Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../public_h.../wp-conte.../plugins/wordpres.../admin
File: ajax.php
<?php
[0] Fix | Delete
/**
[1] Fix | Delete
* WPSEO plugin file.
[2] Fix | Delete
*
[3] Fix | Delete
* @package WPSEO\Admin
[4] Fix | Delete
*/
[5] Fix | Delete
[6] Fix | Delete
if ( ! defined( 'WPSEO_VERSION' ) ) {
[7] Fix | Delete
header( 'Status: 403 Forbidden' );
[8] Fix | Delete
header( 'HTTP/1.1 403 Forbidden' );
[9] Fix | Delete
exit();
[10] Fix | Delete
}
[11] Fix | Delete
[12] Fix | Delete
/**
[13] Fix | Delete
* Convenience function to JSON encode and echo results and then die.
[14] Fix | Delete
*
[15] Fix | Delete
* @param array $results Results array for encoding.
[16] Fix | Delete
*
[17] Fix | Delete
* @return void
[18] Fix | Delete
*/
[19] Fix | Delete
function wpseo_ajax_json_echo_die( $results ) {
[20] Fix | Delete
// phpcs:ignore WordPress.Security.EscapeOutput -- Reason: WPSEO_Utils::format_json_encode is safe.
[21] Fix | Delete
echo WPSEO_Utils::format_json_encode( $results );
[22] Fix | Delete
die();
[23] Fix | Delete
}
[24] Fix | Delete
[25] Fix | Delete
/**
[26] Fix | Delete
* Function used from AJAX calls, takes it variables from $_POST, dies on exit.
[27] Fix | Delete
*
[28] Fix | Delete
* @return void
[29] Fix | Delete
*/
[30] Fix | Delete
function wpseo_set_option() {
[31] Fix | Delete
if ( ! current_user_can( 'manage_options' ) ) {
[32] Fix | Delete
die( '-1' );
[33] Fix | Delete
}
[34] Fix | Delete
[35] Fix | Delete
check_ajax_referer( 'wpseo-setoption' );
[36] Fix | Delete
[37] Fix | Delete
if ( ! isset( $_POST['option'] ) || ! is_string( $_POST['option'] ) ) {
[38] Fix | Delete
die( '-1' );
[39] Fix | Delete
}
[40] Fix | Delete
[41] Fix | Delete
$option = sanitize_text_field( wp_unslash( $_POST['option'] ) );
[42] Fix | Delete
if ( $option !== 'page_comments' ) {
[43] Fix | Delete
die( '-1' );
[44] Fix | Delete
}
[45] Fix | Delete
[46] Fix | Delete
update_option( $option, 0 );
[47] Fix | Delete
die( '1' );
[48] Fix | Delete
}
[49] Fix | Delete
[50] Fix | Delete
add_action( 'wp_ajax_wpseo_set_option', 'wpseo_set_option' );
[51] Fix | Delete
[52] Fix | Delete
/**
[53] Fix | Delete
* Since 3.2 Notifications are dismissed in the Notification Center.
[54] Fix | Delete
*/
[55] Fix | Delete
add_action( 'wp_ajax_yoast_dismiss_notification', [ 'Yoast_Notification_Center', 'ajax_dismiss_notification' ] );
[56] Fix | Delete
[57] Fix | Delete
/**
[58] Fix | Delete
* Function used to remove the admin notices for several purposes, dies on exit.
[59] Fix | Delete
*
[60] Fix | Delete
* @return void
[61] Fix | Delete
*/
[62] Fix | Delete
function wpseo_set_ignore() {
[63] Fix | Delete
if ( ! current_user_can( 'manage_options' ) ) {
[64] Fix | Delete
die( '-1' );
[65] Fix | Delete
}
[66] Fix | Delete
[67] Fix | Delete
check_ajax_referer( 'wpseo-ignore' );
[68] Fix | Delete
[69] Fix | Delete
if ( ! isset( $_POST['option'] ) || ! is_string( $_POST['option'] ) ) {
[70] Fix | Delete
die( '-1' );
[71] Fix | Delete
}
[72] Fix | Delete
[73] Fix | Delete
$ignore_key = sanitize_text_field( wp_unslash( $_POST['option'] ) );
[74] Fix | Delete
WPSEO_Options::set( 'ignore_' . $ignore_key, true );
[75] Fix | Delete
[76] Fix | Delete
die( '1' );
[77] Fix | Delete
}
[78] Fix | Delete
[79] Fix | Delete
add_action( 'wp_ajax_wpseo_set_ignore', 'wpseo_set_ignore' );
[80] Fix | Delete
[81] Fix | Delete
/**
[82] Fix | Delete
* Save an individual SEO title from the Bulk Editor.
[83] Fix | Delete
*
[84] Fix | Delete
* @return void
[85] Fix | Delete
*/
[86] Fix | Delete
function wpseo_save_title() {
[87] Fix | Delete
wpseo_save_what( 'title' );
[88] Fix | Delete
}
[89] Fix | Delete
[90] Fix | Delete
add_action( 'wp_ajax_wpseo_save_title', 'wpseo_save_title' );
[91] Fix | Delete
[92] Fix | Delete
/**
[93] Fix | Delete
* Save an individual meta description from the Bulk Editor.
[94] Fix | Delete
*
[95] Fix | Delete
* @return void
[96] Fix | Delete
*/
[97] Fix | Delete
function wpseo_save_description() {
[98] Fix | Delete
wpseo_save_what( 'metadesc' );
[99] Fix | Delete
}
[100] Fix | Delete
[101] Fix | Delete
add_action( 'wp_ajax_wpseo_save_metadesc', 'wpseo_save_description' );
[102] Fix | Delete
[103] Fix | Delete
/**
[104] Fix | Delete
* Save titles & descriptions.
[105] Fix | Delete
*
[106] Fix | Delete
* @param string $what Type of item to save (title, description).
[107] Fix | Delete
*
[108] Fix | Delete
* @return void
[109] Fix | Delete
*/
[110] Fix | Delete
function wpseo_save_what( $what ) {
[111] Fix | Delete
check_ajax_referer( 'wpseo-bulk-editor' );
[112] Fix | Delete
[113] Fix | Delete
if ( ! isset( $_POST['new_value'], $_POST['wpseo_post_id'], $_POST['existing_value'] ) || ! is_string( $_POST['new_value'] ) || ! is_string( $_POST['existing_value'] ) ) {
[114] Fix | Delete
die( '-1' );
[115] Fix | Delete
}
[116] Fix | Delete
[117] Fix | Delete
$new = sanitize_text_field( wp_unslash( $_POST['new_value'] ) );
[118] Fix | Delete
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- Reason: We are casting the unsafe value to an integer.
[119] Fix | Delete
$post_id = (int) wp_unslash( $_POST['wpseo_post_id'] );
[120] Fix | Delete
$original = sanitize_text_field( wp_unslash( $_POST['existing_value'] ) );
[121] Fix | Delete
[122] Fix | Delete
if ( $post_id === 0 ) {
[123] Fix | Delete
die( '-1' );
[124] Fix | Delete
}
[125] Fix | Delete
[126] Fix | Delete
$results = wpseo_upsert_new( $what, $post_id, $new, $original );
[127] Fix | Delete
[128] Fix | Delete
wpseo_ajax_json_echo_die( $results );
[129] Fix | Delete
}
[130] Fix | Delete
[131] Fix | Delete
/**
[132] Fix | Delete
* Helper function to update a post's meta data, returning relevant information
[133] Fix | Delete
* about the information updated and the results or the meta update.
[134] Fix | Delete
*
[135] Fix | Delete
* @param int $post_id Post ID.
[136] Fix | Delete
* @param string $new_meta_value New meta value to record.
[137] Fix | Delete
* @param string $orig_meta_value Original meta value.
[138] Fix | Delete
* @param string $meta_key Meta key string.
[139] Fix | Delete
* @param string $return_key Return key string to use in results.
[140] Fix | Delete
*
[141] Fix | Delete
* @return array
[142] Fix | Delete
*/
[143] Fix | Delete
function wpseo_upsert_meta( $post_id, $new_meta_value, $orig_meta_value, $meta_key, $return_key ) {
[144] Fix | Delete
[145] Fix | Delete
$post_id = intval( $post_id );
[146] Fix | Delete
$sanitized_new_meta_value = wp_strip_all_tags( $new_meta_value );
[147] Fix | Delete
$orig_meta_value = wp_strip_all_tags( $orig_meta_value );
[148] Fix | Delete
[149] Fix | Delete
$upsert_results = [
[150] Fix | Delete
'status' => 'success',
[151] Fix | Delete
'post_id' => $post_id,
[152] Fix | Delete
"new_{$return_key}" => $sanitized_new_meta_value,
[153] Fix | Delete
"original_{$return_key}" => $orig_meta_value,
[154] Fix | Delete
];
[155] Fix | Delete
[156] Fix | Delete
$the_post = get_post( $post_id );
[157] Fix | Delete
if ( empty( $the_post ) ) {
[158] Fix | Delete
[159] Fix | Delete
$upsert_results['status'] = 'failure';
[160] Fix | Delete
$upsert_results['results'] = __( 'Post doesn\'t exist.', 'wordpress-seo' );
[161] Fix | Delete
[162] Fix | Delete
return $upsert_results;
[163] Fix | Delete
}
[164] Fix | Delete
[165] Fix | Delete
$post_type_object = get_post_type_object( $the_post->post_type );
[166] Fix | Delete
if ( ! $post_type_object ) {
[167] Fix | Delete
[168] Fix | Delete
$upsert_results['status'] = 'failure';
[169] Fix | Delete
$upsert_results['results'] = sprintf(
[170] Fix | Delete
/* translators: %s expands to post type. */
[171] Fix | Delete
__( 'Post has an invalid Content Type: %s.', 'wordpress-seo' ),
[172] Fix | Delete
$the_post->post_type
[173] Fix | Delete
);
[174] Fix | Delete
[175] Fix | Delete
return $upsert_results;
[176] Fix | Delete
}
[177] Fix | Delete
[178] Fix | Delete
if ( ! current_user_can( $post_type_object->cap->edit_posts ) ) {
[179] Fix | Delete
[180] Fix | Delete
$upsert_results['status'] = 'failure';
[181] Fix | Delete
$upsert_results['results'] = sprintf(
[182] Fix | Delete
/* translators: %s expands to post type name. */
[183] Fix | Delete
__( 'You can\'t edit %s.', 'wordpress-seo' ),
[184] Fix | Delete
$post_type_object->label
[185] Fix | Delete
);
[186] Fix | Delete
[187] Fix | Delete
return $upsert_results;
[188] Fix | Delete
}
[189] Fix | Delete
[190] Fix | Delete
if ( ! current_user_can( $post_type_object->cap->edit_others_posts ) && (int) $the_post->post_author !== get_current_user_id() ) {
[191] Fix | Delete
[192] Fix | Delete
$upsert_results['status'] = 'failure';
[193] Fix | Delete
$upsert_results['results'] = sprintf(
[194] Fix | Delete
/* translators: %s expands to the name of a post type (plural). */
[195] Fix | Delete
__( 'You can\'t edit %s that aren\'t yours.', 'wordpress-seo' ),
[196] Fix | Delete
$post_type_object->label
[197] Fix | Delete
);
[198] Fix | Delete
[199] Fix | Delete
return $upsert_results;
[200] Fix | Delete
}
[201] Fix | Delete
[202] Fix | Delete
if ( $sanitized_new_meta_value === $orig_meta_value && $sanitized_new_meta_value !== $new_meta_value ) {
[203] Fix | Delete
$upsert_results['status'] = 'failure';
[204] Fix | Delete
$upsert_results['results'] = __( 'You have used HTML in your value which is not allowed.', 'wordpress-seo' );
[205] Fix | Delete
[206] Fix | Delete
return $upsert_results;
[207] Fix | Delete
}
[208] Fix | Delete
[209] Fix | Delete
$res = update_post_meta( $post_id, $meta_key, $sanitized_new_meta_value );
[210] Fix | Delete
[211] Fix | Delete
$upsert_results['status'] = ( $res !== false ) ? 'success' : 'failure';
[212] Fix | Delete
$upsert_results['results'] = $res;
[213] Fix | Delete
[214] Fix | Delete
return $upsert_results;
[215] Fix | Delete
}
[216] Fix | Delete
[217] Fix | Delete
/**
[218] Fix | Delete
* Save all titles sent from the Bulk Editor.
[219] Fix | Delete
*
[220] Fix | Delete
* @return void
[221] Fix | Delete
*/
[222] Fix | Delete
function wpseo_save_all_titles() {
[223] Fix | Delete
wpseo_save_all( 'title' );
[224] Fix | Delete
}
[225] Fix | Delete
[226] Fix | Delete
add_action( 'wp_ajax_wpseo_save_all_titles', 'wpseo_save_all_titles' );
[227] Fix | Delete
[228] Fix | Delete
/**
[229] Fix | Delete
* Save all description sent from the Bulk Editor.
[230] Fix | Delete
*
[231] Fix | Delete
* @return void
[232] Fix | Delete
*/
[233] Fix | Delete
function wpseo_save_all_descriptions() {
[234] Fix | Delete
wpseo_save_all( 'metadesc' );
[235] Fix | Delete
}
[236] Fix | Delete
[237] Fix | Delete
add_action( 'wp_ajax_wpseo_save_all_descriptions', 'wpseo_save_all_descriptions' );
[238] Fix | Delete
[239] Fix | Delete
/**
[240] Fix | Delete
* Utility function to save values.
[241] Fix | Delete
*
[242] Fix | Delete
* @param string $what Type of item so save.
[243] Fix | Delete
*
[244] Fix | Delete
* @return void
[245] Fix | Delete
*/
[246] Fix | Delete
function wpseo_save_all( $what ) {
[247] Fix | Delete
check_ajax_referer( 'wpseo-bulk-editor' );
[248] Fix | Delete
[249] Fix | Delete
$results = [];
[250] Fix | Delete
if ( ! isset( $_POST['items'], $_POST['existingItems'] ) ) {
[251] Fix | Delete
wpseo_ajax_json_echo_die( $results );
[252] Fix | Delete
}
[253] Fix | Delete
[254] Fix | Delete
$new_values = array_map( [ 'WPSEO_Utils', 'sanitize_text_field' ], wp_unslash( (array) $_POST['items'] ) );
[255] Fix | Delete
$original_values = array_map( [ 'WPSEO_Utils', 'sanitize_text_field' ], wp_unslash( (array) $_POST['existingItems'] ) );
[256] Fix | Delete
[257] Fix | Delete
foreach ( $new_values as $post_id => $new_value ) {
[258] Fix | Delete
$original_value = $original_values[ $post_id ];
[259] Fix | Delete
$results[] = wpseo_upsert_new( $what, $post_id, $new_value, $original_value );
[260] Fix | Delete
}
[261] Fix | Delete
[262] Fix | Delete
wpseo_ajax_json_echo_die( $results );
[263] Fix | Delete
}
[264] Fix | Delete
[265] Fix | Delete
/**
[266] Fix | Delete
* Insert a new value.
[267] Fix | Delete
*
[268] Fix | Delete
* @param string $what Item type (such as title).
[269] Fix | Delete
* @param int $post_id Post ID.
[270] Fix | Delete
* @param string $new_value New value to record.
[271] Fix | Delete
* @param string $original Original value.
[272] Fix | Delete
*
[273] Fix | Delete
* @return string
[274] Fix | Delete
*/
[275] Fix | Delete
function wpseo_upsert_new( $what, $post_id, $new_value, $original ) {
[276] Fix | Delete
$meta_key = WPSEO_Meta::$meta_prefix . $what;
[277] Fix | Delete
[278] Fix | Delete
return wpseo_upsert_meta( $post_id, $new_value, $original, $meta_key, $what );
[279] Fix | Delete
}
[280] Fix | Delete
[281] Fix | Delete
/**
[282] Fix | Delete
* Retrieves the post ids where the keyword is used before as well as the types of those posts.
[283] Fix | Delete
*
[284] Fix | Delete
* @return void
[285] Fix | Delete
*/
[286] Fix | Delete
function ajax_get_keyword_usage_and_post_types() {
[287] Fix | Delete
check_ajax_referer( 'wpseo-keyword-usage-and-post-types', 'nonce' );
[288] Fix | Delete
[289] Fix | Delete
if ( ! isset( $_POST['post_id'], $_POST['keyword'] ) || ! is_string( $_POST['keyword'] ) ) {
[290] Fix | Delete
die( '-1' );
[291] Fix | Delete
}
[292] Fix | Delete
[293] Fix | Delete
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- We are casting to an integer.
[294] Fix | Delete
$post_id = (int) wp_unslash( $_POST['post_id'] );
[295] Fix | Delete
[296] Fix | Delete
if ( $post_id === 0 || ! current_user_can( 'edit_post', $post_id ) ) {
[297] Fix | Delete
die( '-1' );
[298] Fix | Delete
}
[299] Fix | Delete
[300] Fix | Delete
$keyword = sanitize_text_field( wp_unslash( $_POST['keyword'] ) );
[301] Fix | Delete
[302] Fix | Delete
$post_ids = WPSEO_Meta::keyword_usage( $keyword, $post_id );
[303] Fix | Delete
[304] Fix | Delete
if ( ! empty( $post_ids ) ) {
[305] Fix | Delete
$post_types = WPSEO_Meta::post_types_for_ids( $post_ids );
[306] Fix | Delete
}
[307] Fix | Delete
else {
[308] Fix | Delete
$post_types = [];
[309] Fix | Delete
}
[310] Fix | Delete
[311] Fix | Delete
$return_object = [
[312] Fix | Delete
'keyword_usage' => $post_ids,
[313] Fix | Delete
'post_types' => $post_types,
[314] Fix | Delete
];
[315] Fix | Delete
[316] Fix | Delete
wp_die(
[317] Fix | Delete
// phpcs:ignore WordPress.Security.EscapeOutput -- Reason: WPSEO_Utils::format_json_encode is safe.
[318] Fix | Delete
WPSEO_Utils::format_json_encode( $return_object )
[319] Fix | Delete
);
[320] Fix | Delete
}
[321] Fix | Delete
[322] Fix | Delete
add_action( 'wp_ajax_get_focus_keyword_usage_and_post_types', 'ajax_get_keyword_usage_and_post_types' );
[323] Fix | Delete
[324] Fix | Delete
[325] Fix | Delete
/**
[326] Fix | Delete
* Retrieves the keyword for the keyword doubles of the termpages.
[327] Fix | Delete
*
[328] Fix | Delete
* @return void
[329] Fix | Delete
*/
[330] Fix | Delete
function ajax_get_term_keyword_usage() {
[331] Fix | Delete
check_ajax_referer( 'wpseo-keyword-usage', 'nonce' );
[332] Fix | Delete
[333] Fix | Delete
if ( ! isset( $_POST['post_id'], $_POST['keyword'], $_POST['taxonomy'] ) || ! is_string( $_POST['keyword'] ) || ! is_string( $_POST['taxonomy'] ) ) {
[334] Fix | Delete
wp_die( -1 );
[335] Fix | Delete
}
[336] Fix | Delete
[337] Fix | Delete
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- Reason: We are casting the unsafe input to an integer.
[338] Fix | Delete
$post_id = (int) wp_unslash( $_POST['post_id'] );
[339] Fix | Delete
[340] Fix | Delete
if ( $post_id === 0 ) {
[341] Fix | Delete
wp_die( -1 );
[342] Fix | Delete
}
[343] Fix | Delete
[344] Fix | Delete
$keyword = sanitize_text_field( wp_unslash( $_POST['keyword'] ) );
[345] Fix | Delete
$taxonomy_name = sanitize_text_field( wp_unslash( $_POST['taxonomy'] ) );
[346] Fix | Delete
[347] Fix | Delete
$taxonomy = get_taxonomy( $taxonomy_name );
[348] Fix | Delete
[349] Fix | Delete
if ( ! $taxonomy ) {
[350] Fix | Delete
wp_die( 0 );
[351] Fix | Delete
}
[352] Fix | Delete
[353] Fix | Delete
if ( ! current_user_can( $taxonomy->cap->edit_terms ) ) {
[354] Fix | Delete
wp_die( -1 );
[355] Fix | Delete
}
[356] Fix | Delete
[357] Fix | Delete
$usage = WPSEO_Taxonomy_Meta::get_keyword_usage( $keyword, $post_id, $taxonomy_name );
[358] Fix | Delete
[359] Fix | Delete
// Normalize the result so it is the same as the post keyword usage AJAX request.
[360] Fix | Delete
$usage = $usage[ $keyword ];
[361] Fix | Delete
[362] Fix | Delete
wp_die(
[363] Fix | Delete
// phpcs:ignore WordPress.Security.EscapeOutput -- Reason: WPSEO_Utils::format_json_encode is safe.
[364] Fix | Delete
WPSEO_Utils::format_json_encode( $usage )
[365] Fix | Delete
);
[366] Fix | Delete
}
[367] Fix | Delete
[368] Fix | Delete
add_action( 'wp_ajax_get_term_keyword_usage', 'ajax_get_term_keyword_usage' );
[369] Fix | Delete
[370] Fix | Delete
/**
[371] Fix | Delete
* Registers hooks for all AJAX integrations.
[372] Fix | Delete
*
[373] Fix | Delete
* @return void
[374] Fix | Delete
*/
[375] Fix | Delete
function wpseo_register_ajax_integrations() {
[376] Fix | Delete
$integrations = [ new Yoast_Network_Admin() ];
[377] Fix | Delete
[378] Fix | Delete
foreach ( $integrations as $integration ) {
[379] Fix | Delete
$integration->register_ajax_hooks();
[380] Fix | Delete
}
[381] Fix | Delete
}
[382] Fix | Delete
[383] Fix | Delete
wpseo_register_ajax_integrations();
[384] Fix | Delete
[385] Fix | Delete
new WPSEO_Shortcode_Filter();
[386] Fix | Delete
[387] Fix | Delete
new WPSEO_Taxonomy_Columns();
[388] Fix | Delete
[389] Fix | Delete
/* ********************* DEPRECATED FUNCTIONS ********************* */
[390] Fix | Delete
[391] Fix | Delete
/**
[392] Fix | Delete
* Retrieves the keyword for the keyword doubles.
[393] Fix | Delete
*
[394] Fix | Delete
* @return void
[395] Fix | Delete
*/
[396] Fix | Delete
function ajax_get_keyword_usage() {
[397] Fix | Delete
_deprecated_function( __METHOD__, 'WPSEO 20.4' );
[398] Fix | Delete
check_ajax_referer( 'wpseo-keyword-usage', 'nonce' );
[399] Fix | Delete
[400] Fix | Delete
if ( ! isset( $_POST['post_id'], $_POST['keyword'] ) || ! is_string( $_POST['keyword'] ) ) {
[401] Fix | Delete
die( '-1' );
[402] Fix | Delete
}
[403] Fix | Delete
[404] Fix | Delete
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- We are casting to an integer.
[405] Fix | Delete
$post_id = (int) wp_unslash( $_POST['post_id'] );
[406] Fix | Delete
[407] Fix | Delete
if ( $post_id === 0 || ! current_user_can( 'edit_post', $post_id ) ) {
[408] Fix | Delete
die( '-1' );
[409] Fix | Delete
}
[410] Fix | Delete
[411] Fix | Delete
$keyword = sanitize_text_field( wp_unslash( $_POST['keyword'] ) );
[412] Fix | Delete
[413] Fix | Delete
wp_die(
[414] Fix | Delete
// phpcs:ignore WordPress.Security.EscapeOutput -- Reason: WPSEO_Utils::format_json_encode is safe.
[415] Fix | Delete
WPSEO_Utils::format_json_encode( WPSEO_Meta::keyword_usage( $keyword, $post_id ) )
[416] Fix | Delete
);
[417] Fix | Delete
}
[418] Fix | Delete
[419] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function