WordPress File Upload - Version 4.12.2

Version Description

  • corrected bug where files could not be downloaded in some server environments when dboption user state handler was enabled
Download this release

Release Info

Developer nickboss
Plugin Icon 128x128 WordPress File Upload
Version 4.12.2
Comparing to
See all releases

Code changes from version 4.12.1 to 4.12.2

Files changed (10) hide show
  1. lib/wfu_admin.php +1382 -1330
  2. lib/wfu_ajaxactions.php +5 -2
  3. lib/wfu_functions.php +18 -5
  4. lib/wfu_pd_classes.php +476 -272
  5. lib/wfu_pd_definitions.php +789 -664
  6. readme.txt +1213 -1207
  7. release_notes.txt +2 -9
  8. wfu_file_downloader.php +134 -131
  9. wfu_loader.php +1012 -973
  10. wordpress_file_upload.php +96 -96
lib/wfu_admin.php CHANGED
@@ -1,1331 +1,1383 @@
1
- <?php
2
-
3
- /**
4
- * Initialize Dashboard Area of Plugin
5
- *
6
- * This file initializes the Dashboard area of the plugin; it registers the
7
- * Dashboard menu pages and processes Dashboard requests.
8
- *
9
- * @link /lib/wfu_admin.php
10
- *
11
- * @package WordPress File Upload Plugin
12
- * @subpackage Core Components
13
- * @since 2.1.2
14
- */
15
-
16
- /**
17
- * Register Dashboard Styles and Scripts.
18
- *
19
- * This function registers styles and scripts for Dashboard area.
20
- *
21
- * @since 2.4.6
22
- */
23
- function wordpress_file_upload_admin_init() {
24
- $uri = $_SERVER['REQUEST_URI'];
25
- $is_admin = current_user_can( 'manage_options' );
26
- $can_edit_posts = ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) );
27
- $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && $can_edit_posts );
28
- if ( is_admin() && ( ( $is_admin && strpos($uri, "options-general.php") !== false ) ) ||
29
- //conditional that will register scripts for non-admin users who can
30
- //edit posts or pages so that they can open the shortcode composer
31
- ( is_admin() && $can_open_composer && strpos($uri, "admin.php") !== false ) ) {
32
- //apply wfu_before_admin_scripts to get additional settings
33
- $changable_data = array();
34
- /**
35
- * Execute Custom Actions Before Loading Admin Scripts.
36
- *
37
- * This filter allows to execute custom actions before scripts and
38
- * styles of the plugin's main Dashboard area are loaded. Loading of
39
- * plugin's scripts and styles can be completely customised.
40
- *
41
- * @since 4.1.0
42
- *
43
- * @param array $changable_data {
44
- * Controls loading of frontpage scripts.
45
- *
46
- * @type mixed $return_value Optional. If it is set then no
47
- * frontpage scripts will be loaded.
48
- * @type string $correct_NextGenGallery_incompatibility Optional. If
49
- * it is set to "true" then JQuery UI styles will not be
50
- * loaded in order to avoid incompatibility with NextGEN
51
- * Gallery plugin.
52
- * @type string $correct_JQueryUI_incompatibility Optional. If it is
53
- * set to "true" then JQuery UI styles will not be loaded
54
- * (same as previous parameter).
55
- * @type string $exclude_datepicker Optional. If it is set to "true"
56
- * then jQuery datepicker styles and scripts will not be
57
- * loaded.
58
- * }
59
- */
60
- $ret_data = apply_filters('wfu_before_admin_scripts', $changable_data);
61
- //if $ret_data contains 'return_value' key then no scripts will be
62
- //registered
63
- if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
64
- //continue with script and style registering
65
- wp_register_style('wordpress-file-upload-admin-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminstyle.css',false,'1.0','all');
66
- wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
67
- //do not register JQuery UI css if $ret_data denotes incompatibility
68
- //issues
69
- if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
70
- ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
71
- wp_register_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
72
- //don't load datepicker js if $ret_data exclude_datepicker flag is true
73
- if ( !isset($ret_data["exclude_datepicker"]) || $ret_data["exclude_datepicker"] != "true" )
74
- wp_register_script('jquery-ui-datepicker', false, array('jquery'));
75
- wp_register_script('wordpress_file_upload_admin_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_adminfunctions.js', array( 'wp-color-picker' ), false, true);
76
- if ( !$is_admin ) {
77
- add_action('admin_post_edit_shortcode', 'wordpress_file_upload_manage_dashboard');
78
- add_action('admin_print_scripts', 'wfu_enqueue_admin_scripts');
79
- }
80
- }
81
- //register scripts for Uploaded Files
82
- elseif ( is_admin() && $is_admin && strpos($uri, "admin.php") !== false ) {
83
- //apply wfu_before_admin_scripts to get additional settings
84
- $changable_data = array();
85
- /**
86
- * Execute Custom Actions Before Loading Uploaded Files Scripts.
87
- *
88
- * This filter allows to execute custom actions before scripts and
89
- * styles of the plugin's Uploaded Files Dashboard page are loaded.
90
- * Loading of plugin's scripts and styles can be completely customised.
91
- *
92
- * @since 4.7.0
93
- *
94
- * @param array $changable_data {
95
- * Controls loading of frontpage scripts.
96
- *
97
- * @type mixed $return_value Optional. If it is set then no
98
- * frontpage scripts will be loaded.
99
- * @type string $correct_NextGenGallery_incompatibility Optional. If
100
- * it is set to "true" then JQuery UI styles will not be
101
- * loaded in order to avoid incompatibility with NextGEN
102
- * Gallery plugin.
103
- * @type string $correct_JQueryUI_incompatibility Optional. If it is
104
- * set to "true" then JQuery UI styles will not be loaded
105
- * (same as previous parameter).
106
- * }
107
- */
108
- $ret_data = apply_filters('wfu_before_uploadedfiles_admin_scripts', $changable_data);
109
- //if $ret_data contains 'return_value' key then no scripts will be
110
- //registered
111
- if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
112
- //continue with script and style registering
113
- wp_register_style('wordpress-file-upload-admin-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminstyle.css',false,'1.0','all');
114
- wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
115
- //do not register JQuery UI css if $ret_data denotes incompatibility
116
- //issues
117
- if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
118
- ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
119
- wp_register_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
120
- wp_register_script('wordpress_file_upload_admin_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_adminfunctions.js', array( 'wp-color-picker' ), false, true);
121
- }
122
- //register scripts for admin bar menu item
123
- elseif ( is_admin() && $is_admin ) {
124
- //script and style registering
125
- wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
126
- }
127
- }
128
-
129
- /**
130
- * Register Dashboard Menu Pages.
131
- *
132
- * This function registers the Dashboard pages of the plugin.
133
- *
134
- * @since 2.1.2
135
- */
136
- function wordpress_file_upload_add_admin_pages() {
137
- global $wpdb;
138
- global $wfu_uploadedfiles_hook_suffix;
139
- $table_name1 = $wpdb->prefix . "wfu_log";
140
-
141
- $page_hook_suffix = false;
142
- if ( current_user_can( 'manage_options' ) ) $page_hook_suffix = add_options_page('Wordpress File Upload', 'Wordpress File Upload', 'manage_options', 'wordpress_file_upload', 'wordpress_file_upload_manage_dashboard');
143
- if ( $page_hook_suffix !== false ) add_action('admin_print_scripts-'.$page_hook_suffix, 'wfu_enqueue_admin_scripts');
144
- //conditional that will create Wordpress File Upload Dashboard menu, if it
145
- //has not already been created, for non-admin users who can edit posts or
146
- //pages, so that their requests for opening the shortcode composer can be
147
- //handled
148
- elseif ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) ) ) {
149
- $page_hook_suffix = add_menu_page('Wordpress File Upload', 'Wordpress File Upload', 'read', 'wordpress_file_upload', 'wordpress_file_upload_manage_dashboard_editor');
150
- if ( $page_hook_suffix !== false ) add_action('admin_print_scripts-'.$page_hook_suffix, 'wfu_enqueue_admin_scripts');
151
- }
152
- //add Uploaded Files menu if it is allowed
153
- $wfu_uploadedfiles_hook_suffix = false;
154
- if ( current_user_can( 'manage_options' ) && WFU_VAR("WFU_UPLOADEDFILES_MENU") == "true" ) {
155
- //get the number of new (unread) uploaded files
156
- $unread_files_count = wfu_get_unread_files_count();
157
- $text = $unread_files_count;
158
- if ( $unread_files_count > 99 ) $text = "99+";
159
- $title = 'Uploaded Files <span class="update-plugins count-'.$unread_files_count.'"><span class="plugin-count">'.$text.'</span></span>';
160
- $wfu_uploadedfiles_hook_suffix = add_menu_page(
161
- 'Uploaded Files',
162
- $title,
163
- 'manage_options',
164
- 'wfu_uploaded_files',
165
- 'wfu_uploadedfiles_menu',
166
- 'dashicons-upload',
167
- 6
168
- );
169
- }
170
- if ( $wfu_uploadedfiles_hook_suffix !== false ) {
171
- add_action('admin_print_scripts-'.$wfu_uploadedfiles_hook_suffix, 'wfu_enqueue_uploadedfiles_admin_scripts');
172
- }
173
- //enqueue scripts for admin bar menu item
174
- if ( current_user_can( 'manage_options' ) )
175
- add_action('admin_print_scripts', 'wfu_enqueue_uploadedfiles_adminbar_scripts');
176
- }
177
-
178
- /**
179
- * Enqueue Main Dashboard Page Styles and Scripts.
180
- *
181
- * This function registers the styles and scripts of the plugin's main
182
- * Dashboard page.
183
- *
184
- * @since 2.4.6
185
- */
186
- function wfu_enqueue_admin_scripts() {
187
- $uri = $_SERVER['REQUEST_URI'];
188
- $is_admin = current_user_can( 'manage_options' );
189
- $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) ) );
190
- if ( is_admin() && ( ( $is_admin && strpos($uri, "options-general.php") !== false ) ) ||
191
- //conditional that will enqueue scripts for non-admin users who can
192
- //edit posts or pages so that they can open the shortcode composer
193
- ( is_admin() && $can_open_composer && strpos($uri, "admin.php") !== false ) ) {
194
- //apply wfu_before_admin_scripts to get additional settings
195
- $changable_data = array();
196
- /** This filter is documented above */
197
- $ret_data = apply_filters('wfu_before_admin_scripts', $changable_data);
198
- //if $ret_data contains 'return_value' key then no scripts will be
199
- //enqueued
200
- if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
201
- //continue with script and style enqueuing
202
- wp_enqueue_style('wordpress-file-upload-admin-style');
203
- wp_enqueue_style('wordpress-file-upload-adminbar-style');
204
- //do not enqueue JQuery UI css if $ret_data denotes incompatibility
205
- //issues
206
- if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
207
- ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
208
- wp_enqueue_style('jquery-ui-css');
209
- wp_enqueue_style( 'wp-color-picker' );
210
- //don't load datepicker js if $ret_data exclude_datepicker flag is true
211
- if ( !isset($ret_data["exclude_datepicker"]) || $ret_data["exclude_datepicker"] != "true" )
212
- wp_enqueue_script('jquery-ui-datepicker');
213
- wp_enqueue_script('wordpress_file_upload_admin_script');
214
- $AdminParams = array("wfu_ajax_url" => site_url()."/wp-admin/admin-ajax.php");
215
- wp_localize_script( 'wordpress_file_upload_admin_script', 'AdminParams', $AdminParams );
216
- }
217
- }
218
-
219
- /**
220
- * Enqueue Uploaded Files Dashboard Page Styles and Scripts.
221
- *
222
- * This function registers the styles and scripts of the plugin's Uploaded Files
223
- * Dashboard page.
224
- *
225
- * @since 4.7.0
226
- */
227
- function wfu_enqueue_uploadedfiles_admin_scripts() {
228
- $uri = $_SERVER['REQUEST_URI'];
229
- $is_admin = current_user_can( 'manage_options' );
230
- if ( is_admin() && $is_admin && strpos($uri, "admin.php") !== false ) {
231
- //apply wfu_before_admin_scripts to get additional settings
232
- $changable_data = array();
233
- /** This filter is documented above */
234
- $ret_data = apply_filters('wfu_before_uploadedfiles_admin_scripts', $changable_data);
235
- //if $ret_data contains 'return_value' key then no scripts will be
236
- //enqueued
237
- if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
238
- //continue with script and style enqueuing
239
- wp_enqueue_style('wordpress-file-upload-admin-style');
240
- wp_enqueue_style('wordpress-file-upload-adminbar-style');
241
- //do not enqueue JQuery UI css if $ret_data denotes incompatibility
242
- //issues
243
- if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
244
- ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
245
- wp_enqueue_style('jquery-ui-css');
246
- wp_enqueue_script('wordpress_file_upload_admin_script');
247
- $AdminParams = array("wfu_ajax_url" => site_url()."/wp-admin/admin-ajax.php");
248
- wp_localize_script( 'wordpress_file_upload_admin_script', 'AdminParams', $AdminParams );
249
- }
250
- }
251
-
252
- /**
253
- * Enqueue Admin Bar Styles and Scripts.
254
- *
255
- * This function registers the styles and scripts of the plugin for the Admin
256
- * Bar.
257
- *
258
- * @since 4.8.0
259
- */
260
- function wfu_enqueue_uploadedfiles_adminbar_scripts() {
261
- $is_admin = current_user_can( 'manage_options' );
262
- if ( is_admin() && $is_admin ) {
263
- //script and style enqueuing
264
- wp_enqueue_style('wordpress-file-upload-adminbar-style');
265
- }
266
- }
267
-
268
-
269
- /**
270
- * Initialize Tables.
271
- *
272
- * This function initializes the plugin's database tables and other actions.
273
- *
274
- * @since 2.4.1
275
- */
276
- function wordpress_file_upload_install() {
277
- global $wpdb;
278
- global $wfu_tb_log_version;
279
- global $wfu_tb_userdata_version;
280
- global $wfu_tb_dbxqueue_version;
281
- require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
282
-
283
- //define database tables
284
- $table_name1 = $wpdb->prefix . "wfu_log";
285
- $installed_ver = get_option( "wordpress_file_upload_table_log_version" );
286
- if( $installed_ver != $wfu_tb_log_version ) {
287
- $sql = "CREATE TABLE " . $table_name1 . " (
288
- idlog mediumint(9) NOT NULL AUTO_INCREMENT,
289
- userid int NOT NULL,
290
- uploaduserid int NOT NULL,
291
- uploadtime bigint,
292
- sessionid VARCHAR(40),
293
- filepath TEXT NOT NULL,
294
- filehash VARCHAR(100) NOT NULL,
295
- filesize bigint NOT NULL,
296
- uploadid VARCHAR(20) NOT NULL,
297
- pageid mediumint(9),
298
- blogid mediumint(9),
299
- sid VARCHAR(10),
300
- date_from DATETIME,
301
- date_to DATETIME,
302
- action VARCHAR(20) NOT NULL,
303
- linkedto mediumint(9),
304
- filedata TEXT,
305
- PRIMARY KEY (idlog))
306
- DEFAULT CHARACTER SET = utf8
307
- DEFAULT COLLATE = utf8_general_ci;";
308
- dbDelta($sql);
309
- update_option("wordpress_file_upload_table_log_version", $wfu_tb_log_version);
310
- }
311
-
312
- $table_name2 = $wpdb->prefix . "wfu_userdata";
313
- $installed_ver = get_option( "wordpress_file_upload_table_userdata_version" );
314
- if( $installed_ver != $wfu_tb_userdata_version ) {
315
- $sql = "CREATE TABLE " . $table_name2 . " (
316
- iduserdata mediumint(9) NOT NULL AUTO_INCREMENT,
317
- uploadid VARCHAR(20) NOT NULL,
318
- property VARCHAR(100) NOT NULL,
319
- propkey mediumint(9) NOT NULL,
320
- propvalue TEXT,
321
- date_from DATETIME,
322
- date_to DATETIME,
323
- PRIMARY KEY (iduserdata))
324
- DEFAULT CHARACTER SET = utf8
325
- DEFAULT COLLATE = utf8_general_ci;";
326
- dbDelta($sql);
327
- update_option("wordpress_file_upload_table_userdata_version", $wfu_tb_userdata_version);
328
- }
329
-
330
- $table_name3 = $wpdb->prefix . "wfu_dbxqueue";
331
- $installed_ver = get_option( "wordpress_file_upload_table_dbxqueue_version" );
332
- if( $installed_ver != $wfu_tb_dbxqueue_version ) {
333
- $sql = "CREATE TABLE " . $table_name3 . " (
334
- iddbxqueue mediumint(9) NOT NULL AUTO_INCREMENT,
335
- fileid mediumint(9) NOT NULL,
336
- priority mediumint(9) NOT NULL,
337
- status mediumint(9) NOT NULL,
338
- jobid VARCHAR(10) NOT NULL,
339
- start_time bigint,
340
- PRIMARY KEY (iddbxqueue))
341
- DEFAULT CHARACTER SET = utf8
342
- DEFAULT COLLATE = utf8_general_ci;";
343
- dbDelta($sql);
344
- update_option("wordpress_file_upload_table_dbxqueue_version", $wfu_tb_dbxqueue_version);
345
- }
346
- //adjust user state handler to 'dboption' except if there are active hooks
347
- //that use session; adjustment will be done only once
348
- if ( WFU_VAR("WFU_US_HANDLER_CHANGED") == "false" ) {
349
- $envars = get_option("wfu_environment_variables", array());
350
- {
351
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
352
- if ( $plugin_options["userstatehandler"] != "dboption" ) wfu_update_setting("userstatehandler", "dboption");
353
- if ( WFU_VAR("WFU_US_DBOPTION_BASE") != "cookies" ) {
354
- $GLOBALS["WFU_GLOBALS"]["WFU_US_DBOPTION_BASE"][3] = "cookies";
355
- $envars["WFU_US_DBOPTION_BASE"] = "cookies";
356
- }
357
- }
358
- $GLOBALS["WFU_GLOBALS"]["WFU_US_HANDLER_CHANGED"][3] = "true";
359
- $envars["WFU_US_HANDLER_CHANGED"] = "true";
360
- update_option("wfu_environment_variables", $envars);
361
- }
362
- }
363
-
364
- /**
365
- * Actions Before Uninstalling Plugin.
366
- *
367
- * This function performs actions before uninstalling the plugin.
368
- *
369
- * @since 4.4.0
370
- */
371
- function wordpress_file_upload_uninstall() {
372
- }
373
-
374
- /**
375
- * Actions After Plugins are Loaded.
376
- *
377
- * This function performs actions after plugin are loaded. It updates the
378
- * database tables in necessary.
379
- *
380
- * @since 2.4.1
381
- */
382
- function wordpress_file_upload_update_db_check() {
383
- global $wfu_tb_log_version;
384
- global $wfu_tb_userdata_version;
385
- global $wfu_tb_dbxqueue_version;
386
- // update_option("wordpress_file_upload_table_log_version", "0");
387
- // update_option("wordpress_file_upload_table_userdata_version", "0");
388
- // update_option("wordpress_file_upload_table_dbxqueue_version", "0");
389
- if ( get_option('wordpress_file_upload_table_log_version') != $wfu_tb_log_version || get_option('wordpress_file_upload_table_userdata_version') != $wfu_tb_userdata_version || get_option('wordpress_file_upload_table_dbxqueue_version') != $wfu_tb_dbxqueue_version ) {
390
- wordpress_file_upload_install();
391
- }
392
- }
393
-
394
- /**
395
- * Process Dashboard Requests.
396
- *
397
- * This function processes Dashboard requests and shows main Dashboard pages of
398
- * the plugin in Settings.
399
- *
400
- * @since 2.1.2
401
- */
402
- function wordpress_file_upload_manage_dashboard() {
403
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
404
- $_POST = stripslashes_deep($_POST);
405
- $_GET = stripslashes_deep($_GET);
406
- $action = (!empty($_POST['action']) ? $_POST['action'] : (!empty($_GET['action']) ? $_GET['action'] : ''));
407
- $dir = (!empty($_POST['dir']) ? $_POST['dir'] : (!empty($_GET['dir']) ? $_GET['dir'] : ''));
408
- $file = (!empty($_POST['file']) ? $_POST['file'] : (!empty($_GET['file']) ? $_GET['file'] : ''));
409
- $referer = (!empty($_POST['referer']) ? $_POST['referer'] : (!empty($_GET['referer']) ? $_GET['referer'] : ''));
410
- $data_enc = (!empty($_POST['data']) ? $_POST['data'] : (!empty($_GET['data']) ? $_GET['data'] : ''));
411
- $postid = (!empty($_POST['postid']) ? $_POST['postid'] : (!empty($_GET['postid']) ? $_GET['postid'] : ''));
412
- $nonce = (!empty($_POST['nonce']) ? $_POST['nonce'] : (!empty($_GET['nonce']) ? $_GET['nonce'] : ''));
413
- $tag = (!empty($_POST['tag']) ? $_POST['tag'] : (!empty($_GET['tag']) ? $_GET['tag'] : ''));
414
- $username = (!empty($_POST['username']) ? $_POST['username'] : (!empty($_GET['username']) ? $_GET['username'] : ''));
415
- $invoker = (!empty($_POST['invoker']) ? $_POST['invoker'] : (!empty($_GET['invoker']) ? $_GET['invoker'] : ''));
416
- $echo_str = "";
417
-
418
- if ( $action == 'edit_settings' ) {
419
- wfu_update_settings();
420
- $echo_str = wfu_manage_settings();
421
- }
422
- elseif ( $action == 'shortcode_composer' ) {
423
- $echo_str = wfu_shortcode_composer();
424
- }
425
- elseif ( $action == 'file_browser' ) {
426
- $echo_str = wfu_browse_files($dir);
427
- }
428
- elseif ( $action == 'view_log' ) {
429
- $page = $tag;
430
- if ( $page == '' ) $page = 1;
431
- $page = (int)wfu_sanitize_int($page);
432
- $located_rec = $invoker;
433
- if ( $located_rec == '' ) $located_rec = -1;
434
- $located_rec = (int)wfu_sanitize_int($located_rec);
435
- $echo_str = wfu_view_log($page, false, $located_rec);
436
- }
437
- elseif ( $action == 'rename_file' && $file != "" ) {
438
- $echo_str = wfu_rename_file_prompt($file, 'file', false);
439
- }
440
- elseif ( $action == 'rename_dir' && $file != "" ) {
441
- $echo_str = wfu_rename_file_prompt($file, 'dir', false);
442
- }
443
- elseif ( $action == 'move_file' && $file != "" ) {
444
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
445
- $echo_str = wfu_move_file_prompt($file, false);
446
- }
447
- elseif ( $action == 'renamefile' && $file != "" ) {
448
- if ( wfu_rename_file($file, 'file') ) $echo_str = wfu_browse_files($dir);
449
- else $echo_str = wfu_rename_file_prompt($file, 'file', true);
450
- }
451
- elseif ( $action == 'renamedir' && $file != "" ) {
452
- if ( wfu_rename_file($file, 'dir') ) $echo_str = wfu_browse_files($dir);
453
- else $echo_str = wfu_rename_file_prompt($file, 'dir', true);
454
- }
455
- elseif ( $action == 'movefile' && $file != "" ) {
456
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
457
- if ( wfu_move_file($file) ) $echo_str = wfu_browse_files($dir);
458
- else $echo_str = wfu_move_file_prompt($file, true);
459
- }
460
- elseif ( $action == 'delete_file' && $file != "" && $referer != "" ) {
461
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
462
- $echo_str = wfu_delete_file_prompt($file, 'file', $referer);
463
- }
464
- elseif ( $action == 'delete_dir' && $file != "" && $referer != "" ) {
465
- $echo_str = wfu_delete_file_prompt($file, 'dir', $referer);
466
- }
467
- elseif ( $action == 'deletefile' && $file != "" ) {
468
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
469
- wfu_delete_file($file, 'file');
470
- $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
471
- if ( $referer_url === false ) $referer_url = "";
472
- $match = array();
473
- preg_match("/\&dir=(.*)/", $referer_url, $match);
474
- $dir = ( isset($match[1]) ? $match[1] : "" );
475
- $echo_str = wfu_browse_files($dir);
476
- }
477
- elseif ( $action == 'deletedir' && $file != "" ) {
478
- wfu_delete_file($file, 'dir');
479
- $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
480
- if ( $referer_url === false ) $referer_url = "";
481
- $match = array();
482
- preg_match("/\&dir=(.*)/", $referer_url, $match);
483
- $dir = ( isset($match[1]) ? $match[1] : "" );
484
- $echo_str = wfu_browse_files($dir);
485
- }
486
- elseif ( $action == 'create_dir' ) {
487
- $echo_str = wfu_create_dir_prompt($dir, false);
488
- }
489
- elseif ( $action == 'createdir' ) {
490
- if ( wfu_create_dir($dir) ) $echo_str = wfu_browse_files($dir);
491
- else $echo_str = wfu_create_dir_prompt($dir, true);
492
- }
493
- elseif ( $action == 'include_file' && $file != "" && $referer != "" ) {
494
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
495
- $echo_str = wfu_include_file_prompt($file, $referer);
496
- }
497
- elseif ( $action == 'includefile' && $file != "" ) {
498
- if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
499
- wfu_include_file($file);
500
- $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
501
- if ( $referer_url === false ) $referer_url = "";
502
- $match = array();
503
- preg_match("/\&dir=(.*)/", $referer_url, $match);
504
- $dir = ( isset($match[1]) ? $match[1] : "" );
505
- $echo_str = wfu_browse_files($dir);
506
- }
507
- elseif ( $action == 'file_details' && $file != "" ) {
508
- $echo_str = wfu_file_details($file, false, $invoker);
509
- }
510
- elseif ( $action == 'edit_filedetails' && $file != "" ) {
511
- wfu_edit_filedetails($file);
512
- $echo_str = wfu_file_details($file, false, $invoker);
513
- }
514
- elseif ( $action == 'personal_data' && $plugin_options["personaldata"] == "1" ) {
515
- $echo_str = wfu_manage_personaldata_policies();
516
- }
517
- elseif ( $action == 'erase_userdata_ask' && $plugin_options["personaldata"] == "1" && $username != "" ) {
518
- $echo_str = wfu_erase_userdata_ask_prompt($username);
519
- }
520
- elseif ( $action == 'erase_userdata' && $plugin_options["personaldata"] == "1" && $username != "" ) {
521
- $ret = wfu_erase_userdata($username);
522
- if ( $ret <= -1 ) $echo_str = wfu_manage_personaldata_policies();
523
- else $echo_str = wfu_manage_personaldata_policies('Database cleaned. '.$ret.' items where affected.');
524
- }
525
- elseif ( $action == 'maintenance_actions' ) {
526
- $echo_str = wfu_maintenance_actions();
527
- }
528
- elseif ( $action == 'sync_db' && $nonce != "" ) {
529
- $affected_items = wfu_sync_database_controller($nonce);
530
- if ( $affected_items > -1 ) $echo_str = wfu_maintenance_actions('Database updated. '.$affected_items.' items where affected.');
531
- else $echo_str = wfu_maintenance_actions();
532
- }
533
- elseif ( $action == 'clean_log_ask' && $nonce != "" && $data_enc != "" ) {
534
- $echo_str = wfu_clean_log_prompt($nonce, $data_enc);
535
- }
536
- elseif ( $action == 'clean_log' ) {
537
- $ret = wfu_clean_log();
538
- if ( $ret["recs_count"] <= -1 && $ret["files_count"] ) $echo_str = wfu_maintenance_actions();
539
- else $echo_str = wfu_maintenance_actions('Database cleaned. '.$ret["recs_count"].' records and '.$ret["files_count"].' files where deleted.');
540
- }
541
- elseif ( $action == 'purge_data_ask' && $nonce != "" ) {
542
- $echo_str = wfu_purge_data_prompt($nonce);
543
- }
544
- elseif ( $action == 'purge_data' ) {
545
- $ret = wfu_purge_data();
546
- if ( !$ret ) $echo_str = wfu_maintenance_actions();
547
- else $echo_str = '<script type="text/javascript">window.location.replace("'.admin_url('plugins.php').'");</script>';
548
- }
549
- elseif ( $action == 'reset_all_transfers' && $nonce != "" ) {
550
- if ( wfu_reset_all_transfers_controller($nonce) === true )
551
- $echo_str = wfu_maintenance_actions('All file transfers were successfully reset.');
552
- else $echo_str = wfu_maintenance_actions();
553
- }
554
- elseif ( $action == 'clear_all_transfers' && $nonce != "" ) {
555
- if ( wfu_clear_all_transfers_controller($nonce) === true )
556
- $echo_str = wfu_maintenance_actions('All file transfers were successfully cleared.');
557
- else $echo_str = wfu_maintenance_actions();
558
- }
559
- elseif ( $action == 'plugin_settings' ) {
560
- $echo_str = wfu_manage_settings();
561
- }
562
- elseif ( $action == 'add_shortcode' && $postid != "" && $nonce != "" && $tag != "" ) {
563
- if ( WFU_USVAR('wfu_add_shortcode_ticket_for_'.$tag) != $nonce ) $echo_str = wfu_manage_mainmenu();
564
- elseif ( wfu_add_shortcode($postid, $tag) ) $echo_str = wfu_manage_mainmenu();
565
- else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_ADD_SHORTCODE_REJECTED);
566
- WFU_USVAR_store('wfu_add_shortcode_ticket', 'noticket');
567
- }
568
- elseif ( $action == 'edit_shortcode' && $data_enc != "" && $tag != "" ) {
569
- $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
570
- if ( $data['post_id'] == "" || $referer == 'guteditor' || wfu_check_edit_shortcode($data) ) wfu_shortcode_composer($data, $tag, $referer);
571
- else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_EDIT_SHORTCODE_REJECTED);
572
- }
573
- elseif ( $action == 'delete_shortcode' && $data_enc != "" ) {
574
- $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
575
- if ( wfu_check_edit_shortcode($data) ) $echo_str = wfu_delete_shortcode_prompt($data_enc);
576
- else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_DELETE_SHORTCODE_REJECTED);
577
- }
578
- elseif ( $action == 'deleteshortcode' && $data_enc != "" ) {
579
- $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
580
- if ( wfu_check_edit_shortcode($data) ) {
581
- if ( wfu_delete_shortcode($data) ) wfu_clear_shortcode_data_from_safe($data_enc);
582
- $echo_str = wfu_manage_mainmenu();
583
- }
584
- else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_DELETE_SHORTCODE_REJECTED);
585
- }
586
- elseif ( $action == 'add_policy' ) {
587
- $echo_str = wfu_edit_pd_policy();
588
- }
589
- else {
590
- $echo_str = wfu_manage_mainmenu();
591
- }
592
-
593
- echo $echo_str;
594
- }
595
-
596
- /**
597
- * Process Dashboard Requests for Non-Admin Users.
598
- *
599
- * This function processes Dashboard requests and shows the shortcode composer
600
- * to users that are not admins but who can edit posts or pages. It also lets
601
- * extensions implement their own actions when receiving Dashboard requests by
602
- * non-admin users.
603
- *
604
- * @since 4.11.0
605
- */
606
- function wordpress_file_upload_manage_dashboard_editor() {
607
- $_POST = stripslashes_deep($_POST);
608
- $_GET = stripslashes_deep($_GET);
609
- $action = (!empty($_POST['action']) ? $_POST['action'] : (!empty($_GET['action']) ? $_GET['action'] : ''));
610
- $referer = (!empty($_POST['referer']) ? $_POST['referer'] : (!empty($_GET['referer']) ? $_GET['referer'] : ''));
611
- $data_enc = (!empty($_POST['data']) ? $_POST['data'] : (!empty($_GET['data']) ? $_GET['data'] : ''));
612
- $tag = (!empty($_POST['tag']) ? $_POST['tag'] : (!empty($_GET['tag']) ? $_GET['tag'] : ''));
613
- $echo_str = "";
614
-
615
- if ( $action == 'edit_shortcode' && $data_enc != "" && $tag != "" ) {
616
- $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
617
- if ( $data['post_id'] == "" || $referer == 'guteditor' || wfu_check_edit_shortcode($data) ) wfu_shortcode_composer($data, $tag, $referer);
618
- else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_EDIT_SHORTCODE_REJECTED);
619
- }
620
- else {
621
- $echo_str = wfu_manage_mainmenu_editor();
622
- }
623
-
624
- echo $echo_str;
625
- }
626
-
627
- /**
628
- * Display the Main Dashboard Page.
629
- *
630
- * This function displays the Main Dashboard page of the plugin.
631
- *
632
- * @since 2.5.2
633
- *
634
- * @param string $message Optional. A message to display on top when showing
635
- * Main page of the plugin in Dashboard.
636
- *
637
- * @return string The HTML output of the plugin's Main Dashboard page.
638
- */
639
- function wfu_manage_mainmenu($message = '') {
640
- if ( !current_user_can( 'manage_options' ) ) return;
641
-
642
- //get php version
643
- $php_version = preg_replace("/-.*/", "", phpversion());
644
-
645
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
646
-
647
- $echo_str = '<div class="wrap wfumain">';
648
- $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
649
- if ( $message != '' ) {
650
- $echo_str .= "\n\t".'<div class="updated">';
651
- $echo_str .= "\n\t\t".'<p>'.$message.'</p>';
652
- $echo_str .= "\n\t".'</div>';
653
- }
654
- $echo_str .= "\n\t".'<div style="margin-top:20px;">';
655
- $echo_str .= wfu_generate_dashboard_menu("\n\t\t", "Main");
656
- $echo_str .= "\n\t\t".'<h3 style="margin-bottom: 10px;">Status';
657
- if ( $plugin_options["altserver"] == "1" && substr(trim(WFU_VAR("WFU_ALT_IPTANUS_SERVER")), 0, 5) == "http:" ) {
658
- $echo_str .= '<div style="display: inline-block; margin-left:20px;" title="'.WFU_WARNING_ALT_IPTANUS_SERVER_ACTIVATED.'"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 200 800" version="1.1" style="background:darkorange; border-radius:13px; padding:2px; vertical-align:middle; border: 1px solid silver;"><path d="M 110,567 L 90,567 L 42,132 C 40,114 40,100 40,90 C 40,70 45,49 56,35 C 70,22 83,15 100,15 C 117,15 130,22 144,35 C 155,49 160,70 160,90 C 160,100 160,114 158,132 z M 100,640 A 60,60 0 1,1 100,760 A 60,60 0 1,1 100,640 z"/></svg></div>';
659
- }
660
- $echo_str .= '</h3>';
661
- $echo_str .= "\n\t\t".'<table class="form-table">';
662
- $echo_str .= "\n\t\t\t".'<tbody>';
663
- //plugin edition
664
- $echo_str .= "\n\t\t\t\t".'<tr>';
665
- $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
666
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Edition</label>';
667
- $echo_str .= "\n\t\t\t\t\t".'</th>';
668
- $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px; vertical-align:top;">';
669
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">Free</label>';
670
- $echo_str .= "\n\t\t\t\t\t".'</td>';
671
- $echo_str .= "\n\t\t\t\t\t".'<td>';
672
- $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:bisque; padding:0 0 0 4px; border-left:3px solid lightcoral;">';
673
- $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">Consider </label><a href="'.WFU_PRO_VERSION_URL.'">Upgrading</a><label style="cursor:default;"> to the Professional Version. </label>';
674
- $echo_str .= "\n\t\t\t\t\t\t\t".'<button onclick="if (this.innerText == \'See why >>\') {this.innerText = \'<< Close\'; document.getElementById(\'wfu_version_comparison\').style.display = \'inline-block\';} else {this.innerText = \'See why >>\'; document.getElementById(\'wfu_version_comparison\').style.display = \'none\';}">See why >></button>';
675
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
676
- $echo_str .= "\n\t\t\t\t\t\t".'<br /><div id="wfu_version_comparison" style="display:none; background-color:lightyellow; border:1px solid yellow; margin:10px 0; padding:10px;">';
677
- $echo_str .= "\n\t\t\t\t\t\t\t".'<img src="'.WFU_IMAGE_VERSION_COMPARISON.'" style="display:block; margin-bottom:6px;" />';
678
- $echo_str .= "\n\t\t\t\t\t\t\t".'<a class="button-primary" href="'.WFU_PRO_VERSION_URL.'">Go for the PRO version</a>';
679
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
680
- $echo_str .= "\n\t\t\t\t\t".'</td>';
681
- $echo_str .= "\n\t\t\t\t".'</tr>';
682
- //plugin version
683
- $echo_str .= "\n\t\t\t\t".'<tr>';
684
- $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
685
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Version</label>';
686
- $echo_str .= "\n\t\t\t\t\t".'</th>';
687
- $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
688
- $cur_version = wfu_get_plugin_version();
689
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">'.$cur_version.'</label>';
690
- $echo_str .= "\n\t\t\t\t\t".'</td>';
691
- $echo_str .= "\n\t\t\t\t\t".'<td>';
692
- $lat_version = wfu_get_latest_version();
693
- $ret = wfu_compare_versions($cur_version, $lat_version);
694
- if ( $lat_version == "" && WFU_VAR("WFU_DISABLE_VERSION_CHECK") != "true" ) {
695
- $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:transparent; padding:0 0 0 4px; color:red;">';
696
- $echo_str .= "\n\t\t\t\t\t\t\t".'<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 200 800" version="1.1" style="background:transparent; border-radius:13px; padding:2px; vertical-align:middle; border: 2px solid red; fill:red;"><path d="M 110,567 L 90,567 L 42,132 C 40,114 40,100 40,90 C 40,70 45,49 56,35 C 70,22 83,15 100,15 C 117,15 130,22 144,35 C 155,49 160,70 160,90 C 160,100 160,114 158,132 z M 100,640 A 60,60 0 1,1 100,760 A 60,60 0 1,1 100,640 z"/></svg>';
697
- $warning_text = preg_replace("/:(\w+):/", '<a target="_blank" href="'.WFU_IPTANUS_SERVER_UNREACHABLE_ARTICLE.'" title="Iptanus Services Server Unreachable Error of WFU Plugin">$1</a>', WFU_WARNING_IPTANUS_SERVER_UNREACHABLE);
698
- $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">'.$warning_text.'</label>';
699
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
700
- }
701
- elseif ( $ret['status'] && $ret['result'] == 'lower' ) {
702
- $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:bisque; padding:0 0 0 4px; border-left:3px solid lightcoral;">';
703
- $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">Version <strong>'.$lat_version.'</strong> of the plugin is available. Go to Plugins page of your Dashboard to update to the latest version.</label>';
704
- if ( $ret['custom'] ) $echo_str .= '<label style="cursor:default; color: purple;"> <em>Please note that you are using a custom version of the plugin. If you upgrade to the newest version, custom changes will be lost.</em></label>';
705
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
706
- }
707
- elseif ( $ret['status'] && $ret['result'] == 'equal' ) {
708
- $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:rgb(220,255,220); padding:0 0 0 4px; border-left:3px solid limegreen;">';
709
- $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">You have the latest version.</label>';
710
- if ( $ret['custom'] ) $echo_str .= '<label style="cursor:default; color: purple;"> <em>(Please note that your version is custom)</em></label>';
711
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
712
- }
713
- $echo_str .= "\n\t\t\t\t\t".'</td>';
714
- $echo_str .= "\n\t\t\t\t".'</tr>';
715
- //server environment
716
- $php_env = wfu_get_server_environment();
717
- $echo_str .= "\n\t\t\t\t".'<tr>';
718
- $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
719
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Server Environment</label>';
720
- $echo_str .= "\n\t\t\t\t\t".'</th>';
721
- $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
722
- if ( $php_env == '64bit' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">64bit</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(Your server supports files up to 1 Exabyte, practically unlimited)</label>';
723
- if ( $php_env == '32bit' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">32bit</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(Your server does not support files larger than 2GB)</label>';
724
- if ( $php_env == '' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">Unknown</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(The maximum file size supported by the server cannot be determined)</label>';
725
- $echo_str .= "\n\t\t\t\t\t".'</td>';
726
- $echo_str .= "\n\t\t\t\t".'</tr>';
727
- $echo_str .= "\n\t\t\t\t".'<tr>';
728
- $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
729
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">PHP Version</label>';
730
- $echo_str .= "\n\t\t\t\t\t".'</th>';
731
- $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
732
- $cur_version = wfu_get_plugin_version();
733
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">'.$php_version.'</label>';
734
- $echo_str .= "\n\t\t\t\t\t".'</td>';
735
- $echo_str .= "\n\t\t\t\t\t".'<td>';
736
- $echo_str .= "\n\t\t\t\t\t".'</td>';
737
- $echo_str .= "\n\t\t\t\t".'</tr>';
738
- $echo_str .= "\n\t\t\t\t".'<tr>';
739
- $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
740
- $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Release Notes</label>';
741
- $echo_str .= "\n\t\t\t\t\t".'</th>';
742
- $echo_str .= "\n\t\t\t\t\t".'<td colspan="2" style="width:100px;">';
743
- $rel_path = ABSWPFILEUPLOAD_DIR.'release_notes.txt';
744
- $rel_notes = '';
745
- if ( file_exists($rel_path) ) $rel_notes = file_get_contents($rel_path);
746
- $echo_str .= "\n\t\t\t\t\t\t".'<div style="text-align:justify;">'.$rel_notes.'</div>';
747
- $echo_str .= "\n\t\t\t\t\t".'</td>';
748
- $echo_str .= "\n\t\t\t\t".'</tr>';
749
- $echo_str .= "\n\t\t\t".'</tbody>';
750
- $echo_str .= "\n\t\t".'</table>';
751
-
752
- $echo_str .= wfu_manage_instances();
753
-
754
- $echo_str .= "\n\t".'</div>';
755
- $echo_str .= "\n".'</div>';
756
-
757
- return $echo_str;
758
- }
759
-
760
- /**
761
- * Default Dashboard Page for Non-Admin Users.
762
- *
763
- * This function displays the plugin's default Dashboard page for non-admin
764
- * users who can edit pages or posts.
765
- *
766
- * @since 4.11.0
767
- *
768
- * @param string $message Optional. A message to display on top when showing
769
- * the default Dashboard page of the plugin for non-admin users.
770
- *
771
- * @return string The HTML output of the plugin's default Dashboard page.
772
- */
773
- function wfu_manage_mainmenu_editor($message = '') {
774
- if ( !current_user_can( 'edit_pages' ) && !current_user_can( 'edit_posts' ) ) return;
775
-
776
- $echo_str = '<div class="wrap wfumain">';
777
- $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
778
- if ( $message != '' ) {
779
- $echo_str .= "\n\t".'<div class="updated">';
780
- $echo_str .= "\n\t\t".'<p>'.$message.'</p>';
781
- $echo_str .= "\n\t".'</div>';
782
- }
783
- $echo_str .= "\n\t".'<div style="margin-top:20px;">';
784
- $echo_str .= "\n\t\t".'<h3 style="margin-bottom: 10px;">This menu item exists to show the plugin\'s shortcode composer when editing pages or posts.</h3>';
785
- $echo_str .= "\n\t".'</div>';
786
- $echo_str .= "\n".'</div>';
787
-
788
- return $echo_str;
789
- }
790
-
791
- /**
792
- * Main Dashboard Page Tabs.
793
- *
794
- * This function generates the tabs of the plugin's main area in Dashboard.
795
- *
796
- * @since 3.6.0
797
- *
798
- * @redeclarable
799
- *
800
- * @param string $dlp Identation string before the beginning of each HTML line.
801
- * @param string $active The name of the tab that it is active.
802
- *
803
- * @return string The HTML output of the tabs.
804
- */
805
- function wfu_generate_dashboard_menu($dlp, $active) {
806
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
807
- $siteurl = site_url();
808
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
809
-
810
- $echo_str = $dlp.'<h2 class="nav-tab-wrapper" style="margin-bottom:40px;">';
811
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload" class="nav-tab'.( $active == "Main" ? ' nav-tab-active' : '' ).'" title="Main">Main</a>';
812
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=plugin_settings" class="nav-tab'.( $active == "Settings" ? ' nav-tab-active' : '' ).'" title="Settings">Settings</a>';
813
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=file_browser" class="nav-tab'.( $active == "File Browser" ? ' nav-tab-active' : '' ).'" title="File browser">File Browser</a>';
814
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=view_log" class="nav-tab'.( $active == "View Log" ? ' nav-tab-active' : '' ).'" title="View log">View Log</a>';
815
- if ( $plugin_options["personaldata"] == "1" )
816
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=personal_data" class="nav-tab'.( $active == "Personal Data" ? ' nav-tab-active' : '' ).'" title="Personal Data">Personal Data</a>';
817
- $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=maintenance_actions" class="nav-tab'.( $active == "Maintenance Actions" ? ' nav-tab-active' : '' ).'" title="Maintenance Actions">Maintenance Actions</a>';
818
- $echo_str .= $dlp.'</h2>';
819
-
820
- return $echo_str;
821
- }
822
-
823
- /**
824
- * Generate List of Posts in Tree Order.
825
- *
826
- * This function converts a flat array of posts into a tree structure, where an
827
- * individual item of the returned array may contain a nested array of children.
828
- * Items of the same parent and level are sorted by post status (publish,
829
- * private, draft) and then by title.
830
- *
831
- * @since 2.7.6
832
- *
833
- * @param array $posts The initial flat array of posts.
834
- *
835
- * @return array The returned list of posts in tree order.
836
- */
837
- function wfu_construct_post_list($posts) {
838
- $ids = array();
839
- $list = array();
840
- $id_keys = array();
841
- //construct item indices
842
- foreach ( $posts as $key => $post ) {
843
- if ( !array_key_exists($post->post_type, $ids) ) {
844
- $ids[$post->post_type] = array();
845
- $list[$post->post_type] = array();
846
- }
847
- array_push($ids[$post->post_type], $post->ID);
848
- $id_keys[$post->ID] = $key;
849
- }
850
- //create post list in tree order; items are sorted by post status (publish,
851
- //private, draft) and then by title
852
- $i = 0;
853
- while ( $i < count($posts) ) {
854
- $post = $posts[$i];
855
- //find topmost element in family tree
856
- $tree = array( $post->ID );
857
- $topmost = $post;
858
- $par_id = $topmost->post_parent;
859
- while ( in_array($par_id, $ids[$post->post_type]) ) {
860
- $topmost = $posts[$id_keys[$par_id]];
861
- array_splice($tree, 0, 0, $par_id);
862
- $par_id = $topmost->post_parent;
863
- }
864
- //find which needs to be processed
865
- $level = 0;
866
- $host = &$list[$post->post_type];
867
- foreach ( $tree as $process_id ) {
868
- $found_key = -1;
869
- foreach ( $host as $key => $item )
870
- if ( $item['id'] == $process_id ) {
871
- $found_key = $key;
872
- break;
873
- }
874
- if ( $found_key == -1 ) break;
875
- $level++;
876
- $host = &$host[$found_key]['children'];
877
- }
878
- if ( $found_key == -1 ) {
879
- $processed = $posts[$id_keys[$process_id]];
880
- //add the processed item in the right position in children's list
881
- $pos = 0;
882
- $status = ( $processed->post_status == 'publish' ? 0 : ( $processed->post_status == 'private' ? 1 : 2 ) );
883
- foreach ($host as $item) {
884
- if ( $status < $item['status'] ) break;
885
- if ( $status == $item['status'] && strcmp($processed->post_title, $item['title']) < 0 ) break;
886
- $pos++;
887
- }
888
- $new_item = array(
889
- 'id' => $process_id,
890
- 'title' => $processed->post_title,
891
- 'status' => $status,
892
- 'level' => $level,
893
- 'children' => array()
894
- );
895
- array_splice($host, $pos, 0, array($new_item));
896
- }
897
- //advance index if we have finished processing all the tree
898
- if ( $process_id == $post->ID ) $i++;
899
- }
900
- return $list;
901
- }
902
-
903
- /**
904
- * Flatten Tree List of Posts.
905
- *
906
- * This function converts a list that contains posts in tree order into a flat
907
- * list (array) of posts.
908
- *
909
- * @since 2.7.6
910
- *
911
- * @param array $list The initial tree list of posts.
912
- *
913
- * @return array The returned flat list of posts.
914
- */
915
- function wfu_flatten_post_list($list) {
916
- $flat = array();
917
- if ( !is_array($list) ) return $flat;
918
- foreach( $list as $item ) {
919
- $flat_item = array(
920
- 'id' => $item['id'],
921
- 'title' => $item['title'],
922
- 'status' => $item['status'],
923
- 'level' => $item['level']
924
- );
925
- array_push($flat, $flat_item);
926
- $flat = array_merge($flat, wfu_flatten_post_list($item['children']));
927
- }
928
- return $flat;
929
- }
930
-
931
- /**
932
- * Generate List of Instances of All Plugin' Shortcodes.
933
- *
934
- * This function generates a tabular list of all instances of all plugin's
935
- * shortcodes.
936
- *
937
- * @since 2.5.2
938
- *
939
- * @return string The HTML code of the list of instances of all the shortcodes.
940
- */
941
- function wfu_manage_instances() {
942
- $echo_str = wfu_manage_instances_of_shortcode('wordpress_file_upload', 'Uploader Instances', 'uploader', 1);
943
-
944
- return $echo_str;
945
- }
946
-
947
- /**
948
- * Generate List of Instances of A Plugin' Shortcode.
949
- *
950
- * This function generates a tabular list of all instances of a plugin's
951
- * shortcode.
952
- *
953
- * @since 3.1.0
954
- *
955
- * @param string $tag The shortcode tag.
956
- * @param string $title The title of the list
957
- * @param string $slug A slug of the shortcode.
958
- * @param integer $inc The increment number of this list of instances.
959
- *
960
- * @return string The HTML code of the list of instances of the shortcode.
961
- */
962
- function wfu_manage_instances_of_shortcode($tag, $title, $slug, $inc) {
963
- global $wp_registered_widgets, $wp_registered_sidebars;
964
-
965
- $siteurl = site_url();
966
- $args = array( 'post_type' => array( "post", "page" ), 'post_status' => "publish,private,draft", 'posts_per_page' => -1 );
967
- /**
968
- * Filter Arguments for Getting List of Posts.
969
- *
970
- * This filter allows to customize the arguments passed to get_posts()
971
- * function to get a list of posts. By default the plugin will get a list of
972
- * all posts and pages. If the website contains too many posts this
973
- * operation may take time and delay loading of the page. So this filter can
974
- * be used to optimize this operation.
975
- *
976
- * @since 4.0.0
977
- *
978
- * @param array $args Arguments to retrieve posts.
979
- * @param string $operation A parameter designating in which operation this
980
- * filter is used.
981
- */
982
- $args = apply_filters("_wfu_get_posts", $args, "manage_instances");
983
- $posts = get_posts($args);
984
- $wfu_shortcodes = array();
985
- //get shortcode instances from page/posts
986
- foreach ( $posts as $post ) {
987
- $ret = wfu_get_content_shortcodes($post, $tag);
988
- if ( $ret !== false ) $wfu_shortcodes = array_merge($wfu_shortcodes, $ret);
989
- }
990
- //get shortcode instances from sidebars
991
- $data = array();
992
- $widget_base = $tag.'_widget';
993
- if ( is_array($wp_registered_widgets) ) {
994
- foreach ( $wp_registered_widgets as $id => $widget ) {
995
- if ( substr($id, 0, strlen($widget_base)) == $widget_base ) {
996
- $widget_obj = ( isset($widget['callback']) ? ( isset($widget['callback'][0]) ? ( $widget['callback'][0] instanceof WP_Widget ? $widget['callback'][0] : false ) : false ) : false );
997
- $widget_sidebar = is_active_widget(false, $id, $widget_base);
998
- if ( $widget_obj !== false && $widget_sidebar !== false ) {
999
- if ( isset($wp_registered_sidebars[$widget_sidebar]) && isset($wp_registered_sidebars[$widget_sidebar]['name']) ) $widget_sidebar = $wp_registered_sidebars[$widget_sidebar]['name'];
1000
- $data['post_id'] = "";
1001
- $data['post_hash'] = "";
1002
- $data['shortcode'] = $widget_obj->shortcode();
1003
- $data['position'] = 0;
1004
- $data['widgetid'] = $id;
1005
- $data['sidebar'] = $widget_sidebar;
1006
- array_push($wfu_shortcodes, $data);
1007
- }
1008
- }
1009
- }
1010
- }
1011
-
1012
- $list = wfu_construct_post_list($posts);
1013
- $pagelist = wfu_flatten_post_list($list["page"]);
1014
- $postlist = wfu_flatten_post_list($list["post"]);
1015
-
1016
- $echo_str = "\n\t\t".'<h3 style="margin-bottom: 10px; margin-top: 40px;">'.$title.'</h3>';
1017
- $onchange_js = 'document.getElementById(\'wfu_add_plugin_ok_'.$inc.'\').disabled = !((document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'page\' && document.getElementById(\'wfu_page_list_'.$inc.'\').value != \'\') || (document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'post\' && document.getElementById(\'wfu_post_list_'.$inc.'\').value != \'\'));';
1018
- $no_shortcodes = ( count($wfu_shortcodes) == 0 );
1019
- $echo_str .= "\n\t\t".'<div id="wfu_add_plugin_button_'.$inc.'" style="'. ( !$no_shortcodes ? '' : 'color:blue; font-weight:bold; font-size:larger;' ).'margin-bottom: 20px; margin-top: 10px;">';
1020
- $addbutton_pre = ( !$no_shortcodes ? '' : '<label>Press </label>');
1021
- $addbutton_post = ( !$no_shortcodes ? '' : '<label> to get started and add the '.$slug.' in a page</label>');
1022
- $echo_str .= "\n\t\t\t".$addbutton_pre.'<button onclick="document.getElementById(\'wfu_add_plugin_button_'.$inc.'\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_'.$inc.'\').style.display = \'inline-block\'; '.$onchange_js.'">'.( !$no_shortcodes ? 'Add Plugin Instance' : 'here' ).'</button>'.$addbutton_post;
1023
- $echo_str .= "\n\t\t".'</div>';
1024
- $echo_str .= "\n\t\t".'<div id="wfu_add_plugin_'.$inc.'" style="margin-bottom: 20px; margin-top: 10px; position:relative; display:none;">';
1025
- $echo_str .= "\n\t\t\t".'<div id="wfu_add_plugin_'.$inc.'_overlay" style="position:absolute; top:0; left:0; width:100%; height:100%; background-color:rgba(255,255,255,0.8); border:none; display:none;">';
1026
- $echo_str .= "\n\t\t\t\t".'<table style="background:none; border:none; margin:0; padding:0; line-height:1; border-spacing:0; width:100%; height:100%; table-layout:fixed;"><tbody><tr><td style="text-align:center; vertical-align:middle;"><div style="display:inline-block;"><span class="spinner" style="opacity:1; float:left; margin:0; display:inline;"></span><label style="margin-left:4px;">please wait...</label></div></td></tr></tbody></table>';
1027
- $echo_str .= "\n\t\t\t".'</div>';
1028
- $echo_str .= "\n\t\t\t".'<label>Add '.$slug.' to </label><select id="wfu_page_type_'.$inc.'" onchange="document.getElementById(\'wfu_page_list_'.$inc.'\').style.display = (this.value == \'page\' ? \'inline-block\' : \'none\'); document.getElementById(\'wfu_post_list_'.$inc.'\').style.display = (this.value == \'post\' ? \'inline-block\' : \'none\'); '.$onchange_js.'"><option value="page" selected="selected">Page</option><option value="post">Post</option></select>';
1029
- $echo_str .= "\n\t\t\t".'<select id="wfu_page_list_'.$inc.'" style="margin-bottom:6px;" onchange="'.$onchange_js.'">';
1030
- $echo_str .= "\n\t\t\t\t".'<option value=""></option>';
1031
- foreach ( $pagelist as $item )
1032
- $echo_str .= "\n\t\t\t\t".'<option value="'.$item['id'].'">'.str_repeat('&nbsp;', 4 * $item['level']).( $item['status'] == 1 ? '[Private]' : ( $item['status'] == 2 ? '[Draft]' : '' ) ).$item['title'].'</option>';
1033
- $echo_str .= "\n\t\t\t".'</select>';
1034
- $echo_str .= "\n\t\t\t".'<select id="wfu_post_list_'.$inc.'" style="display:none; margin-bottom:6px;" onchange="'.$onchange_js.'">';
1035
- $echo_str .= "\n\t\t\t\t".'<option value=""></option>';
1036
- foreach ( $postlist as $item )
1037
- $echo_str .= "\n\t\t\t\t".'<option value="'.$item['id'].'">'.str_repeat('&nbsp;', 4 * $item['level']).( $item['status'] == 1 ? '[Private]' : ( $item['status'] == 2 ? '[Draft]' : '' ) ).$item['title'].'</option>';
1038
- $echo_str .= "\n\t\t\t".'</select><br />';
1039
- $add_shortcode_ticket = wfu_create_random_string(16);
1040
- WFU_USVAR_store('wfu_add_shortcode_ticket_for_'.$tag, $add_shortcode_ticket);
1041
- $echo_str .= "\n\t\t".'<button id="wfu_add_plugin_ok_'.$inc.'" style="float:right; margin: 0 2px 0 4px;" disabled="disabled" onclick="document.getElementById(\'wfu_add_plugin_'.$inc.'_overlay\').style.display = \'block\'; window.location = \''.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=add_shortcode&amp;tag='.$tag.'&amp;postid=\' + (document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'page\' ? document.getElementById(\'wfu_page_list_'.$inc.'\').value : document.getElementById(\'wfu_post_list_'.$inc.'\').value) + \'&amp;nonce='.$add_shortcode_ticket.'\';">Ok</button>';
1042
- $echo_str .= "\n\t\t".'<button style="float:right;" onclick="document.getElementById(\'wfu_page_type_'.$inc.'\').value = \'page\'; document.getElementById(\'wfu_page_list_'.$inc.'\').value = \'\'; document.getElementById(\'wfu_post_list_'.$inc.'\').value = \'\'; document.getElementById(\'wfu_add_plugin_'.$inc.'\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_button_'.$inc.'\').style.display = \'inline-block\';">Cancel</button>';
1043
- $echo_str .= "\n\t\t".'</div>';
1044
- $echo_str .= "\n\t\t".'<table class="wp-list-table widefat fixed striped">';
1045
- $echo_str .= "\n\t\t\t".'<thead>';
1046
- $echo_str .= "\n\t\t\t\t".'<tr>';
1047
- $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="5%" class="manage-column column-primary">';
1048
- $echo_str .= "\n\t\t\t\t\t\t".'<label>ID</label>';
1049
- $echo_str .= "\n\t\t\t\t\t".'</th>';
1050
- // $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="10%" style="text-align:center;">';
1051
- // $echo_str .= "\n\t\t\t\t\t\t".'<label>ID</label>';
1052
- // $echo_str .= "\n\t\t\t\t\t".'</th>';
1053
- $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="10%" class="manage-column">';
1054
- $echo_str .= "\n\t\t\t\t\t\t".'<label>Contained In</label>';
1055
- $echo_str .= "\n\t\t\t\t\t".'</th>';
1056
- $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="30%" class="manage-column">';
1057
- $echo_str .= "\n\t\t\t\t\t\t".'<label>Page/Post Title</label>';
1058
- $echo_str .= "\n\t\t\t\t\t".'</th>';
1059
- $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="45%" class="manage-column">';
1060
- $echo_str .= "\n\t\t\t\t\t\t".'<label>Shortcode</label>';
1061
- $echo_str .= "\n\t\t\t\t\t".'</th>';
1062
- $echo_str .= "\n\t\t\t\t".'</tr>';
1063
- $echo_str .= "\n\t\t\t".'</thead>';
1064
- $echo_str .= "\n\t\t\t".'<tbody>';
1065
- $i = 1;
1066
- foreach ( $wfu_shortcodes as $key => $data ) {
1067
- $widget_id = ( isset($data['widgetid']) ? $data['widgetid'] : '' );
1068
- if ( $widget_id == "" ) {
1069
- $id = $data['post_id'];
1070
- $posttype_obj = get_post_type_object(get_post_type($id));
1071
- $type = ( $posttype_obj ? $posttype_obj->labels->singular_name : "" );
1072
- $title = get_the_title($id);
1073
- if ( trim($title) == "" ) $title = 'ID: '.$id;
1074
- }
1075
- else {
1076
- $type = 'Sidebar';
1077
- $title = $data['sidebar'];
1078
- }
1079
- $data_enc = wfu_safe_store_shortcode_data(wfu_encode_array_to_string($data));
1080
- $echo_str .= "\n\t\t\t\t".'<tr onmouseover="var actions=document.getElementsByName(\'wfu_shortcode_actions_'.$inc.'\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';} document.getElementById(\'wfu_shortcode_actions_'.$inc.'_'.$i.'\').style.visibility=\'visible\'" onmouseout="var actions=document.getElementsByName(\'wfu_shortcode_actions_'.$inc.'\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';}">';
1081
- $echo_str .= "\n\t\t\t\t\t".'<td class="column-primary" data-colname="ID">';
1082
- $echo_str .= "\n\t\t\t\t\t\t".'<a class="row-title" href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag='.$tag.'&data='.$data_enc.'&referer=dashboard" title="Instance #'.$i.'">Instance '.$i.'</a>';
1083
- $echo_str .= "\n\t\t\t\t\t\t".'<div id="wfu_shortcode_actions_'.$inc.'_'.$i.'" name="wfu_shortcode_actions_'.$inc.'" style="visibility:hidden;">';
1084
- $echo_str .= "\n\t\t\t\t\t\t\t".'<span>';
1085
- $echo_str .= "\n\t\t\t\t\t\t\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag='.$tag.'&data='.$data_enc.'&referer=dashboard" title="Edit this shortcode">Edit</a>';
1086
- $echo_str .= "\n\t\t\t\t\t\t\t\t".' | ';
1087
- $echo_str .= "\n\t\t\t\t\t\t\t".'</span>';
1088
- $echo_str .= "\n\t\t\t\t\t\t\t".'<span>';
1089
- $echo_str .= "\n\t\t\t\t\t\t\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=delete_shortcode&data='.$data_enc.'" title="Delete this shortcode">Delete</a>';
1090
- $echo_str .= "\n\t\t\t\t\t\t\t".'</span>';
1091
- $echo_str .= "\n\t\t\t\t\t\t".'</div>';
1092
- $echo_str .= "\n\t\t\t\t\t\t".'<button type="button" class="toggle-row"><span class="screen-reader-text">Show more details</span></button>';
1093
- $echo_str .= "\n\t\t\t\t\t".'</td>';
1094
- // $echo_str .= "\n\t\t\t\t\t".'<td style="padding: 5px 5px 5px 10px; text-align:center;">'.$id.'</td>';
1095
- $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Contained In">'.$type.'</td>';
1096
- $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Page/Post Title">'.$title.'</td>';
1097
- $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Shortcode">';
1098
- $echo_str .= "\n\t\t\t\t\t\t".'<textarea rows="3" disabled="disabled" style="width:100%;">'.trim($data['shortcode']).'</textarea>';
1099
- $echo_str .= "\n\t\t\t\t\t".'</td>';
1100
- $echo_str .= "\n\t\t\t\t".'</tr>';
1101
- $i++;
1102
- }
1103
- $echo_str .= "\n\t\t\t".'</tbody>';
1104
- $echo_str .= "\n\t\t".'</table>';
1105
-
1106
- return $echo_str;
1107
- }
1108
-
1109
- /**
1110
- * Get Shortcodes Contained In A Post.
1111
- *
1112
- * This function returns an array of shortcodes contained inside a post.
1113
- *
1114
- * @since 2.5.4
1115
- *
1116
- * @param object $post The post to check for shortcodes.
1117
- * @param string $tag The shortcode tag to look for.
1118
- *
1119
- * @return array An array of shortcodes contained inside the post.
1120
- */
1121
- function wfu_get_content_shortcodes($post, $tag) {
1122
- global $shortcode_tags;
1123
- $found_shortcodes = array();
1124
- $content = $post->post_content;
1125
- if ( false === strpos( $content, '[' ) ) return false;
1126
- $hash = hash('md5', $content);
1127
-
1128
- if ( array_key_exists( $tag, $shortcode_tags ) ) wfu_match_shortcode_nested($tag, $post, $hash, $content, 0, $found_shortcodes);
1129
-
1130
- if ( count($found_shortcodes) == 0 ) return false;
1131
- return $found_shortcodes;
1132
- }
1133
-
1134
- /**
1135
- * Match Shortcodes.
1136
- *
1137
- * This function matches all shortcodes inside post contents. It performs
1138
- * matching recursively in order to identify shortcodes contained in other
1139
- * shortcodes.
1140
- *
1141
- * @since 2.7.6
1142
- *
1143
- * @param string $tag The shortcode tag to look for.
1144
- * @param object $post The post to check for shortcodes.
1145
- * @param string $hash A unique hash representing the current contents of the
1146
- * post.
1147
- * @param string $content The content where to look for shortcodes.
1148
- * @param integer $position The starting position of content.
1149
- * @param array $found_shortcodes An array of already found shortcodes that must
1150
- * be filled by additional shortcodes found from this function.
1151
- */
1152
- function wfu_match_shortcode_nested($tag, $post, $hash, $content, $position, &$found_shortcodes) {
1153
- if ( false === strpos( $content, '[' ) ) return false;
1154
- preg_match_all( '/' . get_shortcode_regex() . '/s', $content, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE );
1155
- if ( empty( $matches ) ) return false;
1156
- foreach ( $matches as $shortcode ) {
1157
- if ( $tag === $shortcode[2][0] ) {
1158
- $data['post_id'] = $post->ID;
1159
- $data['post_hash'] = $hash;
1160
- $data['shortcode'] = $shortcode[0][0];
1161
- $data['position'] = (int)$shortcode[0][1] + (int)$position;
1162
- array_push($found_shortcodes, $data);
1163
- }
1164
- wfu_match_shortcode_nested($tag, $post, $hash, $shortcode[5][0], $shortcode[5][1] + (int)$position, $found_shortcodes);
1165
- }
1166
- return false;
1167
- }
1168
-
1169
- /**
1170
- * Check Whether Shortcode Can Be Edited.
1171
- *
1172
- * This function checks whether the shortcode submitted for editing can actually
1173
- * be edited. It checks whether the hash of the post, where the shortcode is
1174
- * contained, is the same with the one stored in the shortcode data. If it is
1175
- * not, then this means that the page contents have changed, so the shortcode
1176
- * cannot be edited and the user will have to reload the page before editing the
1177
- * shortcode.
1178
- *
1179
- * @since 2.6.0
1180
- *
1181
- * @param array $data The shortcode data to check.
1182
- *
1183
- * @return bool True if the shortcode can be edited, false otherwise.
1184
- */
1185
- function wfu_check_edit_shortcode($data) {
1186
- $post = get_post($data['post_id']);
1187
- $content = $post->post_content;
1188
- $hash = hash('md5', $content);
1189
-
1190
- return ( $hash == $data['post_hash'] );
1191
- }
1192
-
1193
- /**
1194
- * Add Shortcode Inside Post.
1195
- *
1196
- * This function adds a shortcode at the beginning of post's contents.
1197
- *
1198
- * @since 2.7.6
1199
- *
1200
- * @param integer $postid The post ID where to add the shortcode.
1201
- * $param string $tag The shortcode tag to add in post.
1202
- *
1203
- * @return bool True if the shortcode was added successfully inside the post,
1204
- * false otherwise.
1205
- */
1206
- function wfu_add_shortcode($postid, $tag) {
1207
- $post = get_post($postid);
1208
- $new_content = '['.$tag.']'.$post->post_content;
1209
- $new_post = array( 'ID' => $postid, 'post_content' => $new_content );
1210
- return ( wp_update_post( wfu_slash($new_post) ) === 0 ? false : true );
1211
- }
1212
-
1213
- /**
1214
- * Replace Shortcode Inside Post.
1215
- *
1216
- * This function replaces a shortcode inside post's contents.
1217
- *
1218
- * @since 2.6.0
1219
- *
1220
- * @param array $data {
1221
- * Contains information about the shortcode.
1222
- *
1223
- * $type integer $post_id The ID of the post that contains the shortcode.
1224
- * $type string $post_hash A hash that represents the current post contents.
1225
- * $type string $shortcode The shortcode string to be replaced.
1226
- * $type integer $position The position of the shortcode inside post's
1227
- * contents.
1228
- * }
1229
- * $param string $new_shortcode The new shortcode.
1230
- *
1231
- * @return bool True if the shortcode was replaced successfully, false
1232
- * otherwise.
1233
- */
1234
- function wfu_replace_shortcode($data, $new_shortcode) {
1235
- $post = get_post($data['post_id']);
1236
- $new_content = substr($post->post_content, 0, $data['position']).$new_shortcode.substr($post->post_content, (int)$data['position'] + strlen($data['shortcode']));
1237
- $new_post = array( 'ID' => $data['post_id'], 'post_content' => $new_content );
1238
- return ( wp_update_post( wfu_slash($new_post) ) === 0 ? false : true );
1239
- }
1240
-
1241
- /**
1242
- * Generate Page for Confirmation of Deletion of Shortcode.
1243
- *
1244
- * This function generates the HTML code of the page to ask from the user to
1245
- * confirm deletion of the selected shortcode.
1246
- *
1247
- * @since 2.7.0
1248
- *
1249
- * $param string $data_enc Code that represents the shortcode data stored in
1250
- * safe.
1251
- *
1252
- * @return string The HTML code of the deletion confirmation page.
1253
- */
1254
- function wfu_delete_shortcode_prompt($data_enc) {
1255
- $siteurl = site_url();
1256
- $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
1257
- $postid = $data['post_id'];
1258
- $echo_str = "\n".'<div class="wrap">';
1259
- $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
1260
- $echo_str .= "\n\t".'<div style="margin-top:20px;">';
1261
- $echo_str .= "\n\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=manage_mainmenu" class="button" title="go back">Go to Main Menu</a>';
1262
- $echo_str .= "\n\t".'</div>';
1263
- $echo_str .= "\n\t".'<h2 style="margin-bottom: 10px; margin-top: 20px;">Delete Shortcode</h2>';
1264
- $echo_str .= "\n\t".'<form enctype="multipart/form-data" name="deletefile" id="deleteshortcode" method="post" action="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload" class="validate">';
1265
- $echo_str .= "\n\t\t".'<input type="hidden" name="action" value="deleteshortcode">';
1266
- $echo_str .= "\n\t\t".'<input type="hidden" name="data" value="'.$data_enc.'">';
1267
- $echo_str .= "\n\t\t".'<label>Are you sure that you want to delete shortcode for <strong>'.get_post_type($postid).' "'.get_the_title($postid).'" ('.$postid.') Position '.$data['position'].'</strong> ?</label><br/>';
1268
- $echo_str .= "\n\t\t".'<p class="submit">';
1269
- $echo_str .= "\n\t\t\t".'<input type="submit" class="button-primary" name="submit" value="Delete">';
1270
- $echo_str .= "\n\t\t\t".'<input type="submit" class="button-primary" name="submit" value="Cancel">';
1271
- $echo_str .= "\n\t\t".'</p>';
1272
- $echo_str .= "\n\t".'</form>';
1273
- $echo_str .= "\n".'</div>';
1274
- return $echo_str;
1275
- }
1276
-
1277
- /**
1278
- * Deletion Shortcode.
1279
- *
1280
- * This function deletes a shortcode from page contents.
1281
- *
1282
- * @since 2.7.0
1283
- *
1284
- * $param array $data Code that represents the shortcode data stored in
1285
- * safe. See {@see wfu_replace_shortcode()} for a list of supported
1286
- * arguments.
1287
- *
1288
- * @return bool True if deletion succeeded, false otherwise.
1289
- */
1290
- function wfu_delete_shortcode($data) {
1291
- //check if user is allowed to perform this action
1292
- if ( !current_user_can( 'manage_options' ) ) return false;
1293
-
1294
- $res = true;
1295
- if ( isset($_POST['submit']) ) {
1296
- if ( $_POST['submit'] == "Delete" ) {
1297
- $res = wfu_replace_shortcode($data, '');
1298
- }
1299
- }
1300
- return $res;
1301
- }
1302
-
1303
- /**
1304
- * Add Custom Properties to Media Editor.
1305
- *
1306
- * When "Show Custom Fields in Media Library" option in plugin's Settings is
1307
- * true then Media Library attachments created by uploaded files will contain
1308
- * custom fields corresponding to the uploaded files' userdata (if any). This
1309
- * function shows these custom fields when editing the Media Library attachment.
1310
- *
1311
- * @since 3.7.2
1312
- *
1313
- * @redeclarable
1314
- */
1315
- function wfu_media_editor_properties() {
1316
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
1317
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
1318
- if ( $plugin_options["mediacustom"] != "1" ) return;
1319
-
1320
- $post = get_post();
1321
- $meta = wp_get_attachment_metadata( $post->ID );
1322
-
1323
- $echo_str = "";
1324
- if ( isset($meta["WFU User Data"]) && is_array($meta["WFU User Data"]) ) {
1325
- foreach ( $meta["WFU User Data"] as $label => $value )
1326
- $echo_str .= '<div class="misc-pub-section misc-pub-userdata">'.$label.': <strong>'.$value.'</strong></div>';
1327
- }
1328
- echo $echo_str;
1329
- }
1330
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1331
  ?>
1
+ <?php
2
+
3
+ /**
4
+ * Initialize Dashboard Area of Plugin
5
+ *
6
+ * This file initializes the Dashboard area of the plugin; it registers the
7
+ * Dashboard menu pages and processes Dashboard requests.
8
+ *
9
+ * @link /lib/wfu_admin.php
10
+ *
11
+ * @package WordPress File Upload Plugin
12
+ * @subpackage Core Components
13
+ * @since 2.1.2
14
+ */
15
+
16
+ /**
17
+ * Register Dashboard Styles and Scripts.
18
+ *
19
+ * This function registers styles and scripts for Dashboard area.
20
+ *
21
+ * @since 2.4.6
22
+ */
23
+ function wordpress_file_upload_admin_init() {
24
+ $uri = $_SERVER['REQUEST_URI'];
25
+ $is_admin = current_user_can( 'manage_options' );
26
+ $can_edit_posts = ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) );
27
+ $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && $can_edit_posts );
28
+ if ( is_admin() && ( ( $is_admin && strpos($uri, "options-general.php") !== false ) ) ||
29
+ //conditional that will register scripts for non-admin users who can
30
+ //edit posts or pages so that they can open the shortcode composer
31
+ ( is_admin() && $can_open_composer && strpos($uri, "admin.php") !== false ) ) {
32
+ //apply wfu_before_admin_scripts to get additional settings
33
+ $changable_data = array();
34
+ /**
35
+ * Execute Custom Actions Before Loading Admin Scripts.
36
+ *
37
+ * This filter allows to execute custom actions before scripts and
38
+ * styles of the plugin's main Dashboard area are loaded. Loading of
39
+ * plugin's scripts and styles can be completely customised.
40
+ *
41
+ * @since 4.1.0
42
+ *
43
+ * @param array $changable_data {
44
+ * Controls loading of frontpage scripts.
45
+ *
46
+ * @type mixed $return_value Optional. If it is set then no
47
+ * frontpage scripts will be loaded.
48
+ * @type string $correct_NextGenGallery_incompatibility Optional. If
49
+ * it is set to "true" then JQuery UI styles will not be
50
+ * loaded in order to avoid incompatibility with NextGEN
51
+ * Gallery plugin.
52
+ * @type string $correct_JQueryUI_incompatibility Optional. If it is
53
+ * set to "true" then JQuery UI styles will not be loaded
54
+ * (same as previous parameter).
55
+ * @type string $exclude_datepicker Optional. If it is set to "true"
56
+ * then jQuery datepicker styles and scripts will not be
57
+ * loaded.
58
+ * }
59
+ */
60
+ $ret_data = apply_filters('wfu_before_admin_scripts', $changable_data);
61
+ //if $ret_data contains 'return_value' key then no scripts will be
62
+ //registered
63
+ if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
64
+ //continue with script and style registering
65
+ wp_register_style('wordpress-file-upload-admin-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminstyle.css',false,'1.0','all');
66
+ wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
67
+ //do not register JQuery UI css if $ret_data denotes incompatibility
68
+ //issues
69
+ if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
70
+ ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
71
+ wp_register_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
72
+ //don't load datepicker js if $ret_data exclude_datepicker flag is true
73
+ if ( !isset($ret_data["exclude_datepicker"]) || $ret_data["exclude_datepicker"] != "true" )
74
+ wp_register_script('jquery-ui-datepicker', false, array('jquery'));
75
+ wp_register_script('wordpress_file_upload_admin_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_adminfunctions.js', array( 'wp-color-picker' ), false, true);
76
+ if ( !$is_admin ) {
77
+ add_action('admin_post_edit_shortcode', 'wordpress_file_upload_manage_dashboard');
78
+ add_action('admin_print_scripts', 'wfu_enqueue_admin_scripts');
79
+ }
80
+ }
81
+ //register scripts for Uploaded Files
82
+ elseif ( is_admin() && $is_admin && strpos($uri, "admin.php") !== false ) {
83
+ //apply wfu_before_admin_scripts to get additional settings
84
+ $changable_data = array();
85
+ /**
86
+ * Execute Custom Actions Before Loading Uploaded Files Scripts.
87
+ *
88
+ * This filter allows to execute custom actions before scripts and
89
+ * styles of the plugin's Uploaded Files Dashboard page are loaded.
90
+ * Loading of plugin's scripts and styles can be completely customised.
91
+ *
92
+ * @since 4.7.0
93
+ *
94
+ * @param array $changable_data {
95
+ * Controls loading of frontpage scripts.
96
+ *
97
+ * @type mixed $return_value Optional. If it is set then no
98
+ * frontpage scripts will be loaded.
99
+ * @type string $correct_NextGenGallery_incompatibility Optional. If
100
+ * it is set to "true" then JQuery UI styles will not be
101
+ * loaded in order to avoid incompatibility with NextGEN
102
+ * Gallery plugin.
103
+ * @type string $correct_JQueryUI_incompatibility Optional. If it is
104
+ * set to "true" then JQuery UI styles will not be loaded
105
+ * (same as previous parameter).
106
+ * }
107
+ */
108
+ $ret_data = apply_filters('wfu_before_uploadedfiles_admin_scripts', $changable_data);
109
+ //if $ret_data contains 'return_value' key then no scripts will be
110
+ //registered
111
+ if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
112
+ //continue with script and style registering
113
+ wp_register_style('wordpress-file-upload-admin-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminstyle.css',false,'1.0','all');
114
+ wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
115
+ //do not register JQuery UI css if $ret_data denotes incompatibility
116
+ //issues
117
+ if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
118
+ ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
119
+ wp_register_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
120
+ wp_register_script('wordpress_file_upload_admin_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_adminfunctions.js', array( 'wp-color-picker' ), false, true);
121
+ }
122
+ //register scripts for admin bar menu item
123
+ elseif ( is_admin() && $is_admin ) {
124
+ //script and style registering
125
+ wp_register_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css',false,'1.0','all');
126
+ }
127
+ }
128
+
129
+ /**
130
+ * Register Dashboard Menu Pages.
131
+ *
132
+ * This function registers the Dashboard pages of the plugin.
133
+ *
134
+ * @since 2.1.2
135
+ */
136
+ function wordpress_file_upload_add_admin_pages() {
137
+ global $wpdb;
138
+ global $wfu_uploadedfiles_hook_suffix;
139
+ $table_name1 = $wpdb->prefix . "wfu_log";
140
+
141
+ $page_hook_suffix = false;
142
+ if ( current_user_can( 'manage_options' ) ) $page_hook_suffix = add_options_page('Wordpress File Upload', 'Wordpress File Upload', 'manage_options', 'wordpress_file_upload', 'wordpress_file_upload_manage_dashboard');
143
+ if ( $page_hook_suffix !== false ) add_action('admin_print_scripts-'.$page_hook_suffix, 'wfu_enqueue_admin_scripts');
144
+ //conditional that will create Wordpress File Upload Dashboard menu, if it
145
+ //has not already been created, for non-admin users who can edit posts or
146
+ //pages, so that their requests for opening the shortcode composer can be
147
+ //handled
148
+ elseif ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) ) ) {
149
+ $page_hook_suffix = add_menu_page('Wordpress File Upload', 'Wordpress File Upload', 'read', 'wordpress_file_upload', 'wordpress_file_upload_manage_dashboard_editor');
150
+ if ( $page_hook_suffix !== false ) add_action('admin_print_scripts-'.$page_hook_suffix, 'wfu_enqueue_admin_scripts');
151
+ }
152
+ //add Uploaded Files menu if it is allowed
153
+ $wfu_uploadedfiles_hook_suffix = false;
154
+ if ( current_user_can( 'manage_options' ) && WFU_VAR("WFU_UPLOADEDFILES_MENU") == "true" ) {
155
+ //get the number of new (unread) uploaded files
156
+ $unread_files_count = wfu_get_unread_files_count();
157
+ $text = $unread_files_count;
158
+ if ( $unread_files_count > 99 ) $text = "99+";
159
+ $title = 'Uploaded Files <span class="update-plugins count-'.$unread_files_count.'"><span class="plugin-count">'.$text.'</span></span>';
160
+ $wfu_uploadedfiles_hook_suffix = add_menu_page(
161
+ 'Uploaded Files',
162
+ $title,
163
+ 'manage_options',
164
+ 'wfu_uploaded_files',
165
+ 'wfu_uploadedfiles_menu',
166
+ 'dashicons-upload',
167
+ 6
168
+ );
169
+ }
170
+ if ( $wfu_uploadedfiles_hook_suffix !== false ) {
171
+ add_action('admin_print_scripts-'.$wfu_uploadedfiles_hook_suffix, 'wfu_enqueue_uploadedfiles_admin_scripts');
172
+ }
173
+ //enqueue scripts for admin bar menu item
174
+ if ( current_user_can( 'manage_options' ) )
175
+ add_action('admin_print_scripts', 'wfu_enqueue_uploadedfiles_adminbar_scripts');
176
+ }
177
+
178
+ /**
179
+ * Enqueue Main Dashboard Page Styles and Scripts.
180
+ *
181
+ * This function registers the styles and scripts of the plugin's main
182
+ * Dashboard page.
183
+ *
184
+ * @since 2.4.6
185
+ */
186
+ function wfu_enqueue_admin_scripts() {
187
+ $uri = $_SERVER['REQUEST_URI'];
188
+ $is_admin = current_user_can( 'manage_options' );
189
+ $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" && ( current_user_can( 'edit_pages' ) || current_user_can( 'edit_posts' ) ) );
190
+ if ( is_admin() && ( ( $is_admin && strpos($uri, "options-general.php") !== false ) ) ||
191
+ //conditional that will enqueue scripts for non-admin users who can
192
+ //edit posts or pages so that they can open the shortcode composer
193
+ ( is_admin() && $can_open_composer && strpos($uri, "admin.php") !== false ) ) {
194
+ //apply wfu_before_admin_scripts to get additional settings
195
+ $changable_data = array();
196
+ /** This filter is documented above */
197
+ $ret_data = apply_filters('wfu_before_admin_scripts', $changable_data);
198
+ //if $ret_data contains 'return_value' key then no scripts will be
199
+ //enqueued
200
+ if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
201
+ //continue with script and style enqueuing
202
+ wp_enqueue_style('wordpress-file-upload-admin-style');
203
+ wp_enqueue_style('wordpress-file-upload-adminbar-style');
204
+ //do not enqueue JQuery UI css if $ret_data denotes incompatibility
205
+ //issues
206
+ if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
207
+ ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
208
+ wp_enqueue_style('jquery-ui-css');
209
+ wp_enqueue_style( 'wp-color-picker' );
210
+ //don't load datepicker js if $ret_data exclude_datepicker flag is true
211
+ if ( !isset($ret_data["exclude_datepicker"]) || $ret_data["exclude_datepicker"] != "true" )
212
+ wp_enqueue_script('jquery-ui-datepicker');
213
+ wp_enqueue_script('wordpress_file_upload_admin_script');
214
+ $AdminParams = array("wfu_ajax_url" => site_url()."/wp-admin/admin-ajax.php");
215
+ wp_localize_script( 'wordpress_file_upload_admin_script', 'AdminParams', $AdminParams );
216
+ }
217
+ }
218
+
219
+ /**
220
+ * Enqueue Uploaded Files Dashboard Page Styles and Scripts.
221
+ *
222
+ * This function registers the styles and scripts of the plugin's Uploaded Files
223
+ * Dashboard page.
224
+ *
225
+ * @since 4.7.0
226
+ */
227
+ function wfu_enqueue_uploadedfiles_admin_scripts() {
228
+ $uri = $_SERVER['REQUEST_URI'];
229
+ $is_admin = current_user_can( 'manage_options' );
230
+ if ( is_admin() && $is_admin && strpos($uri, "admin.php") !== false ) {
231
+ //apply wfu_before_admin_scripts to get additional settings
232
+ $changable_data = array();
233
+ /** This filter is documented above */
234
+ $ret_data = apply_filters('wfu_before_uploadedfiles_admin_scripts', $changable_data);
235
+ //if $ret_data contains 'return_value' key then no scripts will be
236
+ //enqueued
237
+ if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
238
+ //continue with script and style enqueuing
239
+ wp_enqueue_style('wordpress-file-upload-admin-style');
240
+ wp_enqueue_style('wordpress-file-upload-adminbar-style');
241
+ //do not enqueue JQuery UI css if $ret_data denotes incompatibility
242
+ //issues
243
+ if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
244
+ ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
245
+ wp_enqueue_style('jquery-ui-css');
246
+ wp_enqueue_script('wordpress_file_upload_admin_script');
247
+ $AdminParams = array("wfu_ajax_url" => site_url()."/wp-admin/admin-ajax.php");
248
+ wp_localize_script( 'wordpress_file_upload_admin_script', 'AdminParams', $AdminParams );
249
+ }
250
+ }
251
+
252
+ /**
253
+ * Enqueue Admin Bar Styles and Scripts.
254
+ *
255
+ * This function registers the styles and scripts of the plugin for the Admin
256
+ * Bar.
257
+ *
258
+ * @since 4.8.0
259
+ */
260
+ function wfu_enqueue_uploadedfiles_adminbar_scripts() {
261
+ $is_admin = current_user_can( 'manage_options' );
262
+ if ( is_admin() && $is_admin ) {
263
+ //script and style enqueuing
264
+ wp_enqueue_style('wordpress-file-upload-adminbar-style');
265
+ }
266
+ }
267
+
268
+
269
+ /**
270
+ * Initialize Tables.
271
+ *
272
+ * This function initializes the plugin's database tables and other actions.
273
+ *
274
+ * @since 2.4.1
275
+ */
276
+ function wordpress_file_upload_install() {
277
+ global $wpdb;
278
+ global $wfu_tb_log_version;
279
+ global $wfu_tb_userdata_version;
280
+ global $wfu_tb_dbxqueue_version;
281
+ require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
282
+
283
+ //define database tables
284
+ $table_name1 = $wpdb->prefix . "wfu_log";
285
+ $installed_ver = get_option( "wordpress_file_upload_table_log_version" );
286
+ if( $installed_ver != $wfu_tb_log_version ) {
287
+ $sql = "CREATE TABLE " . $table_name1 . " (
288
+ idlog mediumint(9) NOT NULL AUTO_INCREMENT,
289
+ userid int NOT NULL,
290
+ uploaduserid int NOT NULL,
291
+ uploadtime bigint,
292
+ sessionid VARCHAR(40),
293
+ filepath TEXT NOT NULL,
294
+ filehash VARCHAR(100) NOT NULL,
295
+ filesize bigint NOT NULL,
296
+ uploadid VARCHAR(20) NOT NULL,
297
+ pageid mediumint(9),
298
+ blogid mediumint(9),
299
+ sid VARCHAR(10),
300
+ date_from DATETIME,
301
+ date_to DATETIME,
302
+ action VARCHAR(20) NOT NULL,
303
+ linkedto mediumint(9),
304
+ filedata TEXT,
305
+ PRIMARY KEY (idlog))
306
+ DEFAULT CHARACTER SET = utf8
307
+ DEFAULT COLLATE = utf8_general_ci;";
308
+ dbDelta($sql);
309
+ update_option("wordpress_file_upload_table_log_version", $wfu_tb_log_version);
310
+ }
311
+
312
+ $table_name2 = $wpdb->prefix . "wfu_userdata";
313
+ $installed_ver = get_option( "wordpress_file_upload_table_userdata_version" );
314
+ if( $installed_ver != $wfu_tb_userdata_version ) {
315
+ $sql = "CREATE TABLE " . $table_name2 . " (
316
+ iduserdata mediumint(9) NOT NULL AUTO_INCREMENT,
317
+ uploadid VARCHAR(20) NOT NULL,
318
+ property VARCHAR(100) NOT NULL,
319
+ propkey mediumint(9) NOT NULL,
320
+ propvalue TEXT,
321
+ date_from DATETIME,
322
+ date_to DATETIME,
323
+ PRIMARY KEY (iduserdata))
324
+ DEFAULT CHARACTER SET = utf8
325
+ DEFAULT COLLATE = utf8_general_ci;";
326
+ dbDelta($sql);
327
+ update_option("wordpress_file_upload_table_userdata_version", $wfu_tb_userdata_version);
328
+ }
329
+
330
+ $table_name3 = $wpdb->prefix . "wfu_dbxqueue";
331
+ $installed_ver = get_option( "wordpress_file_upload_table_dbxqueue_version" );
332
+ if( $installed_ver != $wfu_tb_dbxqueue_version ) {
333
+ $sql = "CREATE TABLE " . $table_name3 . " (
334
+ iddbxqueue mediumint(9) NOT NULL AUTO_INCREMENT,
335
+ fileid mediumint(9) NOT NULL,
336
+ priority mediumint(9) NOT NULL,
337
+ status mediumint(9) NOT NULL,
338
+ jobid VARCHAR(10) NOT NULL,
339
+ start_time bigint,
340
+ PRIMARY KEY (iddbxqueue))
341
+ DEFAULT CHARACTER SET = utf8
342
+ DEFAULT COLLATE = utf8_general_ci;";
343
+ dbDelta($sql);
344
+ update_option("wordpress_file_upload_table_dbxqueue_version", $wfu_tb_dbxqueue_version);
345
+ }
346
+ //adjust user state handler to 'dboption' except if there are active hooks
347
+ //that use session; adjustment will be done only once
348
+ if ( WFU_VAR("WFU_US_HANDLER_CHANGED") == "false" ) {
349
+ $envars = get_option("wfu_environment_variables", array());
350
+ {
351
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
352
+ if ( $plugin_options["userstatehandler"] != "dboption" ) wfu_update_setting("userstatehandler", "dboption");
353
+ if ( WFU_VAR("WFU_US_DBOPTION_BASE") != "cookies" ) {
354
+ $GLOBALS["WFU_GLOBALS"]["WFU_US_DBOPTION_BASE"][3] = "cookies";
355
+ $envars["WFU_US_DBOPTION_BASE"] = "cookies";
356
+ }
357
+ }
358
+ $GLOBALS["WFU_GLOBALS"]["WFU_US_HANDLER_CHANGED"][3] = "true";
359
+ $envars["WFU_US_HANDLER_CHANGED"] = "true";
360
+ update_option("wfu_environment_variables", $envars);
361
+ }
362
+ }
363
+
364
+ /**
365
+ * Actions Before Uninstalling Plugin.
366
+ *
367
+ * This function performs actions before uninstalling the plugin.
368
+ *
369
+ * @since 4.4.0
370
+ */
371
+ function wordpress_file_upload_uninstall() {
372
+ }
373
+
374
+ /**
375
+ * Actions After Plugins are Loaded.
376
+ *
377
+ * This function performs actions after plugin are loaded. It updates the
378
+ * database tables in necessary.
379
+ *
380
+ * @since 2.4.1
381
+ */
382
+ function wordpress_file_upload_update_db_check() {
383
+ global $wfu_tb_log_version;
384
+ global $wfu_tb_userdata_version;
385
+ global $wfu_tb_dbxqueue_version;
386
+ // update_option("wordpress_file_upload_table_log_version", "0");
387
+ // update_option("wordpress_file_upload_table_userdata_version", "0");
388
+ // update_option("wordpress_file_upload_table_dbxqueue_version", "0");
389
+ if ( get_option('wordpress_file_upload_table_log_version') != $wfu_tb_log_version || get_option('wordpress_file_upload_table_userdata_version') != $wfu_tb_userdata_version || get_option('wordpress_file_upload_table_dbxqueue_version') != $wfu_tb_dbxqueue_version ) {
390
+ wordpress_file_upload_install();
391
+ }
392
+ }
393
+
394
+ /**
395
+ * Process Dashboard Requests.
396
+ *
397
+ * This function processes Dashboard requests and shows main Dashboard pages of
398
+ * the plugin in Settings.
399
+ *
400
+ * @since 2.1.2
401
+ */
402
+ function wordpress_file_upload_manage_dashboard() {
403
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
404
+ $_POST = stripslashes_deep($_POST);
405
+ $_GET = stripslashes_deep($_GET);
406
+ $action = (!empty($_POST['action']) ? $_POST['action'] : (!empty($_GET['action']) ? $_GET['action'] : ''));
407
+ $dir = (!empty($_POST['dir']) ? $_POST['dir'] : (!empty($_GET['dir']) ? $_GET['dir'] : ''));
408
+ $file = (!empty($_POST['file']) ? $_POST['file'] : (!empty($_GET['file']) ? $_GET['file'] : ''));
409
+ $referer = (!empty($_POST['referer']) ? $_POST['referer'] : (!empty($_GET['referer']) ? $_GET['referer'] : ''));
410
+ $data_enc = (!empty($_POST['data']) ? $_POST['data'] : (!empty($_GET['data']) ? $_GET['data'] : ''));
411
+ $postid = (!empty($_POST['postid']) ? $_POST['postid'] : (!empty($_GET['postid']) ? $_GET['postid'] : ''));
412
+ $nonce = (!empty($_POST['nonce']) ? $_POST['nonce'] : (!empty($_GET['nonce']) ? $_GET['nonce'] : ''));
413
+ $tag = (!empty($_POST['tag']) ? $_POST['tag'] : (!empty($_GET['tag']) ? $_GET['tag'] : ''));
414
+ $username = (!empty($_POST['username']) ? $_POST['username'] : (!empty($_GET['username']) ? $_GET['username'] : ''));
415
+ $invoker = (!empty($_POST['invoker']) ? $_POST['invoker'] : (!empty($_GET['invoker']) ? $_GET['invoker'] : ''));
416
+ $echo_str = "";
417
+
418
+ if ( $action == 'edit_settings' ) {
419
+ wfu_update_settings();
420
+ $echo_str = wfu_manage_settings();
421
+ }
422
+ elseif ( $action == 'shortcode_composer' ) {
423
+ $echo_str = wfu_shortcode_composer();
424
+ }
425
+ elseif ( $action == 'file_browser' ) {
426
+ $echo_str = wfu_browse_files($dir);
427
+ }
428
+ elseif ( $action == 'view_log' ) {
429
+ $page = $tag;
430
+ if ( $page == '' ) $page = 1;
431
+ $page = (int)wfu_sanitize_int($page);
432
+ $located_rec = $invoker;
433
+ if ( $located_rec == '' ) $located_rec = -1;
434
+ $located_rec = (int)wfu_sanitize_int($located_rec);
435
+ $echo_str = wfu_view_log($page, false, $located_rec);
436
+ }
437
+ elseif ( $action == 'rename_file' && $file != "" ) {
438
+ $echo_str = wfu_rename_file_prompt($file, 'file', false);
439
+ }
440
+ elseif ( $action == 'rename_dir' && $file != "" ) {
441
+ $echo_str = wfu_rename_file_prompt($file, 'dir', false);
442
+ }
443
+ elseif ( $action == 'move_file' && $file != "" ) {
444
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
445
+ $echo_str = wfu_move_file_prompt($file, false);
446
+ }
447
+ elseif ( $action == 'renamefile' && $file != "" ) {
448
+ if ( wfu_rename_file($file, 'file') ) $echo_str = wfu_browse_files($dir);
449
+ else $echo_str = wfu_rename_file_prompt($file, 'file', true);
450
+ }
451
+ elseif ( $action == 'renamedir' && $file != "" ) {
452
+ if ( wfu_rename_file($file, 'dir') ) $echo_str = wfu_browse_files($dir);
453
+ else $echo_str = wfu_rename_file_prompt($file, 'dir', true);
454
+ }
455
+ elseif ( $action == 'movefile' && $file != "" ) {
456
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
457
+ if ( wfu_move_file($file) ) $echo_str = wfu_browse_files($dir);
458
+ else $echo_str = wfu_move_file_prompt($file, true);
459
+ }
460
+ elseif ( $action == 'delete_file' && $file != "" && $referer != "" ) {
461
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
462
+ $echo_str = wfu_delete_file_prompt($file, 'file', $referer);
463
+ }
464
+ elseif ( $action == 'delete_dir' && $file != "" && $referer != "" ) {
465
+ $echo_str = wfu_delete_file_prompt($file, 'dir', $referer);
466
+ }
467
+ elseif ( $action == 'deletefile' && $file != "" ) {
468
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
469
+ wfu_delete_file($file, 'file');
470
+ $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
471
+ if ( $referer_url === false ) $referer_url = "";
472
+ $match = array();
473
+ preg_match("/\&dir=(.*)/", $referer_url, $match);
474
+ $dir = ( isset($match[1]) ? $match[1] : "" );
475
+ $echo_str = wfu_browse_files($dir);
476
+ }
477
+ elseif ( $action == 'deletedir' && $file != "" ) {
478
+ wfu_delete_file($file, 'dir');
479
+ $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
480
+ if ( $referer_url === false ) $referer_url = "";
481
+ $match = array();
482
+ preg_match("/\&dir=(.*)/", $referer_url, $match);
483
+ $dir = ( isset($match[1]) ? $match[1] : "" );
484
+ $echo_str = wfu_browse_files($dir);
485
+ }
486
+ elseif ( $action == 'create_dir' ) {
487
+ $echo_str = wfu_create_dir_prompt($dir, false);
488
+ }
489
+ elseif ( $action == 'createdir' ) {
490
+ if ( wfu_create_dir($dir) ) $echo_str = wfu_browse_files($dir);
491
+ else $echo_str = wfu_create_dir_prompt($dir, true);
492
+ }
493
+ elseif ( $action == 'include_file' && $file != "" && $referer != "" ) {
494
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
495
+ $echo_str = wfu_include_file_prompt($file, $referer);
496
+ }
497
+ elseif ( $action == 'includefile' && $file != "" ) {
498
+ if ( substr($file, 0, 5) == "list:" ) $file = explode(",", substr($file, 5));
499
+ wfu_include_file($file);
500
+ $referer_url = wfu_flatten_path(wfu_get_filepath_from_safe(wfu_sanitize_code($referer)));
501
+ if ( $referer_url === false ) $referer_url = "";
502
+ $match = array();
503
+ preg_match("/\&dir=(.*)/", $referer_url, $match);
504
+ $dir = ( isset($match[1]) ? $match[1] : "" );
505
+ $echo_str = wfu_browse_files($dir);
506
+ }
507
+ elseif ( $action == 'file_details' && $file != "" ) {
508
+ $echo_str = wfu_file_details($file, false, $invoker);
509
+ }
510
+ elseif ( $action == 'edit_filedetails' && $file != "" ) {
511
+ wfu_edit_filedetails($file);
512
+ $echo_str = wfu_file_details($file, false, $invoker);
513
+ }
514
+ elseif ( $action == 'personal_data' && $plugin_options["personaldata"] == "1" ) {
515
+ $echo_str = wfu_manage_personaldata_policies();
516
+ }
517
+ elseif ( $action == 'erase_userdata_ask' && $plugin_options["personaldata"] == "1" && $username != "" ) {
518
+ $echo_str = wfu_erase_userdata_ask_prompt($username);
519
+ }
520
+ elseif ( $action == 'erase_userdata' && $plugin_options["personaldata"] == "1" && $username != "" ) {
521
+ $ret = wfu_erase_userdata($username);
522
+ if ( $ret <= -1 ) $echo_str = wfu_manage_personaldata_policies();
523
+ else $echo_str = wfu_manage_personaldata_policies('Database cleaned. '.$ret.' items where affected.');
524
+ }
525
+ elseif ( $action == 'maintenance_actions' ) {
526
+ $echo_str = wfu_maintenance_actions();
527
+ }
528
+ elseif ( $action == 'sync_db' && $nonce != "" ) {
529
+ $affected_items = wfu_sync_database_controller($nonce);
530
+ if ( $affected_items > -1 ) $echo_str = wfu_maintenance_actions('Database updated. '.$affected_items.' items where affected.');
531
+ else $echo_str = wfu_maintenance_actions();
532
+ }
533
+ elseif ( $action == 'clean_log_ask' && $nonce != "" && $data_enc != "" ) {
534
+ $echo_str = wfu_clean_log_prompt($nonce, $data_enc);
535
+ }
536
+ elseif ( $action == 'clean_log' ) {
537
+ $ret = wfu_clean_log();
538
+ if ( $ret["recs_count"] <= -1 && $ret["files_count"] ) $echo_str = wfu_maintenance_actions();
539
+ else $echo_str = wfu_maintenance_actions('Database cleaned. '.$ret["recs_count"].' records and '.$ret["files_count"].' files where deleted.');
540
+ }
541
+ elseif ( $action == 'purge_data_ask' && $nonce != "" ) {
542
+ $echo_str = wfu_purge_data_prompt($nonce);
543
+ }
544
+ elseif ( $action == 'purge_data' ) {
545
+ $ret = wfu_purge_data();
546
+ if ( !$ret ) $echo_str = wfu_maintenance_actions();
547
+ else $echo_str = '<script type="text/javascript">window.location.replace("'.admin_url('plugins.php').'");</script>';
548
+ }
549
+ elseif ( $action == 'reset_all_transfers' && $nonce != "" ) {
550
+ if ( wfu_reset_all_transfers_controller($nonce) === true )
551
+ $echo_str = wfu_maintenance_actions('All file transfers were successfully reset.');
552
+ else $echo_str = wfu_maintenance_actions();
553
+ }
554
+ elseif ( $action == 'clear_all_transfers' && $nonce != "" ) {
555
+ if ( wfu_clear_all_transfers_controller($nonce) === true )
556
+ $echo_str = wfu_maintenance_actions('All file transfers were successfully cleared.');
557
+ else $echo_str = wfu_maintenance_actions();
558
+ }
559
+ elseif ( $action == 'plugin_settings' ) {
560
+ $echo_str = wfu_manage_settings();
561
+ }
562
+ elseif ( $action == 'add_shortcode' && $postid != "" && $nonce != "" && $tag != "" ) {
563
+ if ( WFU_USVAR('wfu_add_shortcode_ticket_for_'.$tag) != $nonce ) $echo_str = wfu_manage_mainmenu();
564
+ elseif ( wfu_add_shortcode($postid, $tag) ) $echo_str = wfu_manage_mainmenu();
565
+ else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_ADD_SHORTCODE_REJECTED);
566
+ WFU_USVAR_store('wfu_add_shortcode_ticket', 'noticket');
567
+ }
568
+ elseif ( $action == 'edit_shortcode' && $data_enc != "" && $tag != "" ) {
569
+ $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
570
+ if ( $data['post_id'] == "" || $referer == 'guteditor' || wfu_check_edit_shortcode($data) ) wfu_shortcode_composer($data, $tag, $referer);
571
+ else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_EDIT_SHORTCODE_REJECTED);
572
+ }
573
+ elseif ( $action == 'delete_shortcode' && $data_enc != "" ) {
574
+ $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
575
+ if ( wfu_check_edit_shortcode($data) ) $echo_str = wfu_delete_shortcode_prompt($data_enc);
576
+ else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_DELETE_SHORTCODE_REJECTED);
577
+ }
578
+ elseif ( $action == 'deleteshortcode' && $data_enc != "" ) {
579
+ $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
580
+ if ( wfu_check_edit_shortcode($data) ) {
581
+ if ( wfu_delete_shortcode($data) ) wfu_clear_shortcode_data_from_safe($data_enc);
582
+ $echo_str = wfu_manage_mainmenu();
583
+ }
584
+ else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_DELETE_SHORTCODE_REJECTED);
585
+ }
586
+ elseif ( $action == 'add_policy' ) {
587
+ $echo_str = wfu_edit_pd_policy();
588
+ }
589
+ else {
590
+ $echo_str = wfu_manage_mainmenu();
591
+ }
592
+
593
+ echo $echo_str;
594
+ }
595
+
596
+ /**
597
+ * Process Dashboard Requests for Non-Admin Users.
598
+ *
599
+ * This function processes Dashboard requests and shows the shortcode composer
600
+ * to users that are not admins but who can edit posts or pages. It also lets
601
+ * extensions implement their own actions when receiving Dashboard requests by
602
+ * non-admin users.
603
+ *
604
+ * @since 4.11.0
605
+ */
606
+ function wordpress_file_upload_manage_dashboard_editor() {
607
+ $_POST = stripslashes_deep($_POST);
608
+ $_GET = stripslashes_deep($_GET);
609
+ $action = (!empty($_POST['action']) ? $_POST['action'] : (!empty($_GET['action']) ? $_GET['action'] : ''));
610
+ $referer = (!empty($_POST['referer']) ? $_POST['referer'] : (!empty($_GET['referer']) ? $_GET['referer'] : ''));
611
+ $data_enc = (!empty($_POST['data']) ? $_POST['data'] : (!empty($_GET['data']) ? $_GET['data'] : ''));
612
+ $tag = (!empty($_POST['tag']) ? $_POST['tag'] : (!empty($_GET['tag']) ? $_GET['tag'] : ''));
613
+ $echo_str = "";
614
+
615
+ if ( $action == 'edit_shortcode' && $data_enc != "" && $tag != "" ) {
616
+ $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
617
+ if ( $data['post_id'] == "" || $referer == 'guteditor' || wfu_check_edit_shortcode($data) ) wfu_shortcode_composer($data, $tag, $referer);
618
+ else $echo_str = wfu_manage_mainmenu(WFU_DASHBOARD_EDIT_SHORTCODE_REJECTED);
619
+ }
620
+ else {
621
+ $echo_str = wfu_manage_mainmenu_editor();
622
+ }
623
+
624
+ echo $echo_str;
625
+ }
626
+
627
+ /**
628
+ * Display the Main Dashboard Page.
629
+ *
630
+ * This function displays the Main Dashboard page of the plugin.
631
+ *
632
+ * @since 2.5.2
633
+ *
634
+ * @param string $message Optional. A message to display on top when showing
635
+ * Main page of the plugin in Dashboard.
636
+ *
637
+ * @return string The HTML output of the plugin's Main Dashboard page.
638
+ */
639
+ function wfu_manage_mainmenu($message = '') {
640
+ if ( !current_user_can( 'manage_options' ) ) return;
641
+
642
+ //get php version
643
+ $php_version = preg_replace("/-.*/", "", phpversion());
644
+
645
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
646
+
647
+ $echo_str = '<div class="wrap wfumain">';
648
+ $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
649
+ if ( $message != '' ) {
650
+ $echo_str .= "\n\t".'<div class="updated">';
651
+ $echo_str .= "\n\t\t".'<p>'.$message.'</p>';
652
+ $echo_str .= "\n\t".'</div>';
653
+ }
654
+ $echo_str .= "\n\t".'<div style="margin-top:20px;">';
655
+ $echo_str .= wfu_generate_dashboard_menu("\n\t\t", "Main");
656
+ $echo_str .= "\n\t\t".'<h3 style="margin-bottom: 10px;">Status';
657
+ if ( $plugin_options["altserver"] == "1" && substr(trim(WFU_VAR("WFU_ALT_IPTANUS_SERVER")), 0, 5) == "http:" ) {
658
+ $echo_str .= '<div style="display: inline-block; margin-left:20px;" title="'.WFU_WARNING_ALT_IPTANUS_SERVER_ACTIVATED.'"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 200 800" version="1.1" style="background:darkorange; border-radius:13px; padding:2px; vertical-align:middle; border: 1px solid silver;"><path d="M 110,567 L 90,567 L 42,132 C 40,114 40,100 40,90 C 40,70 45,49 56,35 C 70,22 83,15 100,15 C 117,15 130,22 144,35 C 155,49 160,70 160,90 C 160,100 160,114 158,132 z M 100,640 A 60,60 0 1,1 100,760 A 60,60 0 1,1 100,640 z"/></svg></div>';
659
+ }
660
+ $echo_str .= '</h3>';
661
+ $echo_str .= "\n\t\t".'<table class="form-table">';
662
+ $echo_str .= "\n\t\t\t".'<tbody>';
663
+ //plugin edition
664
+ $echo_str .= "\n\t\t\t\t".'<tr>';
665
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
666
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Edition</label>';
667
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
668
+ $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px; vertical-align:top;">';
669
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">Free</label>';
670
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
671
+ $echo_str .= "\n\t\t\t\t\t".'<td>';
672
+ $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:bisque; padding:0 0 0 4px; border-left:3px solid lightcoral;">';
673
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">Consider </label><a href="'.WFU_PRO_VERSION_URL.'">Upgrading</a><label style="cursor:default;"> to the Professional Version. </label>';
674
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<button onclick="if (this.innerText == \'See why >>\') {this.innerText = \'<< Close\'; document.getElementById(\'wfu_version_comparison\').style.display = \'inline-block\';} else {this.innerText = \'See why >>\'; document.getElementById(\'wfu_version_comparison\').style.display = \'none\';}">See why >></button>';
675
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
676
+ $echo_str .= "\n\t\t\t\t\t\t".'<br /><div id="wfu_version_comparison" style="display:none; background-color:lightyellow; border:1px solid yellow; margin:10px 0; padding:10px;">';
677
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<img src="'.WFU_IMAGE_VERSION_COMPARISON.'" style="display:block; margin-bottom:6px;" />';
678
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<a class="button-primary" href="'.WFU_PRO_VERSION_URL.'">Go for the PRO version</a>';
679
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
680
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
681
+ $echo_str .= "\n\t\t\t\t".'</tr>';
682
+ //plugin version
683
+ $echo_str .= "\n\t\t\t\t".'<tr>';
684
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
685
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Version</label>';
686
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
687
+ $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
688
+ $cur_version = wfu_get_plugin_version();
689
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">'.$cur_version.'</label>';
690
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
691
+ $echo_str .= "\n\t\t\t\t\t".'<td>';
692
+ $lat_version = wfu_get_latest_version();
693
+ $ret = wfu_compare_versions($cur_version, $lat_version);
694
+ if ( $lat_version == "" && WFU_VAR("WFU_DISABLE_VERSION_CHECK") != "true" ) {
695
+ $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:transparent; padding:0 0 0 4px; color:red;">';
696
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 200 800" version="1.1" style="background:transparent; border-radius:13px; padding:2px; vertical-align:middle; border: 2px solid red; fill:red;"><path d="M 110,567 L 90,567 L 42,132 C 40,114 40,100 40,90 C 40,70 45,49 56,35 C 70,22 83,15 100,15 C 117,15 130,22 144,35 C 155,49 160,70 160,90 C 160,100 160,114 158,132 z M 100,640 A 60,60 0 1,1 100,760 A 60,60 0 1,1 100,640 z"/></svg>';
697
+ $warning_text = preg_replace("/:(\w+):/", '<a target="_blank" href="'.WFU_IPTANUS_SERVER_UNREACHABLE_ARTICLE.'" title="Iptanus Services Server Unreachable Error of WFU Plugin">$1</a>', WFU_WARNING_IPTANUS_SERVER_UNREACHABLE);
698
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">'.$warning_text.'</label>';
699
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
700
+ }
701
+ elseif ( $ret['status'] && $ret['result'] == 'lower' ) {
702
+ $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:bisque; padding:0 0 0 4px; border-left:3px solid lightcoral;">';
703
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">Version <strong>'.$lat_version.'</strong> of the plugin is available. Go to Plugins page of your Dashboard to update to the latest version.</label>';
704
+ if ( $ret['custom'] ) $echo_str .= '<label style="cursor:default; color: purple;"> <em>Please note that you are using a custom version of the plugin. If you upgrade to the newest version, custom changes will be lost.</em></label>';
705
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
706
+ }
707
+ elseif ( $ret['status'] && $ret['result'] == 'equal' ) {
708
+ $echo_str .= "\n\t\t\t\t\t\t".'<div style="display:inline-block; background-color:rgb(220,255,220); padding:0 0 0 4px; border-left:3px solid limegreen;">';
709
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<label style="cursor:default;">You have the latest version.</label>';
710
+ if ( $ret['custom'] ) $echo_str .= '<label style="cursor:default; color: purple;"> <em>(Please note that your version is custom)</em></label>';
711
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
712
+ }
713
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
714
+ $echo_str .= "\n\t\t\t\t".'</tr>';
715
+ //server environment
716
+ $php_env = wfu_get_server_environment();
717
+ $echo_str .= "\n\t\t\t\t".'<tr>';
718
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
719
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Server Environment</label>';
720
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
721
+ $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
722
+ if ( $php_env == '64bit' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">64bit</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(Your server supports files up to 1 Exabyte, practically unlimited)</label>';
723
+ if ( $php_env == '32bit' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">32bit</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(Your server does not support files larger than 2GB)</label>';
724
+ if ( $php_env == '' ) $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">Unknown</label></td><td><label style="font-weight:normal; font-style:italic; cursor:default;">(The maximum file size supported by the server cannot be determined)</label>';
725
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
726
+ $echo_str .= "\n\t\t\t\t".'</tr>';
727
+ $echo_str .= "\n\t\t\t\t".'<tr>';
728
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
729
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">PHP Version</label>';
730
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
731
+ $echo_str .= "\n\t\t\t\t\t".'<td style="width:100px;">';
732
+ $cur_version = wfu_get_plugin_version();
733
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="font-weight:bold; cursor:default;">'.$php_version.'</label>';
734
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
735
+ $echo_str .= "\n\t\t\t\t\t".'<td>';
736
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
737
+ $echo_str .= "\n\t\t\t\t".'</tr>';
738
+ $echo_str .= "\n\t\t\t\t".'<tr>';
739
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="row">';
740
+ $echo_str .= "\n\t\t\t\t\t\t".'<label style="cursor:default;">Release Notes</label>';
741
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
742
+ $echo_str .= "\n\t\t\t\t\t".'<td colspan="2" style="width:100px;">';
743
+ $rel_path = ABSWPFILEUPLOAD_DIR.'release_notes.txt';
744
+ $rel_notes = '';
745
+ if ( file_exists($rel_path) ) $rel_notes = file_get_contents($rel_path);
746
+ $echo_str .= "\n\t\t\t\t\t\t".'<div style="text-align:justify;">'.$rel_notes.'</div>';
747
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
748
+ $echo_str .= "\n\t\t\t\t".'</tr>';
749
+ $echo_str .= "\n\t\t\t".'</tbody>';
750
+ $echo_str .= "\n\t\t".'</table>';
751
+
752
+ $echo_str .= wfu_manage_instances();
753
+
754
+ $echo_str .= "\n\t".'</div>';
755
+ $echo_str .= "\n".'</div>';
756
+
757
+ return $echo_str;
758
+ }
759
+
760
+ /**
761
+ * Default Dashboard Page for Non-Admin Users.
762
+ *
763
+ * This function displays the plugin's default Dashboard page for non-admin
764
+ * users who can edit pages or posts.
765
+ *
766
+ * @since 4.11.0
767
+ *
768
+ * @param string $message Optional. A message to display on top when showing
769
+ * the default Dashboard page of the plugin for non-admin users.
770
+ *
771
+ * @return string The HTML output of the plugin's default Dashboard page.
772
+ */
773
+ function wfu_manage_mainmenu_editor($message = '') {
774
+ if ( !current_user_can( 'edit_pages' ) && !current_user_can( 'edit_posts' ) ) return;
775
+
776
+ $echo_str = '<div class="wrap wfumain">';
777
+ $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
778
+ if ( $message != '' ) {
779
+ $echo_str .= "\n\t".'<div class="updated">';
780
+ $echo_str .= "\n\t\t".'<p>'.$message.'</p>';
781
+ $echo_str .= "\n\t".'</div>';
782
+ }
783
+ $echo_str .= "\n\t".'<div style="margin-top:20px;">';
784
+ $echo_str .= "\n\t\t".'<h3 style="margin-bottom: 10px;">This menu item exists to show the plugin\'s shortcode composer when editing pages or posts.</h3>';
785
+ $echo_str .= "\n\t".'</div>';
786
+ $echo_str .= "\n".'</div>';
787
+
788
+ return $echo_str;
789
+ }
790
+
791
+ /**
792
+ * Main Dashboard Page Tabs.
793
+ *
794
+ * This function generates the tabs of the plugin's main area in Dashboard.
795
+ *
796
+ * @since 3.6.0
797
+ *
798
+ * @redeclarable
799
+ *
800
+ * @param string $dlp Identation string before the beginning of each HTML line.
801
+ * @param string $active The name of the tab that it is active.
802
+ *
803
+ * @return string The HTML output of the tabs.
804
+ */
805
+ function wfu_generate_dashboard_menu($dlp, $active) {
806
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
807
+ $siteurl = site_url();
808
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
809
+
810
+ $echo_str = $dlp.'<h2 class="nav-tab-wrapper" style="margin-bottom:40px;">';
811
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload" class="nav-tab'.( $active == "Main" ? ' nav-tab-active' : '' ).'" title="Main">Main</a>';
812
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=plugin_settings" class="nav-tab'.( $active == "Settings" ? ' nav-tab-active' : '' ).'" title="Settings">Settings</a>';
813
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=file_browser" class="nav-tab'.( $active == "File Browser" ? ' nav-tab-active' : '' ).'" title="File browser">File Browser</a>';
814
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=view_log" class="nav-tab'.( $active == "View Log" ? ' nav-tab-active' : '' ).'" title="View log">View Log</a>';
815
+ if ( $plugin_options["personaldata"] == "1" )
816
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=personal_data" class="nav-tab'.( $active == "Personal Data" ? ' nav-tab-active' : '' ).'" title="Personal Data">Personal Data</a>';
817
+ $echo_str .= $dlp."\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=maintenance_actions" class="nav-tab'.( $active == "Maintenance Actions" ? ' nav-tab-active' : '' ).'" title="Maintenance Actions">Maintenance Actions</a>';
818
+ $echo_str .= $dlp.'</h2>';
819
+
820
+ return $echo_str;
821
+ }
822
+
823
+ /**
824
+ * Generate List of Posts in Tree Order.
825
+ *
826
+ * This function converts a flat array of posts into a tree structure, where an
827
+ * individual item of the returned array may contain a nested array of children.
828
+ * Items of the same parent and level are sorted by post status (publish,
829
+ * private, draft) and then by title.
830
+ *
831
+ * @since 2.7.6
832
+ *
833
+ * @param array $posts The initial flat array of posts.
834
+ *
835
+ * @return array The returned list of posts in tree order.
836
+ */
837
+ function wfu_construct_post_list($posts) {
838
+ $ids = array();
839
+ $list = array();
840
+ $id_keys = array();
841
+ //construct item indices
842
+ foreach ( $posts as $key => $post ) {
843
+ if ( !array_key_exists($post->post_type, $ids) ) {
844
+ $ids[$post->post_type] = array();
845
+ $list[$post->post_type] = array();
846
+ }
847
+ array_push($ids[$post->post_type], $post->ID);
848
+ $id_keys[$post->ID] = $key;
849
+ }
850
+ //create post list in tree order; items are sorted by post status (publish,
851
+ //private, draft) and then by title
852
+ $i = 0;
853
+ while ( $i < count($posts) ) {
854
+ $post = $posts[$i];
855
+ //find topmost element in family tree
856
+ $tree = array( $post->ID );
857
+ $topmost = $post;
858
+ $par_id = $topmost->post_parent;
859
+ while ( in_array($par_id, $ids[$post->post_type]) ) {
860
+ $topmost = $posts[$id_keys[$par_id]];
861
+ array_splice($tree, 0, 0, $par_id);
862
+ $par_id = $topmost->post_parent;
863
+ }
864
+ //find which needs to be processed
865
+ $level = 0;
866
+ $host = &$list[$post->post_type];
867
+ foreach ( $tree as $process_id ) {
868
+ $found_key = -1;
869
+ foreach ( $host as $key => $item )
870
+ if ( $item['id'] == $process_id ) {
871
+ $found_key = $key;
872
+ break;
873
+ }
874
+ if ( $found_key == -1 ) break;
875
+ $level++;
876
+ $host = &$host[$found_key]['children'];
877
+ }
878
+ if ( $found_key == -1 ) {
879
+ $processed = $posts[$id_keys[$process_id]];
880
+ //add the processed item in the right position in children's list
881
+ $pos = 0;
882
+ $status = ( $processed->post_status == 'publish' ? 0 : ( $processed->post_status == 'private' ? 1 : 2 ) );
883
+ foreach ($host as $item) {
884
+ if ( $status < $item['status'] ) break;
885
+ if ( $status == $item['status'] && strcmp($processed->post_title, $item['title']) < 0 ) break;
886
+ $pos++;
887
+ }
888
+ $new_item = array(
889
+ 'id' => $process_id,
890
+ 'title' => $processed->post_title,
891
+ 'status' => $status,
892
+ 'level' => $level,
893
+ 'children' => array()
894
+ );
895
+ array_splice($host, $pos, 0, array($new_item));
896
+ }
897
+ //advance index if we have finished processing all the tree
898
+ if ( $process_id == $post->ID ) $i++;
899
+ }
900
+ return $list;
901
+ }
902
+
903
+ /**
904
+ * Flatten Tree List of Posts.
905
+ *
906
+ * This function converts a list that contains posts in tree order into a flat
907
+ * list (array) of posts.
908
+ *
909
+ * @since 2.7.6
910
+ *
911
+ * @param array $list The initial tree list of posts.
912
+ *
913
+ * @return array The returned flat list of posts.
914
+ */
915
+ function wfu_flatten_post_list($list) {
916
+ $flat = array();
917
+ if ( !is_array($list) ) return $flat;
918
+ foreach( $list as $item ) {
919
+ $flat_item = array(
920
+ 'id' => $item['id'],
921
+ 'title' => $item['title'],
922
+ 'status' => $item['status'],
923
+ 'level' => $item['level']
924
+ );
925
+ array_push($flat, $flat_item);
926
+ $flat = array_merge($flat, wfu_flatten_post_list($item['children']));
927
+ }
928
+ return $flat;
929
+ }
930
+
931
+ /**
932
+ * Generate List of Instances of All Plugin' Shortcodes.
933
+ *
934
+ * This function generates a tabular list of all instances of all plugin's
935
+ * shortcodes.
936
+ *
937
+ * @since 2.5.2
938
+ *
939
+ * @return string The HTML code of the list of instances of all the shortcodes.
940
+ */
941
+ function wfu_manage_instances() {
942
+ $echo_str = wfu_manage_instances_of_shortcode('wordpress_file_upload', 'Uploader Instances', 'uploader', 1);
943
+
944
+ return $echo_str;
945
+ }
946
+
947
+ /**
948
+ * Generate List of Instances of A Plugin' Shortcode.
949
+ *
950
+ * This function generates a tabular list of all instances of a plugin's
951
+ * shortcode.
952
+ *
953
+ * @since 3.1.0
954
+ *
955
+ * @param string $tag The shortcode tag.
956
+ * @param string $title The title of the list
957
+ * @param string $slug A slug of the shortcode.
958
+ * @param integer $inc The increment number of this list of instances.
959
+ *
960
+ * @return string The HTML code of the list of instances of the shortcode.
961
+ */
962
+ function wfu_manage_instances_of_shortcode($tag, $title, $slug, $inc) {
963
+ global $wp_registered_widgets, $wp_registered_sidebars;
964
+
965
+ $siteurl = site_url();
966
+ $args = array( 'post_type' => array( "post", "page" ), 'post_status' => "publish,private,draft", 'posts_per_page' => -1 );
967
+ /**
968
+ * Filter Arguments for Getting List of Posts.
969
+ *
970
+ * This filter allows to customize the arguments passed to get_posts()
971
+ * function to get a list of posts. By default the plugin will get a list of
972
+ * all posts and pages. If the website contains too many posts this
973
+ * operation may take time and delay loading of the page. So this filter can
974
+ * be used to optimize this operation.
975
+ *
976
+ * @since 4.0.0
977
+ *
978
+ * @param array $args Arguments to retrieve posts.
979
+ * @param string $operation A parameter designating in which operation this
980
+ * filter is used.
981
+ */
982
+ $args = apply_filters("_wfu_get_posts", $args, "manage_instances");
983
+ $posts = get_posts($args);
984
+ $wfu_shortcodes = array();
985
+ //get shortcode instances from page/posts
986
+ foreach ( $posts as $post ) {
987
+ $ret = wfu_get_content_shortcodes($post, $tag);
988
+ if ( $ret !== false ) $wfu_shortcodes = array_merge($wfu_shortcodes, $ret);
989
+ }
990
+ //get shortcode instances from sidebars
991
+ $data = array();
992
+ $widget_base = $tag.'_widget';
993
+ if ( is_array($wp_registered_widgets) ) {
994
+ foreach ( $wp_registered_widgets as $id => $widget ) {
995
+ if ( substr($id, 0, strlen($widget_base)) == $widget_base ) {
996
+ $widget_obj = ( isset($widget['callback']) ? ( isset($widget['callback'][0]) ? ( $widget['callback'][0] instanceof WP_Widget ? $widget['callback'][0] : false ) : false ) : false );
997
+ $widget_sidebar = is_active_widget(false, $id, $widget_base);
998
+ if ( $widget_obj !== false && $widget_sidebar !== false ) {
999
+ if ( isset($wp_registered_sidebars[$widget_sidebar]) && isset($wp_registered_sidebars[$widget_sidebar]['name']) ) $widget_sidebar = $wp_registered_sidebars[$widget_sidebar]['name'];
1000
+ $data['post_id'] = "";
1001
+ $data['post_hash'] = "";
1002
+ $data['shortcode'] = $widget_obj->shortcode();
1003
+ $data['position'] = 0;
1004
+ $data['widgetid'] = $id;
1005
+ $data['sidebar'] = $widget_sidebar;
1006
+ array_push($wfu_shortcodes, $data);
1007
+ }
1008
+ }
1009
+ }
1010
+ }
1011
+
1012
+ $list = wfu_construct_post_list($posts);
1013
+ $pagelist = wfu_flatten_post_list($list["page"]);
1014
+ $postlist = wfu_flatten_post_list($list["post"]);
1015
+
1016
+ $echo_str = "\n\t\t".'<h3 style="margin-bottom: 10px; margin-top: 40px;">'.$title.'</h3>';
1017
+ $onchange_js = 'document.getElementById(\'wfu_add_plugin_ok_'.$inc.'\').disabled = !((document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'page\' && document.getElementById(\'wfu_page_list_'.$inc.'\').value != \'\') || (document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'post\' && document.getElementById(\'wfu_post_list_'.$inc.'\').value != \'\'));';
1018
+ $no_shortcodes = ( count($wfu_shortcodes) == 0 );
1019
+ $echo_str .= "\n\t\t".'<div id="wfu_add_plugin_button_'.$inc.'" style="'. ( !$no_shortcodes ? '' : 'color:blue; font-weight:bold; font-size:larger;' ).'margin-bottom: 20px; margin-top: 10px;">';
1020
+ $addbutton_pre = ( !$no_shortcodes ? '' : '<label>Press </label>');
1021
+ $addbutton_post = ( !$no_shortcodes ? '' : '<label> to get started and add the '.$slug.' in a page</label>');
1022
+ $echo_str .= "\n\t\t\t".$addbutton_pre.'<button onclick="document.getElementById(\'wfu_add_plugin_button_'.$inc.'\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_'.$inc.'\').style.display = \'inline-block\'; '.$onchange_js.'">'.( !$no_shortcodes ? 'Add Plugin Instance' : 'here' ).'</button>'.$addbutton_post;
1023
+ $echo_str .= "\n\t\t".'</div>';
1024
+ $echo_str .= "\n\t\t".'<div id="wfu_add_plugin_'.$inc.'" style="margin-bottom: 20px; margin-top: 10px; position:relative; display:none;">';
1025
+ $echo_str .= "\n\t\t\t".'<div id="wfu_add_plugin_'.$inc.'_overlay" style="position:absolute; top:0; left:0; width:100%; height:100%; background-color:rgba(255,255,255,0.8); border:none; display:none;">';
1026
+ $echo_str .= "\n\t\t\t\t".'<table style="background:none; border:none; margin:0; padding:0; line-height:1; border-spacing:0; width:100%; height:100%; table-layout:fixed;"><tbody><tr><td style="text-align:center; vertical-align:middle;"><div style="display:inline-block;"><span class="spinner" style="opacity:1; float:left; margin:0; display:inline;"></span><label style="margin-left:4px;">please wait...</label></div></td></tr></tbody></table>';
1027
+ $echo_str .= "\n\t\t\t".'</div>';
1028
+ $echo_str .= "\n\t\t\t".'<label>Add '.$slug.' to </label><select id="wfu_page_type_'.$inc.'" onchange="document.getElementById(\'wfu_page_list_'.$inc.'\').style.display = (this.value == \'page\' ? \'inline-block\' : \'none\'); document.getElementById(\'wfu_post_list_'.$inc.'\').style.display = (this.value == \'post\' ? \'inline-block\' : \'none\'); '.$onchange_js.'"><option value="page" selected="selected">Page</option><option value="post">Post</option></select>';
1029
+ $echo_str .= "\n\t\t\t".'<select id="wfu_page_list_'.$inc.'" style="margin-bottom:6px;" onchange="'.$onchange_js.'">';
1030
+ $echo_str .= "\n\t\t\t\t".'<option value=""></option>';
1031
+ foreach ( $pagelist as $item )
1032
+ $echo_str .= "\n\t\t\t\t".'<option value="'.$item['id'].'">'.str_repeat('&nbsp;', 4 * $item['level']).( $item['status'] == 1 ? '[Private]' : ( $item['status'] == 2 ? '[Draft]' : '' ) ).$item['title'].'</option>';
1033
+ $echo_str .= "\n\t\t\t".'</select>';
1034
+ $echo_str .= "\n\t\t\t".'<select id="wfu_post_list_'.$inc.'" style="display:none; margin-bottom:6px;" onchange="'.$onchange_js.'">';
1035
+ $echo_str .= "\n\t\t\t\t".'<option value=""></option>';
1036
+ foreach ( $postlist as $item )
1037
+ $echo_str .= "\n\t\t\t\t".'<option value="'.$item['id'].'">'.str_repeat('&nbsp;', 4 * $item['level']).( $item['status'] == 1 ? '[Private]' : ( $item['status'] == 2 ? '[Draft]' : '' ) ).$item['title'].'</option>';
1038
+ $echo_str .= "\n\t\t\t".'</select><br />';
1039
+ $add_shortcode_ticket = wfu_create_random_string(16);
1040
+ WFU_USVAR_store('wfu_add_shortcode_ticket_for_'.$tag, $add_shortcode_ticket);
1041
+ $echo_str .= "\n\t\t".'<button id="wfu_add_plugin_ok_'.$inc.'" style="float:right; margin: 0 2px 0 4px;" disabled="disabled" onclick="document.getElementById(\'wfu_add_plugin_'.$inc.'_overlay\').style.display = \'block\'; window.location = \''.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=add_shortcode&amp;tag='.$tag.'&amp;postid=\' + (document.getElementById(\'wfu_page_type_'.$inc.'\').value == \'page\' ? document.getElementById(\'wfu_page_list_'.$inc.'\').value : document.getElementById(\'wfu_post_list_'.$inc.'\').value) + \'&amp;nonce='.$add_shortcode_ticket.'\';">Ok</button>';
1042
+ $echo_str .= "\n\t\t".'<button style="float:right;" onclick="document.getElementById(\'wfu_page_type_'.$inc.'\').value = \'page\'; document.getElementById(\'wfu_page_list_'.$inc.'\').value = \'\'; document.getElementById(\'wfu_post_list_'.$inc.'\').value = \'\'; document.getElementById(\'wfu_add_plugin_'.$inc.'\').style.display = \'none\'; document.getElementById(\'wfu_add_plugin_button_'.$inc.'\').style.display = \'inline-block\';">Cancel</button>';
1043
+ $echo_str .= "\n\t\t".'</div>';
1044
+ $echo_str .= "\n\t\t".'<table class="wp-list-table widefat fixed striped">';
1045
+ $echo_str .= "\n\t\t\t".'<thead>';
1046
+ $echo_str .= "\n\t\t\t\t".'<tr>';
1047
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="5%" class="manage-column column-primary">';
1048
+ $echo_str .= "\n\t\t\t\t\t\t".'<label>ID</label>';
1049
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
1050
+ // $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="10%" style="text-align:center;">';
1051
+ // $echo_str .= "\n\t\t\t\t\t\t".'<label>ID</label>';
1052
+ // $echo_str .= "\n\t\t\t\t\t".'</th>';
1053
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="10%" class="manage-column">';
1054
+ $echo_str .= "\n\t\t\t\t\t\t".'<label>Contained In</label>';
1055
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
1056
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="30%" class="manage-column">';
1057
+ $echo_str .= "\n\t\t\t\t\t\t".'<label>Page/Post Title</label>';
1058
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
1059
+ $echo_str .= "\n\t\t\t\t\t".'<th scope="col" width="45%" class="manage-column">';
1060
+ $echo_str .= "\n\t\t\t\t\t\t".'<label>Shortcode</label>';
1061
+ $echo_str .= "\n\t\t\t\t\t".'</th>';
1062
+ $echo_str .= "\n\t\t\t\t".'</tr>';
1063
+ $echo_str .= "\n\t\t\t".'</thead>';
1064
+ $echo_str .= "\n\t\t\t".'<tbody>';
1065
+ $i = 1;
1066
+ foreach ( $wfu_shortcodes as $key => $data ) {
1067
+ $widget_id = ( isset($data['widgetid']) ? $data['widgetid'] : '' );
1068
+ if ( $widget_id == "" ) {
1069
+ $id = $data['post_id'];
1070
+ $posttype_obj = get_post_type_object(get_post_type($id));
1071
+ $type = ( $posttype_obj ? $posttype_obj->labels->singular_name : "" );
1072
+ $title = get_the_title($id);
1073
+ if ( trim($title) == "" ) $title = 'ID: '.$id;
1074
+ }
1075
+ else {
1076
+ $type = 'Sidebar';
1077
+ $title = $data['sidebar'];
1078
+ }
1079
+ $data_enc = wfu_safe_store_shortcode_data(wfu_encode_array_to_string($data));
1080
+ $echo_str .= "\n\t\t\t\t".'<tr onmouseover="var actions=document.getElementsByName(\'wfu_shortcode_actions_'.$inc.'\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';} document.getElementById(\'wfu_shortcode_actions_'.$inc.'_'.$i.'\').style.visibility=\'visible\'" onmouseout="var actions=document.getElementsByName(\'wfu_shortcode_actions_'.$inc.'\'); for (var i=0; i<actions.length; i++) {actions[i].style.visibility=\'hidden\';}">';
1081
+ $echo_str .= "\n\t\t\t\t\t".'<td class="column-primary" data-colname="ID">';
1082
+ $echo_str .= "\n\t\t\t\t\t\t".'<a class="row-title" href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag='.$tag.'&data='.$data_enc.'&referer=dashboard" title="Instance #'.$i.'">Instance '.$i.'</a>';
1083
+ $echo_str .= "\n\t\t\t\t\t\t".'<div id="wfu_shortcode_actions_'.$inc.'_'.$i.'" name="wfu_shortcode_actions_'.$inc.'" style="visibility:hidden;">';
1084
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<span>';
1085
+ $echo_str .= "\n\t\t\t\t\t\t\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=edit_shortcode&tag='.$tag.'&data='.$data_enc.'&referer=dashboard" title="Edit this shortcode">Edit</a>';
1086
+ $echo_str .= "\n\t\t\t\t\t\t\t\t".' | ';
1087
+ $echo_str .= "\n\t\t\t\t\t\t\t".'</span>';
1088
+ $echo_str .= "\n\t\t\t\t\t\t\t".'<span>';
1089
+ $echo_str .= "\n\t\t\t\t\t\t\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&action=delete_shortcode&data='.$data_enc.'" title="Delete this shortcode">Delete</a>';
1090
+ $echo_str .= "\n\t\t\t\t\t\t\t".'</span>';
1091
+ $echo_str .= "\n\t\t\t\t\t\t".'</div>';
1092
+ $echo_str .= "\n\t\t\t\t\t\t".'<button type="button" class="toggle-row"><span class="screen-reader-text">Show more details</span></button>';
1093
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
1094
+ // $echo_str .= "\n\t\t\t\t\t".'<td style="padding: 5px 5px 5px 10px; text-align:center;">'.$id.'</td>';
1095
+ $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Contained In">'.$type.'</td>';
1096
+ $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Page/Post Title">'.$title.'</td>';
1097
+ $echo_str .= "\n\t\t\t\t\t".'<td data-colname="Shortcode">';
1098
+ $echo_str .= "\n\t\t\t\t\t\t".'<textarea rows="3" disabled="disabled" style="width:100%;">'.trim($data['shortcode']).'</textarea>';
1099
+ $echo_str .= "\n\t\t\t\t\t".'</td>';
1100
+ $echo_str .= "\n\t\t\t\t".'</tr>';
1101
+ $i++;
1102
+ }
1103
+ $echo_str .= "\n\t\t\t".'</tbody>';
1104
+ $echo_str .= "\n\t\t".'</table>';
1105
+
1106
+ return $echo_str;
1107
+ }
1108
+
1109
+ /**
1110
+ * Get Shortcodes Contained In A Post.
1111
+ *
1112
+ * This function returns an array of shortcodes contained inside a post.
1113
+ *
1114
+ * @since 2.5.4
1115
+ *
1116
+ * @param object $post The post to check for shortcodes.
1117
+ * @param string $tag The shortcode tag to look for.
1118
+ *
1119
+ * @return array An array of shortcodes contained inside the post.
1120
+ */
1121
+ function wfu_get_content_shortcodes($post, $tag) {
1122
+ global $shortcode_tags;
1123
+ $found_shortcodes = array();
1124
+ $content = $post->post_content;
1125
+ if ( false !== strpos( $content, '[' ) ) {
1126
+ $hash = hash('md5', $content);
1127
+ if ( array_key_exists( $tag, $shortcode_tags ) ) wfu_match_shortcode_nested($tag, $post, $hash, $content, 0, $found_shortcodes);
1128
+ }
1129
+ /**
1130
+ * Let Custom Scripts Modify the Found Shortcodes.
1131
+ *
1132
+ * This filter allows to execute custom scripts in order to modify the
1133
+ * found shortcodes. It allows to make the plugin compatible with page
1134
+ * builders, like Elementor, that do not handle posts / pages the way
1135
+ * Wordpress does.
1136
+ *
1137
+ * @since 4.12.2
1138
+ *
1139
+ * @param array $found_shortcodes The list of found shortcodes.
1140
+ * @param object $post The post to check for shortcodes.
1141
+ * @param string $tag The shortcode tag to look for.
1142
+ */
1143
+ $found_shortcodes = apply_filters("_wfu_get_content_shortcodes", $found_shortcodes, $post, $tag);
1144
+
1145
+ if ( count($found_shortcodes) == 0 ) $found_shortcodes = false;
1146
+
1147
+ return $found_shortcodes;
1148
+ }
1149
+
1150
+ /**
1151
+ * Match Shortcodes.
1152
+ *
1153
+ * This function matches all shortcodes inside post contents. It performs
1154
+ * matching recursively in order to identify shortcodes contained in other
1155
+ * shortcodes.
1156
+ *
1157
+ * @since 2.7.6
1158
+ *
1159
+ * @param string $tag The shortcode tag to look for.
1160
+ * @param object $post The post to check for shortcodes.
1161
+ * @param string $hash A unique hash representing the current contents of the
1162
+ * post.
1163
+ * @param string $content The content where to look for shortcodes.
1164
+ * @param integer $position The starting position of content.
1165
+ * @param array $found_shortcodes An array of already found shortcodes that must
1166
+ * be filled by additional shortcodes found from this function.
1167
+ */
1168
+ function wfu_match_shortcode_nested($tag, $post, $hash, $content, $position, &$found_shortcodes) {
1169
+ if ( false === strpos( $content, '[' ) ) return false;
1170
+ preg_match_all( '/' . get_shortcode_regex() . '/s', $content, $matches, PREG_SET_ORDER | PREG_OFFSET_CAPTURE );
1171
+ if ( empty( $matches ) ) return false;
1172
+ foreach ( $matches as $shortcode ) {
1173
+ if ( $tag === $shortcode[2][0] ) {
1174
+ $data['post_id'] = $post->ID;
1175
+ $data['post_hash'] = $hash;
1176
+ $data['shortcode'] = $shortcode[0][0];
1177
+ $data['position'] = (int)$shortcode[0][1] + (int)$position;
1178
+ array_push($found_shortcodes, $data);
1179
+ }
1180
+ wfu_match_shortcode_nested($tag, $post, $hash, $shortcode[5][0], $shortcode[5][1] + (int)$position, $found_shortcodes);
1181
+ }
1182
+ return false;
1183
+ }
1184
+
1185
+ /**
1186
+ * Check Whether Shortcode Can Be Edited.
1187
+ *
1188
+ * This function checks whether the shortcode submitted for editing can actually
1189
+ * be edited. It checks whether the hash of the post, where the shortcode is
1190
+ * contained, is the same with the one stored in the shortcode data. If it is
1191
+ * not, then this means that the page contents have changed, so the shortcode
1192
+ * cannot be edited and the user will have to reload the page before editing the
1193
+ * shortcode.
1194
+ *
1195
+ * @since 2.6.0
1196
+ *
1197
+ * @param array $data The shortcode data to check.
1198
+ *
1199
+ * @return bool True if the shortcode can be edited, false otherwise.
1200
+ */
1201
+ function wfu_check_edit_shortcode($data) {
1202
+ $post = get_post($data['post_id']);
1203
+ /** This filter is described in wfu_loader.php */
1204
+ $content = apply_filters("_wfu_get_post_content", $post->post_content, $post);
1205
+ $hash = hash('md5', $content);
1206
+
1207
+ return ( $hash == $data['post_hash'] );
1208
+ }
1209
+
1210
+ /**
1211
+ * Add Shortcode Inside Post.
1212
+ *
1213
+ * This function adds a shortcode at the beginning of post's contents.
1214
+ *
1215
+ * @since 2.7.6
1216
+ *
1217
+ * @param integer $postid The post ID where to add the shortcode.
1218
+ * $param string $tag The shortcode tag to add in post.
1219
+ *
1220
+ * @return bool True if the shortcode was added successfully inside the post,
1221
+ * false otherwise.
1222
+ */
1223
+ function wfu_add_shortcode($postid, $tag) {
1224
+ /**
1225
+ * Let Custom Scripts Add a Shortcode to Post.
1226
+ *
1227
+ * This filter allows to customize the way that a shortcode is added in a
1228
+ * post / page. It allows to make the plugin compatible with page builders,
1229
+ * like Elementor, that do not handle posts / pages the way Wordpress does.
1230
+ *
1231
+ * @since 4.12.2
1232
+ *
1233
+ * @param integer $postid The post ID where to add the shortcode.
1234
+ * @param string $tag The shortcode tag to add in post.
1235
+ */
1236
+ $result = apply_filters("_wfu_add_shortcode", null, $postid, $tag);
1237
+ if ( $result == null ) {
1238
+ $post = get_post($postid);
1239
+ $new_content = '['.$tag.']'.$post->post_content;
1240
+ $new_post = array( 'ID' => $postid, 'post_content' => $new_content );
1241
+ $result = ( wp_update_post( wfu_slash($new_post) ) === 0 ? false : true );
1242
+ }
1243
+ return $result;
1244
+ }
1245
+
1246
+ /**
1247
+ * Replace Shortcode Inside Post.
1248
+ *
1249
+ * This function replaces a shortcode inside post's contents.
1250
+ *
1251
+ * @since 2.6.0
1252
+ *
1253
+ * @param array $data {
1254
+ * Contains information about the shortcode.
1255
+ *
1256
+ * $type integer $post_id The ID of the post that contains the shortcode.
1257
+ * $type string $post_hash A hash that represents the current post contents.
1258
+ * $type string $shortcode The shortcode string to be replaced.
1259
+ * $type integer $position The position of the shortcode inside post's
1260
+ * contents.
1261
+ * }
1262
+ * $param string $new_shortcode The new shortcode.
1263
+ *
1264
+ * @return bool True if the shortcode was replaced successfully, false
1265
+ * otherwise.
1266
+ */
1267
+ function wfu_replace_shortcode($data, $new_shortcode) {
1268
+ /**
1269
+ * Let Custom Scripts Modify Shortcode Replacement.
1270
+ *
1271
+ * This filter allows to customize the way that a shortcode is replaced. It
1272
+ * allows to make the plugin compatible with page builders, like Elementor,
1273
+ * that do not handle posts / pages the way Wordpress does.
1274
+ *
1275
+ * @since 4.12.2
1276
+ *
1277
+ * @param bool|null $result The result of shortcode replacement. It must be
1278
+ * true if the replacement succeeded, false if it failed or null if
1279
+ * no replacement operation occurred.
1280
+ * @param array $data Contains information about the shortcode.
1281
+ * $param string $new_shortcode The new shortcode.
1282
+ */
1283
+ $result = apply_filters("_wfu_replace_shortcode", null, $data, $new_shortcode);
1284
+ if ( $result == null ) {
1285
+ $post = get_post($data['post_id']);
1286
+ $new_content = substr($post->post_content, 0, $data['position']).$new_shortcode.substr($post->post_content, (int)$data['position'] + strlen($data['shortcode']));
1287
+ $new_post = array( 'ID' => $data['post_id'], 'post_content' => $new_content );
1288
+ $result = ( wp_update_post( wfu_slash($new_post) ) === 0 ? false : true );
1289
+ }
1290
+ return $result;
1291
+ }
1292
+
1293
+ /**
1294
+ * Generate Page for Confirmation of Deletion of Shortcode.
1295
+ *
1296
+ * This function generates the HTML code of the page to ask from the user to
1297
+ * confirm deletion of the selected shortcode.
1298
+ *
1299
+ * @since 2.7.0
1300
+ *
1301
+ * $param string $data_enc Code that represents the shortcode data stored in
1302
+ * safe.
1303
+ *
1304
+ * @return string The HTML code of the deletion confirmation page.
1305
+ */
1306
+ function wfu_delete_shortcode_prompt($data_enc) {
1307
+ $siteurl = site_url();
1308
+ $data = wfu_decode_array_from_string(wfu_get_shortcode_data_from_safe($data_enc));
1309
+ $postid = $data['post_id'];
1310
+ $echo_str = "\n".'<div class="wrap">';
1311
+ $echo_str .= "\n\t".'<h2>Wordpress File Upload Control Panel</h2>';
1312
+ $echo_str .= "\n\t".'<div style="margin-top:20px;">';
1313
+ $echo_str .= "\n\t\t".'<a href="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload&amp;action=manage_mainmenu" class="button" title="go back">Go to Main Menu</a>';
1314
+ $echo_str .= "\n\t".'</div>';
1315
+ $echo_str .= "\n\t".'<h2 style="margin-bottom: 10px; margin-top: 20px;">Delete Shortcode</h2>';
1316
+ $echo_str .= "\n\t".'<form enctype="multipart/form-data" name="deletefile" id="deleteshortcode" method="post" action="'.$siteurl.'/wp-admin/options-general.php?page=wordpress_file_upload" class="validate">';
1317
+ $echo_str .= "\n\t\t".'<input type="hidden" name="action" value="deleteshortcode">';
1318
+ $echo_str .= "\n\t\t".'<input type="hidden" name="data" value="'.$data_enc.'">';
1319
+ $echo_str .= "\n\t\t".'<label>Are you sure that you want to delete shortcode for <strong>'.get_post_type($postid).' "'.get_the_title($postid).'" ('.$postid.') Position '.$data['position'].'</strong> ?</label><br/>';
1320
+ $echo_str .= "\n\t\t".'<p class="submit">';
1321
+ $echo_str .= "\n\t\t\t".'<input type="submit" class="button-primary" name="submit" value="Delete">';
1322
+ $echo_str .= "\n\t\t\t".'<input type="submit" class="button-primary" name="submit" value="Cancel">';
1323
+ $echo_str .= "\n\t\t".'</p>';
1324
+ $echo_str .= "\n\t".'</form>';
1325
+ $echo_str .= "\n".'</div>';
1326
+ return $echo_str;
1327
+ }
1328
+
1329
+ /**
1330
+ * Deletion Shortcode.
1331
+ *
1332
+ * This function deletes a shortcode from page contents.
1333
+ *
1334
+ * @since 2.7.0
1335
+ *
1336
+ * $param array $data Code that represents the shortcode data stored in
1337
+ * safe. See {@see wfu_replace_shortcode()} for a list of supported
1338
+ * arguments.
1339
+ *
1340
+ * @return bool True if deletion succeeded, false otherwise.
1341
+ */
1342
+ function wfu_delete_shortcode($data) {
1343
+ //check if user is allowed to perform this action
1344
+ if ( !current_user_can( 'manage_options' ) ) return false;
1345
+
1346
+ $res = true;
1347
+ if ( isset($_POST['submit']) ) {
1348
+ if ( $_POST['submit'] == "Delete" ) {
1349
+ $res = wfu_replace_shortcode($data, '');
1350
+ }
1351
+ }
1352
+ return $res;
1353
+ }
1354
+
1355
+ /**
1356
+ * Add Custom Properties to Media Editor.
1357
+ *
1358
+ * When "Show Custom Fields in Media Library" option in plugin's Settings is
1359
+ * true then Media Library attachments created by uploaded files will contain
1360
+ * custom fields corresponding to the uploaded files' userdata (if any). This
1361
+ * function shows these custom fields when editing the Media Library attachment.
1362
+ *
1363
+ * @since 3.7.2
1364
+ *
1365
+ * @redeclarable
1366
+ */
1367
+ function wfu_media_editor_properties() {
1368
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
1369
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
1370
+ if ( $plugin_options["mediacustom"] != "1" ) return;
1371
+
1372
+ $post = get_post();
1373
+ $meta = wp_get_attachment_metadata( $post->ID );
1374
+
1375
+ $echo_str = "";
1376
+ if ( isset($meta["WFU User Data"]) && is_array($meta["WFU User Data"]) ) {
1377
+ foreach ( $meta["WFU User Data"] as $label => $value )
1378
+ $echo_str .= '<div class="misc-pub-section misc-pub-userdata">'.$label.': <strong>'.$value.'</strong></div>';
1379
+ }
1380
+ echo $echo_str;
1381
+ }
1382
+
1383
  ?>
lib/wfu_ajaxactions.php CHANGED
@@ -567,7 +567,9 @@ function wfu_ajax_action_save_shortcode() {
567
  $new_shortcode = "[".$shortcode_tag." ".$shortcode."]";
568
  if ( wfu_replace_shortcode($data, $new_shortcode) ) {
569
  $post = get_post($post_id);
570
- $hash = hash('md5', $post->post_content);
 
 
571
  $echo_str = "wfu_save_shortcode:success:".$hash;
572
  }
573
  else $echo_str = "wfu_save_shortcode:fail:post_update_failed";
@@ -1020,7 +1022,8 @@ function wfu_ajax_action_download_file_invoker() {
1020
  //ticket, similar to nonces, is passed to the download script to check that
1021
  //it is not a CSRF attack; moreover,the ticket is destroyed by the time it
1022
  //is consumed by the download script, so it cannot be used again
1023
- $response["html"] = '<iframe src="'.WFU_DOWNLOADER_URL.'?file='.$file_code.'&ticket='.$download_id.'&handler='.$wfu_user_state_handler.'&session_legacy='.( WFU_VAR("WFU_US_SESSION_LEGACY") == "true" ? '1' : '0' ).'&dboption_base='.WFU_VAR("WFU_US_DBOPTION_BASE").'" style="display: none;"></iframe>';
 
1024
  //if user state handler is set to dboption (cookies), then tickets and other
1025
  //variables must pass to the download script as cookies; the cookies are
1026
  //passed in the response of this function, so that the client browser can
567
  $new_shortcode = "[".$shortcode_tag." ".$shortcode."]";
568
  if ( wfu_replace_shortcode($data, $new_shortcode) ) {
569
  $post = get_post($post_id);
570
+ /** This filter is described in wfu_loader.php */
571
+ $content = apply_filters("_wfu_get_post_content", $post->post_content, $post);
572
+ $hash = hash('md5', $content);
573
  $echo_str = "wfu_save_shortcode:success:".$hash;
574
  }
575
  else $echo_str = "wfu_save_shortcode:fail:post_update_failed";
1022
  //ticket, similar to nonces, is passed to the download script to check that
1023
  //it is not a CSRF attack; moreover,the ticket is destroyed by the time it
1024
  //is consumed by the download script, so it cannot be used again
1025
+ $urlparams = 'file='.$file_code.'&ticket='.$download_id.'&handler='.$wfu_user_state_handler.'&session_legacy='.( WFU_VAR("WFU_US_SESSION_LEGACY") == "true" ? '1' : '0' ).'&dboption_base='.WFU_VAR("WFU_US_DBOPTION_BASE").'&wfu_cookie='.WPFILEUPLOAD_COOKIE;
1026
+ $response["html"] = '<iframe src="'.WFU_DOWNLOADER_URL.'?'.$urlparams.'" style="display: none;"></iframe>';
1027
  //if user state handler is set to dboption (cookies), then tickets and other
1028
  //variables must pass to the download script as cookies; the cookies are
1029
  //passed in the response of this function, so that the client browser can
lib/wfu_functions.php CHANGED
@@ -340,18 +340,31 @@ function wfu_plugin_decode_string($string) {
340
  * @since 2.1.2
341
  *
342
  * @param integer $len The length of the string.
 
343
  *
344
  * @return string The random string.
345
  */
346
- function wfu_create_random_string($len) {
347
- $base = 'ABCDEFGHKLMNOPQRSTWXYZabcdefghjkmnpqrstwxyz123456789';
348
- $max = strlen($base) - 1;
 
 
 
 
 
 
349
  $activatecode = '';
350
  if ( WFU_VAR("WFU_ALTERNATIVE_RANDOMIZER") != "true" )
351
  mt_srand((double)microtime()*1000000);
352
  else mt_srand((double)substr(uniqid("", true), 15));
353
- while (strlen($activatecode) < $len)
354
- $activatecode .= $base{mt_rand(0, $max)};
 
 
 
 
 
 
355
  return $activatecode;
356
  }
357
 
340
  * @since 2.1.2
341
  *
342
  * @param integer $len The length of the string.
343
+ * @param bool $hex True if a hex string must be generated.
344
  *
345
  * @return string The random string.
346
  */
347
+ function wfu_create_random_string($len, $hex = false) {
348
+ $base1 = 'ABCDEFGHKLMNOPQRSTWXYZabcdefghjkmnpqrstwxyz123456789';
349
+ $base2 = 'ABCDEFGHKLMNOPQRSTWXYZabcdefghjkmnpqrstwxyz123456789';
350
+ if ( $hex ) {
351
+ $base1 = 'abcdef123456789';
352
+ $base2 = 'abcdef0123456789';
353
+ }
354
+ $max1 = strlen($base1) - 1;
355
+ $max2 = strlen($base2) - 1;
356
  $activatecode = '';
357
  if ( WFU_VAR("WFU_ALTERNATIVE_RANDOMIZER") != "true" )
358
  mt_srand((double)microtime()*1000000);
359
  else mt_srand((double)substr(uniqid("", true), 15));
360
+ $is_first = true;
361
+ while (strlen($activatecode) < $len) {
362
+ if ( $is_first ) {
363
+ $activatecode .= $base1{mt_rand(0, $max1)};
364
+ $is_first = false;
365
+ }
366
+ else $activatecode .= $base2{mt_rand(0, $max2)};
367
+ }
368
  return $activatecode;
369
  }
370
 
lib/wfu_pd_classes.php CHANGED
@@ -1,273 +1,477 @@
1
- <?php
2
-
3
- class WFU_Personal_Data_Policy {
4
- private $name;
5
- private $description;
6
-
7
- private $consent_policy;
8
- private $permissions_policy;
9
- private $log_policy;
10
- private $parameters;
11
-
12
- private $roles_included;
13
- private $roles_excluded;
14
- private $users_included;
15
- private $users_excluded;
16
-
17
- function __construct() {
18
- $this->name = "Personal Data Policy";
19
- $this->_initialize_consent_policy();
20
- $this->_initialize_permissions_policy();
21
- $this->_initialize_log_policy();
22
- $this->_initialize_parameters();
23
- $this->roles_included = array( "all" );
24
- $this->roles_excluded = array();
25
- $this->users_included = array();
26
- $this->users_excluded = array();
27
- }
28
-
29
- private function _initialize_consent_policy() {
30
- $operationdefs = wfu_personal_data_operations();
31
- $operations_indexed = array();
32
- $operations_slug_index = array();
33
- $operations_children_index = array();
34
- //extract only atomic operations
35
- foreach ( $operationdefs as $def ) {
36
- $opID = $def["ID"];
37
- $operations_indexed[$opID] = $def;
38
- $operations_indexed[$opID]["ref_count"] = 0;
39
- $operations_indexed[$opID]["children"] = array();
40
- }
41
- //set ref_count property to count how many times operation appears as
42
- //parent
43
- foreach ( $operations_indexed as $ind => $def )
44
- if ( $def["Parent"] > 0 ) {
45
- $operations_indexed[$def["Parent"]]["ref_count"] ++;
46
- $ind2 = $def["Parent"];
47
- while ( $ind2 > 0 ) {
48
- array_push($operations_indexed[$ind2]["children"], $ind);
49
- $ind2 = $operations_indexed[$ind2]["Parent"];
50
- }
51
- }
52
- foreach ( $operations_indexed as $ind => $def ) {
53
- $operations_children_index[$ind] = $def["children"];
54
- //remove ref_count property, we do not need it anymore
55
- unset($operations_indexed[$ind]["ref_count"]);
56
- //set all operations allowed property by default allowed state
57
- $operations_indexed[$ind]["Allowed"] = ( $operations_indexed[$ind]["DefAllowed"] == 1 );
58
- //set all operations needsconsent property by default consent state
59
- $operations_indexed[$ind]["NeedsConsent"] = ( $operations_indexed[$ind]["DefAllowed"] == 1 && $operations_indexed[$ind]["DefConsent"] == 1 );
60
- //create index of slugs pointing to the operations
61
- $slug = $operations_indexed[$ind]["Slug"];
62
- if ( !isset($operations_slug_index[$slug]) ) $operations_slug_index[$slug] = array();
63
- array_push($operations_slug_index[$slug], $ind);
64
- }
65
- //initialize consent questions; by default only one question is defined
66
- //for all operations requiring consent
67
- $defitem = array(
68
- "index" => 1,
69
- "label" => "I agree to allow the plugin to use my personal data",
70
- "location" => "right",
71
- "preselect" => 0,
72
- "operations" => array()
73
- );
74
- foreach ( $operations_indexed as $def )
75
- if ( $def["NeedsConsent"] ) $defitem["operations"][$def["ID"]] = 1;
76
- $defquestion = array(
77
- "title" => "",
78
- "location" => "top",
79
- "x" => 1,
80
- "y" => 1,
81
- "grouped" => 0,
82
- "type" => "checkbox",
83
- "items" => array( $defitem )
84
- );
85
- $defquestions = array( $defquestion );
86
- $this->consent_policy = array(
87
- "structure" => wfu_get_pd_operations_structure(true),
88
- "children_index" => $operations_children_index,
89
- "operations" => $operations_indexed,
90
- "slugs_index" => $operations_slug_index,
91
- "questions" => $defquestions
92
- );
93
- }
94
-
95
- private function _initialize_permissions_policy() {
96
- $permissiondefs = wfu_personal_data_permissions();
97
- $permissions_indexed = array();
98
- $permissions_slug_index = array();
99
- $permissions_children_index = array();
100
- //extract only atomic permissions
101
- foreach ( $permissiondefs as $def ) {
102
- $perID = $def["ID"];
103
- $permissions_indexed[$perID] = $def;
104
- $permissions_indexed[$perID]["children"] = array();
105
- }
106
- //fill children property
107
- foreach ( $permissions_indexed as $ind => $def )
108
- if ( $def["Parent"] > 0 ) {
109
- $ind2 = $def["Parent"];
110
- while ( $ind2 > 0 ) {
111
- array_push($permissions_indexed[$ind2]["children"], $ind);
112
- $ind2 = $permissions_indexed[$ind2]["Parent"];
113
- }
114
- }
115
- foreach ( $permissions_indexed as $ind => $def ) {
116
- $permissions_children_index[$ind] = $def["children"];
117
- //set allowed locations of permissions to default values
118
- $permissions_indexed[$ind]["Allowed"] = $permissions_indexed[$ind]["Default"];
119
- //create index of slugs pointing to the permissions
120
- $slug = $permissions_indexed[$ind]["Slug"];
121
- if ( !isset($permissions_slug_index[$slug]) ) $permissions_slug_index[$slug] = array();
122
- array_push($permissions_slug_index[$slug], $ind);
123
- }
124
- $this->permissions_policy = array(
125
- "structure" => wfu_get_permissions_structure(true),
126
- "children_index" => $permissions_children_index,
127
- "permissions" => $permissions_indexed,
128
- "slugs_index" => $permissions_slug_index
129
- );
130
- }
131
-
132
- private function _initialize_log_policy() {
133
- $logactiondefs = wfu_personal_data_logactions();
134
- $logactions_indexed = array();
135
- $logactions_slug_index = array();
136
- $logactions_children_index = array();
137
- //extract only atomic log actions
138
- foreach ( $logactiondefs as $def ) {
139
- $actID = $def["ID"];
140
- $logactions_indexed[$actID] = $def;
141
- $logactions_indexed[$actID]["ref_count"] = 0;
142
- $logactions_indexed[$actID]["children"] = array();
143
- }
144
- //fill children property
145
- foreach ( $logactions_indexed as $ind => $def )
146
- if ( $def["Parent"] > 0 ) {
147
- $ind2 = $def["Parent"];
148
- while ( $ind2 > 0 ) {
149
- array_push($logactions_indexed[$ind2]["children"], $ind);
150
- $ind2 = $logactions_indexed[$ind2]["Parent"];
151
- }
152
- }
153
- foreach ( $logactions_indexed as $ind => $def ) {
154
- $logactions_children_index[$ind] = $def["children"];
155
- //set allowed entities of log actions to default values
156
- $logactions_indexed[$ind]["Allowed"] = $logactions_indexed[$ind]["Default"];
157
- //create index of slugs pointing to the permissions
158
- $slug = $logactions_indexed[$ind]["Slug"];
159
- if ( !isset($logactions_slug_index[$slug]) ) $logactions_slug_index[$slug] = array();
160
- array_push($logactions_slug_index[$slug], $ind);
161
- }
162
- $this->log_policy = array(
163
- "structure" => wfu_get_logactions_structure(true),
164
- "children_index" => $logactions_children_index,
165
- "logactions" => $logactions_indexed,
166
- "slugs_index" => $logactions_slug_index
167
- );
168
- }
169
-
170
- private function _initialize_parameters() {
171
- $this->parameters = array(
172
- "disclaimer_link" => ""
173
- );
174
- }
175
-
176
- public function get_name() {
177
- return $this->name;
178
- }
179
-
180
- public function set_name($name) {
181
- $this->name = $name;
182
- }
183
-
184
- public function get_consent_policy($compact = false) {
185
- $conpol = $this->consent_policy;
186
- //if a compact structure is required then remove unnecessary items from
187
- //operations array
188
- if ( $compact ) {
189
- foreach ( $conpol["operations"] as &$op ) {
190
- unset($op["Description"]);
191
- }
192
- }
193
- return $conpol;
194
- }
195
-
196
- public function get_permissions_policy($compact = false) {
197
- $perpol = $this->permissions_policy;
198
- //if a compact structure is required then remove unnecessary items from
199
- //permissions array
200
- if ( $compact ) {
201
- foreach ( $perpol["permissions"] as &$per ) {
202
- unset($per["Description"]);
203
- }
204
- }
205
- return $perpol;
206
- }
207
-
208
- public function get_logactions_policy($compact = false) {
209
- $logpol = $this->log_policy;
210
- //if a compact structure is required then remove unnecessary items from
211
- //log actions array
212
- if ( $compact ) {
213
- foreach ( $logpol["logactions"] as &$act ) {
214
- unset($act["Description"]);
215
- }
216
- }
217
- return $logpol;
218
- }
219
-
220
- public function get_parameters() {
221
- return $this->parameters;
222
- }
223
-
224
- public function get_assigned_users() {
225
- $users = array();
226
- $users["roles_included"] = $this->roles_included;
227
- $users["roles_excluded"] = $this->roles_excluded;
228
- $users["users_included"] = $this->users_included;
229
- $users["users_excluded"] = $this->users_excluded;
230
- return $users;
231
- }
232
-
233
- public function export_policy() {
234
- $export_data = array();
235
- //process basic info
236
- $export_data["name"] = $this->name;
237
- $export_data["description"] = $this->description;
238
- //process consent policy
239
- $export_data["operations_allowed"] = array();
240
- $export_data["operations_needing_consent"] = array();
241
- foreach ($this->consent_policy["operations"] as $id => $operation ) {
242
- $allowed = ( count($operation["children"]) == 0 && $operation["Allowed"] );
243
- $needs_consent = ( $allowed && $operation["NeedsConsent"] );
244
- if ( $allowed ) array_push($export_data["operations_allowed"], $id);
245
- if ( $needs_consent ) array_push($export_data["operations_needing_consent"], $id);
246
- }
247
- $export_data["consent_questions"] = $this->consent_policy["questions"];
248
- //process permissions policy
249
- $export_data["permissions_allowed"] = array();
250
- foreach ($this->permissions_policy["permissions"] as $id => $permission ) {
251
- $allowed = ( count($permission["children"]) == 0 && $permission["Allowed"] ); $needs_consent = ( $allowed && $operation["NeedsConsent"] );
252
- if ( $allowed ) array_push($export_data["permissions_allowed"], $id);
253
- }
254
- //process log actions policy
255
- $export_data["logactions_allowed"] = array();
256
- foreach ($this->log_policy["logactions"] as $id => $logaction ) {
257
- $allowed = ( count($logaction["children"]) == 0 && $logaction["Allowed"] ); $needs_consent = ( $allowed && $operation["NeedsConsent"] );
258
- if ( $allowed ) array_push($export_data["logactions_allowed"], $id);
259
- }
260
- //process users
261
- $export_data["roles_included"] = $this->roles_included;
262
- $export_data["roles_excluded"] = $this->roles_excluded;
263
- $export_data["users_included"] = $this->users_included;
264
- $export_data["users_excluded"] = $this->users_excluded;
265
- //process parameters
266
- $export_data["parameters"] = $this->parameters;
267
-
268
- return $export_data;
269
- }
270
-
271
- }
272
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
273
  ?>
1
+ <?php
2
+
3
+ /**
4
+ * Defines Personal Data class of Plugin
5
+ *
6
+ * This file contains the definition for Personal Data class of the plugin.
7
+ *
8
+ * @link /lib/wfu_pd_classes.php
9
+ *
10
+ * @package WordPress File Upload Plugin
11
+ * @subpackage Core Components
12
+ * @since 4.5.0
13
+ */
14
+
15
+ /**
16
+ * Personal Data Policy Class
17
+ *
18
+ * This class contains the personal data policy employed by the plugin.
19
+ *
20
+ * @since 4.5.0
21
+ */
22
+ class WFU_Personal_Data_Policy {
23
+
24
+ /**
25
+ * Personal Data Policy Name.
26
+ *
27
+ * @since 4.5.0
28
+ * @var string $name
29
+ */
30
+ private $name;
31
+
32
+ /**
33
+ * Personal Data Policy Description.
34
+ *
35
+ * @since 4.5.0
36
+ * @var string $description
37
+ */
38
+ private $description;
39
+
40
+ /**
41
+ * Personal Data Policy Properties.
42
+ *
43
+ * @since 4.5.0
44
+ * @var array $consent_policy An array of personal data policy properties.
45
+ */
46
+ private $consent_policy;
47
+
48
+ /**
49
+ * Personal Data Policy Permissions.
50
+ *
51
+ * @since 4.5.0
52
+ * @var array $permissions_policy An array of personal data policy
53
+ * permissions.
54
+ */
55
+ private $permissions_policy;
56
+
57
+ /**
58
+ * Personal Data Log Policy.
59
+ *
60
+ * @since 4.5.0
61
+ * @var array $log_policy An array of personal data log policy.
62
+ */
63
+ private $log_policy;
64
+
65
+ /**
66
+ * Personal Data Policy Parameters.
67
+ *
68
+ * @since 4.5.0
69
+ * @var array $parameters
70
+ */
71
+ private $parameters;
72
+
73
+ /**
74
+ * User Roles affected by Personal Data Policy.
75
+ *
76
+ * @since 4.5.0
77
+ * @var array $roles_included
78
+ */
79
+ private $roles_included;
80
+
81
+ /**
82
+ * User Roles excluded from Personal Data Policy.
83
+ *
84
+ * @since 4.5.0
85
+ * @var array $roles_excluded
86
+ */
87
+ private $roles_excluded;
88
+
89
+ /**
90
+ * Individual users affected by Personal Data Policy.
91
+ *
92
+ * @since 4.5.0
93
+ * @var array $users_included
94
+ */
95
+ private $users_included;
96
+
97
+ /**
98
+ * Individual users excluded from Personal Data Policy.
99
+ *
100
+ * @since 4.5.0
101
+ * @var array $users_excluded
102
+ */
103
+ private $users_excluded;
104
+
105
+ /**
106
+ * Class initialization function.
107
+ *
108
+ * This function initializes a new class object.
109
+ *
110
+ * @since 4.5.0
111
+ */
112
+ function __construct() {
113
+ $this->name = "Personal Data Policy";
114
+ $this->_initialize_consent_policy();
115
+ $this->_initialize_permissions_policy();
116
+ $this->_initialize_log_policy();
117
+ $this->_initialize_parameters();
118
+ $this->roles_included = array( "all" );
119
+ $this->roles_excluded = array();
120
+ $this->users_included = array();
121
+ $this->users_excluded = array();
122
+ }
123
+
124
+ /**
125
+ * Initialize Consent Policy Properties.
126
+ *
127
+ * This function initializes the consent policy properties.
128
+ *
129
+ * @since 4.5.0
130
+ */
131
+ private function _initialize_consent_policy() {
132
+ $operationdefs = wfu_personal_data_operations();
133
+ $operations_indexed = array();
134
+ $operations_slug_index = array();
135
+ $operations_children_index = array();
136
+ //extract only atomic operations
137
+ foreach ( $operationdefs as $def ) {
138
+ $opID = $def["ID"];
139
+ $operations_indexed[$opID] = $def;
140
+ $operations_indexed[$opID]["ref_count"] = 0;
141
+ $operations_indexed[$opID]["children"] = array();
142
+ }
143
+ //set ref_count property to count how many times operation appears as
144
+ //parent
145
+ foreach ( $operations_indexed as $ind => $def )
146
+ if ( $def["Parent"] > 0 ) {
147
+ $operations_indexed[$def["Parent"]]["ref_count"] ++;
148
+ $ind2 = $def["Parent"];
149
+ while ( $ind2 > 0 ) {
150
+ array_push($operations_indexed[$ind2]["children"], $ind);
151
+ $ind2 = $operations_indexed[$ind2]["Parent"];
152
+ }
153
+ }
154
+ foreach ( $operations_indexed as $ind => $def ) {
155
+ $operations_children_index[$ind] = $def["children"];
156
+ //remove ref_count property, we do not need it anymore
157
+ unset($operations_indexed[$ind]["ref_count"]);
158
+ //set all operations allowed property by default allowed state
159
+ $operations_indexed[$ind]["Allowed"] = ( $operations_indexed[$ind]["DefAllowed"] == 1 );
160
+ //set all operations needsconsent property by default consent state
161
+ $operations_indexed[$ind]["NeedsConsent"] = ( $operations_indexed[$ind]["DefAllowed"] == 1 && $operations_indexed[$ind]["DefConsent"] == 1 );
162
+ //create index of slugs pointing to the operations
163
+ $slug = $operations_indexed[$ind]["Slug"];
164
+ if ( !isset($operations_slug_index[$slug]) ) $operations_slug_index[$slug] = array();
165
+ array_push($operations_slug_index[$slug], $ind);
166
+ }
167
+ //initialize consent questions; by default only one question is defined
168
+ //for all operations requiring consent
169
+ $defitem = array(
170
+ "index" => 1,
171
+ "label" => "I agree to allow the plugin to use my personal data",
172
+ "location" => "right",
173
+ "preselect" => 0,
174
+ "operations" => array()
175
+ );
176
+ foreach ( $operations_indexed as $def )
177
+ if ( $def["NeedsConsent"] ) $defitem["operations"][$def["ID"]] = 1;
178
+ $defquestion = array(
179
+ "title" => "",
180
+ "location" => "top",
181
+ "x" => 1,
182
+ "y" => 1,
183
+ "grouped" => 0,
184
+ "type" => "checkbox",
185
+ "items" => array( $defitem )
186
+ );
187
+ $defquestions = array( $defquestion );
188
+ $this->consent_policy = array(
189
+ "structure" => wfu_get_pd_operations_structure(true),
190
+ "children_index" => $operations_children_index,
191
+ "operations" => $operations_indexed,
192
+ "slugs_index" => $operations_slug_index,
193
+ "questions" => $defquestions
194
+ );
195
+ }
196
+
197
+ /**
198
+ * Initialize Consent Policy Permissions.
199
+ *
200
+ * This function initializes the consent policy permissions.
201
+ *
202
+ * @since 4.5.0
203
+ */
204
+ private function _initialize_permissions_policy() {
205
+ $permissiondefs = wfu_personal_data_permissions();
206
+ $permissions_indexed = array();
207
+ $permissions_slug_index = array();
208
+ $permissions_children_index = array();
209
+ //extract only atomic permissions
210
+ foreach ( $permissiondefs as $def ) {
211
+ $perID = $def["ID"];
212
+ $permissions_indexed[$perID] = $def;
213
+ $permissions_indexed[$perID]["children"] = array();
214
+ }
215
+ //fill children property
216
+ foreach ( $permissions_indexed as $ind => $def )
217
+ if ( $def["Parent"] > 0 ) {
218
+ $ind2 = $def["Parent"];
219
+ while ( $ind2 > 0 ) {
220
+ array_push($permissions_indexed[$ind2]["children"], $ind);
221
+ $ind2 = $permissions_indexed[$ind2]["Parent"];
222
+ }
223
+ }
224
+ foreach ( $permissions_indexed as $ind => $def ) {
225
+ $permissions_children_index[$ind] = $def["children"];
226
+ //set allowed locations of permissions to default values
227
+ $permissions_indexed[$ind]["Allowed"] = $permissions_indexed[$ind]["Default"];
228
+ //create index of slugs pointing to the permissions
229
+ $slug = $permissions_indexed[$ind]["Slug"];
230
+ if ( !isset($permissions_slug_index[$slug]) ) $permissions_slug_index[$slug] = array();
231
+ array_push($permissions_slug_index[$slug], $ind);
232
+ }
233
+ $this->permissions_policy = array(
234
+ "structure" => wfu_get_permissions_structure(true),
235
+ "children_index" => $permissions_children_index,
236
+ "permissions" => $permissions_indexed,
237
+ "slugs_index" => $permissions_slug_index
238
+ );
239
+ }
240
+
241
+ /**
242
+ * Initialize Consent Log Policy.
243
+ *
244
+ * This function initializes the consent log policy.
245
+ *
246
+ * @since 4.5.0
247
+ */
248
+ private function _initialize_log_policy() {
249
+ $logactiondefs = wfu_personal_data_logactions();
250
+ $logactions_indexed = array();
251
+ $logactions_slug_index = array();
252
+ $logactions_children_index = array();
253
+ //extract only atomic log actions
254
+ foreach ( $logactiondefs as $def ) {
255
+ $actID = $def["ID"];
256
+ $logactions_indexed[$actID] = $def;
257
+ $logactions_indexed[$actID]["ref_count"] = 0;
258
+ $logactions_indexed[$actID]["children"] = array();
259
+ }
260
+ //fill children property
261
+ foreach ( $logactions_indexed as $ind => $def )
262
+ if ( $def["Parent"] > 0 ) {
263
+ $ind2 = $def["Parent"];
264
+ while ( $ind2 > 0 ) {
265
+ array_push($logactions_indexed[$ind2]["children"], $ind);
266
+ $ind2 = $logactions_indexed[$ind2]["Parent"];
267
+ }
268
+ }
269
+ foreach ( $logactions_indexed as $ind => $def ) {
270
+ $logactions_children_index[$ind] = $def["children"];
271
+ //set allowed entities of log actions to default values
272
+ $logactions_indexed[$ind]["Allowed"] = $logactions_indexed[$ind]["Default"];
273
+ //create index of slugs pointing to the permissions
274
+ $slug = $logactions_indexed[$ind]["Slug"];
275
+ if ( !isset($logactions_slug_index[$slug]) ) $logactions_slug_index[$slug] = array();
276
+ array_push($logactions_slug_index[$slug], $ind);
277
+ }
278
+ $this->log_policy = array(
279
+ "structure" => wfu_get_logactions_structure(true),
280
+ "children_index" => $logactions_children_index,
281
+ "logactions" => $logactions_indexed,
282
+ "slugs_index" => $logactions_slug_index
283
+ );
284
+ }
285
+
286
+ /**
287
+ * Initialize Consent Policy Parameters.
288
+ *
289
+ * This function initializes the consent policy parameters.
290
+ *
291
+ * @since 4.5.0
292
+ */
293
+ private function _initialize_parameters() {
294
+ $this->parameters = array(
295
+ "disclaimer_link" => ""
296
+ );
297
+ }
298
+
299
+ /**
300
+ * Get Consent Policy Name.
301
+ *
302
+ * This function returns the consent policy name.
303
+ *
304
+ * @since 4.5.0
305
+ *
306
+ * @return string The consent policy name.
307
+ */
308
+ public function get_name() {
309
+ return $this->name;
310
+ }
311
+
312
+ /**
313
+ * Set Consent Policy Name.
314
+ *
315
+ * This function sets the consent policy name.
316
+ *
317
+ * @since 4.5.0
318
+ *
319
+ * @param string $name The new consent policy name.
320
+ */
321
+ public function set_name($name) {
322
+ $this->name = $name;
323
+ }
324
+
325
+ /**
326
+ * Get Consent Policy Properties.
327
+ *
328
+ * This function returns the consent policy properties.
329
+ *
330
+ * @since 4.5.0
331
+ *
332
+ * @param bool $compact Optional. True if a compact array without
333
+ * unnecessary items must be returned.
334
+ *
335
+ * @return array The consent policy properties.
336
+ */
337
+ public function get_consent_policy($compact = false) {
338
+ $conpol = $this->consent_policy;
339
+ //if a compact structure is required then remove unnecessary items from
340
+ //operations array
341
+ if ( $compact ) {
342
+ foreach ( $conpol["operations"] as &$op ) {
343
+ unset($op["Description"]);
344
+ }
345
+ }
346
+ return $conpol;
347
+ }
348
+
349
+ /**
350
+ * Get Consent Policy Permissions.
351
+ *
352
+ * This function returns the consent policy permissions.
353
+ *
354
+ * @since 4.5.0
355
+ *
356
+ * @param bool $compact Optional. True if a compact array without
357
+ * unnecessary items must be returned.
358
+ *
359
+ * @return array The consent policy permissions.
360
+ */
361
+ public function get_permissions_policy($compact = false) {
362
+ $perpol = $this->permissions_policy;
363
+ //if a compact structure is required then remove unnecessary items from
364
+ //permissions array
365
+ if ( $compact ) {
366
+ foreach ( $perpol["permissions"] as &$per ) {
367
+ unset($per["Description"]);
368
+ }
369
+ }
370
+ return $perpol;
371
+ }
372
+
373
+ /**
374
+ * Get Consent Log Policy.
375
+ *
376
+ * This function returns the consent log policy.
377
+ *
378
+ * @since 4.5.0
379
+ *
380
+ * @param bool $compact Optional. True if a compact array without
381
+ * unnecessary items must be returned.
382
+ *
383
+ * @return array The consent log policy.
384
+ */
385
+ public function get_logactions_policy($compact = false) {
386
+ $logpol = $this->log_policy;
387
+ //if a compact structure is required then remove unnecessary items from
388
+ //log actions array
389
+ if ( $compact ) {
390
+ foreach ( $logpol["logactions"] as &$act ) {
391
+ unset($act["Description"]);
392
+ }
393
+ }
394
+ return $logpol;
395
+ }
396
+
397
+ /**
398
+ * Get Consent Policy Parameters.
399
+ *
400
+ * This function returns the consent policy parameters.
401
+ *
402
+ * @since 4.5.0
403
+ *
404
+ * @return array The consent policy parameters.
405
+ */
406
+ public function get_parameters() {
407
+ return $this->parameters;
408
+ }
409
+
410
+ /**
411
+ * Get Consent Policy Users.
412
+ *
413
+ * This function returns the users involved in consent policy.
414
+ *
415
+ * @since 4.5.0
416
+ *
417
+ * @return array The consent policy users.
418
+ */
419
+ public function get_assigned_users() {
420
+ $users = array();
421
+ $users["roles_included"] = $this->roles_included;
422
+ $users["roles_excluded"] = $this->roles_excluded;
423
+ $users["users_included"] = $this->users_included;
424
+ $users["users_excluded"] = $this->users_excluded;
425
+ return $users;
426
+ }
427
+
428
+ /**
429
+ * Export Consent Policy.
430
+ *
431
+ * This function exports the consent policy into an array.
432
+ *
433
+ * @since 4.5.0
434
+ *
435
+ * @return array The consent policy.
436
+ */
437
+ public function export_policy() {
438
+ $export_data = array();
439
+ //process basic info
440
+ $export_data["name"] = $this->name;
441
+ $export_data["description"] = $this->description;
442
+ //process consent policy
443
+ $export_data["operations_allowed"] = array();
444
+ $export_data["operations_needing_consent"] = array();
445
+ foreach ($this->consent_policy["operations"] as $id => $operation ) {
446
+ $allowed = ( count($operation["children"]) == 0 && $operation["Allowed"] );
447
+ $needs_consent = ( $allowed && $operation["NeedsConsent"] );
448
+ if ( $allowed ) array_push($export_data["operations_allowed"], $id);
449
+ if ( $needs_consent ) array_push($export_data["operations_needing_consent"], $id);
450
+ }
451
+ $export_data["consent_questions"] = $this->consent_policy["questions"];
452
+ //process permissions policy
453
+ $export_data["permissions_allowed"] = array();
454
+ foreach ($this->permissions_policy["permissions"] as $id => $permission ) {
455
+ $allowed = ( count($permission["children"]) == 0 && $permission["Allowed"] ); $needs_consent = ( $allowed && $operation["NeedsConsent"] );
456
+ if ( $allowed ) array_push($export_data["permissions_allowed"], $id);
457
+ }
458
+ //process log actions policy
459
+ $export_data["logactions_allowed"] = array();
460
+ foreach ($this->log_policy["logactions"] as $id => $logaction ) {
461
+ $allowed = ( count($logaction["children"]) == 0 && $logaction["Allowed"] ); $needs_consent = ( $allowed && $operation["NeedsConsent"] );
462
+ if ( $allowed ) array_push($export_data["logactions_allowed"], $id);
463
+ }
464
+ //process users
465
+ $export_data["roles_included"] = $this->roles_included;
466
+ $export_data["roles_excluded"] = $this->roles_excluded;
467
+ $export_data["users_included"] = $this->users_included;
468
+ $export_data["users_excluded"] = $this->users_excluded;
469
+ //process parameters
470
+ $export_data["parameters"] = $this->parameters;
471
+
472
+ return $export_data;
473
+ }
474
+
475
+ }
476
+
477
  ?>
lib/wfu_pd_definitions.php CHANGED
@@ -1,665 +1,790 @@
1
- <?php
2
-
3
- function wfu_personal_data_types() {
4
- $types = array(
5
- array( "ID" => 1,
6
- "Name" => "File",
7
- "Slug" => "file",
8
- "Description" => "This type refers to uploaded files, which may be considered as personal data.",
9
- "Generic" => 0,
10
- "Default" => 0,
11
- "Data" => ""
12
- ), array( "ID" => 2,
13
- "Name" => "File Data",
14
- "Slug" => "filedata",
15
- "Description" => "This type refers to data captured by the plugin during file upload: upload time, page ID, blog ID and shortcode ID. Though not related to the user, they may be considered as personal data.",
16
- "Generic" => 1,
17
- "Default" => 0,
18
- "Data" => ""
19
- ), array( "ID" => 3,
20
- "Name" => "User Profile Data",
21
- "Slug" => "profiledata",
22
- "Description" => "This type refers to user data (user ID, user name, user email etc.) that the plugin reads from user's profile. By default they are considered as personal data.",
23
- "Generic" => 1,
24
- "Default" => 1,
25
- "Data" => ""
26
- ), array( "ID" => 4,
27
- "Name" => "User Provided Data",
28
- "Slug" => "provideddata",
29
- "Description" => "This type refers to data provided by the user during file upload through the additional fields that may be added to the upload form. They may be considered as personal data.",
30
- "Generic" => 0,
31
- "Default" => 1,
32
- "Data" => ""
33
- )
34
- );
35
-
36
- return apply_filters("_wfu_personal_data_types", $types);
37
- }
38
-
39
- function wfu_personal_data_operations() {
40
- $operations = array(
41
- array( "ID" => 1,
42
- "Name" => "All",
43
- "Slug" => "all",
44
- "Description" => "The top-most level grouped operation covering all other operations.",
45
- "Order" => 1,
46
- "Parent" => 0,
47
- "Datatypes" => array(),
48
- "Condition" => "",
49
- "DefAllowed" => 0,
50
- "DefConsent" => 0,
51
- "Data" => ""
52
- ), array( "ID" => 2,
53
- "Name" => "Store",
54
- "Slug" => "store",
55
- "Description" => "2nd level grouped operation covering all store operations.",
56
- "Order" => 1,
57
- "Parent" => 1,
58
- "Datatypes" => array(),
59
- "Condition" => "",
60
- "DefAllowed" => 0,
61
- "DefConsent" => 0,
62
- "Data" => ""
63
- ), array( "ID" => 3,
64
- "Name" => "Locally",
65
- "Slug" => "store_local",
66
- "Description" => "3rd level grouped operation covering all local storage operations.",
67
- "Order" => 1,
68
- "Parent" => 2,
69
- "Datatypes" => array(),
70
- "Condition" => "",
71
- "DefAllowed" => 0,
72
- "DefConsent" => 0,
73
- "Data" => ""
74
- ), array( "ID" => 4,
75
- "Name" => "in File System",
76
- "Slug" => "store_fs",
77
- "Description" => "4th level atomic operation for storage in the file system.",
78
- "Order" => 1,
79
- "Parent" => 3,
80
- "Datatypes" => array(1),
81
- "Condition" => "",
82
- "DefAllowed" => 1,
83
- "DefConsent" => 1,
84
- "Data" => ""
85
- ), array( "ID" => 5,
86
- "Name" => "in Database",
87
- "Slug" => "store_db",
88
- "Description" => "4th level atomic operation for storage in the database.",
89
- "Order" => 2,
90
- "Parent" => 3,
91
- "Datatypes" => array(2, 3, 4),
92
- "Condition" => "",
93
- "DefAllowed" => 1,
94
- "DefConsent" => 1,
95
- "Data" => ""
96
- ), array( "ID" => 6,
97
- "Name" => "in Session",
98
- "Slug" => "store_session",
99
- "Description" => "4th level atomic operation for storage in session/cookies.",
100
- "Order" => 3,
101
- "Parent" => 3,
102
- "Datatypes" => array(2, 3, 4),
103
- "Condition" => "",
104
- "DefAllowed" => 1,
105
- "DefConsent" => 1,
106
- "Data" => ""
107
- ), array( "ID" => 7,
108
- "Name" => "Externally",
109
- "Slug" => "store_external",
110
- "Description" => "3rd level grouped operation covering all external storage operations.",
111
- "Order" => 2,
112
- "Parent" => 2,
113
- "Datatypes" => array(),
114
- "Condition" => "",
115
- "DefAllowed" => 0,
116
- "DefConsent" => 0,
117
- "Data" => ""
118
- ), array( "ID" => 8,
119
- "Name" => "in FTP",
120
- "Slug" => "store_ftp",
121
- "Description" => "4th level atomic operation for storage in an external FTP server.",
122
- "Order" => 1,
123
- "Parent" => 7,
124
- "Datatypes" => array(1),
125
- "Condition" => "",
126
- "DefAllowed" => 1,
127
- "DefConsent" => 1,
128
- "Data" => ""
129
- ), array( "ID" => 9,
130
- "Name" => "in Dropbox",
131
- "Slug" => "store_dropbox",
132
- "Description" => "4th level atomic operation for storage in a Dropbox account.",
133
- "Order" => 2,
134
- "Parent" => 7,
135
- "Datatypes" => array(1),
136
- "Condition" => "",
137
- "DefAllowed" => 1,
138
- "DefConsent" => 1,
139
- "Data" => ""
140
- ), array( "ID" => 10,
141
- "Name" => "Use",
142
- "Slug" => "use",
143
- "Description" => "2nd level grouped operation covering all use operations.",
144
- "Order" => 2,
145
- "Parent" => 1,
146
- "Datatypes" => array(),
147
- "Condition" => "",
148
- "DefAllowed" => 0,
149
- "DefConsent" => 0,
150
- "Data" => ""
151
- ), array( "ID" => 11,
152
- "Name" => "in Back-end",
153
- "Slug" => "use_backend",
154
- "Description" => "3rd level grouped operation covering all use operations executed in back-end (Dashboard) by admins.",
155
- "Order" => 1,
156
- "Parent" => 10,
157
- "Datatypes" => array(),
158
- "Condition" => "",
159
- "DefAllowed" => 0,
160
- "DefConsent" => 0,
161
- "Data" => ""
162
- ), array( "ID" => 12,
163
- "Name" => "List",
164
- "Slug" => "list_backend",
165
- "Description" => "4th level atomic operation for listing / showing data in back-end (Dashboard) by admins.",
166
- "Order" => 1,
167
- "Parent" => 11,
168
- "Datatypes" => array(1, 2, 3, 4),
169
- "Condition" => "2",
170
- "DefAllowed" => 1,
171
- "DefConsent" => 1,
172
- "Data" => ""
173
- ), array( "ID" => 13,
174
- "Name" => "Modify",
175
- "Slug" => "modify_backend",
176
- "Description" => "4th level atomic operation for renaming / modifying data in back-end (Dashboard) by admins.",
177
- "Order" => 2,
178
- "Parent" => 11,
179
- "Datatypes" => array(1, 4),
180
- "Condition" => "2",
181
- "DefAllowed" => 1,
182
- "DefConsent" => 1,
183
- "Data" => ""
184
- ), array( "ID" => 14,
185
- "Name" => "Download",
186
- "Slug" => "download_backend",
187
- "Description" => "4th level atomic operation for downloading / exporting data in back-end (Dashboard) by admins.",
188
- "Order" => 3,
189
- "Parent" => 11,
190
- "Datatypes" => array(1, 2, 3, 4),
191
- "Condition" => "2",
192
- "DefAllowed" => 1,
193
- "DefConsent" => 1,
194
- "Data" => ""
195
- ), array( "ID" => 15,
196
- "Name" => "Delete",
197
- "Slug" => "delete_backend",
198
- "Description" => "4th level atomic operation for deleting data in back-end (Dashboard) by admins.",
199
- "Order" => 4,
200
- "Parent" => 11,
201
- "Datatypes" => array(1),
202
- "Condition" => "2",
203
- "DefAllowed" => 1,
204
- "DefConsent" => 1,
205
- "Data" => ""
206
- ), array( "ID" => 16,
207
- "Name" => "in Hooks",
208
- "Slug" => "use_hooks",
209
- "Description" => "4th level atomic operation for using data in hooks.",
210
- "Order" => 5,
211
- "Parent" => 11,
212
- "Datatypes" => array(1, 2, 3, 4),
213
- "Condition" => "2",
214
- "DefAllowed" => 1,
215
- "DefConsent" => 1,
216
- "Data" => ""
217
- ), array( "ID" => 17,
218
- "Name" => "in Hooks",
219
- "Slug" => "use_hooks",
220
- "Description" => "4th level atomic operation for using data in hooks.",
221
- "Order" => 5,
222
- "Parent" => 11,
223
- "Datatypes" => array(3),
224
- "Condition" => "!2",
225
- "DefAllowed" => 1,
226
- "DefConsent" => 1,
227
- "Data" => ""
228
- ), array( "ID" => 18,
229
- "Name" => "in Front-end",
230
- "Slug" => "use_frontend",
231
- "Description" => "3rd level grouped operation covering all use operations executed in front-end (posts, pages) by users.",
232
- "Order" => 2,
233
- "Parent" => 10,
234
- "Datatypes" => array(),
235
- "Condition" => "",
236
- "DefAllowed" => 0,
237
- "DefConsent" => 0,
238
- "Data" => ""
239
- ), array( "ID" => 19,
240
- "Name" => "List",
241
- "Slug" => "list_frontend",
242
- "Description" => "4th level atomic operation for listing / showing data in front-end (posts, pages) by users.",
243
- "Order" => 1,
244
- "Parent" => 18,
245
- "Datatypes" => array(1, 2, 3, 4),
246
- "Condition" => "2",
247
- "DefAllowed" => 1,
248
- "DefConsent" => 1,
249
- "Data" => ""
250
- ), array( "ID" => 20,
251
- "Name" => "Preview",
252
- "Slug" => "preview_frontend",
253
- "Description" => "4th level atomic operation for previewing files / data (show thumbnails) in front-end (posts, pages) by users.",
254
- "Order" => 2,
255
- "Parent" => 18,
256
- "Datatypes" => array(1),
257
- "Condition" => "2",
258
- "DefAllowed" => 1,
259
- "DefConsent" => 1,
260
- "Data" => ""
261
- ), array( "ID" => 21,
262
- "Name" => "Open",
263
- "Slug" => "open_frontend",
264
- "Description" => "4th level atomic operation for opening files / data (opening their links) in front-end (posts, pages) by users.",
265
- "Order" => 3,
266
- "Parent" => 18,
267
- "Datatypes" => array(1),
268
- "Condition" => "2",
269
- "DefAllowed" => 1,
270
- "DefConsent" => 1,
271
- "Data" => ""
272
- ), array( "ID" => 22,
273
- "Name" => "Download",
274
- "Slug" => "download_frontend",
275
- "Description" => "4th level atomic operation for downloading files / data in front-end (posts, pages) by users.",
276
- "Order" => 4,
277
- "Parent" => 18,
278
- "Datatypes" => array(1),
279
- "Condition" => "2",
280
- "DefAllowed" => 1,
281
- "DefConsent" => 1,
282
- "Data" => ""
283
- ), array( "ID" => 23,
284
- "Name" => "Delete",
285
- "Slug" => "delete_frontend",
286
- "Description" => "4th level atomic operation for deleting data in front-end (posts, pages) by users.",
287
- "Order" => 5,
288
- "Parent" => 18,
289
- "Datatypes" => array(1),
290
- "Condition" => "2",
291
- "DefAllowed" => 1,
292
- "DefConsent" => 1,
293
- "Data" => ""
294
- ), array( "ID" => 24,
295
- "Name" => "in Notification Email",
296
- "Slug" => "use_email",
297
- "Description" => "3rd level atomic operation for including data in the notification email sent when a file is uploaded.",
298
- "Order" => 3,
299
- "Parent" => 10,
300
- "Datatypes" => array(1, 2, 3, 4),
301
- "Condition" => "2",
302
- "DefAllowed" => 1,
303
- "DefConsent" => 1,
304
- "Data" => ""
305
- ), array( "ID" => 25,
306
- "Name" => "in Notification Email",
307
- "Slug" => "use_email",
308
- "Description" => "3rd level atomic operation for including data in the notification email sent when a file is uploaded.",
309
- "Order" => 3,
310
- "Parent" => 10,
311
- "Datatypes" => array(3),
312
- "Condition" => "!2",
313
- "DefAllowed" => 1,
314
- "DefConsent" => 1,
315
- "Data" => ""
316
- )
317
- );
318
-
319
- return apply_filters("_wfu_personal_data_operations", $operations);
320
- }
321
-
322
- function wfu_personal_data_locations() {
323
- $locations = array(
324
- array( "ID" => 1,
325
- "Name" => "Plugin Area",
326
- "Slug" => "plugin_area",
327
- "Description" => "This location refers to a separate section of the plugin in Dashboard.",
328
- "Data" => ""
329
- ), array( "ID" => 2,
330
- "Name" => "User Profile",
331
- "Slug" => "user_profile",
332
- "Description" => "This location refers to the user profile section in Dashboard.",
333
- "Data" => ""
334
- ), array( "ID" => 3,
335
- "Name" => "Request to Admin",
336
- "Slug" => "admin_request",
337
- "Description" => "This location refers to a request from a user to the admin, through email, form or another location, for executing actions on personal data.",
338
- "Data" => ""
339
- ), array( "ID" => 4,
340
- "Name" => "Code",
341
- "Slug" => "code",
342
- "Description" => "This location refers to executing actions on personal data programmatically.",
343
- "Data" => ""
344
- )
345
- );
346
-
347
- return apply_filters("_wfu_personal_data_locations", $locations);
348
- }
349
-
350
-
351
- function wfu_personal_data_permissions() {
352
- $permissions = array(
353
- array( "ID" => 1,
354
- "Name" => "User",
355
- "Slug" => "user",
356
- "Description" => "This is a grouped permission referring to all permissions of users.",
357
- "Order" => 1,
358
- "Parent" => 0,
359
- "Locations" => array(),
360
- "Default" => array(),
361
- "Data" => ""
362
- ), array( "ID" => 2,
363
- "Name" => "Consent",
364
- "Slug" => "user_consent",
365
- "Description" => "This is a grouped permission referring to all consent operations (grant, review, revoke) of users.",
366
- "Order" => 1,
367
- "Parent" => 1,
368
- "Locations" => array(),
369
- "Default" => array(),
370
- "Data" => ""
371
- ), array( "ID" => 3,
372
- "Name" => "Review",
373
- "Slug" => "user_review_consent",
374
- "Description" => "This is an atomic permission for users to review consent.",
375
- "Order" => 1,
376
- "Locations" => array(1, 2, 3),
377
- "Default" => array(1),
378
- "Parent" => 2,
379
- "Data" => ""
380
- ), array( "ID" => 4,
381
- "Name" => "Revoke",
382
- "Slug" => "user_revoke_consent",
383
- "Description" => "This is an atomic permission for users to revoke consent.",
384
- "Order" => 2,
385
- "Locations" => array(1, 2, 3),
386
- "Default" => array(1),
387
- "Parent" => 2,
388
- "Data" => ""
389
- ), array( "ID" => 5,
390
- "Name" => "Grant",
391
- "Slug" => "user_grant_consent",
392
- "Description" => "This is an atomic permission for users to grant consent.",
393
- "Order" => 3,
394
- "Locations" => array(3),
395
- "Default" => array(3),
396
- "Parent" => 2,
397
- "Data" => ""
398
- ), array( "ID" => 6,
399
- "Name" => "Personal Data",
400
- "Slug" => "user_personaldata",
401
- "Description" => "This is a grouped permission referring to all personal data operations (preview, get, delete) of users.",
402
- "Order" => 2,
403
- "Locations" => array(),
404
- "Default" => array(),
405
- "Parent" => 1,
406
- "Data" => ""
407
- ), array( "ID" => 7,
408
- "Name" => "Preview",
409
- "Slug" => "user_preview_personaldata",
410
- "Description" => "This is an atomic permission for users to preview personal data.",
411
- "Order" => 1,
412
- "Locations" => array(1, 2, 3),
413
- "Default" => array(1),
414
- "Parent" => 6,
415
- "Data" => ""
416
- ), array( "ID" => 8,
417
- "Name" => "Get",
418
- "Slug" => "user_get_personaldata",
419
- "Description" => "This is an atomic permission for users to get / export personal data.",
420
- "Order" => 2,
421
- "Locations" => array(1, 2, 3),
422
- "Default" => array(1),
423
- "Parent" => 6,
424
- "Data" => ""
425
- ), array( "ID" => 9,
426
- "Name" => "Delete",
427
- "Slug" => "user_delete_personaldata",
428
- "Description" => "This is an atomic permission for users to delete personal data.",
429
- "Order" => 3,
430
- "Locations" => array(1, 2, 3),
431
- "Default" => array(3),
432
- "Parent" => 6,
433
- "Data" => ""
434
- ), array( "ID" => 10,
435
- "Name" => "API",
436
- "Slug" => "api",
437
- "Description" => "This is a grouped permission referring to all API permissions.",
438
- "Order" => 2,
439
- "Parent" => 0,
440
- "Locations" => array(),
441
- "Default" => array(),
442
- "Data" => ""
443
- ), array( "ID" => 11,
444
- "Name" => "Consent",
445
- "Slug" => "api_consent",
446
- "Description" => "This is a grouped permission referring to all consent operations (grant, review, revoke) of API.",
447
- "Order" => 1,
448
- "Parent" => 10,
449
- "Locations" => array(),
450
- "Default" => array(),
451
- "Data" => ""
452
- ), array( "ID" => 12,
453
- "Name" => "Review",
454
- "Slug" => "api_review_consent",
455
- "Description" => "This is an atomic permission for API to review consent.",
456
- "Order" => 1,
457
- "Locations" => array(4),
458
- "Default" => array(4),
459
- "Parent" => 11,
460
- "Data" => ""
461
- ), array( "ID" => 13,
462
- "Name" => "Revoke",
463
- "Slug" => "api_revoke_consent",
464
- "Description" => "This is an atomic permission for API to revoke consent.",
465
- "Order" => 2,
466
- "Locations" => array(4),
467
- "Default" => array(4),
468
- "Parent" => 11,
469
- "Data" => ""
470
- ), array( "ID" => 14,
471
- "Name" => "Grant",
472
- "Slug" => "api_grant_consent",
473
- "Description" => "This is an atomic permission for API to grant consent.",
474
- "Order" => 3,
475
- "Locations" => array(4),
476
- "Default" => array(4),
477
- "Parent" => 11,
478
- "Data" => ""
479
- ), array( "ID" => 15,
480
- "Name" => "Personal Data",
481
- "Slug" => "api_personaldata",
482
- "Description" => "This is a grouped permission referring to all personal data operations (preview, get, delete) of API.",
483
- "Order" => 2,
484
- "Locations" => array(),
485
- "Default" => array(),
486
- "Parent" => 10,
487
- "Data" => ""
488
- ), array( "ID" => 16,
489
- "Name" => "Preview",
490
- "Slug" => "api_preview_personaldata",
491
- "Description" => "This is an atomic permission for API to preview personal data.",
492
- "Order" => 1,
493
- "Locations" => array(4),
494
- "Default" => array(4),
495
- "Parent" => 15,
496
- "Data" => ""
497
- ), array( "ID" => 17,
498
- "Name" => "Get",
499
- "Slug" => "api_get_personaldata",
500
- "Description" => "This is an atomic permission for API to get / export personal data.",
501
- "Order" => 2,
502
- "Locations" => array(4),
503
- "Default" => array(4),
504
- "Parent" => 15,
505
- "Data" => ""
506
- ), array( "ID" => 18,
507
- "Name" => "Delete",
508
- "Slug" => "api_delete_personaldata",
509
- "Description" => "This is an atomic permission for API to delete personal data.",
510
- "Order" => 3,
511
- "Locations" => array(4),
512
- "Default" => array(4),
513
- "Parent" => 15,
514
- "Data" => ""
515
- )
516
- );
517
-
518
- return apply_filters("_wfu_personal_data_permissions", $permissions);
519
- }
520
-
521
- function wfu_personal_data_entities() {
522
- $entities = array(
523
- array( "ID" => 1,
524
- "Name" => "Admin",
525
- "Slug" => "admin",
526
- "Description" => "This entity refers to administrators.",
527
- "Data" => ""
528
- ), array( "ID" => 2,
529
- "Name" => "User",
530
- "Slug" => "user",
531
- "Description" => "This entity refers to logged users.",
532
- "Data" => ""
533
- ), array( "ID" => 3,
534
- "Name" => "Guest",
535
- "Slug" => "guest",
536
- "Description" => "This entity refers to non-logged users (guests).",
537
- "Data" => ""
538
- ), array( "ID" => 4,
539
- "Name" => "API",
540
- "Slug" => "api",
541
- "Description" => "This entity refers to API executing actions on personal data.",
542
- "Data" => ""
543
- )
544
- );
545
-
546
- return apply_filters("_wfu_personal_data_entities", $entities);
547
- }
548
-
549
- function wfu_personal_data_logactions() {
550
- $logactions = array(
551
- array( "ID" => 1,
552
- "Name" => "All Log Actions",
553
- "Slug" => "all_logactions",
554
- "Description" => "This is a grouped log action referring to all log actions.",
555
- "Order" => 1,
556
- "Parent" => 0,
557
- "Entities" => array(),
558
- "Default" => array(),
559
- "Data" => ""
560
- ), array( "ID" => 2,
561
- "Name" => "Personal Data Policy",
562
- "Slug" => "policy_logactions",
563
- "Description" => "This is a grouped log action referring to all actions on personal data policies.",
564
- "Order" => 1,
565
- "Parent" => 1,
566
- "Entities" => array(),
567
- "Default" => array(),
568
- "Data" => ""
569
- ), array( "ID" => 3,
570
- "Name" => "Create",
571
- "Slug" => "create_policy",
572
- "Description" => "This is an atomic log action when a new personal data policy is created.",
573
- "Order" => 1,
574
- "Parent" => 2,
575
- "Entities" => array(1),
576
- "Default" => array(1),
577
- "Data" => ""
578
- ), array( "ID" => 4,
579
- "Name" => "Modify",
580
- "Slug" => "modify_policy",
581
- "Description" => "This is an atomic log action when a new personal data policy is modified.",
582
- "Order" => 2,
583
- "Parent" => 2,
584
- "Entities" => array(1),
585
- "Default" => array(1),
586
- "Data" => ""
587
- ), array( "ID" => 5,
588
- "Name" => "Delete",
589
- "Slug" => "delete_policy",
590
- "Description" => "This is an atomic log action when a new personal data policy is deleted.",
591
- "Order" => 3,
592
- "Parent" => 2,
593
- "Entities" => array(1),
594
- "Default" => array(1),
595
- "Data" => ""
596
- ), array( "ID" => 6,
597
- "Name" => "Consent",
598
- "Slug" => "consent_logactions",
599
- "Description" => "This is a grouped log action referring to all actions on consents.",
600
- "Order" => 2,
601
- "Parent" => 1,
602
- "Entities" => array(),
603
- "Default" => array(),
604
- "Data" => ""
605
- ), array( "ID" => 7,
606
- "Name" => "Grant",
607
- "Slug" => "grant_consent",
608
- "Description" => "This is an atomic log action when a consent is granted.",
609
- "Order" => 1,
610
- "Parent" => 6,
611
- "Entities" => array(1, 2, 4),
612
- "Default" => array(1, 2, 4),
613
- "Data" => ""
614
- ), array( "ID" => 8,
615
- "Name" => "Revoke",
616
- "Slug" => "revoke_consent",
617
- "Description" => "This is an atomic log action when a consent is revoked.",
618
- "Order" => 2,
619
- "Parent" => 6,
620
- "Entities" => array(1, 2, 4),
621
- "Default" => array(1, 2, 4),
622
- "Data" => ""
623
- ), array( "ID" => 9,
624
- "Name" => "Personal Data",
625
- "Slug" => "personaldata_logactions",
626
- "Description" => "This is a grouped log action referring to all actions on personal data.",
627
- "Order" => 3,
628
- "Parent" => 1,
629
- "Entities" => array(),
630
- "Default" => array(),
631
- "Data" => ""
632
- ), array( "ID" => 10,
633
- "Name" => "Download",
634
- "Slug" => "download_personaldata",
635
- "Description" => "This is an atomic log action when personal data are downloaded.",
636
- "Order" => 1,
637
- "Parent" => 9,
638
- "Entities" => array(1, 2, 4),
639
- "Default" => array(1, 2, 4),
640
- "Data" => ""
641
- ), array( "ID" => 11,
642
- "Name" => "Delete",
643
- "Slug" => "delete_personaldata",
644
- "Description" => "This is an atomic log action when personal data are deleted.",
645
- "Order" => 2,
646
- "Parent" => 9,
647
- "Entities" => array(1, 2, 4),
648
- "Default" => array(1, 2, 4),
649
- "Data" => ""
650
- ), array( "ID" => 12,
651
- "Name" => "Custom Actions",
652
- "Slug" => "custom_logactions",
653
- "Description" => "This refers to custom log actions entered manually in the log.",
654
- "Order" => 4,
655
- "Parent" => 1,
656
- "Entities" => array(1),
657
- "Default" => array(1),
658
- "Data" => ""
659
- )
660
- );
661
-
662
- return apply_filters("_wfu_personal_data_logactions", $logactions);
663
- }
664
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
665
  ?>
1
+ <?php
2
+
3
+ /**
4
+ * Personal Data Definitions
5
+ *
6
+ * This file contains definitions for personal data policies.
7
+ *
8
+ * @link /lib/wfu_pd_definitions.php
9
+ *
10
+ * @package WordPress File Upload Plugin
11
+ * @subpackage Core Components
12
+ * @since 4.5.0
13
+ */
14
+
15
+ /**
16
+ * Define Personal Data Types.
17
+ *
18
+ * This function defines the personal data types.
19
+ *
20
+ * @since 4.5.0
21
+ *
22
+ * @return array An array of personal data types definitions.
23
+ */
24
+ function wfu_personal_data_types() {
25
+ $types = array(
26
+ array( "ID" => 1,
27
+ "Name" => "File",
28
+ "Slug" => "file",
29
+ "Description" => "This type refers to uploaded files, which may be considered as personal data.",
30
+ "Generic" => 0,
31
+ "Default" => 0,
32
+ "Data" => ""
33
+ ), array( "ID" => 2,
34
+ "Name" => "File Data",
35
+ "Slug" => "filedata",
36
+ "Description" => "This type refers to data captured by the plugin during file upload: upload time, page ID, blog ID and shortcode ID. Though not related to the user, they may be considered as personal data.",
37
+ "Generic" => 1,
38
+ "Default" => 0,
39
+ "Data" => ""
40
+ ), array( "ID" => 3,
41
+ "Name" => "User Profile Data",
42
+ "Slug" => "profiledata",
43
+ "Description" => "This type refers to user data (user ID, user name, user email etc.) that the plugin reads from user's profile. By default they are considered as personal data.",
44
+ "Generic" => 1,
45
+ "Default" => 1,
46
+ "Data" => ""
47
+ ), array( "ID" => 4,
48
+ "Name" => "User Provided Data",
49
+ "Slug" => "provideddata",
50
+ "Description" => "This type refers to data provided by the user during file upload through the additional fields that may be added to the upload form. They may be considered as personal data.",
51
+ "Generic" => 0,
52
+ "Default" => 1,
53
+ "Data" => ""
54
+ )
55
+ );
56
+
57
+ /**
58
+ * Let Custom Scripts Modify Personal Data Types.
59
+ *
60
+ * This filter allows custom scripts to modify personal data types
61
+ * definitions.
62
+ *
63
+ * @since 4.5.0
64
+ *
65
+ * @param array $types The personal data types definitions.
66
+ */
67
+ return apply_filters("_wfu_personal_data_types", $types);
68
+ }
69
+
70
+ /**
71
+ * Define Personal Data Operations.
72
+ *
73
+ * This function defines the personal data operations.
74
+ *
75
+ * @since 4.5.0
76
+ *
77
+ * @return array An array of personal data operations definitions.
78
+ */
79
+ function wfu_personal_data_operations() {
80
+ $operations = array(
81
+ array( "ID" => 1,
82
+ "Name" => "All",
83
+ "Slug" => "all",
84
+ "Description" => "The top-most level grouped operation covering all other operations.",
85
+ "Order" => 1,
86
+ "Parent" => 0,
87
+ "Datatypes" => array(),
88
+ "Condition" => "",
89
+ "DefAllowed" => 0,
90
+ "DefConsent" => 0,
91
+ "Data" => ""
92
+ ), array( "ID" => 2,
93
+ "Name" => "Store",
94
+ "Slug" => "store",
95
+ "Description" => "2nd level grouped operation covering all store operations.",
96
+ "Order" => 1,
97
+ "Parent" => 1,
98
+ "Datatypes" => array(),
99
+ "Condition" => "",
100
+ "DefAllowed" => 0,
101
+ "DefConsent" => 0,
102
+ "Data" => ""
103
+ ), array( "ID" => 3,
104
+ "Name" => "Locally",
105
+ "Slug" => "store_local",
106
+ "Description" => "3rd level grouped operation covering all local storage operations.",
107
+ "Order" => 1,
108
+ "Parent" => 2,
109
+ "Datatypes" => array(),
110
+ "Condition" => "",
111
+ "DefAllowed" => 0,
112
+ "DefConsent" => 0,
113
+ "Data" => ""
114
+ ), array( "ID" => 4,
115
+ "Name" => "in File System",
116
+ "Slug" => "store_fs",
117
+ "Description" => "4th level atomic operation for storage in the file system.",
118
+ "Order" => 1,
119
+ "Parent" => 3,
120
+ "Datatypes" => array(1),
121
+ "Condition" => "",
122
+ "DefAllowed" => 1,
123
+ "DefConsent" => 1,
124
+ "Data" => ""
125
+ ), array( "ID" => 5,
126
+ "Name" => "in Database",
127
+ "Slug" => "store_db",
128
+ "Description" => "4th level atomic operation for storage in the database.",
129
+ "Order" => 2,
130
+ "Parent" => 3,
131
+ "Datatypes" => array(2, 3, 4),
132
+ "Condition" => "",
133
+ "DefAllowed" => 1,
134
+ "DefConsent" => 1,
135
+ "Data" => ""
136
+ ), array( "ID" => 6,
137
+ "Name" => "in Session",
138
+ "Slug" => "store_session",
139
+ "Description" => "4th level atomic operation for storage in session/cookies.",
140
+ "Order" => 3,
141
+ "Parent" => 3,
142
+ "Datatypes" => array(2, 3, 4),
143
+ "Condition" => "",
144
+ "DefAllowed" => 1,
145
+ "DefConsent" => 1,
146
+ "Data" => ""
147
+ ), array( "ID" => 7,
148
+ "Name" => "Externally",
149
+ "Slug" => "store_external",
150
+ "Description" => "3rd level grouped operation covering all external storage operations.",
151
+ "Order" => 2,
152
+ "Parent" => 2,
153
+ "Datatypes" => array(),
154
+ "Condition" => "",
155
+ "DefAllowed" => 0,
156
+ "DefConsent" => 0,
157
+ "Data" => ""
158
+ ), array( "ID" => 8,
159
+ "Name" => "in FTP",
160
+ "Slug" => "store_ftp",
161
+ "Description" => "4th level atomic operation for storage in an external FTP server.",
162
+ "Order" => 1,
163
+ "Parent" => 7,
164
+ "Datatypes" => array(1),
165
+ "Condition" => "",
166
+ "DefAllowed" => 1,
167
+ "DefConsent" => 1,
168
+ "Data" => ""
169
+ ), array( "ID" => 9,
170
+ "Name" => "in Dropbox",
171
+ "Slug" => "store_dropbox",
172
+ "Description" => "4th level atomic operation for storage in a Dropbox account.",
173
+ "Order" => 2,
174
+ "Parent" => 7,
175
+ "Datatypes" => array(1),
176
+ "Condition" => "",
177
+ "DefAllowed" => 1,
178
+ "DefConsent" => 1,
179
+ "Data" => ""
180
+ ), array( "ID" => 10,
181
+ "Name" => "Use",
182
+ "Slug" => "use",
183
+ "Description" => "2nd level grouped operation covering all use operations.",
184
+ "Order" => 2,
185
+ "Parent" => 1,
186
+ "Datatypes" => array(),
187
+ "Condition" => "",
188
+ "DefAllowed" => 0,
189
+ "DefConsent" => 0,
190
+ "Data" => ""
191
+ ), array( "ID" => 11,
192
+ "Name" => "in Back-end",
193
+ "Slug" => "use_backend",
194
+ "Description" => "3rd level grouped operation covering all use operations executed in back-end (Dashboard) by admins.",
195
+ "Order" => 1,
196
+ "Parent" => 10,
197
+ "Datatypes" => array(),
198
+ "Condition" => "",
199
+ "DefAllowed" => 0,
200
+ "DefConsent" => 0,
201
+ "Data" => ""
202
+ ), array( "ID" => 12,
203
+ "Name" => "List",
204
+ "Slug" => "list_backend",
205
+ "Description" => "4th level atomic operation for listing / showing data in back-end (Dashboard) by admins.",
206
+ "Order" => 1,
207
+ "Parent" => 11,
208
+ "Datatypes" => array(1, 2, 3, 4),
209
+ "Condition" => "2",
210
+ "DefAllowed" => 1,
211
+ "DefConsent" => 1,
212
+ "Data" => ""
213
+ ), array( "ID" => 13,
214
+ "Name" => "Modify",
215
+ "Slug" => "modify_backend",
216
+ "Description" => "4th level atomic operation for renaming / modifying data in back-end (Dashboard) by admins.",
217
+ "Order" => 2,
218
+ "Parent" => 11,
219
+ "Datatypes" => array(1, 4),
220
+ "Condition" => "2",
221
+ "DefAllowed" => 1,
222
+ "DefConsent" => 1,
223
+ "Data" => ""
224
+ ), array( "ID" => 14,
225
+ "Name" => "Download",
226
+ "Slug" => "download_backend",
227
+ "Description" => "4th level atomic operation for downloading / exporting data in back-end (Dashboard) by admins.",
228
+ "Order" => 3,
229
+ "Parent" => 11,
230
+ "Datatypes" => array(1, 2, 3, 4),
231
+ "Condition" => "2",
232
+ "DefAllowed" => 1,
233
+ "DefConsent" => 1,
234
+ "Data" => ""
235
+ ), array( "ID" => 15,
236
+ "Name" => "Delete",
237
+ "Slug" => "delete_backend",
238
+ "Description" => "4th level atomic operation for deleting data in back-end (Dashboard) by admins.",
239
+ "Order" => 4,
240
+ "Parent" => 11,
241
+ "Datatypes" => array(1),
242
+ "Condition" => "2",
243
+ "DefAllowed" => 1,
244
+ "DefConsent" => 1,
245
+ "Data" => ""
246
+ ), array( "ID" => 16,
247
+ "Name" => "in Hooks",
248
+ "Slug" => "use_hooks",
249
+ "Description" => "4th level atomic operation for using data in hooks.",
250
+ "Order" => 5,
251
+ "Parent" => 11,
252
+ "Datatypes" => array(1, 2, 3, 4),
253
+ "Condition" => "2",
254
+ "DefAllowed" => 1,
255
+ "DefConsent" => 1,
256
+ "Data" => ""
257
+ ), array( "ID" => 17,
258
+ "Name" => "in Hooks",
259
+ "Slug" => "use_hooks",
260
+ "Description" => "4th level atomic operation for using data in hooks.",
261
+ "Order" => 5,
262
+ "Parent" => 11,
263
+ "Datatypes" => array(3),
264
+ "Condition" => "!2",
265
+ "DefAllowed" => 1,
266
+ "DefConsent" => 1,
267
+ "Data" => ""
268
+ ), array( "ID" => 18,
269
+ "Name" => "in Front-end",
270
+ "Slug" => "use_frontend",
271
+ "Description" => "3rd level grouped operation covering all use operations executed in front-end (posts, pages) by users.",
272
+ "Order" => 2,
273
+ "Parent" => 10,
274
+ "Datatypes" => array(),
275
+ "Condition" => "",
276
+ "DefAllowed" => 0,
277
+ "DefConsent" => 0,
278
+ "Data" => ""
279
+ ), array( "ID" => 19,
280
+ "Name" => "List",
281
+ "Slug" => "list_frontend",
282
+ "Description" => "4th level atomic operation for listing / showing data in front-end (posts, pages) by users.",
283
+ "Order" => 1,
284
+ "Parent" => 18,
285
+ "Datatypes" => array(1, 2, 3, 4),
286
+ "Condition" => "2",
287
+ "DefAllowed" => 1,
288
+ "DefConsent" => 1,
289
+ "Data" => ""
290
+ ), array( "ID" => 20,
291
+ "Name" => "Preview",
292
+ "Slug" => "preview_frontend",
293
+ "Description" => "4th level atomic operation for previewing files / data (show thumbnails) in front-end (posts, pages) by users.",
294
+ "Order" => 2,
295
+ "Parent" => 18,
296
+ "Datatypes" => array(1),
297
+ "Condition" => "2",
298
+ "DefAllowed" => 1,
299
+ "DefConsent" => 1,
300
+ "Data" => ""
301
+ ), array( "ID" => 21,
302
+ "Name" => "Open",
303
+ "Slug" => "open_frontend",
304
+ "Description" => "4th level atomic operation for opening files / data (opening their links) in front-end (posts, pages) by users.",
305
+ "Order" => 3,
306
+ "Parent" => 18,
307
+ "Datatypes" => array(1),
308
+ "Condition" => "2",
309
+ "DefAllowed" => 1,
310
+ "DefConsent" => 1,
311
+ "Data" => ""
312
+ ), array( "ID" => 22,
313
+ "Name" => "Download",
314
+ "Slug" => "download_frontend",
315
+ "Description" => "4th level atomic operation for downloading files / data in front-end (posts, pages) by users.",
316
+ "Order" => 4,
317
+ "Parent" => 18,
318
+ "Datatypes" => array(1),
319
+ "Condition" => "2",
320
+ "DefAllowed" => 1,
321
+ "DefConsent" => 1,
322
+ "Data" => ""
323
+ ), array( "ID" => 23,
324
+ "Name" => "Delete",
325
+ "Slug" => "delete_frontend",
326
+ "Description" => "4th level atomic operation for deleting data in front-end (posts, pages) by users.",
327
+ "Order" => 5,
328
+ "Parent" => 18,
329
+ "Datatypes" => array(1),
330
+ "Condition" => "2",
331
+ "DefAllowed" => 1,
332
+ "DefConsent" => 1,
333
+ "Data" => ""
334
+ ), array( "ID" => 24,
335
+ "Name" => "in Notification Email",
336
+ "Slug" => "use_email",
337
+ "Description" => "3rd level atomic operation for including data in the notification email sent when a file is uploaded.",
338
+ "Order" => 3,
339
+ "Parent" => 10,
340
+ "Datatypes" => array(1, 2, 3, 4),
341
+ "Condition" => "2",
342
+ "DefAllowed" => 1,
343
+ "DefConsent" => 1,
344
+ "Data" => ""
345
+ ), array( "ID" => 25,
346
+ "Name" => "in Notification Email",
347
+ "Slug" => "use_email",
348
+ "Description" => "3rd level atomic operation for including data in the notification email sent when a file is uploaded.",
349
+ "Order" => 3,
350
+ "Parent" => 10,
351
+ "Datatypes" => array(3),
352
+ "Condition" => "!2",
353
+ "DefAllowed" => 1,
354
+ "DefConsent" => 1,
355
+ "Data" => ""
356
+ )
357
+ );
358
+
359
+ /**
360
+ * Let Custom Scripts Modify Personal Data Operations.
361
+ *
362
+ * This filter allows custom scripts to modify personal data operations
363
+ * definitions.
364
+ *
365
+ * @since 4.5.0
366
+ *
367
+ * @param array $types The personal data operations definitions.
368
+ */
369
+ return apply_filters("_wfu_personal_data_operations", $operations);
370
+ }
371
+
372
+ /**
373
+ * Define Personal Data Locations.
374
+ *
375
+ * This function defines the personal data locations.
376
+ *
377
+ * @since 4.5.0
378
+ *
379
+ * @return array An array of personal data locations definitions.
380
+ */
381
+ function wfu_personal_data_locations() {
382
+ $locations = array(
383
+ array( "ID" => 1,
384
+ "Name" => "Plugin Area",
385
+ "Slug" => "plugin_area",
386
+ "Description" => "This location refers to a separate section of the plugin in Dashboard.",
387
+ "Data" => ""
388
+ ), array( "ID" => 2,
389
+ "Name" => "User Profile",
390
+ "Slug" => "user_profile",
391
+ "Description" => "This location refers to the user profile section in Dashboard.",
392
+ "Data" => ""
393
+ ), array( "ID" => 3,
394
+ "Name" => "Request to Admin",
395
+ "Slug" => "admin_request",
396
+ "Description" => "This location refers to a request from a user to the admin, through email, form or another location, for executing actions on personal data.",
397
+ "Data" => ""
398
+ ), array( "ID" => 4,
399
+ "Name" => "Code",
400
+ "Slug" => "code",
401
+ "Description" => "This location refers to executing actions on personal data programmatically.",
402
+ "Data" => ""
403
+ )
404
+ );
405
+
406
+ /**
407
+ * Let Custom Scripts Modify Personal Data Locations.
408
+ *
409
+ * This filter allows custom scripts to modify personal data locations
410
+ * definitions.
411
+ *
412
+ * @since 4.5.0
413
+ *
414
+ * @param array $types The personal data locations definitions.
415
+ */
416
+ return apply_filters("_wfu_personal_data_locations", $locations);
417
+ }
418
+
419
+ /**
420
+ * Define Personal Data Permissions.
421
+ *
422
+ * This function defines the personal data permissions.
423
+ *
424
+ * @since 4.5.0
425
+ *
426
+ * @return array An array of personal data permissions definitions.
427
+ */
428
+ function wfu_personal_data_permissions() {
429
+ $permissions = array(
430
+ array( "ID" => 1,
431
+ "Name" => "User",
432
+ "Slug" => "user",
433
+ "Description" => "This is a grouped permission referring to all permissions of users.",
434
+ "Order" => 1,
435
+ "Parent" => 0,
436
+ "Locations" => array(),
437
+ "Default" => array(),
438
+ "Data" => ""
439
+ ), array( "ID" => 2,
440
+ "Name" => "Consent",
441
+ "Slug" => "user_consent",
442
+ "Description" => "This is a grouped permission referring to all consent operations (grant, review, revoke) of users.",
443
+ "Order" => 1,
444
+ "Parent" => 1,
445
+ "Locations" => array(),
446
+ "Default" => array(),
447
+ "Data" => ""
448
+ ), array( "ID" => 3,
449
+ "Name" => "Review",
450
+ "Slug" => "user_review_consent",
451
+ "Description" => "This is an atomic permission for users to review consent.",
452
+ "Order" => 1,
453
+ "Locations" => array(1, 2, 3),
454
+ "Default" => array(1),
455
+ "Parent" => 2,
456
+ "Data" => ""
457
+ ), array( "ID" => 4,
458
+ "Name" => "Revoke",
459
+ "Slug" => "user_revoke_consent",
460
+ "Description" => "This is an atomic permission for users to revoke consent.",
461
+ "Order" => 2,
462
+ "Locations" => array(1, 2, 3),
463
+ "Default" => array(1),
464
+ "Parent" => 2,
465
+ "Data" => ""
466
+ ), array( "ID" => 5,
467
+ "Name" => "Grant",
468
+ "Slug" => "user_grant_consent",
469
+ "Description" => "This is an atomic permission for users to grant consent.",
470
+ "Order" => 3,
471
+ "Locations" => array(3),
472
+ "Default" => array(3),
473
+ "Parent" => 2,
474
+ "Data" => ""
475
+ ), array( "ID" => 6,
476
+ "Name" => "Personal Data",
477
+ "Slug" => "user_personaldata",
478
+ "Description" => "This is a grouped permission referring to all personal data operations (preview, get, delete) of users.",
479
+ "Order" => 2,
480
+ "Locations" => array(),
481
+ "Default" => array(),
482
+ "Parent" => 1,
483
+ "Data" => ""
484
+ ), array( "ID" => 7,
485
+ "Name" => "Preview",
486
+ "Slug" => "user_preview_personaldata",
487
+ "Description" => "This is an atomic permission for users to preview personal data.",
488
+ "Order" => 1,
489
+ "Locations" => array(1, 2, 3),
490
+ "Default" => array(1),
491
+ "Parent" => 6,
492
+ "Data" => ""
493
+ ), array( "ID" => 8,
494
+ "Name" => "Get",
495
+ "Slug" => "user_get_personaldata",
496
+ "Description" => "This is an atomic permission for users to get / export personal data.",
497
+ "Order" => 2,
498
+ "Locations" => array(1, 2, 3),
499
+ "Default" => array(1),
500
+ "Parent" => 6,
501
+ "Data" => ""
502
+ ), array( "ID" => 9,
503
+ "Name" => "Delete",
504
+ "Slug" => "user_delete_personaldata",
505
+ "Description" => "This is an atomic permission for users to delete personal data.",
506
+ "Order" => 3,
507
+ "Locations" => array(1, 2, 3),
508
+ "Default" => array(3),
509
+ "Parent" => 6,
510
+ "Data" => ""
511
+ ), array( "ID" => 10,
512
+ "Name" => "API",
513
+ "Slug" => "api",
514
+ "Description" => "This is a grouped permission referring to all API permissions.",
515
+ "Order" => 2,
516
+ "Parent" => 0,
517
+ "Locations" => array(),
518
+ "Default" => array(),
519
+ "Data" => ""
520
+ ), array( "ID" => 11,
521
+ "Name" => "Consent",
522
+ "Slug" => "api_consent",
523
+ "Description" => "This is a grouped permission referring to all consent operations (grant, review, revoke) of API.",
524
+ "Order" => 1,
525
+ "Parent" => 10,
526
+ "Locations" => array(),
527
+ "Default" => array(),
528
+ "Data" => ""
529
+ ), array( "ID" => 12,
530
+ "Name" => "Review",
531
+ "Slug" => "api_review_consent",
532
+ "Description" => "This is an atomic permission for API to review consent.",
533
+ "Order" => 1,
534
+ "Locations" => array(4),
535
+ "Default" => array(4),
536
+ "Parent" => 11,
537
+ "Data" => ""
538
+ ), array( "ID" => 13,
539
+ "Name" => "Revoke",
540
+ "Slug" => "api_revoke_consent",
541
+ "Description" => "This is an atomic permission for API to revoke consent.",
542
+ "Order" => 2,
543
+ "Locations" => array(4),
544
+ "Default" => array(4),
545
+ "Parent" => 11,
546
+ "Data" => ""
547
+ ), array( "ID" => 14,
548
+ "Name" => "Grant",
549
+ "Slug" => "api_grant_consent",
550
+ "Description" => "This is an atomic permission for API to grant consent.",
551
+ "Order" => 3,
552
+ "Locations" => array(4),
553
+ "Default" => array(4),
554
+ "Parent" => 11,
555
+ "Data" => ""
556
+ ), array( "ID" => 15,
557
+ "Name" => "Personal Data",
558
+ "Slug" => "api_personaldata",
559
+ "Description" => "This is a grouped permission referring to all personal data operations (preview, get, delete) of API.",
560
+ "Order" => 2,
561
+ "Locations" => array(),
562
+ "Default" => array(),
563
+ "Parent" => 10,
564
+ "Data" => ""
565
+ ), array( "ID" => 16,
566
+ "Name" => "Preview",
567
+ "Slug" => "api_preview_personaldata",
568
+ "Description" => "This is an atomic permission for API to preview personal data.",
569
+ "Order" => 1,
570
+ "Locations" => array(4),
571
+ "Default" => array(4),
572
+ "Parent" => 15,
573
+ "Data" => ""
574
+ ), array( "ID" => 17,
575
+ "Name" => "Get",
576
+ "Slug" => "api_get_personaldata",
577
+ "Description" => "This is an atomic permission for API to get / export personal data.",
578
+ "Order" => 2,
579
+ "Locations" => array(4),
580
+ "Default" => array(4),
581
+ "Parent" => 15,
582
+ "Data" => ""
583
+ ), array( "ID" => 18,
584
+ "Name" => "Delete",
585
+ "Slug" => "api_delete_personaldata",
586
+ "Description" => "This is an atomic permission for API to delete personal data.",
587
+ "Order" => 3,
588
+ "Locations" => array(4),
589
+ "Default" => array(4),
590
+ "Parent" => 15,
591
+ "Data" => ""
592
+ )
593
+ );
594
+
595
+ /**
596
+ * Let Custom Scripts Modify Personal Data Permissions.
597
+ *
598
+ * This filter allows custom scripts to modify personal data permissions
599
+ * definitions.
600
+ *
601
+ * @since 4.5.0
602
+ *
603
+ * @param array $types The personal data permissions definitions.
604
+ */
605
+ return apply_filters("_wfu_personal_data_permissions", $permissions);
606
+ }
607
+
608
+ /**
609
+ * Define Personal Data Entities.
610
+ *
611
+ * This function defines the personal data entities.
612
+ *
613
+ * @since 4.5.0
614
+ *
615
+ * @return array An array of personal data entities definitions.
616
+ */
617
+ function wfu_personal_data_entities() {
618
+ $entities = array(
619
+ array( "ID" => 1,
620
+ "Name" => "Admin",
621
+ "Slug" => "admin",
622
+ "Description" => "This entity refers to administrators.",
623
+ "Data" => ""
624
+ ), array( "ID" => 2,
625
+ "Name" => "User",
626
+ "Slug" => "user",
627
+ "Description" => "This entity refers to logged users.",
628
+ "Data" => ""
629
+ ), array( "ID" => 3,
630
+ "Name" => "Guest",
631
+ "Slug" => "guest",
632
+ "Description" => "This entity refers to non-logged users (guests).",
633
+ "Data" => ""
634
+ ), array( "ID" => 4,
635
+ "Name" => "API",
636
+ "Slug" => "api",
637
+ "Description" => "This entity refers to API executing actions on personal data.",
638
+ "Data" => ""
639
+ )
640
+ );
641
+
642
+ /**
643
+ * Let Custom Scripts Modify Personal Data Entities.
644
+ *
645
+ * This filter allows custom scripts to modify personal data entities
646
+ * definitions.
647
+ *
648
+ * @since 4.5.0
649
+ *
650
+ * @param array $types The personal data entities definitions.
651
+ */
652
+ return apply_filters("_wfu_personal_data_entities", $entities);
653
+ }
654
+
655
+ /**
656
+ * Define Personal Data Log Actions.
657
+ *
658
+ * This function defines the personal data log actions.
659
+ *
660
+ * @since 4.5.0
661
+ *
662
+ * @return array An array of personal data log actions definitions.
663
+ */
664
+ function wfu_personal_data_logactions() {
665
+ $logactions = array(
666
+ array( "ID" => 1,
667
+ "Name" => "All Log Actions",
668
+ "Slug" => "all_logactions",
669
+ "Description" => "This is a grouped log action referring to all log actions.",
670
+ "Order" => 1,
671
+ "Parent" => 0,
672
+ "Entities" => array(),
673
+ "Default" => array(),
674
+ "Data" => ""
675
+ ), array( "ID" => 2,
676
+ "Name" => "Personal Data Policy",
677
+ "Slug" => "policy_logactions",
678
+ "Description" => "This is a grouped log action referring to all actions on personal data policies.",
679
+ "Order" => 1,
680
+ "Parent" => 1,
681
+ "Entities" => array(),
682
+ "Default" => array(),
683
+ "Data" => ""
684
+ ), array( "ID" => 3,
685
+ "Name" => "Create",
686
+ "Slug" => "create_policy",
687
+ "Description" => "This is an atomic log action when a new personal data policy is created.",
688
+ "Order" => 1,
689
+ "Parent" => 2,
690
+ "Entities" => array(1),
691
+ "Default" => array(1),
692
+ "Data" => ""
693
+ ), array( "ID" => 4,
694
+ "Name" => "Modify",
695
+ "Slug" => "modify_policy",
696
+ "Description" => "This is an atomic log action when a new personal data policy is modified.",
697
+ "Order" => 2,
698
+ "Parent" => 2,
699
+ "Entities" => array(1),
700
+ "Default" => array(1),
701
+ "Data" => ""
702
+ ), array( "ID" => 5,
703
+ "Name" => "Delete",
704
+ "Slug" => "delete_policy",
705
+ "Description" => "This is an atomic log action when a new personal data policy is deleted.",
706
+ "Order" => 3,
707
+ "Parent" => 2,
708
+ "Entities" => array(1),
709
+ "Default" => array(1),
710
+ "Data" => ""
711
+ ), array( "ID" => 6,
712
+ "Name" => "Consent",
713
+ "Slug" => "consent_logactions",
714
+ "Description" => "This is a grouped log action referring to all actions on consents.",
715
+ "Order" => 2,
716
+ "Parent" => 1,
717
+ "Entities" => array(),
718
+ "Default" => array(),
719
+ "Data" => ""
720
+ ), array( "ID" => 7,
721
+ "Name" => "Grant",
722
+ "Slug" => "grant_consent",
723
+ "Description" => "This is an atomic log action when a consent is granted.",
724
+ "Order" => 1,
725
+ "Parent" => 6,
726
+ "Entities" => array(1, 2, 4),
727
+ "Default" => array(1, 2, 4),
728
+ "Data" => ""
729
+ ), array( "ID" => 8,
730
+ "Name" => "Revoke",
731
+ "Slug" => "revoke_consent",
732
+ "Description" => "This is an atomic log action when a consent is revoked.",
733
+ "Order" => 2,
734
+ "Parent" => 6,
735
+ "Entities" => array(1, 2, 4),
736
+ "Default" => array(1, 2, 4),
737
+ "Data" => ""
738
+ ), array( "ID" => 9,
739
+ "Name" => "Personal Data",
740
+ "Slug" => "personaldata_logactions",
741
+ "Description" => "This is a grouped log action referring to all actions on personal data.",
742
+ "Order" => 3,
743
+ "Parent" => 1,
744
+ "Entities" => array(),
745
+ "Default" => array(),
746
+ "Data" => ""
747
+ ), array( "ID" => 10,
748
+ "Name" => "Download",
749
+ "Slug" => "download_personaldata",
750
+ "Description" => "This is an atomic log action when personal data are downloaded.",
751
+ "Order" => 1,
752
+ "Parent" => 9,
753
+ "Entities" => array(1, 2, 4),
754
+ "Default" => array(1, 2, 4),
755
+ "Data" => ""
756
+ ), array( "ID" => 11,
757
+ "Name" => "Delete",
758
+ "Slug" => "delete_personaldata",
759
+ "Description" => "This is an atomic log action when personal data are deleted.",
760
+ "Order" => 2,
761
+ "Parent" => 9,
762
+ "Entities" => array(1, 2, 4),
763
+ "Default" => array(1, 2, 4),
764
+ "Data" => ""
765
+ ), array( "ID" => 12,
766
+ "Name" => "Custom Actions",
767
+ "Slug" => "custom_logactions",
768
+ "Description" => "This refers to custom log actions entered manually in the log.",
769
+ "Order" => 4,
770
+ "Parent" => 1,
771
+ "Entities" => array(1),
772
+ "Default" => array(1),
773
+ "Data" => ""
774
+ )
775
+ );
776
+
777
+ /**
778
+ * Let Custom Scripts Modify Personal Data Log Actions.
779
+ *
780
+ * This filter allows custom scripts to modify personal data log actions
781
+ * definitions.
782
+ *
783
+ * @since 4.5.0
784
+ *
785
+ * @param array $types The personal data log actions definitions.
786
+ */
787
+ return apply_filters("_wfu_personal_data_logactions", $logactions);
788
+ }
789
+
790
  ?>
readme.txt CHANGED
@@ -1,1208 +1,1214 @@
1
- === Wordpress File Upload ===
2
- Contributors: nickboss
3
- Donate link: http://www.iptanus.com/support/wordpress-file-upload
4
- Tags: file, upload, ajax, form, page, post, sidebar, responsive, widget, webcam, ftp
5
- Requires at least: 2.9.2
6
- Tested up to: 5.3.1
7
- Stable tag: "trunk"
8
- License: GPLv2 or later
9
- License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
-
11
- Simple yet very powerful plugin to allow users to upload files to your website from any page, post or sidebar and manage the uploaded files
12
-
13
- == Description ==
14
-
15
- With this plugin you or other users can upload files to your site from any page, post or sidebar easily and securely.
16
-
17
- Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress page / post or add the plugin's widget in any sidebar and you will be able to upload files to any directory inside wp-contents of your WordPress site.
18
-
19
- You can add custom fields to submit additional data together with the uploaded file.
20
-
21
- You can use it to capture screenshots or video from your webcam and upload it to the website (for browsers that support this feature).
22
-
23
- You can even use it as a simple contact (or any other type of) form to submit data without including a file.
24
-
25
- The plugin displays the list of uploaded files in a separate top-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).
26
-
27
- Several filters and actions before and after file upload enable extension of its capabilities.
28
-
29
- The characteristics of the plugin are:
30
-
31
- * It uses the latest HTML5 technology, however it will also work with old browsers and mobile phones.
32
- * It is compliant with the General Data Protection Regulation (GDPR) of the European Union.
33
- * It can be added in posts, pages or sidebars (as a widget).
34
- * It can capture and upload screenshots or video from the device's camera.
35
- * It supports additional form fields (like checkboxes, text fields, email fields, dropdown lists etc).
36
- * It can be used as a simple contact form to submit data (a selection of file can be optional).
37
- * It produces notification messages and e-mails.
38
- * It supports selection of destination folder from a list of subfolders.
39
- * Upload progress can be monitored with a progress bar.
40
- * Upload process can be cancelled at any time.
41
- * It supports redirection to another url after successful upload.
42
- * There can be more than one instances of the shortcode in the same page or post.
43
- * Uploaded files can be added to Media or be attached to the current page.
44
- * Uploaded files can be saved to an FTP location (ftp and sftp protocols supported).
45
- * It is highly customizable with many (more than 50) options.
46
- * It supports filters and actions before and after file upload.
47
- * It contains a visual editor for customizing the plugin easily without any knowledge of shortcodes or programming
48
- * It supports logging of upload events or management of files, which can be viewed by admins through the Dashboard.
49
- * It includes an Uploaded Files top-level menu item in the Dashboard, from where admins can view the uploaded files.
50
- * It includes a file browser in the Dashboard, from where admins can manage the files.
51
- * It supports multilingual characters and localization.
52
-
53
- The plugin is translated in the following languages:
54
-
55
- * Portuguese, kindly provided by Rui Alao
56
- * German
57
- * French, kindly provided by Thomas Bastide of http://www.omicronn.fr/ and improved by other contributors
58
- * Serbian, kindly provided by Andrijana Nikolic of http://webhostinggeeks.com/
59
- * Dutch, kindly provided by Ruben Heynderycx
60
- * Chinese, kindly provided by Yingjun Li
61
- * Spanish, kindly provided by Marton
62
- * Italian, kindly provided by Enrico Marcolini https://www.marcuz.it/
63
- * Polish
64
- * Swedish, kindly provided by Leif Persson
65
- * Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
66
- * Greek
67
-
68
- Please note that old desktop browsers or mobile browsers may not support all of the above functionalities. In order to get full functionality use the latest versions browsers, supporting HTML5, AJAX and CSS3.
69
-
70
- For additional features, such as multiple file upload, very large file upload, drag and drop of files, captcha, detailed upload progress bars, list of uploaded files, image gallery and custom css please consider [Wordpress File Upload Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page").
71
-
72
- Please visit the **Other Notes** section for customization options of this plugin.
73
-
74
- == Installation ==
75
-
76
- 1. First install the plugin using Wordpress auto-installer or download the .zip file from wordpress.org and install it from the Plugins section of your Dashboard or copy wordpress_file_upload directory inside wp-contents/plugins directory of your wordpress site.
77
- 1. Activate the plugin from Plugins section of your Dashboard.
78
- 1. In order to use the plugin simply go to the Dashboard / Settings / Wordpress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any page.
79
- 1. Open the page on your browser and you will see the upload form.
80
- 1. You can change the upload directory or any other settings easily by pressing the small edit button found at the left-top corner of the upload form. A new window (or tab) with pop up with plugin options. If you do not see the new window, adjust your browser settings to allow pop-up windows.
81
- 1. Full documentation about the plugin options can be found at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)
82
-
83
- A getting started guide can be found at http://www.iptanus.com/getting-started-with-wordpress-file-upload-plugin/
84
-
85
- == Frequently Asked Questions ==
86
-
87
- = Will the plugin work in a mobile browser? =
88
-
89
- Yes, the plugins will work in most mobile phones (has been tested in iOS, Android and Symbian browsers as well as Opera Mobile)
90
-
91
- = Do I need to have Flash to use then plugin? =
92
-
93
- No, you do not need Flash to use the plugin.
94
-
95
- = I get a SAFE MODE restriction error when I try to upload a file. Is there an alternative? =
96
-
97
- Your domain has probably turned SAFE MODE ON and you have restrictions uploading and accessing files. Wordpress File Upload includes an alternative way to upload files, using FTP access. Simply add the attribute **accessmethod="ftp"** inside the shortcode, together with FTP access information in **ftpinfo** attribute.
98
-
99
- = Can I see the progress of the upload? =
100
-
101
- Yes, you can see the progress of the upload. During uploading a progress bar will appear showing progress info, however this functionality functions only in browsers supporting HTML5 upload progress bar.
102
-
103
- = Can I upload many files at the same time? =
104
-
105
- Yes, but not in the free version. If you want to allow multiple file uploads, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version.
106
-
107
- = Where do files go after upload? =
108
-
109
- Files by default are uploaded inside wp-content directory of your Wordpress website. To change it use attribute uploadpath.
110
-
111
- = Can I see and download the uploaded files? =
112
-
113
- Administrators can view all uploaded files together with associated field data from the plugin's Settings in Dashboard. The [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a page or post.
114
-
115
- = Are there filters to restrict uploaded content? =
116
-
117
- Yes, you can control allowed file size and file extensions by using the appropriate attribute (see Other Notes section).
118
-
119
- = Are there any upload file size limitations? =
120
-
121
- Yes, there are file size limitations imposed by the web server or the host. If you want to upload very large files, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin, which surpasses size limitations.
122
-
123
- = Who can upload files? =
124
-
125
- By default all users can upload files. You can define which user roles are allowed to upload files. Even guests can be allowed to upload files. If you want to allow only specific users to upload files, then please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin.
126
-
127
- = What security is used for uploading files? =
128
-
129
- The plugin is designed not to expose website sensitive information. It has been tested by experts and verified that protects against CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, like use of captcha, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin.
130
-
131
- = What happens if connection is lost during a file upload? =
132
-
133
- In the free version the upload will fail. However in the Pro version the upload will resume and will continue until the file is fully uploaded. This is especially useful when uploading very large files.
134
-
135
- = The plugin does not look nice with my theme. What can I do? =
136
-
137
- There is an option in plugin's settings in Dashboard to relax the CSS rules, so that buttons and text boxes inherit the theme's styles. If additional styling is required, this can be done using CSS. The Professional version of the plugin allows CSS rules to be embed in the shortcode.
138
-
139
- == Screenshots ==
140
-
141
- 1. A screenshot of the plugin in its most simple form.
142
- 2. A screenshot of the plugin showing the progress bar.
143
- 3. A screenshot of the plugin showing the successful upload message.
144
- 4. A screenshot of the plugin with additional form fields.
145
- 5. A screenshot of the plugin with subfolder selection.
146
- 6. A screenshot of the plugin in a sidebar.
147
- 7. A screenshot of the shortcode composer.
148
- 8. A screenshot of the file browser.
149
-
150
- == Changelog ==
151
-
152
- = 4.12.1 =
153
- * corrected bug where files could not be downloaded from Dashboard / Uploaded Files page
154
-
155
- = 4.12.0 =
156
- * corrected bug where export data file was not deleted after download
157
- * corrected bug in FTP credentials configurator about double backslash (\\) issue
158
- * added cookies user state handler that has been integrated with dboption as 'Cookies (DBOption)' to comply with Wordpress directives not to use session
159
- * 'Cookies (DBOption)' user state handler has been set as the default one
160
- * added advanced option WFU_US_DBOPTION_BASE so that dboption can also work with session
161
- * added advanced option WFU_US_SESSION_LEGACY to use the old session functionality of the plugin, having session_start() in header
162
- * added auto-adjustment of user state handler to 'dboption' during activation (or update) of the plugin
163
- * bug "Error: [] cURL error 28" in Wordpress Site Health disappears when setting user state handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY advanced option is false
164
- * added the ability to run PHP processes in queue, which is necessary for correctly handling uploads when user state handler is dboption
165
-
166
- = 4.11.2 =
167
- * added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode
168
-
169
- = 4.11.1 =
170
- * corrected bug in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and not returning the generated HTML
171
- * added fix for compatibility with Fast Velocity Minify plugin
172
-
173
- = 4.11.0 =
174
- * code improved so that shortcode composer can be used by all users who can edit pages (and not only the admins)
175
- * added environment variable 'Show Shortcode Composer to Non-Admins' to control whether non-admin users can edit the shortcodes
176
- * added filtering of get_users() function in order to handle websites with many users more efficiently
177
- * added notification in shortcode composer if user leaves page without saving
178
- * corrected bug where restricted frontend loading of the plugin was not working for websites installed in localhost due to wrong calculation of request uri
179
-
180
- = 4.10.3 =
181
- * added the ability to move one or more files to another folder through the File Browser feature in Dashboard area of the plugin
182
- * improved responsiveness of shortcode composer and Main Dashboard page of the plugin
183
- * bug fix in wfu_revert_log_action
184
-
185
- = 4.10.2 =
186
- * added wordpress_file_upload_preload_check() function in main plugin file to avoid conflicts of variable names with Wordpress
187
- * updated webcam code to address createObjectURL Javascript error that prevents webcam feature to work in latest versions of browsers
188
-
189
- = 4.10.1 =
190
- * code modified so that vendor libraries are loaded only when necessary
191
- * improved process of deleting all plugin options
192
- * added honeypot field to userdata fields; this is a security feature, in replacement of captchas, invisible to users that prevents bots from uploading files
193
- * added attribute 'Consent Denial Rejects Upload' in uploader shortcode Personal Data tab to stop the upload if the consent answer is no, as well as 'Reject Message' attribute to customize the upload rejection message shown to the user
194
- * added attribute 'Do Not Remember Consent Answer' in uploader shortcode Personal Data tab to show the consent question every time (and not only the first time)
195
- * attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be compatible with either checkbox or radio Consent Format
196
- * upload result message adjusted to show the correct upload status in case that files were uploaded but were not saved due to Personal Data policy
197
- * code improved for sftp uploads to handle PECL ssh2 bug #73597
198
-
199
- = 4.10.0 =
200
- * plugin code improved to support files containing single quote characters (') in their filename
201
- * corrected bug where plugin was deactivated after update
202
-
203
- = 4.9.1 =
204
- * added Maintenance action 'Purge All Data' that entirely erases the plugin from the website and deactivates it
205
- * added advanced option 'Hide Invalid Uploaded Files' so that Uploaded Files page in Dashboard can show only valid uploads
206
- * added advanced option 'Restrict Front-End Loading' to load the plugin only on specific pages or posts in order to reduce unnecessary workload on pages not containing the plugin
207
- * code improved for better operation of the plugin when the website works behind a proxy
208
- * added option in Clean Log to erase the files together with plugin data
209
-
210
- = 4.9.0 =
211
- * code further improved to reduce "Iptanus Server unreachable..." errors
212
- * checked Weglot Translate compatibility; /wp-admin/admin-ajax.php needs to be added to Exclusion URL list of Weglot configuration so that uploads can work
213
- * several significant additions in the Pro version, including Microsoft OneDrive integration
214
-
215
- = 4.8.0 =
216
- * added item in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard page
217
- * code improved in Uploaded Files Dashboard page so that download action directly downloads the file, instead of redirecting to File Browser
218
- * added Advanced option 'WFU_UPLOADEDFILES_COLUMNS' that controls the order and visibility of Uploaded Files Dashboard page columns
219
- * added Advanced option 'WFU_UPLOADEDFILES_ACTIONS' that controls the order and visibility of Uploaded Files Dashboard page file actions
220
- * added several filters in Uploaded Files Dashboard page to make it more customizable
221
- * PHP function redeclaration system significantly improved to support arguments by reference, execution after the original function and redeclaration of variables
222
- * code improved to reduce "Iptanus Server unreachable..." errors (better operation of verify_peer http context property)
223
- * added a link in Iptanus Unreachable Server error message to an Iptanus article describing how to resolve it
224
-
225
- = 4.7.0 =
226
- * added Uploaded Files top-level Dashboard menu item, showing all the uploaded files and highlighting the new ones
227
- * added Portuguese translation from Rui Alao
228
- * checked and verified compatibility with Gutenberg
229
- * plugin initialization actions moved to plugins_loaded filter
230
- * fixed bug clearing userdata fields when Select File is pressed
231
- * File Browser and View Log tables modified to become more responsive especially for small screens
232
-
233
- = 4.6.2 =
234
- * corrected consent_status warning when updating user profile and Personal Data is off
235
- * user fields code improved for better data autofill behaviour
236
-
237
- = 4.6.1 =
238
- * added uploader shortcode attribute 'resetmode' to control whether the upload form will be reset after an upload
239
- * added pagination in File Browser tab in Dashboard area of the plugin
240
-
241
- = 4.6.0 =
242
- * corrected slash (/) parse Javascript error near 'fakepath' appearring on some situations
243
- * added nonces in Maintenance Actions to increase security
244
- * improved code in View Log so that no links appear to invalid files
245
- * improved code in View Log so that when the admin opens a file link to view file details, 'go back' button will lead back to the View Log page and not to File Browser
246
- * improved code in 'Clean Log' button in Maintenance Actions in Dashboard area of the plugin, so that the admin can select the period of clean-up
247
-
248
- = 4.5.1 =
249
- * code improved in wfu_js_decode_obj function for better compatibility with Safari browser
250
- * code improved to sanitize all shortcode attributes before uploader form or file viewer is rendered
251
- * removed external references to code.jquery.com and cdnjs.cloudflare.com for better compliance with GDPR
252
-
253
- = 4.5.0 =
254
- * added basic compliance with GDPR
255
- * added several shortcode attributes to configure personal data consent appearance and behaviour
256
- * added area in User Profile from where users can review and change their consent status
257
- * added Personal Data option in Settings that enables personal data operations
258
- * added Personal Data tab in plugin's area in Dashboard from where administrators can export and erase users' personal data
259
- * corrected bug not accepting subfolder dimensions when subfolder element was active
260
-
261
- = 4.4.0 =
262
- * added alternative user state handler using DB Options table in order to overcome problems with session variables appearing on many web servers
263
-
264
- = 4.3.4 =
265
- * all Settings sanitized correctly to prevent XSS attacks - credits to ManhNho for mentioning this problem
266
-
267
- = 4.3.3 =
268
- * all shortcode attributes sanitized correctly to close a serious security hole - credits to ManhNho for mentioning this problem
269
-
270
- = 4.3.2 =
271
- * fixed bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol
272
-
273
- = 4.3.1 =
274
- * added placeholder option in available label positions of additional fields; label will be the placeholder attribute of the field
275
-
276
- = 4.3.0 =
277
- * fixed bug where ftp credentials did not work when username or password contained (:) or (@) symbols
278
- * RegExp fix for wfu_js_decode_obj function for improved compatibility with caching plugins
279
- * corrected WFU_Original_Template::get_instance() method because it always returned the original class
280
- * View Log page improved so that displayed additional user fields of an uploaded file are not cropped
281
-
282
- = 4.2.0 =
283
- * changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avoid upload failures caused when the plugin detects double extensions
284
- * corrected bug where a Javascript error was generated when askforsubfolders was disabled and showtargetfolder was active
285
- * added css and js minifier in inline code
286
- * plugin modified so that the shortcodes render correctly either Javascript loads early (in header) or late (in footer)
287
- * plugin modified so that Media record is deleted when the associated uploaded file is deleted from plugin's database
288
- * corrected bug where some plugin images were not loaded while Relax CSS option was inactive
289
-
290
- = 4.1.0 =
291
- * changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avoid upload failures caused when the plugin detects double extensions
292
- * added advanced option WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer will sanitize dots or not
293
- * timepicker script and style replaced by most recent version
294
- * timepicker script and style files removed from plugin and loaded from cdn
295
- * json2 script removed from plugin and loaded from Wordpress registered script
296
- * JQuery UI style updated to latest 1.12.1 minified version
297
- * added wfu_before_admin_scripts filter before loading admin scripts and styles in order to control incompatibilities
298
- * removed getElementsByClassName-1.0.1.js file from plugin, getElementsByClassName function was replaced by DOM querySelectorAll
299
- * corrected bug showing warning "Notice: Undefined variable: page_hook_suffix..." when a non-admin user opened Dashboard
300
- * corrected fatal error "func_get_args(): Can't be used as a function parameter" appearing in websites with PHP lower than 5.3
301
- * added _wfu_file_upload_hide_output filter that runs when plugin should not be shown (e.g. for users not inluded in uploadroles), in order to output custom HTML
302
- * corrected bug where email fields were always validated, even if validate option was not activated
303
- * corrected bug where number fields did not allow invalid characters, even if typehook option was not activated
304
- * corrected bug where email fields were not allowed to be ampty when validate option was activated
305
- * corrected error T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.3
306
- * corrected bug with random upload fails caused when params_index corresponds to more than one params
307
-
308
- = 4.0.1 =
309
- * translation of the plugin in Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
310
- * corrected bug where notification email was not sending atachments
311
- * corrected bug not cleaning log in Maintenance Actions
312
-
313
- = 4.0.0 =
314
- * huge renovation of the plugin, the UI code has been rewritten to render based on templates
315
- * code modified so that it can correctly handle sites where content dir is explicitly defined
316
- * corrected bug in Dashboard file editor so that it can work when the website is installed in a subdirectory
317
- * corrected warnings showing when editing a file that was included in the plugin's database
318
- * added filter in get_posts so that it does not cause problems when there are too many pages/posts
319
- * bug fixes so that forcefilename works better and does not strip spaces in the filename
320
- * code improved to protect from hackers trying to use the plugin as email spammer
321
- * added advanced variable Force Email Notifications so that email can be sent even if no file was uploaded
322
- * corrected bug not showing sanitized filanames correctly in email
323
- * corrected bug so that dates show-up in local time and not in UTC in Log Viewer, File Browser and File Editor
324
- * fixed bug showing "Warning: Missing argument 2 for wpdb::prepare()" when cleaning up the log in Maintenance Actions
325
- * corrected bug where when configuring subfolders with visual editor the subfolder dialog showed unknown error
326
- * corrected bug where the Select File button was not locked during upload in case of classical HTML (no-ajax) uploads
327
- * added cancel button functionality for classic no-ajax uploads
328
- * added support for Secure FTP (sftp) using SSH2 library
329
- * successmessagecolor and waitmessagecolors attributes are hidden as they are no longer used
330
-
331
- = 3.11.0 =
332
- * added the ability to submit the upload form without a file, just like a contact form
333
- * added attribute allownofile in uploader shortcode; if enabled then the upload form can be submitted without selection of a file
334
- * added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload form is submitted without a file
335
- * added advanced debug options for more comprehensive and deep troubleshooting
336
- * added internal filters for advanced hooking of ajax handlers
337
- * fixed several security problems
338
- * fixed bug that was generating an error when automatic subfolders were activated and the upload folder did not exist
339
- * corrected bug where single quote, double quote and backslash characters in user fields were not saved correctly (they were escaped)
340
- * fixed bug where any changes made to the user data (e.g. through a filter) were not included in the email message
341
- * added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
342
- * changed column titles in the tables of plugin instances in Main tab in Dashboard
343
- * fixed bug where if a user field was modified from the file editor, custom columns were changing order
344
-
345
- = 3.10.0 =
346
- * an alternative Iptanus server is launched in Google Cloud for resolving the notorious error "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open stream: Connection timed out."
347
- * added option 'Use Alternative Iptanus Server' in Settings to switch to the alternative Iptanus Server
348
- * added advanced option 'Alternative Iptanus Server' that points to an alternative Iptanus Server
349
- * added advanced option 'Alternative Iptanus Version Server' that points to the alternative Iptanus Server URL returning the latest plugin version
350
- * an error is shown in the Main page of the plugin in Dashboard if Iptanus Server is unreachable
351
- * a warning is shown in the Main page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
352
- * alternative fix of error accessing https://services2.iptanus.com for cURL (by disabling CURLOPT_SSL_VERIFYHOST) and for sockets by employing a better parser of socket response
353
- * added Swedish translation, kindly provided by Leif Persson
354
- * improved ftp functionality so that ftp folders can be created recursively
355
-
356
- = 3.9.6 =
357
- * added internal filter _wfu_file_upload_output before echoing uploader shortcode html
358
- * added ability to change the order of additional user fields in shortcode visual editor
359
-
360
- = 3.9.5 =
361
- * added environment variable 'Upload Progress Mode' that defines how upload progress is calculated
362
- * improved progress bar calculation
363
- * minor bug fixes in AJAX functions mentioned by Hanneke Hoogstrate http://www.blagoworks.nl/
364
-
365
- = 3.9.4 =
366
- * added option to enable admin to change the upload user of a file
367
- * code improvements and bug fixes related to file download feature
368
- * code improvements related to clean database function
369
- * added Italian translation
370
-
371
- = 3.9.3 =
372
- * added option to allow loading of plugin's styles and scripts on the front-end only for specific posts/pages through wfu_before_frontpage_scripts filter
373
- * fixed bug where when uploading big files with identical filenames and 'maintain both' option, not all would be saved separately
374
- * two advanced variables were added to let the admin change the export function separators
375
-
376
- = 3.9.2 =
377
- * added environment variable to enable or disable version check, due to access problems of some users to Iptanus Services server
378
- * added timeout option to wfu_post_request function
379
- * added Spanish translation, kindly provided by Marton
380
-
381
- = 3.9.1 =
382
- * temporary fix to address issue with plugin's Main page in Dashboard not loading, by disabling plugin version check
383
- * correct Safari problem with extra spaces in success message coming from force_close_connection
384
- * correct bug where when extension has capital letters it is rejected
385
-
386
- = 3.9.0 =
387
- * a big number of extensions have been blacklisted for preventing upload of potentially dangerous files
388
- * the plugin will not allow inclusion, renaming or downloading of files with blacklisted extensions based on the new list
389
- * if no upload extensions are defined or the uploadpattern is too generic, then the plugin will allow only specific extensions based on a white list of extensions; if the administrator wants to include more extensions he/she must declare them explicitely
390
- * the use of the wildcard asterisk symbol has become stricter, asterisk will match all characters except the dot (.), so the default *.* pattern will allow only one extension in the filename (and not more as happened so far).
391
- * added environment variable 'Wildcard Asterisk Mode' for defining the mode of the wildcard asterisk symbol. If it is 'strict' (default) then the asterisk will not match dot (.) symbol. If it is 'loose' then the asterisk will match any characters (including dot).
392
- * slight bug fixes so that wildcard syntax works correctly with square brackets
393
- * added maximum number of uploads per specific interval in order to avoid DDOS attacks
394
- * added environment variables related to Denial-Of-Service attacks in order to configure the behaviour of the DOS attack checker
395
- * bug fix of wfu_before_file_upload filter that was not working correctly with files larger than 1MB
396
-
397
- = 3.8.5 =
398
- * added bulk actions feature in File Browser in Dashboard for admins
399
- * added delete and include bulk actions in File Browser
400
- * improvement of column sort functionality of File Browser
401
- * added environment variable 'Use Alternative Randomizer' in order to make string randomizer function work for fast browsers
402
- * uploadedbyuser and userid fields became int to cope with large user ID numbers on some Wordpress environments
403
-
404
- = 3.8.4 =
405
- * dublicatespolicy attribute replaced by grammaticaly correct duplicatespolicy, however backward compatibility with the old attribute is maintained
406
-
407
- = 3.8.3 =
408
- * fixed bug of subdirectory selector that was not initializing correctly after upload
409
- * fixed slight widget incompatibility with customiser
410
- * fixed bug of drag-n-drop feature that was not working when singlebutton operation was activated
411
-
412
- = 3.8.2 =
413
- * fixed bug in wfu_after_file_loaded filter that was not working and was overriden by obsolete wfu_after_file_completed filter
414
- * added option in plugin's Settings in Dashboard to include additional files in plugin's database
415
- * added feature in Dashboard File Browser for admins to include additional files in plugin's database
416
-
417
- = 3.8.1 =
418
- * fixed bug with duplicate userdata IDs in HTML when using more than one userdata occurrences
419
-
420
- = 3.8.0 =
421
- * added webcam option that enables webcam capture functionality
422
- * added webcammode atribute to define capture mode (screenshots, video or both)
423
- * added audiocapture attribute to define if audio will be captured together with video
424
- * added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame rate
425
- * added camerafacing attribute to define the camera source (front or back)
426
- * added maxrecordtime attribute to define the maximum record time of video
427
- * added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
428
- * fixed bug that strips non-latin characters from filename when downloading files
429
-
430
- = 3.7.3 =
431
- * improved filename sanitization function
432
- * added Chinese translation by Yingjun Li
433
-
434
- = 3.7.2 =
435
- * added option to cancel upload
436
- * setting added so that upload does not fail when site_url and home_url are different
437
- * added attribute requiredlabel in uploader's shortcode that defines the required keyword
438
- * required keyword can now be styled separately from the user field label
439
- * add user fields in Media together with file
440
- * setting added so that userdata fields are shown in Media Library or not
441
- * added Dutch translation by Ruben Heynderycx
442
-
443
- = 3.7.1 =
444
- * internal code modifications and slight bug corrections
445
-
446
- = 3.7.0 =
447
- * significant code modifications to make the plugin pluggable, invisible to users
448
- * addition of before and after upload filters
449
- * correction of small bug in Shortcode Composer of File Viewer
450
-
451
- = 3.6.1 =
452
- * Iptanus Services server for getting version info and other utilities is now secure (https)
453
- * fixed bug with wfu_path_abs2rel function when ABSPATH is just a slash
454
- * additional fixes and new features in Professional version
455
-
456
- = 3.6.0 =
457
- * French translation improved
458
- * correction of minor bug at wfu_functions.php
459
- * code improvements in upload algorithm
460
- * wp_check_filetype_and_ext check moved after completion of file
461
- * added wfu_after_file_complete filter that runs right after is fully uploaded
462
- * improved appearance of plugin's area in Dashboard
463
-
464
- = 3.5.0 =
465
- * textdomain changed to wp-file-upload to support the translation feature of wordpress.org
466
- * added option in Maintenance Actions of plugin's area in Dashboard to export uploaded file data
467
- * added pagination of non-admin logged user's Uploaded Files Browser
468
- * added pagination of front-end File List Viewer
469
- * added pagination of user permissions table in plugin's Settings
470
- * added pagination of Log Viewer
471
- * corrected bug in View Log that was not working when pressing on the link
472
- * improvements to View Log feature
473
- * improvements to file download function to avoid corruption of downloaded file due to set_time_limit function that may generate warnings
474
- * added wfu_before_frontpage_scripts filter that executes right before frontpage scripts and styles are loaded
475
- * added functionality to avoid incompatibilities with NextGen Gallery plugin
476
-
477
- = 3.4.1 =
478
- * plugin's security improved to reject files that contain .php.js or similar extensions
479
-
480
- = 3.4.0 =
481
- * added fitmode attribute to make the plugin responsive
482
- * added widget "Wordpress File Upload Form", so that the uploader can be installed in a sidebar
483
- * changes to Shortcode Composer so that it can edit plugin instances existing in sidebars as widgets
484
- * changes to Uploader Instances in plugin's area in Dashboard to show also instances existing inside sidebars
485
- * added the ability to define dimensions (width and height) for the whole plugin
486
- * dimensioning of plugin's elements improved when fitmode is set to "responsive"
487
- * filter and non-object warnings of front-end file browser, appearing when DEBUG mode is ON, removed
488
- * bug fixed to front-end file browser to hide Shortcode Composer button for non-admin users
489
- * logic changed to front-end file browser to allow users to download files uploaded by other users
490
- * code changed to front-end file browser to show a message when a user attempts to delete a file that was not uploaded by him/her
491
-
492
- = 3.3.1 =
493
- * bug corrected that was breaking plugin operation for php versions prior to 5.3
494
- * added a "Maintenance Actions" section in plugin's Dashboard page
495
- * added option in plugin's "Maintenance Actions" to completely clean the database log
496
-
497
- = 3.3.0 =
498
- * userdatalabel attribute changed to allow many field types
499
- * added the following user data field types: simple text, multiline text, number, email, confirmation email, password, confirmation password, checkbox, radiobutton, date, time, datetime, listbox and dropdown list
500
- * added several options to configure the new user data fields: label text (to define the label of the field), label position (to define the position of the label in relation to the field), required option (to define if the field needs to be filled before file upload), do-not-autocomplete option (to prevent the browsers for completing the field automatically), validate option (to perform validity checks of the field before file upload depending on its type), default text (to define a default value), group id (to group fields together such as multiple radio buttons), format text (to define field formatting depending on the field type), typehook option (to enable field validation during typing inside the field), hint position (to define the position of the message that will be shown to prompt the user that a required field is empty or is not validated) as well as an option to define additional data depending on the field type (e.g. define list of items of a listbox or dropdown list)
501
- * Shortcode Composer changed to support the new user data fields and options
502
- * placement attribute can accept more than one instances of userdata
503
- * fixed bug not showing date selector of date fields in Shortcode Composer when working with Firefox or IE browsers
504
- * in some cases required userdata input field will turn red if not populated
505
- * shortcode_exists and wp_slash fixes for working before 3.6 Wordpress version
506
- * minor bug fixes
507
-
508
- = 3.2.1 =
509
- * removed 'form-field' class from admin table tr elements
510
- * corrected bug that was causing problems in uploadrole and uploaduser attributes when a username or role contained uppercase letters
511
- * uploadrole and uploaduser attributes logic modified; guests are allowed only if 'guests' word is included in the attribute
512
- * modifications to the download functionality script to be more robust
513
- * corrected bug that was not showing options below a line item of admin tables in Internet Explorer
514
- * several feature additions and bug fixes in Professional version
515
-
516
- = 3.2.0 =
517
- * added option in plugin's settings to relax CSS rules so that plugin inherits theme styling
518
- * modifications in html and css of editable subfolders feature to look better
519
- * modifications in html and css of prompt message when a required userdata field is empty
520
- * PLUGINDIR was replaced by WP_PLUGIN_DIR so that the plugin can work for websites where the contents dir is other than wp-content
521
- * fixed bug that was not allowing Shortcode Composer to launch when the shortcode was too big
522
- * fixed bug that was causing front-end file list not to work properly when no instance of the plugin existed in the same page / post
523
-
524
- = 3.1.2 =
525
- * important bug detected and fixed that was stripping slashes from post or page content when updating the shortcode using the shortcode composer
526
-
527
- = 3.1.1 =
528
- * the previous version broke the easy creation of shortcodes through the plugin's settings in Dashboard and it has been corrected, together with some improvements
529
-
530
- = 3.1.0 =
531
- * an important feature (front-end file browser) has been added in professional version 3.1.0
532
- * added port number support for uploads using ftp mode
533
- * corrected bug that was not showing correctly in file browser files that were uploaded using ftp mode
534
- * eliminated confirmbox warning showing in page when website's DEBUG mode is ON
535
- * eliminated warning: "Invalid argument supplied for foreach() in ...plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
536
- * eliminated warning: "Notice: Undefined index: postmethod in /var/www/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
537
- * eliminated warnings in plugin's settings in Dashboard
538
-
539
- = 3.0.0 =
540
- * major version number has advanced because an important feature has been added in Pro version (logged users can browse their uploaded files through their Dashboard)
541
- * several code modifications in file browser to make the plugin more secure against hacking, some functionalities in file browser have slightly changed
542
- * new file browser cannot edit files that were not uploaded with the plugin and it cannot edit or create folders
543
- * upload path cannot be outside the wordpress installation root
544
- * files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons
545
-
546
- = 2.7.6 =
547
- * added functionality in Dashboard to add the plugin to a page automatically
548
- * fixed bug that was not showing the Shortcode Composer because the plugin could not find the plugin instance when the shortcode was nested in other shortcodes
549
-
550
- = 2.7.5 =
551
- * added German and Greek translation
552
-
553
- = 2.7.4 =
554
- * added Serbian translation thanks to Andrijana Nikolic from http://webhostinggeeks.com/
555
- * bug fix with %blogid%, %pageid% and %pagetitle% that where not implemented in notification emails
556
- * in single button operation selected files are removed in case that a subfolder has not been previously selected or a required user field has not been populated
557
- * bug fixed in single file operation that allowed selection of multiple files through drag-and-drop
558
- * bug fixed with files over 1MB that got corrupted when maintaining files with same filename
559
- * dummy (test) Shortcode Composer button removed from the plugin's Settings as it is no longer useful
560
- * added support for empty (zero size) files
561
- * many code optimizations and security enhancements
562
- * fixed javascript errors in IE8 that were breaking upload operation
563
- * code improvements to avoid display of session warnings
564
- * added %username% in redirect link
565
- * added option in plugin's Settings in Dashboard to select alternative POST Upload method, in order to resolve errors like "http:// wrapper is disabled in the server configuration by allow_url_fopen" or "Call to undefined function curl_init()"
566
- * added filter action wfu_after_upload, where the admin can define additional javascript code to be executed on user's browser after each file is finished
567
-
568
- = 2.7.3 =
569
- * important bug fix in Pro version
570
- * added wfu_before_email_notification filter
571
- * corrected bug not showing correctly special characters (double quotes and braces) in email notifications
572
-
573
- = 2.7.2 =
574
- * important bug fix in Pro version, very slight changes in free version
575
-
576
- = 2.7.1 =
577
- * fixed bug with faulty plugin instances appearing when Woocommerce plugin is also installed
578
- * Upload of javascript (.js) files is not allowed for avoiding security issues
579
- * fixed bug with medialink and postlink attributes that were not working correctly
580
- * when medialink or postlink is activated, the files will be uploaded to the upload folder of WP website
581
- * when medialink or postlink is activated, subfolders will be deactivated
582
- * added option in subfolders to enable the list to populate automatically
583
- * added option in subfolders the user to be able to type the subfolder
584
- * wfu_before_file_check filter can modify the target path (not only the file name)
585
-
586
- = 2.7.0 =
587
- * corrected bug when deleting plugin instance from the Dashboard
588
- * corrected bug not finding "loading_icon.gif"
589
-
590
- = 2.6.0 =
591
- * full redesign of the upload algorithm to become more robust
592
- * added improved server-side handling of large files
593
- * plugin shortcodes can be edited using the Shortcode Composer
594
- * added visual editor button on the plugin to enable administrators to change the plugin settings easily
595
- * corrected bug causing sometimes database overloads
596
- * slight improvements of subfolder option
597
- * improvements to avoid code breaking in ajax calls when there are php warnings or echo from Wordpress environment or other plugins
598
- * improvements and bug fixes in uploader when classic (no AJAX) upload is selected
599
- * eliminated php warnings in shortcode composer
600
- * corrected bug that was not correctly downloading files from the plugin's File Browser
601
- * added better security when downloading files from the plugin's File Browser
602
- * fixed bug not correctly showing the user that uploaded a file in the plugin's File Browser
603
- * use of curl to perform server http requests was replaced by native php because some web servers do not have CURL installed
604
- * corrected bug in shortcode composer where userdata fields were not shown in variables drop down
605
- * added feature that prevents page closing if an upload is on progress
606
- * added forcefilename attribute to avoid filename sanitization
607
- * added ftppassivemode attribute for enabling FTP passive mode when FTP method is used for uploading
608
- * added ftpfilepermissions attribute for defining the permissions of the uploaded file, when using FTP method
609
- * javascript and css files are minified for faster loading
610
-
611
- = 2.5.5 =
612
- * fixed serious bug not uploading files when captcha is enabled
613
- * fixed bug not redirecting files when email notification is enabled
614
-
615
- = 2.5.4 =
616
- * mitigated issue with "Session failed" errors appearing randomly in websites
617
- * fixed bug not applying %filename% variable inside redirect link
618
- * fixed bug not applying new filename, which has been modified with wfu_before_file_upload filter, in email notifications and redirects
619
- * fixed bug where when 2 big files were uploaded at the same time and one failed due to failed chunk, then the progress bar would not go to 100% and the file would not be shown as cancelled
620
-
621
- = 2.5.3 =
622
- * fixed bug not allowing redirection to work
623
- * fixed bug that was including failed files in email notifications on certain occasions
624
- * default value for uploadrole changed to "all"
625
-
626
- = 2.5.2 =
627
- * fixed important bug in free version not correctly showing message after failed upload
628
-
629
- = 2.5.1 =
630
- * fixed important bug in free version giving the same name to all uploaded files
631
- * fixed bug in free version not clearing completely the plugin cache from previous file upload
632
-
633
- = 2.5.0 =
634
- * major redesign of upload algorithm to address upload issues with Safari for Mac and Firefox
635
- * files are first checked by server before actually uploaded, in order to avoid uploading of large files that are invalid
636
- * modifications to progress bar code to make progress bar smoother
637
- * restrict upload of .php files for security reasons
638
- * fixed bug not showing correctly userdata fields inside email notifications when using ampersand or other special characters in userdata fields
639
-
640
- = 2.4.6 =
641
- * variables %blogid%, %pageid% and %pagetitle% added in email notifications and subject and %dq% in subject
642
- * corrected bug that was breaking Shortcode Composer when using more than ten attributes
643
- * corrected bug that was rejecting file uploads when uploadpattern attribute contained blank spaces
644
- * several code corrections in order to eliminate PHP warning messages when DEBUG mode is on
645
- * several code corrections in order to eliminate warning messages in Javascript
646
-
647
- = 2.4.5 =
648
- * correction of bug when using userfields inside notifyrecipients
649
-
650
- = 2.4.4 =
651
- * intermediate update to make the plugin more immune to hackers
652
-
653
- = 2.4.3 =
654
- * correction of bug to allow uploadpath to receive userdata as parameter
655
-
656
- = 2.4.2 =
657
- * intermediate update to address some vulnerability issues
658
-
659
- = 2.4.1 =
660
- * added filters and actions before and after each file upload - check below Filters/Actions section for instructions how to use them
661
- * added storage of file info, including user data, in database
662
- * added logging of file actions in database - admins can view the log from the Dashboard
663
- * admins can automatically update the database to reflect the current status of files from the Dashboard
664
- * file browser improvements so that more information about each file (including any user data) are shown
665
- * file browser improvements so that files can be downloaded
666
- * filelist improvements to display correctly long filenames (Pro version)
667
- * filelist improvements to distinguish successful uploads from failed uploads (Pro version)
668
- * improvements of chunked uploads so that files that are not allowed to be uploaded are cancelled faster (Pro version)
669
- * corrected wrong check of file size limit for chunked files (Pro version)
670
- * added postlink attribute so that uploaded files are linked to the current page (or post) as attachments
671
- * added subfolderlabel attribute to define the label of the subfolder selection feature
672
- * several improvements to subfolder selection feature
673
- * default value added to subfolder selection feature
674
- * definition of the subfoldertree attribute in the Shortcode Composer is now done visually
675
- * %userid% variable added inside uploadpath attribute
676
- * userdata variables added inside uploadpath and notifyrecipients attributes
677
- * uploadfolder_label added to dimension items
678
- * user fields feature improvements
679
- * user fields label and input box dimensions are customizable
680
- * captcha prompt label dimensions are customizable (Pro version)
681
- * added gallery attribute to allow the uploaded files to be shown as image gallery below the plugin (Pro version)
682
- * added galleryoptions attribute to define options of the image gallery (Pro version)
683
- * added css attribute and a delicate css editor inside Shortcode Composer to allow better styling of the plugin using custom css (Pro version)
684
- * email feature improved in conjunction with redirection
685
- * improved interoperability with WP-Filebase plugin
686
- * improved functionality of free text attributes (like notifymessage or css) by allowing double-quotes and brackets inside the text (using special variables), that were previously breaking the plugin
687
-
688
- = 2.3.1 =
689
- * added option to restore default value for each attribute in Shortcode Composer
690
- * added support for multilingual characters
691
- * correction of bug in Shortcode Composer that was not allowing attributes with singular and plural form to be saved
692
- * correction of bug that was not changing errormessage attribute in some cases
693
-
694
- = 2.2.3 =
695
- * correction of bug that was freezing the Shortcode Composer in some cases
696
- * correction of bug with successmessage attribute
697
-
698
- = 2.2.2 =
699
- * serious bug fixed that was breaking operation of Shortcode Composer and File Browser when the Wordpress website is in a subdirectory
700
-
701
- = 2.2.1 =
702
- * added file browser in Dashboard for admins
703
- * added attribute medialink to allow uploaded files to be shown in Media
704
- * serious bug fixed that was breaking the plugin because of preg_replace_callback function
705
- * corrected error in first attempt to upload file when captcha is enabled
706
-
707
- = 2.1.3 =
708
- * variables %pagetitle% and %pageid% added in uploadpath.
709
- * bug fixes when working with IE8.
710
- * Shortcode Composer saves selected options
711
- * Easier handling of userdata variables in Shortcode Composer
712
- * correction of bug that allowed debugdata to be shown in non-admin users
713
- * reset.css removed from plugin as it was causing breaks in theme's css
714
- * correction of bug with WPFilebase Manager plugin
715
-
716
- = 2.1.2 =
717
- * Several bug fixes and code reconstruction.
718
- * Code modifications so that the plugin can operate even when DEBUG mode is ON.
719
- * New attribute debugmode added to allow better debugging of the plugin when there are errors.
720
-
721
- = 2.1.1 =
722
- * Bug fixes with broken images when Wordpress website is in a subdirectory.
723
- * Replacement of glob function because is not allowed by some servers.
724
-
725
- = 2.0.2 =
726
- * Bug fixes in Dashboard Settings Shortcode Composer.
727
- * Correction of important bug that was breaking page in some cases.
728
- * Minor improvements of user data fields and notification email attributes.
729
-
730
- = 2.0.1 =
731
- This is the initial release of Wordpress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the creation of the later is included.
732
-
733
- * Name of the plugin changed to Wordpress File Upload.
734
- * Plugin has been completely restructured to allow additional features.
735
- * A new more advanced message box has been included showing information in a more structured way.
736
- * Error detection and reporting has been improved.
737
- * An administration page has been created in the Dashboard Settings, containing a Shortcode Composer.
738
- * Some more options related to configuration of message showing upload results have been added.
739
- * Several bug fixes.
740
-
741
- = 1.7.14 =
742
- * Userdata attribute changed to allow the creation of more fields and required ones.
743
- * Spanish translation added thanks to Maria Ramos of WebHostingHub.
744
-
745
- = 1.7.13 =
746
- * Added notifyheaders attribute, in order to allow better control of notification email sent (e.g. allow to send HTML email).
747
-
748
- = 1.7.12 =
749
- * Added userdata attribute, in order to allow users to send additional text data along with the uploaded file.
750
-
751
- = 1.7.11 =
752
- * Added single button operation (file will be automatically uploaded when selected without pressing Upload Button).
753
-
754
- = 1.7.10 =
755
- * Fixed bug with functionality of attribute filebaselink for new versions of WP-Filebase plugin.
756
-
757
- = 1.7.9 =
758
- * Fixed problem with functionality of attribute filebaselink for new versions of WP-Filebase plugin.
759
-
760
- = 1.7.8 =
761
- * More than one roles can now be defined in attribute uploadrole, separated by comma (,).
762
-
763
- = 1.7.7 =
764
- * Variable %filename% now works also in redirectlink.
765
-
766
- = 1.7.6 =
767
- * Changes in ftp functionality, added useftpdomain attribute so that it can work with external ftp domains as well.
768
- * Improvement of classic upload (used in IE or when setting forceclassic to true) messaging functionality.
769
- * Minor bug fixes.
770
-
771
- = 1.7.5 =
772
- * Source modified so that it can work with Wordpress sites that are not installed in root.
773
- * Added variable %blogid% for use with multi-site installations.
774
- * Bug fixes related to showing of messages.
775
-
776
- = 1.7.4 =
777
- * Replacement of json2.js with another version.
778
-
779
- = 1.7.3 =
780
- * CSS style changes to resolve conflicts with various theme CSS styles.
781
-
782
- = 1.7.2 =
783
- * Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.
784
-
785
- = 1.7.1 =
786
- * Added capability to upload files outside wp-content folder.
787
- * Improved error reporting.
788
-
789
- = 1.7 =
790
- * Complete restructuring of plugin HTML code, in order to make it more configurable and customizable.
791
- * Appearance of messages has been improved.
792
- * Added option to put the plugin in testmode.
793
- * Added option to configure the colors of success and fail messages.
794
- * Added option to modify the dimensions of the individual objects of the plugin.
795
- * Added option to change the placement of the individual objects of the plugin.
796
- * Improved error reporting.
797
- * Added localization for error messages.
798
- * Minor bug fixes.
799
-
800
- = 1.6.3 =
801
- * Bug fixes to correct incompatibilities of the new ajax functionality when uploadrole is set to "all".
802
-
803
- = 1.6.2 =
804
- * Bug fixes to correct incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.
805
-
806
- = 1.6.1 =
807
- * Correction of serious bug that prevented the normal operation of the plugin when the browser of the user supports HTML5 functionality.
808
- * Tags added to the plugin Wordpress page.
809
-
810
- = 1.6 =
811
- * Major lifting of the whole code.
812
- * Added ajax functionality so that file is uploaded without page reload (works in browsers supporting HTML5).
813
- * Added upload progress bar (works in browsers supporting HTML5).
814
- * Added option to allow user to select if wants to use the old form upload functionality.
815
- * File will not be saved again if user presses the Refresh button (or F5) of the page.
816
- * Translation strings updated.
817
- * Bug fixes for problems when there are more than one instances of the plugin in a single page.
818
-
819
- = 1.5 =
820
- * Added option to notify user about upload directory.
821
- * Added option to allow user to select a subfolder to upload the file.
822
-
823
- = 1.4.1 =
824
- * css corrections for bug fixes.
825
-
826
- = 1.4 =
827
- * Added option to attach uploaded file to notification email.
828
- * Added option to customize message on successful upload (variables %filename% and %filepath% can be used).
829
- * Added option to customize color of message on successful upload.
830
- * "C:\fakepath\" problem resolved.
831
- * warning message about function create_directory() resolved.
832
- * css enhancements for compatibility with more themes.
833
-
834
- = 1.3 =
835
- * Additional variables added (%filename% and %filepath%).
836
- * All variables can be used inside message subject and message text.
837
- * Added option to determine how to treat duplicates (overwrite existing file, leave existing file, leave both).
838
- * Added option to determine how to rename the uploaded file, when another file already exists in the target directory.
839
- * Added option to create directories and upload files using ftp access, in order to overcome file owner and SAFE MODE restrictions.
840
- * Added the capability to redirect to another web page when a file is uploaded successfully.
841
- * Added the option to show to administrators additional messages about upload errors.
842
- * Bug fixes related to interoperability with WP_Filebase
843
-
844
- = 1.2 =
845
- * Added notification by email when a file is uploaded.
846
- * Added the ability to upload to a variable folder, based on the name of the user currently logged in.
847
-
848
- = 1.1 =
849
- Added the option to allow anyone to upload files, by setting the attribute uploadrole to "all".
850
-
851
- = 1.0 =
852
- Initial version.
853
-
854
- == Upgrade Notice ==
855
-
856
- = 4.12.1 =
857
- Minor update to fix some bugs.
858
-
859
- = 4.12.0 =
860
- Significant update to introduce some improvements, new features and fix some bugs.
861
-
862
- = 4.11.2 =
863
- Minor update to introduce some improvements.
864
-
865
- = 4.11.1 =
866
- Minor update to introduce some improvements and fix some bugs.
867
-
868
- = 4.11.0 =
869
- Significant update to introduce some improvements and fix some bugs.
870
-
871
- = 4.10.3 =
872
- Minor update to introduce some improvements and fix some bugs.
873
-
874
- = 4.10.2 =
875
- Minor update to introduce some improvements and fix some bugs.
876
-
877
- = 4.10.1 =
878
- Regular update to introduce some new features and improvements.
879
-
880
- = 4.10.0 =
881
- Regular update to introduce some new features and improvements.
882
-
883
- = 4.9.1 =
884
- Regular update to introduce some new features and improvements and fix some bugs.
885
-
886
- = 4.9.0 =
887
- Significant update to introduce some new features and improvements and fix some bugs.
888
-
889
- = 4.8.0 =
890
- Significant update to introduce some new features and improvements and fix some bugs.
891
-
892
- = 4.7.0 =
893
- Significant update to introduce some new features and improvements and fix some bugs.
894
-
895
- = 4.6.2 =
896
- Minor update to fix some bugs and introduce some code improvements.
897
-
898
- = 4.6.1 =
899
- Regular update to introduce some new features.
900
-
901
- = 4.6.0 =
902
- Significant update to introduce some new features.
903
-
904
- = 4.5.1 =
905
- Minor update to introduce some new features.
906
-
907
- = 4.5.0 =
908
- Significant update to introduce new features and fix some bugs.
909
-
910
- = 4.4.0 =
911
- Significant update that enables wider web server compatibility.
912
-
913
- = 4.3.4 =
914
- Minor update to fix a serious security hole.
915
-
916
- = 4.3.3 =
917
- Minor update to fix a serious security hole.
918
-
919
- = 4.3.2 =
920
- Minor update to fix some bugs.
921
-
922
- = 4.3.1 =
923
- Minor update to introduce a new feature.
924
-
925
- = 4.3.0 =
926
- Significant update to introduce some new features and fix some bugs.
927
-
928
- = 4.2.0 =
929
- Significant update to introduce some new features and fix some bugs.
930
-
931
- = 4.1.0 =
932
- Significant update to fix several bugs and introduce some new features.
933
-
934
- = 4.0.1 =
935
- Minor update to fix some bugs.
936
-
937
- = 4.0.0 =
938
- Major update to introduce new features, code improvements and fix some bugs.
939
-
940
- = 3.11.0 =
941
- Update to introduce some new features and fix some bugs.
942
-
943
- = 3.10.0 =
944
- Update to introduce some new features and fix some bugs.
945
-
946
- = 3.9.6 =
947
- Update to introduce some new features.
948
-
949
- = 3.9.5 =
950
- Update to introduce some new features and fix some minor bugs.
951
-
952
- = 3.9.4 =
953
- Update to introduce some new features and fix some bugs.
954
-
955
- = 3.9.3 =
956
- Update to introduce some new features and fix some bugs.
957
-
958
- = 3.9.2 =
959
- Significant update to improve a temporary fix to an important problem and fix some minor bugs.
960
-
961
- = 3.9.1 =
962
- Significant update to introduce a temporary fix to an important problem.
963
-
964
- = 3.9.0 =
965
- Significant update to increase the security of the plugin and address potential threats.
966
-
967
- = 3.8.5 =
968
- Upgrade to introduce some new features and code improvements.
969
-
970
- = 3.8.4 =
971
- Upgrade to fix some bugs.
972
-
973
- = 3.8.3 =
974
- Minor upgrade to fix some bugs.
975
-
976
- = 3.8.2 =
977
- Minor upgrade to fix some bugs and introduce some new features.
978
-
979
- = 3.8.1 =
980
- Minor upgrade to fix some bugs.
981
-
982
- = 3.8.0 =
983
- Significant upgrade to introduce some new features and fix some bugs.
984
-
985
- = 3.7.3 =
986
- Upgrade to introduce some improvements and new languages.
987
-
988
- = 3.7.2 =
989
- Upgrade to introduce some new features and fix some minor bugs.
990
-
991
- = 3.7.1 =
992
- Upgrade to fix some minor bugs.
993
-
994
- = 3.7.0 =
995
- Upgrade to introduce some new features and fix some minor bugs.
996
-
997
- = 3.6.1 =
998
- Upgrade to introduce some new features and fix some minor bugs.
999
-
1000
- = 3.6.0 =
1001
- Upgrade to introduce some new features and fix some minor bugs.
1002
-
1003
- = 3.5.0 =
1004
- Important upgrade to introduce some new features and fix some bugs.
1005
-
1006
- = 3.4.1 =
1007
- Important upgrade to address a security hole.
1008
-
1009
- = 3.4.0 =
1010
- Important upgrade to introduce some new features and fix some bugs.
1011
-
1012
- = 3.3.1 =
1013
- Important upgrade to correct a bug of the previous version and introduce a new feature.
1014
-
1015
- = 3.3.0 =
1016
- Major upgrade to add some new featuresand fix some minor bugs.
1017
-
1018
- = 3.2.1 =
1019
- Upgrade to fix some bugs and add some features.
1020
-
1021
- = 3.2.0 =
1022
- Upgrade to fix some bugs and add some features.
1023
-
1024
- = 3.1.2 =
1025
- Upgrade to fix an important bug.
1026
-
1027
- = 3.1.1 =
1028
- Upgrade to fix a minor bug.
1029
-
1030
- = 3.1.0 =
1031
- Upgrade to fix some minor bugs.
1032
-
1033
- = 3.0.0 =
1034
- Upgrade to increase protection against hacking.
1035
-
1036
- = 2.7.6 =
1037
- Upgrade to add some new features and address some bugs.
1038
-
1039
- = 2.7.5 =
1040
- Upgrade to add some new features.
1041
-
1042
- = 2.7.4 =
1043
- Upgrade to add some new features and address some bugs.
1044
-
1045
- = 2.7.3 =
1046
- Upgrade to add some new features and address some bugs.
1047
-
1048
- = 2.7.2 =
1049
- Upgrade to address some bugs.
1050
-
1051
- = 2.7.1 =
1052
- Upgrade to add some new features and address some bugs.
1053
-
1054
- = 2.7.0 =
1055
- Upgrade to address some minor bugs.
1056
-
1057
- = 2.6.0 =
1058
- Important upgrade to add new features and address some bugs.
1059
-
1060
- = 2.5.5 =
1061
- Important upgrade to address some bugs.
1062
-
1063
- = 2.5.4 =
1064
- Important upgrade to address some bugs.
1065
-
1066
- = 2.5.3 =
1067
- Important upgrade to address some bugs.
1068
-
1069
- = 2.5.2 =
1070
- Important upgrade to address some bugs.
1071
-
1072
- = 2.5.1 =
1073
- Important upgrade to address some bugs.
1074
-
1075
- = 2.5.0 =
1076
- Important upgrade to address some bugs.
1077
-
1078
- = 2.4.6 =
1079
- Important upgrade to address some bugs.
1080
-
1081
- = 2.4.5 =
1082
- Minor upgrade to address some bugs.
1083
-
1084
- = 2.4.4 =
1085
- Important upgrade to address some vulnerability issues.
1086
-
1087
- = 2.4.3 =
1088
- Upgrade to address some functionality issues.
1089
-
1090
- = 2.4.2 =
1091
- Important upgrade to address some vulnerability issues.
1092
-
1093
- = 2.4.1 =
1094
- Upgrade to add many features and address some minor bugs.
1095
-
1096
- = 2.3.1 =
1097
- Upgrade to add some features and address some minor bugs.
1098
-
1099
- = 2.2.3 =
1100
- Upgrade to address some minor bugs.
1101
-
1102
- = 2.2.2 =
1103
- Important upgrade to address some serious bugs.
1104
-
1105
- = 2.2.1 =
1106
- Important upgrade to address some serious bugs and include some new features.
1107
-
1108
- = 2.1.3 =
1109
- Important upgrade to address some serious bugs.
1110
-
1111
- = 2.1.2 =
1112
- Important upgrade to address some bugs.
1113
-
1114
- = 2.1.1 =
1115
- Important upgrade to address some serious bugs.
1116
-
1117
- = 2.0.2 =
1118
- Important upgrade to address some serious bugs.
1119
-
1120
- = 2.0.1 =
1121
- Optional upgrade to add new features.
1122
-
1123
- = 1.7.14 =
1124
- Optional upgrade to add new features.
1125
-
1126
- = 1.7.13 =
1127
- Optional upgrade to add new features.
1128
-
1129
- = 1.7.12 =
1130
- Optional upgrade to add new features.
1131
-
1132
- = 1.7.11 =
1133
- Optional upgrade to add new features.
1134
-
1135
- = 1.7.10 =
1136
- Important upgrade to correct bug with filebaselink attribute functionality.
1137
-
1138
- = 1.7.9 =
1139
- Important upgrade to resolve issue with filebaselink attribute functionality.
1140
-
1141
- = 1.7.8 =
1142
- Optional upgrade to add new features.
1143
-
1144
- = 1.7.7 =
1145
- Optional upgrade to add new features.
1146
-
1147
- = 1.7.6 =
1148
- Optional upgrade to add new features and make minor bug fixes.
1149
-
1150
- = 1.7.5 =
1151
- Important upgrade to resolve issues with Wordpress sites not installed in root.
1152
-
1153
- = 1.7.4 =
1154
- Important upgrade to resolve issues with json2 functionality.
1155
-
1156
- = 1.7.3 =
1157
- Important upgrade to resolve issues with style incompatibilities.
1158
-
1159
- = 1.7.2 =
1160
- Optional upgrade to add new features, related to variables.
1161
-
1162
- = 1.7.1 =
1163
- Optional upgrade to add new features, related to uploadpath and error reporting.
1164
-
1165
- = 1.7 =
1166
- Optional upgrade to add new features, related to appearance of the plugin and error reporting.
1167
-
1168
- = 1.6.3 =
1169
- Important upgrade to correct bugs that prevented normal operation of the plugins in some cases.
1170
-
1171
- = 1.6.2 =
1172
- Important upgrade to correct bugs that prevented normal operation of the plugins in some cases.
1173
-
1174
- = 1.6.1 =
1175
- Important upgrade to correct bug that prevented normal operation of the plugins in some cases.
1176
-
1177
- = 1.6 =
1178
- Optional upgrade to add new features, related to ajax functionality and minor bug fixes.
1179
-
1180
- = 1.5 =
1181
- Optional upgrade to add new features, related to subfolders.
1182
-
1183
- = 1.4.1 =
1184
- Important upgrade to correct a css problem with Firefox.
1185
-
1186
- = 1.4 =
1187
- Important upgrade that introduces some bug fixes and some new capabilities.
1188
-
1189
- = 1.3 =
1190
- Important upgrade that introduces some bug fixes and a lot of new capabilities.
1191
-
1192
- = 1.2 =
1193
- Optional upgrade in order to set additional capabilities.
1194
-
1195
- = 1.1 =
1196
- Optional upgrade in order to set additional capabilities.
1197
-
1198
- = 1.0 =
1199
- Initial version.
1200
-
1201
- == Plugin Customization Options ==
1202
-
1203
- Please visit the [support page](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") of the plugin for detailed description of customization options.
1204
-
1205
- == Requirements ==
1206
-
1207
- The plugin requires to have Javascript enabled in your browser. For Internet Explorer you also need to have Active-X enabled.
 
 
 
 
 
 
1208
  Please note that old desktop browsers or mobile browsers may not support all of the plugin's features. In order to get full functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.
1
+ === Wordpress File Upload ===
2
+ Contributors: nickboss
3
+ Donate link: http://www.iptanus.com/support/wordpress-file-upload
4
+ Tags: file, upload, ajax, form, page, post, sidebar, responsive, widget, webcam, ftp
5
+ Requires at least: 2.9.2
6
+ Tested up to: 5.3.2
7
+ Stable tag: "trunk"
8
+ License: GPLv2 or later
9
+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
+
11
+ Simple yet very powerful plugin to allow users to upload files to your website from any page, post or sidebar and manage the uploaded files
12
+
13
+ == Description ==
14
+
15
+ With this plugin you or other users can upload files to your site from any page, post or sidebar easily and securely.
16
+
17
+ Simply put the shortcode [wordpress_file_upload] to the contents of any WordPress page / post or add the plugin's widget in any sidebar and you will be able to upload files to any directory inside wp-contents of your WordPress site.
18
+
19
+ You can add custom fields to submit additional data together with the uploaded file.
20
+
21
+ You can use it to capture screenshots or video from your webcam and upload it to the website (for browsers that support this feature).
22
+
23
+ You can even use it as a simple contact (or any other type of) form to submit data without including a file.
24
+
25
+ The plugin displays the list of uploaded files in a separate top-level menu in Dashboard and includes a file browser to access and manage the uploaded files (only for admins currently).
26
+
27
+ Several filters and actions before and after file upload enable extension of its capabilities.
28
+
29
+ The characteristics of the plugin are:
30
+
31
+ * It uses the latest HTML5 technology, however it will also work with old browsers and mobile phones.
32
+ * It is compliant with the General Data Protection Regulation (GDPR) of the European Union.
33
+ * It can be added in posts, pages or sidebars (as a widget).
34
+ * It can capture and upload screenshots or video from the device's camera.
35
+ * It supports additional form fields (like checkboxes, text fields, email fields, dropdown lists etc).
36
+ * It can be used as a simple contact form to submit data (a selection of file can be optional).
37
+ * It produces notification messages and e-mails.
38
+ * It supports selection of destination folder from a list of subfolders.
39
+ * Upload progress can be monitored with a progress bar.
40
+ * Upload process can be cancelled at any time.
41
+ * It supports redirection to another url after successful upload.
42
+ * There can be more than one instances of the shortcode in the same page or post.
43
+ * Uploaded files can be added to Media or be attached to the current page.
44
+ * Uploaded files can be saved to an FTP location (ftp and sftp protocols supported).
45
+ * It is highly customizable with many (more than 50) options.
46
+ * It supports filters and actions before and after file upload.
47
+ * It contains a visual editor for customizing the plugin easily without any knowledge of shortcodes or programming
48
+ * It supports logging of upload events or management of files, which can be viewed by admins through the Dashboard.
49
+ * It includes an Uploaded Files top-level menu item in the Dashboard, from where admins can view the uploaded files.
50
+ * It includes a file browser in the Dashboard, from where admins can manage the files.
51
+ * It supports multilingual characters and localization.
52
+
53
+ The plugin is translated in the following languages:
54
+
55
+ * Portuguese, kindly provided by Rui Alao
56
+ * German
57
+ * French, kindly provided by Thomas Bastide of http://www.omicronn.fr/ and improved by other contributors
58
+ * Serbian, kindly provided by Andrijana Nikolic of http://webhostinggeeks.com/
59
+ * Dutch, kindly provided by Ruben Heynderycx
60
+ * Chinese, kindly provided by Yingjun Li
61
+ * Spanish, kindly provided by Marton
62
+ * Italian, kindly provided by Enrico Marcolini https://www.marcuz.it/
63
+ * Polish
64
+ * Swedish, kindly provided by Leif Persson
65
+ * Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
66
+ * Greek
67
+
68
+ Please note that old desktop browsers or mobile browsers may not support all of the above functionalities. In order to get full functionality use the latest versions browsers, supporting HTML5, AJAX and CSS3.
69
+
70
+ For additional features, such as multiple file upload, very large file upload, drag and drop of files, captcha, detailed upload progress bars, list of uploaded files, image gallery and custom css please consider [Wordpress File Upload Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page").
71
+
72
+ Please visit the **Other Notes** section for customization options of this plugin.
73
+
74
+ == Installation ==
75
+
76
+ 1. First install the plugin using Wordpress auto-installer or download the .zip file from wordpress.org and install it from the Plugins section of your Dashboard or copy wordpress_file_upload directory inside wp-contents/plugins directory of your wordpress site.
77
+ 1. Activate the plugin from Plugins section of your Dashboard.
78
+ 1. In order to use the plugin simply go to the Dashboard / Settings / Wordpress File Upload and follow the instructions in Plugin Instances or alternatively put the shortcode [wordpress_file_upload] in the contents of any page.
79
+ 1. Open the page on your browser and you will see the upload form.
80
+ 1. You can change the upload directory or any other settings easily by pressing the small edit button found at the left-top corner of the upload form. A new window (or tab) with pop up with plugin options. If you do not see the new window, adjust your browser settings to allow pop-up windows.
81
+ 1. Full documentation about the plugin options can be found at https://wordpress.org/plugins/wp-file-upload/other_notes/ or at http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/ (including the Pro version)
82
+
83
+ A getting started guide can be found at http://www.iptanus.com/getting-started-with-wordpress-file-upload-plugin/
84
+
85
+ == Frequently Asked Questions ==
86
+
87
+ = Will the plugin work in a mobile browser? =
88
+
89
+ Yes, the plugins will work in most mobile phones (has been tested in iOS, Android and Symbian browsers as well as Opera Mobile)
90
+
91
+ = Do I need to have Flash to use then plugin? =
92
+
93
+ No, you do not need Flash to use the plugin.
94
+
95
+ = I get a SAFE MODE restriction error when I try to upload a file. Is there an alternative? =
96
+
97
+ Your domain has probably turned SAFE MODE ON and you have restrictions uploading and accessing files. Wordpress File Upload includes an alternative way to upload files, using FTP access. Simply add the attribute **accessmethod="ftp"** inside the shortcode, together with FTP access information in **ftpinfo** attribute.
98
+
99
+ = Can I see the progress of the upload? =
100
+
101
+ Yes, you can see the progress of the upload. During uploading a progress bar will appear showing progress info, however this functionality functions only in browsers supporting HTML5 upload progress bar.
102
+
103
+ = Can I upload many files at the same time? =
104
+
105
+ Yes, but not in the free version. If you want to allow multiple file uploads, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version.
106
+
107
+ = Where do files go after upload? =
108
+
109
+ Files by default are uploaded inside wp-content directory of your Wordpress website. To change it use attribute uploadpath.
110
+
111
+ = Can I see and download the uploaded files? =
112
+
113
+ Administrators can view all uploaded files together with associated field data from the plugin's Settings in Dashboard. The [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin allows users to view their uploaded files, either from the Dashboard, or from a page or post.
114
+
115
+ = Are there filters to restrict uploaded content? =
116
+
117
+ Yes, you can control allowed file size and file extensions by using the appropriate attribute (see Other Notes section).
118
+
119
+ = Are there any upload file size limitations? =
120
+
121
+ Yes, there are file size limitations imposed by the web server or the host. If you want to upload very large files, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin, which surpasses size limitations.
122
+
123
+ = Who can upload files? =
124
+
125
+ By default all users can upload files. You can define which user roles are allowed to upload files. Even guests can be allowed to upload files. If you want to allow only specific users to upload files, then please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin.
126
+
127
+ = What security is used for uploading files? =
128
+
129
+ The plugin is designed not to expose website sensitive information. It has been tested by experts and verified that protects against CSRF and XSS attacks. All parameters passing from server to client side are encoded and sanitized. For higher protection, like use of captcha, please consider the [Professional](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") version of the plugin.
130
+
131
+ = What happens if connection is lost during a file upload? =
132
+
133
+ In the free version the upload will fail. However in the Pro version the upload will resume and will continue until the file is fully uploaded. This is especially useful when uploading very large files.
134
+
135
+ = The plugin does not look nice with my theme. What can I do? =
136
+
137
+ There is an option in plugin's settings in Dashboard to relax the CSS rules, so that buttons and text boxes inherit the theme's styles. If additional styling is required, this can be done using CSS. The Professional version of the plugin allows CSS rules to be embed in the shortcode.
138
+
139
+ == Screenshots ==
140
+
141
+ 1. A screenshot of the plugin in its most simple form.
142
+ 2. A screenshot of the plugin showing the progress bar.
143
+ 3. A screenshot of the plugin showing the successful upload message.
144
+ 4. A screenshot of the plugin with additional form fields.
145
+ 5. A screenshot of the plugin with subfolder selection.
146
+ 6. A screenshot of the plugin in a sidebar.
147
+ 7. A screenshot of the shortcode composer.
148
+ 8. A screenshot of the file browser.
149
+
150
+ == Changelog ==
151
+
152
+ = 4.12.2 =
153
+ * corrected bug where files could not be downloaded in some server environments when dboption user state handler was enabled
154
+
155
+ = 4.12.1 =
156
+ * corrected bug where files could not be downloaded from Dashboard / Uploaded Files page
157
+
158
+ = 4.12.0 =
159
+ * corrected bug where export data file was not deleted after download
160
+ * corrected bug in FTP credentials configurator about double backslash (\\) issue
161
+ * added cookies user state handler that has been integrated with dboption as 'Cookies (DBOption)' to comply with Wordpress directives not to use session
162
+ * 'Cookies (DBOption)' user state handler has been set as the default one
163
+ * added advanced option WFU_US_DBOPTION_BASE so that dboption can also work with session
164
+ * added advanced option WFU_US_SESSION_LEGACY to use the old session functionality of the plugin, having session_start() in header
165
+ * added auto-adjustment of user state handler to 'dboption' during activation (or update) of the plugin
166
+ * bug "Error: [] cURL error 28" in Wordpress Site Health disappears when setting user state handler to 'Cookies (DBOption)' or when WFU_US_SESSION_LEGACY advanced option is false
167
+ * added the ability to run PHP processes in queue, which is necessary for correctly handling uploads when user state handler is dboption
168
+
169
+ = 4.11.2 =
170
+ * added easier configuration of FTP Credentials (ftpinfo) attribute of the uploader shortcode
171
+
172
+ = 4.11.1 =
173
+ * corrected bug in functions wfu_manage_mainmenu() and wfu_manage_mainmenu_editor() that were echoing and not returning the generated HTML
174
+ * added fix for compatibility with Fast Velocity Minify plugin
175
+
176
+ = 4.11.0 =
177
+ * code improved so that shortcode composer can be used by all users who can edit pages (and not only the admins)
178
+ * added environment variable 'Show Shortcode Composer to Non-Admins' to control whether non-admin users can edit the shortcodes
179
+ * added filtering of get_users() function in order to handle websites with many users more efficiently
180
+ * added notification in shortcode composer if user leaves page without saving
181
+ * corrected bug where restricted frontend loading of the plugin was not working for websites installed in localhost due to wrong calculation of request uri
182
+
183
+ = 4.10.3 =
184
+ * added the ability to move one or more files to another folder through the File Browser feature in Dashboard area of the plugin
185
+ * improved responsiveness of shortcode composer and Main Dashboard page of the plugin
186
+ * bug fix in wfu_revert_log_action
187
+
188
+ = 4.10.2 =
189
+ * added wordpress_file_upload_preload_check() function in main plugin file to avoid conflicts of variable names with Wordpress
190
+ * updated webcam code to address createObjectURL Javascript error that prevents webcam feature to work in latest versions of browsers
191
+
192
+ = 4.10.1 =
193
+ * code modified so that vendor libraries are loaded only when necessary
194
+ * improved process of deleting all plugin options
195
+ * added honeypot field to userdata fields; this is a security feature, in replacement of captchas, invisible to users that prevents bots from uploading files
196
+ * added attribute 'Consent Denial Rejects Upload' in uploader shortcode Personal Data tab to stop the upload if the consent answer is no, as well as 'Reject Message' attribute to customize the upload rejection message shown to the user
197
+ * added attribute 'Do Not Remember Consent Answer' in uploader shortcode Personal Data tab to show the consent question every time (and not only the first time)
198
+ * attribute 'Preselected Answer' in uploader shortcode Personal Data tab modified to be compatible with either checkbox or radio Consent Format
199
+ * upload result message adjusted to show the correct upload status in case that files were uploaded but were not saved due to Personal Data policy
200
+ * code improved for sftp uploads to handle PECL ssh2 bug #73597
201
+
202
+ = 4.10.0 =
203
+ * plugin code improved to support files containing single quote characters (') in their filename
204
+ * corrected bug where plugin was deactivated after update
205
+
206
+ = 4.9.1 =
207
+ * added Maintenance action 'Purge All Data' that entirely erases the plugin from the website and deactivates it
208
+ * added advanced option 'Hide Invalid Uploaded Files' so that Uploaded Files page in Dashboard can show only valid uploads
209
+ * added advanced option 'Restrict Front-End Loading' to load the plugin only on specific pages or posts in order to reduce unnecessary workload on pages not containing the plugin
210
+ * code improved for better operation of the plugin when the website works behind a proxy
211
+ * added option in Clean Log to erase the files together with plugin data
212
+
213
+ = 4.9.0 =
214
+ * code further improved to reduce "Iptanus Server unreachable..." errors
215
+ * checked Weglot Translate compatibility; /wp-admin/admin-ajax.php needs to be added to Exclusion URL list of Weglot configuration so that uploads can work
216
+ * several significant additions in the Pro version, including Microsoft OneDrive integration
217
+
218
+ = 4.8.0 =
219
+ * added item in Admin Bar that displays number of new uploads and redirects to Uploaded Files Dashboard page
220
+ * code improved in Uploaded Files Dashboard page so that download action directly downloads the file, instead of redirecting to File Browser
221
+ * added Advanced option 'WFU_UPLOADEDFILES_COLUMNS' that controls the order and visibility of Uploaded Files Dashboard page columns
222
+ * added Advanced option 'WFU_UPLOADEDFILES_ACTIONS' that controls the order and visibility of Uploaded Files Dashboard page file actions
223
+ * added several filters in Uploaded Files Dashboard page to make it more customizable
224
+ * PHP function redeclaration system significantly improved to support arguments by reference, execution after the original function and redeclaration of variables
225
+ * code improved to reduce "Iptanus Server unreachable..." errors (better operation of verify_peer http context property)
226
+ * added a link in Iptanus Unreachable Server error message to an Iptanus article describing how to resolve it
227
+
228
+ = 4.7.0 =
229
+ * added Uploaded Files top-level Dashboard menu item, showing all the uploaded files and highlighting the new ones
230
+ * added Portuguese translation from Rui Alao
231
+ * checked and verified compatibility with Gutenberg
232
+ * plugin initialization actions moved to plugins_loaded filter
233
+ * fixed bug clearing userdata fields when Select File is pressed
234
+ * File Browser and View Log tables modified to become more responsive especially for small screens
235
+
236
+ = 4.6.2 =
237
+ * corrected consent_status warning when updating user profile and Personal Data is off
238
+ * user fields code improved for better data autofill behaviour
239
+
240
+ = 4.6.1 =
241
+ * added uploader shortcode attribute 'resetmode' to control whether the upload form will be reset after an upload
242
+ * added pagination in File Browser tab in Dashboard area of the plugin
243
+
244
+ = 4.6.0 =
245
+ * corrected slash (/) parse Javascript error near 'fakepath' appearring on some situations
246
+ * added nonces in Maintenance Actions to increase security
247
+ * improved code in View Log so that no links appear to invalid files
248
+ * improved code in View Log so that when the admin opens a file link to view file details, 'go back' button will lead back to the View Log page and not to File Browser
249
+ * improved code in 'Clean Log' button in Maintenance Actions in Dashboard area of the plugin, so that the admin can select the period of clean-up
250
+
251
+ = 4.5.1 =
252
+ * code improved in wfu_js_decode_obj function for better compatibility with Safari browser
253
+ * code improved to sanitize all shortcode attributes before uploader form or file viewer is rendered
254
+ * removed external references to code.jquery.com and cdnjs.cloudflare.com for better compliance with GDPR
255
+
256
+ = 4.5.0 =
257
+ * added basic compliance with GDPR
258
+ * added several shortcode attributes to configure personal data consent appearance and behaviour
259
+ * added area in User Profile from where users can review and change their consent status
260
+ * added Personal Data option in Settings that enables personal data operations
261
+ * added Personal Data tab in plugin's area in Dashboard from where administrators can export and erase users' personal data
262
+ * corrected bug not accepting subfolder dimensions when subfolder element was active
263
+
264
+ = 4.4.0 =
265
+ * added alternative user state handler using DB Options table in order to overcome problems with session variables appearing on many web servers
266
+
267
+ = 4.3.4 =
268
+ * all Settings sanitized correctly to prevent XSS attacks - credits to ManhNho for mentioning this problem
269
+
270
+ = 4.3.3 =
271
+ * all shortcode attributes sanitized correctly to close a serious security hole - credits to ManhNho for mentioning this problem
272
+
273
+ = 4.3.2 =
274
+ * fixed bug in wfu_before_upload and wfu_after_upload filters that was breaking JS scripts if they contained a closing bracket ']' symbol
275
+
276
+ = 4.3.1 =
277
+ * added placeholder option in available label positions of additional fields; label will be the placeholder attribute of the field
278
+
279
+ = 4.3.0 =
280
+ * fixed bug where ftp credentials did not work when username or password contained (:) or (@) symbols
281
+ * RegExp fix for wfu_js_decode_obj function for improved compatibility with caching plugins
282
+ * corrected WFU_Original_Template::get_instance() method because it always returned the original class
283
+ * View Log page improved so that displayed additional user fields of an uploaded file are not cropped
284
+
285
+ = 4.2.0 =
286
+ * changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avoid upload failures caused when the plugin detects double extensions
287
+ * corrected bug where a Javascript error was generated when askforsubfolders was disabled and showtargetfolder was active
288
+ * added css and js minifier in inline code
289
+ * plugin modified so that the shortcodes render correctly either Javascript loads early (in header) or late (in footer)
290
+ * plugin modified so that Media record is deleted when the associated uploaded file is deleted from plugin's database
291
+ * corrected bug where some plugin images were not loaded while Relax CSS option was inactive
292
+
293
+ = 4.1.0 =
294
+ * changed logic of file sanitizer; dots in filename are by default converted to dashes, in order to avoid upload failures caused when the plugin detects double extensions
295
+ * added advanced option WFU_SANITIZE_FILENAME_DOTS that determines whether file sanitizer will sanitize dots or not
296
+ * timepicker script and style replaced by most recent version
297
+ * timepicker script and style files removed from plugin and loaded from cdn
298
+ * json2 script removed from plugin and loaded from Wordpress registered script
299
+ * JQuery UI style updated to latest 1.12.1 minified version
300
+ * added wfu_before_admin_scripts filter before loading admin scripts and styles in order to control incompatibilities
301
+ * removed getElementsByClassName-1.0.1.js file from plugin, getElementsByClassName function was replaced by DOM querySelectorAll
302
+ * corrected bug showing warning "Notice: Undefined variable: page_hook_suffix..." when a non-admin user opened Dashboard
303
+ * corrected fatal error "func_get_args(): Can't be used as a function parameter" appearing in websites with PHP lower than 5.3
304
+ * added _wfu_file_upload_hide_output filter that runs when plugin should not be shown (e.g. for users not inluded in uploadroles), in order to output custom HTML
305
+ * corrected bug where email fields were always validated, even if validate option was not activated
306
+ * corrected bug where number fields did not allow invalid characters, even if typehook option was not activated
307
+ * corrected bug where email fields were not allowed to be ampty when validate option was activated
308
+ * corrected error T_PAAMAYIM_NEKUDOTAYIM appearing when PHP version is lower than 5.3
309
+ * corrected bug with random upload fails caused when params_index corresponds to more than one params
310
+
311
+ = 4.0.1 =
312
+ * translation of the plugin in Persian, kindly provided by Shahriyar Modami http://chabokgroup.com
313
+ * corrected bug where notification email was not sending atachments
314
+ * corrected bug not cleaning log in Maintenance Actions
315
+
316
+ = 4.0.0 =
317
+ * huge renovation of the plugin, the UI code has been rewritten to render based on templates
318
+ * code modified so that it can correctly handle sites where content dir is explicitly defined
319
+ * corrected bug in Dashboard file editor so that it can work when the website is installed in a subdirectory
320
+ * corrected warnings showing when editing a file that was included in the plugin's database
321
+ * added filter in get_posts so that it does not cause problems when there are too many pages/posts
322
+ * bug fixes so that forcefilename works better and does not strip spaces in the filename
323
+ * code improved to protect from hackers trying to use the plugin as email spammer
324
+ * added advanced variable Force Email Notifications so that email can be sent even if no file was uploaded
325
+ * corrected bug not showing sanitized filanames correctly in email
326
+ * corrected bug so that dates show-up in local time and not in UTC in Log Viewer, File Browser and File Editor
327
+ * fixed bug showing "Warning: Missing argument 2 for wpdb::prepare()" when cleaning up the log in Maintenance Actions
328
+ * corrected bug where when configuring subfolders with visual editor the subfolder dialog showed unknown error
329
+ * corrected bug where the Select File button was not locked during upload in case of classical HTML (no-ajax) uploads
330
+ * added cancel button functionality for classic no-ajax uploads
331
+ * added support for Secure FTP (sftp) using SSH2 library
332
+ * successmessagecolor and waitmessagecolors attributes are hidden as they are no longer used
333
+
334
+ = 3.11.0 =
335
+ * added the ability to submit the upload form without a file, just like a contact form
336
+ * added attribute allownofile in uploader shortcode; if enabled then the upload form can be submitted without selection of a file
337
+ * added wfu_before_data_submit and wfu_after_data_submit filters which are invoked when the upload form is submitted without a file
338
+ * added advanced debug options for more comprehensive and deep troubleshooting
339
+ * added internal filters for advanced hooking of ajax handlers
340
+ * fixed several security problems
341
+ * fixed bug that was generating an error when automatic subfolders were activated and the upload folder did not exist
342
+ * corrected bug where single quote, double quote and backslash characters in user fields were not saved correctly (they were escaped)
343
+ * fixed bug where any changes made to the user data (e.g. through a filter) were not included in the email message
344
+ * added unique_id variable in wfu_before_file_check and wfu_after_file_upload filters
345
+ * changed column titles in the tables of plugin instances in Main tab in Dashboard
346
+ * fixed bug where if a user field was modified from the file editor, custom columns were changing order
347
+
348
+ = 3.10.0 =
349
+ * an alternative Iptanus server is launched in Google Cloud for resolving the notorious error "file_get_contents(https://services2.iptanus.com/wp-admin/admin-ajax.php): failed to open stream: Connection timed out."
350
+ * added option 'Use Alternative Iptanus Server' in Settings to switch to the alternative Iptanus Server
351
+ * added advanced option 'Alternative Iptanus Server' that points to an alternative Iptanus Server
352
+ * added advanced option 'Alternative Iptanus Version Server' that points to the alternative Iptanus Server URL returning the latest plugin version
353
+ * an error is shown in the Main page of the plugin in Dashboard if Iptanus Server is unreachable
354
+ * a warning is shown in the Main page of the plugin in Dashboard if an alternative insecure (http) Iptanus Server is used
355
+ * alternative fix of error accessing https://services2.iptanus.com for cURL (by disabling CURLOPT_SSL_VERIFYHOST) and for sockets by employing a better parser of socket response
356
+ * added Swedish translation, kindly provided by Leif Persson
357
+ * improved ftp functionality so that ftp folders can be created recursively
358
+
359
+ = 3.9.6 =
360
+ * added internal filter _wfu_file_upload_output before echoing uploader shortcode html
361
+ * added ability to change the order of additional user fields in shortcode visual editor
362
+
363
+ = 3.9.5 =
364
+ * added environment variable 'Upload Progress Mode' that defines how upload progress is calculated
365
+ * improved progress bar calculation
366
+ * minor bug fixes in AJAX functions mentioned by Hanneke Hoogstrate http://www.blagoworks.nl/
367
+
368
+ = 3.9.4 =
369
+ * added option to enable admin to change the upload user of a file
370
+ * code improvements and bug fixes related to file download feature
371
+ * code improvements related to clean database function
372
+ * added Italian translation
373
+
374
+ = 3.9.3 =
375
+ * added option to allow loading of plugin's styles and scripts on the front-end only for specific posts/pages through wfu_before_frontpage_scripts filter
376
+ * fixed bug where when uploading big files with identical filenames and 'maintain both' option, not all would be saved separately
377
+ * two advanced variables were added to let the admin change the export function separators
378
+
379
+ = 3.9.2 =
380
+ * added environment variable to enable or disable version check, due to access problems of some users to Iptanus Services server
381
+ * added timeout option to wfu_post_request function
382
+ * added Spanish translation, kindly provided by Marton
383
+
384
+ = 3.9.1 =
385
+ * temporary fix to address issue with plugin's Main page in Dashboard not loading, by disabling plugin version check
386
+ * correct Safari problem with extra spaces in success message coming from force_close_connection
387
+ * correct bug where when extension has capital letters it is rejected
388
+
389
+ = 3.9.0 =
390
+ * a big number of extensions have been blacklisted for preventing upload of potentially dangerous files
391
+ * the plugin will not allow inclusion, renaming or downloading of files with blacklisted extensions based on the new list
392
+ * if no upload extensions are defined or the uploadpattern is too generic, then the plugin will allow only specific extensions based on a white list of extensions; if the administrator wants to include more extensions he/she must declare them explicitely
393
+ * the use of the wildcard asterisk symbol has become stricter, asterisk will match all characters except the dot (.), so the default *.* pattern will allow only one extension in the filename (and not more as happened so far).
394
+ * added environment variable 'Wildcard Asterisk Mode' for defining the mode of the wildcard asterisk symbol. If it is 'strict' (default) then the asterisk will not match dot (.) symbol. If it is 'loose' then the asterisk will match any characters (including dot).
395
+ * slight bug fixes so that wildcard syntax works correctly with square brackets
396
+ * added maximum number of uploads per specific interval in order to avoid DDOS attacks
397
+ * added environment variables related to Denial-Of-Service attacks in order to configure the behaviour of the DOS attack checker
398
+ * bug fix of wfu_before_file_upload filter that was not working correctly with files larger than 1MB
399
+
400
+ = 3.8.5 =
401
+ * added bulk actions feature in File Browser in Dashboard for admins
402
+ * added delete and include bulk actions in File Browser
403
+ * improvement of column sort functionality of File Browser
404
+ * added environment variable 'Use Alternative Randomizer' in order to make string randomizer function work for fast browsers
405
+ * uploadedbyuser and userid fields became int to cope with large user ID numbers on some Wordpress environments
406
+
407
+ = 3.8.4 =
408
+ * dublicatespolicy attribute replaced by grammaticaly correct duplicatespolicy, however backward compatibility with the old attribute is maintained
409
+
410
+ = 3.8.3 =
411
+ * fixed bug of subdirectory selector that was not initializing correctly after upload
412
+ * fixed slight widget incompatibility with customiser
413
+ * fixed bug of drag-n-drop feature that was not working when singlebutton operation was activated
414
+
415
+ = 3.8.2 =
416
+ * fixed bug in wfu_after_file_loaded filter that was not working and was overriden by obsolete wfu_after_file_completed filter
417
+ * added option in plugin's Settings in Dashboard to include additional files in plugin's database
418
+ * added feature in Dashboard File Browser for admins to include additional files in plugin's database
419
+
420
+ = 3.8.1 =
421
+ * fixed bug with duplicate userdata IDs in HTML when using more than one userdata occurrences
422
+
423
+ = 3.8.0 =
424
+ * added webcam option that enables webcam capture functionality
425
+ * added webcammode atribute to define capture mode (screenshots, video or both)
426
+ * added audiocapture attribute to define if audio will be captured together with video
427
+ * added videowidth, videoheight, videoaspectratio and videoframerate attributes to constrain video dimensions and frame rate
428
+ * added camerafacing attribute to define the camera source (front or back)
429
+ * added maxrecordtime attribute to define the maximum record time of video
430
+ * added uploadmediabutton, videoname and imagename attributes to define custom webcam-related labels
431
+ * fixed bug that strips non-latin characters from filename when downloading files
432
+
433
+ = 3.7.3 =
434
+ * improved filename sanitization function
435
+ * added Chinese translation by Yingjun Li
436
+
437
+ = 3.7.2 =
438
+ * added option to cancel upload
439
+ * setting added so that upload does not fail when site_url and home_url are different
440
+ * added attribute requiredlabel in uploader's shortcode that defines the required keyword
441
+ * required keyword can now be styled separately from the user field label
442
+ * add user fields in Media together with file
443
+ * setting added so that userdata fields are shown in Media Library or not
444
+ * added Dutch translation by Ruben Heynderycx
445
+
446
+ = 3.7.1 =
447
+ * internal code modifications and slight bug corrections
448
+
449
+ = 3.7.0 =
450
+ * significant code modifications to make the plugin pluggable, invisible to users
451
+ * addition of before and after upload filters
452
+ * correction of small bug in Shortcode Composer of File Viewer
453
+
454
+ = 3.6.1 =
455
+ * Iptanus Services server for getting version info and other utilities is now secure (https)
456
+ * fixed bug with wfu_path_abs2rel function when ABSPATH is just a slash
457
+ * additional fixes and new features in Professional version
458
+
459
+ = 3.6.0 =
460
+ * French translation improved
461
+ * correction of minor bug at wfu_functions.php
462
+ * code improvements in upload algorithm
463
+ * wp_check_filetype_and_ext check moved after completion of file
464
+ * added wfu_after_file_complete filter that runs right after is fully uploaded
465
+ * improved appearance of plugin's area in Dashboard
466
+
467
+ = 3.5.0 =
468
+ * textdomain changed to wp-file-upload to support the translation feature of wordpress.org
469
+ * added option in Maintenance Actions of plugin's area in Dashboard to export uploaded file data
470
+ * added pagination of non-admin logged user's Uploaded Files Browser
471
+ * added pagination of front-end File List Viewer
472
+ * added pagination of user permissions table in plugin's Settings
473
+ * added pagination of Log Viewer
474
+ * corrected bug in View Log that was not working when pressing on the link
475
+ * improvements to View Log feature
476
+ * improvements to file download function to avoid corruption of downloaded file due to set_time_limit function that may generate warnings
477
+ * added wfu_before_frontpage_scripts filter that executes right before frontpage scripts and styles are loaded
478
+ * added functionality to avoid incompatibilities with NextGen Gallery plugin
479
+
480
+ = 3.4.1 =
481
+ * plugin's security improved to reject files that contain .php.js or similar extensions
482
+
483
+ = 3.4.0 =
484
+ * added fitmode attribute to make the plugin responsive
485
+ * added widget "Wordpress File Upload Form", so that the uploader can be installed in a sidebar
486
+ * changes to Shortcode Composer so that it can edit plugin instances existing in sidebars as widgets
487
+ * changes to Uploader Instances in plugin's area in Dashboard to show also instances existing inside sidebars
488
+ * added the ability to define dimensions (width and height) for the whole plugin
489
+ * dimensioning of plugin's elements improved when fitmode is set to "responsive"
490
+ * filter and non-object warnings of front-end file browser, appearing when DEBUG mode is ON, removed
491
+ * bug fixed to front-end file browser to hide Shortcode Composer button for non-admin users
492
+ * logic changed to front-end file browser to allow users to download files uploaded by other users
493
+ * code changed to front-end file browser to show a message when a user attempts to delete a file that was not uploaded by him/her
494
+
495
+ = 3.3.1 =
496
+ * bug corrected that was breaking plugin operation for php versions prior to 5.3
497
+ * added a "Maintenance Actions" section in plugin's Dashboard page
498
+ * added option in plugin's "Maintenance Actions" to completely clean the database log
499
+
500
+ = 3.3.0 =
501
+ * userdatalabel attribute changed to allow many field types
502
+ * added the following user data field types: simple text, multiline text, number, email, confirmation email, password, confirmation password, checkbox, radiobutton, date, time, datetime, listbox and dropdown list
503
+ * added several options to configure the new user data fields: label text (to define the label of the field), label position (to define the position of the label in relation to the field), required option (to define if the field needs to be filled before file upload), do-not-autocomplete option (to prevent the browsers for completing the field automatically), validate option (to perform validity checks of the field before file upload depending on its type), default text (to define a default value), group id (to group fields together such as multiple radio buttons), format text (to define field formatting depending on the field type), typehook option (to enable field validation during typing inside the field), hint position (to define the position of the message that will be shown to prompt the user that a required field is empty or is not validated) as well as an option to define additional data depending on the field type (e.g. define list of items of a listbox or dropdown list)
504
+ * Shortcode Composer changed to support the new user data fields and options
505
+ * placement attribute can accept more than one instances of userdata
506
+ * fixed bug not showing date selector of date fields in Shortcode Composer when working with Firefox or IE browsers
507
+ * in some cases required userdata input field will turn red if not populated
508
+ * shortcode_exists and wp_slash fixes for working before 3.6 Wordpress version
509
+ * minor bug fixes
510
+
511
+ = 3.2.1 =
512
+ * removed 'form-field' class from admin table tr elements
513
+ * corrected bug that was causing problems in uploadrole and uploaduser attributes when a username or role contained uppercase letters
514
+ * uploadrole and uploaduser attributes logic modified; guests are allowed only if 'guests' word is included in the attribute
515
+ * modifications to the download functionality script to be more robust
516
+ * corrected bug that was not showing options below a line item of admin tables in Internet Explorer
517
+ * several feature additions and bug fixes in Professional version
518
+
519
+ = 3.2.0 =
520
+ * added option in plugin's settings to relax CSS rules so that plugin inherits theme styling
521
+ * modifications in html and css of editable subfolders feature to look better
522
+ * modifications in html and css of prompt message when a required userdata field is empty
523
+ * PLUGINDIR was replaced by WP_PLUGIN_DIR so that the plugin can work for websites where the contents dir is other than wp-content
524
+ * fixed bug that was not allowing Shortcode Composer to launch when the shortcode was too big
525
+ * fixed bug that was causing front-end file list not to work properly when no instance of the plugin existed in the same page / post
526
+
527
+ = 3.1.2 =
528
+ * important bug detected and fixed that was stripping slashes from post or page content when updating the shortcode using the shortcode composer
529
+
530
+ = 3.1.1 =
531
+ * the previous version broke the easy creation of shortcodes through the plugin's settings in Dashboard and it has been corrected, together with some improvements
532
+
533
+ = 3.1.0 =
534
+ * an important feature (front-end file browser) has been added in professional version 3.1.0
535
+ * added port number support for uploads using ftp mode
536
+ * corrected bug that was not showing correctly in file browser files that were uploaded using ftp mode
537
+ * eliminated confirmbox warning showing in page when website's DEBUG mode is ON
538
+ * eliminated warning: "Invalid argument supplied for foreach() in ...plugins/wordpress-file-upload-pro/lib/wfu_admin.php on line 384"
539
+ * eliminated warning: "Notice: Undefined index: postmethod in /var/www/wordpress/wp-content/plugins/wordpress-file-upload-pro/lib/wfu_functions.php on line 1348"
540
+ * eliminated warnings in plugin's settings in Dashboard
541
+
542
+ = 3.0.0 =
543
+ * major version number has advanced because an important feature has been added in Pro version (logged users can browse their uploaded files through their Dashboard)
544
+ * several code modifications in file browser to make the plugin more secure against hacking, some functionalities in file browser have slightly changed
545
+ * new file browser cannot edit files that were not uploaded with the plugin and it cannot edit or create folders
546
+ * upload path cannot be outside the wordpress installation root
547
+ * files with extension php, js, pht, php3, php4, php5, phtml, htm, html and htaccess are forbidden for security reasons
548
+
549
+ = 2.7.6 =
550
+ * added functionality in Dashboard to add the plugin to a page automatically
551
+ * fixed bug that was not showing the Shortcode Composer because the plugin could not find the plugin instance when the shortcode was nested in other shortcodes
552
+
553
+ = 2.7.5 =
554
+ * added German and Greek translation
555
+
556
+ = 2.7.4 =
557
+ * added Serbian translation thanks to Andrijana Nikolic from http://webhostinggeeks.com/
558
+ * bug fix with %blogid%, %pageid% and %pagetitle% that where not implemented in notification emails
559
+ * in single button operation selected files are removed in case that a subfolder has not been previously selected or a required user field has not been populated
560
+ * bug fixed in single file operation that allowed selection of multiple files through drag-and-drop
561
+ * bug fixed with files over 1MB that got corrupted when maintaining files with same filename
562
+ * dummy (test) Shortcode Composer button removed from the plugin's Settings as it is no longer useful
563
+ * added support for empty (zero size) files
564
+ * many code optimizations and security enhancements
565
+ * fixed javascript errors in IE8 that were breaking upload operation
566
+ * code improvements to avoid display of session warnings
567
+ * added %username% in redirect link
568
+ * added option in plugin's Settings in Dashboard to select alternative POST Upload method, in order to resolve errors like "http:// wrapper is disabled in the server configuration by allow_url_fopen" or "Call to undefined function curl_init()"
569
+ * added filter action wfu_after_upload, where the admin can define additional javascript code to be executed on user's browser after each file is finished
570
+
571
+ = 2.7.3 =
572
+ * important bug fix in Pro version
573
+ * added wfu_before_email_notification filter
574
+ * corrected bug not showing correctly special characters (double quotes and braces) in email notifications
575
+
576
+ = 2.7.2 =
577
+ * important bug fix in Pro version, very slight changes in free version
578
+
579
+ = 2.7.1 =
580
+ * fixed bug with faulty plugin instances appearing when Woocommerce plugin is also installed
581
+ * Upload of javascript (.js) files is not allowed for avoiding security issues
582
+ * fixed bug with medialink and postlink attributes that were not working correctly
583
+ * when medialink or postlink is activated, the files will be uploaded to the upload folder of WP website
584
+ * when medialink or postlink is activated, subfolders will be deactivated
585
+ * added option in subfolders to enable the list to populate automatically
586
+ * added option in subfolders the user to be able to type the subfolder
587
+ * wfu_before_file_check filter can modify the target path (not only the file name)
588
+
589
+ = 2.7.0 =
590
+ * corrected bug when deleting plugin instance from the Dashboard
591
+ * corrected bug not finding "loading_icon.gif"
592
+
593
+ = 2.6.0 =
594
+ * full redesign of the upload algorithm to become more robust
595
+ * added improved server-side handling of large files
596
+ * plugin shortcodes can be edited using the Shortcode Composer
597
+ * added visual editor button on the plugin to enable administrators to change the plugin settings easily
598
+ * corrected bug causing sometimes database overloads
599
+ * slight improvements of subfolder option
600
+ * improvements to avoid code breaking in ajax calls when there are php warnings or echo from Wordpress environment or other plugins
601
+ * improvements and bug fixes in uploader when classic (no AJAX) upload is selected
602
+ * eliminated php warnings in shortcode composer
603
+ * corrected bug that was not correctly downloading files from the plugin's File Browser
604
+ * added better security when downloading files from the plugin's File Browser
605
+ * fixed bug not correctly showing the user that uploaded a file in the plugin's File Browser
606
+ * use of curl to perform server http requests was replaced by native php because some web servers do not have CURL installed
607
+ * corrected bug in shortcode composer where userdata fields were not shown in variables drop down
608
+ * added feature that prevents page closing if an upload is on progress
609
+ * added forcefilename attribute to avoid filename sanitization
610
+ * added ftppassivemode attribute for enabling FTP passive mode when FTP method is used for uploading
611
+ * added ftpfilepermissions attribute for defining the permissions of the uploaded file, when using FTP method
612
+ * javascript and css files are minified for faster loading
613
+
614
+ = 2.5.5 =
615
+ * fixed serious bug not uploading files when captcha is enabled
616
+ * fixed bug not redirecting files when email notification is enabled
617
+
618
+ = 2.5.4 =
619
+ * mitigated issue with "Session failed" errors appearing randomly in websites
620
+ * fixed bug not applying %filename% variable inside redirect link
621
+ * fixed bug not applying new filename, which has been modified with wfu_before_file_upload filter, in email notifications and redirects
622
+ * fixed bug where when 2 big files were uploaded at the same time and one failed due to failed chunk, then the progress bar would not go to 100% and the file would not be shown as cancelled
623
+
624
+ = 2.5.3 =
625
+ * fixed bug not allowing redirection to work
626
+ * fixed bug that was including failed files in email notifications on certain occasions
627
+ * default value for uploadrole changed to "all"
628
+
629
+ = 2.5.2 =
630
+ * fixed important bug in free version not correctly showing message after failed upload
631
+
632
+ = 2.5.1 =
633
+ * fixed important bug in free version giving the same name to all uploaded files
634
+ * fixed bug in free version not clearing completely the plugin cache from previous file upload
635
+
636
+ = 2.5.0 =
637
+ * major redesign of upload algorithm to address upload issues with Safari for Mac and Firefox
638
+ * files are first checked by server before actually uploaded, in order to avoid uploading of large files that are invalid
639
+ * modifications to progress bar code to make progress bar smoother
640
+ * restrict upload of .php files for security reasons
641
+ * fixed bug not showing correctly userdata fields inside email notifications when using ampersand or other special characters in userdata fields
642
+
643
+ = 2.4.6 =
644
+ * variables %blogid%, %pageid% and %pagetitle% added in email notifications and subject and %dq% in subject
645
+ * corrected bug that was breaking Shortcode Composer when using more than ten attributes
646
+ * corrected bug that was rejecting file uploads when uploadpattern attribute contained blank spaces
647
+ * several code corrections in order to eliminate PHP warning messages when DEBUG mode is on
648
+ * several code corrections in order to eliminate warning messages in Javascript
649
+
650
+ = 2.4.5 =
651
+ * correction of bug when using userfields inside notifyrecipients
652
+
653
+ = 2.4.4 =
654
+ * intermediate update to make the plugin more immune to hackers
655
+
656
+ = 2.4.3 =
657
+ * correction of bug to allow uploadpath to receive userdata as parameter
658
+
659
+ = 2.4.2 =
660
+ * intermediate update to address some vulnerability issues
661
+
662
+ = 2.4.1 =
663
+ * added filters and actions before and after each file upload - check below Filters/Actions section for instructions how to use them
664
+ * added storage of file info, including user data, in database
665
+ * added logging of file actions in database - admins can view the log from the Dashboard
666
+ * admins can automatically update the database to reflect the current status of files from the Dashboard
667
+ * file browser improvements so that more information about each file (including any user data) are shown
668
+ * file browser improvements so that files can be downloaded
669
+ * filelist improvements to display correctly long filenames (Pro version)
670
+ * filelist improvements to distinguish successful uploads from failed uploads (Pro version)
671
+ * improvements of chunked uploads so that files that are not allowed to be uploaded are cancelled faster (Pro version)
672
+ * corrected wrong check of file size limit for chunked files (Pro version)
673
+ * added postlink attribute so that uploaded files are linked to the current page (or post) as attachments
674
+ * added subfolderlabel attribute to define the label of the subfolder selection feature
675
+ * several improvements to subfolder selection feature
676
+ * default value added to subfolder selection feature
677
+ * definition of the subfoldertree attribute in the Shortcode Composer is now done visually
678
+ * %userid% variable added inside uploadpath attribute
679
+ * userdata variables added inside uploadpath and notifyrecipients attributes
680
+ * uploadfolder_label added to dimension items
681
+ * user fields feature improvements
682
+ * user fields label and input box dimensions are customizable
683
+ * captcha prompt label dimensions are customizable (Pro version)
684
+ * added gallery attribute to allow the uploaded files to be shown as image gallery below the plugin (Pro version)
685
+ * added galleryoptions attribute to define options of the image gallery (Pro version)
686
+ * added css attribute and a delicate css editor inside Shortcode Composer to allow better styling of the plugin using custom css (Pro version)
687
+ * email feature improved in conjunction with redirection
688
+ * improved interoperability with WP-Filebase plugin
689
+ * improved functionality of free text attributes (like notifymessage or css) by allowing double-quotes and brackets inside the text (using special variables), that were previously breaking the plugin
690
+
691
+ = 2.3.1 =
692
+ * added option to restore default value for each attribute in Shortcode Composer
693
+ * added support for multilingual characters
694
+ * correction of bug in Shortcode Composer that was not allowing attributes with singular and plural form to be saved
695
+ * correction of bug that was not changing errormessage attribute in some cases
696
+
697
+ = 2.2.3 =
698
+ * correction of bug that was freezing the Shortcode Composer in some cases
699
+ * correction of bug with successmessage attribute
700
+
701
+ = 2.2.2 =
702
+ * serious bug fixed that was breaking operation of Shortcode Composer and File Browser when the Wordpress website is in a subdirectory
703
+
704
+ = 2.2.1 =
705
+ * added file browser in Dashboard for admins
706
+ * added attribute medialink to allow uploaded files to be shown in Media
707
+ * serious bug fixed that was breaking the plugin because of preg_replace_callback function
708
+ * corrected error in first attempt to upload file when captcha is enabled
709
+
710
+ = 2.1.3 =
711
+ * variables %pagetitle% and %pageid% added in uploadpath.
712
+ * bug fixes when working with IE8.
713
+ * Shortcode Composer saves selected options
714
+ * Easier handling of userdata variables in Shortcode Composer
715
+ * correction of bug that allowed debugdata to be shown in non-admin users
716
+ * reset.css removed from plugin as it was causing breaks in theme's css
717
+ * correction of bug with WPFilebase Manager plugin
718
+
719
+ = 2.1.2 =
720
+ * Several bug fixes and code reconstruction.
721
+ * Code modifications so that the plugin can operate even when DEBUG mode is ON.
722
+ * New attribute debugmode added to allow better debugging of the plugin when there are errors.
723
+
724
+ = 2.1.1 =
725
+ * Bug fixes with broken images when Wordpress website is in a subdirectory.
726
+ * Replacement of glob function because is not allowed by some servers.
727
+
728
+ = 2.0.2 =
729
+ * Bug fixes in Dashboard Settings Shortcode Composer.
730
+ * Correction of important bug that was breaking page in some cases.
731
+ * Minor improvements of user data fields and notification email attributes.
732
+
733
+ = 2.0.1 =
734
+ This is the initial release of Wordpress File Upload. Since this plugin is the successor of Inline Upload, the whole changelog since the creation of the later is included.
735
+
736
+ * Name of the plugin changed to Wordpress File Upload.
737
+ * Plugin has been completely restructured to allow additional features.
738
+ * A new more advanced message box has been included showing information in a more structured way.
739
+ * Error detection and reporting has been improved.
740
+ * An administration page has been created in the Dashboard Settings, containing a Shortcode Composer.
741
+ * Some more options related to configuration of message showing upload results have been added.
742
+ * Several bug fixes.
743
+
744
+ = 1.7.14 =
745
+ * Userdata attribute changed to allow the creation of more fields and required ones.
746
+ * Spanish translation added thanks to Maria Ramos of WebHostingHub.
747
+
748
+ = 1.7.13 =
749
+ * Added notifyheaders attribute, in order to allow better control of notification email sent (e.g. allow to send HTML email).
750
+
751
+ = 1.7.12 =
752
+ * Added userdata attribute, in order to allow users to send additional text data along with the uploaded file.
753
+
754
+ = 1.7.11 =
755
+ * Added single button operation (file will be automatically uploaded when selected without pressing Upload Button).
756
+
757
+ = 1.7.10 =
758
+ * Fixed bug with functionality of attribute filebaselink for new versions of WP-Filebase plugin.
759
+
760
+ = 1.7.9 =
761
+ * Fixed problem with functionality of attribute filebaselink for new versions of WP-Filebase plugin.
762
+
763
+ = 1.7.8 =
764
+ * More than one roles can now be defined in attribute uploadrole, separated by comma (,).
765
+
766
+ = 1.7.7 =
767
+ * Variable %filename% now works also in redirectlink.
768
+
769
+ = 1.7.6 =
770
+ * Changes in ftp functionality, added useftpdomain attribute so that it can work with external ftp domains as well.
771
+ * Improvement of classic upload (used in IE or when setting forceclassic to true) messaging functionality.
772
+ * Minor bug fixes.
773
+
774
+ = 1.7.5 =
775
+ * Source modified so that it can work with Wordpress sites that are not installed in root.
776
+ * Added variable %blogid% for use with multi-site installations.
777
+ * Bug fixes related to showing of messages.
778
+
779
+ = 1.7.4 =
780
+ * Replacement of json2.js with another version.
781
+
782
+ = 1.7.3 =
783
+ * CSS style changes to resolve conflicts with various theme CSS styles.
784
+
785
+ = 1.7.2 =
786
+ * Added variable %useremail% used in notifyrecipients, notifysubject and notifymessage attributes.
787
+
788
+ = 1.7.1 =
789
+ * Added capability to upload files outside wp-content folder.
790
+ * Improved error reporting.
791
+
792
+ = 1.7 =
793
+ * Complete restructuring of plugin HTML code, in order to make it more configurable and customizable.
794
+ * Appearance of messages has been improved.
795
+ * Added option to put the plugin in testmode.
796
+ * Added option to configure the colors of success and fail messages.
797
+ * Added option to modify the dimensions of the individual objects of the plugin.
798
+ * Added option to change the placement of the individual objects of the plugin.
799
+ * Improved error reporting.
800
+ * Added localization for error messages.
801
+ * Minor bug fixes.
802
+
803
+ = 1.6.3 =
804
+ * Bug fixes to correct incompatibilities of the new ajax functionality when uploadrole is set to "all".
805
+
806
+ = 1.6.2 =
807
+ * Bug fixes to correct incompatibilities of the new ajax functionality with redirectlink, filebaselink and adminmessages.
808
+
809
+ = 1.6.1 =
810
+ * Correction of serious bug that prevented the normal operation of the plugin when the browser of the user supports HTML5 functionality.
811
+ * Tags added to the plugin Wordpress page.
812
+
813
+ = 1.6 =
814
+ * Major lifting of the whole code.
815
+ * Added ajax functionality so that file is uploaded without page reload (works in browsers supporting HTML5).
816
+ * Added upload progress bar (works in browsers supporting HTML5).
817
+ * Added option to allow user to select if wants to use the old form upload functionality.
818
+ * File will not be saved again if user presses the Refresh button (or F5) of the page.
819
+ * Translation strings updated.
820
+ * Bug fixes for problems when there are more than one instances of the plugin in a single page.
821
+
822
+ = 1.5 =
823
+ * Added option to notify user about upload directory.
824
+ * Added option to allow user to select a subfolder to upload the file.
825
+
826
+ = 1.4.1 =
827
+ * css corrections for bug fixes.
828
+
829
+ = 1.4 =
830
+ * Added option to attach uploaded file to notification email.
831
+ * Added option to customize message on successful upload (variables %filename% and %filepath% can be used).
832
+ * Added option to customize color of message on successful upload.
833
+ * "C:\fakepath\" problem resolved.
834
+ * warning message about function create_directory() resolved.
835
+ * css enhancements for compatibility with more themes.
836
+
837
+ = 1.3 =
838
+ * Additional variables added (%filename% and %filepath%).
839
+ * All variables can be used inside message subject and message text.
840
+ * Added option to determine how to treat duplicates (overwrite existing file, leave existing file, leave both).
841
+ * Added option to determine how to rename the uploaded file, when another file already exists in the target directory.
842
+ * Added option to create directories and upload files using ftp access, in order to overcome file owner and SAFE MODE restrictions.
843
+ * Added the capability to redirect to another web page when a file is uploaded successfully.
844
+ * Added the option to show to administrators additional messages about upload errors.
845
+ * Bug fixes related to interoperability with WP_Filebase
846
+
847
+ = 1.2 =
848
+ * Added notification by email when a file is uploaded.
849
+ * Added the ability to upload to a variable folder, based on the name of the user currently logged in.
850
+
851
+ = 1.1 =
852
+ Added the option to allow anyone to upload files, by setting the attribute uploadrole to "all".
853
+
854
+ = 1.0 =
855
+ Initial version.
856
+
857
+ == Upgrade Notice ==
858
+
859
+ = 4.12.2 =
860
+ Minor update to fix some bugs.
861
+
862
+ = 4.12.1 =
863
+ Minor update to fix some bugs.
864
+
865
+ = 4.12.0 =
866
+ Significant update to introduce some improvements, new features and fix some bugs.
867
+
868
+ = 4.11.2 =
869
+ Minor update to introduce some improvements.
870
+
871
+ = 4.11.1 =
872
+ Minor update to introduce some improvements and fix some bugs.
873
+
874
+ = 4.11.0 =
875
+ Significant update to introduce some improvements and fix some bugs.
876
+
877
+ = 4.10.3 =
878
+ Minor update to introduce some improvements and fix some bugs.
879
+
880
+ = 4.10.2 =
881
+ Minor update to introduce some improvements and fix some bugs.
882
+
883
+ = 4.10.1 =
884
+ Regular update to introduce some new features and improvements.
885
+
886
+ = 4.10.0 =
887
+ Regular update to introduce some new features and improvements.
888
+
889
+ = 4.9.1 =
890
+ Regular update to introduce some new features and improvements and fix some bugs.
891
+
892
+ = 4.9.0 =
893
+ Significant update to introduce some new features and improvements and fix some bugs.
894
+
895
+ = 4.8.0 =
896
+ Significant update to introduce some new features and improvements and fix some bugs.
897
+
898
+ = 4.7.0 =
899
+ Significant update to introduce some new features and improvements and fix some bugs.
900
+
901
+ = 4.6.2 =
902
+ Minor update to fix some bugs and introduce some code improvements.
903
+
904
+ = 4.6.1 =
905
+ Regular update to introduce some new features.
906
+
907
+ = 4.6.0 =
908
+ Significant update to introduce some new features.
909
+
910
+ = 4.5.1 =
911
+ Minor update to introduce some new features.
912
+
913
+ = 4.5.0 =
914
+ Significant update to introduce new features and fix some bugs.
915
+
916
+ = 4.4.0 =
917
+ Significant update that enables wider web server compatibility.
918
+
919
+ = 4.3.4 =
920
+ Minor update to fix a serious security hole.
921
+
922
+ = 4.3.3 =
923
+ Minor update to fix a serious security hole.
924
+
925
+ = 4.3.2 =
926
+ Minor update to fix some bugs.
927
+
928
+ = 4.3.1 =
929
+ Minor update to introduce a new feature.
930
+
931
+ = 4.3.0 =
932
+ Significant update to introduce some new features and fix some bugs.
933
+
934
+ = 4.2.0 =
935
+ Significant update to introduce some new features and fix some bugs.
936
+
937
+ = 4.1.0 =
938
+ Significant update to fix several bugs and introduce some new features.
939
+
940
+ = 4.0.1 =
941
+ Minor update to fix some bugs.
942
+
943
+ = 4.0.0 =
944
+ Major update to introduce new features, code improvements and fix some bugs.
945
+
946
+ = 3.11.0 =
947
+ Update to introduce some new features and fix some bugs.
948
+
949
+ = 3.10.0 =
950
+ Update to introduce some new features and fix some bugs.
951
+
952
+ = 3.9.6 =
953
+ Update to introduce some new features.
954
+
955
+ = 3.9.5 =
956
+ Update to introduce some new features and fix some minor bugs.
957
+
958
+ = 3.9.4 =
959
+ Update to introduce some new features and fix some bugs.
960
+
961
+ = 3.9.3 =
962
+ Update to introduce some new features and fix some bugs.
963
+
964
+ = 3.9.2 =
965
+ Significant update to improve a temporary fix to an important problem and fix some minor bugs.
966
+
967
+ = 3.9.1 =
968
+ Significant update to introduce a temporary fix to an important problem.
969
+
970
+ = 3.9.0 =
971
+ Significant update to increase the security of the plugin and address potential threats.
972
+
973
+ = 3.8.5 =
974
+ Upgrade to introduce some new features and code improvements.
975
+
976
+ = 3.8.4 =
977
+ Upgrade to fix some bugs.
978
+
979
+ = 3.8.3 =
980
+ Minor upgrade to fix some bugs.
981
+
982
+ = 3.8.2 =
983
+ Minor upgrade to fix some bugs and introduce some new features.
984
+
985
+ = 3.8.1 =
986
+ Minor upgrade to fix some bugs.
987
+
988
+ = 3.8.0 =
989
+ Significant upgrade to introduce some new features and fix some bugs.
990
+
991
+ = 3.7.3 =
992
+ Upgrade to introduce some improvements and new languages.
993
+
994
+ = 3.7.2 =
995
+ Upgrade to introduce some new features and fix some minor bugs.
996
+
997
+ = 3.7.1 =
998
+ Upgrade to fix some minor bugs.
999
+
1000
+ = 3.7.0 =
1001
+ Upgrade to introduce some new features and fix some minor bugs.
1002
+
1003
+ = 3.6.1 =
1004
+ Upgrade to introduce some new features and fix some minor bugs.
1005
+
1006
+ = 3.6.0 =
1007
+ Upgrade to introduce some new features and fix some minor bugs.
1008
+
1009
+ = 3.5.0 =
1010
+ Important upgrade to introduce some new features and fix some bugs.
1011
+
1012
+ = 3.4.1 =
1013
+ Important upgrade to address a security hole.
1014
+
1015
+ = 3.4.0 =
1016
+ Important upgrade to introduce some new features and fix some bugs.
1017
+
1018
+ = 3.3.1 =
1019
+ Important upgrade to correct a bug of the previous version and introduce a new feature.
1020
+
1021
+ = 3.3.0 =
1022
+ Major upgrade to add some new featuresand fix some minor bugs.
1023
+
1024
+ = 3.2.1 =
1025
+ Upgrade to fix some bugs and add some features.
1026
+
1027
+ = 3.2.0 =
1028
+ Upgrade to fix some bugs and add some features.
1029
+
1030
+ = 3.1.2 =
1031
+ Upgrade to fix an important bug.
1032
+
1033
+ = 3.1.1 =
1034
+ Upgrade to fix a minor bug.
1035
+
1036
+ = 3.1.0 =
1037
+ Upgrade to fix some minor bugs.
1038
+
1039
+ = 3.0.0 =
1040
+ Upgrade to increase protection against hacking.
1041
+
1042
+ = 2.7.6 =
1043
+ Upgrade to add some new features and address some bugs.
1044
+
1045
+ = 2.7.5 =
1046
+ Upgrade to add some new features.
1047
+
1048
+ = 2.7.4 =
1049
+ Upgrade to add some new features and address some bugs.
1050
+
1051
+ = 2.7.3 =
1052
+ Upgrade to add some new features and address some bugs.
1053
+
1054
+ = 2.7.2 =
1055
+ Upgrade to address some bugs.
1056
+
1057
+ = 2.7.1 =
1058
+ Upgrade to add some new features and address some bugs.
1059
+
1060
+ = 2.7.0 =
1061
+ Upgrade to address some minor bugs.
1062
+
1063
+ = 2.6.0 =
1064
+ Important upgrade to add new features and address some bugs.
1065
+
1066
+ = 2.5.5 =
1067
+ Important upgrade to address some bugs.
1068
+
1069
+ = 2.5.4 =
1070
+ Important upgrade to address some bugs.
1071
+
1072
+ = 2.5.3 =
1073
+ Important upgrade to address some bugs.
1074
+
1075
+ = 2.5.2 =
1076
+ Important upgrade to address some bugs.
1077
+
1078
+ = 2.5.1 =
1079
+ Important upgrade to address some bugs.
1080
+
1081
+ = 2.5.0 =
1082
+ Important upgrade to address some bugs.
1083
+
1084
+ = 2.4.6 =
1085
+ Important upgrade to address some bugs.
1086
+
1087
+ = 2.4.5 =
1088
+ Minor upgrade to address some bugs.
1089
+
1090
+ = 2.4.4 =
1091
+ Important upgrade to address some vulnerability issues.
1092
+
1093
+ = 2.4.3 =
1094
+ Upgrade to address some functionality issues.
1095
+
1096
+ = 2.4.2 =
1097
+ Important upgrade to address some vulnerability issues.
1098
+
1099
+ = 2.4.1 =
1100
+ Upgrade to add many features and address some minor bugs.
1101
+
1102
+ = 2.3.1 =
1103
+ Upgrade to add some features and address some minor bugs.
1104
+
1105
+ = 2.2.3 =
1106
+ Upgrade to address some minor bugs.
1107
+
1108
+ = 2.2.2 =
1109
+ Important upgrade to address some serious bugs.
1110
+
1111
+ = 2.2.1 =
1112
+ Important upgrade to address some serious bugs and include some new features.
1113
+
1114
+ = 2.1.3 =
1115
+ Important upgrade to address some serious bugs.
1116
+
1117
+ = 2.1.2 =
1118
+ Important upgrade to address some bugs.
1119
+
1120
+ = 2.1.1 =
1121
+ Important upgrade to address some serious bugs.
1122
+
1123
+ = 2.0.2 =
1124
+ Important upgrade to address some serious bugs.
1125
+
1126
+ = 2.0.1 =
1127
+ Optional upgrade to add new features.
1128
+
1129
+ = 1.7.14 =
1130
+ Optional upgrade to add new features.
1131
+
1132
+ = 1.7.13 =
1133
+ Optional upgrade to add new features.
1134
+
1135
+ = 1.7.12 =
1136
+ Optional upgrade to add new features.
1137
+
1138
+ = 1.7.11 =
1139
+ Optional upgrade to add new features.
1140
+
1141
+ = 1.7.10 =
1142
+ Important upgrade to correct bug with filebaselink attribute functionality.
1143
+
1144
+ = 1.7.9 =
1145
+ Important upgrade to resolve issue with filebaselink attribute functionality.
1146
+
1147
+ = 1.7.8 =
1148
+ Optional upgrade to add new features.
1149
+
1150
+ = 1.7.7 =
1151
+ Optional upgrade to add new features.
1152
+
1153
+ = 1.7.6 =
1154
+ Optional upgrade to add new features and make minor bug fixes.
1155
+
1156
+ = 1.7.5 =
1157
+ Important upgrade to resolve issues with Wordpress sites not installed in root.
1158
+
1159
+ = 1.7.4 =
1160
+ Important upgrade to resolve issues with json2 functionality.
1161
+
1162
+ = 1.7.3 =
1163
+ Important upgrade to resolve issues with style incompatibilities.
1164
+
1165
+ = 1.7.2 =
1166
+ Optional upgrade to add new features, related to variables.
1167
+
1168
+ = 1.7.1 =
1169
+ Optional upgrade to add new features, related to uploadpath and error reporting.
1170
+
1171
+ = 1.7 =
1172
+ Optional upgrade to add new features, related to appearance of the plugin and error reporting.
1173
+
1174
+ = 1.6.3 =
1175
+ Important upgrade to correct bugs that prevented normal operation of the plugins in some cases.
1176
+
1177
+ = 1.6.2 =
1178
+ Important upgrade to correct bugs that prevented normal operation of the plugins in some cases.
1179
+
1180
+ = 1.6.1 =
1181
+ Important upgrade to correct bug that prevented normal operation of the plugins in some cases.
1182
+
1183
+ = 1.6 =
1184
+ Optional upgrade to add new features, related to ajax functionality and minor bug fixes.
1185
+
1186
+ = 1.5 =
1187
+ Optional upgrade to add new features, related to subfolders.
1188
+
1189
+ = 1.4.1 =
1190
+ Important upgrade to correct a css problem with Firefox.
1191
+
1192
+ = 1.4 =
1193
+ Important upgrade that introduces some bug fixes and some new capabilities.
1194
+
1195
+ = 1.3 =
1196
+ Important upgrade that introduces some bug fixes and a lot of new capabilities.
1197
+
1198
+ = 1.2 =
1199
+ Optional upgrade in order to set additional capabilities.
1200
+
1201
+ = 1.1 =
1202
+ Optional upgrade in order to set additional capabilities.
1203
+
1204
+ = 1.0 =
1205
+ Initial version.
1206
+
1207
+ == Plugin Customization Options ==
1208
+
1209
+ Please visit the [support page](http://www.iptanus.com/support/wordpress-file-upload/ "Wordpress File Upload support page") of the plugin for detailed description of customization options.
1210
+
1211
+ == Requirements ==
1212
+
1213
+ The plugin requires to have Javascript enabled in your browser. For Internet Explorer you also need to have Active-X enabled.
1214
  Please note that old desktop browsers or mobile browsers may not support all of the plugin's features. In order to get full functionality use the latest versions of browsers, supporting HTML5, AJAX and CSS3.
release_notes.txt CHANGED
@@ -1,10 +1,3 @@
1
- <!-- --><span><strong>Version 4.12.1</strong> is a minor update to fix some bugs.<br/><br/><strong>Version 4.12.0</strong> is a significant release introducing <strong>session-less</strong> operation. Until now the plugin was using session to store <strong>User State</strong>, however this was causing problems with the latest versions of Wordpress (loopback errors in Site Health, could not edit files with Theme and Plugin Editor, performance issues). Even <strong>DBOption</strong> user state handler of the plugin was using session.<br /><br />
2
- When this version is activated the plugin will </span><span style="text-decoration: underline;">automatically switch</span><span> user state handler to <strong>Cookies/DB</strong>. The new handler uses <strong>cookies</strong> and the <strong>database</strong> to store user state. It fully complies with Wordpress directives and resolves the aforementioned problems. It also complies with EU regulation for data protection, <strong>GDPR</strong>, since no user information is kept in cookies.<br /><br />
3
- </span><span style="font-weight: bold; color: red;">NOTE:</span><span> Please note that in case you have added hooks (PHP scripts) in your website to customize the plugin and these hooks use session (they contain the variable <strong>$_SESSION</strong>), they may not work with Cookies/DB handler. For this reason and also for facing unpredictable issues of the new handler, <strong>Session</strong> user state handler still remains as an option in plugin's <strong>Settings</strong>.<br /><br />
4
- Other improvements introduced in this version are:
5
- <ul style="list-style: disc; padding-left: 20px;">
6
- <li><strong>SFTP</strong> support improved using <strong>PHPSecLib</strong> library.</li>
7
- <li>Corrected a bug in <strong>FTP Credentials Configurator</strong> that was not correctly handling usernames and passwords containing at (@) and colon (:) characters.</li>
8
- </ul>
9
- For more details about this version's changes please visit the Release Notes of the plugin's </span><a href="http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/">support page</a><span>.</span><!-- -->
10
  <!-- -->
1
+ <!-- --><span><strong>Version 4.12.2</strong> is a minor update to fix some bugs of file <strong>download</strong> operation of the <strong>File Browser</strong> which occur when <strong>User State Handler</strong> is set to <strong>DBOption</strong>.<br /><br />
2
+ For more details about this version's changes please visit the Release Notes of the plugin's </span><a href="http://www.iptanus.com/wordpress-plugins/wordpress-file-upload/">support page</a><span>.</span><!-- -->
 
 
 
 
 
 
 
3
  <!-- -->
wfu_file_downloader.php CHANGED
@@ -1,131 +1,134 @@
1
- <?php
2
- include_once( dirname(__FILE__).'/lib/wfu_functions.php' );
3
- include_once( dirname(__FILE__).'/lib/wfu_security.php' );
4
- $handler = (isset($_POST['handler']) ? $_POST['handler'] : (isset($_GET['handler']) ? $_GET['handler'] : '-1'));
5
- $session_legacy = (isset($_POST['session_legacy']) ? $_POST['session_legacy'] : (isset($_GET['session_legacy']) ? $_GET['session_legacy'] : ''));
6
- $dboption_base = (isset($_POST['dboption_base']) ? $_POST['dboption_base'] : (isset($_GET['dboption_base']) ? $_GET['dboption_base'] : '-1'));
7
- if ( $handler == '-1' || $session_legacy == '' || $dboption_base == '-1' ) die();
8
- else {
9
- $GLOBALS["wfu_user_state_handler"] = wfu_sanitize_code($handler);
10
- $GLOBALS["WFU_GLOBALS"]["WFU_US_SESSION_LEGACY"] = array( "", "", "", ( $session_legacy == '1' ? 'true' : 'false' ), "", true );
11
- $GLOBALS["WFU_GLOBALS"]["WFU_US_DBOPTION_BASE"] = array( "", "", "", wfu_sanitize_code($dboption_base), "", true );
12
- wfu_download_file();
13
- }
14
-
15
- function wfu_download_file() {
16
- $file_code = (isset($_POST['file']) ? $_POST['file'] : (isset($_GET['file']) ? $_GET['file'] : ''));
17
- $ticket = (isset($_POST['ticket']) ? $_POST['ticket'] : (isset($_GET['ticket']) ? $_GET['ticket'] : ''));
18
- if ( $file_code == '' || $ticket == '' ) die();
19
-
20
- wfu_initialize_user_state();
21
-
22
- $ticket = wfu_sanitize_code($ticket);
23
- $file_code = wfu_sanitize_code($file_code);
24
- //if download ticket does not exist or is expired die
25
- if ( !WFU_USVAR_exists_downloader('wfu_download_ticket_'.$ticket) || time() > WFU_USVAR_downloader('wfu_download_ticket_'.$ticket) ) {
26
- WFU_USVAR_unset_downloader('wfu_download_ticket_'.$ticket);
27
- WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
28
- wfu_update_download_status($ticket, 'failed');
29
- die();
30
- }
31
- //destroy ticket so it cannot be used again
32
- WFU_USVAR_unset_downloader('wfu_download_ticket_'.$ticket);
33
-
34
- //if file_code starts with exportdata, then this is a request for export of
35
- //uploaded file data, so disposition_name will not be the filename of the file
36
- //but wfu_export.csv; also set flag to delete file after download operation
37
- if ( substr($file_code, 0, 10) == "exportdata" ) {
38
- $file_code = substr($file_code, 10);
39
- //$filepath = wfu_get_filepath_from_safe($file_code);
40
- $filepath = WFU_USVAR_downloader('wfu_storage_'.$file_code);
41
- $disposition_name = "wfu_export.csv";
42
- $delete_file = true;
43
- }
44
- else {
45
- //$filepath = wfu_get_filepath_from_safe($file_code);
46
- $filepath = WFU_USVAR_downloader('wfu_storage_'.$file_code);
47
- if ( $filepath === false ) {
48
- WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
49
- wfu_update_download_status($ticket, 'failed');
50
- die();
51
- }
52
- $filepath = wfu_flatten_path($filepath);
53
- if ( substr($filepath, 0, 1) == "/" ) $filepath = substr($filepath, 1);
54
- $filepath = ( substr($filepath, 0, 6) == 'ftp://' || substr($filepath, 0, 7) == 'ftps://' || substr($filepath, 0, 7) == 'sftp://' ? $filepath : WFU_USVAR_downloader('wfu_ABSPATH').$filepath );
55
- $disposition_name = wfu_basename($filepath);
56
- $delete_file = false;
57
- }
58
- //destroy file code as it is no longer needed
59
- WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
60
- //check that file exists
61
- if ( !file_exists($filepath) ) {
62
- wfu_update_download_status($ticket, 'failed');
63
- die('<script language="javascript">alert("'.( WFU_USVAR_exists_downloader('wfu_browser_downloadfile_notexist') ? WFU_USVAR_downloader('wfu_browser_downloadfile_notexist') : 'File does not exist!' ).'");</script>');
64
- }
65
-
66
- $open_session = false;
67
- @set_time_limit(0); // disable the time limit for this script
68
- $fsize = filesize($filepath);
69
- if ( $fd = @fopen ($filepath, "rb") ) {
70
- $open_session = ( ( $wfu_user_state_handler == "session" || $wfu_user_state_handler == "" ) && ( function_exists("session_status") ? ( PHP_SESSION_ACTIVE !== session_status() ) : ( empty(session_id()) ) ) );
71
- if ( $open_session ) session_start();
72
- header('Content-Type: application/octet-stream');
73
- header("Content-Disposition: attachment; filename=\"".$disposition_name."\"");
74
- header('Content-Transfer-Encoding: binary');
75
- header('Connection: Keep-Alive');
76
- header('Expires: 0');
77
- header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
78
- header('Pragma: public');
79
- header("Content-length: $fsize");
80
- $failed = false;
81
- while( !feof($fd) ) {
82
- $buffer = @fread($fd, 1024*8);
83
- echo $buffer;
84
- ob_flush();
85
- flush();
86
- if ( connection_status() != 0 ) {
87
- $failed = true;
88
- break;
89
- }
90
- }
91
- fclose ($fd);
92
- }
93
- else $failed = true;
94
-
95
- if ( $delete_file ) unlink($filepath);
96
-
97
- if ( !$failed ) {
98
- wfu_update_download_status($ticket, 'downloaded');
99
- if ( $open_session ) session_write_close();
100
- die();
101
- }
102
- else {
103
- wfu_update_download_status($ticket, 'failed');
104
- if ( $open_session ) session_write_close();
105
- die('<script type="text/javascript">alert("'.( WFU_USVAR_exists_downloader('wfu_browser_downloadfile_failed') ? WFU_USVAR_downloader('wfu_browser_downloadfile_failed') : 'Could not download file!' ).'");</script>');
106
- }
107
- }
108
-
109
- function wfu_update_download_status($ticket, $new_status) {
110
- require_once WFU_USVAR_downloader('wfu_ABSPATH').'wp-load.php';
111
- WFU_USVAR_store('wfu_download_status_'.$ticket, $new_status);
112
- }
113
-
114
- function WFU_USVAR_exists_downloader($var) {
115
- global $wfu_user_state_handler;
116
- if ( $wfu_user_state_handler == "dboption" && WFU_VAR("WFU_US_DBOPTION_BASE") == "cookies" ) return isset($_COOKIE[$var]);
117
- else return WFU_USVAR_exists_session($var);
118
- }
119
-
120
- function WFU_USVAR_downloader($var) {
121
- global $wfu_user_state_handler;
122
- if ( $wfu_user_state_handler == "dboption" && WFU_VAR("WFU_US_DBOPTION_BASE") == "cookies" ) return $_COOKIE[$var];
123
- else return WFU_USVAR_session($var);
124
- }
125
-
126
- function WFU_USVAR_unset_downloader($var) {
127
- global $wfu_user_state_handler;
128
- if ( $wfu_user_state_handler == "session" || $wfu_user_state_handler == "" ) WFU_USVAR_unset_session($var);
129
- }
130
-
131
- ?>
 
 
 
1
+ <?php
2
+ include_once( dirname(__FILE__).'/lib/wfu_functions.php' );
3
+ include_once( dirname(__FILE__).'/lib/wfu_security.php' );
4
+ $handler = (isset($_POST['handler']) ? $_POST['handler'] : (isset($_GET['handler']) ? $_GET['handler'] : '-1'));
5
+ $session_legacy = (isset($_POST['session_legacy']) ? $_POST['session_legacy'] : (isset($_GET['session_legacy']) ? $_GET['session_legacy'] : ''));
6
+ $dboption_base = (isset($_POST['dboption_base']) ? $_POST['dboption_base'] : (isset($_GET['dboption_base']) ? $_GET['dboption_base'] : '-1'));
7
+ $wfu_cookie = (isset($_POST['wfu_cookie']) ? $_POST['wfu_cookie'] : (isset($_GET['wfu_cookie']) ? $_GET['wfu_cookie'] : ''));
8
+ if ( $handler == '-1' || $session_legacy == '' || $dboption_base == '-1' || $wfu_cookie == '' ) die();
9
+ else {
10
+ $GLOBALS["wfu_user_state_handler"] = wfu_sanitize_code($handler);
11
+ $GLOBALS["WFU_GLOBALS"]["WFU_US_SESSION_LEGACY"] = array( "", "", "", ( $session_legacy == '1' ? 'true' : 'false' ), "", true );
12
+ $GLOBALS["WFU_GLOBALS"]["WFU_US_DBOPTION_BASE"] = array( "", "", "", wfu_sanitize_code($dboption_base), "", true );
13
+ if ( !defined("WPFILEUPLOAD_COOKIE") ) DEFINE("WPFILEUPLOAD_COOKIE", wfu_sanitize_tag($wfu_cookie));
14
+ wfu_download_file();
15
+ }
16
+
17
+ function wfu_download_file() {
18
+ global $wfu_user_state_handler;
19
+ $file_code = (isset($_POST['file']) ? $_POST['file'] : (isset($_GET['file']) ? $_GET['file'] : ''));
20
+ $ticket = (isset($_POST['ticket']) ? $_POST['ticket'] : (isset($_GET['ticket']) ? $_GET['ticket'] : ''));
21
+ if ( $file_code == '' || $ticket == '' ) die();
22
+
23
+ wfu_initialize_user_state();
24
+
25
+ $ticket = wfu_sanitize_code($ticket);
26
+ $file_code = wfu_sanitize_code($file_code);
27
+ //if download ticket does not exist or is expired die
28
+ if ( !WFU_USVAR_exists_downloader('wfu_download_ticket_'.$ticket) || time() > WFU_USVAR_downloader('wfu_download_ticket_'.$ticket) ) {
29
+ WFU_USVAR_unset_downloader('wfu_download_ticket_'.$ticket);
30
+ WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
31
+ wfu_update_download_status($ticket, 'failed');
32
+ die();
33
+ }
34
+ //destroy ticket so it cannot be used again
35
+ WFU_USVAR_unset_downloader('wfu_download_ticket_'.$ticket);
36
+
37
+ //if file_code starts with exportdata, then this is a request for export of
38
+ //uploaded file data, so disposition_name will not be the filename of the file
39
+ //but wfu_export.csv; also set flag to delete file after download operation
40
+ if ( substr($file_code, 0, 10) == "exportdata" ) {
41
+ $file_code = substr($file_code, 10);
42
+ //$filepath = wfu_get_filepath_from_safe($file_code);
43
+ $filepath = WFU_USVAR_downloader('wfu_storage_'.$file_code);
44
+ $disposition_name = "wfu_export.csv";
45
+ $delete_file = true;
46
+ }
47
+ else {
48
+ //$filepath = wfu_get_filepath_from_safe($file_code);
49
+ $filepath = WFU_USVAR_downloader('wfu_storage_'.$file_code);
50
+ if ( $filepath === false ) {
51
+ WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
52
+ wfu_update_download_status($ticket, 'failed');
53
+ die();
54
+ }
55
+ $filepath = wfu_flatten_path($filepath);
56
+ if ( substr($filepath, 0, 1) == "/" ) $filepath = substr($filepath, 1);
57
+ $filepath = ( substr($filepath, 0, 6) == 'ftp://' || substr($filepath, 0, 7) == 'ftps://' || substr($filepath, 0, 7) == 'sftp://' ? $filepath : WFU_USVAR_downloader('wfu_ABSPATH').$filepath );
58
+ $disposition_name = wfu_basename($filepath);
59
+ $delete_file = false;
60
+ }
61
+ //destroy file code as it is no longer needed
62
+ WFU_USVAR_unset_downloader('wfu_storage_'.$file_code);
63
+ //check that file exists
64
+ if ( !file_exists($filepath) ) {
65
+ wfu_update_download_status($ticket, 'failed');
66
+ die('<script language="javascript">alert("'.( WFU_USVAR_exists_downloader('wfu_browser_downloadfile_notexist') ? WFU_USVAR_downloader('wfu_browser_downloadfile_notexist') : 'File does not exist!' ).'");</script>');
67
+ }
68
+
69
+ $open_session = false;
70
+ @set_time_limit(0); // disable the time limit for this script
71
+ $fsize = filesize($filepath);
72
+ if ( $fd = @fopen ($filepath, "rb") ) {
73
+ $open_session = ( ( $wfu_user_state_handler == "session" || $wfu_user_state_handler == "" ) && ( function_exists("session_status") ? ( PHP_SESSION_ACTIVE !== session_status() ) : ( empty(session_id()) ) ) );
74
+ if ( $open_session ) session_start();
75
+ header('Content-Type: application/octet-stream');
76
+ header("Content-Disposition: attachment; filename=\"".$disposition_name."\"");
77
+ header('Content-Transfer-Encoding: binary');
78
+ header('Connection: Keep-Alive');
79
+ header('Expires: 0');
80
+ header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
81
+ header('Pragma: public');
82
+ header("Content-length: $fsize");
83
+ $failed = false;
84
+ while( !feof($fd) ) {
85
+ $buffer = @fread($fd, 1024*8);
86
+ echo $buffer;
87
+ ob_flush();
88
+ flush();
89
+ if ( connection_status() != 0 ) {
90
+ $failed = true;
91
+ break;
92
+ }
93
+ }
94
+ fclose ($fd);
95
+ }
96
+ else $failed = true;
97
+
98
+ if ( $delete_file ) unlink($filepath);
99
+
100
+ if ( !$failed ) {
101
+ wfu_update_download_status($ticket, 'downloaded');
102
+ if ( $open_session ) session_write_close();
103
+ die();
104
+ }
105
+ else {
106
+ wfu_update_download_status($ticket, 'failed');
107
+ if ( $open_session ) session_write_close();
108
+ die('<script type="text/javascript">alert("'.( WFU_USVAR_exists_downloader('wfu_browser_downloadfile_failed') ? WFU_USVAR_downloader('wfu_browser_downloadfile_failed') : 'Could not download file!' ).'");</script>');
109
+ }
110
+ }
111
+
112
+ function wfu_update_download_status($ticket, $new_status) {
113
+ require_once WFU_USVAR_downloader('wfu_ABSPATH').'wp-load.php';
114
+ WFU_USVAR_store('wfu_download_status_'.$ticket, $new_status);
115
+ }
116
+
117
+ function WFU_USVAR_exists_downloader($var) {
118
+ global $wfu_user_state_handler;
119
+ if ( $wfu_user_state_handler == "dboption" && WFU_VAR("WFU_US_DBOPTION_BASE") == "cookies" ) return isset($_COOKIE[$var]);
120
+ else return WFU_USVAR_exists_session($var);
121
+ }
122
+
123
+ function WFU_USVAR_downloader($var) {
124
+ global $wfu_user_state_handler;
125
+ if ( $wfu_user_state_handler == "dboption" && WFU_VAR("WFU_US_DBOPTION_BASE") == "cookies" ) return $_COOKIE[$var];
126
+ else return WFU_USVAR_session($var);
127
+ }
128
+
129
+ function WFU_USVAR_unset_downloader($var) {
130
+ global $wfu_user_state_handler;
131
+ if ( $wfu_user_state_handler == "session" || $wfu_user_state_handler == "" ) WFU_USVAR_unset_session($var);
132
+ }
133
+
134
+ ?>
wfu_loader.php CHANGED
@@ -1,974 +1,1013 @@
1
- <?php
2
-
3
- /**
4
- * Initialize plugin
5
- *
6
- * This file initializes the plugin; defines constants, loads plugin's files,
7
- * defines shortcodes and text domain, registers filters and actions and
8
- * processes website requests.
9
- *
10
- * @link /wfu_loader.php
11
- *
12
- * @package WordPress File Upload Plugin
13
- * @subpackage Core Components
14
- * @since 4.9.1
15
- */
16
-
17
- if ( !defined("WPFILEUPLOAD_PLUGINFILE") ) return;
18
-
19
- //set global db variables
20
- //wfu_tb_log_version v2.0 changes:
21
- // sessionid field added
22
- //wfu_tb_log_version v3.0 changes:
23
- // uploadtime field added
24
- // blogid field added
25
- //wfu_tb_log_version v4.0 changes:
26
- // filedata field added
27
- $wfu_tb_log_version = "4.0";
28
- $wfu_tb_userdata_version = "1.0";
29
- $wfu_tb_dbxqueue_version = "1.0";
30
-
31
- DEFINE("WPFILEUPLOAD_DIR", plugin_dir_url( WPFILEUPLOAD_PLUGINFILE ));
32
- DEFINE("ABSWPFILEUPLOAD_DIR", plugin_dir_path( WPFILEUPLOAD_PLUGINFILE ));
33
- DEFINE("WPFILEUPLOAD_COOKIE", "wp_wpfileupload_".COOKIEHASH);
34
- add_shortcode("wordpress_file_upload", "wordpress_file_upload_handler");
35
- //activation-deactivation hooks
36
- register_activation_hook(WPFILEUPLOAD_PLUGINFILE,'wordpress_file_upload_install');
37
- register_deactivation_hook(WPFILEUPLOAD_PLUGINFILE,'wordpress_file_upload_uninstall');
38
- add_action('plugins_loaded', 'wordpress_file_upload_initialize');
39
- add_action('plugins_loaded', 'wordpress_file_upload_update_db_check');
40
- //widget
41
- add_action( 'widgets_init', 'register_wfu_widget' );
42
- //admin hooks
43
- add_action('admin_init', 'wordpress_file_upload_admin_init');
44
- add_action('admin_menu', 'wordpress_file_upload_add_admin_pages');
45
- //load styles and scripts for front pages
46
- if ( !is_admin() ) {
47
- add_action( 'wp_enqueue_scripts', 'wfu_enqueue_frontpage_scripts' );
48
- }
49
- //add admin bar menu item of new uploaded files
50
- add_action( 'wp_before_admin_bar_render', 'wfu_admin_toolbar_new_uploads', 999 );
51
- //general ajax actions
52
- add_action('wp_ajax_wfu_ajax_action', 'wfu_ajax_action_callback');
53
- add_action('wp_ajax_nopriv_wfu_ajax_action', 'wfu_ajax_action_callback');
54
- add_action('wp_ajax_wfu_ajax_action_ask_server', 'wfu_ajax_action_ask_server');
55
- add_action('wp_ajax_nopriv_wfu_ajax_action_ask_server', 'wfu_ajax_action_ask_server');
56
- add_action('wp_ajax_wfu_ajax_action_cancel_upload', 'wfu_ajax_action_cancel_upload');
57
- add_action('wp_ajax_nopriv_wfu_ajax_action_cancel_upload', 'wfu_ajax_action_cancel_upload');
58
- add_action('wp_ajax_wfu_ajax_action_send_email_notification', 'wfu_ajax_action_send_email_notification');
59
- add_action('wp_ajax_nopriv_wfu_ajax_action_send_email_notification', 'wfu_ajax_action_send_email_notification');
60
- add_action('wp_ajax_wfu_ajax_action_notify_wpfilebase', 'wfu_ajax_action_notify_wpfilebase');
61
- add_action('wp_ajax_nopriv_wfu_ajax_action_notify_wpfilebase', 'wfu_ajax_action_notify_wpfilebase');
62
- add_action('wp_ajax_wfu_ajax_action_save_shortcode', 'wfu_ajax_action_save_shortcode');
63
- add_action('wp_ajax_wfu_ajax_action_check_page_contents', 'wfu_ajax_action_check_page_contents');
64
- add_action('wp_ajax_wfu_ajax_action_read_subfolders', 'wfu_ajax_action_read_subfolders');
65
- add_action('wp_ajax_wfu_ajax_action_download_file_invoker', 'wfu_ajax_action_download_file_invoker');
66
- add_action('wp_ajax_nopriv_wfu_ajax_action_download_file_invoker', 'wfu_ajax_action_download_file_invoker');
67
- add_action('wp_ajax_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor');
68
- add_action('wp_ajax_nopriv_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor');
69
- add_action('wp_ajax_wfu_ajax_action_edit_shortcode', 'wfu_ajax_action_edit_shortcode');
70
- add_action('wp_ajax_wfu_ajax_action_gutedit_shortcode', 'wfu_ajax_action_gutedit_shortcode');
71
- add_action('wp_ajax_wfu_ajax_action_get_historylog_page', 'wfu_ajax_action_get_historylog_page');
72
- add_action('wp_ajax_wfu_ajax_action_get_uploadedfiles_page', 'wfu_ajax_action_get_uploadedfiles_page');
73
- add_action('wp_ajax_wfu_ajax_action_get_adminbrowser_page', 'wfu_ajax_action_get_adminbrowser_page');
74
- add_action('wp_ajax_wfu_ajax_action_include_file', 'wfu_ajax_action_include_file');
75
- add_action('wp_ajax_wfu_ajax_action_update_envar', 'wfu_ajax_action_update_envar');
76
- add_action('wp_ajax_wfu_ajax_action_transfer_command', 'wfu_ajax_action_transfer_command');
77
- add_action('wp_ajax_wfu_ajax_action_pdusers_get_users', 'wfu_ajax_action_pdusers_get_users');
78
- //personal data related actions
79
- add_action( 'show_user_profile', 'wfu_show_consent_profile_fields' );
80
- add_action( 'edit_user_profile', 'wfu_show_consent_profile_fields' );
81
- add_action( 'personal_options_update', 'wfu_update_consent_profile_fields' );
82
- add_action( 'edit_user_profile_update', 'wfu_update_consent_profile_fields' );
83
- //Media editor custom properties
84
- if ( is_admin() ) add_action( 'attachment_submitbox_misc_actions', 'wfu_media_editor_properties', 11 );
85
- //register admin filter to check consent status before upload
86
- add_filter("wfu_before_upload", "wfu_consent_ask_server_handler", 10, 2);
87
- //register internal filter that is executed before upload for classic uploader
88
- add_filter("_wfu_before_upload", "wfu_classic_before_upload_handler", 10, 2);
89
- wfu_include_lib();
90
-
91
- /**
92
- * Initialize plugin.
93
- *
94
- * Runs after plugins are loaded in order to correctly load the plugin's text
95
- * domain and then load all translatable strings. Then it loads the User State
96
- * Handler (session or db). Then it executes all active plugin hooks.
97
- *
98
- * @since 4.7.0
99
- *
100
- * @redeclarable
101
- */
102
- function wordpress_file_upload_initialize() {
103
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
104
- load_plugin_textdomain('wp-file-upload', false, dirname(plugin_basename (WPFILEUPLOAD_PLUGINFILE)).'/languages');
105
- wfu_initialize_i18n_strings();
106
- //store the User State handler in a global variable for easy access by the
107
- //plugin's routines
108
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
109
- $GLOBALS["wfu_user_state_handler"] = $plugin_options['userstatehandler'];
110
- wfu_initialize_user_state();
111
-
112
- }
113
-
114
- /**
115
- * Register Upload Form Widget.
116
- *
117
- * Runs on widget initialization to register the upload form widget of the
118
- * plugin.
119
- *
120
- * @since 3.4.0
121
- */
122
- function register_wfu_widget() {
123
- register_widget( 'WFU_Widget' );
124
- }
125
-
126
- /**
127
- * Enqueue frontpage styles and scripts.
128
- *
129
- * It enqueues all necessary frontpage styles and scripts of the plugin.
130
- *
131
- * @since 2.4.6
132
- *
133
- * @redeclarable
134
- */
135
- function wfu_enqueue_frontpage_scripts() {
136
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
137
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
138
- $relaxcss = false;
139
- if ( isset($plugin_options['relaxcss']) ) $relaxcss = ( $plugin_options['relaxcss'] == '1' );
140
- //apply wfu_before_frontpage_scripts to get additional settings
141
- $changable_data = array();
142
- /**
143
- * Execute Custom Actions Before Loading Frontpage Scripts.
144
- *
145
- * This filter allows to execute custom actions before frontpage scripts are
146
- * loaded. Loading of plugin's scripts can be completely customised.
147
- *
148
- * @since 3.5.0
149
- *
150
- * @param array $changable_data {
151
- * Controls loading of frontpage scripts.
152
- *
153
- * @type mixed $return_value Optional. If it is set then no frontpage
154
- * scripts will be loaded.
155
- * @type string $correct_NextGenGallery_incompatibility Optional. If it
156
- * is set to "true" then JQuery UI styles will not be loaded in
157
- * order to avoid incompatibility with NextGEN Gallery plugin.
158
- * @type string $correct_JQueryUI_incompatibility Optional. If it is set
159
- * to "true" then JQuery UI styles will not be loaded (same as
160
- * previous parameter).
161
- * @type string $exclude_timepicker Optional. If it is set to "true"
162
- * then jQuery timepicker styles and scripts will not be loaded.
163
- * }
164
- */
165
- $ret_data = apply_filters('wfu_before_frontpage_scripts', $changable_data);
166
- //if $ret_data contains 'return_value' key then no scripts will be enqueued
167
- if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
168
-
169
- if ( $relaxcss ) {
170
- wp_enqueue_style('wordpress-file-upload-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_relaxed.css');
171
- wp_enqueue_style('wordpress-file-upload-style-safe', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_safe_relaxed.css');
172
- }
173
- else {
174
- wp_enqueue_style('wordpress-file-upload-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style.css');
175
- wp_enqueue_style('wordpress-file-upload-style-safe', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_safe.css');
176
- }
177
- wp_enqueue_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css');
178
- //do not load JQuery UI css if $ret_data denotes incompatibility issues
179
- if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
180
- ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
181
- wp_enqueue_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
182
- //do not load timepicker css if $ret_data exclude_timepicker flag is true
183
- if ( !isset($ret_data["exclude_timepicker"]) || $ret_data["exclude_timepicker"] != "true" )
184
- wp_enqueue_style('jquery-ui-timepicker-addon-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui-timepicker-addon.min.css');
185
- wp_enqueue_script('json2');
186
- wp_enqueue_script('wordpress_file_upload_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_functions.js');
187
- //do not load timepicker js if $ret_data exclude_timepicker flag is true
188
- if ( !isset($ret_data["exclude_timepicker"]) || $ret_data["exclude_timepicker"] != "true" ) {
189
- wp_enqueue_script('jquery-ui-slider');
190
- wp_enqueue_script('jquery-ui-timepicker-addon-js', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui-timepicker-addon.min.js', array("jquery-ui-datepicker"));
191
- }
192
- }
193
-
194
- /**
195
- * Load plugin libraries.
196
- *
197
- * It loads all plugin libraries located in /lib folder of the plugin.
198
- *
199
- * @since 2.1.2
200
- */
201
- function wfu_include_lib() {
202
- $dir = plugin_dir_path( WPFILEUPLOAD_PLUGINFILE )."lib/";
203
- if ( $handle = opendir($dir) ) {
204
- $blacklist = array('.', '..');
205
- while ( false !== ($file = readdir($handle)) )
206
- if ( !in_array($file, $blacklist) && substr($file, 0, 1) != "_" )
207
- include_once $dir.$file;
208
- closedir($handle);
209
- }
210
- if ( $handle = opendir(plugin_dir_path( WPFILEUPLOAD_PLUGINFILE )) ) {
211
- closedir($handle);
212
- }
213
- }
214
-
215
-
216
- /* exit if we are in admin pages (in case of ajax call) */
217
- if ( is_admin() ) return;
218
-
219
- /**
220
- * Render uploader form shortcode.
221
- *
222
- * It receives the attributes of an uploader form shortcode and returns the HTML
223
- * code of the generated upload form.
224
- *
225
- * @since 2.1.2
226
- *
227
- * @param array $incomingfrompost An associative array of shortcode attributes
228
- * (array keys) and their values (array values).
229
- * @return string The HTML code of the generated upload form
230
- */
231
- function wordpress_file_upload_handler($incomingfrompost) {
232
- //replace old attribute definitions with new ones
233
- $incomingfrompost = wfu_old_to_new_attributes($incomingfrompost);
234
- //preprocess attributes
235
- $incomingfrompost = wfu_preprocess_attributes($incomingfrompost);
236
- //process incoming attributes assigning defaults if required
237
- $defs_indexed = wfu_shortcode_attribute_definitions_adjusted($incomingfrompost);
238
- $incomingfrompost = shortcode_atts($defs_indexed, $incomingfrompost);
239
- //run function that actually does the work of the plugin
240
- $wordpress_file_upload_output = wordpress_file_upload_function($incomingfrompost);
241
- //send back text to replace shortcode in post
242
- return $wordpress_file_upload_output;
243
- }
244
-
245
- /**
246
- * Render front-end file viewer shortcode.
247
- *
248
- * It receives the attributes of a front-end file viewer shortcode and returns
249
- * the HTML code of the generated file viewer.
250
- *
251
- * @since 3.1.0
252
- *
253
- * @param array $incomingfrompost An associative array of shortcode attributes
254
- * (array keys) and their values (array values).
255
- * @return string The HTML code of the generated file viewer
256
- */
257
- function wordpress_file_upload_browser_handler($incomingfrompost) {
258
- //process incoming attributes assigning defaults if required
259
- $defs = wfu_browser_attribute_definitions();
260
- $defs_indexed = array();
261
- foreach ( $defs as $def ) $defs_indexed[$def["attribute"]] = $def["value"];
262
- $incomingfrompost = shortcode_atts($defs_indexed, $incomingfrompost);
263
- //run function that actually does the work of the plugin
264
- $wordpress_file_upload_browser_output = wordpress_file_upload_browser_function($incomingfrompost);
265
- //send back text to replace shortcode in post
266
- return $wordpress_file_upload_browser_output;
267
- }
268
-
269
- /**
270
- * Generate the HTML code of uploader form.
271
- *
272
- * It receives the processed attributes of an uploader form shortcode and
273
- * returns the HTML code of the generated upload form.
274
- *
275
- * @since 2.1.2
276
- *
277
- * @redeclarable
278
- *
279
- * @global object $post The current post
280
- * @global int $blog_id The ID of the current blog
281
- *
282
- * @param array $incomingfromhandler An associative array of shortcode
283
- * attributes (array keys) and their values (array values).
284
- *
285
- * @return string The HTML code of the generated upload form
286
- */
287
- function wordpress_file_upload_function($incomingfromhandler) {
288
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
289
- global $post;
290
- global $blog_id;
291
-
292
- $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
293
- $shortcode_tag = 'wordpress_file_upload';
294
- $params = wfu_plugin_parse_array($incomingfromhandler);
295
- //sanitize params
296
- $params = wfu_sanitize_shortcode_array($params, $shortcode_tag);
297
-
298
- $is_admin = current_user_can( 'manage_options' );
299
- //check if a non-admin user can edit the shortcode
300
- $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" &&
301
- $params["widgetid"] == "" &&
302
- $post != null &&
303
- isset($post->post_type) &&
304
- ( $post->post_type == 'post' || $post->post_type == 'page' ) &&
305
- current_user_can( 'edit_'.$post->post_type, $post->ID ) );
306
-
307
- $sid = $params["uploadid"];
308
- // store current page and blog id in params array
309
- $params["pageid"] = $post->ID;
310
- $params["blogid"] = $blog_id;
311
-
312
- $token_sid = 'wfu_token_'.$sid;
313
- if ( !WFU_USVAR_exists($token_sid) || WFU_USVAR($token_sid) == "" )
314
- WFU_USVAR_store($token_sid, uniqid(mt_rand(), TRUE));
315
- //store the server environment (32 or 64bit) for use when checking file size limits
316
- $params["php_env"] = wfu_get_server_environment();
317
-
318
- $user = wp_get_current_user();
319
- $widths = wfu_decode_dimensions($params["widths"]);
320
- $heights = wfu_decode_dimensions($params["heights"]);
321
- //additional parameters to pass to visualization routines
322
- $additional_params = array( );
323
- $additional_params['widths'] = $widths;
324
- $additional_params['heights'] = $heights;
325
- $additional_params["require_consent"] = ( $plugin_options["personaldata"] == "1" && ( $params["notrememberconsent"] == "true" || wfu_check_user_consent($user) == "" ) && $params["askconsent"] == "true" );
326
-
327
- $uploadedfile = 'uploadedfile_'.$sid;
328
- $hiddeninput = 'hiddeninput_'.$sid;
329
- $adminerrorcodes = 'adminerrorcodes_'.$sid;
330
-
331
- //set necessary parameters to be passed to client initialization function
332
- $init_params = array();
333
- $init_params["shortcode_id"] = $sid;
334
- $init_params["shortcode_tag"] = $shortcode_tag;
335
- $init_params["container_id"] = $shortcode_tag.'_block_'.$sid;
336
- $init_params["session"] = WFU_USVAR($token_sid);
337
- $init_params["testmode"] = ( $params["testmode"] == "true" );
338
- $init_params["widgetid"] = $params["widgetid"];
339
- $init_params["require_consent"] = $additional_params["require_consent"];
340
- //if the following criteria is met, then maybe the server needs to be asked
341
- //if upload needs to be rejected or not due to consent denial
342
- $init_params["consent_maybe_ask_server"] = ( $plugin_options["personaldata"] == "1" && $params["askconsent"] == "true" && $params["consentrejectupload"] == "true" );
343
- $init_params["consent_rejection_message"] = $params["consentrejectmessage"];
344
- //add allow no file flag
345
- $init_params["allownofile"] = ( $params["allownofile"] == "true" );
346
- $init_params["not_store_files"] = ( $params["personaldatatypes"] == "userdata and files" );
347
- //add params related to visual editor button
348
- if ( $is_admin || $can_open_composer ) {
349
- $init_params["post_id"] = $post->ID;
350
- $init_params["post_hash"] = hash('md5', $post->post_content);
351
- }
352
-
353
- //check if user is allowed to view plugin, otherwise do not generate it
354
- $uploadroles = explode(",", $params["uploadrole"]);
355
- foreach ( $uploadroles as &$uploadrole ) {
356
- $uploadrole = trim($uploadrole);
357
- }
358
- $plugin_upload_user_role = wfu_get_user_role($user, $uploadroles);
359
- /**
360
- * Filter When the Upload Form Must Not be Shown.
361
- *
362
- * This filter is executed when the upload form must be shown on the page.
363
- * It allows to return custom HTML output instead of empty content.
364
- *
365
- * @since 4.1.0
366
- *
367
- * @param string $ret The HTML output to return to the page. Default "".
368
- */
369
- if ( $plugin_upload_user_role == 'nomatch' ) return apply_filters("_wfu_file_upload_hide_output", "");
370
-
371
- //activate debug mode only for admins
372
- if ( $plugin_upload_user_role != 'administrator' ) $params["debugmode"] = "false";
373
-
374
- $params["adminmessages"] = ( $params["adminmessages"] == "true" && $plugin_upload_user_role == 'administrator' );
375
- // define variable to hold any additional admin errors coming before processing of files (e.g. due to redirection)
376
- $params["adminerrors"] = "";
377
-
378
- /* Define dynamic upload path from variables */
379
- $search = array ('/%userid%/', '/%username%/', '/%blogid%/', '/%pageid%/', '/%pagetitle%/');
380
- if ( is_user_logged_in() ) $username = $user->user_login;
381
- else $username = "guests";
382
- $replace = array ($user->ID, $username, $blog_id, $post->ID, get_the_title($post->ID));
383
- $params["uploadpath"] = preg_replace($search, $replace, $params["uploadpath"]);
384
-
385
- /* Determine if userdata fields have been defined */
386
- $userdata_fields = array();
387
- $userdata_occurrencies = substr_count($params["placements"], "userdata");
388
- if ( $userdata_occurrencies == 0 ) $userdata_occurrencies = 1;
389
- if ( $params["userdata"] == "true" ) {
390
- for ( $i = 1; $i <= $userdata_occurrencies; $i++ ) {
391
- $userdata_fields2 = wfu_parse_userdata_attribute($params["userdatalabel".( $i > 1 ? $i : "" )]);
392
- foreach ( $userdata_fields2 as $key => $item ) $userdata_fields2[$key]["occurrence"] = $i;
393
- $userdata_fields = array_merge($userdata_fields, $userdata_fields2);
394
- }
395
- }
396
- $params["userdata_fields"] = $userdata_fields;
397
-
398
- /* If medialink or postlink is activated, then subfolders are deactivated */
399
- if ( $params["medialink"] == "true" || $params["postlink"] == "true" ) $params["askforsubfolders"] = "false";
400
-
401
- /* Generate the array of subfolder paths */
402
- $params['subfoldersarray'] = wfu_get_subfolders_paths($params);
403
-
404
-
405
- /* in case that webcam is activated, then some elements related to file
406
- selection need to be removed */
407
- if ( strpos($params["placements"], "webcam") !== false && $params["webcam"] == "true" ) {
408
- $params["placements"] = wfu_placements_remove_item($params["placements"], "filename");
409
- $params["placements"] = wfu_placements_remove_item($params["placements"], "selectbutton");
410
- $params["singlebutton"] = "false";
411
- $params["uploadbutton"] = $params["uploadmediabutton"];
412
- }
413
-
414
- //____________________________________________________________________________________________________________________________________________________________________________________
415
-
416
- if ( $params['forceclassic'] != "true" ) {
417
- //**************section to put additional options inside params array**************
418
- $params['subdir_selection_index'] = "-1";
419
- //**************end of section of additional options inside params array**************
420
-
421
-
422
- // below this line no other changes to params array are allowed
423
-
424
-
425
- //**************section to save params as Wordpress options**************
426
- // every params array is indexed (uniquely identified) by three fields:
427
- // - the page that contains the shortcode
428
- // - the id of the shortcode instance (because there may be more than one instances of the shortcode inside a page)
429
- // - the user that views the plugin (because some items of the params array are affected by the user name)
430
- // the wordpress option "wfu_params_index" holds an array of combinations of these three fields, together with a randomly generated string that corresponds to these fields.
431
- // the wordpress option "wfu_params_xxx", where xxx is the randomly generated string, holds the params array (encoded to string) that corresponds to this string.
432
- // the structure of the "wfu_params_index" option is as follows: "a1||b1||c1||d1&&a2||b2||c2||d2&&...", where
433
- // - a is the randomly generated string (16 characters)
434
- // - b is the page id
435
- // - c is the shortcode id
436
- // - d is the user name
437
- $params_index = wfu_generate_current_params_index($sid, $user->user_login);
438
- $params_str = wfu_encode_array_to_string($params);
439
- update_option('wfu_params_'.$params_index, $params_str);
440
- $init_params["params_index"] = $params_index;
441
- $init_params["debugmode"] = ( $params["debugmode"] == "true" );
442
- $init_params["is_admin"] = ( $plugin_upload_user_role == "administrator" );
443
- $init_params["has_filters"] = has_filter("wfu_before_upload");
444
- $init_params["error_header"] = $params["errormessage"];
445
- $init_params["fail_colors"] = $params["failmessagecolors"];
446
- $init_params["success_header"] = $params["successmessage"];
447
- $init_params["success_colors"] = $params["successmessagecolors"];
448
- }
449
-
450
-
451
- /* set the template that will be used, default is empty (the original) */
452
- $params["uploadertemplate"] = "";
453
- // $params["uploadertemplate"] = "Custom1";
454
- /**
455
- * Filter To Define Custom Uploader Template.
456
- *
457
- * This filter is used to define a custom uploader template that will be
458
- * used to generate the upload form.
459
- *
460
- * @since 4.0.0
461
- *
462
- * @param string $ret The uploader template to use. Default "".
463
- * @param array $params An associative array with the shortcode attributes.
464
- */
465
- $params["uploadertemplate"] = apply_filters("_wfu_uploader_template", $params["uploadertemplate"], $params);
466
- $uploadertemplate = wfu_get_uploader_template($params["uploadertemplate"]);
467
- /* Compose the html code for the plugin */
468
- $wordpress_file_upload_output = "";
469
- $wordpress_file_upload_output .= wfu_init_run_js_script();
470
- $plugin_style = "";
471
- if ( $widths["plugin"] != "" ) $plugin_style .= 'width: '.$widths["plugin"].'; ';
472
- if ( $heights["plugin"] != "" ) $plugin_style .= 'height: '.$heights["plugin"].'; ';
473
- if ( $plugin_style != "" ) $plugin_style = ' style="'.$plugin_style.'"';
474
- $wordpress_file_upload_output .= "\n".'<div id="'.$init_params["container_id"].'" class="file_div_clean'.( $params["fitmode"] == "responsive" ? '_responsive_container' : '' ).' wfu_container"'.$plugin_style.'>';
475
- $wordpress_file_upload_output .= "\n".'<!-- Using template '.call_user_func(array($uploadertemplate, 'get_name')).' -->';
476
- //read indexed component definitions
477
- $component_output = "";
478
- $css = "";
479
- $js = "";
480
- /* Add generic uploadform code to output from template */
481
- $wordpress_file_upload_output .= wfu_template_to_HTML("base", $params, array(), 0);
482
- /* Continue with uploadform elements */
483
- $components = wfu_component_definitions();
484
- $components_indexed = array();
485
- foreach ( $components as $component ) {
486
- $components_indexed[$component['id']] = $component;
487
- $components_indexed[$component['id']]['occurrencies'] = 0;
488
- }
489
- $itemplaces = explode("/", $params["placements"]);
490
- foreach ( $itemplaces as $section ) {
491
- $items_in_section = explode("+", trim($section));
492
- $section_array = array( $params );
493
- foreach ( $items_in_section as $item_in_section ) {
494
- $item_in_section = strtolower(trim($item_in_section));
495
- if ( isset($components_indexed[$item_in_section]) && ( $components_indexed[$item_in_section]['multiplacements'] || $components_indexed[$item_in_section]['occurrencies'] == 0 ) ) {
496
- $components_indexed[$item_in_section]['occurrencies'] ++;
497
- $occurrence_index = ( $components_indexed[$item_in_section]['multiplacements'] ? $components_indexed[$item_in_section]['occurrencies'] : 0 );
498
- if ( $item_in_section == "title" ) array_push($section_array, wfu_prepare_title_block($params, $additional_params, $occurrence_index));
499
- elseif ( $item_in_section == "filename" ) array_push($section_array, wfu_prepare_textbox_block($params, $additional_params, $occurrence_index));
500
- elseif ( $item_in_section == "selectbutton" ) array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, $occurrence_index));
501
- elseif ( $item_in_section == "uploadbutton" && $params["singlebutton"] != "true" ) array_push($section_array, wfu_prepare_submit_block($params, $additional_params, $occurrence_index));
502
- elseif ( $item_in_section == "subfolders" ) array_push($section_array, wfu_prepare_subfolders_block($params, $additional_params, $occurrence_index));
503
- elseif ( $item_in_section == "progressbar" ) array_push($section_array, wfu_prepare_progressbar_block($params, $additional_params, $occurrence_index));
504
- elseif ( $item_in_section == "message" ) array_push($section_array, wfu_prepare_message_block($params, $additional_params, $occurrence_index));
505
- elseif ( $item_in_section == "userdata" && $params["userdata"] == "true" ) array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, $occurrence_index));
506
- elseif ( $item_in_section == "consent" && $additional_params["require_consent"] ) array_push($section_array, wfu_prepare_consent_block($params, $additional_params, $occurrence_index));
507
- elseif ( $item_in_section == "webcam" && $params["webcam"] == "true" ) array_push($section_array, wfu_prepare_webcam_block($params, $additional_params, $occurrence_index));
508
- }
509
- }
510
- wfu_extract_css_js_from_components($section_array, $css, $js);
511
- $component_output .= call_user_func_array("wfu_add_div", $section_array);
512
- }
513
- /* Append mandatory blocks, if have not been included in placements attribute */
514
- if ( $params["userdata"] == "true" && strpos($params["placements"], "userdata") === false ) {
515
- $section_array = array( $params );
516
- array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, 0));
517
- wfu_extract_css_js_from_components($section_array, $css, $js);
518
- $component_output .= call_user_func_array("wfu_add_div", $section_array);
519
- }
520
- if ( $additional_params["require_consent"] && strpos($params["placements"], "consent") === false ) {
521
- $section_array = array( $params );
522
- array_push($section_array, wfu_prepare_consent_block($params, $additional_params, 0));
523
- wfu_extract_css_js_from_components($section_array, $css, $js);
524
- $component_output .= call_user_func_array("wfu_add_div", $section_array);
525
- }
526
- if ( strpos($params["placements"], "selectbutton") === false ) {
527
- $section_array = array( $params );
528
- array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, 0));
529
- wfu_extract_css_js_from_components($section_array, $css, $js);
530
- $component_output .= call_user_func_array("wfu_add_div", $section_array);
531
- }
532
- if ( strpos($params["placements"], "uploadbutton") === false ) $params["singlebutton"] = "true";
533
-
534
- //set some more parameters for the initialization script
535
- $init_params["is_formupload"] = ( $params['forceclassic'] == "true" );
536
- $init_params["singlebutton"] = ( $params["singlebutton"] == "true" );
537
- $init_params["resetmode"] = $params["resetmode"];
538
-
539
- //output css styling rules
540
- if ( $css != "" ) {
541
- //relax css rules if this option is enabled
542
- if ( $plugin_options['relaxcss'] == '1' ) $css = preg_replace('#.*?/\*relax\*/\s*#', '', $css);
543
- $wordpress_file_upload_output .= wfu_css_to_HTML($css);
544
- }
545
- //output javascript code
546
- if ( $js != "" ) {
547
- //add initialization of the object of the upload form
548
- $wfu_js = 'var WFU_JS_'.$sid.' = function() {';
549
- $wfu_js .= "\n".'GlobalData.WFU['.$sid.'] = '.wfu_PHP_array_to_JS_object($init_params).'; GlobalData.WFU.n.push('.$sid.');';
550
- $wfu_js .= "\n".$js;
551
- $wfu_js .= "\n".'}';
552
- $wfu_js .= "\n".'wfu_run_js("window", "WFU_JS_'.$sid.'");';
553
- $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
554
- }
555
- //add visual editor overlay if the current user is administrator
556
- if ( $is_admin || $can_open_composer ) {
557
- $wordpress_file_upload_output .= wfu_add_visual_editor_button($shortcode_tag, $params);
558
- }
559
- //add components' html output
560
- $wordpress_file_upload_output .= $component_output;
561
-
562
- /* Pass constants to javascript and run plugin post-load actions */
563
- $consts = wfu_set_javascript_constants();
564
- $handler = 'function() { wfu_Initialize_Consts("'.$consts.'"); wfu_Load_Code_Connectors('.$sid.'); wfu_plugin_load_action('.$sid.'); }';
565
- $wfu_js = 'if (typeof wfu_addLoadHandler == "undefined") function wfu_addLoadHandler(handler) { if(window.addEventListener) { window.addEventListener("load", handler, false); } else if(window.attachEvent) { window.attachEvent("onload", handler); } else { window["onload"] = handler; } }';
566
- $wfu_js .= "\n".'wfu_addLoadHandler('.$handler.');';
567
- $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
568
- $wordpress_file_upload_output .= '</div>';
569
- // $wordpress_file_upload_output .= '<div>';
570
- // $wordpress_file_upload_output .= wfu_test_admin();
571
- // $wordpress_file_upload_output .= '</div>';
572
-
573
- // The plugin uses sessions in order to detect if the page was loaded due to file upload or
574
- // because the user pressed the Refresh button (or F5) of the page.
575
- // In the second case we do not want to perform any file upload, so we abort the rest of the script.
576
- $check_refresh_sid = 'wfu_check_refresh_'.$sid;
577
- if ( !WFU_USVAR_exists($check_refresh_sid) || WFU_USVAR($check_refresh_sid) != "form button pressed" ) {
578
- WFU_USVAR_store($check_refresh_sid, 'do not process');
579
- $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
580
- /**
581
- * Filter To Customise Uploader Output.
582
- *
583
- * This filter is used to customise the HTML code generated by the
584
- * plugin for showing the upload form.
585
- *
586
- * @since 3.9.6
587
- *
588
- * @param string $wordpress_file_upload_output The HTML output.
589
- * @param array $params An associative array with shortcode attributes.
590
- */
591
- $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
592
- return $wordpress_file_upload_output."\n";
593
- }
594
- WFU_USVAR_store($check_refresh_sid, 'do not process');
595
- $params["upload_start_time"] = WFU_USVAR('wfu_start_time_'.$sid);
596
-
597
- // The plugin uses two ways to upload the file:
598
- // - The first one uses classic functionality of an HTML form (highest compatibility with browsers but few capabilities).
599
- // - The second uses ajax (HTML5) functionality (medium compatibility with browsers but many capabilities, like no page refresh and progress bar).
600
- // The plugin loads using ajax functionality by default, however if it detects that ajax functionality is not supported, it will automatically switch to classic functionality.
601
- // The next line checks to see if the form was submitted using ajax or classic functionality.
602
- // If the uploaded file variable stored in $_FILES ends with "_redirected", then it means that ajax functionality is not supported and the plugin must switch to classic functionality.
603
- if ( isset($_FILES[$uploadedfile.'_redirected']) ) $params['forceclassic'] = "true";
604
-
605
- if ( $params['forceclassic'] != "true" ) {
606
- $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
607
- /** This filter is documented above */
608
- $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
609
- return $wordpress_file_upload_output."\n";
610
- }
611
-
612
- // The following code is executed in case of non-ajax uploads to process the files.
613
- // Consecutive checks are performed in order to verify and approve the upload of files
614
- $_REQUEST = stripslashes_deep($_REQUEST);
615
- $_POST = stripslashes_deep($_POST);
616
- $wfu_checkpass = true;
617
-
618
- // First we test that WP nonce passes the check
619
- $wfu_checkpass = ( $wfu_checkpass && isset($_REQUEST["wfu_uploader_nonce"]) && wp_verify_nonce( $_REQUEST["wfu_uploader_nonce"], "wfu-uploader-nonce" ) !== false );
620
-
621
- $unique_id = ( isset($_POST['uniqueuploadid_'.$sid]) ? sanitize_text_field($_POST['uniqueuploadid_'.$sid]) : "" );
622
- // Check that upload_id is valid
623
- $wfu_checkpass = ( $wfu_checkpass && strlen($unique_id) == 10 );
624
-
625
- //check if honeypot userdata fields have been added to the form and if they
626
- //contain any data; if wfu_check_remove_honeypot_fields returns true this
627
- //means that at least one honeypot field has beed filled with a value and
628
- //the upload must be aborted because it was not done by a human; files will
629
- //not be saved but a success result will be shown, pretending that they have
630
- //been saved
631
- $abort_with_success = ( $params["userdata"] == "true" && wfu_check_remove_honeypot_fields($params["userdata_fields"], 'hiddeninput_'.$sid.'_userdata_') );
632
-
633
-
634
- if ( $wfu_checkpass ) {
635
- //process any error messages due to redirection to non-ajax upload
636
- if ( isset( $_POST[$adminerrorcodes] ) ) {
637
- $code = $_POST[$adminerrorcodes];
638
- if ( $code == "" ) $params['adminerrors'] = "";
639
- elseif ( $code == "1" || $code == "2" || $code == "3" ) $params['adminerrors'] = constant('WFU_ERROR_REDIRECTION_ERRORCODE'.$code);
640
- else $params['adminerrors'] = WFU_ERROR_REDIRECTION_ERRORCODE0;
641
- }
642
-
643
- $params['subdir_selection_index'] = -1;
644
- if ( isset( $_POST[$hiddeninput] ) ) $params['subdir_selection_index'] = sanitize_text_field($_POST[$hiddeninput]);
645
-
646
- //in case that that the upload has been cancelled then proceed
647
- //accordingly to notify the user
648
- $uploadstatus_id = "wfu_uploadstatus_".$unique_id;
649
- if ( WFU_USVAR_exists($uploadstatus_id) && WFU_USVAR($uploadstatus_id) == 0 ) {
650
- $safe_output = "17;".WFU_VAR("WFU_DEFAULTMESSAGECOLORS").";0";
651
- $wfu_process_file_array_str = " ";
652
- $js_script_enc = "";
653
- }
654
- //in case that the upload was performed by a bot, then files are not
655
- //processed and not saved, however state 18 is returned pretending that
656
- //the upload was successful
657
- elseif ( $abort_with_success ) {
658
- $safe_output = "18;".WFU_VAR("WFU_DEFAULTMESSAGECOLORS").";0";
659
- $wfu_process_file_array_str = " ";
660
- $js_script_enc = "";
661
- }
662
- else {
663
- //update consent status of user
664
- $params["consent_result"] = wfu_check_user_consent($user);
665
- if ( $additional_params["require_consent"] ) {
666
- if ( !isset($_POST['consentresult_'.$sid]) ) die();
667
- $consent_result = ( $_POST['consentresult_'.$sid] == "yes" ? "yes" : ( $_POST['consentresult_'.$sid] == "no" ? "no" : "" ) );
668
- $params["consent_result"] = ( $_POST['consentresult_'.$sid] == "yes" ? "1" : ( $_POST['consentresult_'.$sid] == "no" ? "0" : "" ) );
669
- wfu_update_user_consent($user, $consent_result);
670
- }
671
- $wfu_process_file_array = wfu_process_files($params, 'no_ajax');
672
- $safe_output = $wfu_process_file_array["general"]['safe_output'];
673
- unset($wfu_process_file_array["general"]['safe_output']);
674
- //javascript code generated from individual wfu_after_upload_filters is not executed in non-ajax uploads
675
- unset($wfu_process_file_array["general"]['js_script']);
676
- $js_script_enc = "";
677
- //execute after upload filters
678
- $ret = wfu_execute_after_upload_filters($sid, $unique_id, $params);
679
- if ( $ret["js_script"] != "" ) $js_script_enc = wfu_plugin_encode_string($ret["js_script"]);
680
- $wfu_process_file_array_str = wfu_encode_array_to_string($wfu_process_file_array);
681
- }
682
-
683
- $ProcessUploadComplete_functiondef = 'function(){wfu_ProcessUploadComplete('.$sid.', 1, "'.$wfu_process_file_array_str.'", "no-ajax", "'.$safe_output.'", [false, null, false], "fileupload", "'.$js_script_enc.'");}';
684
- $wfu_js = 'wfu_addLoadHandler('.$ProcessUploadComplete_functiondef.');';
685
- $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
686
- }
687
-
688
- $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
689
- /** This filter is documented above */
690
- $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
691
- return $wordpress_file_upload_output."\n";
692
- }
693
-
694
- /**
695
- * Generate HTML code of Shortcode Visual Editor button.
696
- *
697
- * It generates the HTML code of the button that invokes the visual editor of
698
- * the shortcode (shortcode composer).
699
- *
700
- * @since 3.1.0
701
- *
702
- * @param string $shortcode_tag The tag of the shortcode for which the button
703
- * will be generated.
704
- * @param array $params The shortcode attributes
705
- * @return string The HTML code of the visual editor button
706
- */
707
- function wfu_add_visual_editor_button($shortcode_tag, $params) {
708
- return wfu_template_to_HTML("visualeditorbutton", $params, array( "shortcode_tag" => $shortcode_tag ), 0);
709
- }
710
-
711
- /**
712
- * Additional content after upload form.
713
- *
714
- * It generates additional HTML code to be added after the upload form.
715
- *
716
- * @since 2.4.1
717
- *
718
- * @redeclarable
719
- *
720
- * @return string The additional HTML code
721
- */
722
- function wfu_post_plugin_actions($params) {
723
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
724
- $echo_str = '';
725
-
726
- return $echo_str;
727
- }
728
-
729
- /**
730
- * Get the list of subfolders of the upload directory.
731
- *
732
- * It calculates the subfolders of the upload directory of an upload form in
733
- * case that subfolders feature is activated in the shortcode and it is
734
- * configured to calculate the subfolders automatically.
735
- *
736
- * @since 3.3.0
737
- *
738
- * @redeclarable
739
- *
740
- * @param array $params The shortcode attributes
741
- * @return array The calculated subfolders
742
- */
743
- function wfu_get_subfolders_paths($params) {
744
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
745
- $subfolder_paths = array ( );
746
- if ( $params["askforsubfolders"] == "true" && $params["testmode"] != "true" ) {
747
- array_push($subfolder_paths, "");
748
- if ( substr($params["subfoldertree"], 0, 4) == "auto" ) {
749
- $upload_directory = wfu_upload_plugin_full_path($params);
750
- $dirtree = wfu_getTree($upload_directory);
751
- foreach ( $dirtree as &$dir ) $dir = '*'.$dir;
752
- $params["subfoldertree"] = implode(',', $dirtree);
753
- }
754
- $subfolders = wfu_parse_folderlist($params["subfoldertree"]);
755
- if ( count($subfolders['path']) == 0 ) array_push($subfolders['path'], "");
756
- foreach ( $subfolders['path'] as $subfolder ) array_push($subfolder_paths, $subfolder);
757
- }
758
-
759
- return $subfolder_paths;
760
- }
761
-
762
- /**
763
- * Convert old attribute names to new.
764
- *
765
- * Some shortcode attributes have changed name. This function makes sure that
766
- * shortcode attributes with old names are converted to new names so that they
767
- * can be processed correctly.
768
- *
769
- * @since 3.8.4
770
- *
771
- * @param array $shortcode_attrs The shortcode attributes
772
- * @return array The processed shortcode attributes
773
- */
774
- function wfu_old_to_new_attributes($shortcode_attrs) {
775
- //old to new attribute definitions
776
- $old_to_new = array(
777
- "dublicatespolicy" => "duplicatespolicy"
778
- );
779
- //implement changes
780
- foreach ( $old_to_new as $old => $new ) {
781
- if ( isset($shortcode_attrs[$old]) ) {
782
- $shortcode_attrs[$new] = $shortcode_attrs[$old];
783
- unset($shortcode_attrs[$old]);
784
- }
785
- }
786
- return $shortcode_attrs;
787
- }
788
-
789
- /**
790
- * Preprocess Attributes Before Handler.
791
- *
792
- * Preprocess attributes before they enter the handler. For instance, ftpinfo
793
- * attribute is not parsed correctly and needs to be adjusted.
794
- *
795
- * @since 4.12.0
796
- *
797
- * @redeclarable
798
- *
799
- * @param array $shortcode_attrs The shortcode attributes
800
- * @return array The processed shortcode attributes
801
- */
802
- function wfu_preprocess_attributes($shortcode_attrs) {
803
- $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
804
- //correct ftpinfo backslashes
805
- if ( isset($shortcode_attrs['ftpinfo']) )
806
- $shortcode_attrs['ftpinfo'] = str_replace(array( '\\:', '\\@' ), array( '\\\\:', '\\\\@' ), $shortcode_attrs['ftpinfo']);
807
- return $shortcode_attrs;
808
- }
809
-
810
- /**
811
- * Execute custom actions before upload for non-AJAX uploads.
812
- *
813
- * This function is executed right after an upload has started for a classic
814
- * (non-AJAX) upload. It ensures that when the page reloads the plugin will
815
- * show the result of the upload (and will not render the upload form from the
816
- * beginning).
817
- *
818
- * @since 3.7.0
819
- *
820
- * @see _wfu_before_upload filter For more information on parameters and
821
- * response array format.
822
- *
823
- * @param array $ret An array with information how this function must respond.
824
- * @param array $attr Information about the upload.
825
- * @return array The processed $ret array
826
- */
827
- function wfu_classic_before_upload_handler($ret, $attr) {
828
- //run only if start_time exists in $_REQUEST parameters
829
- if ( !isset($_REQUEST['start_time']) ) return $ret;
830
- if ( $ret["status"] == "die" ) return $ret;
831
- $start_time = sanitize_text_field( $_REQUEST["start_time"] );
832
- $sid = $attr["sid"];
833
- if ( $sid == "" ) {
834
- $ret["status"] = "die";
835
- return $ret;
836
- }
837
- if ( $ret["status"] != "error" ) {
838
- $ret["status"] = "success";
839
- WFU_USVAR_store('wfu_check_refresh_'.$sid, 'form button pressed');
840
- WFU_USVAR_store('wfu_start_time_'.$sid, $start_time);
841
- }
842
- return $ret;
843
- }
844
-
845
- /**
846
- * Check Consent Status of User.
847
- *
848
- * This function is executed before an upload starts in order to check the
849
- * current user's consent status, when consent is activated in the shortcode.
850
- *
851
- * @since 4.10.1
852
- *
853
- * @see wfu_before_upload filter For more information on parameters and
854
- * response array format.
855
- *
856
- * @param array $changable_data An array with information that can be changed
857
- * by the function
858
- * @param array $attr Information about the upload.
859
- * @return array The processed $changable_data array
860
- */
861
- function wfu_consent_ask_server_handler($changable_data, $attr) {
862
- //run only if consent_check and consent rejection message exist in
863
- //$_REQUEST parameters
864
- if ( !isset($_REQUEST['consent_check']) || !isset($_REQUEST['consent_rejection_message']) ) return $changable_data;
865
- if ( $changable_data["error_message"] != "" ) return $changable_data;
866
- $user = wp_get_current_user();
867
- if ( wfu_check_user_consent($user) != "1" ) {
868
- $changable_data["error_message"] = wp_strip_all_tags($_REQUEST['consent_rejection_message']);
869
- }
870
- return $changable_data;
871
- }
872
-
873
- /**
874
- * Execute After Upload Filters.
875
- *
876
- * This function executes internal and custom after upload filters.
877
- *
878
- * @since 3.7.0
879
- *
880
- * @param int $sid The shortcode ID
881
- * @param string $unique_id The unique identifier the upload.
882
- * @param array $params The shortcode attributes.
883
- * @return array An array holding data after the upload filters
884
- */
885
- function wfu_execute_after_upload_filters($sid, $unique_id, $params) {
886
- //apply internal filters from extensions
887
- $ret = array( "echo" => "" );
888
- $files = array();
889
- $filedata_id = "filedata_".$unique_id;
890
- if ( WFU_USVAR_exists($filedata_id) ) $files = WFU_USVAR($filedata_id);
891
- $attr = array( "sid" => $sid, "unique_id" => $unique_id, "files" => $files );
892
- /**
893
- * Execute Internal Post Upload Actions.
894
- *
895
- * This is an internal filter which allows to execute custom actions after
896
- * an upload has completely finished.
897
- *
898
- * @since 3.7.0
899
- *
900
- * @param array $ret {
901
- * Parameters to return to the plugin.
902
- *
903
- * @type string $echo Custom output to return (not used).
904
- * }
905
- * @param array $attr {
906
- * Various attributes of the upload.
907
- *
908
- * @type string $sid The ID of the shortcode.
909
- * @type string $unique_id The unique ID of the upload.
910
- * @type array $files {
911
- * Contains an array of the uploaded files.
912
- *
913
- * @type array $file {
914
- * Contains information for each uploaded file.
915
- *
916
- * @type string $file_unique_id A unique ID identifying every
917
- * individual file.
918
- * @type string $original_filename The original filename of the
919
- * file before any filters might have changed it.
920
- * @type string $filepath The final path of the file, including
921
- * the filename.
922
- * @type int $filesize The size of the file.
923
- * @type array|null $user_data {
924
- * An array of user data values if userdata are activated.
925
- *
926
- * @type array $item {
927
- * Contains information about each user data field.
928
- *
929
- * @type string $label The label of the user data field.
930
- * @type string $value The value of the user data field.
931
- * }
932
- * }
933
- * @type string $upload_result The result of the upload process.
934
- * It can take the following values:
935
- * success: the upload was successful.
936
- * warning: the upload was successful but it contains
937
- * warning messages.
938
- * error: the upload failed
939
- * @type string $error_message Warning or error messages
940
- * generated during the upload process.
941
- * @type string $admin_messages Detailed error messages for
942
- * administrators generated during the upload process.
943
- * }
944
- * }
945
- * }
946
- * @param array $params The shortcode attributes of the upload form.
947
- */
948
- $ret = apply_filters("_wfu_after_upload", $ret, $attr, $params);
949
- //then apply any custom filters created by admin
950
- $echo_str = "";
951
- $ret = array( "js_script" => "" );
952
- /**
953
- * Execute Post Upload Actions.
954
- *
955
- * This filter allows to execute custom actions after an upload has
956
- * completely finished. Custom Javascript code can be defined that will be
957
- * executed on user's browser after the filter finishes.
958
- *
959
- * @since 3.7.0
960
- *
961
- * @param array $ret {
962
- * Parameters to return to the plugin.
963
- *
964
- * @type string $js_script Custom Javascript code to execute on user's
965
- * browser.
966
- * }
967
- * @param array $attr Various attributes of the upload. See previous hook
968
- * for details.
969
- */
970
- $ret = apply_filters("wfu_after_upload", $ret, $attr);
971
- return $ret;
972
- }
973
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
974
  ?>
1
+ <?php
2
+
3
+ /**
4
+ * Initialize plugin
5
+ *
6
+ * This file initializes the plugin; defines constants, loads plugin's files,
7
+ * defines shortcodes and text domain, registers filters and actions and
8
+ * processes website requests.
9
+ *
10
+ * @link /wfu_loader.php
11
+ *
12
+ * @package WordPress File Upload Plugin
13
+ * @subpackage Core Components
14
+ * @since 4.9.1
15
+ */
16
+
17
+ if ( !defined("WPFILEUPLOAD_PLUGINFILE") ) return;
18
+
19
+ //set global db variables
20
+ //wfu_tb_log_version v2.0 changes:
21
+ // sessionid field added
22
+ //wfu_tb_log_version v3.0 changes:
23
+ // uploadtime field added
24
+ // blogid field added
25
+ //wfu_tb_log_version v4.0 changes:
26
+ // filedata field added
27
+ $wfu_tb_log_version = "4.0";
28
+ $wfu_tb_userdata_version = "1.0";
29
+ $wfu_tb_dbxqueue_version = "1.0";
30
+
31
+ DEFINE("WPFILEUPLOAD_DIR", plugin_dir_url( WPFILEUPLOAD_PLUGINFILE ));
32
+ DEFINE("ABSWPFILEUPLOAD_DIR", plugin_dir_path( WPFILEUPLOAD_PLUGINFILE ));
33
+ DEFINE("WPFILEUPLOAD_COOKIE", "wp_wpfileupload_".COOKIEHASH);
34
+ add_shortcode("wordpress_file_upload", "wordpress_file_upload_handler");
35
+ //activation-deactivation hooks
36
+ register_activation_hook(WPFILEUPLOAD_PLUGINFILE,'wordpress_file_upload_install');
37
+ register_deactivation_hook(WPFILEUPLOAD_PLUGINFILE,'wordpress_file_upload_uninstall');
38
+ add_action('plugins_loaded', 'wordpress_file_upload_initialize');
39
+ add_action('plugins_loaded', 'wordpress_file_upload_update_db_check');
40
+ //widget
41
+ add_action( 'widgets_init', 'register_wfu_widget' );
42
+ //admin hooks
43
+ add_action('admin_init', 'wordpress_file_upload_admin_init');
44
+ add_action('admin_menu', 'wordpress_file_upload_add_admin_pages');
45
+ //load styles and scripts for front pages
46
+ if ( !is_admin() ) {
47
+ add_action( 'wp_enqueue_scripts', 'wfu_enqueue_frontpage_scripts' );
48
+ }
49
+ //add admin bar menu item of new uploaded files
50
+ add_action( 'wp_before_admin_bar_render', 'wfu_admin_toolbar_new_uploads', 999 );
51
+ //general ajax actions
52
+ add_action('wp_ajax_wfu_ajax_action', 'wfu_ajax_action_callback');
53
+ add_action('wp_ajax_nopriv_wfu_ajax_action', 'wfu_ajax_action_callback');
54
+ add_action('wp_ajax_wfu_ajax_action_ask_server', 'wfu_ajax_action_ask_server');
55
+ add_action('wp_ajax_nopriv_wfu_ajax_action_ask_server', 'wfu_ajax_action_ask_server');
56
+ add_action('wp_ajax_wfu_ajax_action_cancel_upload', 'wfu_ajax_action_cancel_upload');
57
+ add_action('wp_ajax_nopriv_wfu_ajax_action_cancel_upload', 'wfu_ajax_action_cancel_upload');
58
+ add_action('wp_ajax_wfu_ajax_action_send_email_notification', 'wfu_ajax_action_send_email_notification');
59
+ add_action('wp_ajax_nopriv_wfu_ajax_action_send_email_notification', 'wfu_ajax_action_send_email_notification');
60
+ add_action('wp_ajax_wfu_ajax_action_notify_wpfilebase', 'wfu_ajax_action_notify_wpfilebase');
61
+ add_action('wp_ajax_nopriv_wfu_ajax_action_notify_wpfilebase', 'wfu_ajax_action_notify_wpfilebase');
62
+ add_action('wp_ajax_wfu_ajax_action_save_shortcode', 'wfu_ajax_action_save_shortcode');
63
+ add_action('wp_ajax_wfu_ajax_action_check_page_contents', 'wfu_ajax_action_check_page_contents');
64
+ add_action('wp_ajax_wfu_ajax_action_read_subfolders', 'wfu_ajax_action_read_subfolders');
65
+ add_action('wp_ajax_wfu_ajax_action_download_file_invoker', 'wfu_ajax_action_download_file_invoker');
66
+ add_action('wp_ajax_nopriv_wfu_ajax_action_download_file_invoker', 'wfu_ajax_action_download_file_invoker');
67
+ add_action('wp_ajax_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor');
68
+ add_action('wp_ajax_nopriv_wfu_ajax_action_download_file_monitor', 'wfu_ajax_action_download_file_monitor');
69
+ add_action('wp_ajax_wfu_ajax_action_edit_shortcode', 'wfu_ajax_action_edit_shortcode');
70
+ add_action('wp_ajax_wfu_ajax_action_gutedit_shortcode', 'wfu_ajax_action_gutedit_shortcode');
71
+ add_action('wp_ajax_wfu_ajax_action_get_historylog_page', 'wfu_ajax_action_get_historylog_page');
72
+ add_action('wp_ajax_wfu_ajax_action_get_uploadedfiles_page', 'wfu_ajax_action_get_uploadedfiles_page');
73
+ add_action('wp_ajax_wfu_ajax_action_get_adminbrowser_page', 'wfu_ajax_action_get_adminbrowser_page');
74
+ add_action('wp_ajax_wfu_ajax_action_include_file', 'wfu_ajax_action_include_file');
75
+ add_action('wp_ajax_wfu_ajax_action_update_envar', 'wfu_ajax_action_update_envar');
76
+ add_action('wp_ajax_wfu_ajax_action_transfer_command', 'wfu_ajax_action_transfer_command');
77
+ add_action('wp_ajax_wfu_ajax_action_pdusers_get_users', 'wfu_ajax_action_pdusers_get_users');
78
+ //personal data related actions
79
+ add_action( 'show_user_profile', 'wfu_show_consent_profile_fields' );
80
+ add_action( 'edit_user_profile', 'wfu_show_consent_profile_fields' );
81
+ add_action( 'personal_options_update', 'wfu_update_consent_profile_fields' );
82
+ add_action( 'edit_user_profile_update', 'wfu_update_consent_profile_fields' );
83
+ //Media editor custom properties
84
+ if ( is_admin() ) add_action( 'attachment_submitbox_misc_actions', 'wfu_media_editor_properties', 11 );
85
+ //register admin filter to check consent status before upload
86
+ add_filter("wfu_before_upload", "wfu_consent_ask_server_handler", 10, 2);
87
+ //register internal filter that is executed before upload for classic uploader
88
+ add_filter("_wfu_before_upload", "wfu_classic_before_upload_handler", 10, 2);
89
+ wfu_include_lib();
90
+
91
+ /**
92
+ * Initialize plugin.
93
+ *
94
+ * Runs after plugins are loaded in order to correctly load the plugin's text
95
+ * domain and then load all translatable strings. Then it loads the User State
96
+ * Handler (session or db). Then it executes all active plugin hooks.
97
+ *
98
+ * @since 4.7.0
99
+ *
100
+ * @redeclarable
101
+ */
102
+ function wordpress_file_upload_initialize() {
103
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
104
+ load_plugin_textdomain('wp-file-upload', false, dirname(plugin_basename (WPFILEUPLOAD_PLUGINFILE)).'/languages');
105
+ wfu_initialize_i18n_strings();
106
+ //store the User State handler in a global variable for easy access by the
107
+ //plugin's routines
108
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
109
+ $GLOBALS["wfu_user_state_handler"] = $plugin_options['userstatehandler'];
110
+ wfu_initialize_user_state();
111
+
112
+ }
113
+
114
+ /**
115
+ * Register Upload Form Widget.
116
+ *
117
+ * Runs on widget initialization to register the upload form widget of the
118
+ * plugin.
119
+ *
120
+ * @since 3.4.0
121
+ */
122
+ function register_wfu_widget() {
123
+ /**
124
+ * Allow Custom Scripts to Register WFU Widget.
125
+ *
126
+ * This filter allows custom scripts to register the WFU widget in their own
127
+ * was.
128
+ *
129
+ * @since 4.12.2
130
+ *
131
+ * @param bool $processed True if the filter has completed registration or
132
+ * false otherwise.
133
+ */
134
+ $processed = apply_filters("_register_wfu_widget", false);
135
+ if ( !$processed ) register_widget( 'WFU_Widget' );
136
+ }
137
+
138
+ /**
139
+ * Enqueue frontpage styles and scripts.
140
+ *
141
+ * It enqueues all necessary frontpage styles and scripts of the plugin.
142
+ *
143
+ * @since 2.4.6
144
+ *
145
+ * @redeclarable
146
+ */
147
+ function wfu_enqueue_frontpage_scripts() {
148
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
149
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
150
+ $relaxcss = false;
151
+ if ( isset($plugin_options['relaxcss']) ) $relaxcss = ( $plugin_options['relaxcss'] == '1' );
152
+ //apply wfu_before_frontpage_scripts to get additional settings
153
+ $changable_data = array();
154
+ /**
155
+ * Execute Custom Actions Before Loading Frontpage Scripts.
156
+ *
157
+ * This filter allows to execute custom actions before frontpage scripts are
158
+ * loaded. Loading of plugin's scripts can be completely customised.
159
+ *
160
+ * @since 3.5.0
161
+ *
162
+ * @param array $changable_data {
163
+ * Controls loading of frontpage scripts.
164
+ *
165
+ * @type mixed $return_value Optional. If it is set then no frontpage
166
+ * scripts will be loaded.
167
+ * @type string $correct_NextGenGallery_incompatibility Optional. If it
168
+ * is set to "true" then JQuery UI styles will not be loaded in
169
+ * order to avoid incompatibility with NextGEN Gallery plugin.
170
+ * @type string $correct_JQueryUI_incompatibility Optional. If it is set
171
+ * to "true" then JQuery UI styles will not be loaded (same as
172
+ * previous parameter).
173
+ * @type string $exclude_timepicker Optional. If it is set to "true"
174
+ * then jQuery timepicker styles and scripts will not be loaded.
175
+ * }
176
+ */
177
+ $ret_data = apply_filters('wfu_before_frontpage_scripts', $changable_data);
178
+ //if $ret_data contains 'return_value' key then no scripts will be enqueued
179
+ if ( isset($ret_data['return_value']) ) return $ret_data['return_value'];
180
+
181
+ if ( $relaxcss ) {
182
+ wp_enqueue_style('wordpress-file-upload-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_relaxed.css');
183
+ wp_enqueue_style('wordpress-file-upload-style-safe', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_safe_relaxed.css');
184
+ }
185
+ else {
186
+ wp_enqueue_style('wordpress-file-upload-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style.css');
187
+ wp_enqueue_style('wordpress-file-upload-style-safe', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_style_safe.css');
188
+ }
189
+ wp_enqueue_style('wordpress-file-upload-adminbar-style', WPFILEUPLOAD_DIR.'css/wordpress_file_upload_adminbarstyle.css');
190
+ //do not load JQuery UI css if $ret_data denotes incompatibility issues
191
+ if ( ( !isset($ret_data["correct_NextGenGallery_incompatibility"]) || $ret_data["correct_NextGenGallery_incompatibility"] != "true" ) &&
192
+ ( !isset($ret_data["correct_JQueryUI_incompatibility"]) || $ret_data["correct_JQueryUI_incompatibility"] != "true" ) )
193
+ wp_enqueue_style('jquery-ui-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui.min.css');
194
+ //do not load timepicker css if $ret_data exclude_timepicker flag is true
195
+ if ( !isset($ret_data["exclude_timepicker"]) || $ret_data["exclude_timepicker"] != "true" )
196
+ wp_enqueue_style('jquery-ui-timepicker-addon-css', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui-timepicker-addon.min.css');
197
+ wp_enqueue_script('json2');
198
+ wp_enqueue_script('wordpress_file_upload_script', WPFILEUPLOAD_DIR.'js/wordpress_file_upload_functions.js');
199
+ //do not load timepicker js if $ret_data exclude_timepicker flag is true
200
+ if ( !isset($ret_data["exclude_timepicker"]) || $ret_data["exclude_timepicker"] != "true" ) {
201
+ wp_enqueue_script('jquery-ui-slider');
202
+ wp_enqueue_script('jquery-ui-timepicker-addon-js', WPFILEUPLOAD_DIR.'vendor/jquery/jquery-ui-timepicker-addon.min.js', array("jquery-ui-datepicker"));
203
+ }
204
+ }
205
+
206
+ /**
207
+ * Load plugin libraries.
208
+ *
209
+ * It loads all plugin libraries located in /lib folder of the plugin.
210
+ *
211
+ * @since 2.1.2
212
+ */
213
+ function wfu_include_lib() {
214
+ $dir = plugin_dir_path( WPFILEUPLOAD_PLUGINFILE )."lib/";
215
+ if ( $handle = opendir($dir) ) {
216
+ $blacklist = array('.', '..');
217
+ while ( false !== ($file = readdir($handle)) )
218
+ if ( !in_array($file, $blacklist) && substr($file, 0, 1) != "_" )
219
+ include_once $dir.$file;
220
+ closedir($handle);
221
+ }
222
+ if ( $handle = opendir(plugin_dir_path( WPFILEUPLOAD_PLUGINFILE )) ) {
223
+ closedir($handle);
224
+ }
225
+ }
226
+
227
+
228
+ /* exit if we are in admin pages (in case of ajax call) */
229
+ if ( is_admin() ) return;
230
+
231
+ /**
232
+ * Render uploader form shortcode.
233
+ *
234
+ * It receives the attributes of an uploader form shortcode and returns the HTML
235
+ * code of the generated upload form.
236
+ *
237
+ * @since 2.1.2
238
+ *
239
+ * @param array $incomingfrompost An associative array of shortcode attributes
240
+ * (array keys) and their values (array values).
241
+ * @return string The HTML code of the generated upload form
242
+ */
243
+ function wordpress_file_upload_handler($incomingfrompost) {
244
+ //replace old attribute definitions with new ones
245
+ $incomingfrompost = wfu_old_to_new_attributes($incomingfrompost);
246
+ //preprocess attributes
247
+ $incomingfrompost = wfu_preprocess_attributes($incomingfrompost);
248
+ //process incoming attributes assigning defaults if required
249
+ $defs_indexed = wfu_shortcode_attribute_definitions_adjusted($incomingfrompost);
250
+ $incomingfrompost = shortcode_atts($defs_indexed, $incomingfrompost);
251
+ //run function that actually does the work of the plugin
252
+ $wordpress_file_upload_output = wordpress_file_upload_function($incomingfrompost);
253
+ //send back text to replace shortcode in post
254
+ return $wordpress_file_upload_output;
255
+ }
256
+
257
+ /**
258
+ * Render front-end file viewer shortcode.
259
+ *
260
+ * It receives the attributes of a front-end file viewer shortcode and returns
261
+ * the HTML code of the generated file viewer.
262
+ *
263
+ * @since 3.1.0
264
+ *
265
+ * @param array $incomingfrompost An associative array of shortcode attributes
266
+ * (array keys) and their values (array values).
267
+ * @return string The HTML code of the generated file viewer
268
+ */
269
+ function wordpress_file_upload_browser_handler($incomingfrompost) {
270
+ //process incoming attributes assigning defaults if required
271
+ $defs = wfu_browser_attribute_definitions();
272
+ $defs_indexed = array();
273
+ foreach ( $defs as $def ) $defs_indexed[$def["attribute"]] = $def["value"];
274
+ $incomingfrompost = shortcode_atts($defs_indexed, $incomingfrompost);
275
+ //run function that actually does the work of the plugin
276
+ $wordpress_file_upload_browser_output = wordpress_file_upload_browser_function($incomingfrompost);
277
+ //send back text to replace shortcode in post
278
+ return $wordpress_file_upload_browser_output;
279
+ }
280
+
281
+ /**
282
+ * Generate the HTML code of uploader form.
283
+ *
284
+ * It receives the processed attributes of an uploader form shortcode and
285
+ * returns the HTML code of the generated upload form.
286
+ *
287
+ * @since 2.1.2
288
+ *
289
+ * @redeclarable
290
+ *
291
+ * @global object $post The current post
292
+ * @global int $blog_id The ID of the current blog
293
+ *
294
+ * @param array $incomingfromhandler An associative array of shortcode
295
+ * attributes (array keys) and their values (array values).
296
+ *
297
+ * @return string The HTML code of the generated upload form
298
+ */
299
+ function wordpress_file_upload_function($incomingfromhandler) {
300
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
301
+ global $post;
302
+ global $blog_id;
303
+
304
+ $plugin_options = wfu_decode_plugin_options(get_option( "wordpress_file_upload_options" ));
305
+ $shortcode_tag = 'wordpress_file_upload';
306
+ $params = wfu_plugin_parse_array($incomingfromhandler);
307
+ //sanitize params
308
+ $params = wfu_sanitize_shortcode_array($params, $shortcode_tag);
309
+
310
+ $is_admin = current_user_can( 'manage_options' );
311
+ //check if a non-admin user can edit the shortcode
312
+ $can_open_composer = ( WFU_VAR("WFU_SHORTCODECOMPOSER_NOADMIN") == "true" &&
313
+ $params["widgetid"] == "" &&
314
+ $post != null &&
315
+ isset($post->post_type) &&
316
+ ( $post->post_type == 'post' || $post->post_type == 'page' ) &&
317
+ current_user_can( 'edit_'.$post->post_type, $post->ID ) );
318
+ //take into account if the user is admin
319
+ $can_open_composer = ( $is_admin || $can_open_composer );
320
+ /**
321
+ * Filter To Customise Shortcode Composer Permission.
322
+ *
323
+ * This filter is used to customise the permissions of the user to open the
324
+ * shortcode composer.
325
+ *
326
+ * @since 4.12.2
327
+ *
328
+ * @param bool $can_open_composer Whether the composer can be opened or not.
329
+ * @param array $params An associative array with shortcode attributes.
330
+ */
331
+ $can_open_composer = apply_filters("_wfu_can_open_composer", $can_open_composer, $params);
332
+
333
+ $sid = $params["uploadid"];
334
+ // store current page and blog id in params array
335
+ $params["pageid"] = $post->ID;
336
+ $params["blogid"] = $blog_id;
337
+
338
+ $token_sid = 'wfu_token_'.$sid;
339
+ if ( !WFU_USVAR_exists($token_sid) || WFU_USVAR($token_sid) == "" )
340
+ WFU_USVAR_store($token_sid, uniqid(mt_rand(), TRUE));
341
+ //store the server environment (32 or 64bit) for use when checking file size limits
342
+ $params["php_env"] = wfu_get_server_environment();
343
+
344
+ $user = wp_get_current_user();
345
+ $widths = wfu_decode_dimensions($params["widths"]);
346
+ $heights = wfu_decode_dimensions($params["heights"]);
347
+ //additional parameters to pass to visualization routines
348
+ $additional_params = array( );
349
+ $additional_params['widths'] = $widths;
350
+ $additional_params['heights'] = $heights;
351
+ $additional_params["require_consent"] = ( $plugin_options["personaldata"] == "1" && ( $params["notrememberconsent"] == "true" || wfu_check_user_consent($user) == "" ) && $params["askconsent"] == "true" );
352
+
353
+ $uploadedfile = 'uploadedfile_'.$sid;
354
+ $hiddeninput = 'hiddeninput_'.$sid;
355
+ $adminerrorcodes = 'adminerrorcodes_'.$sid;
356
+
357
+ //set necessary parameters to be passed to client initialization function
358
+ $init_params = array();
359
+ $init_params["shortcode_id"] = $sid;
360
+ $init_params["shortcode_tag"] = $shortcode_tag;
361
+ $init_params["container_id"] = $shortcode_tag.'_block_'.$sid;
362
+ $init_params["session"] = WFU_USVAR($token_sid);
363
+ $init_params["testmode"] = ( $params["testmode"] == "true" );
364
+ $init_params["widgetid"] = $params["widgetid"];
365
+ $init_params["require_consent"] = $additional_params["require_consent"];
366
+ //if the following criteria is met, then maybe the server needs to be asked
367
+ //if upload needs to be rejected or not due to consent denial
368
+ $init_params["consent_maybe_ask_server"] = ( $plugin_options["personaldata"] == "1" && $params["askconsent"] == "true" && $params["consentrejectupload"] == "true" );
369
+ $init_params["consent_rejection_message"] = $params["consentrejectmessage"];
370
+ //add allow no file flag
371
+ $init_params["allownofile"] = ( $params["allownofile"] == "true" );
372
+ $init_params["not_store_files"] = ( $params["personaldatatypes"] == "userdata and files" );
373
+ //add params related to visual editor button
374
+ if ( $can_open_composer ) {
375
+ $init_params["post_id"] = $post->ID;
376
+ /**
377
+ * Let Custom Scripts Modify the Post Content.
378
+ *
379
+ * This filter allows to customize the way post content is read. It allows
380
+ * to make the plugin compatible with page builders, like Elementor, that do
381
+ * not handle posts / pages the way Wordpress does.
382
+ *
383
+ * @since 4.12.2
384
+ *
385
+ * @param string $content The post content.
386
+ * @param object $post The post to check for shortcodes.
387
+ */
388
+ $content = apply_filters("_wfu_get_post_content", $post->post_content, $post);
389
+ $init_params["post_hash"] = hash('md5', $content);
390
+ }
391
+
392
+ //check if user is allowed to view plugin, otherwise do not generate it
393
+ $uploadroles = explode(",", $params["uploadrole"]);
394
+ foreach ( $uploadroles as &$uploadrole ) {
395
+ $uploadrole = trim($uploadrole);
396
+ }
397
+ $plugin_upload_user_role = wfu_get_user_role($user, $uploadroles);
398
+ /**
399
+ * Filter When the Upload Form Must Not be Shown.
400
+ *
401
+ * This filter is executed when the upload form must be shown on the page.
402
+ * It allows to return custom HTML output instead of empty content.
403
+ *
404
+ * @since 4.1.0
405
+ *
406
+ * @param string $ret The HTML output to return to the page. Default "".
407
+ */
408
+ if ( $plugin_upload_user_role == 'nomatch' ) return apply_filters("_wfu_file_upload_hide_output", "");
409
+
410
+ //activate debug mode only for admins
411
+ if ( $plugin_upload_user_role != 'administrator' ) $params["debugmode"] = "false";
412
+
413
+ $params["adminmessages"] = ( $params["adminmessages"] == "true" && $plugin_upload_user_role == 'administrator' );
414
+ // define variable to hold any additional admin errors coming before processing of files (e.g. due to redirection)
415
+ $params["adminerrors"] = "";
416
+
417
+ /* Define dynamic upload path from variables */
418
+ $search = array ('/%userid%/', '/%username%/', '/%blogid%/', '/%pageid%/', '/%pagetitle%/');
419
+ if ( is_user_logged_in() ) $username = $user->user_login;
420
+ else $username = "guests";
421
+ $replace = array ($user->ID, $username, $blog_id, $post->ID, get_the_title($post->ID));
422
+ $params["uploadpath"] = preg_replace($search, $replace, $params["uploadpath"]);
423
+
424
+ /* Determine if userdata fields have been defined */
425
+ $userdata_fields = array();
426
+ $userdata_occurrencies = substr_count($params["placements"], "userdata");
427
+ if ( $userdata_occurrencies == 0 ) $userdata_occurrencies = 1;
428
+ if ( $params["userdata"] == "true" ) {
429
+ for ( $i = 1; $i <= $userdata_occurrencies; $i++ ) {
430
+ $userdata_fields2 = wfu_parse_userdata_attribute($params["userdatalabel".( $i > 1 ? $i : "" )]);
431
+ foreach ( $userdata_fields2 as $key => $item ) $userdata_fields2[$key]["occurrence"] = $i;
432
+ $userdata_fields = array_merge($userdata_fields, $userdata_fields2);
433
+ }
434
+ }
435
+ $params["userdata_fields"] = $userdata_fields;
436
+
437
+ /* If medialink or postlink is activated, then subfolders are deactivated */
438
+ if ( $params["medialink"] == "true" || $params["postlink"] == "true" ) $params["askforsubfolders"] = "false";
439
+
440
+ /* Generate the array of subfolder paths */
441
+ $params['subfoldersarray'] = wfu_get_subfolders_paths($params);
442
+
443
+
444
+ /* in case that webcam is activated, then some elements related to file
445
+ selection need to be removed */
446
+ if ( strpos($params["placements"], "webcam") !== false && $params["webcam"] == "true" ) {
447
+ $params["placements"] = wfu_placements_remove_item($params["placements"], "filename");
448
+ $params["placements"] = wfu_placements_remove_item($params["placements"], "selectbutton");
449
+ $params["singlebutton"] = "false";
450
+ $params["uploadbutton"] = $params["uploadmediabutton"];
451
+ }
452
+
453
+ //____________________________________________________________________________________________________________________________________________________________________________________
454
+
455
+ if ( $params['forceclassic'] != "true" ) {
456
+ //**************section to put additional options inside params array**************
457
+ $params['subdir_selection_index'] = "-1";
458
+ //**************end of section of additional options inside params array**************
459
+
460
+
461
+ // below this line no other changes to params array are allowed
462
+
463
+
464
+ //**************section to save params as Wordpress options**************
465
+ // every params array is indexed (uniquely identified) by three fields:
466
+ // - the page that contains the shortcode
467
+ // - the id of the shortcode instance (because there may be more than one instances of the shortcode inside a page)
468
+ // - the user that views the plugin (because some items of the params array are affected by the user name)
469
+ // the wordpress option "wfu_params_index" holds an array of combinations of these three fields, together with a randomly generated string that corresponds to these fields.
470
+ // the wordpress option "wfu_params_xxx", where xxx is the randomly generated string, holds the params array (encoded to string) that corresponds to this string.
471
+ // the structure of the "wfu_params_index" option is as follows: "a1||b1||c1||d1&&a2||b2||c2||d2&&...", where
472
+ // - a is the randomly generated string (16 characters)
473
+ // - b is the page id
474
+ // - c is the shortcode id
475
+ // - d is the user name
476
+ $params_index = wfu_generate_current_params_index($sid, $user->user_login);
477
+ $params_str = wfu_encode_array_to_string($params);
478
+ update_option('wfu_params_'.$params_index, $params_str);
479
+ $init_params["params_index"] = $params_index;
480
+ $init_params["debugmode"] = ( $params["debugmode"] == "true" );
481
+ $init_params["is_admin"] = ( $plugin_upload_user_role == "administrator" );
482
+ $init_params["has_filters"] = has_filter("wfu_before_upload");
483
+ $init_params["error_header"] = $params["errormessage"];
484
+ $init_params["fail_colors"] = $params["failmessagecolors"];
485
+ $init_params["success_header"] = $params["successmessage"];
486
+ $init_params["success_colors"] = $params["successmessagecolors"];
487
+ }
488
+
489
+
490
+ /* set the template that will be used, default is empty (the original) */
491
+ $params["uploadertemplate"] = "";
492
+ // $params["uploadertemplate"] = "Custom1";
493
+ /**
494
+ * Filter To Define Custom Uploader Template.
495
+ *
496
+ * This filter is used to define a custom uploader template that will be
497
+ * used to generate the upload form.
498
+ *
499
+ * @since 4.0.0
500
+ *
501
+ * @param string $ret The uploader template to use. Default "".
502
+ * @param array $params An associative array with the shortcode attributes.
503
+ */
504
+ $params["uploadertemplate"] = apply_filters("_wfu_uploader_template", $params["uploadertemplate"], $params);
505
+ $uploadertemplate = wfu_get_uploader_template($params["uploadertemplate"]);
506
+ /* Compose the html code for the plugin */
507
+ $wordpress_file_upload_output = "";
508
+ $wordpress_file_upload_output .= wfu_init_run_js_script();
509
+ $plugin_style = "";
510
+ if ( $widths["plugin"] != "" ) $plugin_style .= 'width: '.$widths["plugin"].'; ';
511
+ if ( $heights["plugin"] != "" ) $plugin_style .= 'height: '.$heights["plugin"].'; ';
512
+ if ( $plugin_style != "" ) $plugin_style = ' style="'.$plugin_style.'"';
513
+ $wordpress_file_upload_output .= "\n".'<div id="'.$init_params["container_id"].'" class="file_div_clean'.( $params["fitmode"] == "responsive" ? '_responsive_container' : '' ).' wfu_container"'.$plugin_style.'>';
514
+ $wordpress_file_upload_output .= "\n".'<!-- Using template '.call_user_func(array($uploadertemplate, 'get_name')).' -->';
515
+ //read indexed component definitions
516
+ $component_output = "";
517
+ $css = "";
518
+ $js = "";
519
+ /* Add generic uploadform code to output from template */
520
+ $wordpress_file_upload_output .= wfu_template_to_HTML("base", $params, array(), 0);
521
+ /* Continue with uploadform elements */
522
+ $components = wfu_component_definitions();
523
+ $components_indexed = array();
524
+ foreach ( $components as $component ) {
525
+ $components_indexed[$component['id']] = $component;
526
+ $components_indexed[$component['id']]['occurrencies'] = 0;
527
+ }
528
+ $itemplaces = explode("/", $params["placements"]);
529
+ foreach ( $itemplaces as $section ) {
530
+ $items_in_section = explode("+", trim($section));
531
+ $section_array = array( $params );
532
+ foreach ( $items_in_section as $item_in_section ) {
533
+ $item_in_section = strtolower(trim($item_in_section));
534
+ if ( isset($components_indexed[$item_in_section]) && ( $components_indexed[$item_in_section]['multiplacements'] || $components_indexed[$item_in_section]['occurrencies'] == 0 ) ) {
535
+ $components_indexed[$item_in_section]['occurrencies'] ++;
536
+ $occurrence_index = ( $components_indexed[$item_in_section]['multiplacements'] ? $components_indexed[$item_in_section]['occurrencies'] : 0 );
537
+ if ( $item_in_section == "title" ) array_push($section_array, wfu_prepare_title_block($params, $additional_params, $occurrence_index));
538
+ elseif ( $item_in_section == "filename" ) array_push($section_array, wfu_prepare_textbox_block($params, $additional_params, $occurrence_index));
539
+ elseif ( $item_in_section == "selectbutton" ) array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, $occurrence_index));
540
+ elseif ( $item_in_section == "uploadbutton" && $params["singlebutton"] != "true" ) array_push($section_array, wfu_prepare_submit_block($params, $additional_params, $occurrence_index));
541
+ elseif ( $item_in_section == "subfolders" ) array_push($section_array, wfu_prepare_subfolders_block($params, $additional_params, $occurrence_index));
542
+ elseif ( $item_in_section == "progressbar" ) array_push($section_array, wfu_prepare_progressbar_block($params, $additional_params, $occurrence_index));
543
+ elseif ( $item_in_section == "message" ) array_push($section_array, wfu_prepare_message_block($params, $additional_params, $occurrence_index));
544
+ elseif ( $item_in_section == "userdata" && $params["userdata"] == "true" ) array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, $occurrence_index));
545
+ elseif ( $item_in_section == "consent" && $additional_params["require_consent"] ) array_push($section_array, wfu_prepare_consent_block($params, $additional_params, $occurrence_index));
546
+ elseif ( $item_in_section == "webcam" && $params["webcam"] == "true" ) array_push($section_array, wfu_prepare_webcam_block($params, $additional_params, $occurrence_index));
547
+ }
548
+ }
549
+ wfu_extract_css_js_from_components($section_array, $css, $js);
550
+ $component_output .= call_user_func_array("wfu_add_div", $section_array);
551
+ }
552
+ /* Append mandatory blocks, if have not been included in placements attribute */
553
+ if ( $params["userdata"] == "true" && strpos($params["placements"], "userdata") === false ) {
554
+ $section_array = array( $params );
555
+ array_push($section_array, wfu_prepare_userdata_block($params, $additional_params, 0));
556
+ wfu_extract_css_js_from_components($section_array, $css, $js);
557
+ $component_output .= call_user_func_array("wfu_add_div", $section_array);
558
+ }
559
+ if ( $additional_params["require_consent"] && strpos($params["placements"], "consent") === false ) {
560
+ $section_array = array( $params );
561
+ array_push($section_array, wfu_prepare_consent_block($params, $additional_params, 0));
562
+ wfu_extract_css_js_from_components($section_array, $css, $js);
563
+ $component_output .= call_user_func_array("wfu_add_div", $section_array);
564
+ }
565
+ if ( strpos($params["placements"], "selectbutton") === false ) {
566
+ $section_array = array( $params );
567
+ array_push($section_array, wfu_prepare_uploadform_block($params, $additional_params, 0));
568
+ wfu_extract_css_js_from_components($section_array, $css, $js);
569
+ $component_output .= call_user_func_array("wfu_add_div", $section_array);
570
+ }
571
+ if ( strpos($params["placements"], "uploadbutton") === false ) $params["singlebutton"] = "true";
572
+
573
+ //set some more parameters for the initialization script
574
+ $init_params["is_formupload"] = ( $params['forceclassic'] == "true" );
575
+ $init_params["singlebutton"] = ( $params["singlebutton"] == "true" );
576
+ $init_params["resetmode"] = $params["resetmode"];
577
+
578
+ //output css styling rules
579
+ if ( $css != "" ) {
580
+ //relax css rules if this option is enabled
581
+ if ( $plugin_options['relaxcss'] == '1' ) $css = preg_replace('#.*?/\*relax\*/\s*#', '', $css);
582
+ $wordpress_file_upload_output .= wfu_css_to_HTML($css);
583
+ }
584
+ //output javascript code
585
+ if ( $js != "" ) {
586
+ //add initialization of the object of the upload form
587
+ $wfu_js = 'var WFU_JS_'.$sid.' = function() {';
588
+ $wfu_js .= "\n".'GlobalData.WFU['.$sid.'] = '.wfu_PHP_array_to_JS_object($init_params).'; GlobalData.WFU.n.push('.$sid.');';
589
+ $wfu_js .= "\n".$js;
590
+ $wfu_js .= "\n".'}';
591
+ $wfu_js .= "\n".'wfu_run_js("window", "WFU_JS_'.$sid.'");';
592
+ $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
593
+ }
594
+ //add visual editor overlay if the current user is administrator
595
+ if ( $can_open_composer ) {
596
+ $wordpress_file_upload_output .= wfu_add_visual_editor_button($shortcode_tag, $params);
597
+ }
598
+ //add components' html output
599
+ $wordpress_file_upload_output .= $component_output;
600
+
601
+ /* Pass constants to javascript and run plugin post-load actions */
602
+ $consts = wfu_set_javascript_constants();
603
+ $handler = 'function() { wfu_Initialize_Consts("'.$consts.'"); wfu_Load_Code_Connectors('.$sid.'); wfu_plugin_load_action('.$sid.'); }';
604
+ $wfu_js = 'if (typeof wfu_addLoadHandler == "undefined") function wfu_addLoadHandler(handler) { if(window.addEventListener) { window.addEventListener("load", handler, false); } else if(window.attachEvent) { window.attachEvent("onload", handler); } else { window["onload"] = handler; } }';
605
+ $wfu_js .= "\n".'wfu_addLoadHandler('.$handler.');';
606
+ $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
607
+ $wordpress_file_upload_output .= '</div>';
608
+ // $wordpress_file_upload_output .= '<div>';
609
+ // $wordpress_file_upload_output .= wfu_test_admin();
610
+ // $wordpress_file_upload_output .= '</div>';
611
+
612
+ // The plugin uses sessions in order to detect if the page was loaded due to file upload or
613
+ // because the user pressed the Refresh button (or F5) of the page.
614
+ // In the second case we do not want to perform any file upload, so we abort the rest of the script.
615
+ $check_refresh_sid = 'wfu_check_refresh_'.$sid;
616
+ if ( !WFU_USVAR_exists($check_refresh_sid) || WFU_USVAR($check_refresh_sid) != "form button pressed" ) {
617
+ WFU_USVAR_store($check_refresh_sid, 'do not process');
618
+ $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
619
+ /**
620
+ * Filter To Customise Uploader Output.
621
+ *
622
+ * This filter is used to customise the HTML code generated by the
623
+ * plugin for showing the upload form.
624
+ *
625
+ * @since 3.9.6
626
+ *
627
+ * @param string $wordpress_file_upload_output The HTML output.
628
+ * @param array $params An associative array with shortcode attributes.
629
+ */
630
+ $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
631
+ return $wordpress_file_upload_output."\n";
632
+ }
633
+ WFU_USVAR_store($check_refresh_sid, 'do not process');
634
+ $params["upload_start_time"] = WFU_USVAR('wfu_start_time_'.$sid);
635
+
636
+ // The plugin uses two ways to upload the file:
637
+ // - The first one uses classic functionality of an HTML form (highest compatibility with browsers but few capabilities).
638
+ // - The second uses ajax (HTML5) functionality (medium compatibility with browsers but many capabilities, like no page refresh and progress bar).
639
+ // The plugin loads using ajax functionality by default, however if it detects that ajax functionality is not supported, it will automatically switch to classic functionality.
640
+ // The next line checks to see if the form was submitted using ajax or classic functionality.
641
+ // If the uploaded file variable stored in $_FILES ends with "_redirected", then it means that ajax functionality is not supported and the plugin must switch to classic functionality.
642
+ if ( isset($_FILES[$uploadedfile.'_redirected']) ) $params['forceclassic'] = "true";
643
+
644
+ if ( $params['forceclassic'] != "true" ) {
645
+ $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
646
+ /** This filter is documented above */
647
+ $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
648
+ return $wordpress_file_upload_output."\n";
649
+ }
650
+
651
+ // The following code is executed in case of non-ajax uploads to process the files.
652
+ // Consecutive checks are performed in order to verify and approve the upload of files
653
+ $_REQUEST = stripslashes_deep($_REQUEST);
654
+ $_POST = stripslashes_deep($_POST);
655
+ $wfu_checkpass = true;
656
+
657
+ // First we test that WP nonce passes the check
658
+ $wfu_checkpass = ( $wfu_checkpass && isset($_REQUEST["wfu_uploader_nonce"]) && wp_verify_nonce( $_REQUEST["wfu_uploader_nonce"], "wfu-uploader-nonce" ) !== false );
659
+
660
+ $unique_id = ( isset($_POST['uniqueuploadid_'.$sid]) ? sanitize_text_field($_POST['uniqueuploadid_'.$sid]) : "" );
661
+ // Check that upload_id is valid
662
+ $wfu_checkpass = ( $wfu_checkpass && strlen($unique_id) == 10 );
663
+
664
+ //check if honeypot userdata fields have been added to the form and if they
665
+ //contain any data; if wfu_check_remove_honeypot_fields returns true this
666
+ //means that at least one honeypot field has beed filled with a value and
667
+ //the upload must be aborted because it was not done by a human; files will
668
+ //not be saved but a success result will be shown, pretending that they have
669
+ //been saved
670
+ $abort_with_success = ( $params["userdata"] == "true" && wfu_check_remove_honeypot_fields($params["userdata_fields"], 'hiddeninput_'.$sid.'_userdata_') );
671
+
672
+
673
+ if ( $wfu_checkpass ) {
674
+ //process any error messages due to redirection to non-ajax upload
675
+ if ( isset( $_POST[$adminerrorcodes] ) ) {
676
+ $code = $_POST[$adminerrorcodes];
677
+ if ( $code == "" ) $params['adminerrors'] = "";
678
+ elseif ( $code == "1" || $code == "2" || $code == "3" ) $params['adminerrors'] = constant('WFU_ERROR_REDIRECTION_ERRORCODE'.$code);
679
+ else $params['adminerrors'] = WFU_ERROR_REDIRECTION_ERRORCODE0;
680
+ }
681
+
682
+ $params['subdir_selection_index'] = -1;
683
+ if ( isset( $_POST[$hiddeninput] ) ) $params['subdir_selection_index'] = sanitize_text_field($_POST[$hiddeninput]);
684
+
685
+ //in case that that the upload has been cancelled then proceed
686
+ //accordingly to notify the user
687
+ $uploadstatus_id = "wfu_uploadstatus_".$unique_id;
688
+ if ( WFU_USVAR_exists($uploadstatus_id) && WFU_USVAR($uploadstatus_id) == 0 ) {
689
+ $safe_output = "17;".WFU_VAR("WFU_DEFAULTMESSAGECOLORS").";0";
690
+ $wfu_process_file_array_str = " ";
691
+ $js_script_enc = "";
692
+ }
693
+ //in case that the upload was performed by a bot, then files are not
694
+ //processed and not saved, however state 18 is returned pretending that
695
+ //the upload was successful
696
+ elseif ( $abort_with_success ) {
697
+ $safe_output = "18;".WFU_VAR("WFU_DEFAULTMESSAGECOLORS").";0";
698
+ $wfu_process_file_array_str = " ";
699
+ $js_script_enc = "";
700
+ }
701
+ else {
702
+ //update consent status of user
703
+ $params["consent_result"] = wfu_check_user_consent($user);
704
+ if ( $additional_params["require_consent"] ) {
705
+ if ( !isset($_POST['consentresult_'.$sid]) ) die();
706
+ $consent_result = ( $_POST['consentresult_'.$sid] == "yes" ? "yes" : ( $_POST['consentresult_'.$sid] == "no" ? "no" : "" ) );
707
+ $params["consent_result"] = ( $_POST['consentresult_'.$sid] == "yes" ? "1" : ( $_POST['consentresult_'.$sid] == "no" ? "0" : "" ) );
708
+ wfu_update_user_consent($user, $consent_result);
709
+ }
710
+ $wfu_process_file_array = wfu_process_files($params, 'no_ajax');
711
+ $safe_output = $wfu_process_file_array["general"]['safe_output'];
712
+ unset($wfu_process_file_array["general"]['safe_output']);
713
+ //javascript code generated from individual wfu_after_upload_filters is not executed in non-ajax uploads
714
+ unset($wfu_process_file_array["general"]['js_script']);
715
+ $js_script_enc = "";
716
+ //execute after upload filters
717
+ $ret = wfu_execute_after_upload_filters($sid, $unique_id, $params);
718
+ if ( $ret["js_script"] != "" ) $js_script_enc = wfu_plugin_encode_string($ret["js_script"]);
719
+ $wfu_process_file_array_str = wfu_encode_array_to_string($wfu_process_file_array);
720
+ }
721
+
722
+ $ProcessUploadComplete_functiondef = 'function(){wfu_ProcessUploadComplete('.$sid.', 1, "'.$wfu_process_file_array_str.'", "no-ajax", "'.$safe_output.'", [false, null, false], "fileupload", "'.$js_script_enc.'");}';
723
+ $wfu_js = 'wfu_addLoadHandler('.$ProcessUploadComplete_functiondef.');';
724
+ $wordpress_file_upload_output .= "\n".wfu_js_to_HTML($wfu_js);
725
+ }
726
+
727
+ $wordpress_file_upload_output .= wfu_post_plugin_actions($params);
728
+ /** This filter is documented above */
729
+ $wordpress_file_upload_output = apply_filters("_wfu_file_upload_output", $wordpress_file_upload_output, $params);
730
+ return $wordpress_file_upload_output."\n";
731
+ }
732
+
733
+ /**
734
+ * Generate HTML code of Shortcode Visual Editor button.
735
+ *
736
+ * It generates the HTML code of the button that invokes the visual editor of
737
+ * the shortcode (shortcode composer).
738
+ *
739
+ * @since 3.1.0
740
+ *
741
+ * @param string $shortcode_tag The tag of the shortcode for which the button
742
+ * will be generated.
743
+ * @param array $params The shortcode attributes
744
+ * @return string The HTML code of the visual editor button
745
+ */
746
+ function wfu_add_visual_editor_button($shortcode_tag, $params) {
747
+ return wfu_template_to_HTML("visualeditorbutton", $params, array( "shortcode_tag" => $shortcode_tag ), 0);
748
+ }
749
+
750
+ /**
751
+ * Additional content after upload form.
752
+ *
753
+ * It generates additional HTML code to be added after the upload form.
754
+ *
755
+ * @since 2.4.1
756
+ *
757
+ * @redeclarable
758
+ *
759
+ * @return string The additional HTML code
760
+ */
761
+ function wfu_post_plugin_actions($params) {
762
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
763
+ $echo_str = '';
764
+
765
+ return $echo_str;
766
+ }
767
+
768
+ /**
769
+ * Get the list of subfolders of the upload directory.
770
+ *
771
+ * It calculates the subfolders of the upload directory of an upload form in
772
+ * case that subfolders feature is activated in the shortcode and it is
773
+ * configured to calculate the subfolders automatically.
774
+ *
775
+ * @since 3.3.0
776
+ *
777
+ * @redeclarable
778
+ *
779
+ * @param array $params The shortcode attributes
780
+ * @return array The calculated subfolders
781
+ */
782
+ function wfu_get_subfolders_paths($params) {
783
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
784
+ $subfolder_paths = array ( );
785
+ if ( $params["askforsubfolders"] == "true" && $params["testmode"] != "true" ) {
786
+ array_push($subfolder_paths, "");
787
+ if ( substr($params["subfoldertree"], 0, 4) == "auto" ) {
788
+ $upload_directory = wfu_upload_plugin_full_path($params);
789
+ $dirtree = wfu_getTree($upload_directory);
790
+ foreach ( $dirtree as &$dir ) $dir = '*'.$dir;
791
+ $params["subfoldertree"] = implode(',', $dirtree);
792
+ }
793
+ $subfolders = wfu_parse_folderlist($params["subfoldertree"]);
794
+ if ( count($subfolders['path']) == 0 ) array_push($subfolders['path'], "");
795
+ foreach ( $subfolders['path'] as $subfolder ) array_push($subfolder_paths, $subfolder);
796
+ }
797
+
798
+ return $subfolder_paths;
799
+ }
800
+
801
+ /**
802
+ * Convert old attribute names to new.
803
+ *
804
+ * Some shortcode attributes have changed name. This function makes sure that
805
+ * shortcode attributes with old names are converted to new names so that they
806
+ * can be processed correctly.
807
+ *
808
+ * @since 3.8.4
809
+ *
810
+ * @param array $shortcode_attrs The shortcode attributes
811
+ * @return array The processed shortcode attributes
812
+ */
813
+ function wfu_old_to_new_attributes($shortcode_attrs) {
814
+ //old to new attribute definitions
815
+ $old_to_new = array(
816
+ "dublicatespolicy" => "duplicatespolicy"
817
+ );
818
+ //implement changes
819
+ foreach ( $old_to_new as $old => $new ) {
820
+ if ( isset($shortcode_attrs[$old]) ) {
821
+ $shortcode_attrs[$new] = $shortcode_attrs[$old];
822
+ unset($shortcode_attrs[$old]);
823
+ }
824
+ }
825
+ return $shortcode_attrs;
826
+ }
827
+
828
+ /**
829
+ * Preprocess Attributes Before Handler.
830
+ *
831
+ * Preprocess attributes before they enter the handler. For instance, ftpinfo
832
+ * attribute is not parsed correctly and needs to be adjusted.
833
+ *
834
+ * @since 4.12.0
835
+ *
836
+ * @redeclarable
837
+ *
838
+ * @param array $shortcode_attrs The shortcode attributes
839
+ * @return array The processed shortcode attributes
840
+ */
841
+ function wfu_preprocess_attributes($shortcode_attrs) {
842
+ $a = func_get_args(); $a = WFU_FUNCTION_HOOK(__FUNCTION__, $a, $out); if (isset($out['vars'])) foreach($out['vars'] as $p => $v) $$p = $v; switch($a) { case 'R': return $out['output']; break; case 'D': die($out['output']); }
843
+ //correct ftpinfo backslashes
844
+ if ( isset($shortcode_attrs['ftpinfo']) )
845
+ $shortcode_attrs['ftpinfo'] = str_replace(array( '\\:', '\\@' ), array( '\\\\:', '\\\\@' ), $shortcode_attrs['ftpinfo']);
846
+ return $shortcode_attrs;
847
+ }
848
+
849
+ /**
850
+ * Execute custom actions before upload for non-AJAX uploads.
851
+ *
852
+ * This function is executed right after an upload has started for a classic
853
+ * (non-AJAX) upload. It ensures that when the page reloads the plugin will
854
+ * show the result of the upload (and will not render the upload form from the
855
+ * beginning).
856
+ *
857
+ * @since 3.7.0
858
+ *
859
+ * @see _wfu_before_upload filter For more information on parameters and
860
+ * response array format.
861
+ *
862
+ * @param array $ret An array with information how this function must respond.
863
+ * @param array $attr Information about the upload.
864
+ * @return array The processed $ret array
865
+ */
866
+ function wfu_classic_before_upload_handler($ret, $attr) {
867
+ //run only if start_time exists in $_REQUEST parameters
868
+ if ( !isset($_REQUEST['start_time']) ) return $ret;
869
+ if ( $ret["status"] == "die" ) return $ret;
870
+ $start_time = sanitize_text_field( $_REQUEST["start_time"] );
871
+ $sid = $attr["sid"];
872
+ if ( $sid == "" ) {
873
+ $ret["status"] = "die";
874
+ return $ret;
875
+ }
876
+ if ( $ret["status"] != "error" ) {
877
+ $ret["status"] = "success";
878
+ WFU_USVAR_store('wfu_check_refresh_'.$sid, 'form button pressed');
879
+ WFU_USVAR_store('wfu_start_time_'.$sid, $start_time);
880
+ }
881
+ return $ret;
882
+ }
883
+
884
+ /**
885
+ * Check Consent Status of User.
886
+ *
887
+ * This function is executed before an upload starts in order to check the
888
+ * current user's consent status, when consent is activated in the shortcode.
889
+ *
890
+ * @since 4.10.1
891
+ *
892
+ * @see wfu_before_upload filter For more information on parameters and
893
+ * response array format.
894
+ *
895
+ * @param array $changable_data An array with information that can be changed
896
+ * by the function
897
+ * @param array $attr Information about the upload.
898
+ * @return array The processed $changable_data array
899
+ */
900
+ function wfu_consent_ask_server_handler($changable_data, $attr) {
901
+ //run only if consent_check and consent rejection message exist in
902
+ //$_REQUEST parameters
903
+ if ( !isset($_REQUEST['consent_check']) || !isset($_REQUEST['consent_rejection_message']) ) return $changable_data;
904
+ if ( $changable_data["error_message"] != "" ) return $changable_data;
905
+ $user = wp_get_current_user();
906
+ if ( wfu_check_user_consent($user) != "1" ) {
907
+ $changable_data["error_message"] = wp_strip_all_tags($_REQUEST['consent_rejection_message']);
908
+ }
909
+ return $changable_data;
910
+ }
911
+
912
+ /**
913
+ * Execute After Upload Filters.
914
+ *
915
+ * This function executes internal and custom after upload filters.
916
+ *
917
+ * @since 3.7.0
918
+ *
919
+ * @param int $sid The shortcode ID
920
+ * @param string $unique_id The unique identifier the upload.
921
+ * @param array $params The shortcode attributes.
922
+ * @return array An array holding data after the upload filters
923
+ */
924
+ function wfu_execute_after_upload_filters($sid, $unique_id, $params) {
925
+ //apply internal filters from extensions
926
+ $ret = array( "echo" => "" );
927
+ $files = array();
928
+ $filedata_id = "filedata_".$unique_id;
929
+ if ( WFU_USVAR_exists($filedata_id) ) $files = WFU_USVAR($filedata_id);
930
+ $attr = array( "sid" => $sid, "unique_id" => $unique_id, "files" => $files );
931
+ /**
932
+ * Execute Internal Post Upload Actions.
933
+ *
934
+ * This is an internal filter which allows to execute custom actions after
935
+ * an upload has completely finished.
936
+ *
937
+ * @since 3.7.0
938
+ *
939
+ * @param array $ret {
940
+ * Parameters to return to the plugin.
941
+ *
942
+ * @type string $echo Custom output to return (not used).
943
+ * }
944
+ * @param array $attr {
945
+ * Various attributes of the upload.
946
+ *
947
+ * @type string $sid The ID of the shortcode.
948
+ * @type string $unique_id The unique ID of the upload.
949
+ * @type array $files {
950
+ * Contains an array of the uploaded files.
951
+ *
952
+ * @type array $file {
953
+ * Contains information for each uploaded file.
954
+ *
955
+ * @type string $file_unique_id A unique ID identifying every
956
+ * individual file.
957
+ * @type string $original_filename The original filename of the
958
+ * file before any filters might have changed it.
959
+ * @type string $filepath The final path of the file, including
960
+ * the filename.
961
+ * @type int $filesize The size of the file.
962
+ * @type array|null $user_data {
963
+ * An array of user data values if userdata are activated.
964
+ *
965
+ * @type array $item {
966
+ * Contains information about each user data field.
967
+ *
968
+ * @type string $label The label of the user data field.
969
+ * @type string $value The value of the user data field.
970
+ * }
971
+ * }
972
+ * @type string $upload_result The result of the upload process.
973
+ * It can take the following values:
974
+ * success: the upload was successful.
975
+ * warning: the upload was successful but it contains
976
+ * warning messages.
977
+ * error: the upload failed
978
+ * @type string $error_message Warning or error messages
979
+ * generated during the upload process.
980
+ * @type string $admin_messages Detailed error messages for
981
+ * administrators generated during the upload process.
982
+ * }
983
+ * }
984
+ * }
985
+ * @param array $params The shortcode attributes of the upload form.
986
+ */
987
+ $ret = apply_filters("_wfu_after_upload", $ret, $attr, $params);
988
+ //then apply any custom filters created by admin
989
+ $echo_str = "";
990
+ $ret = array( "js_script" => "" );
991
+ /**
992
+ * Execute Post Upload Actions.
993
+ *
994
+ * This filter allows to execute custom actions after an upload has
995
+ * completely finished. Custom Javascript code can be defined that will be
996
+ * executed on user's browser after the filter finishes.
997
+ *
998
+ * @since 3.7.0
999
+ *
1000
+ * @param array $ret {
1001
+ * Parameters to return to the plugin.
1002
+ *
1003
+ * @type string $js_script Custom Javascript code to execute on user's
1004
+ * browser.
1005
+ * }
1006
+ * @param array $attr Various attributes of the upload. See previous hook
1007
+ * for details.
1008
+ */
1009
+ $ret = apply_filters("wfu_after_upload", $ret, $attr);
1010
+ return $ret;
1011
+ }
1012
+
1013
  ?>
wordpress_file_upload.php CHANGED
@@ -1,97 +1,97 @@
1
- <?php
2
- /*Plugin Name: Wordpress File Upload
3
- /*
4
- Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
5
- Description: Simple interface to upload files from a page.
6
- Version: 4.12.1
7
- Author: Nickolas Bossinas
8
- Author URI: http://www.iptanus.com
9
- Text Domain: wp-file-upload
10
- Domain Path: /languages
11
-
12
- Wordpress File Upload (Wordpress Plugin)
13
- Copyright (C) 2010-2018 Nickolas Bossinas
14
- Contact me at http://www.iptanus.com
15
-
16
- This program is free software: you can redistribute it and/or modify
17
- it under the terms of the GNU General Public License as published by
18
- the Free Software Foundation, either version 3 of the License, or
19
- (at your option) any later version.
20
-
21
- This program is distributed in the hope that it will be useful,
22
- but WITHOUT ANY WARRANTY; without even the implied warranty of
23
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24
- GNU General Public License for more details.
25
-
26
- You should have received a copy of the GNU General Public License
27
- along with this program. If not, see <http://www.gnu.org/licenses/>.
28
- */
29
-
30
- /**
31
- * Extract the Request URI.
32
- *
33
- * In some web servers the request URL is not mentioned correctly and it must be
34
- * calculated in combination with other $_SERVER variables.
35
- *
36
- * @return string the correct request URI
37
- */
38
- function wfu_get_request_uri() {
39
- $pathinfo = isset( $_SERVER['PATH_INFO'] ) ? $_SERVER['PATH_INFO'] : '';
40
- list( $pathinfo ) = explode( '?', $pathinfo );
41
- $pathinfo = str_replace( '%', '%25', $pathinfo );
42
-
43
- list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] );
44
- $home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' );
45
- $home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) );
46
-
47
- $req_uri = str_replace( $pathinfo, '', $req_uri );
48
- $req_uri = trim( $req_uri, '/' );
49
- $req_uri = preg_replace( $home_path_regex, '', $req_uri );
50
- $req_uri = trim( $req_uri, '/' );
51
-
52
- return $req_uri;
53
- }
54
-
55
- /**
56
- * Checks before plugin loading.
57
- *
58
- * This function performs checks in order to decide if the plugin will be loaded
59
- * or not. It enables to load the plugin only for specific pages defined by the
60
- * admin.
61
- *
62
- * @return bool true if the plugin must be loaded, false if not.
63
- */
64
- function wordpress_file_upload_preload_check() {
65
- //do not load plugin if this is the login page
66
- $uri = wfu_get_request_uri();
67
- if ( strpos($uri, 'wp-login.php') !== false ) return false;
68
-
69
- if ( !is_admin() ) {
70
- $page = get_page_by_path($uri);
71
- if ( $page ) {
72
- $envars = get_option("wfu_environment_variables", array());
73
- $ids = ( isset($envars["WFU_RESTRICT_FRONTEND_LOADING"]) ? $envars["WFU_RESTRICT_FRONTEND_LOADING"] : "false" );
74
- //if restricted loading is enabled, then the plugin will load only if
75
- //the current page ID is included in $ids list
76
- if ( $ids !== "false" ) {
77
- $ids = explode(",", $ids);
78
- $pass = false;
79
- foreach ( $ids as $id )
80
- if ( trim($id) != "" && (int)trim($id) > 0 && (int)trim($id) == $page->ID ) {
81
- $pass = true;
82
- break;
83
- }
84
- if ( !$pass ) return false;
85
- }
86
- }
87
- }
88
- return true;
89
- }
90
-
91
- //before loading the plugin we need to check if restricted loading is enabled
92
- if ( !wordpress_file_upload_preload_check() ) return;
93
- //proceed loading the plugin
94
- DEFINE("WPFILEUPLOAD_PLUGINFILE", __FILE__);
95
- require_once( plugin_dir_path( WPFILEUPLOAD_PLUGINFILE ) . 'wfu_loader.php' );
96
-
97
  ?>
1
+ <?php
2
+ /*Plugin Name: Wordpress File Upload
3
+ /*
4
+ Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
5
+ Description: Simple interface to upload files from a page.
6
+ Version: 4.12.2
7
+ Author: Nickolas Bossinas
8
+ Author URI: http://www.iptanus.com
9
+ Text Domain: wp-file-upload
10
+ Domain Path: /languages
11
+
12
+ Wordpress File Upload (Wordpress Plugin)
13
+ Copyright (C) 2010-2018 Nickolas Bossinas
14
+ Contact me at http://www.iptanus.com
15
+
16
+ This program is free software: you can redistribute it and/or modify
17
+ it under the terms of the GNU General Public License as published by
18
+ the Free Software Foundation, either version 3 of the License, or
19
+ (at your option) any later version.
20
+
21
+ This program is distributed in the hope that it will be useful,
22
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
23
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24
+ GNU General Public License for more details.
25
+
26
+ You should have received a copy of the GNU General Public License
27
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
28
+ */
29
+
30
+ /**
31
+ * Extract the Request URI.
32
+ *
33
+ * In some web servers the request URL is not mentioned correctly and it must be
34
+ * calculated in combination with other $_SERVER variables.
35
+ *
36
+ * @return string the correct request URI
37
+ */
38
+ function wfu_get_request_uri() {
39
+ $pathinfo = isset( $_SERVER['PATH_INFO'] ) ? $_SERVER['PATH_INFO'] : '';
40
+ list( $pathinfo ) = explode( '?', $pathinfo );
41
+ $pathinfo = str_replace( '%', '%25', $pathinfo );
42
+
43
+ list( $req_uri ) = explode( '?', $_SERVER['REQUEST_URI'] );
44
+ $home_path = trim( parse_url( home_url(), PHP_URL_PATH ), '/' );
45
+ $home_path_regex = sprintf( '|^%s|i', preg_quote( $home_path, '|' ) );
46
+
47
+ $req_uri = str_replace( $pathinfo, '', $req_uri );
48
+ $req_uri = trim( $req_uri, '/' );
49
+ $req_uri = preg_replace( $home_path_regex, '', $req_uri );
50
+ $req_uri = trim( $req_uri, '/' );
51
+
52
+ return $req_uri;
53
+ }
54
+
55
+ /**
56
+ * Checks before plugin loading.
57
+ *
58
+ * This function performs checks in order to decide if the plugin will be loaded
59
+ * or not. It enables to load the plugin only for specific pages defined by the
60
+ * admin.
61
+ *
62
+ * @return bool true if the plugin must be loaded, false if not.
63
+ */
64
+ function wordpress_file_upload_preload_check() {
65
+ //do not load plugin if this is the login page
66
+ $uri = wfu_get_request_uri();
67
+ if ( strpos($uri, 'wp-login.php') !== false ) return false;
68
+
69
+ if ( !is_admin() ) {
70
+ $page = get_page_by_path($uri);
71
+ if ( $page ) {
72
+ $envars = get_option("wfu_environment_variables", array());
73
+ $ids = ( isset($envars["WFU_RESTRICT_FRONTEND_LOADING"]) ? $envars["WFU_RESTRICT_FRONTEND_LOADING"] : "false" );
74
+ //if restricted loading is enabled, then the plugin will load only if
75
+ //the current page ID is included in $ids list
76
+ if ( $ids !== "false" ) {
77
+ $ids = explode(",", $ids);
78
+ $pass = false;
79
+ foreach ( $ids as $id )
80
+ if ( trim($id) != "" && (int)trim($id) > 0 && (int)trim($id) == $page->ID ) {
81
+ $pass = true;
82
+ break;
83
+ }
84
+ if ( !$pass ) return false;
85
+ }
86
+ }
87
+ }
88
+ return true;
89
+ }
90
+
91
+ //before loading the plugin we need to check if restricted loading is enabled
92
+ if ( !wordpress_file_upload_preload_check() ) return;
93
+ //proceed loading the plugin
94
+ DEFINE("WPFILEUPLOAD_PLUGINFILE", __FILE__);
95
+ require_once( plugin_dir_path( WPFILEUPLOAD_PLUGINFILE ) . 'wfu_loader.php' );
96
+
97
  ?>