Making WordPress.org

Changeset 2958


Ignore:
Timestamp:
04/14/2016 08:23:22 PM (9 years ago)
Author:
iandunn
Message:

Jetpack Tweaks: Break into multiple files for better organization.

Location:
sites/trunk/wordcamp.org/public_html/wp-content
Files:
4 added
2 edited
1 moved

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordcamp.org/public_html/wp-content/mu-plugins/jetpack-tweaks/miscellaneous.php

    r2957 r2958  
    22
    33namespace WordCamp\Jetpack_Tweaks;
     4defined( 'WPINC' ) or die();
    45
    5 /*
    6  * Open Graph Default Image.
    7  *
    8  * Provides a default image for sharing WordCamp home/pages to Facebook/Twitter/Google other than the Jetpack "blank" image.
    9  */
    10 function default_og_image() {
    11     return 'https://s.w.org/images/backgrounds/wordpress-bg-medblue.png';
    12 }
    13 add_filter( 'jetpack_open_graph_image_default', __NAMESPACE__ . '\default_og_image' );
    14 
    15 /**
    16  * Choose the default Open Graph image for single posts
    17  *
    18  * @param array $media
    19  * @param int   $post_id
    20  * @param array $args
    21  *
    22  * @return array
    23  */
    24 function default_single_og_image( $media, $post_id, $args ) {
    25     if ( $media ) {
    26         return $media;
    27     }
    28 
    29     if ( has_site_icon() ) {
    30         $image_url = get_site_icon_url();
    31     } else if ( has_header_image() ) {
    32         $image_url = get_header_image();
    33     } else {
    34         $image_url = default_og_image();
    35     }
    36 
    37     return array( array(
    38         'type' => 'image',
    39         'from' => 'custom_fallback',
    40         'src'  => esc_url( $image_url ),
    41         'href' => get_permalink( $post_id ),
    42     ) );
    43 }
    44 add_filter( 'jetpack_images_get_images', __NAMESPACE__ . '\default_single_og_image', 10, 3 );
    45 
    46 /*
    47  * Add Twitter Card type.
    48  *
    49  * Added the twitter:card = summary OG tag for the home page and other ! is_singular() pages, which is not added by default by Jetpack.
    50  */
    51 function add_og_twitter_summary( $og_tags ) {
    52     if ( is_home() || is_front_page() ) {
    53         $og_tags['twitter:card'] = 'summary';
    54     }
    55 
    56     return $og_tags;
    57 }
    58 add_filter( 'jetpack_open_graph_tags', __NAMESPACE__ . '\add_og_twitter_summary' );
    59 
    60 /*
    61  * User @WordCamp as the default Twitter account.
    62  *
    63  * Add default Twitter account as @WordCamp for when individual WCs do not set their Settings->Sharing option for Twitter cards only.
    64  * Sets the "via" tag to blank to avoid slamming @WordCamp moderators with a ton of shared posts.
    65  */
    66 function twitter_sitetag( $site_tag ) {
    67     if ( 'jetpack' == $site_tag ) {
    68         $site_tag = 'WordCamp';
    69         add_filter( 'jetpack_sharing_twitter_via', '__return_empty_string' );
    70     }
    71 
    72     return $site_tag;
    73 }
    74 add_filter( 'jetpack_twitter_cards_site_tag', __NAMESPACE__ . '\twitter_sitetag' );
    75 
    76 /*
    77  * Determine which Jetpack modules should be automatically activated when new sites are created
    78  */
    79 function default_jetpack_modules( $modules ) {
    80     $modules = array_diff( $modules, array( 'widget-visibility' ) );
    81     array_push( $modules, 'contact-form', 'shortcodes', 'custom-css', 'subscriptions' );
    82 
    83     return $modules;
    84 }
    85 add_filter( 'jetpack_get_default_modules', __NAMESPACE__ . '\default_jetpack_modules' );
    86 
    87 /*
    88  * Enable Photon support for HTTPS URLs
    89  */
    90 add_filter( 'jetpack_photon_reject_https', '__return_false' );
    91 
    92 /**
    93  * Never automatically connect new sites to WordPress.com.
    94  * We offload this part to wp-cron.php because of https.
    95  *
    96  * @param array $new_value
    97  * @param array $old_value
    98  *
    99  * @return array
    100  */
    101 function auto_connect_new_sites( $new_value, $old_value ) {
    102     $new_value['auto-connect'] = 0;
    103 
    104     return $new_value;
    105 }
    106 add_filter( 'pre_update_site_option_jetpack-network-settings', __NAMESPACE__ . '\auto_connect_new_sites', 10, 2 );
    107 
    108 /**
    109  * Schedule an attempt to connect this site to Jetpack.
    110  *
    111  * @param int $blog_id The blog id.
    112  */
    113 function schedule_connect_new_site( $blog_id ) {
    114     wp_schedule_single_event( time() + 12 * HOUR_IN_SECONDS + 600, 'wcorg_connect_new_site', array( $blog_id, get_current_user_id() ) );
    115 }
    116 add_action( 'wpmu_new_blog', __NAMESPACE__ . '\schedule_connect_new_site' );
    117 
    118 /**
    119  * Connect the new site to Jetpack. Runs during wp-cron.php.
    120  *
    121  * @param int $blog_id The blog_id to connect.
    122  * @param int $user_id The user ID who created the new site.
    123  */
    124 function wcorg_connect_new_site( $blog_id, $user_id ) {
    125     if ( ! class_exists( 'Jetpack_Network' ) )
    126         return;
    127 
    128     $network = \Jetpack_Network::init();
    129     $current_user_id = get_current_user_id();
    130     wp_set_current_user( $user_id );
    131 
    132     // Register this site with Jetpack.
    133     $network->do_subsiteregister( $blog_id );
    134 
    135     wp_set_current_user( $current_user_id );
    136     error_log( sprintf( 'Connecting new site %d for user %d.', $blog_id, $user_id ) );
    137 }
    138 add_action( 'wcorg_connect_new_site', __NAMESPACE__ . '\wcorg_connect_new_site', 10, 2 );
    139 
    140 /**
    141  * Sanitize parsed Custom CSS rules
    142  *
    143  * @import rules are stripped because they can introduce security vulnerabilities by embedding external
    144  * stylesheets that haven't been sanitized, and they also present a maintenance problem because they rely on
    145  * external resources which could go offline at any point.
    146  *
    147  * @charset rules are stripped because manipulating the charset can allow an attacker to introduce XSS
    148  * vulnerabilities by tricking the browser into interpreting the CSS as HTML.
    149  *
    150  * @param \safecss $safecss
    151  */
    152 function sanitize_csstidy_parsed_rules( $safecss ) {
    153     if ( ! empty( $safecss->parser->import ) ) {
    154         update_option( 'custom_css_import_stripped', true );
    155     }
    156 
    157     $safecss->parser->import  = array();
    158     $safecss->parser->charset = array();
    159 }
    160 add_action( 'csstidy_optimize_postparse', __NAMESPACE__ . '\sanitize_csstidy_parsed_rules' );
    161 
    162 /**
    163  * Notify the user that @import rules were stripped from their CSS
    164  */
    165 function notify_import_rules_stripped() {
    166     global $current_screen;
    167     $relevant_screens = array( 'appearance_page_editcss', 'appearance_page_remote-css' );
    168 
    169     if ( ! is_a( $current_screen, 'WP_Screen' ) || ! in_array( $current_screen->id, $relevant_screens, true ) ) {
    170         return;
    171     }
    172 
    173     if ( ! get_option( 'custom_css_import_stripped' ) ) {
    174         return;
    175     }
    176 
    177     delete_option( 'custom_css_import_stripped' );
    178 
    179     ?>
    180 
    181     <div class="notice notice-warning">
    182         <p>
    183             <?php printf(
    184                 __( 'WARNING: <code>@import</code> rules were stripped for security reasons.
    185                 Please use <a href="%s">the Fonts tool</a> to add web fonts, and merge other stylesheets directly into your custom CSS.',
    186                 'wordcamporg' ),
    187               admin_url( 'themes.php?page=wc-fonts-options' )
    188             ); ?>
    189         </p>
    190     </div>
    191 
    192     <?php
    193 }
    194 add_action( 'admin_notices', __NAMESPACE__ . '\notify_import_rules_stripped' );
    195 
    196 /**
    197  * Sanitize Custom CSS subvalues
    198  *
    199  * @param \safecss $safecss
    200  */
    201 function sanitize_csstidy_subvalues( $safecss ) {
    202     $safecss->sub_value = trim( $safecss->sub_value );
    203 
    204     // Send any urls through our filter
    205     if ( preg_match( '!^\s*(?P<url_expression>url\s*(?P<opening_paren>\(|\\0028)(?P<parenthetical_content>.*)(?P<closing_paren>\)|\\0029))(.*)$!Dis', $safecss->sub_value, $matches ) ) {
    206         $safecss->sub_value = sanitize_urls_in_css_properties( $matches['parenthetical_content'], $safecss->property );
    207 
    208         // Only replace the url([...]) portion of the sub_value so we don't
    209         // lose things like trailing commas or !important declarations.
    210         if ( $safecss->sub_value ) {
    211             $safecss->sub_value = str_replace( $matches['url_expression'], $safecss->sub_value, $matches[0] );
    212         }
    213     }
    214 
    215     // Strip any expressions
    216     if ( preg_match( '!^\\s*expression!Dis', $safecss->sub_value ) ) {
    217         $safecss->sub_value = '';
    218     }
    219 }
    220 add_action( 'csstidy_optimize_subvalue', __NAMESPACE__ . '\sanitize_csstidy_subvalues' );
    221 
    222 /**
    223  * Sanitize URLs used in CSS properties
    224  *
    225  * @param string $url
    226  * @param string $property
    227  *
    228  * @return string
    229  */
    230 function sanitize_urls_in_css_properties( $url, $property ) {
    231     $allowed_properties = array( 'background', 'background-image', 'border-image', 'content', 'cursor', 'list-style', 'list-style-image' );
    232     $allowed_protocols  = array( 'http', 'https' );
    233 
    234     // Clean up the string
    235     $url = trim( $url, "' \" \r \n" );
    236 
    237     // Check against whitelist for properties allowed to have URL values
    238     if ( ! in_array( trim( $property ), $allowed_properties, true ) ) {
    239         // trim() is because multiple properties with the same name are stored with
    240         // additional trailing whitespace so they don't overwrite each other in the hash.
    241         return '';
    242     }
    243 
    244     $url = wp_kses_bad_protocol_once( $url, $allowed_protocols );
    245 
    246     if ( empty( $url ) ) {
    247         return '';
    248     }
    249 
    250     return "url('" . str_replace( "'", "\\'", $url ) . "')";
    251 }
    252 
    253 /**
    254  * Disable Jetpack's Holiday Snow on all WordCamp sites
    255  *
    256  * That option appears in Settings > General between December 1st and January 4th.
    257  * It is off by default.
    258  * This filter removes it completely.
    259  */
     6add_filter( 'jetpack_photon_reject_https',    '__return_false' );
    2607add_filter( 'jetpack_is_holiday_snow_season', '__return_false' );
  • sites/trunk/wordcamp.org/public_html/wp-content/mu-plugins/load-other-mu-plugins.php

    r2442 r2958  
    33defined( 'WPINC' ) or die();
    44
    5 // mu-plugins in sub-directories
    6 require_once( __DIR__ . '/wp-cli-commands/bootstrap.php' );
    7 require_once( __DIR__ . '/camptix-tweaks/camptix-tweaks.php' );
     5wcorg_include_individual_mu_plugins();
     6wcorg_include_mu_plugin_folders();
    87
    9 // Private mu-plugins
    10 $private_mu_plugins = glob( WP_CONTENT_DIR . '/mu-plugins-private/*.php' );
    11 if ( is_array( $private_mu_plugins ) ) {
    12     foreach ( $private_mu_plugins as $plugin ) {
    13         if ( is_file( $plugin ) ) {
    14             require_once( $plugin );
     8/**
     9 * Load individually-targeted files
     10 *
     11 * This is because the folder contains some .php files that we don't want to automatically include with glob().
     12 */
     13function wcorg_include_individual_mu_plugins() {
     14    require_once( __DIR__ . '/wp-cli-commands/bootstrap.php' );
     15    require_once( __DIR__ . '/camptix-tweaks/camptix-tweaks.php' );
     16}
     17
     18/**
     19 * Load every mu-plugin in these folders
     20 */
     21function wcorg_include_mu_plugin_folders() {
     22    $include_folders = array(
     23        dirname( __DIR__ ) . '/mu-plugins-private',
     24        __DIR__ . '/jetpack-tweaks',
     25    );
     26
     27    foreach ( $include_folders as $folder ) {
     28        $plugins = glob( $folder . '/*.php' );
     29
     30        if ( is_array( $plugins ) ) {
     31            foreach ( $plugins as $plugin ) {
     32                if ( is_file( $plugin ) ) {
     33                    require_once( $plugin );
     34                }
     35            }
    1536        }
    1637    }
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-remote-css/tests/bootstrap.php

    r2170 r2958  
    3131    require_once( dirname(                   __DIR__ )     . '/bootstrap.php'                 );
    3232    require_once( dirname( dirname(          __DIR__ ) )   . '/jetpack/jetpack.php'           );
    33     require_once( dirname( dirname( dirname( __DIR__ ) ) ) . '/mu-plugins/jetpack-tweaks.php' ); // Some of the sanitization lives here because it runs for both Custom CSS and Remote CSS
     33
     34    // Some of the sanitization lives here because it runs for both Custom CSS and Remote CSS
     35    require_once( dirname( dirname( dirname( __DIR__ ) ) ) . '/mu-plugins/jetpack-tweaks/css-sanitization.php' );
    3436}
    3537tests_add_filter( 'muplugins_loaded', __NAMESPACE__ . '\manually_load_plugin' );
Note: See TracChangeset for help on using the changeset viewer.