API tools faq
paste
Advertisement
Guest User

Subscribe2 Patch

a guest
Oct 8th, 2010
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Diff 13.96 KB | None | 0 0
raw download clone embed print report
  1. --- subscribe2.bak.php  2010-10-08 13:05:14.000000000 -0400
  2. +++ subscribe2.php  2010-10-08 14:39:48.000000000 -0400
  3. @@ -53,30 +53,51 @@
  4.  // start our class
  5.  class s2class {
  6.  // variables and constructor are declared at the end
  7. -
  8. +  function should_use_ssl() {
  9. +    return isset($this->subscribe2_options['use_ssl']) && $this->subscribe2_options['use_ssl'] == 'yes';
  10. +  }
  11. +
  12. +  function get_home() {
  13. +    $opt = get_option('home');
  14. +    return $this->should_use_ssl() ? $this->force_ssl($opt) : $opt;
  15. +  }
  16. +  
  17. +  function get_content_url() {
  18. +    $opt = WP_CONTENT_URL;
  19. +    return $this->should_use_ssl() ? $this->force_ssl($opt) : $opt;
  20. +  }
  21. +  
  22. +  function get_siteurl() {
  23. +    $opt = get_option('siteurl');
  24. +    return $this->should_use_ssl() ? $this->force_ssl($opt) : $opt;
  25. +  }
  26. +  
  27. +  function force_ssl($url) {
  28. +    return preg_replace('/http:/i', 'https:', $url);
  29. +  }
  30.     /**
  31.     Load all our strings
  32.     */
  33.     function load_strings() {
  34.         // adjust the output of Subscribe2 here
  35.  
  36. -       $this->please_log_in = "<p>" . __('To manage your subscription options please', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-login.php\">" . __('login', 'subscribe2') . "</a>.</p>";
  37. +       $this->please_log_in = "<p>" . __('To manage your subscription options please', 'subscribe2') . " <a href=\"" . $this->get_siteurl() . "/wp-login.php\">" . __('login', 'subscribe2') . "</a>.</p>";
  38.  
  39. -       $this->use_profile_admin = "<p>" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-admin/users.php?page=s2_users\">" . __('profile', 'subscribe2') . "</a>.</p>";
  40. +       $this->use_profile_admin = "<p>" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . $this->get_siteurl() . "/wp-admin/users.php?page=s2_users\">" . __('profile', 'subscribe2') . "</a>.</p>";
  41.         if ( $this->s2_mu === true) {
  42.             global $blog_id, $user_ID;
  43.             if ( !is_blog_user($blog_id) ) {
  44.                 // if we are on multisite and the user is not a member of this blog change the link
  45. -               $this->use_profile_admin = "<p><a href=\"" . get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a>" . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>";
  46. +               $this->use_profile_admin = "<p><a href=\"" . $this->get_siteurl() . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a>" . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>";
  47.             }
  48.         }
  49.  
  50. -       $this->use_profile_users = "<p>" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . get_option('siteurl') . "/wp-admin/profile.php?page=s2_users\">" . __('profile', 'subscribe2') . "</a>.</p>";
  51. +       $this->use_profile_users = "<p>" . __('You may manage your subscription options from your', 'subscribe2') . " <a href=\"" . $this->get_siteurl() . "/wp-admin/profile.php?page=s2_users\">" . __('profile', 'subscribe2') . "</a>.</p>";
  52.         if ( $this->s2_mu === true) {
  53.             global $blog_id, $user_ID;
  54.             if ( !is_blog_user($blog_id) ) {
  55.                 // if we are on multisite and the user is not a member of this blog change the link
  56. -               $this->use_profile_users = "<p><a href=\"" . get_option('siteurl') . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a>" . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>";
  57. +               $this->use_profile_users = "<p><a href=\"" . $this->get_siteurl() . "/wp-admin/?s2mu_subscribe=" . $blog_id . "\">" . __('Subscribe', 'subscribe2') . "</a>" . __('to email notifications when this blog posts new content', 'subscribe2') . ".</p>";
  58.             }
  59.         }
  60.  
  61. @@ -142,22 +163,22 @@
  62.     Hook for Admin Drop Down Icons
  63.     */
  64.     function ozh_s2_icon() {
  65. -       return WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/email_edit.png';
  66. +       return $this->get_content_url . '/plugins/' . S2DIR . '/include/email_edit.png';
  67.     } // end ozh_s2_icon()
  68.  
  69.     /**
  70.     Insert Javascript into admin_header
  71.     */
  72.     function checkbox_form_js() {
  73. -       wp_enqueue_script('s2_checkbox', WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/s2_checkbox.js', array('jquery'), '1.0');
  74. +       wp_enqueue_script('s2_checkbox', $this->get_content_url . '/plugins/' . S2DIR . '/include/s2_checkbox.js', array('jquery'), '1.0');
  75.     } //end checkbox_form_js()
  76.  
  77.     function user_admin_css() {
  78. -       wp_enqueue_style('s2_user_admin', WP_CONTENT_URL . '/plugins/ '. S2DIR . '/include/s2_user_admin.css', array(), '1.0');
  79. +       wp_enqueue_style('s2_user_admin', $this->get_content_url . '/plugins/ '. S2DIR . '/include/s2_user_admin.css', array(), '1.0');
  80.     }
  81.  
  82.     function option_form_js() {
  83. -       wp_enqueue_script('s2_edit', WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/s2_edit.js', array('jquery'), '1.0');
  84. +       wp_enqueue_script('s2_edit', $this->get_content_url . '/plugins/' . S2DIR . '/include/s2_edit.js', array('jquery'), '1.0');
  85.     } // end option_form_js()
  86.  
  87.  /* ===== Install, upgrade, reset ===== */
  88. @@ -301,7 +322,7 @@
  89.             return;
  90.         }
  91.         $string = str_replace("BLOGNAME", html_entity_decode(get_option('blogname'), ENT_QUOTES), $string);
  92. -       $string = str_replace("BLOGLINK", get_option('home'), $string);
  93. +       $string = str_replace("BLOGLINK", $this->get_home(), $string);
  94.         $string = str_replace("TITLE", stripslashes($this->post_title), $string);
  95.         $link = "<a href=\"" . $this->permalink . "\">" . $this->permalink . "</a>";
  96.         $string = str_replace("PERMALINK", $link, $string);
  97. @@ -678,7 +699,7 @@
  98.         // HASH = md5 hash of email address
  99.         // ID = user's ID in the subscribe2 table
  100.         // use home instead of siteurl incase index.php is not in core wordpress directory
  101. -       $link = get_option('home') . "/?s2=";
  102. +       $link = $this->get_home() . "/?s2=";
  103.  
  104.         if ( 'add' == $what ) {
  105.             $link .= '1';
  106. @@ -1384,18 +1405,18 @@
  107.                     switch_to_blog(key($user_blogs));
  108.                 } else {
  109.                     // no longer a member of a blog
  110. -                   wp_redirect(get_option('siteurl')); // redirect to front page
  111. +                   wp_redirect($this->get_siteurl()); // redirect to front page
  112.                     exit();
  113.                 }
  114.             }
  115.  
  116.             // redirect to profile page
  117.             if ( current_user_can('manage_options') ) {
  118. -               $url = get_option('siteurl') . '/wp-admin/users.php?page=s2_users';
  119. +               $url = $this->get_siteurl() . '/wp-admin/users.php?page=s2_users';
  120.                 wp_redirect($url);
  121.                 exit();
  122.             } else {
  123. -               $url = get_option('siteurl') . '/wp-admin/profile.php?page=s2_users';
  124. +               $url = $this->get_siteurl() . '/wp-admin/profile.php?page=s2_users';
  125.                 wp_redirect($url);
  126.                 exit();
  127.             }
  128. @@ -1585,7 +1606,7 @@
  129.  
  130.         $reminderform = false;
  131.         $urlpath = str_replace("\\", "/", S2PATH);
  132. -       $urlpath = trailingslashit(get_option('siteurl')) . substr($urlpath,strpos($urlpath, "wp-content/"));
  133. +       $urlpath = trailingslashit($this->get_siteurl()) . substr($urlpath,strpos($urlpath, "wp-content/"));
  134.         if ( isset($_GET['s2page']) ) {
  135.             $page = (int) $_GET['s2page'];
  136.         } else {
  137. @@ -1773,7 +1794,7 @@
  138.                 } elseif ( in_array($subscriber, $all_users) ) {
  139.                     echo "</td><td align=\"center\"></td><td align=\"center\"></td>\r\n";
  140.                     echo "<td><span style=\"color:#006600\">&reg;&nbsp;&nbsp;</span><a href=\"mailto:" . $subscriber . "\">" . $subscriber . "</a>\r\n";
  141. -                   echo "(<a href=\"" . get_option('siteurl') . "/wp-admin/users.php?page=s2_users&amp;email=" . urlencode($subscriber) . "\">" . __('edit', 'subscribe2') . "</a>)\r\n";
  142. +                   echo "(<a href=\"" . $this->get_siteurl() . "/wp-admin/users.php?page=s2_users&amp;email=" . urlencode($subscriber) . "\">" . __('edit', 'subscribe2') . "</a>)\r\n";
  143.                 }
  144.                 echo "</td></tr>\r\n";
  145.                 ('alternate' == $alternate) ? $alternate = '' : $alternate = 'alternate';
  146. @@ -1855,6 +1876,9 @@
  147.                     echo "<div id=\"message\" class=\"updated fade\"><p><strong>" . __('Attempt made to resend the Digest Notification email', 'subscribe2') . "</strong></p></div>";
  148.                 }
  149.             } elseif ( $_POST['submit'] ) {
  150. +             // security
  151. +             $this->subscribe2_options['use_ssl'] = $_POST['use_ssl'];
  152. +            
  153.                 // BCClimit
  154.                 if ( is_numeric($_POST['bcc']) && $_POST['bcc'] >= 0 ) {
  155.                     $this->subscribe2_options['bcclimit'] = $_POST['bcc'];
  156. @@ -1875,6 +1899,7 @@
  157.                 $this->subscribe2_options['password'] = $_POST['password'];
  158.                 $this->subscribe2_options['private'] = $_POST['private'];
  159.                 $this->subscribe2_options['cron_order'] = $_POST['cron_order'];
  160. +              
  161.  
  162.                 // send per-post or digest emails
  163.                 $email_freq = $_POST['email_freq'];
  164. @@ -2009,6 +2034,15 @@
  165.         echo "<input type=\"hidden\" id=\"jspage\" value=\"" . $this->subscribe2_options['s2page'] . "\" />";
  166.         echo "<input type=\"hidden\" id=\"jsentries\" value=\"" . $this->subscribe2_options['entries'] . "\" />";
  167.  
  168. +       echo "<h2>" . __('Security Settings', 'subscribe2') . "</h2>\r\n";
  169. +       echo __('Use SSL Links', 'subscribe2') . ': ';
  170. +       echo "<label><input type=\"checkbox\" name=\"use_ssl\" value=\"yes\"";
  171. +       if ( $this->should_use_ssl() ) {
  172. +           echo " checked=\"checked\"";
  173. +       }
  174. +       echo '/> '.__('Forces http links to https for key pages', 'subscribe2');
  175. +    
  176. +
  177.         // settings for outgoing emails
  178.         echo "<h2>" . __('Notification Settings', 'subscribe2') . "</h2>\r\n";
  179.         echo __('Restrict the number of recipients per email to (0 for unlimited)', 'subscribe2') . ': ';
  180. @@ -2121,7 +2155,7 @@
  181.         echo "<h3>" . __('Message substitions', 'subscribe2') . "</h3>\r\n";
  182.         echo "<dl>";
  183.         echo "<dt><b>BLOGNAME</b></dt><dd>" . get_option('blogname') . "</dd>\r\n";
  184. -       echo "<dt><b>BLOGLINK</b></dt><dd>" . get_option('home') . "</dd>\r\n";
  185. +       echo "<dt><b>BLOGLINK</b></dt><dd>" . $this->get_home() . "</dd>\r\n";
  186.         echo "<dt><b>TITLE</b></dt><dd>" . __("the post's title<br />(<i>for per-post emails only</i>)", 'subscribe2') . "</dd>\r\n";
  187.         echo "<dt><b>POST</b></dt><dd>" . __("the excerpt or the entire post<br />(<i>based on the subscriber's preferences</i>)", 'subscribe2') . "</dd>\r\n";
  188.         echo "<dt><b>POSTTIME</b></dt><dd>" . __("the excerpt of the post and the time it was posted<br />(<i>for digest emails only</i>)", 'subscribe2') . "</dd>\r\n";
  189. @@ -2449,11 +2483,11 @@
  190.                 $subscribed = get_usermeta($user_ID, $this->get_usermeta_keyname('s2_subscribed'));
  191.                 // if we are subscribed to the current blog display an "unsubscribe" link
  192.                 if ( !empty($subscribed) ) {
  193. -                   $unsubscribe_link = get_option('home') . "/wp-admin/?s2mu_unsubscribe=". $blog_id;
  194. +                   $unsubscribe_link = $this->get_home() . "/wp-admin/?s2mu_unsubscribe=". $blog_id;
  195.                     echo "<p><a href=\"". $unsubscribe_link ."\" class=\"button\">" . __('Unsubscribe me from this blog', 'subscribe2') . "</a></p>";
  196.                 } else {
  197.                     // else we show a "subscribe" link
  198. -                   $subscribe_link = get_option('home') . "/wp-admin/?s2mu_subscribe=". $blog_id;
  199. +                   $subscribe_link = $this->get_home() . "/wp-admin/?s2mu_subscribe=". $blog_id;
  200.                     echo "<p><a href=\"". $subscribe_link ."\" class=\"button\">" . __('Subscribe to all categories', 'subscribe2') . "</a></p>";
  201.                 }
  202.                 echo "<h2>" . __('Subscribed Categories on', 'subscribe2') . " " . get_option('blogname') . " </h2>\r\n";
  203. @@ -2514,8 +2548,8 @@
  204.                     $blog['blogname'] = $blogname;
  205.                 }
  206.                 $blog['description'] = get_option('blogdescription');
  207. -               $blog['blogurl'] = get_option('home');
  208. -               $blog['subscribe_page'] = get_option('home') . "/wp-admin/users.php?page=s2_users";
  209. +               $blog['blogurl'] = $this->get_home();
  210. +               $blog['subscribe_page'] = $this->get_home() . "/wp-admin/users.php?page=s2_users";
  211.  
  212.                 $key = strtolower($blog['blogname'] . "-" . $blog['blog_id']);
  213.                 if ( !empty($subscribed) ) {
  214. @@ -3210,7 +3244,7 @@
  215.     Function to add js files to admin header
  216.     */
  217.     function widget_s2counter_js() {
  218. -       echo '<script type="text/javascript" src="' . WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/colorpicker/js/colorpicker.js"></script>' . "\r\n";
  219. +       echo '<script type="text/javascript" src="' . $this->get_content_url . '/plugins/' . S2DIR . '/include/colorpicker/js/colorpicker.js"></script>' . "\r\n";
  220.         echo "<script type=\"text/javascript\">
  221.             jQuery(document).ready(function() {
  222.                 jQuery('.colorpickerField').focusin(function() {
  223. @@ -3239,7 +3273,7 @@
  224.     Function to add css files to admin header
  225.     */
  226.     function widget_s2counter_css() {
  227. -       echo '<link rel="stylesheet" href="' . WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/colorpicker/css/colorpicker.css" type="text/css" />' . "\r\n";
  228. +       echo '<link rel="stylesheet" href="' . $this->get_content_url . '/plugins/' . S2DIR . '/include/colorpicker/css/colorpicker.css" type="text/css" />' . "\r\n";
  229.     } // end widget_s2counter_css
  230.  
  231.     function namechange_subscribe2_widget() {
  232. @@ -3274,7 +3308,7 @@
  233.     */
  234.     function add_minimeta() {
  235.         if ( $this->subscribe2_options['s2page'] != 0 ) {
  236. -           echo "<li><a href=\"" . get_option('siteurl') . "/?page_id=" . $this->subscribe2_options['s2page'] . "\">" . __('[Un]Subscribe to Posts', 'subscribe2') . "</a></li>\r\n";
  237. +           echo "<li><a href=\"" . $this->get_siteurl() . "/?page_id=" . $this->subscribe2_options['s2page'] . "\">" . __('[Un]Subscribe to Posts', 'subscribe2') . "</a></li>\r\n";
  238.         }
  239.     } // end add_minimeta()
  240.  
  241. @@ -3291,7 +3325,7 @@
  242.             add_filter('mce_buttons', array(&$this, 'mce3_button'));
  243.         } else {
  244.             buttonsnap_separator();
  245. -           buttonsnap_jsbutton(WP_CONTENT_URL . '/plugins/' . S2DIR . '/include/s2_button.png', __('Subscribe2', 'subscribe2'), 's2_insert_token();');
  246. +           buttonsnap_jsbutton($this->get_content_url . '/plugins/' . S2DIR . '/include/s2_button.png', __('Subscribe2', 'subscribe2'), 's2_insert_token();');
  247.         }
  248.     } // end button_init()
  249.  
  250. @@ -3299,7 +3333,7 @@
  251.     Add buttons for WordPress 2.5+ using built in hooks
  252.     */
  253.     function mce3_plugin($arr) {
  254. -       $path = WP_CONTENT_URL . '/plugins/' . S2DIR . '/tinymce3/editor_plugin.js';
  255. +       $path = $this->get_content_url . '/plugins/' . S2DIR . '/tinymce3/editor_plugin.js';
  256.         $arr['subscribe2'] = $path;
  257.         return $arr;
  258.     }
  259. @@ -3699,4 +3733,4 @@
  260.     var $options_saved = '';
  261.     var $options_reset = '';
  262.  } // end class subscribe2
  263. -?>
  264. \ No newline at end of file
  265. +?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!