/gviewer.php

  1. <?php 
  2.  
  3. /** 
  4. Plugin Name: Google Doc Embedder 
  5. Plugin URI: https://wordpress.org/plugins/google-document-embedder/ 
  6. Description: Lets you embed PDF, MS Office, TIFF, and many other file types in a web page using the Google Docs Viewer (no Flash or PDF browser plug-ins required). 
  7. Author: Kevin Davis, Dan Lester 
  8. Author URI: https://wordpress.org/plugins/google-document-embedder/ 
  9. Text Domain: google-document-embedder 
  10. Domain Path: /languages/ 
  11. Version: 2.6.1 
  12. License: GPLv2 
  13. */ 
  14.  
  15. /** 
  16. * LICENSE 
  17. * This file is part of Google Doc Embedder. 
  18. * 
  19. * Google Doc Embedder is free software; you can redistribute it and/or 
  20. * modify it under the terms of the GNU General Public License 
  21. * as published by the Free Software Foundation; either version 2 
  22. * of the License, or (at your option) any later version. 
  23. * 
  24. * This program is distributed in the hope that it will be useful,  
  25. * but WITHOUT ANY WARRANTY; without even the implied warranty of 
  26. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
  27. * GNU General Public License for more details. 
  28. * 
  29. * You should have received a copy of the GNU General Public License 
  30. * along with this program; if not, write to the Free Software 
  31. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 
  32. * 
  33. * @package google-document-embedder 
  34. * @author Kevin Davis <wpp@tnw.org> 
  35. * @copyright Copyright 2014 Kevin Davis 
  36. * @license http://www.gnu.org/licenses/gpl.txt GPL 2.0 
  37. * @link https://wordpress.org/plugins/google-document-embedder/ 
  38. */ 
  39.  
  40. // boring init junk 
  41. $gde_ver = "2.6.1"; 
  42. $gde_db_ver = "1.2"; // update also in gde_activate() 
  43.  
  44. require_once( plugin_dir_path( __FILE__ ) . 'functions.php' ); 
  45. global $wp_version; 
  46.  
  47. $pdata = gde_get_plugin_data(); 
  48. $gdeoptions = get_option( 'gde_options' ); 
  49. $gdetypes = gde_supported_types();  
  50.  
  51. // check for db health 
  52. $healthy = gde_debug_tables(); 
  53.  
  54. // add admin functions only if needed 
  55. if ( is_admin() ) { require_once( GDE_PLUGIN_DIR . 'functions-admin.php' ); } 
  56.  
  57. // get global settings - not implemented in this release 
  58. /** 
  59. if ( is_multisite() ) { 
  60. $gdeglobals = get_site_option( 'gde_globals' ); 
  61. } 
  62. */ 
  63.  
  64. // activate plugin, allow clear dx log on deactivate 
  65. register_activation_hook( __FILE__, 'gde_activate' ); 
  66. register_deactivation_hook( __FILE__, 'gde_deactivate' ); 
  67.  
  68. // bring the magic 
  69. add_action( 'plugins_loaded', 'gde_load' ); 
  70. add_shortcode( 'gview', 'gde_do_shortcode' ); 
  71.  
  72. function gde_do_shortcode( $atts ) { 
  73. global $healthy, $gdeoptions; //$gdeglobals 
  74.  
  75. // check profile table health 
  76. if ( ! $healthy ) { 
  77. delete_option('gde_db_version'); 
  78. return gde_show_error( __('Unable to load profile settings', 'google-document-embedder') ); 
  79.  
  80. // handle global setting overrides - not active in this release 
  81. /** 
  82. if ($gdeglobals['enforce_viewer'] == "std") { 
  83. $gdeoptions['disable_proxy'] = "yes"; 
  84. } 
  85. if ($gdeglobals['enforce_lang']) { 
  86. $gdeoptions['default_lang'] = $gdeglobals['enforce_lang']; 
  87. } 
  88. */ 
  89.  
  90. extract( shortcode_atts( array ( 
  91. 'file' => '',  
  92. 'profile' => 1, // default profile is always ID 1 
  93. 'save' => '',  
  94. 'width' => '',  
  95. 'height' => '',  
  96. 'cache' => '' 
  97. //'title' => '', // not yet implemented 
  98. //'page' => '', // support broken in Google Viewer 
  99. ), $atts ) ); 
  100.  
  101. // get requested profile data (or default if doesn't exist) 
  102. $term = $profile; 
  103. if ( is_numeric( $term ) ) { 
  104. // id-based lookup 
  105. if ( ! $profile = gde_get_profiles( $term ) ) { 
  106. gde_dx_log("Loading default profile instead"); 
  107. if ( ! $profile = gde_get_profiles( 1 ) ) { 
  108. return gde_show_error( __('Unable to load requested profile.', 'google-document-embedder') ); 
  109. } else { 
  110. $pid = 1; 
  111. } else { 
  112. $pid = $term; 
  113. } else { 
  114. // name-based lookup 
  115. if ( ! $profile = gde_get_profiles( strtolower( $term ) ) ) { 
  116. gde_dx_log("Loading default profile instead"); 
  117. if ( ! $profile = gde_get_profiles( 1 ) ) { 
  118. return gde_show_error( __('Unable to load requested profile.', 'google-document-embedder') ); 
  119. } else { 
  120. $pid = 1; 
  121. } else { 
  122. $pid = $profile['profile_id']; 
  123.  
  124. // use profile defaults if shortcode override not defined 
  125. if ( $save !== "0" ) { 
  126. if ( empty( $save ) ) { 
  127. $save = $profile['link_show']; 
  128. if ( empty( $width ) ) { 
  129. $width = $profile['default_width']; 
  130. if ( empty( $height ) ) { 
  131. $height = $profile['default_height']; 
  132. if ( $cache !== "0" ) { 
  133. if ( empty( $cache ) ) { 
  134. $cache = $profile['cache']; 
  135. //if ( $profile['language'] !== "en_US" ) { 
  136. $lang = $profile['language']; 
  137. //} 
  138.  
  139. // tweak the dimensions if necessary 
  140. $width = gde_sanitize_dims( $width ); 
  141. $height = gde_sanitize_dims( $height ); 
  142.  
  143. // add base url if needed 
  144. if ( ! preg_match( "/^http/i", $file ) ) { 
  145. if ( substr( $file, 0, 2 ) == "//" ) { 
  146. // append dynamic protocol 
  147. if ( ! empty( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ) { 
  148. $file = "https:" . $file; 
  149. } else { 
  150. $file = "http:" . $file; 
  151. } elseif ( isset( $profile['base_url'] ) ) { 
  152. // not a full link, add base URL if available 
  153. if ( substr( $file, 0, 1 ) == "/" ) { 
  154. // remove any preceding slash from doc (base URL adds it) 
  155. $file = ltrim( $file, '/' ); 
  156. $file = $profile['base_url'] . $file; 
  157.  
  158. // capture file details 
  159. $fn = basename( $file ); 
  160. $fnp = gde_split_filename( $fn ); 
  161.  
  162. // check for missing required field 
  163. if ( ! $file ) { 
  164. return gde_show_error( __('File not specified, check shortcode syntax', 'google-document-embedder') ); 
  165.  
  166. // file validation 
  167. if ( $gdeoptions['error_check'] == "no" ) { 
  168. $force = true; 
  169. } else { 
  170. $force = false; 
  171. $status = gde_validate_file( str_replace( " ", "%20", $file ), $force ); 
  172.  
  173. if ( ! isset( $code ) && ! is_array( $status ) && $status !== -1 ) { 
  174. // validation failed 
  175. $code = gde_show_error( $status ); 
  176. } elseif ( ! isset( $code ) ) { 
  177. // validation passed or was skipped 
  178.  
  179. // check for max filesize 
  180. $viewer = true; 
  181. if ( $gdeoptions['file_maxsize'] > 0 && isset( $status['fsize'] ) ) { 
  182. $maxbytes = (int) $gdeoptions['file_maxsize'] * 1024 * 1024; 
  183. if ( $status['fsize'] > $maxbytes ) { 
  184. $viewer = false; 
  185.  
  186. // generate links (embed, download) 
  187. $links = array( $file, $file ); 
  188. if ( $profile['link_block'] == "yes" && gde_is_blockable( $profile ) ) { 
  189. if ( $secure = gde_get_secure_url( $file ) ) { 
  190. $links[0] = $secure; 
  191. } else { 
  192. $links[0] = ''; 
  193. $links[1] = ''; 
  194. } elseif ( $profile['link_show'] !== "none" ) { 
  195. if ( $profile['link_force'] == "yes" && $profile['link_mask'] == "no" ) { 
  196. $links[1] = GDE_PLUGIN_URL . "load.php?d=" . urlencode( $links[1] ); 
  197. } elseif ( $profile['link_force'] == "no" && $profile['link_mask'] == "yes" ) { 
  198. $short = gde_get_short_url( $links[0] ); 
  199. $links[0] = $short; 
  200. $links[1] = $short; 
  201. } elseif ( $profile['link_force'] == "yes" && $profile['link_mask'] == "yes" ) { 
  202. $short = gde_get_short_url( GDE_PLUGIN_URL . "load.php?d=" . urlencode( $links[0] ) ); 
  203. $links[0] = $short; 
  204. $links[1] = $short; 
  205.  
  206. // obfuscate filename if cache disabled (globally or via shortcode) 
  207. // note that this is ignored if the document is secure to prevent each hit from generating a new db row 
  208. if ( ! empty( $links[1] ) && ( $cache == "off" || $cache == "0" ) ) { 
  209. $links[0] .= "?" . time(); 
  210.  
  211. // check for failed secure doc 
  212. if ( empty( $links[0] ) && empty( $links[1] ) ) { 
  213. $code = gde_show_error( __('Unable to secure document', 'google-document-embedder') ); 
  214. } else { 
  215.  
  216. // which viewer? 
  217. //if ( $profile['viewer'] == "enhanced" ) { 
  218. // $lnk = GDE_PLUGIN_URL . "view.php?url=" . urlencode( $links[0] ) . "&hl=" . $lang . "&gpid=" . $pid; 
  219. // make protocol-agnostic 
  220. // $lnk = preg_replace( '/^https?:/i', '', $lnk ); 
  221. //} else { 
  222. $lnk = "//docs.google.com/viewer?url=" . urlencode( $links[0] ) . "&hl=" . $lang; 
  223. //} 
  224.  
  225. // what mode? 
  226. //if ( $profile['tb_mobile'] == "always" ) { 
  227. // $lnk .= "&mobile=true"; 
  228. //} else { 
  229. $lnk .= "&embedded=true"; 
  230. //} 
  231.  
  232. // build viewer 
  233. if ( $viewer == false ) { 
  234. // exceeds max filesize 
  235. $vwr = ''; 
  236. } else { 
  237. $vwr = '<iframe src="%U%" class="gde-frame" style="width:%W%; height:%H%; border: none;"%ATTRS%></iframe>'; 
  238. $vwr = str_replace("%U%", $lnk, $vwr); 
  239. $vwr = str_replace("%W%", $width, $vwr); 
  240. $vwr = str_replace("%H%", $height, $vwr); 
  241.  
  242. // frame attributes 
  243. $vattr[] = ' scrolling="no"'; // iphone scrolling bug 
  244. //if ( ! empty( $page ) && is_numeric( $page ) ) { // selected starting page 
  245. // $page = (int) $page - 1; 
  246. // $vattr[] = ' onload="javascript:this.contentWindow.location.hash=\':0.page.' . $page . '\';"'; 
  247. //} 
  248. $vwr = str_replace( "%ATTRS%", implode( '', $vattr ), $vwr ); 
  249.  
  250. // show download link? 
  251. $allow_save = false; 
  252. if ( ! empty( $links[1] ) ) { // link empty = secure document; ignore any other save attribute 
  253. if ( $save == "all" || $save == "1" ) { 
  254. $allow_save = true; 
  255. } elseif ( $save == "users" && is_user_logged_in() ) { 
  256. $allow_save = true; 
  257.  
  258. if ( $allow_save ) { 
  259. // build download link 
  260. $linkcode = '<p class="gde-text"><a href="%LINK%" class="gde-link"%ATTRS%>%TXT%</a></p>'; 
  261. $linkcode = str_replace( "%LINK%", $links[1], $linkcode ); 
  262.  
  263. // fix type 
  264. $ftype = strtoupper( $fnp[1] ); 
  265. if ( $ftype == "TIF" ) {  
  266. $ftype = "TIFF"; 
  267.  
  268. // link attributes 
  269. if ( $profile['link_mask'] == "yes" ) { 
  270. $attr[] = ' rel="nofollow"'; 
  271. $attr[] = gde_ga_event( $file ); // GA integration 
  272. $linkcode = str_replace("%ATTRS%", implode( '', $attr ), $linkcode); 
  273.  
  274. // link text 
  275. if ( empty( $profile['link_text'] ) ) { 
  276. $profile['link_text'] = __('Download', 'google-document-embedder'); 
  277.  
  278. $dltext = str_replace( "%FILE", $fn, $profile['link_text'] ); 
  279. $dltext = str_replace( "%TYPE", $ftype, $dltext ); 
  280. $dltext = str_replace( "%SIZE", gde_format_bytes( $status['fsize'] ), $dltext ); 
  281.  
  282. $linkcode = str_replace( "%TXT%", $dltext, $linkcode ); 
  283. } else { 
  284. $linkcode = ''; 
  285.  
  286. // link position 
  287. if ( $profile['link_pos'] == "above" ) { 
  288. $code = $linkcode . "\n" . $vwr; 
  289. } else { 
  290. $code = $vwr . "\n" . $linkcode; 
  291.  
  292. return $code; 
  293.  
  294. if ( is_admin() ) { 
  295. // add quick settings link to plugin list 
  296. add_filter( "plugin_action_links_" . plugin_basename( __FILE__ ), 'gde_actlinks' ); 
  297.  
  298. // notify if currently using a beta 
  299. add_action( 'after_plugin_row', 'gde_warn_on_plugin_page' ); 
  300.  
  301. // editor integration 
  302. if ( ! isset( $gdeoptions['ed_disable'] ) || $gdeoptions['ed_disable'] == "no" ) { 
  303. // add quicktag 
  304. add_action( 'admin_print_scripts', 'gde_admin_print_scripts' ); 
  305.  
  306. // add tinymce button 
  307. add_action( 'admin_init', 'gde_mce_addbuttons' ); 
  308.  
  309. // extend media upload support to natively unsupported mime types 
  310. if ( $gdeoptions['ed_extend_upload'] == "yes" ) { 
  311. add_filter( 'upload_mimes', 'gde_upload_mimes' ); 
  312.  
  313. // embed shortcode instead of link from media library for supported types 
  314. add_filter( 'media_send_to_editor', 'gde_media_insert', 20, 3 ); 
  315.  
  316. // add local settings page 
  317. add_action( 'admin_menu', 'gde_option_page' ); 
  318.  
  319. //if ( is_multisite() ) { 
  320. // add global settings page 
  321. //add_action( 'network_admin_menu', 'gde_site_option_page' ); // not present in this release 
  322. //} 
  323.  
  324. /** 
  325. * Activate the plugin 
  326. * 
  327. * @since 0.2 
  328. * @return void 
  329. * @note This function must remain in this file 
  330. */ 
  331. function gde_activate( $network_wide ) { 
  332. // check for sufficient php version (minimum supports json_encode) 
  333. if ( ! ( phpversion() >= '5.2.0' ) ) { 
  334. wp_die( 'Your server is running PHP version ' . phpversion() . ' but this plugin requires at least 5.2.0' ); 
  335.  
  336. // set db schema version for this release - global not available here 
  337. $gde_db_ver = "1.2"; 
  338.  
  339. // check for network-wide activation (currently not supported) 
  340. if ( $network_wide ) { 
  341. wp_die("Network activation is not supported at this time. Please activate individually until an update is available."); 
  342.  
  343. require_once( plugin_dir_path( __FILE__ ) . 'libs/lib-setup.php' ); 
  344.  
  345. // create/update profile db, if necessary 
  346. if ( gde_db_tables( $gde_db_ver ) ) { 
  347. gde_setup(); 
  348. } else { 
  349. gde_dx_log("Table creation failed; setup halted"); 
  350. wp_die( __("Setup wasn't able to create the required database tables.", 'google-document-embedder') ); 
  351.  
  352. /** 
  353. * Remove dx log on deactivation 
  354. * 
  355. * @since 2.5.2.1 
  356. * @return void 
  357. */ 
  358. function gde_deactivate() { 
  359. global $wpdb; 
  360.  
  361. $table = $wpdb->base_prefix . 'gde_dx_log'; 
  362. if ( is_multisite() ) { 
  363. $blogid = get_current_blog_id(); 
  364. $wpdb->query("DELETE FROM $table WHERE blogid = '$blogid'"); 
  365. } else { 
  366. $wpdb->query("DROP TABLE IF EXISTS $table"); 
  367.  
  368. /** 
  369. * Actions to perform when plugins have finished loading (before init) 
  370. * 
  371. * @since 2.5.2.1 
  372. * @return void 
  373. */ 
  374. function gde_load() { 
  375. // localization 
  376. load_plugin_textdomain( 'google-document-embedder', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' ); 
  377.  
  378. ?> 
.