diff -r 53cff4b4a802 -r bde1974c263b web/wp-content/plugins/exec-php/includes/config_ui.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/web/wp-content/plugins/exec-php/includes/config_ui.php Wed Feb 03 15:37:20 2010 +0000 @@ -0,0 +1,217 @@ +m_cache =& $cache; + $this->m_script =& $script; + + $option =& $this->m_cache->get_option(); + $this->toggle_action($option->get_status()); + add_action('admin_menu', array(&$this, 'action_admin_menu')); + } + + // --------------------------------------------------------------------------- + // hooks + // --------------------------------------------------------------------------- + + function action_admin_menu() + { + if (current_user_can(ExecPhp_CAPABILITY_EDIT_PLUGINS)) + { + add_submenu_page('options-general.php', + __s('Exec-PHP Settings', ExecPhp_PLUGIN_ID), + __s('Exec-PHP', ExecPhp_PLUGIN_ID), + ExecPhp_CAPABILITY_EDIT_PLUGINS, __FILE__, + array(&$this, 'submenu_page_option_general')); + add_filter('plugin_action_links', array(&$this, 'filter_plugin_actions_links'), 10, 2); + } + } + + function filter_plugin_actions_links($links, $file) + { + if ($file == ExecPhp_HOMEDIR. '/exec-php.php') + { + $settings_link = $settings_link = '' . __('Settings') . ''; + array_unshift($links, $settings_link); + } + return $links; + } + + function action_admin_footer_plugin_version() + { + $option =& $this->m_cache->get_option(); + $heading = __s('Exec-PHP Error.', ExecPhp_PLUGIN_ID); + $text = __s('No necessary upgrade of the the Exec-PHP plugin could be performed. PHP code in your articles or widgets may be viewable to your blog readers. This is plugin version %1$s, previously there was version %2$s installed. Downgrading from a newer version to an older version of the plugin is not supported.', ExecPhp_PLUGIN_ID + , ExecPhp_VERSION, $option->get_version()); + $this->m_script->print_message($heading, $text); + } + + function action_admin_footer_unknown() + { + $option =& $this->m_cache->get_option(); + $heading = __s('Exec-PHP Error.', ExecPhp_PLUGIN_ID); + $text = __s('An unknown error (%s) occured during execution of the Exec-PHP plugin. PHP code in your articles or widgets may be viewable to your blog readers. This error should never happen if you use the plugin with a compatible WordPress version and installed it as described in the documentation.', ExecPhp_PLUGIN_ID + , $option->get_status()); + $this->m_script->print_message($heading, $text); + } + + function toggle_action($status) + { + if ($status == ExecPhp_STATUS_PLUGIN_VERSION_MISMATCH) + add_action('admin_footer', array(&$this, 'action_admin_footer_plugin_version')); + else + remove_action('admin_footer', array(&$this, 'action_admin_footer_plugin_version')); + + if ($status != ExecPhp_STATUS_OKAY + && $status != ExecPhp_STATUS_PLUGIN_VERSION_MISMATCH) + add_action('admin_footer', array(&$this, 'action_admin_footer_unknown')); + else + remove_action('admin_footer', array(&$this, 'action_admin_footer_unknown')); + } + + // --------------------------------------------------------------------------- + // interface + // --------------------------------------------------------------------------- + + function print_request_users($display_id, $feature, $title, $introduction) + { + global $wp_version; + if (version_compare($wp_version, '2.6.dev') >= 0) + // since WP 2.6 it comes with its own progress animation + $image_url = get_option('siteurl'). '/wp-admin/images/loading.gif'; + else + $image_url = ExecPhp_HOME_URL. '/images/progress.gif'; +?> +
+ + + + + +
+ +
+
+m_cache->get_option(); + if (isset($_POST[ExecPhp_ACTION_UPDATE_OPTIONS])) + { + check_admin_referer(ExecPhp_ACTION_UPDATE_OPTIONS); + $option->set_from_POST(); + $option->save(); + echo '

'. + __s('Settings saved.', ExecPhp_PLUGIN_ID) . "

\n"; + } + $this->toggle_action($option->get_status()); +?> +
+= 0) : ?> +

+ +

+

<?php ?> code in your posts, pages and text widgets. See the local documentation for further information. The latest version of the plugin, documentation and information can be found on the official plugin homepage.', ExecPhp_PLUGIN_ID, ExecPhp_HOME_URL. '/docs/'. __s('readme.html', ExecPhp_PLUGIN_ID)); ?>

+ += 0) : ?> +

+ +
= 0 && version_compare($wp_version, '2.6.dev') < 0) : ?> class="wp-2-5"> + + +
+ + + + + +
+ +
+
+ +

+ +

+
+ + +

+

+ +
= 0 && version_compare($wp_version, '2.6.dev') < 0) : ?> class="wp-2-5"> +print_request_users(ExecPhp_ID_INFO_SECURITY_HOLE, + ExecPhp_REQUEST_FEATURE_SECURITY_HOLE, + __s('Security Hole', ExecPhp_PLUGIN_ID), + __s('The following list shows which users have either or both of the "%1$s" or "%2$s" capability and are allowed to change others PHP code by having the "%3$s" capability but do not have the "%4$s" capability for themself. This is a security hole, because the listed users can write and execute PHP code in articles of other users although they are not supposed to execute PHP code at all.', ExecPhp_PLUGIN_ID, ExecPhp_CAPABILITY_EDIT_OTHERS_POSTS, ExecPhp_CAPABILITY_EDIT_OTHERS_PAGES, ExecPhp_CAPABILITY_EDIT_OTHERS_PHP, ExecPhp_CAPABILITY_EXECUTE_ARTICLES)); ?> + += 0) : ?> +print_request_users(ExecPhp_ID_INFO_WIDGETS, + ExecPhp_REQUEST_FEATURE_WIDGETS, + __s('Executing PHP Code in Text Widgets', ExecPhp_PLUGIN_ID), + __s('The following list shows which users have the "%s" capability and therefore are allowed to write and execute PHP code in text widgets. In case you have deselected the option "Execute PHP code in text widgets" from above, this list will appear empty.', ExecPhp_PLUGIN_ID, ExecPhp_CAPABILITY_EXECUTE_WIDGETS)); ?> + + +print_request_users(ExecPhp_ID_INFO_EXECUTE_ARTICLES, + ExecPhp_REQUEST_FEATURE_EXECUTE_ARTICLES, + __s('Executing PHP Code in Articles', ExecPhp_PLUGIN_ID), + __s('The following list shows which users have the "%s" capability and therefore are allowed to execute PHP code in articles.', ExecPhp_PLUGIN_ID, ExecPhp_CAPABILITY_EXECUTE_ARTICLES)); ?> +
+
+ \ No newline at end of file