WordPress.org
Get WordPress

Plugin Directory

Changeset 1066471


Ignore:
Timestamp:
01/12/2015 10:53:06 PM (11 years ago)
Author:
aercolino
Message:

Stopped errors in the eval'd code from bubbling up into the plugin code and possibly making the page unavailable.
Added display of the eval'd error in the javascript console.
Fixed a bug that made a second execution in a sequence interfere with the first one.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • enzymes/trunk/src/Enzymes3.php

    r1064716 r1066471  
    300300    }
    301301
     302    protected
     303    function get_rule_regex( $rule, $same_name = true )
     304    {
     305        $result = $this->grammar[$rule]->wrapper_set('@@')
     306                                       ->expression(true);
     307        if ( $same_name ) {
     308            $result = substr_replace($result, Ando_Regex::option_same_name(), 1, 0);
     309        }
     310        return $result;
     311    }
     312
    302313    /**
    303314     * Set to the empty string all keys passed as additional arguments.
     
    330341    {
    331342        ob_start();
    332         $result = eval($code);
    333         $output = ob_get_contents();
    334         ob_end_clean();
    335         return array($result, $output);
     343        $result = @eval($code);
     344        $error  = error_get_last();
     345        $output = ob_get_clean();
     346        return array($result, $output, $error);
    336347    }
    337348
     
    535546    }
    536547
     548    protected
     549    function console_log( $data )
     550    {
     551        $json   = json_encode($data);
     552        $output = <<<SCRIPT
     553\n<script>
     554    (function( data ) {
     555        console = window.console || {};
     556        console.log = console.log || function(data){};
     557        console.log(data);
     558    })( $json );
     559</script>
     560SCRIPT;
     561        echo $output;
     562    }
     563
    537564    /**
    538565     * Execute code according to authors capabilities.
     
    552579              $this->injection_author_can(EnzymesCapabilities::use_others_custom_fields))
    553580        ) {
    554             list($result,) = $this->safe_eval($code, $arguments);
     581            list($result, , $error) = $this->safe_eval($code, $arguments);
     582            if ( ! empty($error) ) {
     583                $result = null;
     584                $this->console_log($error);
     585            }
    555586        } else {
    556587            $result = null;
     
    620651     * Execute the matched enzyme.
    621652     *
    622      * @param array $matches
     653     * @param string $execution
    623654     *
    624655     * @return array|null
    625656     */
    626657    protected
    627     function do_execution( array $matches )
    628     {
     658    function do_execution( $execution )
     659    {
     660        preg_match($this->get_rule_regex('execution'), $execution, $matches);
    629661        $this->default_empty($matches, 'execution', 'post_item', 'author_item', 'num_args');
    630662        extract($matches);
    631         /* @var $execution string */
    632663        /* @var $post_item string */
    633664        /* @var $author_item string */
     
    792823     * Transclude the matched enzyme.
    793824     *
    794      * @param array $matches
     825     * @param string $transclusion
    795826     *
    796827     * @return null|string
    797828     */
    798829    protected
    799     function do_transclusion( array $matches )
    800     {
     830    function do_transclusion( $transclusion )
     831    {
     832        preg_match($this->get_rule_regex('transclusion'), $transclusion, $matches);
    801833        $this->default_empty($matches, 'post_item', 'post_attr', 'author_item', 'author_attr');
    802834        extract($matches);
     
    892924        // By looking at these dates we can only assume a default version, because another one
    893925        // could have been forced by the user right into an injection. --
    894         $result = $this->injection_post->post_modified_gmt <= EnzymesPlugin::activated_on()
     926        $result = $this->injection_post->post_date_gmt <= EnzymesPlugin::activated_on()
    895927                ? 2
    896928                : 3;
     
    910942    {
    911943        $result          = $this->default_version();
    912         $forced_2_prefix = '=enzymes.2=|';
    913         $forced_3_prefix = '=enzymes.3=|';
     944        $forced_2_prefix = '=enzymes 2=|';
     945        $forced_3_prefix = '=enzymes 3=|';
    914946        switch (true) {
    915947            case (0 === strpos($sequence, $forced_2_prefix)):
     
    956988                switch (true) {
    957989                    case $execution != '':
    958                         $argument = $this->do_execution($matches);
     990                        $argument = $this->do_execution($execution);
    959991                        break;
    960992                    case $transclusion != '':
    961                         $argument = $this->do_transclusion($matches);
     993                        $argument = $this->do_transclusion($transclusion);
    962994                        break;
    963995                    case $literal != '':
     
    10121044        // Some filters of ours do not pass the 2nd argument, while others pass a post ID, but
    10131045        // 'wp_title' pass a string separator, so we fix this occurrence.
    1014         $post_id = current_filter() == 'wp_title' ? null : $post;
    1015         $post = get_post($post_id);
     1046        $post_id = current_filter() == 'wp_title'
     1047                ? null
     1048                : $post;
     1049        $post    = get_post($post_id);
    10161050        if ( is_null($post) ) {
    10171051            // Consider this an error, because the developer didn't force no post.
Note: See TracChangeset for help on using the changeset viewer.