Completed
Push — feature/videopress-uploader ( e9e1f9...6e76b8 )
by
unknown
08:48
created

Jetpack_VideoPress::sanitize_wp_query_args()   A

Complexity

Conditions 3
Paths 4

Size

Total Lines 21
Code Lines 16

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 3
eloc 16
nc 4
nop 1
dl 0
loc 21
rs 9.3142
c 0
b 0
f 0
1
<?php
2
/**
3
 * VideoPress in Jetpack
4
 *
5
 */
6
class Jetpack_VideoPress {
7
	public $module = 'videopress';
8
	public $option_name = 'videopress';
9
	public $version = 4;
10
11
	/**
12
	 * Singleton
13
	 */
14
	public static function init() {
15
		static $instance = false;
16
17
		if ( ! $instance )
18
			$instance = new Jetpack_VideoPress;
19
20
		return $instance;
21
	}
22
23
	function __construct() {
24
		$this->version = time(); // <s>ghost</s> cache busters!
25
		add_action( 'init', array( $this, 'on_init' ) );
26
		add_action( 'jetpack_activate_module_videopress', array( $this, 'jetpack_module_activated' ) );
27
		add_action( 'jetpack_deactivate_module_videopress', array( $this, 'jetpack_module_deactivated' ) );
28
	}
29
30
	/**
31
	 * Fires on init since is_connection_owner should wait until the user is initialized by $wp->init();
32
	 */
33
	function on_init() {
34
		$options = $this->get_options();
35
36
		// Only the connection owner can configure this module.
37
		if ( $this->is_connection_owner() ) {
38
			Jetpack::enable_module_configurable( $this->module );
39
			Jetpack::module_configuration_load( $this->module, array( $this, 'jetpack_configuration_load' ) );
40
			Jetpack::module_configuration_screen( $this->module, array( $this, 'jetpack_configuration_screen' ) );
41
		}
42
43
		// Only if the current user can manage the VideoPress library and one has been connected.
44
		if ( $this->can( 'read_videos' ) && $options['blog_id'] ) {
45
			add_action( 'wp_enqueue_media', array( $this, 'enqueue_admin_scripts' ) );
46
			add_action( 'print_media_templates', array( $this, 'print_media_templates' ) );
47
48
			// Load these at priority -1 so they're fired before Core's are.
49
			add_action( 'wp_ajax_query-attachments', array( $this, 'wp_ajax_query_attachments' ), -1 );
50
			add_action( 'wp_ajax_save-attachment', array( $this, 'wp_ajax_save_attachment' ), -1 );
51
			add_action( 'wp_ajax_save-attachment-compat', array( $this, 'wp_ajax_save_attachment' ), -1 );
52
			add_action( 'wp_ajax_delete-post', array( $this, 'wp_ajax_delete_post' ), -1 );
53
54
			add_action( 'admin_menu', array( $this, 'admin_menu' ) );
55
		}
56
57
		if ( $this->can( 'upload_videos' ) && $options['blog_id'] ) {
58
			add_action( 'wp_ajax_videopress-get-upload-token', array( $this, 'wp_ajax_videopress_get_upload_token' ) );
59
			add_filter( 'plupload_default_settings', array( $this, 'videopress_pluploder_config' ) );
60
		}
61
62
		add_filter( 'videopress_shortcode_options', array( $this, 'videopress_shortcode_options' ) );
63
		add_filter( 'jetpack_xmlrpc_methods', array( $this, 'xmlrpc_methods' ) );
64
	}
65
66
	/**
67
	 * Adds additional methods the WordPress xmlrpc API for handling VideoPress specific features
68
	 *
69
	 * @param array $methods
70
	 * @return array
71
	 **/
72
	public function xmlrpc_methods( $methods ) {
73
		$methods['jetpack.createMediaItem'] = array( $this, 'xmlrpc_create_media_item' );
74
		$methods['jetpack.updateVideoPressInfo'] = array( $this, 'xmlrpc_update_videopress_info' );
75
76
		return $methods;
77
	}
78
	
79
	public function xmlrpc_update_videopress_info( $vp_info ) {
80
81
		$errors = null;
82
		foreach ( $vp_info as $vp_item ) {
83
			$id = $vp_item['id'];
84
			$info = $vp_item['info'];
85
86
			$post = get_post( $id );
87
88
			if ( ! $post ) {
89
				$errors[] = array(
90
					'id' => $id,
91
					'error' => 'Post not found',
92
				);
93
94
				continue;
95
			}
96
97
			$meta = wp_get_attachment_metadata( $post->ID );
98
			$meta['videopress'] = $info;
99
100
			wp_update_attachment_metadata( $post->ID, $meta );
101
		}
102
103
		if ( count( $errors ) > 0 ) {
104
			return array( 'errors' => $errors );
105
106
		} else {
107
			return true;
108
		}
109
	}
110
	
111
	public function xmlrpc_create_media_item( $media ) {
112
		$created_items = array();
113
114
		foreach ( $media as $media_item ) {
115
			$post = array(
116
				'post_type'   => 'attachment',
117
				'post_mime_type' => 'video/videopress',
118
				'post_title' => sanitize_title( basename( $media_item['url'] ) ),
119
				'post_content' => '',
120
				'file' => $media_item['file'],
121
				'guid' => $media_item['url'],
122
			);
123
124
			$media_id = wp_insert_post( $post );
125
126
			wp_update_attachment_metadata( $media_id, array(
127
				'original' => array(
128
					'url' => $media_item['url'],
129
					'file' => $media_item['file'],
130
					'mime_type' => $media_item['type'],
131
				),
132
			) );
133
134
			$created_items[] = array(
135
				'id' => $media_id,
136
				'post' => get_post( $media_id ),
137
			);
138
		}
139
140
		return array( 'media' => $created_items );
141
	}
142
143
	function wp_ajax_videopress_get_upload_token() {
144
		if ( ! $this->can( 'upload_videos' ) ) {
145
			return wp_send_json_error();
146
		}
147
148
		$options = $this->get_options();
149
150
		$args = array(
151
			'method'  => 'POST',
152
		);
153
154
		$endpoint = "sites/{$options['id']}/media/token";
155
		$result = Jetpack_Client::wpcom_json_api_request_as_blog( $endpoint, Jetpack_Client::WPCOM_JSON_API_VERSION, $args );
156
157
		if ( is_wp_error( $result ) ) {
158
			return wp_send_json_error( array( 'message' => __( 'Could not obtain a VideoPress upload token. Please try again later.', 'jetpack' ) ) );
159
		}
160
161
		$response = json_decode( $result['body'], true );
162
163
		if ( empty( $response['upload_blog_id'] ) || empty( $response['upload_token'] ) ) {
164
			return wp_send_json_error( array( 'message' => __( 'Could not obtain a VideoPress upload token. Please try again later.', 'jetpack' ) ) );
165
		}
166
167
		$response['upload_action_url'] = self::make_media_upload_path( $response['upload_blog_id'] );
168
169
		return wp_send_json_success( $response );
170
	}
171
172
	/**
173
	 * Get the upload api path.
174
	 *
175
	 * @param $blog_id
176
	 * @return string
177
	 */
178
	function make_media_upload_path( $blog_id ) {
179
		return sprintf(
180
			'%s://%s/rest/v%s/videos/%s/new',
181
			'https',
182
			'public-api.wordpress.com', //JETPACK__WPCOM_JSON_API_HOST,
183
			Jetpack_Client::WPCOM_JSON_API_VERSION,
184
			$blog_id
185
		);
186
	}
187
188
	/**
189
	 * Modify the default plupload config to turn on videopress specific filters.
190
	 */
191
	function videopress_pluploder_config( $config ) {
192
		$config['filters']['videopress_check_uploads'] = 1;
193
		return $config;
194
	}
195
196
	/**
197
	 * Get VideoPress options
198
	 */
199
	function get_options() {
200
		$defaults = array(
201
			'blogs' => array(),
202
			'blog_id' => 0,
203
			'access' => '',
204
			'allow-upload' => false,
205
			'freedom' => false,
206
			'hd' => false,
207
			'meta' => array(
208
				'max_upload_size' => 0,
209
			),
210
		);
211
212
		$options = Jetpack_Options::get_option( $this->option_name, array() );
213
214
		// If options have not been saved yet, check for older VideoPress plugin options.
215
		if ( empty( $options ) ) {
216
			$options['freedom'] = (bool) get_option( 'video_player_freedom', false );
217
			$options['hd'] = (bool) get_option( 'video_player_high_quality', false );
218
		}
219
220
		$options = array_merge( $defaults, $options );
221
		$options['id'] = Jetpack_Options::get_option( 'id' );
222
223
		return $options;
224
	}
225
226
	/**
227
	 * Update VideoPress options
228
	 */
229
	function update_options( $options ) {
230
		Jetpack_Options::update_option( $this->option_name, $options );
231
	}
232
233
	/**
234
	 * Runs when the VideoPress module is activated.
235
	 */
236
	function jetpack_module_activated() {
237
		if ( ! $this->is_connection_owner() )
238
			return;
239
240
		$options = $this->get_options();
241
242
		// Ask WordPress.com for a list of VideoPress blogs
243
		$result = $this->query( 'jetpack.vpGetBlogs' );
244
		if ( ! is_wp_error( $result ) )
245
			$options['blogs'] = $result;
246
247
		// If there's at least one available blog, let's use it.
248
		if ( is_array( $options['blogs'] ) && count( $options['blogs'] ) > 0 )
249
			$options['blog_id'] = $options['blogs'][0]['blog_id'];
250
251
		$this->update_options( $options );
252
	}
253
254
	/**
255
	 * Runs when the VideoPress module is deactivated.
256
	 */
257
	function jetpack_module_deactivated() {
258
		Jetpack_Options::delete_option( $this->option_name );
259
	}
260
261
	/**
262
	 * Remote Query
263
	 *
264
	 * Performs a remote XML-RPC query using Jetpack's IXR Client. And also
265
	 * appends some useful stuff about this setup to the query.
266
	 *
267
	 * @return the Jetpack_IXR_Client object after querying.
268
	 */
269
	function query( $method, $args = null ) {
270
		$options = $this->get_options();
271
		Jetpack::load_xml_rpc_client();
272
		$xml = new Jetpack_IXR_Client( array(
273
			'user_id' => JETPACK_MASTER_USER, // All requests are on behalf of the connection owner.
274
		) );
275
276
		$params = array(
277
			'args' => $args,
278
			'video_blog_id' => $options['blog_id'],
279
			'caps' => array(),
280
		);
281
282
		// Let Jetpack know about our local caps.
283 View Code Duplication
		foreach ( array( 'read_videos', 'edit_videos', 'delete_videos', 'upload_videos' ) as $cap )
284
			if ( $this->can( $cap ) )
285
				$params['caps'][] = $cap;
286
287
		$xml->query( $method, $params );
288
289
		if ( $xml->isError() )
290
			return new WP_Error( 'xml_rpc_error', 'An XML-RPC error has occurred.' );
291
292
		$response = $xml->getResponse();
293
294
		// If there's any metadata with the response, save it for future use.
295
		if ( is_array( $response ) && isset( $response['meta'] ) ) {
296
			$options = $this->get_options();
297
			if ( $response['meta'] !== $options['meta'] ) {
298
				$options['meta'] = array_merge( $options['meta'], $response['meta'] );
299
				$this->update_options( $options );
300
			}
301
		}
302
303
		if ( is_array( $response ) && isset( $response['result'] ) )
304
			return $response['result'];
305
306
		return $response;
307
	}
308
309
	/**
310
	 * Runs before the VideoPress Configuration screen loads, useful
311
	 * to update options and yield errors.
312
	 */
313
	function jetpack_configuration_load() {
314
		$this->enqueue_admin_scripts();
315
316
		/**
317
		 * Save configuration
318
		 */
319
		if ( ! empty( $_POST['action'] ) && $_POST['action'] == 'videopress-save' ) {
320
			check_admin_referer( 'videopress-settings' );
321
			$options = $this->get_options();
322
323
			if ( isset( $_POST['blog_id'] ) && in_array( $_POST['blog_id'], wp_list_pluck( $options['blogs'], 'blog_id' ) ) )
324
				$options['blog_id'] = $_POST['blog_id'];
325
326
			// Allow the None setting too.
327
			if ( isset( $_POST['blog_id'] ) && $_POST['blog_id'] == 0 )
328
				$options['blog_id'] = 0;
329
330
			/**
331
			 * @see $this->can()
332
			 */
333
			if ( isset( $_POST['videopress-access'] ) && in_array( $_POST['videopress-access'], array( '', 'read', 'edit', 'delete' ) ) )
334
				$options['access'] = $_POST['videopress-access'];
335
336
			$options['freedom'] = isset( $_POST['videopress-freedom'] );
337
			$options['hd'] = isset( $_POST['videopress-hd'] );
338
339
			// Allow upload only if some level of access has been granted, and uploads were allowed.
340
			$options['allow-upload'] = false;
341
			if ( ! empty( $options['access'] ) && isset( $_POST['videopress-upload'] ) )
342
				$options['allow-upload'] = true;
343
344
			$this->update_options( $options );
345
			Jetpack::state( 'message', 'module_configured' );
346
			wp_safe_redirect( Jetpack::module_configuration_url( $this->module ) );
347
		}
348
349
		/**
350
		 * Refresh the list of available WordPress.com blogs
351
		 */
352
		if ( ! empty( $_GET['videopress'] ) && $_GET['videopress'] == 'refresh-blogs' ) {
353
			check_admin_referer( 'videopress-settings' );
354
			$options = $this->get_options();
355
356
			$result = $this->query( 'jetpack.vpGetBlogs' );
357
			if ( ! is_wp_error( $result ) ) {
358
				$options['blogs'] = $result;
359
				$this->update_options( $options );
360
			}
361
362
			wp_safe_redirect( Jetpack::module_configuration_url( $this->module ) );
363
		}
364
	}
365
366
	/**
367
	 * Renders the VideoPress Configuration screen in Jetpack.
368
	 */
369
	function jetpack_configuration_screen() {
370
		$options = $this->get_options();
371
		$refresh_url = wp_nonce_url( add_query_arg( 'videopress', 'refresh-blogs' ), 'videopress-settings' );
372
		?>
373
		<div class="narrow">
374
			<form method="post" id="videopress-settings">
375
				<input type="hidden" name="action" value="videopress-save" />
376
				<?php wp_nonce_field( 'videopress-settings' ); ?>
377
378
				<table id="menu" class="form-table">
379
					<tr>
380
						<th scope="row" colspan="2">
381
							<p><?php _e( 'Please note that the VideoPress module requires a WordPress.com account with an active <a href="http://store.wordpress.com/premium-upgrades/videopress/" target="_blank">VideoPress subscription</a>.', 'jetpack' ); ?></p>
382
						</th>
383
					</tr>
384
					<tr>
385
						<th scope="row">
386
							<label><?php _e( 'Connected WordPress.com Blog', 'jetpack' ); ?></label>
387
						</th>
388
						<td>
389
							<select name="blog_id">
390
								<option value="0" <?php selected( $options['blog_id'], 0 ); ?>> <?php esc_html_e( 'None', 'jetpack' ); ?></option>
391
								<?php foreach ( $options['blogs'] as $blog ) : ?>
392
								<option value="<?php echo absint( $blog['blog_id'] ); ?>" <?php selected( $options['blog_id'], $blog['blog_id'] ); ?>><?php echo esc_html( $blog['name'] ); ?> (<?php echo esc_html( $blog['domain'] ); ?>)</option>
393
								<?php endforeach; ?>
394
							</select>
395
							<p class="description"><?php _e( 'Only videos from the selected blog will be available in your media library.', 'jetpack' ); ?>
396
								<?php printf( __( '<a href="%s">Click here</a> to refresh this list.', 'jetpack' ), esc_url( $refresh_url ) ); ?>
397
							</p>
398
						</td>
399
					</tr>
400
					<tr>
401
						<th scope="row">
402
							<label><?php _e( 'Video Library Access', 'jetpack' ); ?></label>
403
						</th>
404
						<td>
405
							<label><input type="radio" name="videopress-access" value="" <?php checked( '', $options['access'] ); ?> />
406
								<?php _e( 'Do not allow other users to access my VideoPress library', 'jetpack' ); ?></label><br/>
407
							<label><input type="radio" name="videopress-access" value="read" <?php checked( 'read', $options['access'] ); ?> />
408
								<?php _e( 'Allow users to access my videos', 'jetpack' ); ?></label><br/>
409
							<label><input type="radio" name="videopress-access" value="edit" <?php checked( 'edit', $options['access'] ); ?> />
410
								<?php _e( 'Allow users to access and edit my videos', 'jetpack' ); ?></label><br/>
411
							<label><input type="radio" name="videopress-access" value="delete" <?php checked( 'delete', $options['access'] ); ?> />
412
								<?php _e( 'Allow users to access, edit, and delete my videos', 'jetpack' ); ?></label><br/><br />
413
414
							<label><input type="checkbox" name="videopress-upload" value="1" <?php checked( $options['allow-upload'] ); ?> />
415
								<?php _e( 'Allow users to upload videos', 'jetpack' ); ?></label><br />
416
						</td>
417
					</tr>
418
					<tr>
419
						<th scope="row">
420
							<label for="videopress-freedom"><?php _e( 'Free formats', 'jetpack' ); ?></label>
421
						</th>
422
						<td>
423
							<label><input type="checkbox" name="videopress-freedom" id="videopress-freedom" <?php checked( $options['freedom'] ); ?> />
424
								<?php _e( 'Only display videos in free software formats', 'jetpack' ); ?></label>
425
							<p class="description"><?php _e( 'Ogg file container with Theora video and Vorbis audio. Note that some browsers are unable to play free software video formats, including Internet Explorer and Safari.', 'jetpack' ); ?></p>
426
						</td>
427
					</tr>
428
					<tr>
429
						<th scope="row">
430
							<label for="videopress-hd"><?php _e( 'Default quality', 'jetpack' ); ?></label>
431
						</th>
432
						<td>
433
							<label><input type="checkbox" name="videopress-hd" id="videopress-hd" <?php checked( $options['hd'] ); ?> />
434
								<?php _e( 'Display higher quality video by default.', 'jetpack' ); ?></label>
435
							<p class="description"><?php _e( 'This setting may be overridden for individual videos.', 'jetpack' ); ?></p>
436
						</td>
437
					</tr>
438
				</table>
439
440
				<?php submit_button(); ?>
441
			</form>
442
		</div>
443
		<?php
444
	}
445
446
	function admin_menu() {
447
		add_media_page( __( 'VideoPress Library', 'jetpack' ), __( 'VideoPress', 'jetpack' ), 'upload_files', 'videopress-library', array( $this, 'admin_menu_library' ) );
448
	}
449
450
	function admin_menu_library() {
451
		wp_enqueue_media();
452
		$this->enqueue_admin_scripts();
453
		?>
454
		<div class="wrap" style="max-width: 600px;">
455
			<?php screen_icon(); ?>
456
	        <h2><?php _e( 'VideoPress Library', 'jetpack' ); ?></h2>
457
	        <p><?php _e( 'Use the button below to browse your VideoPress Library. Note that you can also browse your VideoPress Library while editing a post or page by using the <strong>Add Media</strong> button in the post editor.', 'jetpack' ); ?></p>
458
	        <p class="hide-if-no-js"><a href="#" id="videopress-browse" class="button"><?php _e( 'Browse Your VideoPress Library', 'jetpack' ); ?></a></p>
459
	        <p class="hide-if-js description"><?php _e( 'Please enable JavaScript support in your browser to use VideoPress.', 'jetpack' ); ?></p>
460
	    </div>
461
		<?php
462
	}
463
464
	/**
465
	 * A can of coke
466
	 *
467
	 * Similar to current_user_can, but internal to VideoPress. Returns
468
	 * true if the given VideoPress capability is allowed by the given user.
469
	 */
470
	function can( $cap, $user_id = false ) {
471
		if ( ! $user_id )
472
			$user_id = get_current_user_id();
473
474
		// Connection owners are allowed to do all the things.
475
		if ( $this->is_connection_owner( $user_id ) )
476
			return true;
477
478
		/**
479
		 * The access setting can be set by the connection owner, to allow sets
480
		 * of operations to other site users. Each access value corresponds to
481
		 * an array of things they can do.
482
		 */
483
484
		$options = $this->get_options();
485
		$map = array(
486
			'read'   => array( 'read_videos' ),
487
			'edit'   => array( 'read_videos', 'edit_videos' ),
488
			'delete' => array( 'read_videos', 'edit_videos', 'delete_videos' ),
489
		);
490
491
		if ( ! array_key_exists( $options['access'], $map ) )
492
			return false;
493
494
		if ( ! in_array( $cap, $map[ $options['access'] ] ) && 'upload_videos' != $cap )
495
			return false;
496
497
		// Additional and intrenal caps checks
498
499
		if ( ! user_can( $user_id, 'upload_files' ) )
500
			return false;
501
502
		if ( 'edit_videos' == $cap && ! user_can( $user_id, 'edit_others_posts' ) )
503
			return false;
504
505
		if ( 'delete_videos' == $cap && ! user_can( $user_id, 'delete_others_posts' ) )
506
			return false;
507
508
		if ( 'upload_videos' == $cap && ! $options['allow-upload'] )
509
			return false;
510
511
		return true;
512
	}
513
514
	/**
515
	 * Returns true if the provided user is the Jetpack connection owner.
516
	 */
517
	function is_connection_owner( $user_id = false ) {
518
		if ( ! $user_id )
519
			$user_id = get_current_user_id();
520
521
		$user_token = Jetpack_Data::get_access_token( JETPACK_MASTER_USER );
522
		return $user_token && is_object( $user_token ) && isset( $user_token->external_user_id ) && $user_id === $user_token->external_user_id;
523
	}
524
525
	/**
526
	 * Our custom AJAX callback for the query-attachments action
527
	 * used in the media modal. By-passed if not for VideoPress.
528
	 */
529
	function wp_ajax_query_attachments() {
530
531
		// Watch for VideoPress calls
532
		if ( ! isset( $_POST['query']['videopress'] ) )
533
			return;
534
535
		if ( ! $this->can( 'read_videos' ) )
536
			return wp_send_json_error( 'permission denied' );
537
538
		// Get and sanitize query arguments.
539
		$query_args = $this->sanitize_wp_query_args( $_POST['query'] );
540
541
		// Fire a remote WP_Query
542
		$result = $this->query( 'jetpack.vpQuery', $query_args );
543
544
		if ( is_wp_error( $result ) )
545
			return wp_send_json_error( 'xml rpc request error' );
546
547
		$items = $result;
548
549
		foreach ( $items as $key => $item ) {
550
551
			// Check local permissions
552
			if ( ! $this->can( 'edit_videos' ) )
553
				unset( $item['vp_nonces']['update'] );
554
555
			if ( ! $this->can( 'delete_videos' ) )
556
				unset( $item['vp_nonces']['delete'] );
557
558
			// Add a second pair of nonces for the .org blog.
559
			$item['nonces'] = array();
560 View Code Duplication
			if ( ! empty( $item['vp_nonces']['update'] ) )
561
				$item['nonces']['update'] = wp_create_nonce( 'update-videopress-post_' . $item['id'] );
562
563 View Code Duplication
			if ( ! empty( $item['vp_nonces']['delete'] ) )
564
				$item['nonces']['delete'] = wp_create_nonce( 'delete-videopress-post_' . $item['id'] );
565
566
			$item['vp_embed'] = videopress_shortcode_callback( array(
567
				$item['vp_guid'],
568
				'autoplay' => true,
569
				'flashonly' => true,
570
				'w' => 440,
571
			) );
572
573
			$items[ $key ] = $item;
574
		}
575
576
		wp_send_json_success( $items );
577
	}
578
579
	/**
580
	 * Sanitize user-provided WP_Query arguments
581
	 *
582
	 * These might be sent to the VideoPress server, for a remote WP_Query
583
	 * call so let's make sure they're sanitized and safe to send.
584
	 */
585
	function sanitize_wp_query_args( $args ) {
586
		$args = shortcode_atts( array(
587
			'posts_per_page' => 40,
588
			'orderby' => 'date',
589
			'order' => 'desc',
590
			'paged' => 1,
591
			's' => '',
592
		), (array) $args, 'wpvideo' );
593
594
		$args['posts_per_page'] = absint( $args['posts_per_page'] );
595
596
		$args['orderby'] = strtolower( $args['orderby'] );
597
		$args['orderby'] = ( in_array( $args['orderby'], array( 'date' ) ) ) ? $args['orderby'] : 'date';
598
599
		$args['order'] = strtolower( $args['order'] );
600
		$args['order'] = ( in_array( $args['order'], array( 'asc', 'desc' ) ) ) ? $args['order'] : 'desc';
601
602
		$args['paged'] = absint( $args['paged'] );
603
		$args['s'] = sanitize_text_field( $args['s'] );
604
		return $args;
605
	}
606
607
	/**
608
	 * Custom AJAX callback for the save-attachment action. If the request was
609
	 * not for a VideoPress object, core's fallback action will kick in.
610
	 */
611
	function wp_ajax_save_attachment() {
612
		if ( ! isset( $_POST['is_videopress'] ) )
613
			return;
614
615
		if ( ! $this->can( 'edit_videos' ) )
616
			return wp_send_json_error( 'permission denied' );
617
618
		$post_id = 0;
619 View Code Duplication
		if ( ! isset( $_POST['id'] ) || ! $post_id = absint( $_POST['id'] ) )
620
			wp_send_json_error();
621
622
		if ( ! isset( $_POST['vp_nonces']['update'] ) )
623
			wp_send_json_error();
624
625
		check_ajax_referer( 'update-videopress-post_' . $post_id, 'nonce' );
626
627
		$changes = ( ! empty( $_POST['changes'] ) ) ? (array) $_POST['changes'] : array();
628
		$changes = shortcode_atts( array(
629
			'title' => null,
630
			'caption' => null,
631
			'description' => null,
632
633
			'vp_share' => null,
634
			'vp_rating' => null,
635
		), $changes, 'wpvideo' );
636
637
		if ( ! is_null( $changes['vp_share'] ) )
638
			$changes['vp_share'] = (bool) $changes['vp_share'];
639
640
		if ( ! is_null( $changes['vp_rating'] ) )
641
			$changes['vp_rating'] = ( array_key_exists( $changes['vp_rating'], $this->get_available_ratings() ) ) ? $changes['vp_rating'] : null;
642
643
		// Remove null-values
644
		foreach ( $changes as $key => $value )
645
			if ( is_null( $value ) )
646
				unset( $changes[ $key ] );
647
648
		$result = $this->query( 'jetpack.vpSaveAttachment', array(
649
			'post_id' => $post_id,
650
			'changes' => $changes,
651
			'nonce' => $_POST['vp_nonces']['update'],
652
		) );
653
654
		if ( is_wp_error( $result ) )
655
			return wp_send_json_error( 'xml rpc request error' );
656
657
		wp_send_json_success();
658
	}
659
660
	/**
661
	 * Custom AJAX callback for the delete-post action, only for VideoPress objects.
662
	 */
663
	function wp_ajax_delete_post() {
664
		if ( ! isset( $_POST['is_videopress'] ) )
665
			return;
666
667
		if ( ! $this->can( 'delete_videos' ) )
668
			return wp_send_json_error( 'permission denied' );
669
670
		$post_id = 0;
671 View Code Duplication
		if ( ! isset( $_POST['id'] ) || ! $post_id = absint( $_POST['id'] ) )
672
			wp_send_json_error();
673
674
		if ( ! isset( $_POST['vp_nonces']['delete'] ) )
675
			wp_send_json_error();
676
677
		check_ajax_referer( 'delete-videopress-post_' . $post_id );
678
679
		$result = $this->query( 'jetpack.vpDeleteAttachment', array(
680
			'post_id' => $post_id,
681
			'nonce' => $_POST['vp_nonces']['delete'],
682
		) );
683
684
		if ( is_wp_error( $result ) )
685
			return wp_send_json_error( 'xml rpc request error' );
686
687
		wp_send_json_success();
688
	}
689
690
	/**
691
	 * Register VideoPress admin scripts.
692
	 */
693
	function enqueue_admin_scripts() {
694
		if ( did_action( 'videopress_enqueue_admin_scripts' ) )
695
			return;
696
697
		wp_enqueue_script( 'videopress-uploader', plugins_url( 'js/videopress-uploader.js', __FILE__) , array( 'jquery', 'wp-plupload' ), $this->version );
698
		wp_enqueue_script( 'videopress-admin', plugins_url( 'js/videopress-admin.js', __FILE__ ), array( 'jquery', 'media-views', 'media-models' ), $this->version );
699
		wp_enqueue_style( 'videopress-admin', plugins_url( 'videopress-admin.css', __FILE__ ), array(), $this->version );
700
701
		$caps = array();
702 View Code Duplication
		foreach( array( 'read_videos', 'edit_videos', 'delete_videos', 'upload_videos' ) as $cap )
703
			$caps[ $cap ] = $this->can( $cap );
704
705
		$l10n = array(
706
			'selectVideoFile' => __( 'Please select a video file to upload.', 'jetpack' ),
707
			'videoUploading' => __( 'Your video is uploading... Please do not close this window.', 'jetpack' ),
708
			'unknownError' => __( 'An unknown error has occurred. Please try again later.', 'jetpack' ),
709
			'videoUploaded' => __( 'Your video has successfully been uploaded. It will appear in your VideoPress Library shortly.', 'jetpack' ),
710
			'VideoPressLibraryRouter' => __( 'VideoPress Library', 'jetpack' ),
711
			'uploadVideoRouter' => __( 'Upload a Video', 'jetpack' ),
712
			'insertVideoButton' => __( 'Insert Video', 'jetpack' ),
713
714
		);
715
716
		wp_localize_script( 'videopress-admin', 'VideoPressAdminSettings', array(
717
			'caps' => $caps,
718
			'l10n' => $l10n,
719
		) );
720
		
721
		/**
722
		 * Fires after VideoPress scripts are enqueued in the dashboard.
723
		 *
724
		 * @since 2.5.0
725
		 */
726
		do_action( 'videopress_enqueue_admin_scripts' );
727
	}
728
729
	/**
730
	 * Get an array of available ratings. Keys are options, values are labels.
731
	 */
732
	function get_available_ratings() {
733
		return array(
734
			'G' => 'G',
735
			'PG-13' => 'PG-13',
736
			'R-17' => 'R',
737
			'X-18' => 'X',
738
		);
739
	}
740
741
	/**
742
	 * Additional VideoPress media templates.
743
	 */
744
	function print_media_templates() {
745
		$options = $this->get_options();
746
		?>
747
		<script type="text/html" id="tmpl-videopress-attachment">
748
			<# if ( data.vp_ogg_url ) { #>
749
			<label class="setting vp-setting">
750
				<span><?php _e( 'Ogg File URL', 'jetpack' ); ?></span>
751
				<input type="text" value="{{ data.vp_ogg_url }}" onclick="this.focus();this.select();" readonly />
752
				<p class="help"><?php _e( 'Location of the Ogg video file.', 'jetpack' ); ?></p>
753
			</label>
754
			<# } #>
755
756
			<label class="setting vp-setting">
757
				<span><?php _e( 'Share', 'jetpack' ); ?></span>
758
				<input class="vp-checkbox" type="checkbox" <# if ( '1' === data.vp_share ) { #>checked<# } #> <# if ( ! data.can.save ) { #>disabled<# } #> />
759
				<label>
760
					<?php _e( 'Display share menu and allow viewers to embed or download this video', 'jetpack' ); ?>
761
				</label>
762
				<input class="vp-checkbox-text" type="text" value="{{ data.vp_share }}" data-setting="vp_share" style="display:none;" />
763
			</label>
764
765
			<label class="setting vp-setting">
766
				<span><?php _e( 'Rating', 'jetpack' ); ?></span>
767
768
				<?php foreach ( $this->get_available_ratings() as $value => $label ) : ?>
769
				<input class="vp-radio" type="radio" name="vp-radio-group" id="vp-rating-<?php echo sanitize_html_class( $value ); ?>" value="<?php echo esc_attr( $value ); ?>"
770
					<# if ( '<?php echo esc_attr( $value ); ?>' === data.vp_rating ) { #>checked<# } #>
771
					<# if ( ! data.can.save ) { #>disabled<# } #> />
772
				<label for="vp-rating-<?php echo sanitize_html_class( $value ); ?>"><?php echo esc_html( $label ); ?></label>
773
				<?php endforeach; ?>
774
775
				<input class="vp-radio-text" type="text" value="{{ data.vp_rating }}" data-setting="vp_rating" style="display:none;" />
776
			</label>
777
778
			<label class="setting vp-setting">
779
				<span><?php _e( 'Shortcode', 'jetpack' ); ?></span>
780
				<input type="text" value="[wpvideo {{ data.vp_guid }}]" onclick="this.focus();this.select();" readonly />
781
			</label>
782
783
			<label class="setting vp-setting vp-preview">
784
				<span><?php _e( 'Preview', 'jetpack' ); ?></span>
785
				<# if ( ! data.vp_thumbnail_url ) { #>
786
					<span class="videopress-preview-unavailable"><?php esc_html_e( 'The preview is unavailable while this video is being processed.', 'jetpack' ); ?></span>
787
				<# } else { #>
788
				<a href="#" class="videopress-preview" id="videopress-thumbnail-{{ data.vp_guid }}" data-videopress-guid="{{ data.vp_guid }}"><img src="{{ data.vp_thumbnail_url }}" /></a>
789
				<# } #>
790
			</label>
791
		</script>
792
793
		<script type="text/html" id="tmpl-videopress-media-modal">
794
			<div class="videopress-modal">
795
				<p><?php _e( 'Video Preview:', 'jetpack' ); ?></p>
796
				<div class="videopress-video-container">{{{ data.video }}}</div>
797
				<p class="submit">
798
					<a class="videopress-modal-close button" href="#"><?php _e( 'Close', 'jetpack' ); ?></a>
799
				</p>
800
			</div>
801
			<div class="videopress-modal-backdrop"></div>
802
		</script>
803
804
		<script type="text/html" id="tmpl-videopress-uploader">
805
			<div class="videopress-errors"></div>
806
			<form class="videopress-upload-form" action="" method="post" target="videopress_upload_frame" enctype="multipart/form-data">
807
				<input type="hidden" name="action" value="videopress_upload" />
808
				<input type="hidden" name="videopress_blog_id" value="0" />
809
				<input type="hidden" name="videopress_token" value="0" />
810
				<?php $formats = 'ogv, mp4, m4v, mov, wmv, avi, mpg, 3gp, 3g2'; ?>
811
				<?php
812
					$max_upload_size = 0;
813
					if ( ! empty( $options['meta']['max_upload_size'] ) )
814
						$max_upload_size = absint( $options['meta']['max_upload_size'] );
815
816
					$upload_size_unit = $max_upload_size;
817
					$byte_sizes = array( 'KB', 'MB', 'GB' );
818
819
					for ( $u = -1; $upload_size_unit > 1024 && $u < count( $byte_sizes ) - 1; $u++ )
820
						$upload_size_unit /= 1024;
821
822
					if ( $u < 0 ) {
823
						$upload_size_unit = 0;
824
						$u = 0;
825
					} else {
826
						$upload_size_unit = (int) $upload_size_unit;
827
					}
828
				?>
829
				<p><?php printf( __( 'Use the form below to upload a video to your VideoPress Library. The following video formats are supported: %s. Maximum upload file size is %d%s.', 'jetpack' ), esc_html( $formats ), esc_html( $upload_size_unit ), esc_html( $byte_sizes[ $u ] ) ); ?></p>
830
831
				<input type="file" name="videopress_file" />
832
				<?php submit_button( __( 'Upload Video', 'jetpack' ) ); ?>
833
			</form>
834
			<iframe width="0" height="0" name="videopress_upload_frame"></iframe>
835
		</script>
836
		<?php
837
	}
838
839
	/**
840
	 * Filters the VideoPress shortcode options, makes sure that
841
	 * the settings set in Jetpack's VideoPress module are applied.
842
	 */
843
	function videopress_shortcode_options( $options ) {
844
		$videopress_options = $this->get_options();
845
846
		if ( false === $options['freedom'] )
847
			$options['freedom'] = $videopress_options['freedom'];
848
849
		$options['hd'] = $videopress_options['hd'];
850
851
		return $options;
852
	}
853
854
}
855
856
// Initialize the module.
857
Jetpack_VideoPress::init();
858