From b6d29f3e49463cba19c226d27afc98825860c0db Mon Sep 17 00:00:00 2001 From: John Bintz Date: Mon, 22 Jun 2009 22:19:07 -0400 Subject: [PATCH] rearrange things and add nonces to pw widgets --- classes/PluginWonderful.php | 310 +++++++++++++++++++++++++++++++++++ plugin-wonderful.php | 307 +--------------------------------- test/PluginWonderfulTest.php | 44 +++++ 3 files changed, 357 insertions(+), 304 deletions(-) create mode 100644 classes/PluginWonderful.php create mode 100644 test/PluginWonderfulTest.php diff --git a/classes/PluginWonderful.php b/classes/PluginWonderful.php new file mode 100644 index 0000000..82953e0 --- /dev/null +++ b/classes/PluginWonderful.php @@ -0,0 +1,310 @@ +messages = array(); + $this->adboxes_client = new PWAdboxesClient(); + $this->publisher_info = false; + + if ($member_id = get_option('plugin-wonderful-memberid')) { + $this->publisher_info = $this->adboxes_client->get_ads($member_id); + + if ((get_option('plugin-wonderful-last-update') + PLUGIN_WONDERFUL_UPDATE_TIME) < time()) { + if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)get_option('plugin-wonderful-memberid')))) !== false) { + $this->publisher_info = new PublisherInfo(); + if ($this->publisher_info->parse($result)) { + $this->adboxes_client->post_ads($this->publisher_info); + update_option('plugin-wonderful-last-update', time()); + } + } + } + } + + $result = get_option('plugin-wonderful-database-version'); + if (empty($result) || ($result < PLUGIN_WONDERFUL_DATABASE_VERSION)) { + if ($this->adboxes_client->initialize(true)) { + update_option('plugin-wonderful-database-version', PLUGIN_WONDERFUL_DATABASE_VERSION); + } else { + $this->messages[] = "Unable to update database schema!"; + } + } + + $this->set_up_widgets(); + + if (!empty($_POST)) { $this->handle_action(); } + } + + function insert_rss_feed_ads($content) { + if (is_feed()) { + if ($this->publisher_info !== false) { + foreach ($this->publisher_info->adboxes as $adbox) { + if ($adbox->in_rss_feed == 1) { + if (preg_match("##mis", $adbox->advancedcode, $matches) > 0) { + echo $matches[1]; + } + } + } + } + } + return $content; + } + + function insert_activation_ad() { + $result = get_option('plugin-wonderful-activate-ad-code'); + if (!empty($result)) { echo $result; } + } + + function render_widget($options, $adboxid) { + if ($this->publisher_info !== false) { + foreach ($this->publisher_info->adboxes as $adbox) { + if (($adbox->adboxid == $adboxid) || ($adbox->template_tag_id == $adboxid)) { + if (get_option("plugin-wonderful-use-standardcode") == 1) { + $output = $adbox->standardcode; + } else { + $output = $adbox->advancedcode; + } + if ($adbox->center_widget == 1) { + $output = "
{$output}
"; + } + echo $output; + break; + } + } + } + } + + function inject_ads_into_body_copy($body) { + if ($this->publisher_info !== false) { + if (get_option("plugin-wonderful-enable-body-copy-embedding") == 1) { + return $this->publisher_info->inject_ads_into_body_copy($body, (get_option("plugin-wonderful-use-standardcode") == 1)); + } + } + return $body; + } + + function set_up_menu() { + add_options_page('Plugin Wonderful', __("Plugin Wonderful", 'plugin-wonderful'), 5, __FILE__, array($this, "plugin_wonderful_main")); + } + + function set_up_widgets() { + if ($this->publisher_info !== false) { + if (($widgets = $this->publisher_info->get_sidebar_widget_info()) !== false) { + foreach ($widgets as $widget_info) { + extract($widget_info); + wp_register_sidebar_widget($id, $name, array($this, 'render_widget'), "", $options['adboxid']); + register_widget_control($id, array($this, 'render_widget_control'), null, null, $options['adboxid']); + } + } + } + } + + function render_widget_control($adboxid) { + foreach ($this->publisher_info->adboxes as $box) { + if ($box->adboxid == $adboxid) { + echo ''; + echo ''; + break; + } + } + } + + function handle_activation() { + $this->adboxes_client->initialize(); + } + + function plugin_wonderful_main() { + $this->get_view(__FUNCTION__); + } + + function show_messages() { + if (count($this->messages) > 0) { + echo '
'; + foreach ($this->messages as $message) { echo '

' . $message . '

'; } + echo '
'; + } + } + + function _create_target($name, $source) { + return dirname(__FILE__) . "/../{$source}/{$name}.php"; + } + + function get_view($function_name) { + $target = $this->_create_target(str_replace('plugin_wonderful_', '', $function_name), "views"); + if (file_exists($target)) { + $info = get_plugin_data(realpath(__FILE__)); + + echo '
'; + echo '

'; + echo '

' . __("Plugin Wonderful", 'plugin-wonderful') . '

'; + + $this->show_messages(); + + include($target); + + echo '
'; + echo '
'; + echo sprintf(__('%1$s Version %2$s by %3$s', 'plugin-wonderful'), $info['Title'], $info['Version'], $info['Author']) . ' | '; + echo __('Manage your Project Wonderful publisher account', 'plugin-wonderful'); + echo '
'; + echo '
'; + echo '
'; + } else { + die(__("View not found: ", 'plugin-wonderful') . str_replace('plugin-wonderful_', '', $function_name)); + } + } + + function handle_action() { + $action = "handle_action_" . str_replace("-", "_", preg_replace('#[^a-z\-]#', '', strtolower($_POST['action']))); + if (method_exists($this, $action)) { call_user_func(array($this, $action)); } + + // handle widget updates + if (isset($_POST['pw']['_nonce'])) { + if (wp_verify_nonce($_POST['pw']['_nonce'], "plugin-wonderful")) { $this->handle_action_save_widgets(); } + } + } + + function handle_action_save_widgets() { + $new_boxes = array(); + foreach ($this->publisher_info->adboxes as $box) { + if (isset($_POST['pw']['center'][$box->adboxid])) { + $this->adboxes_client->set_widget_centering($box->adboxid, true); + $box->center_widget = "1"; + } else { + $this->adboxes_client->set_widget_centering($box->adboxid, false); + $box->center_widget = "0"; + } + $new_boxes[] = $box; + } + $this->publisher_info->adboxes = $new_boxes; + } + + function handle_action_change_adbox_settings() { + if ($member_id = get_option('plugin-wonderful-memberid')) { + if (isset($_POST['template_tag_id']) && is_array($_POST['template_tag_id'])) { + if (is_array($this->publisher_info->adboxes)) { + $new_boxes = array(); + foreach ($this->publisher_info->adboxes as $box) { + if (isset($_POST['template_tag_id'][$box->adboxid])) { + $tag = $_POST['template_tag_id'][$box->adboxid]; + $prior_value = $box->template_tag_id; + + $tag = $this->adboxes_client->trim_field('template_tag_id', $tag); + + $this->adboxes_client->set_template_tag($box->adboxid, $tag); + $box->template_tag_id = $tag; + + if (!empty($tag) && ($prior_value != $tag)) { + $this->messages[] = sprintf(__('Template tag identifier for ad %1$s set to %2$s.', 'plugin-wonderful'), $box->adboxid, $tag); + } else { + if (!empty($prior_value) && empty($tag)) { + $this->messages[] = sprintf(__('Template tag identifier for ad %s removed.', 'plugin-wonderful'), $box->adboxid); + } + } + } + $new_boxes[] = $box; + } + $this->publisher_info->adboxes = $new_boxes; + } + } + + if (is_array($this->publisher_info->adboxes)) { + $new_boxes = array(); + foreach ($this->publisher_info->adboxes as $box) { + if (isset($_POST['in_rss_feed'][$box->adboxid])) { + $this->adboxes_client->set_rss_feed_usage($box->adboxid, true); + if ($box->in_rss_feed == 0) { + $this->messages[] = sprintf(__('RSS feed usage for ad %1$s enabled.', 'plugin-wonderful'), $box->adboxid); + } + $box->in_rss_feed = "1"; + } else { + $this->adboxes_client->set_rss_feed_usage($box->adboxid, false); + if ($box->in_rss_feed == 1) { + $this->messages[] = sprintf(__('RSS feed usage for ad %1$s disabled.', 'plugin-wonderful'), $box->adboxid); + } + $box->in_rss_feed = "0"; + } + $new_boxes[] = $box; + } + $this->publisher_info->adboxes = $new_boxes; + } + } + + if (count($this->messages) == 0) { + $this->messages[] = __("No changes to adboxes were made.", 'plugin-wonderful'); + } + } + + function handle_action_rebuild_database() { + $this->adboxes_client->destroy(); + $this->adboxes_client->initialize(); + + $this->messages[] = __("Adbox database destroyed and rebuilt.", 'plugin-wonderful'); + + if (get_option('plugin-wonderful-memberid') != "") { + if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)get_option('plugin-wonderful-memberid')))) !== false) { + $this->publisher_info = new PublisherInfo(); + if ($this->publisher_info->parse($result)) { + $this->adboxes_client->post_ads($this->publisher_info); + $this->messages[] = sprintf(__('Adbox information redownloaded.', 'plugin-wonderful'), (int)$_POST['memberid']); + } else { + $this->messages[] = __("Unable to parse publisher data from Project Wonderful.", 'plugin-wonderful'); + $this->publisher_info = false; + } + } else { + $this->messages[] = __("Unable to read publisher data from Project Wonderful.", 'plugin-wonderful'); + $this->publisher_info = false; + } + } + } + + function handle_action_change_memberid() { + if (trim($_POST['memberid'])) { + if (trim($_POST['memberid']) === (string)(int)$_POST['memberid']) { + if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)$_POST['memberid']))) !== false) { + $this->publisher_info = new PublisherInfo(); + if ($this->publisher_info->parse($result)) { + update_option('plugin-wonderful-memberid', (int)$_POST['memberid']); + $this->adboxes_client->post_ads($this->publisher_info); + $this->messages[] = sprintf(__('Member number changed to %s and adbox information redownloaded.', 'plugin-wonderful'), (int)$_POST['memberid']); + } else { + $this->messages[] = __("Unable to parse publisher data from Project Wonderful.", 'plugin-wonderful'); + update_option('plugin-wonderful-memberid', ""); + $this->publisher_info = false; + } + } else { + $this->messages[] = __("Unable to read publisher data from Project Wonderful.", 'plugin-wonderful'); + update_option('plugin-wonderful-memberid', ""); + $this->publisher_info = false; + } + } else { + $this->messages[] = __("Member numbers need to be numeric.", 'plugin-wonderful'); + update_option('plugin-wonderful-memberid', ""); + $this->publisher_info = false; + } + } else { + $this->messages[] = __("Existing adbox information removed.", 'plugin-wonderful'); + update_option('plugin-wonderful-memberid', ""); + + $this->publisher_info = false; + } + + foreach (array('use-standardcode', 'enable-body-copy-embedding') as $field) { + update_option("plugin-wonderful-${field}", isset($_POST[$field]) ? "1" : "0"); + } + } +} + +function the_project_wonderful_ad($adboxid) { + global $plugin_wonderful; + + $plugin_wonderful->render_widget(array(), $adboxid); +} + +?> \ No newline at end of file diff --git a/plugin-wonderful.php b/plugin-wonderful.php index 43d5204..bf3687f 100644 --- a/plugin-wonderful.php +++ b/plugin-wonderful.php @@ -25,320 +25,19 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ -require_once('classes/PWAdboxesClient.php'); +foreach (glob(dirname(__FILE__) . '/classes/*.php') as $file) { require_once($file); } // require_once('FirePHPCore/fb.php'); define('PLUGIN_WONDERFUL_XML_URL', 'http://www.projectwonderful.com/xmlpublisherdata.php?publisher=%d'); define('PLUGIN_WONDERFUL_UPDATE_TIME', 60 * 60 * 12); // every 12 hours -class PluginWonderful { - var $messages, $adboxes_client, $publisher_info, $member_id; - - function PluginWonderful() { - $this->messages = array(); - $this->adboxes_client = new PWAdboxesClient(); - $this->publisher_info = false; - - if ($member_id = get_option('plugin-wonderful-memberid')) { - $this->publisher_info = $this->adboxes_client->get_ads($member_id); - - if ((get_option('plugin-wonderful-last-update') + PLUGIN_WONDERFUL_UPDATE_TIME) < time()) { - if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)get_option('plugin-wonderful-memberid')))) !== false) { - $this->publisher_info = new PublisherInfo(); - if ($this->publisher_info->parse($result)) { - $this->adboxes_client->post_ads($this->publisher_info); - update_option('plugin-wonderful-last-update', time()); - } - } - } - } - - $result = get_option('plugin-wonderful-database-version'); - if (empty($result) || ($result < PLUGIN_WONDERFUL_DATABASE_VERSION)) { - if ($this->adboxes_client->initialize(true)) { - update_option('plugin-wonderful-database-version', PLUGIN_WONDERFUL_DATABASE_VERSION); - } else { - $this->messages[] = "Unable to update database schema!"; - } - } - - if (!empty($_POST)) { $this->handle_action(); } - } - - function insert_rss_feed_ads($content) { - if (is_feed()) { - if ($this->publisher_info !== false) { - foreach ($this->publisher_info->adboxes as $adbox) { - if ($adbox->in_rss_feed == 1) { - if (preg_match("##mis", $adbox->advancedcode, $matches) > 0) { - echo $matches[1]; - } - } - } - } - } - return $content; - } - - function insert_activation_ad() { - $result = get_option('plugin-wonderful-activate-ad-code'); - if (!empty($result)) { echo $result; } - } - - function render_widget($options, $adboxid) { - if ($this->publisher_info !== false) { - foreach ($this->publisher_info->adboxes as $adbox) { - if (($adbox->adboxid == $adboxid) || ($adbox->template_tag_id == $adboxid)) { - if (get_option("plugin-wonderful-use-standardcode") == 1) { - $output = $adbox->standardcode; - } else { - $output = $adbox->advancedcode; - } - if ($adbox->center_widget == 1) { - $output = "
{$output}
"; - } - echo $output; - break; - } - } - } - } - - function inject_ads_into_body_copy($body) { - if ($this->publisher_info !== false) { - if (get_option("plugin-wonderful-enable-body-copy-embedding") == 1) { - return $this->publisher_info->inject_ads_into_body_copy($body, (get_option("plugin-wonderful-use-standardcode") == 1)); - } - } - return $body; - } - - function set_up_menu() { - add_options_page('Plugin Wonderful', __("Plugin Wonderful", 'plugin-wonderful'), 5, __FILE__, array($this, "plugin_wonderful_main")); - } - - function set_up_widgets() { - if ($this->publisher_info !== false) { - if (($widgets = $this->publisher_info->get_sidebar_widget_info()) !== false) { - foreach ($widgets as $widget_info) { - extract($widget_info); - wp_register_sidebar_widget($id, $name, array($this, 'render_widget'), "", $options['adboxid']); - register_widget_control($id, array($this, 'render_widget_control'), null, null, $options['adboxid']); - } - } - } - } - - function render_widget_control($adboxid) { - foreach ($this->publisher_info->adboxes as $box) { - if ($box->adboxid == $adboxid) { - echo ''; - break; - } - } - } - - function handle_activation() { - $this->adboxes_client->initialize(); - } - - function plugin_wonderful_main() { - $this->get_view(__FUNCTION__); - } - - function show_messages() { - if (count($this->messages) > 0) { - echo '
'; - foreach ($this->messages as $message) { echo '

' . $message . '

'; } - echo '
'; - } - } - - function _create_target($name, $source) { - return ABSPATH . PLUGINDIR . '/' . dirname(plugin_basename(__FILE__)) . "/{$source}/{$name}.php"; - } - - function get_view($function_name) { - $target = $this->_create_target(str_replace('plugin_wonderful_', '', $function_name), "views"); - if (file_exists($target)) { - - $info = get_plugin_data(realpath(__FILE__)); - - echo '
'; - echo '

'; - echo '

' . __("Plugin Wonderful", 'plugin-wonderful') . '

'; - - $this->show_messages(); - - include($target); - - echo '
'; - echo '
'; - echo sprintf(__('%1$s Version %2$s by %3$s', 'plugin-wonderful'), $info['Title'], $info['Version'], $info['Author']) . ' | '; - echo __('Manage your Project Wonderful publisher account', 'plugin-wonderful'); - echo '
'; - echo '
'; - echo '
'; - } else { - die(__("View not found: ", 'plugin-wonderful') . str_replace('plugin-wonderful_', '', $function_name)); - } - } - - function handle_action() { - $action = "handle_action_" . str_replace("-", "_", preg_replace('#[^a-z\-]#', '', strtolower($_POST['action']))); - if (method_exists($this, $action)) { call_user_func(array($this, $action)); } - - // handle widget updates - if (isset($_POST['save-widgets'])) { $this->handle_action_save_widgets(); } - } - - function handle_action_save_widgets() { - $new_boxes = array(); - foreach ($this->publisher_info->adboxes as $box) { - if (isset($_POST['pw']['center'][$box->adboxid])) { - $this->adboxes_client->set_widget_centering($box->adboxid, true); - $box->center_widget = "1"; - } else { - $this->adboxes_client->set_widget_centering($box->adboxid, false); - $box->center_widget = "0"; - } - $new_boxes[] = $box; - } - $this->publisher_info->adboxes = $new_boxes; - } - - function handle_action_change_adbox_settings() { - if ($member_id = get_option('plugin-wonderful-memberid')) { - if (isset($_POST['template_tag_id']) && is_array($_POST['template_tag_id'])) { - if (is_array($this->publisher_info->adboxes)) { - $new_boxes = array(); - foreach ($this->publisher_info->adboxes as $box) { - if (isset($_POST['template_tag_id'][$box->adboxid])) { - $tag = $_POST['template_tag_id'][$box->adboxid]; - $prior_value = $box->template_tag_id; - - $tag = $this->adboxes_client->trim_field('template_tag_id', $tag); - - $this->adboxes_client->set_template_tag($box->adboxid, $tag); - $box->template_tag_id = $tag; - - if (!empty($tag) && ($prior_value != $tag)) { - $this->messages[] = sprintf(__('Template tag identifier for ad %1$s set to %2$s.', 'plugin-wonderful'), $box->adboxid, $tag); - } else { - if (!empty($prior_value) && empty($tag)) { - $this->messages[] = sprintf(__('Template tag identifier for ad %s removed.', 'plugin-wonderful'), $box->adboxid); - } - } - } - $new_boxes[] = $box; - } - $this->publisher_info->adboxes = $new_boxes; - } - } - - if (is_array($this->publisher_info->adboxes)) { - $new_boxes = array(); - foreach ($this->publisher_info->adboxes as $box) { - if (isset($_POST['in_rss_feed'][$box->adboxid])) { - $this->adboxes_client->set_rss_feed_usage($box->adboxid, true); - if ($box->in_rss_feed == 0) { - $this->messages[] = sprintf(__('RSS feed usage for ad %1$s enabled.', 'plugin-wonderful'), $box->adboxid); - } - $box->in_rss_feed = "1"; - } else { - $this->adboxes_client->set_rss_feed_usage($box->adboxid, false); - if ($box->in_rss_feed == 1) { - $this->messages[] = sprintf(__('RSS feed usage for ad %1$s disabled.', 'plugin-wonderful'), $box->adboxid); - } - $box->in_rss_feed = "0"; - } - $new_boxes[] = $box; - } - $this->publisher_info->adboxes = $new_boxes; - } - } - - if (count($this->messages) == 0) { - $this->messages[] = __("No changes to adboxes were made.", 'plugin-wonderful'); - } - } - - function handle_action_rebuild_database() { - $this->adboxes_client->destroy(); - $this->adboxes_client->initialize(); - - $this->messages[] = __("Adbox database destroyed and rebuilt.", 'plugin-wonderful'); - - if (get_option('plugin-wonderful-memberid') != "") { - if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)get_option('plugin-wonderful-memberid')))) !== false) { - $this->publisher_info = new PublisherInfo(); - if ($this->publisher_info->parse($result)) { - $this->adboxes_client->post_ads($this->publisher_info); - $this->messages[] = sprintf(__('Adbox information redownloaded.', 'plugin-wonderful'), (int)$_POST['memberid']); - } else { - $this->messages[] = __("Unable to parse publisher data from Project Wonderful.", 'plugin-wonderful'); - $this->publisher_info = false; - } - } else { - $this->messages[] = __("Unable to read publisher data from Project Wonderful.", 'plugin-wonderful'); - $this->publisher_info = false; - } - } - } - - function handle_action_change_memberid() { - if (trim($_POST['memberid'])) { - if (trim($_POST['memberid']) === (string)(int)$_POST['memberid']) { - if (($result = file_get_contents(sprintf(PLUGIN_WONDERFUL_XML_URL, (int)$_POST['memberid']))) !== false) { - $this->publisher_info = new PublisherInfo(); - if ($this->publisher_info->parse($result)) { - update_option('plugin-wonderful-memberid', (int)$_POST['memberid']); - $this->adboxes_client->post_ads($this->publisher_info); - $this->messages[] = sprintf(__('Member number changed to %s and adbox information redownloaded.', 'plugin-wonderful'), (int)$_POST['memberid']); - } else { - $this->messages[] = __("Unable to parse publisher data from Project Wonderful.", 'plugin-wonderful'); - update_option('plugin-wonderful-memberid', ""); - $this->publisher_info = false; - } - } else { - $this->messages[] = __("Unable to read publisher data from Project Wonderful.", 'plugin-wonderful'); - update_option('plugin-wonderful-memberid', ""); - $this->publisher_info = false; - } - } else { - $this->messages[] = __("Member numbers need to be numeric.", 'plugin-wonderful'); - update_option('plugin-wonderful-memberid', ""); - $this->publisher_info = false; - } - } else { - $this->messages[] = __("Existing adbox information removed.", 'plugin-wonderful'); - update_option('plugin-wonderful-memberid', ""); - - $this->publisher_info = false; - } - - foreach (array('use-standardcode', 'enable-body-copy-embedding') as $field) { - update_option("plugin-wonderful-${field}", isset($_POST[$field]) ? "1" : "0"); - } - } -} - $plugin_wonderful = new PluginWonderful(); add_action('admin_menu', array($plugin_wonderful, 'set_up_menu')); -add_action('init', array($plugin_wonderful, 'set_up_widgets')); +add_action('init', array($plugin_wonderful, 'init')); add_filter('the_excerpt_rss', array($plugin_wonderful, 'insert_rss_feed_ads')); add_filter('the_content', array($plugin_wonderful, 'inject_ads_into_body_copy')); register_activation_hook(__FILE__, array($plugin_wonderful, 'handle_activation')); -function the_project_wonderful_ad($adboxid) { - global $plugin_wonderful; - - $plugin_wonderful->render_widget(array(), $adboxid); -} - -?> +?> \ No newline at end of file diff --git a/test/PluginWonderfulTest.php b/test/PluginWonderfulTest.php new file mode 100644 index 0000000..f1c984e --- /dev/null +++ b/test/PluginWonderfulTest.php @@ -0,0 +1,44 @@ +pw = new PluginWonderful(); + $_POST = array(); + } + + function testSaveWidgetsIsCalled() { + _set_valid_nonce("plugin-wonderful", "12345"); + $_POST['pw']['_nonce'] = "12345"; + + $pw = $this->getMock('PluginWonderful', array('handle_action_save_widgets')); + $pw->expects($this->once())->method("handle_action_save_widgets"); + $pw->handle_action(); + } + + function testRenderWidgetControl() { + _set_valid_nonce("plugin-wonderful", "12345"); + + $this->pw->publisher_info->adboxes = array( + (object)array('adboxid' => '123', + 'center_widget' => 0) + ); + + ob_start(); + $this->pw->render_widget_control('123'); + $source = ob_get_clean(); + + $this->assertTrue(($xml = _to_xml($source)) !== false); + + foreach (array( + '//input[@name="pw[_nonce]" and @value="12345"]' => true + ) as $xpath => $value) { + $this->assertTrue(_xpath_test($xml, $xpath, $value), $xpath); + } + } +} + +?> \ No newline at end of file