/functions.php

  1. <?php 
  2.  
  3. /** 
  4.  * EXTENDED DIAGNOSTIC LOGGING - set value below from "0" to "1" to enable dx logging (or vice-versa). 
  5.  * Note: If the plugin is already activated, leave this alone and change the setting on the "Advanced" tab. 
  6.  * This option is intended only for logging installation and activation problems when the setting is not 
  7.  * available. 
  8.  *  
  9.  * The diagnostic log should be written to a temporary table in your wp database. 
  10.  *  
  11.  * When this is set to "1", logging will be attempted regardless of the setting. 
  12.  */ 
  13. @define( 'GDE_DX_LOGGING', 0 ); 
  14.  
  15. // set up environment 
  16. if ( ! defined( 'ABSPATH' ) ) {    exit; } 
  17. @define( 'GDE_PLUGIN_DIR', trailingslashit( plugin_dir_path( __FILE__ ) ) ); 
  18. @define( 'GDE_PLUGIN_URL', trailingslashit( plugin_dir_url( __FILE__ ) ) ); 
  19.  
  20. // external urls (help, beta API, etc.) 
  21. @define( 'GDE_STDOPT_URL', 'http://www.davistribe.org/gde/settings/viewer-options/' ); 
  22. @define( 'GDE_ENHOPT_URL', 'http://www.davistribe.org/gde/settings/enhanced-options/' ); 
  23. @define( 'GDE_PROOPT_URL', 'http://www.davistribe.org/gde/settings/viewer-profiles/' ); 
  24. @define( 'GDE_ADVOPT_URL', 'http://www.davistribe.org/gde/settings/advanced-options/' ); 
  25. @define( 'GDE_FORUM_URL', 'http://wordpress.org/support/plugin/google-document-embedder' ); 
  26. @define( 'GDE_WP_URL', 'http://wordpress.org/extend/plugins/google-document-embedder/' ); 
  27. @define( 'GDE_BETA_API', 'http://dev.davismetro.com/api/1.0/' ); 
  28.  
  29. /** 
  30.  * List supported extensions & MIME types 
  31.  * 
  32.  * @since   2.5.0.1 
  33.  * @return  array List of all supported extensions and their MIME types 
  34.  */ 
  35. function gde_supported_types() { 
  36.   global $gdetypes; 
  37.    
  38.   if ( is_array( $gdetypes ) ) { 
  39.       return $gdetypes; 
  40.   } else { 
  41.       $no_output = 1; 
  42.       include_once( GDE_PLUGIN_DIR . 'libs/lib-exts.php' ); 
  43.        
  44.       if ( isset( $types ) ) { 
  45.           return $types; 
  46.       } else { 
  47.           return false; 
  51.  
  52. /** 
  53.  * Get profile data 
  54.  * 
  55.  * @since   2.5.0.1 
  56.  * @return  array Array of profiles with their data, or a specific profile 
  57.  */ 
  58. function gde_get_profiles( $ident = '', $include_id = true, $include_desc = false ) { 
  59.   global $wpdb; 
  60.   $table = $wpdb->prefix . 'gde_profiles'; 
  61.    
  62.   if ( empty( $ident ) ) { 
  63.       $where = "WHERE 1 = 1 ORDER BY profile_id ASC"; 
  64.   } elseif ( ! is_numeric( $ident ) ) { 
  65.       $where = "WHERE profile_name = '$ident'"; 
  66.   } else { 
  67.       $where = "WHERE profile_id = $ident"; 
  69.    
  70.   $profiles = $wpdb->get_results( "SELECT * FROM $table $where", ARRAY_A ); 
  71.    
  72.   if ( ! is_array( $profiles ) ) { 
  73.       gde_dx_log("Requested profile $ident not found"); 
  74.       return false; 
  75.   } elseif ( ! empty( $ident ) ) { 
  76.       // return specific profile data 
  77.       if ( isset( $profiles[0] ) ) { 
  78.           $data = unserialize($profiles[0]['profile_data']); 
  79.           if ( $include_id ) { 
  80.               $data['profile_id'] = $profiles[0]['profile_id']; 
  82.           if ( $include_desc ) { 
  83.               $data['profile_desc'] = $profiles[0]['profile_desc']; 
  85.            
  86.           $profiles = $data; 
  87.       } else { 
  88.           gde_dx_log("Requested profile $ident doesn't exist"); 
  89.           return false; 
  92.    
  93.   return $profiles; 
  95.  
  96. /** 
  97.  * Test for valid shortcode syntax, other file errors 
  98.  * 
  99.  * @return  string Error message (if any) 
  100.  */ 
  101. function gde_validate_file( $file = NULL, $force ) { 
  102.    
  103.   // error messages 
  104.   $nofile = __('File not specified, check shortcode syntax', 'gde'); 
  105.   $badlink = __('Requested URL is invalid', 'gde'); 
  106.   $badtype = __('Unsupported File Type', 'gde') . " (%e)"; 
  107.   $notfound = __('Error retrieving file - if necessary turn off error checking', 'gde') . " (%e)"; 
  108.    
  109.   if ( ! $file ) { 
  110.       return $nofile; 
  112.    
  113.   $result = gde_valid_url( $file ); 
  114.   if ( $result === false ) { 
  115.       // validation skipped due to service failure 
  116.       return -1; 
  117.   } elseif ( $force == "1" || $force == "yes" ) { 
  118.       if ( is_array( $result ) ) { 
  119.           return $result; 
  120.       } else { 
  121.           // couldn't get file size due to service failure 
  122.           return -1; 
  124.   } elseif ( ! $result ) { 
  125.       // can't validate 
  126.       return -1; 
  127.   } else { 
  128.       if ( isset( $result['code'] ) && $result['code'] != 200 ) { 
  129.           if ( ! gde_valid_link( $file ) ) { 
  130.               return $badlink; 
  131.           } else { 
  132.               $err = $result['code'] . ":" . $result['message']; 
  133.               $notfound = str_replace( "%e", $err, $notfound ); 
  134.                
  135.               return $notfound; 
  137.       } else { 
  138.           if ( ! gde_valid_type( $file ) ) { 
  139.               $fn = basename( $file ); 
  140.               $fnp = gde_split_filename( $fn ); 
  141.               $type = $fnp[1]; 
  142.               $badtype = str_replace( "%e", $type, $badtype ); 
  143.                
  144.               return $badtype; 
  145.           } else { 
  146.               return $result; 
  151.  
  152. function gde_valid_link( $link ) { 
  153.  
  154.   $urlregex = '/^(([\w]+:)?\/\/)(([\d\w]|%[a-fA-f\d]{2, 2})+(:([\d\w]|%[a-fA-f\d]{2, 2})+)?@)?([\d\w][-\d\w]{0, 253}[\d\w]\.)+[\w]{2, 4}(:[\d]+)?(\/([-+_~.\d\w]|%[a-fA-f\d]{2, 2})*)*(\?(&?([-+_~.\d\w]|%[a-fA-f\d]{2, 2})=?)*)?(#([-+_~.\d\w]|%[a-fA-f\d]{2, 2})*)?$/i'; 
  155.  
  156.   if ( preg_match( $urlregex, $link ) ) { 
  157.       return true; 
  158.   } else { 
  159.       return false; 
  162.  
  163. function gde_valid_type( $link ) { 
  164.   global $gdetypes; 
  165.    
  166.   if ( is_array( $gdetypes ) ) { 
  167.       $supported_exts = implode( "|", array_keys( $gdetypes ) ); 
  168.        
  169.       if ( preg_match( "/\.($supported_exts)$/i", $link ) ) { 
  170.           return true; 
  172.   } else { 
  173.       return false; 
  176.  
  177. function gde_valid_url( $url, $method = "head", $stop = 0 ) { 
  178.  
  179.   if ( $method == "head" ) { 
  180.       $result = wp_remote_head( $url ); 
  181.   } elseif ( $stop == 0 ) { 
  182.       $stop++; 
  183.       $result = wp_remote_get( $url ); 
  184.   } else { 
  185.       gde_dx_log("can't get URL to test; skipping"); 
  186.       return false; 
  188.    
  189.   if ( is_array( $result ) ) { 
  190.       $code = $result['response']['code']; 
  191.       if ( ! empty( $code ) && ( $code == "301" || $code == "302" ) ) { 
  192.           // HEAD requests don't redirect. Probably a file/directory with spaces in it... 
  193.           return gde_valid_url( $url, 'get', $stop ); 
  194.       } else { 
  195.           // capture file size if determined 
  196.           if ( isset( $result['headers']['content-length'] ) ) { 
  197.               $result['response']['fsize'] = $result['headers']['content-length']; 
  198.           } else { 
  199.               $result['response']['fsize'] = ''; 
  201.           return $result['response']; 
  203.   } elseif ( is_wp_error( $result ) ) { 
  204.       // unable to get head 
  205.       $error = $result->get_error_message(); 
  206.       gde_dx_log("bypassing URL check; cant validate URL $url: $error"); 
  207.       return false; 
  208.   } else { 
  209.       gde_dx_log("cant determine URL validity; skipping"); 
  210.       return false; 
  213.  
  214. function gde_split_filename( $filename ) { 
  215.   $pos = strrpos( $filename, '.' ); 
  216.   if ( $pos === false ) { 
  217.       return array( $filename, '' ); // no extension (dot is not found in the filename) 
  218.   } else { 
  219.       $basename = substr( $filename, 0, $pos ); 
  220.       $ext = substr( $filename, $pos + 1 ); 
  221.       return array( $basename, $ext ); 
  224.  
  225. function gde_format_bytes( $bytes, $precision = 2 ) { 
  226.   if ( ! is_numeric( $bytes ) || $bytes < 1 ) { 
  227.       return __('Unknown', 'gde'); 
  228.   } else { 
  229.       $units = array( 'B', 'KB', __('MB', 'gde'), 'GB', 'TB' ); 
  230.        
  231.       $bytes = max( $bytes, 0 ); 
  232.       $pow = floor( ( $bytes ? log( $bytes ) : 0 ) / log( 1024 ) ); 
  233.       $pow = min( $pow, count( $units ) - 1 ); 
  234.        
  235.       $bytes /= pow( 1024, $pow ); 
  236.        
  237.       if ( $units[$pow] == "KB" ) { 
  238.           // less precision for small file sizes 
  239.           return round( $bytes ) . "KB"; 
  240.       } else { 
  241.           return round( $bytes, $precision ) . $units[$pow]; 
  245.  
  246. /** 
  247.  * Sanitize dimensions (width, height) 
  248.  * 
  249.  * @since   2.5.0.1 
  250.  * @return  string Sanitized dimensions, or false if value is invalid 
  251.  * @note    Replaces old gde_sanitizeOpts function 
  252.  */ 
  253. function gde_sanitize_dims( $dim ) { 
  254.   // remove any spacing junk 
  255.   $dim = trim( str_replace( " ", "", $dim ) ); 
  256.    
  257.   if ( ! strstr( $dim, '%' ) ) { 
  258.       $type = "px"; 
  259.       $dim = preg_replace( "/[^0-9]*/", '', $dim ); 
  260.   } else { 
  261.       $type = "%"; 
  262.       $dim = preg_replace( "/[^0-9]*/", '', $dim ); 
  263.       if ( (int) $dim > 100 ) { 
  264.           $dim = "100"; 
  267.    
  268.   if ( $dim ) { 
  269.       return $dim.$type; 
  270.   } else { 
  271.       return false; 
  274.  
  275. /** 
  276.  * Shorten ("mask") the URL to the embedded file 
  277.  * 
  278.  * @since   2.5.0.1 
  279.  * @return  string Short url response from API call, or false on error 
  280.  */ 
  281. function gde_get_short_url( $u ) { 
  282.   $u = urlencode( $u ); 
  283.   $service[] = "http://tinyurl.com/api-create.php?url=" . $u; 
  284.   $service[] = "http://is.gd/create.php?format=simple&url=" . $u; 
  285.    
  286.   foreach ( $service as $url ) { 
  287.       $passed = false; 
  288.       $response = wp_remote_get( $url ); 
  289.       if ( is_wp_error( $response ) || empty ( $response['body'] ) ) { 
  290.           continue; 
  291.       } else { 
  292.           // check for rate limit exceeded or other error response 
  293.           if ( ! gde_valid_link( $response['body'] ) ) { 
  294.               continue; 
  295.           } else { 
  296.               $passed = true; 
  297.               break; 
  301.    
  302.   if ( $passed ) { 
  303.       return $response['body']; 
  304.   } else { 
  305.       // can't shorten - return original URL 
  306.       gde_dx_log("Shorten URL failed: " . urldecode( $u )); 
  307.       return urldecode( $u ); 
  310.  
  311. /** 
  312.  * Request secure URL to document 
  313.  * 
  314.  * @since   2.5.0.1 
  315.  * @return  string Secure URL, or false on error 
  316.  */ 
  317. function gde_get_secure_url( $u ) { 
  318.   require_once( GDE_PLUGIN_DIR . 'libs/lib-secure.php' ); 
  319.  
  320.   if ( ! $url = gde_make_secure_url( $u ) ) { 
  321.       return false; 
  322.   } else { 
  323.       return $url; 
  326.  
  327. /** 
  328.  * Check if settings allow a file to be privatized (downloads blocked) 
  329.  * 
  330.  * @since   2.5.0.2 
  331.  * @return  bool Whether or not the file can be blocked from download 
  332.  */ 
  333. function gde_is_blockable( $profile ) { 
  334.   if ( $profile['viewer'] == "standard" || $profile['link_show'] !== "none" ) { 
  335.       return false; 
  336.   } elseif ( ! strstr( $profile['tb_flags'], "n" ) && $profile['tb_fullscr'] == "default" ) { 
  337.       return false; 
  338.   } else { 
  339.       return true; 
  342.  
  343. /** 
  344.  * Google Analytics Integration 
  345.  * 
  346.  * @since   2.5.0.1 
  347.  * @return  string GA tracking event tag, or blank if disabled 
  348.  */ 
  349. function gde_ga_event( $file ) { 
  350.   global $gdeoptions; 
  351.    
  352.   if ( $gdeoptions['ga_enable'] == "no" ) { 
  353.       return ''; 
  354.   } elseif ( $gdeoptions['ga_enable'] == "compat" ) { 
  355.       $fnp = gde_split_filename( basename( $file ) ); 
  356.       $category = "'Download'"; // intentionally not translated (it wasn't a translated string in < 2.5) 
  357.       $action = "'" . strtoupper( $fnp[1] ) . "'"; 
  358.       $label = "this.href"; 
  359.   } else { 
  360.       $category = "'" . addslashes( $gdeoptions['ga_category'] ) . "'"; 
  361.       $action = "'" . __('Download', 'gde') . "'"; 
  362.       if ( $gdeoptions['ga_label'] == "url" ) { 
  363.           $label = "this.href"; 
  364.       } else { 
  365.           $label = "'" . basename( $file ) . "'"; 
  368.    
  369.   $str = "_gaq.push(['_trackEvent', ".$category.", ".$action.", ".$label."]);"; 
  370.   return " onClick=\"" . $str . "\""; 
  372.  
  373. /** 
  374.  * Get plugin data 
  375.  * 
  376.  * @since   2.4.0.1 
  377.  * @return  array Array of plugin data parsed from main plugin file 
  378.  */ 
  379. function gde_get_plugin_data() { 
  380.   $mainfile = 'gviewer.php'; 
  381.   $slug = 'google-document-embedder'; 
  382.    
  383.   if ( ! function_exists( 'get_plugin_data' ) ) { 
  384.       require_once( ABSPATH . '/wp-admin/includes/plugin.php' ); 
  386.   $plugin_data = get_plugin_data( GDE_PLUGIN_DIR . $mainfile ); 
  387.    
  388.   // add custom data (lowercase to avoid any future conflicts) 
  389.   $plugin_data['slug'] = $slug; 
  390.   $plugin_data['mainfile'] = $mainfile; 
  391.   $plugin_data['basename'] = $plugin_data['slug'] . "/" . $mainfile; 
  392.    
  393.   return $plugin_data; 
  395.  
  396. /** 
  397.  * GDE Extended Logging 
  398.  * 
  399.  * @since   2.5.0.1 
  400.  * @return  bool Whether or not log write was successful 
  401.  */ 
  402. function gde_dx_log( $text ) { 
  403.   global $gdeoptions, $wpdb; 
  404.    
  405.   if ( GDE_DX_LOGGING > 0 || ( isset( $gdeoptions['error_log'] ) && $gdeoptions['error_log'] == "yes" ) ) { 
  406.       // filter to trap any "unexpected output" to log 
  407.       add_action( 'activated_plugin', 'gde_save_error' ); 
  408.        
  409.       $table = $wpdb->base_prefix . 'gde_dx_log'; 
  410.        
  411.       // create/update table if necessary, then write to log 
  412.       if ( gde_dx_log_create() ) { 
  413.           // write to log 
  414.           $blogid = get_current_blog_id(); 
  415.           $text = date( "d-m-Y, H:i:s" ) . " - $text"; 
  416.            
  417.           if ( ! $wpdb->insert( 
  418.                   $table,  
  419.                   array( 
  420.                       'blogid' =>    $blogid,  
  421.                       'data' =>    $text 
  422.  ),  
  423.                   array( 
  424.                       '%d', '%s' 
  426.  ) ) { 
  427.               // couldn't write to db 
  428.               return false; 
  429.           } else { 
  430.               return true; 
  432.       } else { 
  433.           // can't create db table 
  434.           return false; 
  436.   } else { 
  437.       // logging disabled 
  438.       return false; 
  441.  
  442. /** 
  443.  * Create/update database table to store dx log 
  444.  * 
  445.  * @since   2.5.2.1 
  446.  * @return  bool Whether or not table creation/update was successful 
  447.  */ 
  448. function gde_dx_log_create() { 
  449.   global $wpdb, $gde_db_ver; 
  450.    
  451.   $table = $wpdb->base_prefix . 'gde_dx_log'; 
  452.   $db_ver_installed = get_site_option( 'gde_db_version', 0 ); 
  453.        
  454.   $sql = "CREATE TABLE " . $table . " ( 
  455.             id mediumint(9) UNSIGNED NOT NULL AUTO_INCREMENT,  
  456.             blogid smallint(5) UNSIGNED NOT NULL,  
  457.             data longtext NOT NULL,  
  458.             UNIQUE KEY (id) 
  459.  ) ENGINE=MyISAM  DEFAULT CHARSET=utf8; "; 
  460.    
  461.   if ( version_compare( $gde_db_ver, $db_ver_installed, ">" ) ) { 
  462.       // upgrade table if needed 
  463.       require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); 
  464.       dbDelta( $sql ); 
  465.   } elseif ( $wpdb->get_var( "SHOW TABLES LIKE '$table'" ) == $table ) { 
  466.       // table's OK 
  467.       return true; 
  468.   } else { 
  469.       // table doesn't exist, try to create 
  470.       require_once( ABSPATH . 'wp-admin/includes/upgrade.php' ); 
  471.       dbDelta( $sql ); 
  472.        
  473.       if ( $wpdb->get_var( "SHOW TABLES LIKE '$table'" ) == $table ) { 
  474.           // table's OK 
  475.           return true; 
  476.       } else { 
  477.           // can't create 
  478.           return false; 
  482.  
  483. /** 
  484.  * Capture activation errors ("unexpected output") to dx log 
  485.  * 
  486.  * @since   2.5.0.1 
  487.  * @return  void 
  488.  * @note    Writes any activation errors to log, when enabled 
  489.  */ 
  490. function gde_save_error() { 
  491.   $buffer = ob_get_contents(); 
  492.   if ( ! empty( $buffer ) ) { 
  493.       gde_dx_log('Activation Msg: '. $buffer ); 
  496.  
  497. function gde_show_error( $status ) { 
  498.   global $gdeoptions; 
  499.    
  500.   $error = "GDE " . __('Error', 'gde') . ": " . $status; 
  501.   if ( $gdeoptions['error_display'] == "no" ) { 
  502.       $code = "\n<!-- $error -->\n"; 
  503.   } else { 
  504.       $code = "\n".'<div class="gde-error">' . $error . "</div>\n"; 
  506.    
  507.   return $code; 
  509.  
  510. /** 
  511.  * Check health of database tables 
  512.  * 
  513.  * @since   2.5.0.3 
  514.  * @return  mixed 
  515.  * @note    Verbose text used in debug information 
  516.  */ 
  517. function gde_debug_tables( $table = array('gde_profiles', 'gde_secure'), $verbose = false ) { 
  518.   global $wpdb; 
  519.    
  520.   if ( is_array( $table ) ) { 
  521.       $ok = true; 
  522.       foreach ( $table as $t ) { 
  523.           $t = $wpdb->prefix . $t; 
  524.           if ( $wpdb->get_var( "SHOW TABLES LIKE '$t'" ) == $t ) { 
  525.               // table good 
  526.           } else { 
  527.               $ok = false; 
  528.               gde_dx_log($t . " table missing"); 
  529.               break; 
  532.   } else { 
  533.       $ok = true; 
  534.       $table = $wpdb->prefix . $table; 
  535.       if ( $wpdb->get_var( "SHOW TABLES LIKE '$table'" ) == $table ) { 
  536.           $s = "OK "; 
  537.           $c = $wpdb->get_var( "SELECT COUNT(*) FROM $table WHERE 1=1" ); 
  538.           $s = $s . "($c items)"; 
  539.       } else { 
  540.           $s = "NOT OK ($table missing)"; 
  541.           $ok = false; 
  544.    
  545.   if ( ! $verbose ) { 
  546.       return $ok; 
  547.   } else { 
  548.       return $s; 
  551.  
  552. ?> 
.