WordPress.org

Plugin Directory

Changeset 1229986


Ignore:
Timestamp:
08/25/15 08:45:48 (2 years ago)
Author:
peter achutha
Message:

updated to have simpler .htaccess file and allowed option to check or disable checking for javascript in the messages (anti hacking feature).

Location:
dpabottomofpostpage/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • dpabottomofpostpage/trunk/dpabottomofpostpage-functionality.php

    r1223244 r1229986  
    33Plugin Name: dpabottomofpostpage 
    44Plugin URI: https://www.dpabadbot.com/customise-wordpress-plugin-to-add-messages-ads-bottom-of-post.php 
    5 Description: This plugin can add several messages or adverts to the bottom of every post and page content or at the end of the document or webpage. Very useful if you have several messages like copyright notice, Google Ads, other affliate advertisements, ads and Facebook, Google+ & Twitter Like and Share Buttons... There is no limit as to how many messages you have at the bottom of your posts or pages. You can have different messages for posts and for pages. Now understands that you can fine tune your webpage for SEO and the messages can affect your SEO. Your messages can be saved elsewhere so that they do not affect your page SEO. Just click on "Affects SEO" radio button and set the width and height of message.You can show post messages in Home, Category & Archives summary pages. Now can stop displaying messages in some posts and some pages.  
    6 Version: 1.17 [20150818]    
     5Description: Please Deactivate and Delete previous version before installing this version. This plugin can add several messages or adverts to the bottom of every post and page content or at the end of the document or webpage. Very useful if you have several messages like copyright notice, Google Ads, other affliate advertisements, ads and Facebook, Google+ & Twitter Like and Share Buttons... There is no limit as to how many messages you have at the bottom of your posts or pages. You can have different messages for posts and for pages. Now understands that you can fine tune your webpage for SEO and the messages can affect your SEO. Your messages can be saved elsewhere so that they do not affect your page SEO. Just click on "Affects SEO" radio button and set the width and height of message.You can show post messages in Home, Category & Archives summary pages. Now can stop displaying messages in some posts and some pages.  
     6Version: 1.18 [20150825]    
    77Author: Dr. Peter Achutha 
    88Author URI: http://facebook/peter.achutha 
     
    334334$spmybpz_bottom = $spmybpz_data_str[4] ; 
    335335$spmybpz_ranking = $spmybpz_data_str[5] ; 
     336$spmybpz_java = $spmybpz_data_str[6] ; 
    336337} 
    337338 
     
    421422        if( isset( $spmybpz_msg[ $spmybpz_i ] ) ){ 
    422423            $spmybpz_tmpstr =  stripslashes( trim( $spmybpz_msg[ $spmybpz_i ] ) ); 
     424            if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    423425            $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    424426            if( $spmybpz_pos !== false ){ 
     
    428430            if( $spmybpz_pos !== false ){ 
    429431                $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     432            } 
    430433            } 
    431434            $spmybpz_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    497500        if( isset( $spmybpz_page_msg[ $spmybpz_i ] ) ) { 
    498501            $spmybpz_tmpstr =  stripslashes( trim( $spmybpz_page_msg[ $spmybpz_i ] ) ); 
     502            if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    499503            $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    500504            if( $spmybpz_pos !== false ){ 
     
    504508            if( $spmybpz_pos !== false ){ 
    505509                $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     510            } 
    506511            } 
    507512            $spmybpz_page_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    584589$spmybpz_bottom = $spmybpz_data_str[4] ; 
    585590$spmybpz_ranking = $spmybpz_data_str[5] ; 
     591$spmybpz_java = $spmybpz_data_str[6] ; 
    586592} 
    587593 
     
    670676        if( isset( $spmybpz_msg[ $spmybpz_i ] ) ) { 
    671677            $spmybpz_tmpstr =  stripslashes( trim( $spmybpz_msg[ $spmybpz_i ] ) ); 
     678            if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    672679            $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    673680            if( $spmybpz_pos !== false ){ 
     
    677684            if( $spmybpz_pos !== false ){ 
    678685                $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     686            } 
    679687            } 
    680688            $spmybpz_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    747755        if( isset( $spmybpz_page_msg[ $spmybpz_i ] ) ) { 
    748756            $spmybpz_tmpstr =  stripslashes( trim( $spmybpz_page_msg[ $spmybpz_i ] ) ); 
     757            if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    749758            $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    750759            if( $spmybpz_pos !== false ){ 
     
    754763            if( $spmybpz_pos !== false ){ 
    755764                $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     765            } 
    756766            } 
    757767            $spmybpz_page_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    817827    $spmybpz_posts = $spmybpz_data_str[2] ; 
    818828    $spmybpz_pages = $spmybpz_data_str[3] ; 
     829    if( !isset( $spmybpz_bottom ) ){ 
     830    $spmybpz_bottom = 'Bottom' ; 
     831    $spmybpz_data_str[4] = 'Bottom' ; 
     832    } 
    819833    $spmybpz_bottom = $spmybpz_data_str[4] ; 
     834    if( !isset( $spmybpz_ranking ) ){ 
     835    $spmybpz_ranking = 100 ; 
     836    $spmybpz_data_str[5] = 100 ; 
     837    }    
    820838    $spmybpz_ranking = $spmybpz_data_str[5] ; 
     839    if( !isset( $spmybpz_java ) ){ 
     840    $spmybpz_java = 'Allow' ; 
     841    $spmybpz_data_str[6]  = 'Allow' ; 
     842    }    
     843    $spmybpz_java = $spmybpz_data_str[6] ; 
    821844    } 
    822845} 
  • dpabottomofpostpage/trunk/readme.txt

    r1223244 r1229986  
    44Tags: post footer, page footer, bottom of post, bottom of page, ads, adverts, advertisments, affiliate 
    55Requires at least: 3.9.1 
    6 Tested up to: 4.2.3 
    7 Stable tag: 1.17 [20150818] 
     6Tested up to: 4.3 
     7Stable tag: 1.18 [20150825] 
    88License: GPLv2 or later 
    99 
     
    127127Found some undefined variables and set them. Added the ability to delete messages. Changed the way the messages are stored. 
    128128 
     129== 1.18 == 
     130Simplified the .htaccess file in plugin and upload directory. Made option to allow or disallow  javascript. 
     131 
    129132 
    130133== Upgrade Notice == 
     
    194197Found some undefined variables and set them. Added the ability to delete messages. Changed the way the messages are stored. 
    195198 
     199== 1.18 == 
     200Simplified the .htaccess file in plugin and upload directory. Made option to allow or disallow  javascript. 
     201 
  • dpabottomofpostpage/trunk/setup_form.php

    r1223244 r1229986  
    5555DirectoryIndex index.php index.html 
    5656 
    57 #Prevent hacks http://www.queness.com/post/5421/17-useful-htaccess-tricks-and-tips  2013 March 01 
    58 RewriteEngine On 
    59   
    60 # proc/self/environ? no way! 
    61 RewriteCond %{QUERY_STRING} proc/self/environ [OR] 
    62   
    63 # Block out any script trying to set a mosConfig value through the URL 
    64 RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] 
    65   
    66 # Block out any script trying to base64_encode crap to send via URL 
    67 RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR] 
    68   
    69 # Block out any script that includes a <script> tag in URL 
    70 RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR] 
    71   
    72 # Block out any script trying to set a PHP GLOBALS variable via URL 
    73 RewriteCond %{QUERY_STRING} GLOBALS(=|[|\%[0-9A-Z]{0,2}) [OR] 
    74   
    75 # Block out any script trying to modify a _REQUEST variable via URL 
    76 RewriteCond %{QUERY_STRING} _REQUEST(=|[|\%[0-9A-Z]{0,2}) 
    77   
    78 # Send all blocked request to homepage with 403 Forbidden error! 
    79 RewriteRule ^(.*)$ index.php [F,L] 
    80  
    8157#block hackers from these type of files # 
    8258# multiple file types 
     
    8561 Deny from all 
    8662</FilesMatch> 
    87  
    88 Header always append X-Frame-Options SAMEORIGIN'; 
     63'; 
    8964 
    9065 
     
    187162 
    188163} 
    189 if( !file_exists( $spmybpz_htaccess_file ) ){ 
    190     spmybpz_zbopp_write_file( $spmybpz_htaccess_file, $spmybpz_htaccess_data ); 
    191     } 
     164//if( !file_exists( $spmybpz_htaccess_file ) ){ 
     165//  spmybpz_zbopp_write_file( $spmybpz_htaccess_file, $spmybpz_htaccess_data ); 
     166//  } 
    192167if( !file_exists( $spmybpz_plugin_htaccess_file ) ){ 
    193168    spmybpz_zbopp_write_file( $spmybpz_plugin_htaccess_file, $spmybpz_htaccess_data ); 
     169    copy ($spmybpz_plugin_htaccess_file , $spmybpz_htaccess_file ); 
    194170    } 
    195171$spmybpz_tmpstr = ''; 
     
    234210    if( isset( $spmybpz_data_str[4] ) ){ 
    235211    $spmybpz_bottom = $spmybpz_data_str[4]; 
     212    } else { 
     213    $spmybpz_bottom = 'Bottom'; 
    236214    } 
    237215    if( isset( $spmybpz_data_str[5] ) ){ 
    238216    $spmybpz_ranking = $spmybpz_data_str[5]; 
     217    } else { 
     218    $spmybpz_ranking = 100; 
     219    } 
     220    if( isset( $spmybpz_data_str[6] ) ){ 
     221    $spmybpz_java = $spmybpz_data_str[6]; 
     222    } else { 
     223    $spmybpz_java = 'Allow'; 
    239224    } 
    240225    } 
     
    252237    $spmybpz_ranking = 100 ; 
    253238    $spmybpz_data_str[5] = 100; 
     239    $spmybpz_java = 'Allow' ; 
     240    $spmybpz_data_str[6] = 'Allow'; 
    254241    $spmybpz_tmpstr = serialize( $spmybpz_data_str );    
    255242    spmybpz_zbopp_write_file( $spmybpz_setup_file, $spmybpz_tmpstr ); 
     
    524511    $spmybpz_bottom = $spmybpz_data_str[4] ; 
    525512    } 
     513    if( isset( $_POST['spmy_display_java'] ) ) { 
     514    $spmybpz_data_str[6] = $_POST['spmy_display_java']; 
     515    $spmybpz_java = $spmybpz_data_str[6] ; 
     516    }    
    526517    if( isset( $_POST['spmy_display_ranking'] ) ) { 
    527518//  echo '<br> $_POST ranking is set'; 
     
    578569        if( isset( $_POST['spmy_txtarea'][$spmybpz_i] ) && trim( $_POST['spmy_txtarea'][$spmybpz_i] ) != '' ) { 
    579570            $spmybpz_tmpstr =  stripslashes( trim( $_POST['spmy_txtarea'][$spmybpz_i] ) ); 
     571            if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    580572            $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    581573            if( $spmybpz_pos !== false ){ 
     
    585577            if( $spmybpz_pos !== false ){ 
    586578                $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     579            } 
    587580            } 
    588581            $spmybpz_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    664657    if( isset( $_POST['spmy_page_txtarea'][$spmybpz_i] )  && trim( $_POST['spmy_page_txtarea'][$spmybpz_i] ) != '' ) { 
    665658        $spmybpz_tmpstr =  stripslashes( trim( $_POST['spmy_page_txtarea'][$spmybpz_i] ) ); 
     659        if( $spmybpz_java != 'Allow' ){ //added 2015/08/25 to allow javascript for certain themes 
    666660        $spmybpz_pos = strpos( $spmybpz_tmpstr , '<?' ); 
    667661        if( $spmybpz_pos !== false ){ 
     
    671665        if( $spmybpz_pos !== false ){ 
    672666            $spmybpz_tmpstr = str_replace( 'javascript:', '', strtolower( $spmybpz_tmpstr ) ); 
     667        } 
    673668        } 
    674669        $spmybpz_page_msg[ $spmybpz_i ] = $spmybpz_tmpstr; 
     
    849844$spmybpz_post_bottom1 = 'checked="checked"' ; 
    850845} 
    851  
     846if( $spmybpz_java != 'Allow' ){ 
     847$spmybpz_post_java = 'checked="checked"' ; 
     848$spmybpz_post_java1 = '' ; 
     849} else { 
     850$spmybpz_post_java = '' ; 
     851$spmybpz_post_java1 = 'checked="checked"' ; 
     852} 
    852853//read the latest data from seopost file 
    853854if( file_exists( $spmybpz_setup_seopost_file )) { 
     
    953954 
    954955 
    955 echo '<br><span style="color:red;font-size:32px;font-style:normal;">Welcome to dpabottomofpostpage Setup, Version 1.17 [20150818]</span>'; 
     956echo '<br><span style="color:red;font-size:32px;font-style:normal;">Welcome to dpabottomofpostpage Setup, Version 1.18 [20150825]</span>'; 
    956957 
    957958echo '<p><span style="color:blue;font-size:14px;font-style:normal;">This plugin sets up the data files that hold the messages you want to display at the bottom of every post or page.</p></span> 
     
    977978<table> 
    978979<tr><td>Display message at : </td><td><input type="radio" <?php echo $spmybpz_post_bottom; ?> name="spmy_display_bottom" value="Bottom">Bottom of your Content</td><td> OR </td><td><input type="radio" <?php echo $spmybpz_post_bottom1; ?> name="spmy_display_bottom" value="End">End of Document</td><td> and the Priority is: </td><td><input type="text" name="spmy_display_ranking" value="<?php echo $spmybpz_ranking; ?>" ></td></tr> 
     980<tr><td>Block Javascript code : </td><td><input type="radio" <?php echo $spmybpz_post_java; ?> name="spmy_display_java" value="Block">Block Javascript Code</td><td> OR </td><td><input type="radio" <?php echo $spmybpz_post_java1; ?> name="spmy_display_java" value="Allow">Allow Javascript Code</td><td>  </td><td> </td></tr> 
    979981</table> 
    980982<!--<input type="submit" name='spmy_type_of_bottom' value="Submit" >--> 
Note: See TracChangeset for help on using the changeset viewer.