CVE-2023-1871: YourChannel.php in yourchannel/trunk – WordPress Plugin Repository

1<?php2/**3 * @package YourChannel4 * @version 1.2.35 */6/*7 Plugin Name: YourChannel8 Plugin URI: https://plugin.builders/yourchannel/?from=plugins9 Description: Everything you want in a YouTube plugin.10 Author: Plugin Builders11 Version: 1.2.312 Author URI: https://plugin.builders/?from=plugins13 Text Domain: YourChannel14 Domain Path: languages15*/1617if( !defined( ‘ABSPATH’ ) ) exit;1819class WPB_YourChannel{20 static $version = '1.2.3’;21 static $version_file = '1.2.3’;22 23 static $terms = array();24 static $instances = 0;25 26 static $is_pro = false;27 28 static $shortcode_atts = array(29 ‘free’ => array(30 ‘user’ => '’,31 ‘tag’ => '’,32 ‘video’ => '’,33 ‘video_from’ => '’,34 ‘autoplay’ => 'AUTO’,35 36 ‘ads’ => '1’,37 ‘nocookie’ => '’,38 ‘channel’ => 'AUTO’,39 ‘channel_uploads’ => 'AUTO’,40 ‘limit’ => 'AUTO’,41 ‘max’ => 'AUTO’,42 ‘sticky’ => 'AUTO’43 )44 );45 46 function __construct(){47 self::translateTerms();48 49 register_activation_hook(__FILE__, array($this, ‘onInstall’));50 $this->onInstall();51 52 $this->yrc_permission = apply_filters('yourchannel_settings_permission’, ‘manage_options’);53 add_action('admin_menu’, array($this, ‘createMenu’));54 add_action('admin_init’, array($this, ‘deploy’));55 add_action('plugins_loaded’, array($this, ‘loadTextDomain’) );56 57 add_action('admin_enqueue_scripts’, array($this, ‘loadDashJs’));58 add_action('wp_enqueue_scripts’, array($this, ‘loadForFront’));59 add_action('wp_footer’, array($this, ‘atFooter’));60 61 add_action('wp_ajax_yrc_save’, array($this, ‘save’));62 add_action('wp_ajax_yrc_get’, array($this, ‘get’));63 add_action('wp_ajax_yrc_delete’, array($this, ‘delete’));64 add_action('wp_ajax_yrc_get_lang’, array($this, ‘getLang’));65 add_action('wp_ajax_yrc_save_lang’, array($this, ‘saveLang’));66 add_action('wp_ajax_yrc_delete_lang’, array($this, ‘deleteLang’));67 add_action('wp_ajax_yrc_clear_keys’, array($this, ‘clearKeys’));68 add_action('wp_ajax_yrc_clear_cache’, array($this, ‘clearCache’));69 70 add_action('media_buttons’, array($this, ‘addMediaButton’));71 add_action( 'print_media_templates’, array( $this, ‘printMediaTemplates’ ) );72 73 add_shortcode( 'yourchannel’, array($this, ‘shortcoode’), 12 );74 75 if( self::$is_pro ) $this->premium();76 else $this->free();77 }78 79 function canAdminYRC(){80 return current_user_can($this->yrc_permission);81 }82 83 function dieIfNotAllowed(){84 if(!$this->canAdminYRC()){85 wp_send_json([‘error’ => ‘permission_error’]);86 }87 }88 89 function addMediaButton(){90 echo '<a href="#" class="button" id="yrs-opener">Your<span class="pb-inline">Channel</span></a>’;91 }92 93 function printMediaTemplates(){94 include_once 'shortcode/instructions.php’;95 }96 97 static function dump(){98 echo '<pre>’;99 call_user_func('var_dump’, func_get_args());100 echo '</pre>’;101 }102 103 public function onInstall(){104 update_option('yrc_version’, WPB_YourChannel::$version);105 } 106 107 public function clearKeys(){108 $this->dieIfNotAllowed();109 $channels = (int)$_POST[‘yrc_content’];110 delete_option($channels ? ‘yrc_keys’ : ‘yrc_playlist_keys’);111 wp_send_json(1);112 }113 114 public function clearCache(){115 $this->dieIfNotAllowed();116 $channel_key = sanitize_text_field($_POST[‘yrc_chhanel_key’]);117 update_option($channel_key.’_refresh’, true);118 wp_send_json($channel_key);119 }120 121 public function createMenu(){122 add_menu_page(123 'YourChannel’,124 'YourChannel’,125 $this->yrc_permission,126 'yourchannel’,127 array($this, ‘pageTemplate’),128 'dashicons-youtube’129 );130 }131 132 public function pageTemplate(){ ?>133 <div class="wrap">134 <div id="icon-themes" class="icon32"></div>135 <h2 class="wpb-inline" id="yrc-icon">Your<span class="wpb-inline">Channel</span></h2>136 <div id="yrc-wrapper" data-version="<?php echo self::$version; ?>">137 <img src="<?php echo site_url(‘wp-admin/images/spinner.gif’); ?>" id="yrc-init-loader"/>138 </div>139 </div>140 <?php141 $this->templates();142 }143 144 public function templates(){145 do_action(‘yrc_templates’);146 include 'templates/templates.php’;147 }148 149 public function deploy(){}150 151 public function loadDashJs($hook){152 if($hook === ‘toplevel_page_yourchannel’){153 wp_register_script('yrc_script’, plugins_url('/js/yrc.js?’.self::$version_file, __FILE__), array('jquery’, ‘underscore’), null, 1);154 wp_enqueue_script(‘yrc_script’);155 156 wp_register_script('yrc_color_picker’, plugins_url('/css/colorpicker/spectrum.js?’.self::$version_file, __FILE__), array(‘yrc_script’), null, 1);157 wp_enqueue_script(‘yrc_color_picker’);158 wp_register_script('yrc_admin_settings’, plugins_url('/js/admin.js?’.self::$version_file, __FILE__), array(‘yrc_color_picker’), null, 1);159 wp_enqueue_script(‘yrc_admin_settings’);160 161 wp_register_style('yrc_color_picker_style’, plugins_url('/css/colorpicker/spectrum.css?’.self::$version_file, __FILE__));162 wp_enqueue_style(‘yrc_color_picker_style’);163 wp_register_style('yrc_admin_style’, plugins_url('/css/admin.css?’.self::$version_file, __FILE__));164 wp_enqueue_style(‘yrc_admin_style’);165 166 wp_register_style('yrc_style’, plugins_url('/css/style.css?’.self::$version_file, __FILE__));167 wp_enqueue_style(‘yrc_style’);168 }169 170 wp_register_script('yrc_shortcode_script’, plugins_url('/shortcode/shortcode.js?’.self::$version_file, __FILE__), array('jquery’, ‘underscore’), null, 1);171 wp_enqueue_script(‘yrc_shortcode_script’);172 173 wp_register_style('yrc_shortcode_style’, plugins_url('/shortcode/shortcode.css?v=’.self::$version_file, __FILE__));174 wp_enqueue_style(‘yrc_shortcode_style’);175 176 wp_localize_script( 'jquery’, 'yrc_server_vars’, array(177 ‘ajaxurl’ => admin_url( ‘admin-ajax.php’ ),178 ‘url’ => plugins_url(‘yourchannel/’),179 ‘is_pro’ => self::$is_pro, 180 ‘youtube_api_key’ => '’,181 ‘version’ => self::$version182 ));183 }184 185 public function loadForFront(){186 wp_enqueue_script( ‘jquery’ );187 }188 189 public static function nins( $array, $key ){ //nothing if not set190 return isset( $array[$key] ) && $array[$key] ? $array[$key] : '’;191 }192 193 public static function outputChannel( $user, $tag, $is_single ){194 $user = strtolower( html_entity_decode($user) );195 $tag = strtolower( html_entity_decode($tag) );196 197 $keys = get_option(‘yrc_keys’);198 $key = '’;199 if(sizeof($keys) && is_array($keys)){200 foreach($keys as $k){201 if( ( strtolower( $k[‘user’] ) === $user ) && ( strtolower( self::nins( $k, ‘tag’ ) ) === $tag ) ) {202 $key = $k[‘key’]; break;203 }204 } 205 206 if( $is_single && !$key )207 $key = $keys[0][‘key’];208 }209 210 return $key ? get_option( $key ) : '’;211 }212 213 public function shortcoode($atts){214 $atts = shortcode_atts(215 apply_filters('yourchannel_shortcode_attrs’, self::$shortcode_atts[‘free’]), 216 $atts217 );218 return self::output( $atts );219 }220 221 static function getYTContent( $api_args, $delete_cache ){222 //if( !intval($api_args[‘cache’]) ) return array();223 require_once 'stream/stream.php’;224 225 $stream = new YourChannelStream( $api_args );226 $stream->checkCache( $delete_cache );227 228 $feed = array(); 229 230 if( $api_args[‘show_uploads’] ){ 231 $feed[‘uploads’] = $stream->requestFeed();232 }233 234 if( $api_args[‘show_banner’] ){235 $api_args[‘stream’] = 'banner’;236 237 $stream->setSource( $api_args );238 $feed[‘banner’] = $stream->requestFeed();239 }240 241 if( $api_args[‘show_playlists’] ){242 $api_args[‘stream’] = 'playlists’;243 $api_args[‘stream_value’] = $api_args[‘channel’];244 245 $stream->setSource( $api_args );246 $feed[‘playlists’] = $stream->requestFeed();247 }248 249 $stream->setCache($feed);250 251 return $feed;252 }253 254 static function getYTVideos( $api_args, $delete_cache ){ 255 //return '’;256 require_once 'stream/stream.php’;257 258 $stream = new YourChannelStream( $api_args );259 $stream->checkCache( $delete_cache );260 261 $feed = array(‘uploads’ => $stream->requestFeed());262 $stream->setCache($feed);263 264 return $feed;265 }266 267 function atFooter(){268 //echo '<script data-cfasync="false" type="text/javascript"> var yrc_at_footer = [1, 2, 3, 4, 5]; </script>’;269 }270 271 public static function outputError( $atts, $msg ){272 return '<span id="yrc-wrong-shortcode" style="color:red" data-atts="’.htmlentities(json_encode($atts)).’">’.$msg.’</span>’;273 }274 275 276 public static function output( $atts ){ 277 // channel, per_page, max278 // video [url, enter, dynamic {playlist|search, position[], update_every}], autoplay, volume, start_time, show_meta, show_desc comments.show279 280 $channel = self::outputChannel( $atts[‘user’], $atts[‘tag’], $atts[‘video’] || $atts[‘video_from’] );281 282 $error_msg = $atts[‘video’] ? ‘Please create a channel in YourChannel page first.’ : 'YourChannel: Wrong Shortcode’;283 if(!$channel) return self::outputError($atts, $error_msg);284 285 $channel = apply_filters(‘yrc_shortcode_atts’, $channel, $atts);286 287 $uniqid = uniqid();288 $channel[‘meta’][‘uid’] = $uniqid;289 $channel = apply_filters(‘yourchannel_instance’, $channel);290 291 $atts[‘refresh_cache’] = get_option($channel[‘meta’][‘key’] . $channel[‘meta’][‘tag’].’_refresh’);292 if($atts[‘refresh_cache’]) delete_option($channel[‘meta’][‘key’] . $channel[‘meta’][‘tag’].’_refresh’);293 294 $channel[‘meta’][‘ads’] = $atts[‘ads’];295 $channel[‘meta’][‘nocookie’] = $atts[‘nocookie’];296 297 if( $atts[‘autoplay’] !== ‘AUTO’ )298 $channel[‘meta’][‘autoplay’] = $atts[‘autoplay’];299 300 if( $atts[‘sticky’] !== ‘AUTO’ && isset($channel[‘style’][‘sticky’][‘enable’]) )301 $channel[‘style’][‘sticky’][‘enable’] = $atts[‘sticky’];302 303 304 if( !$atts[‘video’] && !$atts[‘video_from’] ){305 if( $atts[‘channel’] !== ‘AUTO’ ) $channel[‘meta’][‘channel’] = self::getChannelId($atts[‘channel’]);306 if( $atts[‘channel_uploads’] !== ‘AUTO’ ) $channel[‘meta’][‘channel_uploads’] = self::getPlaylistId($atts[‘channel_uploads’]);307 if( $atts[‘limit’] !== ‘AUTO’ ) $channel[‘meta’][‘per_page’] = $atts[‘limit’];308 if( $atts[‘max’] !== ‘AUTO’ && isset($channel[‘meta’][‘maxv’]) ) $channel[‘meta’][‘maxv’] = $atts[‘max’];309 310 $parameters = array(311 ‘stream’ => 'uploads’,312 ‘stream_value’ => $channel[‘meta’][‘channel’],313 ‘channel’ => $channel[‘meta’][‘channel’],314 ‘apikey’ => $channel[‘meta’][‘apikey’],315 ‘sort_by’ => implode('’, array('d’, 'a’, 't’, ‘e’)),316 ‘upload_playlist’ => $channel[‘meta’][‘channel_uploads’],317 ‘show_uploads’ => $channel[‘style’][‘uploads’],318 ‘show_playlists’ => $channel[‘style’][‘playlists’],319 ‘show_banner’ => $channel[‘style’][‘banner’],320 ‘cache’ => isset($channel[‘meta’][‘cache’]) ? $channel[‘meta’][‘cache’] : 180,321 ‘limit’ => isset($channel[‘meta’][‘per_page’]) ? $channel[‘meta’][‘per_page’] : 24322 );323 324 if( $channel[‘meta’][‘onlyonce’] ){325 $parameters[‘stream’] = 'playlist’;326 $parameters[‘stream_value’] = $parameters[‘upload_playlist’];327 }328 329 $feed = self::getYTContent( apply_filters('yrc_fetch_parameters’, $parameters, $channel, $atts), $atts[‘refresh_cache’] );330 return self::instanceOutput($channel, $feed, $uniqid, false);331 332 } else { 333 $channel[‘meta’][‘single’] = true;334 335 if( $atts[‘video_from’] ){336 return apply_filters('yrc_videos_from’, '’, $channel, $atts);337 } else {338 return self::instanceOutput($channel, array(‘video’ => self::getVideoId($atts[‘video’])), $uniqid, true);339 }340 }341 }342 343 static function instanceOutput($channel, $feed, $uniqid, $is_single){344 $url = plugins_url('/js/yrc.js?’.self::$version_file, __FILE__);345 $css_url = plugins_url('/css/style.css?’.self::$version_file, __FILE__);346 347 self::translateTerms();348 $terms = array(349 ‘form’ => get_option('yrc_lang_terms’, []),350 ‘fui’ => self::$terms[‘front_ui’]351 );352 353 $terms[‘form’] = array_merge(self::$terms[‘form’], $terms[‘form’]); 354 $feed = apply_filters('yrc_final_output’, $feed, $channel);355 356 $channel[‘style’][‘rtl’] = is_rtl();357 358 $output = '<div class="yrc-shell-cover '.($is_single ? ‘yrc-single’ : ‘’).’" data-yrc-uid="’. $uniqid .’" data-yrc-channel="’. htmlentities( json_encode($channel) ) .’" data-yrc-setup=""></div>359 <script data-cfasync="false" type="text/javascript">360 if( !window.YRC ) var YRC = {Data:{}};361 YRC.Data[“’.$uniqid.’”] = '. json_encode($feed) .’;362 '. (0 ? ‘’ :363 '(function(){364 if(!YRC.loaded){365 YRC.loaded = true;366 function YRC_Loader(){367 //YRC.loaded = true;368 YRC.is_pro = '.json_encode(self::$is_pro) .’;369 YRC.is_pb = '.json_encode(apply_filters('yrc_allow_any_key’, false)).’;370 YRC.lang = '.json_encode( $terms ).’;371 YRC.is_admin = '.json_encode( current_user_can(‘manage_options’) ).’;372 var script = document.createElement(“script”);373 script.setAttribute("data-cfasync", “false”);374 script.setAttribute("type", “text/javascript”);375 script.src = "’.$url.’";376 script.id = "yrc-script";377 document.querySelector(“head”).appendChild(script);378 var style = document.createElement(“link”);379 style.rel = “stylesheet";380 style.href = “’.$css_url.’";381 style.type = “text/css";382 document.querySelector(“head”).appendChild(style);383 }384 if(window.jQuery){YRC_Loader();}else { var yrctimer2324 = window.setInterval(function(){385 if(window.jQuery){YRC_Loader(); window.clearInterval(yrctimer2324); }386 }, 250);}387 } else {if(YRC.EM)YRC.EM.trigger(“yrc.newchannel”);}388 }());’389 ).390 '</script>’;391 392 self::$instances++;393 return $output;394 }395 396 static function getVideoId( $str ){397 if( strlen($str) === 11 ) return htmlentities($str);398 // From some stackoverflow answer399 preg_match(“/^(?:http(?:s)?:\/\/)?(?:www\.)?(?:m\.)?(?:youtu\.be\/|youtube\.com\/(?:(?:watch)?\?(?:.*&)?v(?:i)?=|(?:embed|v|vi|user)\/))([^\?&\"’>]+)/", $str, $matches);400 if( sizeof($matches) ) return htmlentities($matches[1]);401 return '’;402 }403 404 static function getPlaylistId( $str ){405 $str = str_replace('amp;’, '&’, $str);406 parse_str(parse_url($str, PHP_URL_QUERY), $query);407 if( isset($query[‘list’]) ) return $query[‘list’];408 return $str;409 }410 411 static function getChannelId( $str ){412 $channel = explode('/channel/’, parse_url($str, PHP_URL_PATH));413 if( sizeof($channel) < 2 ) return $str;414 $channel = explode('/’, $channel[1]);415 return $channel[0];416 }417 418 419 /**420 421 Input422 423 **/424 425 426 public function save(){427 $this->dieIfNotAllowed();428 $down = $this->validate( $_POST[‘yrc_channel’] );429 430 if(!$down[‘meta’][‘channel’] || !$down[‘meta’][‘apikey’]) {echo 0; die();}431 432 $re = null;433 $key = $down[‘meta’][‘key’];434 $down[‘meta’][‘user’] = stripslashes( $down[‘meta’][‘user’] );435 $down[‘meta’][‘tag’] = stripslashes( $down[‘meta’][‘tag’] );436 if(isset( $down[‘css’] )) $down[‘css’] = stripslashes( $down[‘css’] );437 438 if($key === ‘nw’){439 $re = get_option(‘yrc_keys’);440 $re = $re ? $re : array();441 $key = 'yrc_’.time();442 $re[] = array('key’=>$key, 'user’=>$down[‘meta’][‘user’], 'tag’=>$down[‘meta’][‘tag’]);443 $re = update_option('yrc_keys’, $re);444 $down[‘meta’][‘key’] = $key;445 $re = update_option($key, $down);446 $re = $re ? $key : $re;447 } else {448 $re = get_option(‘yrc_keys’);449 forEach($re as &$r){450 $tag = true;451 if(isset($r[‘tag’]) && !empty($r[‘tag’])) $tag = ($r[‘tag’] === $down[‘meta’][‘tag’]);452 if($r[‘user’] !== $down[‘meta’][‘user’]) $tag = true;453 if( ($r[‘key’] === $down[‘meta’][‘key’]) && $tag ) {454 $r[‘user’] = $down[‘meta’][‘user’];455 $r[‘tag’] = $down[‘meta’][‘tag’];456 update_option('yrc_keys’, $re);457 $re = update_option($down[‘meta’][‘key’], $down);458 break;459 }460 }461 $re = $key ? $key : $re;462 }463 wp_send_json($re);464 }465 466 public function get(){467 $keys = get_option(‘yrc_keys’);468 $re = array();469 if($keys){470 forEach($keys as $key){471 $re[] = get_option($key[‘key’]);472 }473 }474 wp_send_json($re);475 }476 477 public function delete(){478 $this->dieIfNotAllowed();479 $key = sanitize_text_field( $_POST[‘yrc_key’] );480 $keys = get_option(‘yrc_keys’);481 $re = false;482 forEach($keys as $i=>$k){483 if($k[‘key’] === $key) {484 unset($keys[$i]);485 update_option('yrc_keys’, $keys);486 $re = delete_option( $key );487 break;488 }489 } 490 echo $re;491 die();492 }493 494 public function getLang(){495 wp_send_json( get_option(‘yrc_lang_terms’) );496 }497 498 public function saveLang(){499 $this->dieIfNotAllowed();500 $lang = $_POST[‘yrc_lang’];501 echo update_option('yrc_lang_terms’, $lang);502 die();503 }504 505 public function deleteLang(){506 $this->dieIfNotAllowed();507 delete_option(‘yrc_lang_terms’);508 echo 1;509 die();510 }511 512 /**513 514 Sanitizing515 516 **/517 518 public $fields = array();519 520 public function validate($ins){521 $rins = $this->validation( $ins );522 return $rins;523 }524 525 public function validation( $ins ){526 $rins = array();527 foreach($ins as $key=>$value){528 $rins[$key] = $this->validateField( $key, $value );529 }530 return $rins;531 }532 533 public function validateField( $k, $val ){534 if(is_array($val)){535 $clean_val = $this->validation( $val );536 } else {537 $clean_val = $this->cleanse(538 ( array_key_exists($k, $this->fields) ? $this->fields[$k] : ‘string’ ),539 $val);540 }541 return $clean_val;542 }543 544 public function cleanse($type, $value){545 switch($type){546 case 'int’:547 return intval($value);548 break;549 case 'url’:550 return esc_url($value);551 break;552 default:553 return sanitize_text_field($value);554 break;555 } 556 }557 558 public function loadTextDomain(){559 load_plugin_textdomain( 'YourChannel’, false, dirname( plugin_basename( __FILE__ ) ) . ‘/languages’ );560 }561 562 public static function translateTerms(){ 563 self::$terms[‘front_ui’] = array(564 ‘sort_by’ => __('Sort by’, ‘YourChannel’),565 ‘relevant’ => __('Relevant’, ‘YourChannel’),566 ‘latest’ => __('Latest’, ‘YourChannel’),567 ‘liked’ => __('Liked’, ‘YourChannel’),568 ‘title’ => __('Title’, ‘YourChannel’),569 ‘views’ => __('Views’, ‘YourChannel’),570 ‘duration’ => __('Duration’, ‘YourChannel’),571 ‘any’ => __('Any’, ‘YourChannel’),572 ‘_short’ => __('Short’, ‘YourChannel’),573 ‘medium’ => __('Medium’, ‘YourChannel’),574 ‘_long’ => __('Long’, ‘YourChannel’),575 ‘uploaded’ => __('Uploaded’, ‘YourChannel’),576 ‘all_time’ => __('All time’, ‘YourChannel’),577 ‘live_now’ => 'Live Now’,578 ‘today’ => __('Today’, ‘YourChannel’),579 ‘ago’ => __('ago’, ‘YourChannel’),580 ‘last’ => __('Last’, ‘YourChannel’),581 ‘day’ => __('day’, ‘YourChannel’),582 ‘days’ => __('days’, ‘YourChannel’),583 ‘week’ => __('week’, ‘YourChannel’),584 ‘weeks’ => __('weeks’, ‘YourChannel’),585 ‘month’ => __('month’, ‘YourChannel’),586 ‘months’ => __('months’, ‘YourChannel’),587 ‘year’ => __('year’, ‘YourChannel’),588 ‘years’ => __('years’, ‘YourChannel’),589 ‘older’ => __('Older’, ‘YourChannel’),590 ‘show_more’ => __('Show More’, ‘YourChannel’),591 ‘show_less’ => __('Show Less’, ‘YourChannel’),592 ‘reply’ => __('REPLY’, ‘YourChannel’),593 ‘view_replies’ => __('View replies’, ‘YourChannel’),594 ‘write_comment’ => __('Write comment…’, ‘YourChannel’),595 ‘billion’ => 'B’,596 ‘million’ => 'M’,597 ‘thousand’ => 'K’,598 ‘max_plain_number’ => 1000,599 ‘wplocale’ => get_locale()600 );601 602 self::$terms[‘form’] = array(603 ‘Videos’ => __('Videos’, ‘YourChannel’),604 ‘Playlists’ => __('Playlists’, ‘YourChannel’),605 ‘Search’ => __('Search’, ‘YourChannel’),606 ‘Loading’ => __('Loading’, ‘YourChannel’),607 ‘more’ => __('more’, ‘YourChannel’),608 ‘Nothing_found’ => __('Nothing found’, ‘YourChannel’),609 ‘Prev’ => __('Previous’, ‘YourChannel’),610 ‘Next’ => __('Next’, ‘YourChannel’),611 ‘consent_statement’ => __('Allow cookies?’, ‘YourChannel’),612 ‘consent_button’ => __('Allow’, ‘YourChannel’),613 ‘consent_privacy_policy’ => __('Privacy policy’, ‘YourChannel’)614 );615 616 self::$terms = apply_filters('yourchannel_front_ui_terms’, self::$terms);617 }618 619 static function getAllShortcodeAtts(){620 $atts = array();621 foreach(self::$shortcode_atts as $key => $attset)622 $atts = array_merge($atts, $attset);623 return $atts; 624 }625 626 static function getVideoIds( $str ){627 $videos = explode(',’, $str);628 629 $videos = array_map(function($v){630 return self::getVideoId($v);631 }, $videos);632 633 return array_filter($videos, function($v){634 return strlen( $v ) === 11;635 });636 }637638639 /** Free Version Specific **/640 641 public function free(){642 add_action('admin_notices’, array($this, ‘showProFeature’));643 add_action('wp_ajax_yrc_upgrade_nag_dismiss’, array($this, ‘upgradeNagDismiss’));644 }645 646 public $nags = 13;647 public $max_nags = 2;648 public $nag_key = 'yrc_upgrade_nag_dismisses’;649 650 public function upgradeNagDismisses( $add = false ){651 $nags = get_option($this->nag_key);652 $nags = $nags ? array((int)$nags[0], (int)$nags[1]) : array(0, 0);653 $nags[1] += ($nags[0] >= $this->nags) ? 1 : 0;654 $nags[0] = $nags[0] >= $this->nags ? 0 : (($add || $nags[0]) ? ($nags[0]+1) : $nags[0]);655 update_option($this->nag_key, $nags);656 return $nags;657 }658 659 public function upgradeNagDismiss(){660 $this->upgradeNagDismisses( true );661 wp_send_json(1);662 }663 664 public function showProFeature(){665 if( get_admin_page_title() === ‘YourChannel’ ) return false;666 667 $nags = $this->upgradeNagDismisses();668 if(($nags[0] && ($nags[0] <= $this->nags)) || ($nags[1] > $this->max_nags)) return false;669 670 $notice = $this->proFeatures( true ); ?>671 <div class="updated yrc-nag">672 <p>673 <span style="display:inline-block;width:90%;">674 <b>YourChannel Pro Feature: </b>675 <a href="https://plugin.builders/yourchannel/?notice=<?php echo WPB_YourChannel::$version; ?>” target="_blank">676 <?php echo $notice; ?>677 </a>678 </span><span style="text-align:right;display:inline-block;width:10%;">679 <a href="#dismiss” id="yrc-later” style="color:#E68B8B;">X</a>680 </span>681 </p>682 </div>683 <script type="text/javascript">684 jQuery(‘body’).on('click’, '#yrc-later’, function(e){685 e.preventDefault();686 //jQuery(‘.yrc-nag p’).html(‘Ok, we\’ll ask you again.’);687 window.setTimeout(function(){688 jQuery(‘.yrc-nag’).slideUp();689 }, 1000);690 jQuery.post('admin-ajax.php’, {’action’:’yrc_upgrade_nag_dismiss’}, function(re){691 console.log(re);692 });693 });694 </script>695 <?php 696 697 if($nags[1] === $this->max_nags){698 update_option( $this->nag_key, array((int)$nags[0], (int)$nags[1]+1) );699 echo '<div class="updated yrc-nag"><p>We won\’t ask you to upgrade anymore. Thanks for using <a href="https://plugin.builders/yourchannel/?notice">YourChannel</a></p></div>’;700 } 701 }702 703 public function proFeatures( $random = false ){704 $features = array(705 'Multiple channels. Very useful for multiple themes.’, 706 'List videos from a certain playlist in <i>Videos</i> tab.’,707 'Let users search YouTube - can be restricted to your channel.’,708 'Search bar below banner.’,709 'Show videos by a search term.’,710 'Custom playlists (make playlists in YourChannel by entering video IDs).’,711 'Change colors to match with your site.’,712 'Show video stats/ratings (2 styles).’,713 'Sort uploads (latest, most liked, most viewed, title).’,714 'Autoplay next video.’,715 'Preload any or first video.’,716 'Custom CSS input.’,717 'Show a subscribe button (multiple styles).’,718 'Show other social media links in banner.’,719 'Specify grid column numbers.’,720 'Blacklist videos.’,721 'Blacklist playlists.’,722 'Whitelist playlists. <b>New</b>’,723 'Pagination with Previous / Next buttons.’,724 'Widget.’,725 'More themes: Slider, Carousel, Sidebar. <b>New</b>’,726 'Different theme for Playlists’,727 'Rich players (Show video title, description, stats). <b>New</b>’,728 'Video comments. <b>New</b>’,729 'Video start time. <b>New</b>’,730 'Video initial volume. <b>New</b>’,731 'Show videos from URL parameter. <b>New</b>’,732 'Customize sticky player (size, position, screen size threshhold). <b>New</b>’,733 //’<a href="https://plugin.builders/yourchannel/?from=wp&v=’.WPB_YourChannel::$version.’&compare=1#compare” target="_blank">See Free vs PRO comparison table</a>’734 );735 if($random) return $features[ rand(0, sizeof($features)-1) ];736 737 foreach($features as $f){738 echo '<li>’. $f .’</li>’;739 }740 } 741 742 function checkIfHasLicense(){743 $params = array(744 ‘pbr_action’ => 'get_name’,745 ‘pbr_license’ => get_option(‘yrc_license_key’),746 ‘pbr_check_if_pro’ => true747 );748 749 if( !$params[‘pbr_license’] || self::$is_pro ) return false;750 if( $notice = get_option(‘yrc_wrong_version_notice’) ) { echo $notice; return false; }751 752 $request = wp_remote_post( 'https://plugin.builders/’, array( ‘timeout’ => 15, ‘sslverify’ => false, ‘body’ => $params ) );753 if ( ! is_wp_error( $request ) ) {754 $request = wp_remote_retrieve_body( $request );755 update_option('yrc_wrong_version_notice’, $request);756 echo $request;757 }758 }759 760} 761762763function clearYRCCache(){764 global $wpdb;765 $wpdb->query(“DELETE FROM $wpdb->options WHERE option_name LIKE '_transient%yrc_%’”);766}767768if( isset($_GET[‘yrc_clear_cache’]) ){769 clearYRCCache();770}771772if( is_admin() && isset($_GET[‘yrc_nuke’]) ){773 delete_option(‘yrc_keys’); 774 delete_option(‘yrc_playlist_keys’);775 clearYRCCache();776}777778779/*780add_filter('yourchannel_instance’, function($instance){781 return $instance;782});783*/784785786/*787add_filter('yourchannel_instance’, function($instance){788 // To change API key789 // $instance[‘meta’][‘apikey’] = 'YOUR_API_KEY_HERE’;790791 // To change cache duration792 // $instance[‘meta’][‘cache’] = 1440;793 794 $refreshed = get_option('yrc_manual_refresh’, 0);795 if( time() - $refreshed >= $instance[‘meta’][‘cache’] * 60 ){796 global $wpdb;797 $wpdb->query(“DELETE FROM $wpdb->options WHERE option_name LIKE '_transient%yrc_%’”);798 update_option('yrc_manual_refresh’, time());799 }800801 return $instance;802});803*/804805new WPB_YourChannel();806807808/*809add_filter('yrc_final_output’, function($feed, $channel){810 if( isset($feed[‘uploads’][‘items’] ) ){811 $videos = $feed[‘uploads’][‘items’];812 foreach($videos as $v){813 $v[‘statistics’]->viewCount = (int)$v[‘statistics’]->viewCount + rand(100, 200);814 }815 }816 817 return $feed;818}, 1, 2);819*/820821822823?>