Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Plugin Name: Wpisy
- Description: Umożliwia dodawanie wpisów przez użytkowników.
- Version: 1.01
- Author: Dawid Fordon
- */
- require_once( ABSPATH . '/wp-load.php');
- require_once( ABSPATH . 'wp-includes/pluggable.php');
- /*require_once( ABSPATH . 'wp-includes/link-template.php');*/
- require_once(ABSPATH . 'wp-admin/includes/image.php');
- require_once(ABSPATH . 'wp-admin/includes/file.php');
- require_once(ABSPATH . 'wp-admin/includes/media.php');
- require_once plugin_dir_path( __FILE__ ) . '/class-download-remote-image.php';
- function admin_add_menu(){
- add_menu_page('Strona główna','Wpisy','administrator', 'test_glowna','test_glowna','');
- }
- add_action('admin_menu', 'admin_add_menu');
- function createPostTable () {
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy";
- $sql = "CREATE TABLE IF NOT EXISTS $table_name (
- id int(11) NOT NULL AUTO_INCREMENT,
- Nazwa varchar(25) NOT NULL,
- Tytul varchar(25) NOT NULL,
- slowa_klucz varchar(75) NOT NULL,
- email text NOT NULL,
- website varchar (75) NOT NULL,
- miasto text NOT NULL,
- kod_poczt int(11) NOT NULL,
- ulica text NOT NULL,
- tel int(11) NOT NULL,
- nip int(11) NOT NULL,
- opis text NOT NULL,
- maincategory text NOT NULL,
- hash varchar(125) NOT NULL,
- APRO tinyint(1) DEFAULT '0' NOT NULL,
- EC int(11) DEFAULT '0' NOT NULL,
- uid int(11) NOT NULL,
- PRIMARY KEY (id)
- )";
- require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
- dbDelta($sql);
- }
- createPostTable();
- function createMsgTable () {
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia";
- $sql = "CREATE TABLE IF NOT EXISTS $table_name (
- id int(11) NOT NULL AUTO_INCREMENT,
- msgc text NOT NULL,
- msgd varchar(255) NOT NULL,
- msga varchar(255) NOT NULL,
- slowa_klucz_limit int(11) NOT NULL,
- PRIMARY KEY (id)
- )";
- $c = $wpdb->get_var("SELECT COUNT(id) FROM $table_name");
- //echo "Liczba wierszy id ", $c;
- if($c<1){
- $wpdb->query("INSERT INTO `$table_name` (`msgc`, `msgd`, `msga`, `slowa_klucz_limit`) VALUES ('Przykladowa wiadomosc z prosba o potwierdzenie wpisu', 'Przykladowa wiadomosc o odrzuceniu wpisu', 'Przykladowa wiadomosc z o dodanie wpisu', '3')");
- }
- require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
- dbDelta($sql);
- }
- createMsgTable();
- function returem($whats){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- $comm = " ";
- foreach($wpdb->get_results("SELECT * FROM `$table_name`") as $key => $row){
- $comm = $row->$whats;
- }
- return $comm;
- }
- /*function check(){
- global $wpdb;
- }*/
- if(isset($_POST['val'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- $val = $_POST['val'];
- $wpdb->query('UPDATE '.$table_name.' SET APRO=1 WHERE id='.$_POST['val'].'');
- $pid = returem('uid');
- $updated_post = array(
- 'ID' => $pid,
- 'post_status' => 'publish',
- );
- wp_update_post($updated_post);
- $headers = "MIME-Version: 1.0\r\n";
- $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
- $epid = esc_url(get_permalink($pid, false));
- $msg = returnme('msga').' <a href="'.$epid.'">link</a>';
- mail(returem('email'), 'Twoj wpis zostal dodany', $msg, $headers); #akceptacja tymczasowa
- }
- #AJAX SELF
- if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) AND strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'){
- null; #POZNIEJ
- }
- function generateRandomString($length = 10) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
- if(isset($_GET['hash']) AND isset($_GET['email'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- foreach($wpdb->get_results("SELECT * FROM $table_name WHERE EC=0") as $key => $row){
- if($_GET['hash'] == $row->hash AND $_GET['email'] == $row->email ){
- $wpdb->query('UPDATE '.$table_name.' SET EC=1 WHERE hash="'.$_GET['hash'].'"');
- }
- }
- }
- function returnme($what){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia"; //test
- $comm = " ";
- foreach($wpdb->get_results("SELECT * FROM `$table_name`") as $key => $row){
- $comm = $row->$what;
- }
- return $comm;
- }
- if(isset($_POST['valdeny'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- $val = $_POST['valdeny'];
- $wpdb->query('DELETE FROM `'.$table_name.'` WHERE id='.$_POST['valdeny'].'');
- $headers = "MIME-Version: 1.0\r\n";
- $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
- $msg = returnme('msgd');
- mail(returem('email'), 'Twoj wpis zostal odrzucony', $msg, $headers); #akceptacja tymczasowa
- }
- if(isset($_POST['textopis'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia"; //test
- $glvar = htmlspecialchars($_POST['textopis']);
- $wpdb->query('UPDATE `'.$table_name.'` SET msgc="'.$glvar.'"WHERE id="1"');
- }
- if(isset($_POST['textdeny'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia"; //test
- $slvar = htmlspecialchars($_POST['textdeny']);
- $wpdb->query('UPDATE `'.$table_name.'` SET msgd="'.$slvar.'"WHERE id="1"');
- }
- if(isset($_POST['textapro'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia"; //test
- $mlvar = htmlspecialchars($_POST['textapro']);
- $wpdb->query('UPDATE `'.$table_name.'` SET msga="'.$mlvar.'"WHERE id="1"');
- }
- if(isset($_POST['max_limit'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_ustawienia"; //test
- $varl = $_POST['max_limit'];
- $wpdb->query('UPDATE `'.$table_name.'` SET `slowa_klucz_limit`="'.$varl.'" WHERE id="1"');
- }
- function first3words($s, $limit=3){
- return preg_replace('/((\w+\W*){'.($limit-1).'}(\w+))(.*)/', '${1}', $s);
- }
- #USTAWIENIA
- function test_glowna(){
- global $wpdb;
- ?>
- <div class="KatalogWrap">
- <form method="post" action="">
- <div class="KatalogPole" style="float:left;width:33%;">
- <label for="wiadomosc" style="width:100%">Wiadomosc z prosba o potwierdzenie wpisu</label>
- <textarea name="textopis" style="width:100%" id="wiadomosc"> <?php echo returnme('msgc'); ?> </textarea>
- </div>
- <!-- !-->
- <div class="KatalogPole" style="float:left;width:33%;">
- <label for="wiadomosc" style="width:100%"> Wiadomosc o odrzuceniu postu</label>
- <textarea name="textdeny" style="width:100%" id="wiadomosc"> <?php echo returnme('msgd'); ?> </textarea>
- </div>
- <!-- !-->
- <div class="KatalogPole" style="float:left;width:33%;">
- <label for="wiadomosc" style="width:100%">Wiadomosc o dodanie wpisu</label>
- <textarea name="textapro" style="width:100%" id="wiadomosc"> <?php echo returnme('msga'); ?> </textarea>
- </div>
- <!-- !-->
- <div style="clear:both"></div>
- <div class="KatalogPole" style="float:left;width:33%;">
- <label for="limitw" style="width:26%;">Ilosc slow kluczowych</label>
- <input id="limitw" type="number" name="max_limit" value="<?php echo returnme('slowa_klucz_limit'); ?>" >
- </div>
- <div style="clear:both"></div>
- <div style="float:left;width:33%;">
- <input type="submit" value="zapisz">
- </div>
- </form>
- </div>
- <table style="margin:auto;border-spacing: 5px" class="table">
- <thead>
- <tr style="text-align:center">
- <th>NAZWA</th>
- <th>TYTUL</th>
- <th>SLOWA KLUCZOWE</th>
- <th>EMAIL</th>
- <th>STRONA INTERNETOWA</th>
- <th>MIASTO</th>
- <th>KOD POCZTOWY</th>
- <th>ULICA</th>
- <th>TELEFON</th>
- <th>NIP</th>
- <th>OPIS</th>
- <th>AKCJA</th>
- </tr>
- </thead>
- <tbody>
- <?php
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- foreach($wpdb->get_results("SELECT * FROM $table_name WHERE EC=1 AND APRO=0") as $key => $row){
- echo '
- <tr style="text-align:center">
- <td>'.$row->Nazwa.'</td>
- <td>'.$row->Tytul.'</td>
- <td>'.$row->maincategory.'</td>
- <td>'.$row->slowa_klucz.'</td>
- <td>'.$row->email.'</td>
- <td>'.$row->website.'</td>
- <td>'.$row->miasto.'</td>
- <td>'.$row->kod_poczt.'</td>
- <td>'.$row->ulica.'</td>
- <td>'.$row->tel.'</td>
- <td>'.$row->nip.'</td>
- <td>'.$row->opis.'</td>
- <td><form method="post"><input type="number" name="valdeny" value='.$row->id.' hidden><input name="update" type="submit" value="Odrzuc" ></form></td>
- <td><form method="post"><input type="number" name="val" value='.$row->id.' hidden><input name="update" type="submit" value="Akceptuj" ></form></td>
- </tr>
- ';
- }
- ?>
- </tbody>
- </table>
- <?php
- }
- function hasSubdomain($url) {
- $parsede = parse_url($url);
- $parsed = str_replace('www.', '', $parsede);
- $exploded = explode('.', $parsed["host"]);
- return (count($exploded) > 2);
- }
- if(!empty($_POST) AND $_SERVER['REQUEST_METHOD'] == 'POST'){
- if(isset($_POST['nazwa']) AND isset($_POST['tytul']) AND isset($_POST['maincategory']) AND isset($_POST['slowa_kluczowe']) AND isset($_POST['email']) AND isset($_POST['website']) AND isset($_POST['miasto']) AND isset($_POST['kod_pocztowy']) AND isset($_POST['ulica']) AND isset($_POST['telefon']) AND isset($_POST['nip']) AND isset($_POST['opis'])){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- $web = $_POST['website'];
- $count = $wpdb->get_var('SELECT COUNT(*) FROM `'.$table_name.'` WHERE website="'.$web.'" ');
- if($count == '0' AND hasSubdomain(returem['website']) != '1'){ // sprwadzenie istnienia adresu www w BD
- $secret = generateRandomString($length = 10);
- $headers = "From: " . strip_tags($_POST['email']) . "\r\n";
- $headers .= "Reply-To: ". strip_tags($_POST['email']) . "\r\n";
- $headers .= "MIME-Version: 1.0\r\n";
- $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
- $email = urlencode($_POST['email']);
- $hash = MD5($_POST['email'].$secret);
- $post = array();
- $post['post_status'] = 'pending';
- $post['post_title'] = htmlspecialchars($_POST['tytul']);
- $post['post_content'] = htmlspecialchars($_POST['opis']);
- $post['post_category'] = array($_POST['maincategory']);
- $post['post_content'] .= "\n Adres email: ".htmlspecialchars($_POST['email']);
- $post['post_content'] .= "\n Strona internetowa: <a href='".htmlspecialchars($_POST['website'])."'>Link</a>";
- $post['post_content'] .= "\n Miasto: ".htmlspecialchars($_POST['miasto']);
- $post['post_content'] .= "\n Kod pocztowy: ".htmlspecialchars($_POST['kod_pocztowy']);
- $post['post_content'] .= "\n Ulica: ".htmlspecialchars($_POST['ulica']);
- $post['post_content'] .= "\n Telefon: ".htmlspecialchars($_POST['telefon']);
- $post['post_content'] .= "\n NIP: ".htmlspecialchars($_POST['nip']);
- $postId = wp_insert_post( $post );
- wp_set_post_tags( $postId, str_replace(' ', ',',first3words(htmlspecialchars($_POST['slowa_kluczowe']), returnme('slowa_klucz_limit'))), true );
- // https://s.wordpress.com/mshots/v1/http%3A%2F%2F'xxx'?w=612 //
- $wpdb->insert(''.$table_name.'',
- array(
- 'Nazwa' => htmlspecialchars($_POST['nazwa']),
- 'Tytul' => htmlspecialchars($_POST['tytul']),
- 'maincategory' => $_POST['maincategory'],
- 'slowa_klucz' => first3words(htmlspecialchars($_POST['slowa_kluczowe']), returnme('slowa_klucz_limit')),
- 'email' => htmlspecialchars($_POST['email']),
- 'website' => htmlspecialchars($_POST['website']),
- 'miasto' => htmlspecialchars($_POST['miasto']),
- 'kod_poczt' => htmlspecialchars($_POST['kod_pocztowy']),
- 'ulica' => htmlspecialchars($_POST['ulica']),
- 'tel' => htmlspecialchars($_POST['telefon']),
- 'nip' => htmlspecialchars($_POST['nip']),
- 'opis' => htmlspecialchars($_POST['opis']),
- 'hash' => $hash,
- 'uid' => $postId,
- ));
- $attachment_id = media_handle_upload('html-upload', $postId);
- $attachment_url = wp_get_attachment_url($attachment_id);
- $filename = $attachment_url;
- $parent_post_id = $postId;
- $filetype = wp_check_filetype( basename( $filename ), null );
- $wp_upload_dir = wp_upload_dir();
- $attachment = array(
- 'guid' => $wp_upload_dir['url'] . '/' . basename( $filename ),
- 'post_mime_type' => $filetype['type'],
- 'post_title' => preg_replace( '/\.[^.]+$/', '', basename( $filename ) ),
- 'post_content' => '',
- 'post_status' => 'inherit'
- );
- $attach_id = wp_insert_attachment( $attachment, $filename, $parent_post_id );
- require_once( ABSPATH . 'wp-admin/includes/image.php' );
- $attach_data = wp_generate_attachment_metadata( $attach_id, $filename );
- wp_update_attachment_metadata( $attach_id, $attach_data );
- set_post_thumbnail( $parent_post_id, $attach_id );
- $host = $_SERVER['HTTP_HOST'];
- $msg = returnme('msgc').'<a href="'.$host.'/dodaj-wpis/?email='.$email.'&hash='.$hash.'">Link</a>';
- mail($_POST['email'], 'Prosba o potwierdzenie wpisu', $msg, $headers); #potwierdzenie tymczasowe
- die(header("Location: index.php"));
- }else{
- echo "Podana strona internetowa zostala juz dodana";
- }
- }
- }
- /*function input_function($atts){
- $a = shortcode_atts( array(
- 'type' => '',
- 'name' => '',
- 'id' => '',
- 'placeholder' => ''
- ), $atts );
- return "<input id={$a['id']} type={$a['type']} name={$a['name']} placeholder={$a['placeholder']} >";
- }
- add_shortcode('input', 'input_function');
- function link_shortcode($atts, $content=null){
- $a = shortcode_atts(array(
- 'for' => 'label',
- ), $atts);
- return '<label for="'.esc_attr($a['for']).'">'.$content.'</label>';
- }
- add_shortcode('link', 'link_shortcode');*/
- function fields(){
- echo '
- <div class="DodajWpis"> <h1> Dodaj wpis </h1> </div>
- <form method="post" id="#form" action="" enctype="multipart/form-data">
- <label class="katalogLabelName" for="name">Nazwa</label>
- <input class="Input" id="name" type="text" style="width:50%;" name="nazwa" required>
- <label class="katalogLabelName" for="tytul">Tytul</label>
- <input class="Input" type="text" style="width:50%;" name="tytul">
- <label class="katalogLabelName" for="maincategory">Kategoria</label>
- <select name="maincategory" required>';
- $args = array('show_option_none' => 'No Category','hide_empty' => 0);
- $kategorie = get_categories( $args );
- foreach ( $kategorie as $category ) :
- echo '<option value="' . $category->term_id . '">' . $category->name . '</option>';
- endforeach;
- echo '</select>
- <label class="katalogLabelName" for="slowa_kluczowe">Slowa kluczowe (Limit to '.returnme('slowa_klucz_limit').')</label>
- <input class="Input" type="text" style="width:50%;" name="slowa_kluczowe" id="slowa_kluczowe" required>
- <label class="katalogLabelName" for="email">Adres e-mail</label>
- <input class="Input" type="email" style="width:50%;" name="email" id="email">
- <label class="katalogLabelName" for="website">Adres strony internetowej</label>
- <input class="Input" type="url" style="width:50%;" id="website" name="website" required>
- <label class="katalogLabelName" for="miasto">Miasto</label>
- <input class="Input" type="text" style="width:50%;" name="miasto" id="miato">
- <label class="katalogLabelName" for="kod_pocztowy" >Kod pocztowy</label>
- <input class="Input" type="number" style="width:50%;" name="kod_pocztowy" id="kod_pocztowy" required>
- <label class="katalogLabelName" for="Ulica">Ulica</label>
- <input class="Input" type="text" style="width:50%;" name="ulica" id="ulica" required>
- <label class="katalogLabelName" for="tel">Telefon</label>
- <input class="Input" type="number" style="width:50%;" name="telefon" id="tel" required>
- <label class="katalogLabelName" for="nip">NIP</label>
- <input class="Input" type="number" style="width:50%;" name="nip" id="nip" required>
- <input class="Wyslij" type="file" id="async-upload" name="html-upload" accept="image/png, image/jpeg" required >
- <br>
- <label class="katalogLabelName" for="textarea">Opis</label>
- <textarea id="textarea" style="width:50%;" name="opis" required></textarea>
- <input type="submit" value="wyslij" class="button">
- </form>
- ';
- }
- add_shortcode('form', 'fields');
- /*function get_shot( $website = '', $width = 150, $height = 80 ) {
- // Image found.
- if ( '' !== $website ) {
- $query_args = array(
- 'w' => intval( $width ),
- 'h' => intval( $height ),
- );
- return add_query_arg( $query_args, 'https://s0.wordpress.com/mshots/v1/' . rawurlencode( esc_url( $website ) ) );
- }
- return '';
- }
- function shortcode( $website, $content = '', $code = '' ) {
- // Get screenshot.
- $image_uri = $this->get_shot( $website, $width = 150, $height = 80 );
- if ( ! empty( $image_uri ) ) {
- ob_start();
- if ( ! empty( $content ) ) {
- echo '<div class="wp-caption" style="width:' . ( intval( $width ) + 10 ) . 'px;">';
- }
- ?><div class="browser-shot <?php echo esc_attr( $class ); ?>"><a href="<?php echo esc_url( $link ); ?>" <?php echo esc_html( $target ); ?>><img src="<?php echo esc_url( $image_uri ); ?>" alt="<?php echo esc_attr( $alt ); ?>" width="<?php echo intval( $width ); ?>" height="<?php echo intval( $height ); ?>" class="<?php echo esc_attr( $image_class ); ?>" /></a></div><?php
- if ( ! empty( $content ) ) {
- echo '<p class="wp-caption-text">' . esc_html( $content ) . '</p></div>';
- }
- return ob_get_clean();
- }
- return '';
- }*/
- function base_tag(){
- global $wpdb;
- $table_name = $wpdb->prefix . "katalog_wpisy"; //test
- $co = '';
- $co .= "<table> <tr><th>Nazwa</th><th>Slowa kluczowe</th><th>Tytul</th></tr>";
- foreach($wpdb->get_results("SELECT * FROM $table_name WHERE APRO=1") as $key => $row){
- $co .= '<tr><td>'.$row->Nazwa.'</td>';
- $co .= '<td>'.$row->slowa_klucz.'</td>';
- $co .= '<td>'.$row->Tytul.'</td></tr>';
- }
- $co .= "</table>";
- return $co;
- }
- add_shortcode('all', 'base_tag');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement