From d0b5a64a2901814e6cd7fe4aa2385fd68c63ec71 Mon Sep 17 00:00:00 2001 From: Leon Francis Shelhamer Date: Wed, 7 Mar 2018 12:21:05 -0500 Subject: [PATCH 1/3] Amend code to adhere to WordPress Coding Standards Signed-off-by: Leon Francis Shelhamer --- enable-media-replace.php | 156 ++++++++++--------- popup.php | 73 +++++---- upload.php | 325 +++++++++++++++++++-------------------- 3 files changed, 293 insertions(+), 261 deletions(-) diff --git a/enable-media-replace.php b/enable-media-replace.php index f9a4fe0..63e9801 100755 --- a/enable-media-replace.php +++ b/enable-media-replace.php @@ -1,41 +1,38 @@ * @copyright Måns Jonasson 13 sep 2010 - * @package wordpress + * @package WordPress * @subpackage enable-media-replace - * - */ + **/ -add_action('admin_init', 'enable_media_replace_init'); -add_action('admin_menu', 'emr_menu'); -add_filter('attachment_fields_to_edit', 'enable_media_replace', 10, 2); -add_filter('media_row_actions', 'add_media_action', 10, 2); +add_action( 'admin_init', 'enable_media_replace_init' ); +add_action( 'admin_menu', 'emr_menu' ); +add_filter( 'attachment_fields_to_edit', 'enable_media_replace', 10, 2 ); +add_filter( 'media_row_actions', 'add_media_action', 10, 2 ); -add_shortcode('file_modified', 'emr_get_modified_date'); +add_shortcode( 'file_modified', 'emr_get_modified_date' ); /** * Register this file in WordPress so we can call it with a ?page= GET var. * To suppress it in the menu we give it an empty menu title. */ function emr_menu() { - add_submenu_page(NULL, __("Replace media", "enable-media-replace"), '','upload_files', 'enable-media-replace/enable-media-replace', 'emr_options'); + add_submenu_page( null, esc_html__( 'Replace media', 'enable-media-replace' ), '', 'upload_files', 'enable-media-replace/enable-media-replace', 'emr_options' ); } /** @@ -48,20 +45,27 @@ function enable_media_replace_init() { /** * Add some new fields to the attachment edit panel. - * @param array form fields edit panel - * @return array form fields with enable-media-replace fields added + * + * @param array $form_fields form fields edit panel. + * @param object $post post object. + * @return array $form_fields form fields with enable-media-replace fields added. */ function enable_media_replace( $form_fields, $post ) { - $url = admin_url( "upload.php?page=enable-media-replace/enable-media-replace.php&action=media_replace&attachment_id=" . $post->ID); - $action = "media_replace"; - $editurl = wp_nonce_url( $url, $action ); + $url = admin_url( 'upload.php?page=enable-media-replace/enable-media-replace.php&action=media_replace&attachment_id=' . $post->ID ); + $action = 'media_replace'; + $editurl = wp_nonce_url( $url, $action ); - if (FORCE_SSL_ADMIN) { - $editurl = str_replace("http:", "https:", $editurl); + if ( FORCE_SSL_ADMIN ) { + $editurl = str_replace( 'http:', 'https:', $editurl ); } - $link = "href=\"$editurl\""; - $form_fields["enable-media-replace"] = array("label" => __("Replace media", "enable-media-replace"), "input" => "html", "html" => "

" . __("Upload a new file", "enable-media-replace") . "

", "helps" => __("To replace the current file, click the link and upload a replacement.", "enable-media-replace")); + $link = 'href="' . $editurl . '"'; + $form_fields['enable-media-replace'] = array( + 'label' => esc_html__( 'Replace media', 'enable-media-replace' ), + 'input' => 'html', + 'html' => '

' . esc_html__( 'Upload a new file', 'enable-media-replace' ) . '

', + 'helps' => esc_html__( 'To replace the current file, click the link and upload a replacement.', 'enable-media-replace' ), + ); return $form_fields; } @@ -73,17 +77,17 @@ function enable_media_replace( $form_fields, $post ) { */ function emr_options() { - if ( isset( $_GET['action'] ) && $_GET['action'] == 'media_replace' ) { - check_admin_referer( 'media_replace' ); // die if invalid or missing nonce - if ( array_key_exists("attachment_id", $_GET) && (int) $_GET["attachment_id"] > 0) { - include("popup.php"); + if ( isset( $_GET['action'] ) && $_GET['action'] === 'media_replace' ) { + check_admin_referer( 'media_replace' ); // die if invalid or missing nonce. + if ( array_key_exists( 'attachment_id', $_GET ) && (int) $_GET['attachment_id'] > 0 ) { + include 'popup.php'; } } - if ( isset( $_GET['action'] ) && $_GET['action'] == 'media_replace_upload' ) { - $plugin_url = str_replace("enable-media-replace.php", "", __FILE__); - check_admin_referer( 'media_replace_upload' ); // die if invalid or missing nonce - require_once($plugin_url . "upload.php"); + if ( isset( $_GET['action'] ) && $_GET['action'] === 'media_replace_upload' ) { + $plugin_url = str_replace( 'enable-media-replace.php', '', __FILE__ ); + check_admin_referer( 'media_replace_upload' ); // die if invalid or missing nonce. + require_once $plugin_url . 'upload.php'; } } @@ -91,69 +95,81 @@ function emr_options() { /** * Function called by filter 'media_row_actions' * Enables linking to EMR straight from the media library -*/ -function add_media_action( $actions, $post) { - $url = admin_url( "upload.php?page=enable-media-replace/enable-media-replace.php&action=media_replace&attachment_id=" . $post->ID); - $action = "media_replace"; - $editurl = wp_nonce_url( $url, $action ); - - if (FORCE_SSL_ADMIN) { - $editurl = str_replace("http:", "https:", $editurl); + * + * @param array $actions actions. + * @param object $post post object. + * @return array $actions All actions. + */ +function add_media_action( $actions, $post ) { + $url = admin_url( 'upload.php?page=enable-media-replace/enable-media-replace.php&action=media_replace&attachment_id=' . $post->ID ); + $action = 'media_replace'; + $editurl = wp_nonce_url( $url, $action ); + + if ( FORCE_SSL_ADMIN ) { + $editurl = str_replace( 'http:', 'https:', $editurl ); } - $link = "href=\"$editurl\""; + $link = 'href="' . $editurl . '"'; - $newaction['adddata'] = '' . __("Replace media", "enable-media-replace") . ''; - return array_merge($actions,$newaction); + $newaction['adddata'] = '' . esc_html__( 'Replace media', 'enable-media-replace' ) . ''; + return array_merge( $actions, $newaction ); } /** * Shorttag function to show the media file modification date/time. - * @param array shorttag attributes + * + * @param array $atts shorttag attributes. * @return string content / replacement shorttag */ -function emr_get_modified_date($atts) { - $id=0; - $format= ''; +function emr_get_modified_date( $atts ) { + $id = 0; + $format = ''; - extract(shortcode_atts(array( - 'id' => '', - 'format' => get_option('date_format') . " " . get_option('time_format'), - ), $atts)); + extract( shortcode_atts( array( + 'id' => '', + 'format' => get_option( 'date_format' ) . ' ' . get_option( 'time_format' ), + ), $atts ) ); - if ($id == '') return false; + if ( $id === '' ) { + return false; + } - // Get path to file - $current_file = get_attached_file($id); + // Get path to file. + $current_file = get_attached_file( $id ); if ( ! file_exists( $current_file ) ) { return false; } - // Get file modification time - $filetime = filemtime($current_file); + // Get file modification time. + $filetime = filemtime( $current_file ); if ( false !== $filetime ) { - // do date conversion + // Do date conversion. return date( $format, $filetime ); } return false; } -// Add Last replaced by EMR plugin in the media edit screen metabox - Thanks Jonas Lundman (http://wordpress.org/support/topic/add-filter-hook-suggestion-to) + +/** + * Add Last replaced by EMR plugin in the media edit screen metabox - Thanks Jonas Lundman (http://wordpress.org/support/topic/add-filter-hook-suggestion-to). + */ function ua_admin_date_replaced_media_on_edit_media_screen() { - if( !function_exists( 'enable_media_replace' ) ) return; + if ( ! function_exists( 'enable_media_replace' ) ) { + return; + } global $post; - $id = $post->ID; - $shortcode = "[file_modified id=$id]"; + $id = $post->ID; + $shortcode = '[file_modified id=' . $id . ']'; - $file_modified_time = do_shortcode($shortcode); + $file_modified_time = do_shortcode( $shortcode ); if ( ! $file_modified_time ) { return; } ?>
- : + :
* @copyright Måns Jonasson 13 sep 2010 * @version $Revision: 2303 $ | $Date: 2010-09-13 11:12:35 +0200 (ma, 13 sep 2010) $ - * @package wordpress + * @package WordPress * @subpackage enable-media-replace - * */ -if (!current_user_can('upload_files')) - wp_die(__('You do not have permission to upload files.', 'enable-media-replace')); +if ( ! current_user_can( 'upload_files' ) ) { + wp_die( esc_html__( 'You do not have permission to upload files.', 'enable-media-replace' ) ); +} global $wpdb; -$table_name = $wpdb->prefix . "posts"; +$table_name = $wpdb->prefix . 'posts'; -$sql = "SELECT guid, post_mime_type FROM $table_name WHERE ID = " . (int) $_GET["attachment_id"]; +$sql = "SELECT guid, post_mime_type FROM $table_name WHERE ID = " . (int) $_GET['attachment_id']; -list($current_filename, $current_filetype) = $wpdb->get_row($sql, ARRAY_N); +list( $current_filename, $current_filetype ) = $wpdb->get_row( $sql, ARRAY_N ); -$current_filename = substr($current_filename, (strrpos($current_filename, "/") + 1)); +$current_filename = substr( $current_filename, ( strrpos( $current_filename, '/' ) + 1 ) ); ?>
-

+

-
+ - " /> -

- -

+ +
+

+ +

+
+ +

-

+

- -

+ +

+ +

- -

-

+ +

+ +

+

- " /> +
diff --git a/upload.php b/upload.php index c965771..2ebaa9c 100755 --- a/upload.php +++ b/upload.php @@ -1,78 +1,80 @@ + * @copyright Måns Jonasson 13 sep 2010 + * @version $Revision: 2303 $ | $Date: 2010-09-13 11:12:35 +0200 (ma, 13 sep 2010) $ + * @package WordPress + * @subpackage enable-media-replace + */ -// Define DB table names +if ( ! current_user_can( 'upload_files' ) ) { + wp_die( esc_html__( 'You do not have permission to upload files.', 'enable-media-replace' ) ); +} + +// Define DB table names. global $wpdb; -$table_name = $wpdb->prefix . "posts"; -$postmeta_table_name = $wpdb->prefix . "postmeta"; +$table_name = $wpdb->prefix . 'posts'; +$postmeta_table_name = $wpdb->prefix . 'postmeta'; /** * Delete a media file and its thumbnails. * - * @param string $current_file - * @param array|null $metadta + * @param string $current_file The current file. + * @param array|null $metadata The metadate fo the current file. */ function emr_delete_current_files( $current_file, $metadata = null ) { - // Delete old file + // Delete old file. - // Find path of current file - $current_path = substr($current_file, 0, (strrpos($current_file, "/"))); + // Find path of current file. + $current_path = substr( $current_file, 0, ( strrpos( $current_file, '/' ) ) ); - // Check if old file exists first - if (file_exists($current_file)) { - // Now check for correct file permissions for old file + // Check if old file exists first. + if ( file_exists( $current_file ) ) { + // Now check for correct file permissions for old file. clearstatcache(); - if (is_writable(dirname($current_file))) { - // Everything OK; delete the file - unlink($current_file); - } - else { + if ( is_writable( dirname( $current_file ) ) ) { + // Everything OK; delete the file. + unlink( $current_file ); + } else { // File exists, but has wrong permissions. Let the user know. - printf(__('The file %1$s can not be deleted by the web server, most likely because the permissions on the file are wrong.', "enable-media-replace"), $current_file); + printf( esc_html__( 'The file %1$s can not be deleted by the web server, most likely because the permissions on the file are wrong.', 'enable-media-replace' ), esc_html( $current_file ) ); exit; } } - // Delete old resized versions if this was an image - $suffix = substr($current_file, (strlen($current_file)-4)); - $prefix = substr($current_file, 0, (strlen($current_file)-4)); - $imgAr = array(".png", ".gif", ".jpg"); - if (in_array($suffix, $imgAr)) { - // It's a png/gif/jpg based on file name - // Get thumbnail filenames from metadata + // Delete old resized versions if this was an image. + $suffix = substr( $current_file, ( strlen( $current_file ) - 4 ) ); + $img_ar = array( '.png', '.gif', '.jpg' ); + if ( in_array( $suffix, $img_ar, true ) ) { + // It's a png/gif/jpg based on file name. + // Get thumbnail filenames from metadata. if ( empty( $metadata ) ) { - $metadata = wp_get_attachment_metadata( $_POST["ID"] ); + $metadata = wp_get_attachment_metadata( $_POST['ID'] ); } - if (is_array($metadata)) { // Added fix for error messages when there is no metadata (but WHY would there not be? I don't know…) - foreach($metadata["sizes"] AS $thissize) { - // Get all filenames and do an unlink() on each one; - $thisfile = $thissize["file"]; - // Create array with all old sizes for replacing in posts later - $oldfilesAr[] = $thisfile; - // Look for files and delete them - if (strlen($thisfile)) { - $thisfile = $current_path . "/" . $thissize["file"]; - if (file_exists($thisfile)) { - unlink($thisfile); + if ( is_array( $metadata ) ) { // Added fix for error messages when there is no metadata (but WHY would there not be? I don't know…). + foreach ( $metadata['sizes'] as $thissize ) { + // Get all filenames and do an unlink() on each one;. + $thisfile = $thissize['file']; + // Look for files and delete them. + if ( strlen( $thisfile ) ) { + $thisfile = $current_path . '/' . $thissize['file']; + if ( file_exists( $thisfile ) ) { + unlink( $thisfile ); } } } } - // Old (brutal) method, left here for now - //$mask = $prefix . "-*x*" . $suffix; - //array_map( "unlink", glob( $mask ) ); } - } /** * Maybe remove query string from URL. * - * @param string $url - * - * @return string + * @param string $url The url with the query string. + * @return string $url The url without the query string. */ function emr_maybe_remove_query_string( $url ) { $parts = explode( '?', $url ); @@ -83,9 +85,8 @@ function emr_maybe_remove_query_string( $url ) { /** * Remove scheme from URL. * - * @param string $url - * - * @return string + * @param string $url The url with the scheme. + * @return string $url The url without the scheme. */ function emr_remove_scheme( $url ) { return preg_replace( '/^(?:http|https):/', '', $url ); @@ -94,17 +95,16 @@ function emr_remove_scheme( $url ) { /** * Remove size from filename (image[-100x100].jpeg). * - * @param string $url - * @param bool $remove_extension - * - * @return string + * @param string $url The url with the file size. + * @param boolean $remove_extension Whether or not to remove the extension. + * @return string $url The url without the scheme. */ function emr_remove_size_from_filename( $url, $remove_extension = false ) { $url = preg_replace( '/^(\S+)-[0-9]{1,4}x[0-9]{1,4}(\.[a-zA-Z0-9\.]{2,})?/', '$1$2', $url ); if ( $remove_extension ) { $ext = pathinfo( $url, PATHINFO_EXTENSION ); - $url = str_replace( ".$ext", '', $url ); + $url = str_replace( '.' . $ext, '', $url ); } return $url; @@ -113,39 +113,42 @@ function emr_remove_size_from_filename( $url, $remove_extension = false ) { /** * Strip an image URL down to bare minimum for matching. * - * @param string $url - * - * @return string + * @param string $url The original url. + * @return string $url The stripped down url. */ -function emr_get_match_url($url) { - $url = emr_remove_scheme($url); - $url = emr_maybe_remove_query_string($url); - $url = emr_remove_size_from_filename($url, true); - $url = emr_remove_domain_from_filename($url); +function emr_get_match_url( $url ) { + $url = emr_remove_scheme( $url ); + $url = emr_maybe_remove_query_string( $url ); + $url = emr_remove_size_from_filename( $url, true ); + $url = emr_remove_domain_from_filename( $url ); return $url; } - -function emr_remove_domain_from_filename($url) { - // Holding place for possible future function - $url = str_replace(emr_remove_scheme(get_bloginfo('url')), '', $url); +/** + * Strip domain from file name. + * + * @param string $url The url with the domain. + * @return string $url The url without the domain. + */ +function emr_remove_domain_from_filename( $url ) { + // Holding place for possible future function. + $url = str_replace( emr_remove_scheme( get_bloginfo( 'url' ) ), '', $url ); return $url; - } +} /** * Build an array of search or replace URLs for given attachment GUID and its metadata. * - * @param string $guid - * @param array $metadata - * - * @return array + * @param string $guid The media's GUID. + * @param array $metadata The media's metadta. + * @return array $urls Array of URLs. */ function emr_get_file_urls( $guid, $metadata ) { $urls = array(); $guid = emr_remove_scheme( $guid ); - $guid= emr_remove_domain_from_filename($guid); + $guid = emr_remove_domain_from_filename( $guid ); $urls['guid'] = $guid; @@ -172,10 +175,9 @@ function emr_get_file_urls( $guid, $metadata ) { * Ensure new search URLs cover known sizes for old attachment. * Falls back to full URL if size not covered (srcset or width/height attributes should compensate). * - * @param array $old - * @param array $new - * - * @return array + * @param array $old Array of old file URLs. + * @param array $new Array of new file URLs. + * @return array $results Reuslts of comapring old and new sizes. */ function emr_normalize_file_urls( $old, $new ) { $result = array(); @@ -193,108 +195,104 @@ function emr_normalize_file_urls( $old, $new ) { return $result; } -// Get old guid and filetype from DB -$sql = "SELECT guid, post_mime_type FROM $table_name WHERE ID = '" . (int) $_POST["ID"] . "'"; -list($current_filename, $current_filetype) = $wpdb->get_row($sql, ARRAY_N); - -// Massage a bunch of vars -$current_guid = $current_filename; -$current_filename = substr($current_filename, (strrpos($current_filename, "/") + 1)); +// Get old guid and filetype from DB. +$sql = "SELECT guid, post_mime_type FROM $table_name WHERE ID = '" . (int) $_POST['ID'] . "'"; +list( $current_filename, $current_filetype) = $wpdb->get_row( $sql, ARRAY_N ); -$current_file = get_attached_file((int) $_POST["ID"], apply_filters( 'emr_unfiltered_get_attached_file', true )); -$current_path = substr($current_file, 0, (strrpos($current_file, "/"))); -$current_file = str_replace("//", "/", $current_file); -$current_filename = basename($current_file); -$current_metadata = wp_get_attachment_metadata( $_POST["ID"] ); +// Massage a bunch of vars. +$current_guid = $current_filename; +$current_filename = substr( $current_filename, ( strrpos( $current_filename, '/' ) + 1 ) ); -$replace_type = $_POST["replace_type"]; -// We have two types: replace / replace_and_search +$current_file = get_attached_file( (int) $_POST['ID'], apply_filters( 'emr_unfiltered_get_attached_file', true ) ); +$current_path = substr( $current_file, 0, ( strrpos( $current_file, '/' ) ) ); +$current_file = str_replace( '//', '/', $current_file ); +$current_filename = basename( $current_file ); +$current_metadata = wp_get_attachment_metadata( $_POST['ID'] ); -if (is_uploaded_file($_FILES["userfile"]["tmp_name"])) { +$replace_type = $_POST['replace_type']; +// We have two types: replace / replace_and_search. +if ( is_uploaded_file( $_FILES['userfile']['tmp_name'] ) ) { // New method for validating that the uploaded file is allowed, using WP:s internal wp_check_filetype_and_ext() function. - $filedata = wp_check_filetype_and_ext($_FILES["userfile"]["tmp_name"], $_FILES["userfile"]["name"]); + $filedata = wp_check_filetype_and_ext( $_FILES['userfile']['tmp_name'], $_FILES['userfile']['name'] ); - if ($filedata["ext"] == "") { - echo __("File type does not meet security guidelines. Try another.", 'enable-media-replace'); + if ( $filedata['ext'] === '' ) { + echo __( 'File type does not meet security guidelines. Try another.', 'enable-media-replace' ); exit; } - $new_filename = $_FILES["userfile"]["name"]; - $new_filesize = $_FILES["userfile"]["size"]; - $new_filetype = $filedata["type"]; + $new_filename = $_FILES['userfile']['name']; + $new_filesize = $_FILES['userfile']['size']; + $new_filetype = $filedata['type']; - // save original file permissions - $original_file_perms = fileperms($current_file) & 0777; + // Save original file permissions. + $original_file_perms = fileperms( $current_file ) & 0777; - if ($replace_type == "replace") { + if ( $replace_type === 'replace' ) { // Drop-in replace and we don't even care if you uploaded something that is the wrong file-type. // That's your own fault, because we warned you! - emr_delete_current_files( $current_file, $current_metadata ); - // Move new file to old location/name - move_uploaded_file($_FILES["userfile"]["tmp_name"], $current_file); + // Move new file to old location/name. + move_uploaded_file( $_FILES['userfile']['tmp_name'], $current_file ); - // Chmod new file to original file permissions - @chmod($current_file, $original_file_perms); + // Chmod new file to original file permissions. + @chmod( $current_file, $original_file_perms ); - // Make thumb and/or update metadata - wp_update_attachment_metadata( (int) $_POST["ID"], wp_generate_attachment_metadata( (int) $_POST["ID"], $current_file ) ); - - // Trigger possible updates on CDN and other plugins - update_attached_file( (int) $_POST["ID"], $current_file); - } elseif ( 'replace_and_search' == $replace_type && apply_filters( 'emr_enable_replace_and_search', true ) ) { - // Replace file, replace file name, update meta data, replace links pointing to old file name + // Make thumb and/or update metadata. + wp_update_attachment_metadata( (int) $_POST['ID'], wp_generate_attachment_metadata( (int) $_POST['ID'], $current_file ) ); + // Trigger possible updates on CDN and other plugins. + update_attached_file( (int) $_POST['ID'], $current_file ); + } elseif ( 'replace_and_search' === $replace_type && apply_filters( 'emr_enable_replace_and_search', true ) ) { + // Replace file, replace file name, update meta data, replace links pointing to old file name. emr_delete_current_files( $current_file, $current_metadata ); - // Massage new filename to adhere to WordPress standards + // Massage new filename to adhere to WordPress standards. $new_filename = wp_unique_filename( $current_path, $new_filename ); $new_filename = apply_filters( 'emr_unique_filename', $new_filename, $current_path, (int) $_POST['ID'] ); - // Move new file to old location, new name - $new_file = $current_path . "/" . $new_filename; - move_uploaded_file($_FILES["userfile"]["tmp_name"], $new_file); + // Move new file to old location, new name. + $new_file = $current_path . '/' . $new_filename; + move_uploaded_file( $_FILES['userfile']['tmp_name'], $new_file ); - // Chmod new file to original file permissions - @chmod($current_file, $original_file_perms); + // Chmod new file to original file permissions. + @chmod( $current_file, $original_file_perms ); - $new_filetitle = preg_replace('/\.[^.]+$/', '', basename($new_file)); - $new_filetitle = apply_filters( 'enable_media_replace_title', $new_filetitle ); // Thanks Jonas Lundman (http://wordpress.org/support/topic/add-filter-hook-suggestion-to) - $new_guid = str_replace($current_filename, $new_filename, $current_guid); + $new_filetitle = preg_replace( '/\.[^.]+$/', '', basename( $new_file ) ); + $new_filetitle = apply_filters( 'enable_media_replace_title', $new_filetitle ); // Thanks Jonas Lundman (http://wordpress.org/support/topic/add-filter-hook-suggestion-to). + $new_guid = str_replace( $current_filename, $new_filename, $current_guid ); - // Update database file name + // Update database file name. $sql = $wpdb->prepare( "UPDATE $table_name SET post_title = '$new_filetitle', post_name = '$new_filetitle', guid = '$new_guid', post_mime_type = '$new_filetype' WHERE ID = %d;", - (int) $_POST["ID"] + (int) $_POST['ID'] ); - $wpdb->query($sql); - - // Update the postmeta file name + $wpdb->query( $sql ); - // Get old postmeta _wp_attached_file + // Update the postmeta file name. + // Get old postmeta _wp_attached_file. $sql = $wpdb->prepare( "SELECT meta_value FROM $postmeta_table_name WHERE meta_key = '_wp_attached_file' AND post_id = %d;", - (int) $_POST["ID"] + (int) $_POST['ID'] ); - $old_meta_name = $wpdb->get_row($sql, ARRAY_A); - $old_meta_name = $old_meta_name["meta_value"]; + $old_meta_name = $wpdb->get_row( $sql, ARRAY_A ); + $old_meta_name = $old_meta_name['meta_value']; - // Make new postmeta _wp_attached_file - $new_meta_name = str_replace($current_filename, $new_filename, $old_meta_name); - $sql = $wpdb->prepare( + // Make new postmeta _wp_attached_file. + $new_meta_name = str_replace( $current_filename, $new_filename, $old_meta_name ); + $sql = $wpdb->prepare( "UPDATE $postmeta_table_name SET meta_value = '$new_meta_name' WHERE meta_key = '_wp_attached_file' AND post_id = %d;", - (int) $_POST["ID"] + (int) $_POST['ID'] ); - $wpdb->query($sql); + $wpdb->query( $sql ); - // Make thumb and/or update metadata - $new_metadata = wp_generate_attachment_metadata( (int) $_POST["ID"], $new_file ); - wp_update_attachment_metadata( (int) $_POST["ID"], $new_metadata ); + // Make thumb and/or update metadata. + $new_metadata = wp_generate_attachment_metadata( (int) $_POST['ID'], $new_file ); + wp_update_attachment_metadata( (int) $_POST['ID'], $new_metadata ); - // Search-and-replace filename in post database + // Search-and-replace filename in post database. $current_base_url = emr_get_match_url( $current_guid ); $sql = $wpdb->prepare( @@ -320,17 +318,17 @@ function emr_normalize_file_urls( $old, $new ) { $replace_urls = emr_normalize_file_urls( $search_urls, $replace_urls ); if ( ! empty( $content_rs ) ) { - foreach ( $content_rs AS $rows ) { + foreach ( $content_rs as $rows ) { - $number_of_updates = $number_of_updates + 1; + $number_of_updates++; // replace old URLs with new URLs. - $post_content = $rows["post_content"]; + $post_content = $rows['post_content']; $post_content = addslashes( str_replace( $search_urls, $replace_urls, $post_content ) ); $sql = $wpdb->prepare( "UPDATE $table_name SET post_content = '$post_content' WHERE ID = %d;", - $rows["ID"] + $rows['ID'] ); $wpdb->query( $sql ); @@ -339,11 +337,11 @@ function emr_normalize_file_urls( $old, $new ) { if ( ! empty( $meta_rs ) ) { - foreach ( $meta_rs AS $rows ) { - $number_of_updates = $number_of_updates + 1; + foreach ( $meta_rs as $rows ) { + $number_of_updates++; // replace old URLs with new URLs. - $meta_value = $rows["meta_value"]; + $meta_value = $rows['meta_value']; $meta_value = str_replace( $search_urls, $replace_urls, $meta_value ); // Fix string counts for serialized data. if ( is_serialized( $meta_value ) ) { @@ -357,37 +355,38 @@ function emr_normalize_file_urls( $old, $new ) { } $sql = $wpdb->prepare( "UPDATE $postmeta_table_name SET meta_value = '$meta_value' WHERE meta_id = %d;", - $rows["meta_id"] + $rows['meta_id'] ); $wpdb->query( $sql ); } } } - // Trigger possible updates on CDN and other plugins - update_attached_file( (int) $_POST["ID"], $new_file ); + // Trigger possible updates on CDN and other plugins. + update_attached_file( (int) $_POST['ID'], $new_file ); } - #echo "Updated: " . $number_of_updates; - - $returnurl = admin_url("/post.php?post={$_POST["ID"]}&action=edit&message=1"); + // echo "Updated: " . $number_of_updates;. + $returnurl = admin_url( '/post.php?post={$_POST["ID"]}&action=edit&message=1' ); // Execute hook actions - thanks rubious for the suggestion! - if (isset($new_guid)) { do_action("enable-media-replace-upload-done", $new_guid, $current_guid); } - + if ( isset( $new_guid ) ) { + // Action hooks should be written in snake case. Leaving old one for now for backwards compatibility. + do_action( 'enable_media_replace_upload_done', $new_guid, $current_guid ); + do_action( 'enable-media-replace-upload-done', $new_guid, $current_guid ); + } } else { - //TODO Better error handling when no file is selected. - //For now just go back to media management - $returnurl = admin_url("/wp-admin/upload.php"); + // TODO Better error handling when no file is selected. + // For now just go back to media management. + $returnurl = admin_url( '/wp-admin/upload.php' ); } -if (FORCE_SSL_ADMIN) { - $returnurl = str_replace("http:", "https:", $returnurl); +if ( FORCE_SSL_ADMIN ) { + $returnurl = str_replace( 'http:', 'https:', $returnurl ); } -// Allow developers to override $returnurl -$returnurl = apply_filters('emr_returnurl', $returnurl); +// Allow developers to override $returnurl. +$returnurl = apply_filters( 'emr_returnurl', $returnurl ); -//save redirection -wp_redirect($returnurl); -?> +// Save redirection. +wp_redirect( $returnurl ); From e7c9d82496bde789a809894a90def865c6805e3e Mon Sep 17 00:00:00 2001 From: Leon Francis Shelhamer Date: Thu, 8 Mar 2018 09:16:24 -0500 Subject: [PATCH 2/3] Fix post id variable reference. Signed-off-by: Leon Francis Shelhamer --- upload.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/upload.php b/upload.php index 2ebaa9c..3e7e9c2 100755 --- a/upload.php +++ b/upload.php @@ -367,7 +367,7 @@ function emr_normalize_file_urls( $old, $new ) { } // echo "Updated: " . $number_of_updates;. - $returnurl = admin_url( '/post.php?post={$_POST["ID"]}&action=edit&message=1' ); + $returnurl = admin_url( '/post.php?post=' . $_POST["ID"] . '&action=edit&message=1' ); // Execute hook actions - thanks rubious for the suggestion! if ( isset( $new_guid ) ) { @@ -389,4 +389,5 @@ function emr_normalize_file_urls( $old, $new ) { $returnurl = apply_filters( 'emr_returnurl', $returnurl ); // Save redirection. -wp_redirect( $returnurl ); +wp_safe_redirect( $returnurl ); +exit(); From 3d8f301f25feb46562a852b2b95092d081a50e64 Mon Sep 17 00:00:00 2001 From: Leon Francis Shelhamer Date: Thu, 8 Mar 2018 13:10:46 -0500 Subject: [PATCH 3/3] Allow access to the action hook on just replace Signed-off-by: Leon Francis Shelhamer --- upload.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/upload.php b/upload.php index 3e7e9c2..9fc94ab 100755 --- a/upload.php +++ b/upload.php @@ -224,7 +224,7 @@ function emr_normalize_file_urls( $old, $new ) { $new_filename = $_FILES['userfile']['name']; $new_filesize = $_FILES['userfile']['size']; $new_filetype = $filedata['type']; - + $new_guid = false; // Save original file permissions. $original_file_perms = fileperms( $current_file ) & 0777; @@ -370,11 +370,9 @@ function emr_normalize_file_urls( $old, $new ) { $returnurl = admin_url( '/post.php?post=' . $_POST["ID"] . '&action=edit&message=1' ); // Execute hook actions - thanks rubious for the suggestion! - if ( isset( $new_guid ) ) { - // Action hooks should be written in snake case. Leaving old one for now for backwards compatibility. - do_action( 'enable_media_replace_upload_done', $new_guid, $current_guid ); - do_action( 'enable-media-replace-upload-done', $new_guid, $current_guid ); - } + // Action hooks should be written in snake case. Leaving old one for now for backwards compatibility. + do_action( 'enable_media_replace_upload_done', $new_guid, $current_guid ); + do_action( 'enable-media-replace-upload-done', $new_guid, $current_guid ); } else { // TODO Better error handling when no file is selected. // For now just go back to media management.