Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add 32x32 icon, fix #112, fix #115, fix #117 #116

Merged
merged 4 commits into from
Mar 2, 2012
Merged

Add 32x32 icon, fix #112, fix #115, fix #117 #116

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a869b62
Ads 32x32 icon, fixes plural label suggestion
gabor-udvari Feb 20, 2012
5137393
Fix #112
gabor-udvari Feb 27, 2012
9d37272
Fix #115 - escape apostroph everywhere
gabor-udvari Feb 29, 2012
842def3
Fix #117 - broken multiline editor buttons
gabor-udvari Feb 29, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
100 changes: 62 additions & 38 deletions admin/mf_admin.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -494,6 +494,19 @@ public function import($file_path,$overwrite){

}

/**
* Escape data before serializing
*/
function escape_data(&$value){
// quick fix for ' character
/** @todo have a proper function escaping all these */
if(is_string($value)){
$value = stripslashes($value);
$value = preg_replace('/\'/','´', $value);
$value = addslashes($value);
}
}

/* function save and update for post type */

/**
Expand All @@ -502,16 +515,14 @@ public function import($file_path,$overwrite){
public function new_posttype($data){
global $wpdb;

/*quick fix for ' character*/
$data['core']['description'] = stripslashes($data['core']['description']);
$data['core']['description'] = preg_replace('/\'/','´',$data['core']['description']);
$data['core']['description'] = addslashes($data['core']['description']);
// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
$sql = $wpdb->prepare(
"INSERT INTO " . MF_TABLE_POSTTYPES .
" (type, name, description, arguments, active)" .
" values" .
" ('%s', '%s', '%s', '%s', '%s')",
" (%s, %s, %s, %s, %d)",
$data['core']['type'],
$data['core']['label'],
$data['core']['description'],
Expand All @@ -530,14 +541,13 @@ public function new_posttype($data){
public function update_post_type($data){
global $wpdb;

$data['core']['description'] = stripslashes($data['core']['description']);
$data['core']['description'] = preg_replace('/\'/','´',$data['core']['description']);
$data['core']['description'] = addslashes($data['core']['description']);
// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
$sql = $wpdb->prepare(
"Update " . MF_TABLE_POSTTYPES .
" SET type = '%s', name = '%s', description = '%s', arguments = '%s' " .
" WHERE id = %s",
" SET type = %s, name = %s, description = %s, arguments = %s " .
" WHERE id = %d",
$data['core']['type'],
$data['core']['label'],
$data['core']['description'],
Expand All @@ -555,12 +565,14 @@ public function update_post_type($data){
*/
public function new_custom_group($data){
global $wpdb;

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
"INSERT INTO %s ".
"(name,label,post_type,duplicated,expanded) ".
"VALUES ('%s','%s','%s',%s,%s)",
MF_TABLE_CUSTOM_GROUPS,
$sql = $wpdb->prepare(
"INSERT INTO ". MF_TABLE_CUSTOM_GROUPS .
" (name, label, post_type, duplicated, expanded) ".
" VALUES (%s, %s, %s, %d, %d)",
$data['core']['name'],
$data['core']['label'],
$data['core']['post_type'],
Expand All @@ -582,12 +594,14 @@ public function update_custom_group($data){
//ToDo: falta sanitizar variables
// podriamos crear un mettodo para hacerlo
// la funcion podria pasarle como primer parametro los datos y como segundo un array con los campos que se va a sanitizar o si se quiere remplazar espacios por _ o quitar caracteres extraños

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
"UPDATE %s ".
"SET name = '%s', label ='%s',duplicated = %s, expanded = %s ".
"WHERE id = %s",
MF_TABLE_CUSTOM_GROUPS,
$sql = $wpdb->prepare(
"UPDATE ". MF_TABLE_CUSTOM_GROUPS .
" SET name = %s, label =%s, duplicated = %d, expanded = %d ".
" WHERE id = %d",
$data['core']['name'],
$data['core']['label'],
$data['core']['duplicate'],
Expand All @@ -603,6 +617,9 @@ public function new_custom_field($data){
global $wpdb;

if( !isset($data['option']) ) $data['option'] = array();

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

//check group
if(!$data['core']['custom_group_id']){
Expand All @@ -612,11 +629,10 @@ public function new_custom_field($data){

$data['core']['name'] = str_replace(" ","_",$data['core']['name']);

$sql = sprintf(
"INSERT INTO %s ".
"(name,label,description,post_type,custom_group_id,type,required_field,duplicated,options) ".
"VALUES ('%s','%s','%s','%s',%s,'%s',%s,%s,'%s')",
MF_TABLE_CUSTOM_FIELDS,
$sql = $wpdb->prepare(
"INSERT INTO ". MF_TABLE_CUSTOM_FIELDS .
" (name, label, description, post_type, custom_group_id, type, required_field, duplicated, options) ".
" VALUES (%s, %s, %s, %s, %d, %s, %d, %d, %s)",
$data['core']['name'],
$data['core']['label'],
$data['core']['description'],
Expand All @@ -638,6 +654,9 @@ public function update_custom_field($data){
global $wpdb;

if( !isset($data['option']) ) $data['option'] = array();

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

//check group
if(!$data['core']['custom_group_id']){
Expand All @@ -647,12 +666,11 @@ public function update_custom_field($data){

$data['core']['name'] = str_replace(" ","_",$data['core']['name']);

$sql = sprintf(
"UPDATE %s ".
"SET name = '%s', label = '%s', description = '%s',type = '%s', required_field = %d, ".
"duplicated = %d, options = '%s' ".
"WHERE id = %d",
MF_TABLE_CUSTOM_FIELDS,
$sql = $wpdb->prepare(
"UPDATE ". MF_TABLE_CUSTOM_FIELDS .
" SET name = %s, label = %s, description = %s, type = %s, required_field = %d, ".
" duplicated = %d, options = %s ".
" WHERE id = %d",
$data['core']['name'],
$data['core']['label'],
$data['core']['description'],
Expand All @@ -672,12 +690,15 @@ public function update_custom_field($data){
*/
public function new_custom_taxonomy($data){
global $wpdb;

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
$sql = $wpdb->prepare(
"INSERT INTO " . MF_TABLE_CUSTOM_TAXONOMY .
" (type, name, description, arguments, active)" .
" values" .
" ('%s', '%s', '%s', '%s', '%s')",
" (%s, %s, %s, %s, %d)",
$data['core']['type'],
$data['core']['name'],
$data['core']['description'],
Expand All @@ -695,11 +716,14 @@ public function new_custom_taxonomy($data){
*/
public function update_custom_taxonomy($data){
global $wpdb;

// escape all the strings
array_walk_recursive($data, array($this, 'escape_data'));

$sql = sprintf(
$sql = $wpdb->prepare(
"Update " . MF_TABLE_CUSTOM_TAXONOMY .
" SET type = '%s', name = '%s', description = '%s', arguments = '%s' " .
" WHERE id = %s",
" SET type = %s, name = %s, description = %s, arguments = %s " .
" WHERE id = %d",
$data['core']['type'],
$data['core']['name'],
$data['core']['description'],
Expand Down
2 changes: 2 additions & 0 deletions admin/mf_dashboard.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ function main() {
$custom_taxonomies = $this->get_custom_taxonomies();

print '<div class="wrap">';
// print screen icon
print get_screen_icon('magic-fields');
print '<h2>'.__( 'Magic Fields',$mf_domain).'</h2>';
print '<h3>'.__( 'Post Types', $mf_domain ).'<a href="admin.php?page=mf_dispatcher&mf_section=mf_posttype&mf_action=add_post_type" class="add-new-h2 button">'.__( 'Add new Post Type', $mf_domain ).'</a></h3>';

Expand Down
4 changes: 3 additions & 1 deletion admin/mf_post.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -392,7 +392,9 @@ public function load_js_css_fields(){
if( (in_array('multiline',$fields) || in_array('image_media',$fields) ) && !post_type_supports($post_type,'editor' ) ){
add_thickbox();
wp_enqueue_script('media-upload');
add_action( 'admin_print_footer_scripts', 'wp_tiny_mce', 25 );
wp_enqueue_script('editor'); // add JS functions of the editor
//add_action( 'admin_print_footer_scripts', 'wp_tiny_mce', 25 ); // outdated?
add_action( 'admin_print_footer_scripts', 'wp_editor'); // add buttons of the editor
add_action( 'admin_print_footer_scripts', array($this,'media_buttons_add_mf'), 51 );
}

Expand Down
Loading