajax_nonce_ajax_folders_plugins' ),
280
- 'wp_editor_ajax_nonce_save_files_themes' => wp_create_nonce( 'wp_editor_ajax_nonce_save_files_themes' ),
281
- 'wp_editor_ajax_nonce_save_files_plugins' => wp_create_nonce( 'wp_editor_ajax_nonce_save_files_plugins' )
282
- ) );
283
- wp_register_script( 'wp-editor-posts-jquery', WPEDITOR_URL . 'js/posts-jquery.js', false, WPEDITOR_VERSION_NUMBER, true );
284
- wp_register_script( 'nivo-lightbox', WPEDITOR_URL . 'extensions/nivo-lightbox/js/nivo-lightbox.min.js', array( 'jquery' ), WPEDITOR_VERSION_NUMBER );
285
- wp_register_script( 'attrchange', WPEDITOR_URL . 'extensions/attrchange/attrchange.js', false, WPEDITOR_VERSION_NUMBER );
286
-
287
- if ( ! wp_script_is( 'codemirror', 'enqueued' ) ) {
288
- wp_register_script( 'codemirror', WPEDITOR_URL . 'extensions/codemirror/js/codemirror.js', false, WPEDITOR_VERSION_NUMBER );
289
- }
290
- wp_register_script( 'codemirror_php', WPEDITOR_URL . 'extensions/codemirror/js/php.js', false, WPEDITOR_VERSION_NUMBER );
291
- wp_register_script( 'codemirror_javascript', WPEDITOR_URL . 'extensions/codemirror/js/javascript.js', false, WPEDITOR_VERSION_NUMBER );
292
- wp_register_script( 'codemirror_css', WPEDITOR_URL . 'extensions/codemirror/js/css.js', false, WPEDITOR_VERSION_NUMBER );
293
- wp_register_script( 'codemirror_xml', WPEDITOR_URL . 'extensions/codemirror/js/xml.js', false, WPEDITOR_VERSION_NUMBER );
294
- wp_register_script( 'codemirror_clike', WPEDITOR_URL . 'extensions/codemirror/js/clike.js', false, WPEDITOR_VERSION_NUMBER );
295
- wp_register_script( 'codemirror_dialog', WPEDITOR_URL . 'extensions/codemirror/js/dialog.js', false, WPEDITOR_VERSION_NUMBER );
296
- wp_register_script( 'codemirror_search', WPEDITOR_URL . 'extensions/codemirror/js/search.js', false, WPEDITOR_VERSION_NUMBER );
297
- wp_register_script( 'codemirror_searchcursor', WPEDITOR_URL . 'extensions/codemirror/js/searchcursor.js', false, WPEDITOR_VERSION_NUMBER );
298
- wp_register_script( 'codemirror_mustache', WPEDITOR_URL . 'extensions/codemirror/js/mustache.js', false, WPEDITOR_VERSION_NUMBER );
299
- wp_register_script( 'codemirror_fullscreen', WPEDITOR_URL . 'extensions/codemirror/js/fullscreen.js', false, WPEDITOR_VERSION_NUMBER );
300
- //wp_register_script( 'codemirror_foldcode', WPEDITOR_URL . 'extensions/codemirror/js/foldcode.js' );
301
-
302
- wp_register_script( 'chosen', WPEDITOR_URL . 'extensions/chosen/js/chosen.jquery.min.js', array( 'jquery' ), WPEDITOR_VERSION_NUMBER );
303
- }
304
-
305
- public static function get_view( $filename, $data=null ) {
306
- $filename = WPEDITOR_PATH . "/$filename";
307
- ob_start();
308
- include $filename;
309
- $contents = ob_get_contents();
310
- ob_end_clean();
311
- return $contents;
312
- }
313
-
314
- public static function get_table_name( $name ) {
315
- return WPEditor::get_table_prefix() . $name;
316
- }
317
-
318
- public static function get_table_prefix() {
319
- global $wpdb;
320
- return $wpdb->prefix . 'wpeditor_';
321
- }
322
-
323
- public static function replace_plugin_edit_links( $links ) {
324
- $data = '';
325
- if ( isset( $_REQUEST['plugin_status'] ) && in_array( $_REQUEST['plugin_status'], array( 'mustuse', 'dropins' ) ) ) {
326
- $data = $links;
327
- }
328
- elseif ( WPEditorSetting::get_value( 'replace_plugin_edit_links' ) == 1 ) {
329
- foreach ( $links as $key => $value ) {
330
- if ( $key === 'edit' ) {
331
- $value = str_replace( 'plugin-editor.php?', 'plugins.php?page=wpeditor_plugin&', $value );
332
- }
333
- $data[ $key ] = $value;
334
- }
335
- }
336
- else {
337
- $data = $links;
338
- }
339
- return $data;
340
- }
341
-
342
- }
1
  <?php
2
  class WPEditor {
3
+
4
+ public function install() {
5
+
6
+ global $wpdb;
7
+ $prefix = $this->get_table_prefix();
8
+ $sqlFile = WPEDITOR_PATH . 'sql/database.sql';
9
+ $sql = str_replace( '[prefix]', $prefix, file_get_contents( $sqlFile ) );
10
+ $queries = explode( ";\n", $sql );
11
+ $wpdb->hide_errors();
12
+ foreach ( $queries as $sql ) {
13
+ if ( strlen( $sql ) > 5 ) {
14
+ $wpdb->query( $sql );
15
+ }
16
+ }
17
+
18
+ // Set the version number for this version of WPEditor
19
+ require_once( WPEDITOR_PATH . 'classes/WPEditorSetting.php' );
20
+ WPEditorSetting::set_value( 'version', WPEDITOR_VERSION_NUMBER );
21
+
22
+ if ( ! WPEditorSetting::get_value( 'upgrade' ) ) {
23
+ $this->first_install();
24
+ }
25
+
26
+ }
27
+
28
+ public function first_install() {
29
+
30
+ // Set the database to upgrade instead of first time install
31
+ WPEditorSetting::set_value( 'upgrade', 1 );
32
+
33
+ // Check if the post editor has been enabled and enable if not
34
+ if ( ! WPEditorSetting::get_value( 'enable_post_editor' ) ) {
35
+ WPEditorSetting::set_value( 'enable_post_editor', 1 );
36
+ }
37
+
38
+ // Check if the plugin and theme editors have been hidden before and hide them if not
39
+ if ( ! WPEditorSetting::get_value( 'hide_default_plugin_editor' ) ) {
40
+ WPEditorSetting::set_value( 'hide_default_plugin_editor', 1 );
41
+ }
42
+ if ( ! WPEditorSetting::get_value( 'hide_default_theme_editor' ) ) {
43
+ WPEditorSetting::set_value( 'hide_default_theme_editor', 1 );
44
+ }
45
+
46
+ // Check if the edit link for plugins has been hidden before and hide if not
47
+ if ( ! WPEditorSetting::get_value( 'replace_plugin_edit_links' ) ) {
48
+ WPEditorSetting::set_value( 'replace_plugin_edit_links', 1 );
49
+ }
50
+
51
+ // Check if the plugin line numbers have been disabled and enable if not
52
+ if ( ! WPEditorSetting::get_value( 'enable_plugin_line_numbers' ) ) {
53
+ WPEditorSetting::set_value( 'enable_plugin_line_numbers', 1 );
54
+ }
55
+
56
+ // Check if the theme line numbers have been disabled and enable if not
57
+ if ( ! WPEditorSetting::get_value( 'enable_theme_line_numbers' ) ) {
58
+ WPEditorSetting::set_value( 'enable_theme_line_numbers', 1 );
59
+ }
60
+
61
+ // Check if the post line numbers have been disabled and enable if not
62
+ if ( ! WPEditorSetting::get_value( 'enable_post_line_numbers' ) ) {
63
+ WPEditorSetting::set_value( 'enable_post_line_numbers', 1 );
64
+ }
65
+
66
+ // Check if plugin line wrapping has been disabled and enable if not
67
+ if ( ! WPEditorSetting::get_value( 'enable_plugin_line_wrapping' ) ) {
68
+ WPEditorSetting::set_value( 'enable_plugin_line_wrapping', 1 );
69
+ }
70
+
71
+ // Check if theme line wrapping has been disabled and enable if not
72
+ if ( ! WPEditorSetting::get_value( 'enable_theme_line_wrapping' ) ) {
73
+ WPEditorSetting::set_value( 'enable_theme_line_wrapping', 1 );
74
+ }
75
+
76
+ // Check if post line wrapping has been disabled and enable if not
77
+ if ( ! WPEditorSetting::get_value( 'enable_post_line_wrapping' ) ) {
78
+ WPEditorSetting::set_value( 'enable_post_line_wrapping', 1 );
79
+ }
80
+
81
+ // Check if plugin active line highlighting has been disabled and enable if not
82
+ if ( ! WPEditorSetting::get_value( 'enable_plugin_active_line' ) ) {
83
+ WPEditorSetting::set_value( 'enable_plugin_active_line', 1 );
84
+ }
85
+
86
+ // Check if theme active line highlighting has been disabled and enable if not
87
+ if ( ! WPEditorSetting::get_value( 'enable_theme_active_line' ) ) {
88
+ WPEditorSetting::set_value( 'enable_theme_active_line', 1 );
89
+ }
90
+
91
+ // Check if post active line highlighting has been disabled and enable if not
92
+ if ( ! WPEditorSetting::get_value( 'enable_post_active_line' ) ) {
93
+ WPEditorSetting::set_value( 'enable_post_active_line', 1 );
94
+ }
95
+
96
+ // Check if the default allowed extensions for the plugin editor have been set and set if not
97
+ if ( ! WPEditorSetting::get_value( 'plugin_editor_allowed_extensions' ) ) {
98
+ WPEditorSetting::set_value( 'plugin_editor_allowed_extensions', 'php~js~css~txt~htm~html~jpg~jpeg~png~gif~sql~po~less~xml' );
99
+ }
100
+
101
+ // Check if the default allowed extensions for the theme editor have been set and set if not
102
+ if ( ! WPEditorSetting::get_value( 'theme_editor_allowed_extensions' ) ) {
103
+ WPEditorSetting::set_value( 'theme_editor_allowed_extensions', 'php~js~css~txt~htm~html~jpg~jpeg~png~gif~sql~po~less~xml' );
104
+ }
105
+
106
+ // Check if the upload plugin file option has been set and set if not
107
+ if ( ! WPEditorSetting::get_value( 'plugin_file_upload' ) ) {
108
+ WPEditorSetting::set_value( 'plugin_file_upload', 1 );
109
+ }
110
+
111
+ // Check if the upload theme file option has been set and set if not
112
+ if ( ! WPEditorSetting::get_value( 'theme_file_upload' ) ) {
113
+ WPEditorSetting::set_value( 'theme_file_upload', 1 );
114
+ }
115
+
116
+ // Check if the plugin indent unit option has been set and set if not
117
+ if ( ! WPEditorSetting::get_value( 'plugin_indent_unit' ) ) {
118
+ WPEditorSetting::set_value( 'plugin_indent_unit', 2 );
119
+ }
120
+
121
+ // Check if the theme indent unit option has been set and set if not
122
+ if ( ! WPEditorSetting::get_value( 'theme_indent_unit' ) ) {
123
+ WPEditorSetting::set_value( 'theme_indent_unit', 2 );
124
+ }
125
+
126
+ // Check if the post indent unit option has been set and set if not
127
+ if ( ! WPEditorSetting::get_value( 'post_indent_unit' ) ) {
128
+ WPEditorSetting::set_value( 'post_indent_unit', 2 );
129
+ }
130
+
131
+ }
132
+
133
+ public function init() {
134
+ // Load all additional required classes
135
+ $this->loadCoreModels();
136
+
137
+ // Verify that upgrade has been run
138
+ if (IS_ADMIN ) {
139
+ if ( version_compare( WPEDITOR_VERSION_NUMBER, WPEditorSetting::get_value( 'version' ) ) ) {
140
+ $this->install();
141
+ }
142
+ }
143
+
144
+ // Define debugging and testing info
145
+ $wpeditor_logging = WPEditorSetting::get_value( 'wpeditor_logging' ) ? true : false;
146
+ define( 'WPEDITOR_DEBUG', $wpeditor_logging );
147
+
148
+ $default_wpeditor_roles = array(
149
+ 'settings' => 'manage_options',
150
+ 'theme-editor' => 'edit_themes',
151
+ 'plugin-editor' => 'edit_plugins'
152
+ );
153
+ // Set default admin page roles if there isn't any
154
+ $wpeditor_roles = WPEditorSetting::get_value( 'admin_page_roles' );
155
+ if ( empty( $wpeditor_roles ) ) {
156
+ WPEditorSetting::set_value( 'admin_page_roles', serialize( $default_wpeditor_roles ) );
157
+ }
158
+ // Ensure that all admin page roles have been set.
159
+ else {
160
+ $update_roles = false;
161
+ $wpeditor_roles = unserialize( $wpeditor_roles );
162
+ foreach ( $default_wpeditor_roles as $key => $value ) {
163
+ if ( ! array_key_exists( $key, $wpeditor_roles ) ) {
164
+ $wpeditor_roles[ $key ] = $value;
165
+ $update_roles = true;
166
+ }
167
+ }
168
+ if ( $update_roles ) {
169
+ WPEditorSetting::set_value( 'admin_page_roles', serialize( $wpeditor_roles ) );
170
+ }
171
+ $wpeditor_roles = serialize( $wpeditor_roles );
172
+ }
173
+
174
+ if ( IS_ADMIN ) {
175
+ // Load default stylesheet
176
+ add_action( 'admin_init', array( $this, 'register_default_stylesheet' ) );
177
+ // Load default script
178
+ add_action( 'admin_init', array( $this, 'register_default_script' ) );
179
+ // Register the default settings
180
+ add_action( 'admin_init', array( 'WPEditorSetting', 'register_settings' ) );
181
+
182
+ // Remove default editor submenus
183
+ add_action( 'admin_menu', array( 'WPEditorAdmin', 'remove_default_editor_menus' ) );
184
+ // Add WP Editor Settings Page
185
+ add_action( 'admin_menu', array( 'WPEditorAdmin', 'build_admin_menu' ) );
186
+
187
+ // Add Plugin Editor Page
188
+ add_action( 'admin_menu', array( 'WPEditorAdmin', 'add_plugins_page' ) );
189
+ // Add Theme Editor Page
190
+ add_action( 'admin_menu', array( 'WPEditorAdmin', 'add_themes_page' ) );
191
+
192
+ // Ajax request to save settings
193
+ add_action( 'wp_ajax_save_wpeditor_settings', array( 'WPEditorAjax', 'save_settings' ) );
194
+
195
+ // Ajax request to save files
196
+ add_action( 'wp_ajax_save_files', array( 'WPEditorAjax', 'save_file' ) );
197
+
198
+ // Ajax request to upload files
199
+ add_action( 'wp_ajax_upload_files', array( 'WPEditorAjax', 'upload_file' ) );
200
+
201
+ // Ajax request to retrieve files and folders
202
+ add_action( 'wp_ajax_ajax_folders', array( 'WPEditorAjax', 'ajax_folders' ) );
203
+
204
+ // Replace default plugin edit links
205
+ add_filter( 'plugin_action_links', array( $this, 'replace_plugin_edit_links' ), 9, 1 );
206
+
207
+ add_filter( 'the_editor', array( 'WPEditorPosts', 'add_posts_jquery' ) );
208
+
209
+ if (!current_user_can( 'editor' ) && !current_user_can( 'administrator' ) ) {
210
+ global $pagenow;
211
+ if ( $pagenow == 'index.php' ) {
212
+ add_filter( 'admin_footer', array( 'WPEditorPosts', 'add_posts_jquery' ) );
213
+ }
214
+ }
215
+
216
+ }
217
+ }
218
+
219
+ public function loadCoreModels() {
220
+ require_once( WPEDITOR_PATH . 'classes/WPEditorAdmin.php' );
221
+ require_once( WPEDITOR_PATH . 'classes/WPEditorAjax.php' );
222
+ require_once( WPEDITOR_PATH . 'classes/WPEditorBrowser.php' );
223
+ require_once( WPEDITOR_PATH . 'classes/WPEditorException.php' );
224
+ require_once( WPEDITOR_PATH . 'classes/WPEditorLog.php' );
225
+ require_once( WPEDITOR_PATH . 'classes/WPEditorPlugins.php' );
226
+ require_once( WPEDITOR_PATH . 'classes/WPEditorPosts.php' );
227
+ require_once( WPEDITOR_PATH . 'classes/WPEditorSetting.php' );
228
+ require_once( WPEDITOR_PATH . 'classes/WPEditorThemes.php' );
229
+ }
230
+
231
+ public function register_default_stylesheet() {
232
+ wp_register_style( 'wpeditor', WPEDITOR_URL . '/wpeditor.css', false, WPEDITOR_VERSION_NUMBER );
233
+ wp_register_style( 'nivo-lightbox', WPEDITOR_URL . '/extensions/nivo-lightbox/css/nivo-lightbox.css', false, WPEDITOR_VERSION_NUMBER );
234
+ wp_register_style( 'nivo-lightbox-default', WPEDITOR_URL . '/extensions/nivo-lightbox/themes/default/default.css', array( 'nivo-lightbox' ), WPEDITOR_VERSION_NUMBER );
235
+ wp_register_style( 'codemirror', WPEDITOR_URL . '/extensions/codemirror/css/codemirror.css', false, WPEDITOR_VERSION_NUMBER );
236
+ wp_register_style( 'codemirror_dialog', WPEDITOR_URL . '/extensions/codemirror/css/dialog.css', false, WPEDITOR_VERSION_NUMBER );
237
+ wp_register_style( 'codemirror_fullscreen', WPEDITOR_URL . '/extensions/codemirror/css/fullscreen.css', false, WPEDITOR_VERSION_NUMBER );
238
+ wp_register_style( 'codemirror_themes', WPEDITOR_URL . '/extensions/codemirror/themes/themes.css', false, WPEDITOR_VERSION_NUMBER );
239
+ wp_register_style( 'chosen', WPEDITOR_URL . '/extensions/chosen/css/chosen.min.css', false, WPEDITOR_VERSION_NUMBER );
240
+ }
241
+
242
+ public function register_default_script() {
243
+ wp_deregister_script( 'quicktags' );
244
+ wp_register_script( 'quicktags', WPEDITOR_URL . '/js/quicktags.js', false, WPEDITOR_VERSION_NUMBER, true );
245
+ wp_localize_script( 'quicktags', 'quicktagsL10n', array(
246
+ 'closeAllOpenTags' => __( 'Close all open tags', 'wp-editor' ),
247
+ 'closeTags' => __( 'close tags', 'wp-editor' ),
248
+ 'enterURL' => __( 'Enter the URL', 'wp-editor' ),
249
+ 'enterImageURL' => __( 'Enter the URL of the image', 'wp-editor' ),
250
+ 'enterImageDescription' => __( 'Enter a description of the image', 'wp-editor' ),
251
+ 'textdirection' => __( 'text direction', 'wp-editor' ),
252
+ 'toggleTextdirection' => __( 'Toggle Editor Text Direction', 'wp-editor' ),
253
+ 'dfw' => __( 'Distraction-free writing mode', 'wp-editor' ),
254
+ 'strong' => __( 'Bold', 'wp-editor' ),
255
+ 'strongClose' => __( 'Close bold tag', 'wp-editor' ),
256
+ 'em' => __( 'Italic', 'wp-editor' ),
257
+ 'emClose' => __( 'Close italic tag', 'wp-editor' ),
258
+ 'link' => __( 'Insert link', 'wp-editor' ),
259
+ 'blockquote' => __( 'Blockquote', 'wp-editor' ),
260
+ 'blockquoteClose' => __( 'Close blockquote tag', 'wp-editor' ),
261
+ 'del' => __( 'Deleted text (strikethrough)', 'wp-editor' ),
262
+ 'delClose' => __( 'Close deleted text tag', 'wp-editor' ),
263
+ 'ins' => __( 'Inserted text', 'wp-editor' ),
264
+ 'insClose' => __( 'Close inserted text tag', 'wp-editor' ),
265
+ 'image' => __( 'Insert image', 'wp-editor' ),
266
+ 'ul' => __( 'Bulleted list', 'wp-editor' ),
267
+ 'ulClose' => __( 'Close bulleted list tag', 'wp-editor' ),
268
+ 'ol' => __( 'Numbered list', 'wp-editor' ),
269
+ 'olClose' => __( 'Close numbered list tag', 'wp-editor' ),
270
+ 'li' => __( 'List item', 'wp-editor' ),
271
+ 'liClose' => __( 'Close list item tag', 'wp-editor' ),
272
+ 'code' => __( 'Code', 'wp-editor' ),
273
+ 'codeClose' => __( 'Close code tag', 'wp-editor' ),
274
+ 'more' => __( 'Insert Read More tag', 'wp-editor' ),
275
+ ) );
276
+ wp_register_script( 'wpeditor', WPEDITOR_URL . 'js/wpeditor.js', false, WPEDITOR_VERSION_NUMBER );
277
+ wp_localize_script( 'wpeditor', 'WPE', array(
278
+ 'wp_editor_ajax_nonce_ajax_folders_themes' => wp_create_nonce( 'wp_editor_ajax_nonce_ajax_folders_themes' ),
279
+ 'wp_editor_ajax_nonce_ajax_folders_plugins' => wp_create_nonce( 'wp_editor_ajax_nonce_ajax_folders_plugins' ),
280
+ 'wp_editor_ajax_nonce_save_files_themes' => wp_create_nonce( 'wp_editor_ajax_nonce_save_files_themes' ),
281
+ 'wp_editor_ajax_nonce_save_files_plugins' => wp_create_nonce( 'wp_editor_ajax_nonce_save_files_plugins' )
282
+ ) );
283
+ wp_register_script( 'wp-editor-posts-jquery', WPEDITOR_URL . 'js/posts-jquery.js', false, WPEDITOR_VERSION_NUMBER, true );
284
+ wp_register_script( 'nivo-lightbox', WPEDITOR_URL . 'extensions/nivo-lightbox/js/nivo-lightbox.min.js', array( 'jquery' ), WPEDITOR_VERSION_NUMBER );
285
+ wp_register_script( 'attrchange', WPEDITOR_URL . 'extensions/attrchange/attrchange.js', false, WPEDITOR_VERSION_NUMBER );
286
+
287
+ if ( ! wp_script_is( 'codemirror', 'enqueued' ) ) {
288
+ wp_register_script( 'codemirror', WPEDITOR_URL . 'extensions/codemirror/js/codemirror.js', false, WPEDITOR_VERSION_NUMBER );
289
+ }
290
+ wp_register_script( 'codemirror_php', WPEDITOR_URL . 'extensions/codemirror/js/php.js', false, WPEDITOR_VERSION_NUMBER );
291
+ wp_register_script( 'codemirror_javascript', WPEDITOR_URL . 'extensions/codemirror/js/javascript.js', false, WPEDITOR_VERSION_NUMBER );
292
+ wp_register_script( 'codemirror_css', WPEDITOR_URL . 'extensions/codemirror/js/css.js', false, WPEDITOR_VERSION_NUMBER );
293
+ wp_register_script( 'codemirror_xml', WPEDITOR_URL . 'extensions/codemirror/js/xml.js', false, WPEDITOR_VERSION_NUMBER );
294
+ wp_register_script( 'codemirror_clike', WPEDITOR_URL . 'extensions/codemirror/js/clike.js', false, WPEDITOR_VERSION_NUMBER );
295
+ wp_register_script( 'codemirror_dialog', WPEDITOR_URL . 'extensions/codemirror/js/dialog.js', false, WPEDITOR_VERSION_NUMBER );
296
+ wp_register_script( 'codemirror_search', WPEDITOR_URL . 'extensions/codemirror/js/search.js', false, WPEDITOR_VERSION_NUMBER );
297
+ wp_register_script( 'codemirror_searchcursor', WPEDITOR_URL . 'extensions/codemirror/js/searchcursor.js', false, WPEDITOR_VERSION_NUMBER );
298
+ wp_register_script( 'codemirror_mustache', WPEDITOR_URL . 'extensions/codemirror/js/mustache.js', false, WPEDITOR_VERSION_NUMBER );
299
+ wp_register_script( 'codemirror_fullscreen', WPEDITOR_URL . 'extensions/codemirror/js/fullscreen.js', false, WPEDITOR_VERSION_NUMBER );
300
+ //wp_register_script( 'codemirror_foldcode', WPEDITOR_URL . 'extensions/codemirror/js/foldcode.js' );
301
+
302
+ wp_register_script( 'chosen', WPEDITOR_URL . 'extensions/chosen/js/chosen.jquery.min.js', array( 'jquery' ), WPEDITOR_VERSION_NUMBER );
303
+ }
304
+
305
+ public static function get_view( $filename, $data=null ) {
306
+ $filename = WPEDITOR_PATH . "/$filename";
307
+ ob_start();
308
+ include $filename;
309
+ $contents = ob_get_contents();
310
+ ob_end_clean();
311
+ return $contents;
312
+ }
313
+
314
+ public static function get_table_name( $name ) {
315
+ return WPEditor::get_table_prefix() . $name;
316
+ }
317
+
318
+ public static function get_table_prefix() {
319
+ global $wpdb;
320
+ return $wpdb->prefix . 'wpeditor_';
321
+ }
322
+
323
+ public static function replace_plugin_edit_links( $links ) {
324
+ // phpcs:ignore HM.Security.NonceVerification.Recommended
325
+ if ( isset( $_REQUEST['plugin_status'] ) && in_array( $_REQUEST['plugin_status'], array( 'mustuse', 'dropins' ) ) ) {
326
+ return $links;
327
+ }
328
+
329
+ if ( WPEditorSetting::get_value( 'replace_plugin_edit_links' ) == 1 ) {
330
+ if ( isset( $links['edit'] ) ) {
331
+ $links['edit'] = str_replace( 'plugin-editor.php?', 'plugins.php?page=wpeditor_plugin&', $links['edit'] );
332
+ }
333
+
334
+ return $links;
335
+ }
336
+
337
+ return $links;
338
+ }
339
+
340
+ }
 
 
classes/WPEditorAjax.php CHANGED
@@ -28,7 +28,7 @@ class WPEditorAjax {
28
  }
29
 
30
  if (isset( $_REQUEST['_tab'] ) ) {
31
- WPEditorSetting::set_value( 'settings_tab', esc_html( $_REQUEST['_tab'] ) );
32
  }
33
 
34
  if ( $error ) {
@@ -37,14 +37,18 @@ class WPEditorAjax {
37
  }
38
  else {
39
  $result[0] = 'WPEditorAjaxSuccess';
40
- $result[1] = '<h3>' . __( 'Success', 'wp-editor' ) . '</h3><p>' . esc_html( $_REQUEST['_success'] ) . '</p>';
 
 
 
 
41
  }
42
 
43
  echo wp_json_encode( $result );
44
  die();
45
 
46
  }
47
-
48
  public static function upload_file() {
49
 
50
  $upload = '';
@@ -55,7 +59,7 @@ class WPEditorAjax {
55
  if ( current_user_can( 'edit_themes' ) ) {
56
  $upload = WPEditorBrowser::upload_theme_files();
57
  }
58
-
59
  }
60
  elseif ( isset( $_POST['current_plugin_root'] ) ) {
61
 
@@ -71,7 +75,7 @@ class WPEditorAjax {
71
  die();
72
 
73
  }
74
-
75
  public static function save_file() {
76
 
77
  if ( isset( $_POST['wp_editor_ajax_nonce_save_files_themes'] ) ) {
@@ -81,7 +85,7 @@ class WPEditorAjax {
81
  if ( ! current_user_can( 'edit_themes' ) ) {
82
  die;
83
  }
84
-
85
  }
86
  elseif ( isset( $_POST['wp_editor_ajax_nonce_save_files_plugins'] ) ) {
87
 
@@ -102,18 +106,19 @@ class WPEditorAjax {
102
 
103
  if ( isset( $_POST['new_content'] ) && isset( $_POST['real_file'] ) ) {
104
 
105
- $real_file = $_POST['real_file'];
106
 
107
  //detect and handle unc paths
108
  if ( substr( $real_file, 0, 4) === '\\\\\\\\' ) {
109
- $real_file = str_replace( '\\\\', '\\', $real_file );
110
  }
111
 
112
  if ( file_exists( $real_file ) ) {
113
 
114
  if ( is_writable( $real_file ) ) {
115
 
116
- $new_content = stripslashes( $_POST['new_content'] );
 
117
  if ( file_get_contents( $real_file ) === $new_content ) {
118
  WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
119
  }
@@ -147,22 +152,25 @@ class WPEditorAjax {
147
 
148
  if ( $error ) {
149
  $result[0] = 'WPEditorAjaxError';
150
- $result[1] = '<h3>' . __( 'Warning','wpeditor' ) . "</h3><p>$error</p>";
151
  }
152
  else {
153
  $result[0] = 'WPEditorAjaxSuccess';
154
- $result[1] = '<h3>' . __( 'Success', 'wp-editor' ) . '</h3><p>' . $_REQUEST['_success'] . '</p>';
 
 
 
155
  }
156
 
157
  if (isset( $_POST['extension'] ) ) {
158
- $result[2] = $_POST['extension'];
159
  }
160
 
161
  echo wp_json_encode( $result );
162
  die();
163
 
164
- }
165
-
166
  public static function ajax_folders() {
167
 
168
  if ( isset( $_POST['wp_editor_ajax_nonce_ajax_folders_themes'] ) ) {
@@ -172,7 +180,7 @@ class WPEditorAjax {
172
  if ( ! current_user_can( 'edit_themes' ) ) {
173
  die;
174
  }
175
-
176
  }
177
  elseif ( isset( $_POST['wp_editor_ajax_nonce_ajax_folders_plugins'] ) ) {
178
 
@@ -186,11 +194,16 @@ class WPEditorAjax {
186
  else {
187
  die;
188
  }
189
-
190
- $dir = urldecode( $_REQUEST['dir'] );
191
-
 
 
 
 
 
192
  if ( isset( $_REQUEST['contents'] ) ) {
193
- $contents = $_REQUEST['contents'];
194
  }
195
  else {
196
  $contents = 0;
@@ -198,12 +211,12 @@ class WPEditorAjax {
198
 
199
  $type = null;
200
  if ( isset( $_REQUEST['type'] ) ) {
201
- $type = $_REQUEST['type'];
202
  }
203
 
204
  echo wp_json_encode( WPEditorBrowser::get_files_and_folders( $dir, $contents, $type ) );
205
  die();
206
 
207
  }
208
-
209
  }
28
  }
29
 
30
  if (isset( $_REQUEST['_tab'] ) ) {
31
+ WPEditorSetting::set_value( 'settings_tab', sanitize_title( wp_unslash( $_REQUEST['_tab'] ) ) );
32
  }
33
 
34
  if ( $error ) {
37
  }
38
  else {
39
  $result[0] = 'WPEditorAjaxSuccess';
40
+ $result[1] = '<h3>' . __( 'Success', 'wp-editor' ) . '</h3>';
41
+ if ( isset( $_REQUEST['_success'] ) ) {
42
+ $result[1] .= '<p>' . sanitize_text_field( wp_unslash( $_REQUEST['_success'] ) ) . '</p>';
43
+ }
44
+ //
45
  }
46
 
47
  echo wp_json_encode( $result );
48
  die();
49
 
50
  }
51
+
52
  public static function upload_file() {
53
 
54
  $upload = '';
59
  if ( current_user_can( 'edit_themes' ) ) {
60
  $upload = WPEditorBrowser::upload_theme_files();
61
  }
62
+
63
  }
64
  elseif ( isset( $_POST['current_plugin_root'] ) ) {
65
 
75
  die();
76
 
77
  }
78
+
79
  public static function save_file() {
80
 
81
  if ( isset( $_POST['wp_editor_ajax_nonce_save_files_themes'] ) ) {
85
  if ( ! current_user_can( 'edit_themes' ) ) {
86
  die;
87
  }
88
+
89
  }
90
  elseif ( isset( $_POST['wp_editor_ajax_nonce_save_files_plugins'] ) ) {
91
 
106
 
107
  if ( isset( $_POST['new_content'] ) && isset( $_POST['real_file'] ) ) {
108
 
109
+ $real_file = wp_normalize_path( sanitize_text_field( wp_unslash( $_POST['real_file'] ) ) );
110
 
111
  //detect and handle unc paths
112
  if ( substr( $real_file, 0, 4) === '\\\\\\\\' ) {
113
+ $real_file = str_replace( '\\\\', '\\', $real_file );
114
  }
115
 
116
  if ( file_exists( $real_file ) ) {
117
 
118
  if ( is_writable( $real_file ) ) {
119
 
120
+ // phpcs:ignore HM.Security.ValidatedSanitizedInput.InputNotSanitized, (per WP Core editor)
121
+ $new_content = wp_unslash( $_POST['new_content'] );
122
  if ( file_get_contents( $real_file ) === $new_content ) {
123
  WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
124
  }
152
 
153
  if ( $error ) {
154
  $result[0] = 'WPEditorAjaxError';
155
+ $result[1] = '<h3>' . __( 'Warning','wpeditor' ) . "</h3><p>' . esc_html( $error ) . '</p>";
156
  }
157
  else {
158
  $result[0] = 'WPEditorAjaxSuccess';
159
+ $result[1] = '<h3>' . __( 'Success', 'wp-editor' ) . '</h3>';
160
+ if ( isset( $_REQUEST['_success'] ) ) {
161
+ $result[1] .= '<p>' . sanitize_text_field( wp_unslash( $_REQUEST['_success'] ) ) . '</p>';
162
+ }
163
  }
164
 
165
  if (isset( $_POST['extension'] ) ) {
166
+ $result[2] = sanitize_file_name( wp_unslash( $_POST['extension'] ) );
167
  }
168
 
169
  echo wp_json_encode( $result );
170
  die();
171
 
172
+ }
173
+
174
  public static function ajax_folders() {
175
 
176
  if ( isset( $_POST['wp_editor_ajax_nonce_ajax_folders_themes'] ) ) {
180
  if ( ! current_user_can( 'edit_themes' ) ) {
181
  die;
182
  }
183
+
184
  }
185
  elseif ( isset( $_POST['wp_editor_ajax_nonce_ajax_folders_plugins'] ) ) {
186
 
194
  else {
195
  die;
196
  }
197
+
198
+ if ( isset( $_REQUEST['dir'] ) ) {
199
+ // phpcs:ignore HM.Security.ValidatedSanitizedInput.InputNotSanitized, (data is incorrectly sent)
200
+ $dir = wp_normalize_path( sanitize_text_field( urldecode( wp_unslash( $_REQUEST['dir'] ) ) ) );
201
+ } else {
202
+ $dir = 0;
203
+ }
204
+
205
  if ( isset( $_REQUEST['contents'] ) ) {
206
+ $contents = wp_unslash( $_REQUEST['contents'] );
207
  }
208
  else {
209
  $contents = 0;
211
 
212
  $type = null;
213
  if ( isset( $_REQUEST['type'] ) ) {
214
+ $type = sanitize_text_field( wp_unslash( $_REQUEST['type'] ) );
215
  }
216
 
217
  echo wp_json_encode( WPEditorBrowser::get_files_and_folders( $dir, $contents, $type ) );
218
  die();
219
 
220
  }
221
+
222
  }
classes/WPEditorPlugins.php CHANGED
@@ -1,173 +1,173 @@
1
  <?php
2
  class WPEditorPlugins {
3
-
4
- public static function add_plugins_page() {
5
- if ( !current_user_can( 'edit_plugins' ) ) {
6
- wp_die( '<p>' . __( 'You do not have sufficient permissions to edit plugins for this site.', 'wp-editor' ) . '</p>' );
7
- }
8
-
9
- if ( isset( $_POST['create_plugin_new'] ) && wp_verify_nonce( $_POST['create_plugin_new'], 'create_plugin_new' ) ) {
10
- self::create_new_plugin();
11
- }
12
-
13
- if ( isset( $_POST['download_plugin'] ) ) {
14
- WPEditorBrowser::download_plugin( $_POST['file'] );
15
- }
16
-
17
- if ( isset( $_POST['download_plugin_file'] ) ) {
18
- WPEditorBrowser::download_file( $_POST['file_path'], 'plugin' );
19
- }
20
-
21
- $plugins = get_plugins();
22
 
23
- if ( empty( $plugins ) ) {
24
- wp_die( '<p>' . __( 'There are no plugins installed on this site.', 'wp-editor' ) . '</p>' );
25
- }
26
-
27
- if ( isset( $_REQUEST['plugin'] ) ) {
28
- $plugin = stripslashes( esc_html( $_REQUEST['plugin'] ) );
29
- }
30
- if ( isset( $_REQUEST['file'] ) ) {
31
- $file = stripslashes( esc_html( $_REQUEST['file'] ) );
32
- }
33
 
34
- if ( empty( $plugin) ) {
35
- $plugin = array_keys( $plugins );
36
- $plugin = $plugin[0];
37
- }
38
- $plugin_files[] = $plugin;
39
-
40
- if ( empty( $file ) ) {
41
- $file = $plugin_files[0];
42
- }
43
- else {
44
- $file = stripslashes( $file );
45
- $plugin = $file;
46
- }
47
- $pf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", WP_PLUGIN_DIR . '/' . $file ) : WP_PLUGIN_DIR . '/' . $file, 0, 'plugin' );
48
- foreach( $pf as $plugin_file ) {
49
- foreach( $plugin_file as $k => $p) {
50
- if ( $k == 'file' ) {
51
- $plugin_files[] = $p;
52
- }
53
- }
54
- }
55
-
56
- $file = validate_file_to_edit( ( WPWINDOWS ) ? str_replace( "/", "\\", $file ) : $file, $plugin_files );
57
- $current_plugin_root = WP_PLUGIN_DIR . '/' . dirname( $file );
58
- $real_file = WP_PLUGIN_DIR . '/' . $plugin;
59
-
60
- if ( isset( $_POST['new-content'] ) && file_exists( $real_file ) && is_writable( $real_file ) ) {
61
- $new_content = stripslashes( $_POST['new-content'] );
62
- if ( file_get_contents( $real_file ) === $new_content ) {
63
- WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
64
- }
65
- else {
66
- $f = fopen( $real_file, 'w+' );
67
- fwrite( $f, $new_content );
68
- fclose( $f );
69
- WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] just wrote to $real_file" );
70
- }
71
- }
72
-
73
- $content = file_get_contents( $real_file );
74
 
75
- $content = esc_textarea( $content );
76
-
77
- $scroll_to = isset( $_REQUEST['scroll_to'] ) ? (int) $_REQUEST['scroll_to'] : 0;
78
-
79
- $data = array(
80
- 'plugins' => $plugins,
81
- 'plugin' => $plugin,
82
- 'plugin_files' => $plugin_files,
83
- 'current_plugin_root' => $current_plugin_root,
84
- 'real_file' => $real_file,
85
- 'content' => $content,
86
- 'scroll_to' => $scroll_to,
87
- 'file' => $file,
88
- 'content-type' => 'plugin'
89
- );
90
- echo WPEditor::get_view( 'views/plugin-editor.php', $data );
91
- }
92
-
93
- public static function create_new_plugin() {
94
- if ( current_user_can( 'edit_plugins' ) ) {
95
- if ( isset( $_POST['plugin-name'] ) && $_POST['plugin-name'] != '' && isset( $_POST['plugin-folder'] ) && $_POST['plugin-folder'] != '' && isset( $_POST['plugin-filename'] ) && $_POST['plugin-filename'] != '' ) {
96
- $folder = $_POST['plugin-folder'];
97
- $file = $_POST['plugin-filename'];
98
- if ( substr( $file, -4 ) != '.php' ) {
99
- $file .= '.php';
100
- }
101
- if ( is_writable( WP_PLUGIN_DIR ) ) {
102
- $slash = '/';
103
- if ( WPWINDOWS ) {
104
- $slash = '\\';
105
- }
106
- if ( ! file_exists( WP_PLUGIN_DIR . $slash . $folder ) ) {
107
- if ( mkdir( WP_PLUGIN_DIR . $slash . $folder ) ) {
108
- $content = "<?php\n/*\nPlugin Name: " . $_POST['plugin-name'] . "\n*/";
109
- if ( file_put_contents( WP_PLUGIN_DIR . $slash . $folder . $slash . $file, $content ) ) {
110
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&create-plugin=success&file=' . $folder . $slash . $file );
111
- exit;
112
- }
113
- else {
114
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
115
- exit;
116
- }
117
- }
118
- else {
119
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
120
- exit;
121
- }
122
- }
123
- else {
124
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
125
- exit;
126
- }
127
- }
128
- else {
129
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=1&create_tab=true' );
130
- exit;
131
- }
132
- }
133
- else {
134
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=5&create_tab=true' );
135
- exit;
136
- }
137
- }
138
- else {
139
- wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=1' );
140
- exit;
141
- }
142
- }
143
-
144
- public static function plugins_help_tab() {
145
- global $wpeditor_plugin;
146
- $screen = get_current_screen();
147
- if ( function_exists( 'add_help_tab' ) ) {
148
- $screen->add_help_tab( array(
149
- 'id' => 'overview',
150
- 'title' => __( 'Overview' ),
151
- 'content' => '<p>' . __( 'You can use the editor to make changes to any of your plugins&#8217; individual PHP files. Be aware that if you make changes, plugins updates will overwrite your customizations.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Choose a plugin to edit from the menu in the upper right and click the Select button. Click once on any file name to load it in the editor, and make your changes. Don&#8217;t forget to save your changes (Update File ) when you&#8217;re finished.', 'wp-editor' ) . '</p>' . '<p>' . __( 'The Documentation menu below the editor lists the PHP functions recognized in the plugin file. Clicking Lookup takes you to a web page about that particular function.', 'wp-editor' ) . '</p>' . '<p>' . __( 'If you want to make changes but don&#8217;t want them to be overwritten when the plugin is updated, you may be ready to think about writing your own plugin. For information on how to edit plugins, write your own from scratch, or just better understand their anatomy, check out the links below.', 'wp-editor' ) . '</p>' . ( is_network_admin() ? '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.', 'wp-editor' ) . '</p>' : '' )
152
- ) );
153
- $screen->set_help_sidebar(
154
- '<p><strong>' . __( 'For more information:', 'wp-editor' ) . '</strong></p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Plugins_Editor_Screen" target="_blank">Documentation on Editing Plugins</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Writing_a_Plugin" target="_blank">Documentation on Writing Plugins</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>', 'wp-editor' ) . '</p>'
155
- );
156
- }
157
- elseif ( version_compare( get_bloginfo( 'version' ), '3.3', '<' ) ) {
158
- $help = '<p>' . __( 'You can use the editor to make changes to any of your plugins&#8217; individual PHP files. Be aware that if you make changes, plugins updates will overwrite your customizations.' ) . '</p>';
159
- $help .= '<p>' . __( 'Choose a plugin to edit from the menu in the upper right and click the Select button. Click once on any file name to load it in the editor, and make your changes. Don&#8217;t forget to save your changes (Update File ) when you&#8217;re finished.' ) . '</p>';
160
- $help .= '<p>' . __( 'The Documentation menu below the editor lists the PHP functions recognized in the plugin file. Clicking Lookup takes you to a web page about that particular function.' ) . '</p>';
161
- $help .= '<p>' . __( 'If you want to make changes but don&#8217;t want them to be overwritten when the plugin is updated, you may be ready to think about writing your own plugin. For information on how to edit plugins, write your own from scratch, or just better understand their anatomy, check out the links below.' ) . '</p>';
162
- if ( is_network_admin() ) {
163
- $help .= '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.' ) . '</p>';
164
- }
165
- $help .= '<p><strong>' . __( 'For more information:' ) . '</strong></p>';
166
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Plugins_Editor_Screen" target="_blank">Documentation on Editing Plugins</a>' ) . '</p>';
167
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Writing_a_Plugin" target="_blank">Documentation on Writing Plugins</a>' ) . '</p>';
168
- $help .= '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>' ) . '</p>';
169
- add_contextual_help( $screen, $help);
170
- }
171
- }
172
-
173
  }
1
  <?php
2
  class WPEditorPlugins {
3
+
4
+ public static function add_plugins_page() {
5
+ if ( !current_user_can( 'edit_plugins' ) ) {
6
+ wp_die( '<p>' . __( 'You do not have sufficient permissions to edit plugins for this site.', 'wp-editor' ) . '</p>' );
7
+ }
8
+
9
+ if ( isset( $_POST['create_plugin_new'] ) && wp_verify_nonce( $_POST['create_plugin_new'], 'create_plugin_new' ) ) {
10
+ self::create_new_plugin();
11
+ }
12
+
13
+ if ( isset( $_POST['download_plugin'] ) ) {
14
+ WPEditorBrowser::download_plugin( $_POST['file'] );
15
+ }
16
+
17
+ if ( isset( $_POST['download_plugin_file'] ) ) {
18
+ WPEditorBrowser::download_file( $_POST['file_path'], 'plugin' );
19
+ }
20
+
21
+ $plugins = get_plugins();
22
 
23
+ if ( empty( $plugins ) ) {
24
+ wp_die( '<p>' . __( 'There are no plugins installed on this site.', 'wp-editor' ) . '</p>' );
25
+ }
26
+
27
+ if ( isset( $_REQUEST['plugin'] ) ) {
28
+ $plugin = stripslashes( esc_html( $_REQUEST['plugin'] ) );
29
+ }
30
+ if ( isset( $_REQUEST['file'] ) ) {
31
+ $file = stripslashes( esc_html( $_REQUEST['file'] ) );
32
+ }
33
 
34
+ if ( empty( $plugin) ) {
35
+ $plugin = array_keys( $plugins );
36
+ $plugin = $plugin[0];
37
+ }
38
+ $plugin_files[] = $plugin;
39
+
40
+ if ( empty( $file ) ) {
41
+ $file = $plugin_files[0];
42
+ }
43
+ else {
44
+ $file = stripslashes( $file );
45
+ $plugin = $file;
46
+ }
47
+ $pf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", WP_PLUGIN_DIR . '/' . $file ) : WP_PLUGIN_DIR . '/' . $file, 0, 'plugin' );
48
+ foreach( $pf as $plugin_file ) {
49
+ foreach( $plugin_file as $k => $p) {
50
+ if ( $k == 'file' ) {
51
+ $plugin_files[] = $p;
52
+ }
53
+ }
54
+ }
55
+
56
+ $file = validate_file_to_edit( ( WPWINDOWS ) ? str_replace( "/", "\\", $file ) : $file, $plugin_files );
57
+ $current_plugin_root = WP_PLUGIN_DIR . '/' . dirname( $file );
58
+ $real_file = WP_PLUGIN_DIR . '/' . $plugin;
59
+
60
+ if ( isset( $_POST['new-content'] ) && file_exists( $real_file ) && is_writable( $real_file ) ) {
61
+ $new_content = stripslashes( $_POST['new-content'] );
62
+ if ( file_get_contents( $real_file ) === $new_content ) {
63
+ WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
64
+ }
65
+ else {
66
+ $f = fopen( $real_file, 'w+' );
67
+ fwrite( $f, $new_content );
68
+ fclose( $f );
69
+ WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] just wrote to $real_file" );
70
+ }
71
+ }
72
+
73
+ $content = file_get_contents( $real_file );
74
 
75
+ $content = esc_textarea( $content );
76
+
77
+ $scroll_to = isset( $_REQUEST['scroll_to'] ) ? (int) $_REQUEST['scroll_to'] : 0;
78
+
79
+ $data = array(
80
+ 'plugins' => $plugins,
81
+ 'plugin' => $plugin,
82
+ 'plugin_files' => $plugin_files,
83
+ 'current_plugin_root' => $current_plugin_root,
84
+ 'real_file' => $real_file,
85
+ 'content' => $content,
86
+ 'scroll_to' => $scroll_to,
87
+ 'file' => $file,
88
+ 'content-type' => 'plugin'
89
+ );
90
+ echo WPEditor::get_view( 'views/plugin-editor.php', $data );
91
+ }
92
+
93
+ public static function create_new_plugin() {
94
+ if ( current_user_can( 'edit_plugins' ) ) {
95
+ if ( isset( $_POST['plugin-name'] ) && $_POST['plugin-name'] != '' && isset( $_POST['plugin-folder'] ) && $_POST['plugin-folder'] != '' && isset( $_POST['plugin-filename'] ) && $_POST['plugin-filename'] != '' ) {
96
+ $folder = $_POST['plugin-folder'];
97
+ $file = $_POST['plugin-filename'];
98
+ if ( substr( $file, -4 ) != '.php' ) {
99
+ $file .= '.php';
100
+ }
101
+ if ( is_writable( WP_PLUGIN_DIR ) ) {
102
+ $slash = '/';
103
+ if ( WPWINDOWS ) {
104
+ $slash = '\\';
105
+ }
106
+ if ( ! file_exists( WP_PLUGIN_DIR . $slash . $folder ) ) {
107
+ if ( mkdir( WP_PLUGIN_DIR . $slash . $folder ) ) {
108
+ $content = "<?php\n/*\nPlugin Name: " . $_POST['plugin-name'] . "\n*/";
109
+ if ( file_put_contents( WP_PLUGIN_DIR . $slash . $folder . $slash . $file, $content ) ) {
110
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&create-plugin=success&file=' . $folder . $slash . $file );
111
+ exit;
112
+ }
113
+ else {
114
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
115
+ exit;
116
+ }
117
+ }
118
+ else {
119
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
120
+ exit;
121
+ }
122
+ }
123
+ else {
124
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=6&create_tab=true' );
125
+ exit;
126
+ }
127
+ }
128
+ else {
129
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=1&create_tab=true' );
130
+ exit;
131
+ }
132
+ }
133
+ else {
134
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=5&create_tab=true' );
135
+ exit;
136
+ }
137
+ }
138
+ else {
139
+ wp_redirect( admin_url() . 'plugins.php?page=wpeditor_plugin&error=1' );
140
+ exit;
141
+ }
142
+ }
143
+
144
+ public static function plugins_help_tab() {
145
+ global $wpeditor_plugin;
146
+ $screen = get_current_screen();
147
+ if ( function_exists( 'add_help_tab' ) ) {
148
+ $screen->add_help_tab( array(
149
+ 'id' => 'overview',
150
+ 'title' => __( 'Overview' ),
151
+ 'content' => '<p>' . __( 'You can use the editor to make changes to any of your plugins&#8217; individual PHP files. Be aware that if you make changes, plugins updates will overwrite your customizations.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Choose a plugin to edit from the menu in the upper right and click the Select button. Click once on any file name to load it in the editor, and make your changes. Don&#8217;t forget to save your changes (Update File ) when you&#8217;re finished.', 'wp-editor' ) . '</p>' . '<p>' . __( 'The Documentation menu below the editor lists the PHP functions recognized in the plugin file. Clicking Lookup takes you to a web page about that particular function.', 'wp-editor' ) . '</p>' . '<p>' . __( 'If you want to make changes but don&#8217;t want them to be overwritten when the plugin is updated, you may be ready to think about writing your own plugin. For information on how to edit plugins, write your own from scratch, or just better understand their anatomy, check out the links below.', 'wp-editor' ) . '</p>' . ( is_network_admin() ? '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.', 'wp-editor' ) . '</p>' : '' )
152
+ ) );
153
+ $screen->set_help_sidebar(
154
+ '<p><strong>' . __( 'For more information:', 'wp-editor' ) . '</strong></p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Plugins_Editor_Screen" target="_blank">Documentation on Editing Plugins</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Writing_a_Plugin" target="_blank">Documentation on Writing Plugins</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>', 'wp-editor' ) . '</p>'
155
+ );
156
+ }
157
+ elseif ( version_compare( get_bloginfo( 'version' ), '3.3', '<' ) ) {
158
+ $help = '<p>' . __( 'You can use the editor to make changes to any of your plugins&#8217; individual PHP files. Be aware that if you make changes, plugins updates will overwrite your customizations.' ) . '</p>';
159
+ $help .= '<p>' . __( 'Choose a plugin to edit from the menu in the upper right and click the Select button. Click once on any file name to load it in the editor, and make your changes. Don&#8217;t forget to save your changes (Update File ) when you&#8217;re finished.' ) . '</p>';
160
+ $help .= '<p>' . __( 'The Documentation menu below the editor lists the PHP functions recognized in the plugin file. Clicking Lookup takes you to a web page about that particular function.' ) . '</p>';
161
+ $help .= '<p>' . __( 'If you want to make changes but don&#8217;t want them to be overwritten when the plugin is updated, you may be ready to think about writing your own plugin. For information on how to edit plugins, write your own from scratch, or just better understand their anatomy, check out the links below.' ) . '</p>';
162
+ if ( is_network_admin() ) {
163
+ $help .= '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.' ) . '</p>';
164
+ }
165
+ $help .= '<p><strong>' . __( 'For more information:' ) . '</strong></p>';
166
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Plugins_Editor_Screen" target="_blank">Documentation on Editing Plugins</a>' ) . '</p>';
167
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Writing_a_Plugin" target="_blank">Documentation on Writing Plugins</a>' ) . '</p>';
168
+ $help .= '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>' ) . '</p>';
169
+ add_contextual_help( $screen, $help);
170
+ }
171
+ }
172
+
173
  }
classes/WPEditorSetting.php CHANGED
@@ -1,6 +1,57 @@
1
  <?php
2
  class WPEditorSetting {
3
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4
  /**
5
  * Get Settings
6
  *
@@ -244,28 +295,37 @@ class WPEditorSetting {
244
  public static function missing_callback( $args ) {
245
  printf(
246
  __( 'The callback function used for the %s setting is missing.', 'easy-digital-downloads' ),
247
- '<strong>' . $args['id'] . '</strong>'
248
  );
249
  }
250
 
251
  public static function wpe_multiselect_callback( $args ) {
252
  global $wpe_options; //need to set this up
253
 
254
- ob_start(); ?>
255
-
256
-
257
- <?php echo ob_get_clean();
258
  }
259
-
260
  public static function set_value( $key, $value ) {
261
  global $wpdb;
262
  $settings_table = WPEditor::get_table_name( 'settings' );
263
-
 
 
 
 
264
  if ( ! empty( $key ) ) {
265
- $db_key = $wpdb->get_var( "SELECT `key` from $settings_table where `key`='$key'" );
 
 
 
 
 
266
  if ( $db_key ) {
267
  if ( ! empty( $value ) || $value !== 0 ) {
268
- $wpdb->update( $settings_table,
 
269
  array( 'key'=>$key, 'value'=>$value ),
270
  array( 'key'=>$key ),
271
  array( '%s', '%s' ),
@@ -273,32 +333,47 @@ class WPEditorSetting {
273
  );
274
  }
275
  else {
276
- $wpdb->query( "DELETE from $settings_table where `key`='$key'" );
 
 
 
 
 
277
  }
278
  }
279
  else {
280
  if ( !empty( $value ) || $value !== 0 ) {
281
- $wpdb->insert( $settings_table,
282
  array( 'key'=>$key, 'value'=>$value ),
283
  array( '%s', '%s' )
284
  );
285
  }
286
  }
287
  }
288
-
289
  }
290
-
291
  public static function get_value( $key, $entities=false ) {
292
  $value = false;
293
  global $wpdb;
294
  $settings_table = WPEditor::get_table_name( 'settings' );
295
- $value = $wpdb->get_var( "SELECT `value` from $settings_table where `key`='$key'" );
296
-
 
 
 
 
 
 
 
 
 
 
297
  if(!empty( $value ) && $entities ) {
298
  $value = htmlentities( $value );
299
  }
300
-
301
  return $value;
302
  }
303
-
304
- }
1
  <?php
2
  class WPEditorSetting {
3
 
4
+ public static function settings_table_allow_list() {
5
+ $settings_table_allow_list = array(
6
+ 'admin_page_roles',
7
+ 'change_plugin_editor_font_size',
8
+ 'change_post_editor_font_size',
9
+ 'change_theme_editor_font_size',
10
+ 'enable_plugin_active_line',
11
+ 'enable_plugin_editor_height',
12
+ 'enable_plugin_line_numbers',
13
+ 'enable_plugin_line_wrapping',
14
+ 'enable_plugin_tab_characters',
15
+ 'enable_plugin_tab_size',
16
+ 'enable_post_active_line',
17
+ 'enable_post_editor',
18
+ 'enable_post_editor_height',
19
+ 'enable_post_line_numbers',
20
+ 'enable_post_line_wrapping',
21
+ 'enable_post_tab_characters',
22
+ 'enable_post_tab_size',
23
+ 'enable_theme_active_line',
24
+ 'enable_theme_editor_height',
25
+ 'enable_theme_line_numbers',
26
+ 'enable_theme_line_wrapping',
27
+ 'enable_theme_tab_characters',
28
+ 'enable_theme_tab_size',
29
+ 'hide_default_plugin_editor',
30
+ 'hide_default_theme_editor',
31
+ 'hide_wpeditor_menu',
32
+ 'plugin_create_new',
33
+ 'plugin_editor_allowed_extensions',
34
+ 'plugin_editor_theme',
35
+ 'plugin_file_upload',
36
+ 'plugin_indent_unit',
37
+ 'post_editor_theme',
38
+ 'post_indent_unit',
39
+ 'replace_plugin_edit_links',
40
+ 'run_overview',
41
+ 'settings_tab',
42
+ 'theme_create_new',
43
+ 'theme_editor_allowed_extensions',
44
+ 'theme_editor_theme',
45
+ 'theme_file_upload',
46
+ 'theme_indent_unit',
47
+ 'upgrade',
48
+ 'version',
49
+ 'wpeditor_logging',
50
+ );
51
+
52
+ return apply_filters( 'wpe_get_settings_table_allow_list', $settings_table_allow_list );
53
+ }
54
+
55
  /**
56
  * Get Settings
57
  *
295
  public static function missing_callback( $args ) {
296
  printf(
297
  __( 'The callback function used for the %s setting is missing.', 'easy-digital-downloads' ),
298
+ '<strong>' . esc_html( $args['id'] ) . '</strong>'
299
  );
300
  }
301
 
302
  public static function wpe_multiselect_callback( $args ) {
303
  global $wpe_options; //need to set this up
304
 
305
+ // This had an ob_start(), ob_get_clean() with only whitespace so I changed it to this
306
+ // to allow for further investigation.
307
+ echo "\n \n\n";
 
308
  }
309
+
310
  public static function set_value( $key, $value ) {
311
  global $wpdb;
312
  $settings_table = WPEditor::get_table_name( 'settings' );
313
+
314
+ if ( ! in_array( $key, self::settings_table_allow_list(), true ) ) {
315
+ return;
316
+ }
317
+
318
  if ( ! empty( $key ) ) {
319
+ $db_key = $wpdb->get_var(
320
+ $wpdb->prepare (
321
+ "SELECT `key` from {$wpdb->prefix}wpeditor_settings where `key`= %s ",
322
+ $key
323
+ )
324
+ );
325
  if ( $db_key ) {
326
  if ( ! empty( $value ) || $value !== 0 ) {
327
+ $wpdb->update(
328
+ "{$wpdb->prefix}wpeditor_settings",
329
  array( 'key'=>$key, 'value'=>$value ),
330
  array( 'key'=>$key ),
331
  array( '%s', '%s' ),
333
  );
334
  }
335
  else {
336
+ $wpdb->query(
337
+ $wpdb->prepare (
338
+ "DELETE from {$wpdb->prefix}wpeditor_settings where `key`= %s ",
339
+ $key
340
+ )
341
+ );
342
  }
343
  }
344
  else {
345
  if ( !empty( $value ) || $value !== 0 ) {
346
+ $wpdb->insert( "{$wpdb->prefix}wpeditor_settings",
347
  array( 'key'=>$key, 'value'=>$value ),
348
  array( '%s', '%s' )
349
  );
350
  }
351
  }
352
  }
353
+
354
  }
355
+
356
  public static function get_value( $key, $entities=false ) {
357
  $value = false;
358
  global $wpdb;
359
  $settings_table = WPEditor::get_table_name( 'settings' );
360
+
361
+ if ( ! in_array( $key, self::settings_table_allow_list(), true ) ) {
362
+ return '';
363
+ }
364
+
365
+ $value = $wpdb->get_var(
366
+ $wpdb->prepare (
367
+ "SELECT `value` from {$wpdb->prefix}wpeditor_settings where `key`= %s ",
368
+ $key
369
+ )
370
+ );
371
+
372
  if(!empty( $value ) && $entities ) {
373
  $value = htmlentities( $value );
374
  }
375
+
376
  return $value;
377
  }
378
+
379
+ }
classes/WPEditorThemes.php CHANGED
@@ -1,218 +1,218 @@
1
  <?php
2
  class WPEditorThemes {
3
-
4
- public static function add_themes_page() {
5
- if ( ! current_user_can( 'edit_themes' ) ) {
6
- wp_die( '<p>' . __( 'You do not have sufficient permissions to edit templates for this site.', 'wp-editor' ) . '</p>' );
7
- }
8
-
9
- if ( isset( $_POST['create_theme_new'] ) && wp_verify_nonce( $_POST['create_theme_new'], 'create_theme_new' ) ) {
10
- self::create_new_theme();
11
- }
12
-
13
- if ( isset( $_POST['download_theme'] ) ) {
14
- WPEditorBrowser::download_theme( $_POST['file'] );
15
- }
16
-
17
- if ( isset( $_POST['download_theme_file'] ) ) {
18
- WPEditorBrowser::download_file( $_POST['file_path'], 'theme' );
19
- }
20
-
21
- if ( WP_34 ) {
22
- $themes = wp_get_themes();
23
- }
24
- else {
25
- $themes = get_themes();
26
- }
27
-
28
- if ( empty( $themes ) ) {
29
- wp_die( '<p>' . __( 'There are no themes installed on this site.', 'wp-editor' ) . '</p>' );
30
- }
31
-
32
- if ( isset( $_REQUEST['theme'] ) ) {
33
- $theme = stripslashes( esc_html( $_REQUEST['theme'] ) );
34
- }
35
- if ( isset( $_REQUEST['file'] ) ) {
36
- $file = stripslashes( esc_html( $_REQUEST['file'] ) );
37
- $theme = $_REQUEST['file'];
38
- }
39
-
40
- if ( empty( $theme ) ) {
41
- if ( WP_34 ) {
42
- $theme = wp_get_theme();
43
- }
44
- else {
45
- $theme = get_current_theme();
46
- }
47
- }
48
-
49
- $stylesheet = '';
50
- if ( $theme && WP_34 ) {
51
- $stylesheet = urldecode( $theme );
52
- if ( is_object( $theme ) ) {
53
- $stylesheet = urldecode( $theme->stylesheet );
54
- }
55
- }
56
- elseif ( WP_34 ) {
57
- $stylesheet = get_stylesheet();
58
- }
59
-
60
- if ( WP_34 ) {
61
- $wp_theme = wp_get_theme( $stylesheet );
62
- }
63
- else {
64
- $wp_theme = '';
65
- }
66
-
67
- if ( empty( $file ) ) {
68
- if ( WP_34 ) {
69
- $file = basename( $wp_theme['Stylesheet Dir'] ) . '/style.css';
70
- }
71
- else {
72
- $file = basename( $themes[ $theme ]['Stylesheet Dir'] ) . '/style.css';
73
- }
74
- }
75
- else {
76
- $file = stripslashes( $file );
77
- }
78
-
79
- if ( WP_34 ) {
80
- $tf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", $wp_theme['Theme Root'] . '/' . $file ) : $wp_theme['Theme Root'] . '/' . $file, 0, 'theme' );
81
- }
82
- else {
83
- $tf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", $themes[ $theme ]['Theme Root'] . '/' . $file ) : $themes[ $theme ]['Theme Root'] . '/' . $file, 0, 'theme' );
84
- }
85
-
86
- foreach ( $tf as $theme_file ) {
87
- foreach ( $theme_file as $k => $t ) {
88
- if ( $k == 'file' ) {
89
- $theme_files[] = $t;
90
- }
91
- }
92
- }
93
-
94
- $file = validate_file_to_edit( ( WPWINDOWS ) ? str_replace( "/", "\\", $file ) : $file, $theme_files );
95
- if ( WP_34 ) {
96
- $current_theme_root = $wp_theme['Theme Root'] . '/' . dirname( $file ) . '/';
97
- }
98
- else {
99
- $current_theme_root = $themes[ $theme ]['Theme Root'] . '/' . dirname( $file ) . '/';
100
- }
101
- $real_file = $current_theme_root . basename( $file );
102
-
103
- if ( isset( $_POST['new-content'] ) && file_exists( $real_file ) && is_writable( $real_file ) ) {
104
- $new_content = stripslashes( $_POST['new-content'] );
105
- if ( file_get_contents( $real_file ) === $new_content ) {
106
- WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
107
- }
108
- else {
109
- $f = fopen( $real_file, 'w+' );
110
- fwrite( $f, $new_content );
111
- fclose( $f );
112
- WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] just wrote to $real_file" );
113
- }
114
- }
115
-
116
- $content = file_get_contents( $real_file );
117
 
118
- $content = esc_textarea( $content );
119
-
120
- $scroll_to = isset( $_REQUEST['scroll_to'] ) ? ( int ) $_REQUEST['scroll_to'] : 0;
121
-
122
- $data = array(
123
- 'themes' => $themes,
124
- 'theme' => $theme,
125
- 'wp_theme' => $wp_theme,
126
- 'stylesheet' => $stylesheet,
127
- 'theme_files' => $theme_files,
128
- 'current_theme_root' => $current_theme_root,
129
- 'real_file' => $real_file,
130
- 'content' => $content,
131
- 'scroll_to' => $scroll_to,
132
- 'file' => $file,
133
- 'content-type' => 'theme'
134
- );
135
- echo WPEditor::get_view( 'views/theme-editor.php', $data );
136
- }
137
-
138
- public static function create_new_theme() {
139
- if ( current_user_can( 'edit_themes' ) ) {
140
- if ( isset( $_POST['theme-name'] ) && $_POST['theme-name'] != '' && isset( $_POST['theme-folder'] ) && $_POST['theme-folder'] != '' ) {
141
- $folder = $_POST['theme-folder'];
142
- $file = 'style.css';
143
- if ( is_writable( get_theme_root() ) ) {
144
- $slash = '/';
145
- if ( WPWINDOWS ) {
146
- $slash = '\\';
147
- }
148
- if ( !file_exists( get_theme_root() . $slash . $folder ) ) {
149
- if (mkdir( get_theme_root() . $slash . $folder ) ) {
150
- $content = "<?php\n/*\nTheme Name: " . $_POST['theme-name'] . "\n*/";
151
- if ( file_put_contents( get_theme_root() . $slash . $folder . $slash . $file, $content ) ) {
152
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&create-theme=success&file=' . $folder . $slash . $file );
153
- exit;
154
- }
155
- else {
156
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
157
- exit;
158
- }
159
- }
160
- else {
161
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
162
- exit;
163
- }
164
- }
165
- else {
166
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
167
- exit;
168
- }
169
- }
170
- else {
171
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=1&create_tab=true' );
172
- exit;
173
- }
174
- }
175
- else {
176
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=5&create_tab=true' );
177
- exit;
178
- }
179
- }
180
- else {
181
- wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=1' );
182
- exit;
183
- }
184
- }
185
-
186
- public static function themes_help_tab() {
187
- global $wpeditor_themes;
188
- $screen = get_current_screen();
189
- if ( function_exists( 'add_help_tab' ) && function_exists( 'set_help_sidebar' ) ) {
190
- $screen->add_help_tab( array(
191
- 'id' => 'overview',
192
- 'title' => __( 'Overview', 'wp-editor' ),
193
- 'content' => '<p>' . __( 'You can use the Theme Editor to edit the individual files which make up your theme.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Begin by choosing a theme to edit from the dropdown menu and clicking Select. A list then appears of all the template files. Clicking once on any file name causes the file to appear in the large Editor box.', 'wp-editor' ) . '</p>' . '<p>' . __( 'After typing in your edits, click Update File.', 'wp-editor' ) . '</p>' . '<p>' . __( '<strong>Advice:</strong> think very carefully about your site crashing if you are live-editing the theme currently in use.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Upgrading to a newer version of the same theme will override changes made here. To avoid this, consider creating a <a href="http://codex.wordpress.org/Child_Themes" target="_blank">child theme</a> instead.', 'wp-editor' ) . '</p>' . ( is_network_admin() ? '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.', 'wp-editor' ) . '</p>' : '' )
194
- ) );
195
- $screen->set_help_sidebar(
196
- '<p><strong>' . __( 'For more information:', 'wp-editor' ) . '</strong></p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Theme_Development" target="_blank">Documentation on Theme Development</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Using_Themes" target="_blank">Documentation on Using Themes</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Editing_Files" target="_blank">Documentation on Editing Files</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Template_Tags" target="_blank">Documentation on Template Tags</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>', 'wp-editor' ) . '</p>'
197
- );
198
- }
199
- elseif ( version_compare( get_bloginfo( 'version' ), '3.3', '<' ) ) {
200
- $help = '<p>' . __( 'You can use the Theme Editor to edit the individual files which make up your theme.' ) . '</p>';
201
- $help .= '<p>' . __( 'Begin by choosing a theme to edit from the dropdown menu and clicking Select. A list then appears of all the template files. Clicking once on any file name causes the file to appear in the large Editor box.' ) . '</p>';
202
- $help .= '<p>' . __( 'After typing in your edits, click Update File.' ) . '</p>';
203
- $help .= '<p>' . __( '<strong>Advice:</strong> think very carefully about your site crashing if you are live-editing the theme currently in use.' ) . '</p>';
204
- $help .= '<p>' . __( 'Upgrading to a newer version of the same theme will override changes made here. To avoid this, consider creating a <a href="http://codex.wordpress.org/Child_Themes" target="_blank">child theme</a> instead.' ) . '</p>';
205
- if ( is_network_admin() ) {
206
- $help .= '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.' ) . '</p>';
207
- }
208
- $help .= '<p><strong>' . __( 'For more information:' ) . '</strong></p>';
209
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Theme_Development" target="_blank">Documentation on Theme Development</a>' ) . '</p>';
210
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Using_Themes" target="_blank">Documentation on Using Themes</a>' ) . '</p>';
211
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Editing_Files" target="_blank">Documentation on Editing Files</a>' ) . '</p>';
212
- $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Template_Tags" target="_blank">Documentation on Template Tags</a>' ) . '</p>';
213
- $help .= '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>' ) . '</p>';
214
- add_contextual_help( $screen, $help);
215
- }
216
- }
217
 
218
  }
1
  <?php
2
  class WPEditorThemes {
3
+
4
+ public static function add_themes_page() {
5
+ if ( ! current_user_can( 'edit_themes' ) ) {
6
+ wp_die( '<p>' . __( 'You do not have sufficient permissions to edit templates for this site.', 'wp-editor' ) . '</p>' );
7
+ }
8
+
9
+ if ( isset( $_POST['create_theme_new'] ) && wp_verify_nonce( $_POST['create_theme_new'], 'create_theme_new' ) ) {
10
+ self::create_new_theme();
11
+ }
12
+
13
+ if ( isset( $_POST['download_theme'] ) ) {
14
+ WPEditorBrowser::download_theme( $_POST['file'] );
15
+ }
16
+
17
+ if ( isset( $_POST['download_theme_file'] ) ) {
18
+ WPEditorBrowser::download_file( $_POST['file_path'], 'theme' );
19
+ }
20
+
21
+ if ( WP_34 ) {
22
+ $themes = wp_get_themes();
23
+ }
24
+ else {
25
+ $themes = get_themes();
26
+ }
27
+
28
+ if ( empty( $themes ) ) {
29
+ wp_die( '<p>' . __( 'There are no themes installed on this site.', 'wp-editor' ) . '</p>' );
30
+ }
31
+
32
+ if ( isset( $_REQUEST['theme'] ) ) {
33
+ $theme = stripslashes( esc_html( $_REQUEST['theme'] ) );
34
+ }
35
+ if ( isset( $_REQUEST['file'] ) ) {
36
+ $file = stripslashes( esc_html( $_REQUEST['file'] ) );
37
+ $theme = $_REQUEST['file'];
38
+ }
39
+
40
+ if ( empty( $theme ) ) {
41
+ if ( WP_34 ) {
42
+ $theme = wp_get_theme();
43
+ }
44
+ else {
45
+ $theme = get_current_theme();
46
+ }
47
+ }
48
+
49
+ $stylesheet = '';
50
+ if ( $theme && WP_34 ) {
51
+ $stylesheet = urldecode( $theme );
52
+ if ( is_object( $theme ) ) {
53
+ $stylesheet = urldecode( $theme->stylesheet );
54
+ }
55
+ }
56
+ elseif ( WP_34 ) {
57
+ $stylesheet = get_stylesheet();
58
+ }
59
+
60
+ if ( WP_34 ) {
61
+ $wp_theme = wp_get_theme( $stylesheet );
62
+ }
63
+ else {
64
+ $wp_theme = '';
65
+ }
66
+
67
+ if ( empty( $file ) ) {
68
+ if ( WP_34 ) {
69
+ $file = basename( $wp_theme['Stylesheet Dir'] ) . '/style.css';
70
+ }
71
+ else {
72
+ $file = basename( $themes[ $theme ]['Stylesheet Dir'] ) . '/style.css';
73
+ }
74
+ }
75
+ else {
76
+ $file = stripslashes( $file );
77
+ }
78
+
79
+ if ( WP_34 ) {
80
+ $tf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", $wp_theme['Theme Root'] . '/' . $file ) : $wp_theme['Theme Root'] . '/' . $file, 0, 'theme' );
81
+ }
82
+ else {
83
+ $tf = WPEditorBrowser::get_files_and_folders( ( WPWINDOWS ) ? str_replace( "/", "\\", $themes[ $theme ]['Theme Root'] . '/' . $file ) : $themes[ $theme ]['Theme Root'] . '/' . $file, 0, 'theme' );
84
+ }
85
+
86
+ foreach ( $tf as $theme_file ) {
87
+ foreach ( $theme_file as $k => $t ) {
88
+ if ( $k == 'file' ) {
89
+ $theme_files[] = $t;
90
+ }
91
+ }
92
+ }
93
+
94
+ $file = validate_file_to_edit( ( WPWINDOWS ) ? str_replace( "/", "\\", $file ) : $file, $theme_files );
95
+ if ( WP_34 ) {
96
+ $current_theme_root = $wp_theme['Theme Root'] . '/' . dirname( $file ) . '/';
97
+ }
98
+ else {
99
+ $current_theme_root = $themes[ $theme ]['Theme Root'] . '/' . dirname( $file ) . '/';
100
+ }
101
+ $real_file = $current_theme_root . basename( $file );
102
+
103
+ if ( isset( $_POST['new-content'] ) && file_exists( $real_file ) && is_writable( $real_file ) ) {
104
+ $new_content = stripslashes( $_POST['new-content'] );
105
+ if ( file_get_contents( $real_file ) === $new_content ) {
106
+ WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] Contents are the same" );
107
+ }
108
+ else {
109
+ $f = fopen( $real_file, 'w+' );
110
+ fwrite( $f, $new_content );
111
+ fclose( $f );
112
+ WPEditorLog::log( '[' . basename(__FILE__) . ' - line ' . __LINE__ . "] just wrote to $real_file" );
113
+ }
114
+ }
115
+
116
+ $content = file_get_contents( $real_file );
117
 
118
+ $content = esc_textarea( $content );
119
+
120
+ $scroll_to = isset( $_REQUEST['scroll_to'] ) ? ( int ) $_REQUEST['scroll_to'] : 0;
121
+
122
+ $data = array(
123
+ 'themes' => $themes,
124
+ 'theme' => $theme,
125
+ 'wp_theme' => $wp_theme,
126
+ 'stylesheet' => $stylesheet,
127
+ 'theme_files' => $theme_files,
128
+ 'current_theme_root' => $current_theme_root,
129
+ 'real_file' => $real_file,
130
+ 'content' => $content,
131
+ 'scroll_to' => $scroll_to,
132
+ 'file' => $file,
133
+ 'content-type' => 'theme'
134
+ );
135
+ echo WPEditor::get_view( 'views/theme-editor.php', $data );
136
+ }
137
+
138
+ public static function create_new_theme() {
139
+ if ( current_user_can( 'edit_themes' ) ) {
140
+ if ( isset( $_POST['theme-name'] ) && $_POST['theme-name'] != '' && isset( $_POST['theme-folder'] ) && $_POST['theme-folder'] != '' ) {
141
+ $folder = $_POST['theme-folder'];
142
+ $file = 'style.css';
143
+ if ( is_writable( get_theme_root() ) ) {
144
+ $slash = '/';
145
+ if ( WPWINDOWS ) {
146
+ $slash = '\\';
147
+ }
148
+ if ( !file_exists( get_theme_root() . $slash . $folder ) ) {
149
+ if (mkdir( get_theme_root() . $slash . $folder ) ) {
150
+ $content = "<?php\n/*\nTheme Name: " . $_POST['theme-name'] . "\n*/";
151
+ if ( file_put_contents( get_theme_root() . $slash . $folder . $slash . $file, $content ) ) {
152
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&create-theme=success&file=' . $folder . $slash . $file );
153
+ exit;
154
+ }
155
+ else {
156
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
157
+ exit;
158
+ }
159
+ }
160
+ else {
161
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
162
+ exit;
163
+ }
164
+ }
165
+ else {
166
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=6&create_tab=true' );
167
+ exit;
168
+ }
169
+ }
170
+ else {
171
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=1&create_tab=true' );
172
+ exit;
173
+ }
174
+ }
175
+ else {
176
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=5&create_tab=true' );
177
+ exit;
178
+ }
179
+ }
180
+ else {
181
+ wp_redirect( admin_url() . 'themes.php?page=wpeditor_themes&error=1' );
182
+ exit;
183
+ }
184
+ }
185
+
186
+ public static function themes_help_tab() {
187
+ global $wpeditor_themes;
188
+ $screen = get_current_screen();
189
+ if ( function_exists( 'add_help_tab' ) && function_exists( 'set_help_sidebar' ) ) {
190
+ $screen->add_help_tab( array(
191
+ 'id' => 'overview',
192
+ 'title' => __( 'Overview', 'wp-editor' ),
193
+ 'content' => '<p>' . __( 'You can use the Theme Editor to edit the individual files which make up your theme.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Begin by choosing a theme to edit from the dropdown menu and clicking Select. A list then appears of all the template files. Clicking once on any file name causes the file to appear in the large Editor box.', 'wp-editor' ) . '</p>' . '<p>' . __( 'After typing in your edits, click Update File.', 'wp-editor' ) . '</p>' . '<p>' . __( '<strong>Advice:</strong> think very carefully about your site crashing if you are live-editing the theme currently in use.', 'wp-editor' ) . '</p>' . '<p>' . __( 'Upgrading to a newer version of the same theme will override changes made here. To avoid this, consider creating a <a href="http://codex.wordpress.org/Child_Themes" target="_blank">child theme</a> instead.', 'wp-editor' ) . '</p>' . ( is_network_admin() ? '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.', 'wp-editor' ) . '</p>' : '' )
194
+ ) );
195
+ $screen->set_help_sidebar(
196
+ '<p><strong>' . __( 'For more information:', 'wp-editor' ) . '</strong></p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Theme_Development" target="_blank">Documentation on Theme Development</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Using_Themes" target="_blank">Documentation on Using Themes</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Editing_Files" target="_blank">Documentation on Editing Files</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://codex.wordpress.org/Template_Tags" target="_blank">Documentation on Template Tags</a>', 'wp-editor' ) . '</p>' . '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>', 'wp-editor' ) . '</p>'
197
+ );
198
+ }
199
+ elseif ( version_compare( get_bloginfo( 'version' ), '3.3', '<' ) ) {
200
+ $help = '<p>' . __( 'You can use the Theme Editor to edit the individual files which make up your theme.' ) . '</p>';
201
+ $help .= '<p>' . __( 'Begin by choosing a theme to edit from the dropdown menu and clicking Select. A list then appears of all the template files. Clicking once on any file name causes the file to appear in the large Editor box.' ) . '</p>';
202
+ $help .= '<p>' . __( 'After typing in your edits, click Update File.' ) . '</p>';
203
+ $help .= '<p>' . __( '<strong>Advice:</strong> think very carefully about your site crashing if you are live-editing the theme currently in use.' ) . '</p>';
204
+ $help .= '<p>' . __( 'Upgrading to a newer version of the same theme will override changes made here. To avoid this, consider creating a <a href="http://codex.wordpress.org/Child_Themes" target="_blank">child theme</a> instead.' ) . '</p>';
205
+ if ( is_network_admin() ) {
206
+ $help .= '<p>' . __( 'Any edits to files from this screen will be reflected on all sites in the network.' ) . '</p>';
207
+ }
208
+ $help .= '<p><strong>' . __( 'For more information:' ) . '</strong></p>';
209
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Theme_Development" target="_blank">Documentation on Theme Development</a>' ) . '</p>';
210
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Using_Themes" target="_blank">Documentation on Using Themes</a>' ) . '</p>';
211
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Editing_Files" target="_blank">Documentation on Editing Files</a>' ) . '</p>';
212
+ $help .= '<p>' . __( '<a href="http://codex.wordpress.org/Template_Tags" target="_blank">Documentation on Template Tags</a>' ) . '</p>';
213
+ $help .= '<p>' . __( '<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>' ) . '</p>';
214
+ add_contextual_help( $screen, $help);
215
+ }
216
+ }
217
 
218
  }
extensions/attrchange/attrchange.js CHANGED
@@ -82,9 +82,9 @@ https://github.com/meetselva/attrchange/blob/master/MIT-License.txt
82
  mutations.forEach(function(e) {
83
  var _this = e.target;
84
  //get new value if trackValues is true
85
- if (cfg.trackValues) {
86
  e.newValue = $(_this).attr(e.attributeName);
87
- }
88
  if (typeof $(this).data('attrchange-tdisconnect') === 'undefined') { //disconnected logically
89
  cfg.callback.call(_this, e);
90
  }
@@ -98,14 +98,14 @@ https://github.com/meetselva/attrchange/blob/master/MIT-License.txt
98
  } else if (isDOMAttrModifiedSupported()) { //Opera
99
  //Good old Mutation Events
100
  return this.data('attrchange-method', 'DOMAttrModified').on('DOMAttrModified', function(event) {
101
- if (event.originalEvent) { event = event.originalEvent; }//jQuery normalization is not required
102
  event.attributeName = event.attrName; //property names to be consistent with MutationObserver
103
  event.oldValue = event.prevValue; //property names to be consistent with MutationObserver
104
  if (typeof $(this).data('attrchange-tdisconnect') === 'undefined') { //disconnected logically
105
  cfg.callback.call(this, event);
106
  }
107
  });
108
- } else if ('onpropertychange' in document.body) { //works only in IE
109
  return this.data('attrchange-method', 'propertychange').on('propertychange', function(e) {
110
  e.attributeName = window.event.propertyName;
111
  //to set the attr old value
@@ -121,4 +121,4 @@ https://github.com/meetselva/attrchange/blob/master/MIT-License.txt
121
  return $.fn.attrchange['extensions'][a].call(this, b);
122
  }
123
  }
124
- })(jQuery);
82
  mutations.forEach(function(e) {
83
  var _this = e.target;
84
  //get new value if trackValues is true
85
+ if (cfg.trackValues) {
86
  e.newValue = $(_this).attr(e.attributeName);
87
+ }
88
  if (typeof $(this).data('attrchange-tdisconnect') === 'undefined') { //disconnected logically
89
  cfg.callback.call(_this, e);
90
  }
98
  } else if (isDOMAttrModifiedSupported()) { //Opera
99
  //Good old Mutation Events
100
  return this.data('attrchange-method', 'DOMAttrModified').on('DOMAttrModified', function(event) {
101
+ if (event.originalEvent) { event = event.originalEvent; }//jQuery normalization is not required
102
  event.attributeName = event.attrName; //property names to be consistent with MutationObserver
103
  event.oldValue = event.prevValue; //property names to be consistent with MutationObserver
104
  if (typeof $(this).data('attrchange-tdisconnect') === 'undefined') { //disconnected logically
105
  cfg.callback.call(this, event);
106
  }
107
  });
108
+ } else if ('onpropertychange' in document.body) { //works only in IE
109
  return this.data('attrchange-method', 'propertychange').on('propertychange', function(e) {
110
  e.attributeName = window.event.propertyName;
111
  //to set the attr old value
121
  return $.fn.attrchange['extensions'][a].call(this, b);
122
  }
123
  }
124
+ })(jQuery);
extensions/fancybox/images/blank.gif DELETED
Binary file
extensions/fancybox/images/fancy_close.png DELETED
Binary file
extensions/fancybox/images/fancy_loading.png DELETED
Binary file
extensions/fancybox/images/fancy_nav_left.png DELETED
Binary file
extensions/fancybox/images/fancy_nav_right.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_e.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_n.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_ne.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_nw.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_s.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_se.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_sw.png DELETED
Binary file
extensions/fancybox/images/fancy_shadow_w.png DELETED
Binary file
extensions/fancybox/images/fancy_title_left.png DELETED
Binary file
extensions/fancybox/images/fancy_title_main.png DELETED
Binary file
extensions/fancybox/images/fancy_title_over.png DELETED
Binary file
extensions/fancybox/images/fancy_title_right.png DELETED
Binary file
extensions/fancybox/images/fancybox-x.png DELETED
Binary file
extensions/fancybox/images/fancybox-y.png DELETED
Binary file
extensions/fancybox/images/fancybox.png DELETED
Binary file
extensions/fancybox/jquery.fancybox-1.3.4.css DELETED
@@ -1,359 +0,0 @@
1
- /*
2
- * FancyBox - jQuery Plugin
3
- * Simple and fancy lightbox alternative
4
- *
5
- * Examples and documentation at: http://fancybox.net
6
- *
7
- * Copyright (c) 2008 - 2010 Janis Skarnelis
8
- * That said, it is hardly a one-person project. Many people have submitted bugs, code, and offered their advice freely. Their support is greatly appreciated.
9
- *
10
- * Version: 1.3.4 (11/11/2010)
11
- * Requires: jQuery v1.3+
12
- *
13
- * Dual licensed under the MIT and GPL licenses:
14
- * http://www.opensource.org/licenses/mit-license.php
15
- * http://www.gnu.org/licenses/gpl.html
16
- */
17
-
18
- #fancybox-loading {
19
- position: fixed;
20
- top: 50%;
21
- left: 50%;
22
- width: 40px;
23
- height: 40px;
24
- margin-top: -20px;
25
- margin-left: -20px;
26
- cursor: pointer;
27
- overflow: hidden;
28
- z-index: 1104;
29
- display: none;
30
- }
31
-
32
- #fancybox-loading div {
33
- position: absolute;
34
- top: 0;
35
- left: 0;
36
- width: 40px;
37
- height: 480px;
38
- background-image: url('images/fancybox.png');
39
- }
40
-
41
- #fancybox-overlay {
42
- position: absolute;
43
- top: 0;
44
- left: 0;
45
- width: 100%;
46
- z-index: 1100;
47
- display: none;
48
- }
49
-
50
- #fancybox-tmp {
51
- padding: 0;
52
- margin: 0;
53
- border: 0;
54
- overflow: auto;
55
- display: none;
56
- }
57
-
58
- #fancybox-wrap {
59
- position: absolute;
60
- top: 0;
61
- left: 0;
62
- padding: 20px;
63
- z-index: 1101;
64
- outline: none;
65
- display: none;
66
- }
67
-
68
- #fancybox-outer {
69
- position: relative;
70
- width: 100%;
71
- height: 100%;
72
- background: #fff;
73
- }
74
-
75
- #fancybox-content {
76
- width: 0;
77
- height: 0;
78
- padding: 0;
79
- outline: none;
80
- position: relative;
81
- overflow: hidden;
82
- z-index: 1102;
83
- border: 0px solid #fff;
84
- }
85
-
86
- #fancybox-hide-sel-frame {
87
- position: absolute;
88
- top: 0;
89
- left: 0;
90
- width: 100%;
91
- height: 100%;
92
- background: transparent;
93
- z-index: 1101;
94
- }
95
-
96
- #fancybox-close {
97
- position: absolute;
98
- top: -15px;
99
- right: -15px;
100
- width: 30px;
101
- height: 30px;
102
- background: transparent url('images/fancybox.png') -40px 0px;
103
- cursor: pointer;
104
- z-index: 1103;
105
- display: none;
106
- }
107
-
108
- #fancybox-error {
109
- color: #444;
110
- font: normal 12px/20px Arial;
111
- padding: 14px;
112
- margin: 0;
113
- }
114
-
115
- #fancybox-img {
116
- width: 100%;
117
- height: 100%;
118
- padding: 0;
119
- margin: 0;
120
- border: none;
121
- outline: none;
122
- line-height: 0;
123
- vertical-align: top;
124
- }
125
-
126
- #fancybox-frame {
127
- width: 100%;
128
- height: 100%;
129
- border: none;
130
- display: block;
131
- }
132
-
133
- #fancybox-left, #fancybox-right {
134
- position: absolute;
135
- bottom: 0px;
136
- height: 100%;
137
- width: 35%;
138
- cursor: pointer;
139
- outline: none;
140
- background: transparent url('images/blank.gif');
141
- z-index: 1102;
142
- display: none;
143
- }
144
-
145
- #fancybox-left {
146
- left: 0px;
147
- }
148
-
149
- #fancybox-right {
150
- right: 0px;
151
- }
152
-
153
- #fancybox-left-ico, #fancybox-right-ico {
154
- position: absolute;
155
- top: 50%;
156
- left: -9999px;
157
- width: 30px;
158
- height: 30px;
159
- margin-top: -15px;
160
- cursor: pointer;
161
- z-index: 1102;
162
- display: block;
163
- }
164
-
165
- #fancybox-left-ico {
166
- background-image: url('images/fancybox.png');
167
- background-position: -40px -30px;
168
- }
169
-
170
- #fancybox-right-ico {
171
- background-image: url('images/fancybox.png');
172
- background-position: -40px -60px;
173
- }
174
-
175
- #fancybox-left:hover, #fancybox-right:hover {
176
- visibility: visible; /* IE6 */
177
- }
178
-
179
- #fancybox-left:hover span {
180
- left: 20px;
181
- }
182
-
183
- #fancybox-right:hover span {
184
- left: auto;
185
- right: 20px;
186
- }
187
-
188
- .fancybox-bg {
189
- position: absolute;
190
- padding: 0;
191
- margin: 0;
192
- border: 0;
193
- width: 20px;
194
- height: 20px;
195
- z-index: 1001;
196
- }
197
-
198
- #fancybox-bg-n {
199
- top: -20px;
200
- left: 0;
201
- width: 100%;
202
- background-image: url('images/fancybox-x.png');
203
- }
204
-
205
- #fancybox-bg-ne {
206
- top: -20px;
207
- right: -20px;
208
- background-image: url('images/fancybox.png');
209
- background-position: -40px -162px;
210
- }
211
-
212
- #fancybox-bg-e {
213
- top: 0;
214
- right: -20px;
215
- height: 100%;
216
- background-image: url('images/fancybox-y.png');
217
- background-position: -20px 0px;
218
- }
219
-
220
- #fancybox-bg-se {
221
- bottom: -20px;
222
- right: -20px;
223
- background-image: url('images/fancybox.png');
224
- background-position: -40px -182px;
225
- }
226
-
227
- #fancybox-bg-s {
228
- bottom: -20px;
229
- left: 0;
230
- width: 100%;
231
- background-image: url('images/fancybox-x.png');
232
- background-position: 0px -20px;
233
- }
234
-
235
- #fancybox-bg-sw {
236
- bottom: -20px;
237
- left: -20px;
238
- background-image: url('images/fancybox.png');
239
- background-position: -40px -142px;
240
- }
241
-
242
- #fancybox-bg-w {
243
- top: 0;
244
- left: -20px;
245
- height: 100%;
246
- background-image: url('images/fancybox-y.png');
247
- }
248
-
249
- #fancybox-bg-nw {
250
- top: -20px;
251
- left: -20px;
252
- background-image: url('images/fancybox.png');
253
- background-position: -40px -122px;
254
- }
255
-
256
- #fancybox-title {
257
- font-family: Helvetica;
258
- font-size: 12px;
259
- z-index: 1102;
260
- }
261
-
262
- .fancybox-title-inside {
263
- padding-bottom: 10px;
264
- text-align: center;
265
- color: #333;
266
- background: #fff;
267
- position: relative;
268
- }
269
-
270
- .fancybox-title-outside {
271
- padding-top: 10px;
272
- color: #fff;
273
- }
274
-
275
- .fancybox-title-over {
276
- position: absolute;
277
- bottom: 0;
278
- left: 0;
279
- color: #FFF;
280
- text-align: left;
281
- }
282
-
283
- #fancybox-title-over {
284
- padding: 10px;
285
- background-image: url('images/fancy_title_over.png');
286
- display: block;
287
- }
288
-
289
- .fancybox-title-float {
290
- position: absolute;
291
- left: 0;
292
- bottom: -20px;
293
- height: 32px;
294
- }
295
-
296
- #fancybox-title-float-wrap {
297
- border: none;
298
- border-collapse: collapse;
299
- width: auto;
300
- }
301
-
302
- #fancybox-title-float-wrap td {
303
- border: none;
304
- white-space: nowrap;
305
- }
306
-
307
- #fancybox-title-float-left {
308
- padding: 0 0 0 15px;
309
- background: url('images/fancybox.png') -40px -90px no-repeat;
310
- }
311
-
312
- #fancybox-title-float-main {
313
- color: #FFF;
314
- line-height: 29px;
315
- font-weight: bold;
316
- padding: 0 0 3px 0;
317
- background: url('images/fancybox-x.png') 0px -40px;
318
- }
319
-
320
- #fancybox-title-float-right {
321
- padding: 0 0 0 15px;
322
- background: url('images/fancybox.png') -55px -90px no-repeat;
323
- }
324
-
325
- /* IE6 */
326
-
327
- .fancybox-ie6 #fancybox-close { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_close.png', sizingMethod='scale'); }
328
-
329
- .fancybox-ie6 #fancybox-left-ico { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_nav_left.png', sizingMethod='scale'); }
330
- .fancybox-ie6 #fancybox-right-ico { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_nav_right.png', sizingMethod='scale'); }
331
-
332
- .fancybox-ie6 #fancybox-title-over { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_title_over.png', sizingMethod='scale'); zoom: 1; }
333
- .fancybox-ie6 #fancybox-title-float-left { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_title_left.png', sizingMethod='scale'); }
334
- .fancybox-ie6 #fancybox-title-float-main { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_title_main.png', sizingMethod='scale'); }
335
- .fancybox-ie6 #fancybox-title-float-right { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_title_right.png', sizingMethod='scale'); }
336
-
337
- .fancybox-ie6 #fancybox-bg-w, .fancybox-ie6 #fancybox-bg-e, .fancybox-ie6 #fancybox-left, .fancybox-ie6 #fancybox-right, #fancybox-hide-sel-frame {
338
- height: expression(this.parentNode.clientHeight + "px");
339
- }
340
-
341
- #fancybox-loading.fancybox-ie6 {
342
- position: absolute; margin-top: 0;
343
- top: expression( (-20 + (document.documentElement.clientHeight ? document.documentElement.clientHeight/2 : document.body.clientHeight/2 ) + ( ignoreMe = document.documentElement.scrollTop ? document.documentElement.scrollTop : document.body.scrollTop )) + 'px');
344
- }
345
-
346
- #fancybox-loading.fancybox-ie6 div { background: transparent; filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_loading.png', sizingMethod='scale'); }
347
-
348
- /* IE6, IE7, IE8 */
349
-
350
- .fancybox-ie .fancybox-bg { background: transparent !important; }
351
-
352
- .fancybox-ie #fancybox-bg-n { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_n.png', sizingMethod='scale'); }
353
- .fancybox-ie #fancybox-bg-ne { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_ne.png', sizingMethod='scale'); }
354
- .fancybox-ie #fancybox-bg-e { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_e.png', sizingMethod='scale'); }
355
- .fancybox-ie #fancybox-bg-se { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_se.png', sizingMethod='scale'); }
356
- .fancybox-ie #fancybox-bg-s { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_s.png', sizingMethod='scale'); }
357
- .fancybox-ie #fancybox-bg-sw { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_sw.png', sizingMethod='scale'); }
358
- .fancybox-ie #fancybox-bg-w { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_w.png', sizingMethod='scale'); }
359
- .fancybox-ie #fancybox-bg-nw { filter: progid:DXImageTransform.Microsoft.AlphaImageLoader(src='images/fancy_shadow_nw.png', sizingMethod='scale'); }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
extensions/fancybox/js/jquery.fancybox-1.3.4.pack.js DELETED
@@ -1,46 +0,0 @@
1
- /*
2
- * FancyBox - jQuery Plugin
3
- * Simple and fancy lightbox alternative
4
- *
5
- * Examples and documentation at: http://fancybox.net
6
- *
7
- * Copyright (c) 2008 - 2010 Janis Skarnelis
8
- * That said, it is hardly a one-person project. Many people have submitted bugs, code, and offered their advice freely. Their support is greatly appreciated.
9
- *
10
- * Version: 1.3.4 (11/11/2010)
11
- * Requires: jQuery v1.3+
12
- *
13
- * Dual licensed under the MIT and GPL licenses:
14
- * http://www.opensource.org/licenses/mit-license.php
15
- * http://www.gnu.org/licenses/gpl.html
16
- */
17
-
18
- ;(function(b){var m,t,u,f,D,j,E,n,z,A,q=0,e={},o=[],p=0,d={},l=[],G=null,v=new Image,J=/\.(jpg|gif|png|bmp|jpeg)(.*)?$/i,W=/[^\.]\.(swf)\s*$/i,K,L=1,y=0,s="",r,i,h=false,B=b.extend(b("<div/>")[0],{prop:0}),M=b.browser.msie&&b.browser.version<7&&!window.XMLHttpRequest,N=function(){t.hide();v.onerror=v.onload=null;G&&G.abort();m.empty()},O=function(){if(false===e.onError(o,q,e)){t.hide();h=false}else{e.titleShow=false;e.width="auto";e.height="auto";m.html('<p id="fancybox-error">The requested content cannot be loaded.<br />Please try again later.</p>');
19
- F()}},I=function(){var a=o[q],c,g,k,C,P,w;N();e=b.extend({},b.fn.fancybox.defaults,typeof b(a).data("fancybox")=="undefined"?e:b(a).data("fancybox"));w=e.onStart(o,q,e);if(w===false)h=false;else{if(typeof w=="object")e=b.extend(e,w);k=e.title||(a.nodeName?b(a).attr("title"):a.title)||"";if(a.nodeName&&!e.orig)e.orig=b(a).children("img:first").length?b(a).children("img:first"):b(a);if(k===""&&e.orig&&e.titleFromAlt)k=e.orig.attr("alt");c=e.href||(a.nodeName?b(a).attr("href"):a.href)||null;if(/^(?:javascript)/i.test(c)||
20
- c=="#")c=null;if(e.type){g=e.type;if(!c)c=e.content}else if(e.content)g="html";else if(c)g=c.match(J)?"image":c.match(W)?"swf":b(a).hasClass("iframe")?"iframe":c.indexOf("#")===0?"inline":"ajax";if(g){if(g=="inline"){a=c.substr(c.indexOf("#"));g=b(a).length>0?"inline":"ajax"}e.type=g;e.href=c;e.title=k;if(e.autoDimensions)if(e.type=="html"||e.type=="inline"||e.type=="ajax"){e.width="auto";e.height="auto"}else e.autoDimensions=false;if(e.modal){e.overlayShow=true;e.hideOnOverlayClick=false;e.hideOnContentClick=
21
- false;e.enableEscapeButton=false;e.showCloseButton=false}e.padding=parseInt(e.padding,10);e.margin=parseInt(e.margin,10);m.css("padding",e.padding+e.margin);b(".fancybox-inline-tmp").unbind("fancybox-cancel").bind("fancybox-change",function(){b(this).replaceWith(j.children())});switch(g){case "html":m.html(e.content);F();break;case "inline":if(b(a).parent().is("#fancybox-content")===true){h=false;break}b('<div class="fancybox-inline-tmp" />').hide().insertBefore(b(a)).bind("fancybox-cleanup",function(){b(this).replaceWith(j.children())}).bind("fancybox-cancel",
22
- function(){b(this).replaceWith(m.children())});b(a).appendTo(m);F();break;case "image":h=false;b.fancybox.showActivity();v=new Image;v.onerror=function(){O()};v.onload=function(){h=true;v.onerror=v.onload=null;e.width=v.width;e.height=v.height;b("<img />").attr({id:"fancybox-img",src:v.src,alt:e.title}).appendTo(m);Q()};v.src=c;break;case "swf":e.scrolling="no";C='<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="'+e.width+'" height="'+e.height+'"><param name="movie" value="'+c+
23
- '"></param>';P="";b.each(e.swf,function(x,H){C+='<param name="'+x+'" value="'+H+'"></param>';P+=" "+x+'="'+H+'"'});C+='<embed src="'+c+'" type="application/x-shockwave-flash" width="'+e.width+'" height="'+e.height+'"'+P+"></embed></object>";m.html(C);F();break;case "ajax":h=false;b.fancybox.showActivity();e.ajax.win=e.ajax.success;G=b.ajax(b.extend({},e.ajax,{url:c,data:e.ajax.data||{},error:function(x){x.status>0&&O()},success:function(x,H,R){if((typeof R=="object"?R:G).status==200){if(typeof e.ajax.win==
24
- "function"){w=e.ajax.win(c,x,H,R);if(w===false){t.hide();return}else if(typeof w=="string"||typeof w=="object")x=w}m.html(x);F()}}}));break;case "iframe":Q()}}else O()}},F=function(){var a=e.width,c=e.height;a=a.toString().indexOf("%")>-1?parseInt((b(window).width()-e.margin*2)*parseFloat(a)/100,10)+"px":a=="auto"?"auto":a+"px";c=c.toString().indexOf("%")>-1?parseInt((b(window).height()-e.margin*2)*parseFloat(c)/100,10)+"px":c=="auto"?"auto":c+"px";m.wrapInner('<div style="width:'+a+";height:"+c+
25
- ";overflow: "+(e.scrolling=="auto"?"auto":e.scrolling=="yes"?"scroll":"hidden")+';position:relative;"></div>');e.width=m.width();e.height=m.height();Q()},Q=function(){var a,c;t.hide();if(f.is(":visible")&&false===d.onCleanup(l,p,d)){b.event.trigger("fancybox-cancel");h=false}else{h=true;b(j.add(u)).unbind();b(window).unbind("resize.fb scroll.fb");b(document).unbind("keydown.fb");f.is(":visible")&&d.titlePosition!=="outside"&&f.css("height",f.height());l=o;p=q;d=e;if(d.overlayShow){u.css({"background-color":d.overlayColor,
26
- opacity:d.overlayOpacity,cursor:d.hideOnOverlayClick?"pointer":"auto",height:b(document).height()});if(!u.is(":visible")){M&&b("select:not(#fancybox-tmp select)").filter(function(){return this.style.visibility!=="hidden"}).css({visibility:"hidden"}).one("fancybox-cleanup",function(){this.style.visibility="inherit"});u.show()}}else u.hide();i=X();s=d.title||"";y=0;n.empty().removeAttr("style").removeClass();if(d.titleShow!==false){if(b.isFunction(d.titleFormat))a=d.titleFormat(s,l,p,d);else a=s&&s.length?
27
- d.titlePosition=="float"?'<table id="fancybox-title-float-wrap" cellpadding="0" cellspacing="0"><tr><td id="fancybox-title-float-left"></td><td id="fancybox-title-float-main">'+s+'</td><td id="fancybox-title-float-right"></td></tr></table>':'<div id="fancybox-title-'+d.titlePosition+'">'+s+"</div>":false;s=a;if(!(!s||s==="")){n.addClass("fancybox-title-"+d.titlePosition).html(s).appendTo("body").show();switch(d.titlePosition){case "inside":n.css({width:i.width-d.padding*2,marginLeft:d.padding,marginRight:d.padding});
28
- y=n.outerHeight(true);n.appendTo(D);i.height+=y;break;case "over":n.css({marginLeft:d.padding,width:i.width-d.padding*2,bottom:d.padding}).appendTo(D);break;case "float":n.css("left",parseInt((n.width()-i.width-40)/2,10)*-1).appendTo(f);break;default:n.css({width:i.width-d.padding*2,paddingLeft:d.padding,paddingRight:d.padding}).appendTo(f)}}}n.hide();if(f.is(":visible")){b(E.add(z).add(A)).hide();a=f.position();r={top:a.top,left:a.left,width:f.width(),height:f.height()};c=r.width==i.width&&r.height==
29
- i.height;j.fadeTo(d.changeFade,0.3,function(){var g=function(){j.html(m.contents()).fadeTo(d.changeFade,1,S)};b.event.trigger("fancybox-change");j.empty().removeAttr("filter").css({"border-width":d.padding,width:i.width-d.padding*2,height:e.autoDimensions?"auto":i.height-y-d.padding*2});if(c)g();else{B.prop=0;b(B).animate({prop:1},{duration:d.changeSpeed,easing:d.easingChange,step:T,complete:g})}})}else{f.removeAttr("style");j.css("border-width",d.padding);if(d.transitionIn=="elastic"){r=V();j.html(m.contents());
30
- f.show();if(d.opacity)i.opacity=0;B.prop=0;b(B).animate({prop:1},{duration:d.speedIn,easing:d.easingIn,step:T,complete:S})}else{d.titlePosition=="inside"&&y>0&&n.show();j.css({width:i.width-d.padding*2,height:e.autoDimensions?"auto":i.height-y-d.padding*2}).html(m.contents());f.css(i).fadeIn(d.transitionIn=="none"?0:d.speedIn,S)}}}},Y=function(){if(d.enableEscapeButton||d.enableKeyboardNav)b(document).bind("keydown.fb",function(a){if(a.keyCode==27&&d.enableEscapeButton){a.preventDefault();b.fancybox.close()}else if((a.keyCode==
31
- 37||a.keyCode==39)&&d.enableKeyboardNav&&a.target.tagName!=="INPUT"&&a.target.tagName!=="TEXTAREA"&&a.target.tagName!=="SELECT"){a.preventDefault();b.fancybox[a.keyCode==37?"prev":"next"]()}});if(d.showNavArrows){if(d.cyclic&&l.length>1||p!==0)z.show();if(d.cyclic&&l.length>1||p!=l.length-1)A.show()}else{z.hide();A.hide()}},S=function(){if(!b.support.opacity){j.get(0).style.removeAttribute("filter");f.get(0).style.removeAttribute("filter")}e.autoDimensions&&j.css("height","auto");f.css("height","auto");
32
- s&&s.length&&n.show();d.showCloseButton&&E.show();Y();d.hideOnContentClick&&j.bind("click",b.fancybox.close);d.hideOnOverlayClick&&u.bind("click",b.fancybox.close);b(window).bind("resize.fb",b.fancybox.resize);d.centerOnScroll&&b(window).bind("scroll.fb",b.fancybox.center);if(d.type=="iframe")b('<iframe id="fancybox-frame" name="fancybox-frame'+(new Date).getTime()+'" frameborder="0" hspace="0" '+(b.browser.msie?'allowtransparency="true""':"")+' scrolling="'+e.scrolling+'" src="'+d.href+'"></iframe>').appendTo(j);
33
- f.show();h=false;b.fancybox.center();d.onComplete(l,p,d);var a,c;if(l.length-1>p){a=l[p+1].href;if(typeof a!=="undefined"&&a.match(J)){c=new Image;c.src=a}}if(p>0){a=l[p-1].href;if(typeof a!=="undefined"&&a.match(J)){c=new Image;c.src=a}}},T=function(a){var c={width:parseInt(r.width+(i.width-r.width)*a,10),height:parseInt(r.height+(i.height-r.height)*a,10),top:parseInt(r.top+(i.top-r.top)*a,10),left:parseInt(r.left+(i.left-r.left)*a,10)};if(typeof i.opacity!=="undefined")c.opacity=a<0.5?0.5:a;f.css(c);
34
- j.css({width:c.width-d.padding*2,height:c.height-y*a-d.padding*2})},U=function(){return[b(window).width()-d.margin*2,b(window).height()-d.margin*2,b(document).scrollLeft()+d.margin,b(document).scrollTop()+d.margin]},X=function(){var a=U(),c={},g=d.autoScale,k=d.padding*2;c.width=d.width.toString().indexOf("%")>-1?parseInt(a[0]*parseFloat(d.width)/100,10):d.width+k;c.height=d.height.toString().indexOf("%")>-1?parseInt(a[1]*parseFloat(d.height)/100,10):d.height+k;if(g&&(c.width>a[0]||c.height>a[1]))if(e.type==
35
- "image"||e.type=="swf"){g=d.width/d.height;if(c.width>a[0]){c.width=a[0];c.height=parseInt((c.width-k)/g+k,10)}if(c.height>a[1]){c.height=a[1];c.width=parseInt((c.height-k)*g+k,10)}}else{c.width=Math.min(c.width,a[0]);c.height=Math.min(c.height,a[1])}c.top=parseInt(Math.max(a[3]-20,a[3]+(a[1]-c.height-40)*0.5),10);c.left=parseInt(Math.max(a[2]-20,a[2]+(a[0]-c.width-40)*0.5),10);return c},V=function(){var a=e.orig?b(e.orig):false,c={};if(a&&a.length){c=a.offset();c.top+=parseInt(a.css("paddingTop"),
36
- 10)||0;c.left+=parseInt(a.css("paddingLeft"),10)||0;c.top+=parseInt(a.css("border-top-width"),10)||0;c.left+=parseInt(a.css("border-left-width"),10)||0;c.width=a.width();c.height=a.height();c={width:c.width+d.padding*2,height:c.height+d.padding*2,top:c.top-d.padding-20,left:c.left-d.padding-20}}else{a=U();c={width:d.padding*2,height:d.padding*2,top:parseInt(a[3]+a[1]*0.5,10),left:parseInt(a[2]+a[0]*0.5,10)}}return c},Z=function(){if(t.is(":visible")){b("div",t).css("top",L*-40+"px");L=(L+1)%12}else clearInterval(K)};
37
- b.fn.fancybox=function(a){if(!b(this).length)return this;b(this).data("fancybox",b.extend({},a,b.metadata?b(this).metadata():{})).unbind("click.fb").bind("click.fb",function(c){c.preventDefault();if(!h){h=true;b(this).blur();o=[];q=0;c=b(this).attr("rel")||"";if(!c||c==""||c==="nofollow")o.push(this);else{o=b("a[rel="+c+"], area[rel="+c+"]");q=o.index(this)}I()}});return this};b.fancybox=function(a,c){var g;if(!h){h=true;g=typeof c!=="undefined"?c:{};o=[];q=parseInt(g.index,10)||0;if(b.isArray(a)){for(var k=
38
- 0,C=a.length;k<C;k++)if(typeof a[k]=="object")b(a[k]).data("fancybox",b.extend({},g,a[k]));else a[k]=b({}).data("fancybox",b.extend({content:a[k]},g));o=jQuery.merge(o,a)}else{if(typeof a=="object")b(a).data("fancybox",b.extend({},g,a));else a=b({}).data("fancybox",b.extend({content:a},g));o.push(a)}if(q>o.length||q<0)q=0;I()}};b.fancybox.showActivity=function(){clearInterval(K);t.show();K=setInterval(Z,66)};b.fancybox.hideActivity=function(){t.hide()};b.fancybox.next=function(){return b.fancybox.pos(p+
39
- 1)};b.fancybox.prev=function(){return b.fancybox.pos(p-1)};b.fancybox.pos=function(a){if(!h){a=parseInt(a);o=l;if(a>-1&&a<l.length){q=a;I()}else if(d.cyclic&&l.length>1){q=a>=l.length?0:l.length-1;I()}}};b.fancybox.cancel=function(){if(!h){h=true;b.event.trigger("fancybox-cancel");N();e.onCancel(o,q,e);h=false}};b.fancybox.close=function(){function a(){u.fadeOut("fast");n.empty().hide();f.hide();b.event.trigger("fancybox-cleanup");j.empty();d.onClosed(l,p,d);l=e=[];p=q=0;d=e={};h=false}if(!(h||f.is(":hidden"))){h=
40
- true;if(d&&false===d.onCleanup(l,p,d))h=false;else{N();b(E.add(z).add(A)).hide();b(j.add(u)).unbind();b(window).unbind("resize.fb scroll.fb");b(document).unbind("keydown.fb");j.find("iframe").attr("src",M&&/^https/i.test(window.location.href||"")?"javascript:void(false)":"about:blank");d.titlePosition!=="inside"&&n.empty();f.stop();if(d.transitionOut=="elastic"){r=V();var c=f.position();i={top:c.top,left:c.left,width:f.width(),height:f.height()};if(d.opacity)i.opacity=1;n.empty().hide();B.prop=1;
41
- b(B).animate({prop:0},{duration:d.speedOut,easing:d.easingOut,step:T,complete:a})}else f.fadeOut(d.transitionOut=="none"?0:d.speedOut,a)}}};b.fancybox.resize=function(){u.is(":visible")&&u.css("height",b(document).height());b.fancybox.center(true)};b.fancybox.center=function(a){var c,g;if(!h){g=a===true?1:0;c=U();!g&&(f.width()>c[0]||f.height()>c[1])||f.stop().animate({top:parseInt(Math.max(c[3]-20,c[3]+(c[1]-j.height()-40)*0.5-d.padding)),left:parseInt(Math.max(c[2]-20,c[2]+(c[0]-j.width()-40)*0.5-
42
- d.padding))},typeof a=="number"?a:200)}};b.fancybox.init=function(){if(!b("#fancybox-wrap").length){b("body").append(m=b('<div id="fancybox-tmp"></div>'),t=b('<div id="fancybox-loading"><div></div></div>'),u=b('<div id="fancybox-overlay"></div>'),f=b('<div id="fancybox-wrap"></div>'));D=b('<div id="fancybox-outer"></div>').append('<div class="fancybox-bg" id="fancybox-bg-n"></div><div class="fancybox-bg" id="fancybox-bg-ne"></div><div class="fancybox-bg" id="fancybox-bg-e"></div><div class="fancybox-bg" id="fancybox-bg-se"></div><div class="fancybox-bg" id="fancybox-bg-s"></div><div class="fancybox-bg" id="fancybox-bg-sw"></div><div class="fancybox-bg" id="fancybox-bg-w"></div><div class="fancybox-bg" id="fancybox-bg-nw"></div>').appendTo(f);
43
- D.append(j=b('<div id="fancybox-content"></div>'),E=b('<a id="fancybox-close"></a>'),n=b('<div id="fancybox-title"></div>'),z=b('<a href="javascript:;" id="fancybox-left"><span class="fancy-ico" id="fancybox-left-ico"></span></a>'),A=b('<a href="javascript:;" id="fancybox-right"><span class="fancy-ico" id="fancybox-right-ico"></span></a>'));E.click(b.fancybox.close);t.click(b.fancybox.cancel);z.click(function(a){a.preventDefault();b.fancybox.prev()});A.click(function(a){a.preventDefault();b.fancybox.next()});
44
- b.fn.mousewheel&&f.bind("mousewheel.fb",function(a,c){if(h)a.preventDefault();else if(b(a.target).get(0).clientHeight==0||b(a.target).get(0).scrollHeight===b(a.target).get(0).clientHeight){a.preventDefault();b.fancybox[c>0?"prev":"next"]()}});b.support.opacity||f.addClass("fancybox-ie");if(M){t.addClass("fancybox-ie6");f.addClass("fancybox-ie6");b('<iframe id="fancybox-hide-sel-frame" src="'+(/^https/i.test(window.location.href||"")?"javascript:void(false)":"about:blank")+'" scrolling="no" border="0" frameborder="0" tabindex="-1"></iframe>').prependTo(D)}}};
45
- b.fn.fancybox.defaults={padding:10,margin:40,opacity:false,modal:false,cyclic:false,scrolling:"auto",width:560,height:340,autoScale:true,autoDimensions:true,centerOnScroll:false,ajax:{},swf:{wmode:"transparent"},hideOnOverlayClick:true,hideOnContentClick:false,overlayShow:true,overlayOpacity:0.7,overlayColor:"#777",titleShow:true,titlePosition:"float",titleFormat:null,titleFromAlt:false,transitionIn:"fade",transitionOut:"fade",speedIn:300,speedOut:300,changeSpeed:300,changeFade:"fast",easingIn:"swing",
46
- easingOut:"swing",showCloseButton:true,showNavArrows:true,enableEscapeButton:true,enableKeyboardNav:true,onStart:function(){},onCancel:function(){},onComplete:function(){},onCleanup:function(){},onClosed:function(){},onError:function(){}};b(document).ready(function(){b.fancybox.init()})})(jQuery);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
readme.txt CHANGED
@@ -1,10 +1,10 @@
1
  === WP Editor ===
2
- Contributors: benjaminprojas
3
  Donate link: http://wpeditor.net/
4
  Tags: code editor, plugin editor, theme editor, page editor, post editor, pages, posts, html, codemirror, plugins, themes, editor, fancybox, post.php, post-new.php, ajax, syntax highlighting, html syntax highlighting
5
- Requires at least: 3.0
6
  Tested up to: 4.6.1
7
- Stable tag: 1.2.6.3
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -33,7 +33,7 @@ WP Editor is a plugin for WordPress that replaces the default plugin and theme e
33
  1. Upload the `wp-editor.zip` to the `/wp-content/plugins/` directory
34
  2. Activate the plugin through the 'Plugins' menu in WordPress
35
 
36
- == Frequently Asked Questions ==
37
 
38
  = Does WP Editor provide syntax highlighting for the page/post editor? =
39
  Yes! This feature was added in version 1.1 of WP Editor. If it's not enabled by default, visit the settings page, click on the "Post Editor" section and enable it there.
@@ -69,6 +69,9 @@ Yes! While we don't have a need for further developers at this time, any financi
69
 
70
  == Changelog ==
71
 
 
 
 
72
  = 1.2.6.3 =
73
  * Fixed multiple XSS vulnerabilities
74
 
@@ -124,7 +127,7 @@ Yes! While we don't have a need for further developers at this time, any financi
124
  * Fixed display of warning message for active theme
125
  * Fixed typos on settings page
126
 
127
- = 1.2.2 =
128
  * Fixed issues with PHP 5.4+
129
  * Fixed issue with selecting theme file types not working
130
  * Fixed issue with double scrollbar
@@ -152,7 +155,7 @@ Yes! While we don't have a need for further developers at this time, any financi
152
  * Fixed text selection in all editors
153
  * Fixed post editor highlighter not loading when visual editor is disabled
154
 
155
- = 1.1.0.2 =
156
  * Added ability to customize tab characters and size for all editors
157
  * Added ability to set custom editor heights for all editors
158
  * Updated CodeMirror library to 2.33
@@ -160,11 +163,11 @@ Yes! While we don't have a need for further developers at this time, any financi
160
  * Fixed issue with media button toolbar not inserting shortcodes/content when in visual mode
161
  * Fixed issue with blockquote QuickTag inserting twice
162
 
163
- = 1.1.0.1 =
164
  * Fixed Upload/Insert media buttons not working in page/post editor
165
  * Removed legacy CSS theme files
166
 
167
- = 1.1 =
168
  * Added syntax highlighter for page/post editor
169
  * Added in monospace font for default theme/plugin/post editor
170
  * Updated Edit links in plugins page to work with WP 3.4 updates
@@ -194,6 +197,9 @@ Yes! While we don't have a need for further developers at this time, any financi
194
 
195
  == Upgrade Notice ==
196
 
 
 
 
197
  = 1.2.6.3 =
198
  Fixed multiple XSS vulnerabilities
199
 
@@ -245,7 +251,7 @@ Added ability to download individual plugin and theme files being edited
245
  Added ability to save page/post editor in fullscreen mode
246
  Fixed PHP Warning when viewing drop-ins and mustuse plugins
247
 
248
- = 1.2.2 =
249
  Fixed issues with PHP 5.4+
250
  Fixed issue with selecting theme file types not working
251
  Fixed issue with double scrollbar
@@ -270,16 +276,16 @@ Fixed conflicts with multiple plugins and themes
270
  Fixed text selection in all editors
271
  Fixed post editor highlighter not loading when visual editor is disabled
272
 
273
- = 1.1.0.2 =
274
  CodeMirror 2.33
275
  Fixed issue with media button toolbar not inserting shortcodes/content when in visual mode
276
  Fixed issue with blockquote QuickTag inserting twice
277
 
278
- = 1.1.0.1 =
279
  Fixed media buttons not working in Page/Post editor
280
 
281
  = 1.1 =
282
  Added features including support for syntax highlighting in the page/post editor
283
 
284
  = 1.0.1 =
285
- This version provides support for WordPress 3.4 and moves WP Editor out of beta
1
  === WP Editor ===
2
+ Contributors: benjaminprojas, smub, am
3
  Donate link: http://wpeditor.net/
4
  Tags: code editor, plugin editor, theme editor, page editor, post editor, pages, posts, html, codemirror, plugins, themes, editor, fancybox, post.php, post-new.php, ajax, syntax highlighting, html syntax highlighting
5
+ Requires at least: 3.9
6
  Tested up to: 4.6.1
7
+ Stable tag: 1.2.7
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
33
  1. Upload the `wp-editor.zip` to the `/wp-content/plugins/` directory
34
  2. Activate the plugin through the 'Plugins' menu in WordPress
35
 
36
+ == Frequently Asked Questions ==
37
 
38
  = Does WP Editor provide syntax highlighting for the page/post editor? =
39
  Yes! This feature was added in version 1.1 of WP Editor. If it's not enabled by default, visit the settings page, click on the "Post Editor" section and enable it there.
69
 
70
  == Changelog ==
71
 
72
+ = 1.2.7 =
73
+ * Security release: fixes SQLi vulnerabilities.
74
+
75
  = 1.2.6.3 =
76
  * Fixed multiple XSS vulnerabilities
77
 
127
  * Fixed display of warning message for active theme
128
  * Fixed typos on settings page
129
 
130
+ = 1.2.2 =
131
  * Fixed issues with PHP 5.4+
132
  * Fixed issue with selecting theme file types not working
133
  * Fixed issue with double scrollbar
155
  * Fixed text selection in all editors
156
  * Fixed post editor highlighter not loading when visual editor is disabled
157
 
158
+ = 1.1.0.2 =
159
  * Added ability to customize tab characters and size for all editors
160
  * Added ability to set custom editor heights for all editors
161
  * Updated CodeMirror library to 2.33
163
  * Fixed issue with media button toolbar not inserting shortcodes/content when in visual mode
164
  * Fixed issue with blockquote QuickTag inserting twice
165
 
166
+ = 1.1.0.1 =
167
  * Fixed Upload/Insert media buttons not working in page/post editor
168
  * Removed legacy CSS theme files
169
 
170
+ = 1.1 =
171
  * Added syntax highlighter for page/post editor
172
  * Added in monospace font for default theme/plugin/post editor
173
  * Updated Edit links in plugins page to work with WP 3.4 updates
197
 
198
  == Upgrade Notice ==
199
 
200
+ = 1.2.7 =
201
+ Security release: fixes SQLi vulnerabilities. Please upgrade immediately.
202
+
203
  = 1.2.6.3 =
204
  Fixed multiple XSS vulnerabilities
205
 
251
  Added ability to save page/post editor in fullscreen mode
252
  Fixed PHP Warning when viewing drop-ins and mustuse plugins
253
 
254
+ = 1.2.2 =
255
  Fixed issues with PHP 5.4+
256
  Fixed issue with selecting theme file types not working
257
  Fixed issue with double scrollbar
276
  Fixed text selection in all editors
277
  Fixed post editor highlighter not loading when visual editor is disabled
278
 
279
+ = 1.1.0.2 =
280
  CodeMirror 2.33
281
  Fixed issue with media button toolbar not inserting shortcodes/content when in visual mode
282
  Fixed issue with blockquote QuickTag inserting twice
283
 
284
+ = 1.1.0.1 =
285
  Fixed media buttons not working in Page/Post editor
286
 
287
  = 1.1 =
288
  Added features including support for syntax highlighting in the page/post editor
289
 
290
  = 1.0.1 =
291
+ This version provides support for WordPress 3.4 and moves WP Editor out of beta
wpeditor.php CHANGED
@@ -3,7 +3,8 @@
3
  Plugin Name: WP Editor
4
  Plugin URI: http://wpeditor.net
5
  Description: This plugin modifies the default behavior of the WordPress plugin and theme editors.
6
- Version: 1.2.6.3
 
7
  Author: Benjamin Rojas
8
  Author URI: http://benjaminrojas.net
9
  Text Domain: wpeditor
3
  Plugin Name: WP Editor
4
  Plugin URI: http://wpeditor.net
5
  Description: This plugin modifies the default behavior of the WordPress plugin and theme editors.
6
+ Version: 1.2.7
7
+ Requires at least: 3.9
8
  Author: Benjamin Rojas
9
  Author URI: http://benjaminrojas.net
10
  Text Domain: wpeditor