/var/www/wordpress/wp-admin/includes/admin.php
/var/www/wordpress/wp-admin/includes/bookmark.php
/var/www/wordpress/wp-admin/includes/class-ftp-pure.php
/var/www/wordpress/wp-admin/includes/class-ftp-sockets.php
/var/www/wordpress/wp-admin/includes/class-ftp.php
/var/www/wordpress/wp-admin/includes/class-pclzip.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-base.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-direct.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpext.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ftpsockets.php
/var/www/wordpress/wp-admin/includes/class-wp-filesystem-ssh2.php
/var/www/wordpress/wp-admin/includes/class-wp-importer.php
/var/www/wordpress/wp-admin/includes/class-wp-upgrader.php
/var/www/wordpress/wp-admin/includes/comment.php
/var/www/wordpress/wp-admin/includes/continents-cities.php
/var/www/wordpress/wp-admin/includes/dashboard.php
/var/www/wordpress/wp-admin/includes/deprecated.php
/var/www/wordpress/wp-admin/includes/export.php
/var/www/wordpress/wp-admin/includes/file.php
/var/www/wordpress/wp-admin/includes/image-edit.php
/var/www/wordpress/wp-admin/includes/image.php
/var/www/wordpress/wp-admin/includes/import.php
/var/www/wordpress/wp-admin/includes/manifest.php
/var/www/wordpress/wp-admin/includes/media.php
/var/www/wordpress/wp-admin/includes/meta-boxes.php
/var/www/wordpress/wp-admin/includes/misc.php
/var/www/wordpress/wp-admin/includes/ms-deprecated.php
/var/www/wordpress/wp-admin/includes/ms.php
/var/www/wordpress/wp-admin/includes/nav-menu.php
/var/www/wordpress/wp-admin/includes/plugin-install.php
/var/www/wordpress/wp-admin/includes/plugin.php
/var/www/wordpress/wp-admin/includes/post.php
/var/www/wordpress/wp-admin/includes/schema.php
/var/www/wordpress/wp-admin/includes/taxonomy.php
/var/www/wordpress/wp-admin/includes/template.php
/var/www/wordpress/wp-admin/includes/theme-install.php
/var/www/wordpress/wp-admin/includes/theme.php
/var/www/wordpress/wp-admin/includes/update-core.php
/var/www/wordpress/wp-admin/includes/update.php
/var/www/wordpress/wp-admin/includes/upgrade.php
/var/www/wordpress/wp-admin/includes/user.php
/var/www/wordpress/wp-admin/includes/widgets.php
/var/www/wordpress/wp-admin/js/revisions-js.php
/var/www/wordpress/wp-admin/maint/repair.php
/var/www/wordpress/wp-admin/admin-ajax.php
/var/www/wordpress/wp-admin/admin-footer.php
/var/www/wordpress/wp-admin/admin-functions.php
/var/www/wordpress/wp-admin/admin-header.php
/var/www/wordpress/wp-admin/admin-post.php
/var/www/wordpress/wp-admin/admin.php
/var/www/wordpress/wp-admin/async-upload.php
/var/www/wordpress/wp-admin/comment.php
/var/www/wordpress/wp-admin/custom-background.php
/var/www/wordpress/wp-admin/custom-header.php
/var/www/wordpress/wp-admin/edit-attachment-rows.php
/var/www/wordpress/wp-admin/edit-comments.php
/var/www/wordpress/wp-admin/edit-form-advanced.php
/var/www/wordpress/wp-admin/edit-form-comment.php
/var/www/wordpress/wp-admin/edit-link-categories.php
/var/www/wordpress/wp-admin/edit-link-category-form.php
/var/www/wordpress/wp-admin/edit-link-form.php
/var/www/wordpress/wp-admin/edit-post-rows.php
/var/www/wordpress/wp-admin/edit-tag-form.php
/var/www/wordpress/wp-admin/edit-tags.php
/var/www/wordpress/wp-admin/edit.php
/var/www/wordpress/wp-admin/export.php
/var/www/wordpress/wp-admin/gears-manifest.php
/var/www/wordpress/wp-admin/import.php
/var/www/wordpress/wp-admin/index-extra.php
/var/www/wordpress/wp-admin/index.php
/var/www/wordpress/wp-admin/install-helper.php
/var/www/wordpress/wp-admin/install.php
/var/www/wordpress/wp-admin/link-add.php
/var/www/wordpress/wp-admin/link-category.php
/var/www/wordpress/wp-admin/link-manager.php
/var/www/wordpress/wp-admin/link-parse-opml.php
/var/www/wordpress/wp-admin/link.php
/var/www/wordpress/wp-admin/load-scripts.php
/var/www/wordpress/wp-admin/load-styles.php
/var/www/wordpress/wp-admin/media-new.php
/var/www/wordpress/wp-admin/media-upload.php
/var/www/wordpress/wp-admin/media.php
/var/www/wordpress/wp-admin/menu-header.php
/var/www/wordpress/wp-admin/menu.php
/var/www/wordpress/wp-admin/moderation.php
/var/www/wordpress/wp-admin/ms-admin.php
/var/www/wordpress/wp-admin/ms-delete-site.php
/var/www/wordpress/wp-admin/ms-edit.php
/var/www/wordpress/wp-admin/ms-options.php
/var/www/wordpress/wp-admin/ms-sites.php
/var/www/wordpress/wp-admin/ms-themes.php
/var/www/wordpress/wp-admin/ms-upgrade-network.php
/var/www/wordpress/wp-admin/ms-users.php
/var/www/wordpress/wp-admin/my-sites.php
/var/www/wordpress/wp-admin/nav-menus.php
/var/www/wordpress/wp-admin/network.php
/var/www/wordpress/wp-admin/options-discussion.php
/var/www/wordpress/wp-admin/options-general.php
/var/www/wordpress/wp-admin/options-head.php
/var/www/wordpress/wp-admin/options-media.php
/var/www/wordpress/wp-admin/options-permalink.php
/var/www/wordpress/wp-admin/options-privacy.php
/var/www/wordpress/wp-admin/options-reading.php
/var/www/wordpress/wp-admin/options-writing.php
/var/www/wordpress/wp-admin/options.php
/var/www/wordpress/wp-admin/plugin-editor.php
/var/www/wordpress/wp-admin/plugin-install.php
/var/www/wordpress/wp-admin/plugins.php
/var/www/wordpress/wp-admin/post-new.php
/var/www/wordpress/wp-admin/post.php
/var/www/wordpress/wp-admin/press-this.php
/var/www/wordpress/wp-admin/profile.php
/var/www/wordpress/wp-admin/revision.php
/var/www/wordpress/wp-admin/setup-config.php
/var/www/wordpress/wp-admin/sidebar.php
/var/www/wordpress/wp-admin/theme-editor.php
/var/www/wordpress/wp-admin/theme-install.php
/var/www/wordpress/wp-admin/themes.php
/var/www/wordpress/wp-admin/tools.php
/var/www/wordpress/wp-admin/update-core.php
/var/www/wordpress/wp-admin/update.php
/var/www/wordpress/wp-admin/upgrade-functions.php
/var/www/wordpress/wp-admin/upgrade.php
/var/www/wordpress/wp-admin/upload.php
/var/www/wordpress/wp-admin/user-edit.php
/var/www/wordpress/wp-admin/user-new.php
/var/www/wordpress/wp-admin/users.php
/var/www/wordpress/wp-admin/widgets.php
/var/www/wordpress/wp-content/languages/ru_RU.php
/var/www/wordpress/wp-content/plugins/akismet/akismet.php
/var/www/wordpress/wp-content/plugins/rh/rh.php
/var/www/wordpress/wp-content/plugins/hello.php
/var/www/wordpress/wp-content/plugins/index.php
/var/www/wordpress/wp-content/themes/twentyten/404.php
/var/www/wordpress/wp-content/themes/twentyten/archive.php
/var/www/wordpress/wp-content/themes/twentyten/attachment.php
/var/www/wordpress/wp-content/themes/twentyten/author.php
/var/www/wordpress/wp-content/themes/twentyten/category.php
/var/www/wordpress/wp-content/themes/twentyten/comments.php
/var/www/wordpress/wp-content/themes/twentyten/footer.php
/var/www/wordpress/wp-content/themes/twentyten/functions.php
/var/www/wordpress/wp-content/themes/twentyten/header.php
/var/www/wordpress/wp-content/themes/twentyten/index.php
/var/www/wordpress/wp-content/themes/twentyten/loop.php
/var/www/wordpress/wp-content/themes/twentyten/onecolumn-page.php
/var/www/wordpress/wp-content/themes/twentyten/page.php
/var/www/wordpress/wp-content/themes/twentyten/search.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar-footer.php
/var/www/wordpress/wp-content/themes/twentyten/sidebar.php
/var/www/wordpress/wp-content/themes/twentyten/single.php
/var/www/wordpress/wp-content/themes/twentyten/tag.php
/var/www/wordpress/wp-content/themes/index.php
/var/www/wordpress/wp-content/index.php
/var/www/wordpress/wp-includes/js/tinymce/langs/wp-langs.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/JSON.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/Logger.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/EnchantSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/GoogleSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpellShell.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/classes/SpellChecker.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/includes/general.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/config.php
/var/www/wordpress/wp-includes/js/tinymce/plugins/spellchecker/rpc.php
/var/www/wordpress/wp-includes/js/tinymce/wp-mce-help.php
/var/www/wordpress/wp-includes/js/tinymce/wp-tinymce.php
/var/www/wordpress/wp-includes/pomo/entry.php
/var/www/wordpress/wp-includes/pomo/mo.php
/var/www/wordpress/wp-includes/pomo/po.php
/var/www/wordpress/wp-includes/pomo/streams.php
/var/www/wordpress/wp-includes/pomo/translations.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/native.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/shell.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/string.php
/var/www/wordpress/wp-includes/Text/Diff/Engine/xdiff.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer/inline.php
/var/www/wordpress/wp-includes/Text/Diff/Renderer.php
/var/www/wordpress/wp-includes/Text/Diff.php
/var/www/wordpress/wp-includes/theme-compat/comments-popup.php
/var/www/wordpress/wp-includes/theme-compat/comments.php
/var/www/wordpress/wp-includes/theme-compat/footer.php
/var/www/wordpress/wp-includes/theme-compat/header.php
/var/www/wordpress/wp-includes/theme-compat/sidebar.php
/var/www/wordpress/wp-includes/atomlib.php
/var/www/wordpress/wp-includes/author-template.php
/var/www/wordpress/wp-includes/bookmark-template.php
/var/www/wordpress/wp-includes/bookmark.php
/var/www/wordpress/wp-includes/cache.php
/var/www/wordpress/wp-includes/canonical.php
/var/www/wordpress/wp-includes/capabilities.php
/var/www/wordpress/wp-includes/category-template.php
/var/www/wordpress/wp-includes/category.php
/var/www/wordpress/wp-includes/class-feed.php
/var/www/wordpress/wp-includes/class-http.php
/var/www/wordpress/wp-includes/class-IXR.php
/var/www/wordpress/wp-includes/class-json.php
/var/www/wordpress/wp-includes/class-oembed.php
/var/www/wordpress/wp-includes/class-phpass.php
/var/www/wordpress/wp-includes/class-phpmailer.php
/var/www/wordpress/wp-includes/class-pop3.php
/var/www/wordpress/wp-includes/class-simplepie.php
/var/www/wordpress/wp-includes/class-smtp.php
/var/www/wordpress/wp-includes/class-snoopy.php
/var/www/wordpress/wp-includes/class.wp-dependencies.php
/var/www/wordpress/wp-includes/class.wp-scripts.php
/var/www/wordpress/wp-includes/class.wp-styles.php
/var/www/wordpress/wp-includes/classes.php
/var/www/wordpress/wp-includes/comment-template.php
/var/www/wordpress/wp-includes/comment.php
/var/www/wordpress/wp-includes/compat.php
/var/www/wordpress/wp-includes/cron.php
/var/www/wordpress/wp-includes/default-constants.php
/var/www/wordpress/wp-includes/default-embeds.php
/var/www/wordpress/wp-includes/default-filters.php
/var/www/wordpress/wp-includes/default-widgets.php
#CodeDescriptions
1<?php
2
3/**
4 * Default Widgets
5 *
6 * @package WordPress
7 * @subpackage Widgets
8 */
9
10/**
11 * Pages widget class
12 *
13 * @since 2.8.0
14 */
15class WP_Widget_Pages extends WP_Widget {
16
17 function WP_Widget_Pages() {
18 $widget_ops = array('classname' => 'widget_pages', 'description' => __( 'Your site’s WordPress Pages') );
19 $this->WP_Widget('pages', __('Pages'), $widget_ops);
20 }
21
22 function widget( $args, $instance ) {
23 extract( $args );//Possible Control Flow
24
25 $title = apply_filters('widget_title', empty( $instance['title'] ) ? __( 'Pages' ) : $instance['title'], $instance, $this->id_base);
26 $sortby = empty( $instance['sortby'] ) ? 'menu_order' : $instance['sortby'];
27 $exclude = empty( $instance['exclude'] ) ? '' : $instance['exclude'];
28
29 if ( $sortby == 'menu_order' )
30 $sortby = 'menu_order, post_title';
31
32 $out = wp_list_pages( apply_filters('widget_pages_args', array('title_li' => '', 'echo' => 0, 'sort_column' => $sortby, 'exclude' => $exclude) ) );
33
34 if ( !empty( $out ) ) {
35 echo $before_widget;//Cross Site Scripting
36 if ( $title)
37 echo $before_title . $title . $after_title;//Cross Site Scripting
38 ?>
39 <ul>
40 <?php echo $out; ?>//Cross Site Scripting
41 </ul>
42 <?php
43 echo $after_widget;//Cross Site Scripting
44 }
45 }
46
47 function update( $new_instance, $old_instance ) {
48 $instance = $old_instance;
49 $instance['title'] = strip_tags($new_instance['title']);
50 if ( in_array( $new_instance['sortby'], array( 'post_title', 'menu_order', 'ID' ) ) ) {
51 $instance['sortby'] = $new_instance['sortby'];
52 } else {
53 $instance['sortby'] = 'menu_order';
54 }
55
56 $instance['exclude'] = strip_tags( $new_instance['exclude'] );
57
58 return $instance;
59 }
60
61 function form( $instance ) {
62 //Defaults
63 $instance = wp_parse_args( (array) $instance, array( 'sortby' => 'post_title', 'title' => '', 'exclude' => '') );
64 $title = esc_attr( $instance['title'] );
65 $exclude = esc_attr( $instance['exclude'] );
66 ?>
67 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></p>//Cross Site Scripting
68 <p>
69 <label for="<?php echo $this->get_field_id('sortby'); ?>"><?php _e( 'Sort by:' ); ?></label>//Cross Site Scripting
70 <select name="<?php echo $this->get_field_name('sortby'); ?>" id="<?php echo $this->get_field_id('sortby'); ?>" class="widefat">//Cross Site Scripting
71 <option value="post_title"<?php selected( $instance['sortby'], 'post_title' ); ?>><?php _e('Page title'); ?></option>
72 <option value="menu_order"<?php selected( $instance['sortby'], 'menu_order' ); ?>><?php _e('Page order'); ?></option>
73 <option value="ID"<?php selected( $instance['sortby'], 'ID' ); ?>><?php _e( 'Page ID' ); ?></option>
74 </select>
75 </p>
76 <p>
77 <label for="<?php echo $this->get_field_id('exclude'); ?>"><?php _e( 'Exclude:' ); ?></label> <input type="text" value="<?php echo $exclude; ?>" name="<?php echo $this->get_field_name('exclude'); ?>" id="<?php echo $this->get_field_id('exclude'); ?>" class="widefat" />//Cross Site Scripting
78 <br />
79 <small><?php _e( 'Page IDs, separated by commas.' ); ?></small>
80 </p>
81<?php
82 }
83
84}
85
86/**
87 * Links widget class
88 *
89 * @since 2.8.0
90 */
91class WP_Widget_Links extends WP_Widget {
92
93 function WP_Widget_Links() {
94 $widget_ops = array('description' => __( "Your blogroll" ) );
95 $this->WP_Widget('links', __('Links'), $widget_ops);
96 }
97
98 function widget( $args, $instance ) {
99 extract($args, EXTR_SKIP);//Possible Control Flow
100
101 $show_description = isset($instance['description']) ? $instance['description'] : false;
102 $show_name = isset($instance['name']) ? $instance['name'] : false;
103 $show_rating = isset($instance['rating']) ? $instance['rating'] : false;
104 $show_images = isset($instance['images']) ? $instance['images'] : true;
105 $category = isset($instance['category']) ? $instance['category'] : false;
106
107 if ( is_admin() && !$category ) {
108 // Display All Links widget as such in the widgets screen
109 echo $before_widget . $before_title. __('All Links') . $after_title . $after_widget;//Cross Site Scripting
110 return;
111 }
112
113 $before_widget = preg_replace('/id="[^"]*"/','id="%id"', $before_widget);
114 wp_list_bookmarks(apply_filters('widget_links_args', array(
115 'title_before' => $before_title, 'title_after' => $after_title,
116 'category_before' => $before_widget, 'category_after' => $after_widget,
117 'show_images' => $show_images, 'show_description' => $show_description,
118 'show_name' => $show_name, 'show_rating' => $show_rating,
119 'category' => $category, 'class' => 'linkcat widget'
120 )));
121 }
122
123 function update( $new_instance, $old_instance ) {
124 $new_instance = (array) $new_instance;
125 $instance = array( 'images' => 0, 'name' => 0, 'description' => 0, 'rating' => 0);
126 foreach ( $instance as $field => $val ) {
127 if ( isset($new_instance[$field]) )
128 $instance[$field] = 1;
129 }
130 $instance['category'] = intval($new_instance['category']);
131
132 return $instance;
133 }
134
135 function form( $instance ) {
136
137 //Defaults
138 $instance = wp_parse_args( (array) $instance, array( 'images' => true, 'name' => true, 'description' => false, 'rating' => false, 'category' => false ) );
139 $link_cats = get_terms( 'link_category');
140?>
141 <p>
142 <label for="<?php echo $this->get_field_id('category'); ?>" class="screen-reader-text"><?php _e('Select Link Category'); ?></label>//Cross Site Scripting
143 <select class="widefat" id="<?php echo $this->get_field_id('category'); ?>" name="<?php echo $this->get_field_name('category'); ?>">//Cross Site Scripting
144 <option value=""><?php _e('All Links'); ?></option>
145 <?php
146 foreach ( $link_cats as $link_cat ) {
147 echo '<option value="' . intval($link_cat->term_id) . '"'
148 . ( $link_cat->term_id == $instance['category'] ? ' selected="selected"' : '' )
149 . '>' . $link_cat->name . "</option>\n";
150 }
151 ?>
152 </select></p>
153 <p>
154 <input class="checkbox" type="checkbox" <?php checked($instance['images'], true) ?> id="<?php echo $this->get_field_id('images'); ?>" name="<?php echo $this->get_field_name('images'); ?>" />//Cross Site Scripting
155 <label for="<?php echo $this->get_field_id('images'); ?>"><?php _e('Show Link Image'); ?></label><br />//Cross Site Scripting
156 <input class="checkbox" type="checkbox" <?php checked($instance['name'], true) ?> id="<?php echo $this->get_field_id('name'); ?>" name="<?php echo $this->get_field_name('name'); ?>" />//Cross Site Scripting
157 <label for="<?php echo $this->get_field_id('name'); ?>"><?php _e('Show Link Name'); ?></label><br />//Cross Site Scripting
158 <input class="checkbox" type="checkbox" <?php checked($instance['description'], true) ?> id="<?php echo $this->get_field_id('description'); ?>" name="<?php echo $this->get_field_name('description'); ?>" />//Cross Site Scripting
159 <label for="<?php echo $this->get_field_id('description'); ?>"><?php _e('Show Link Description'); ?></label><br />//Cross Site Scripting
160 <input class="checkbox" type="checkbox" <?php checked($instance['rating'], true) ?> id="<?php echo $this->get_field_id('rating'); ?>" name="<?php echo $this->get_field_name('rating'); ?>" />//Cross Site Scripting
161 <label for="<?php echo $this->get_field_id('rating'); ?>"><?php _e('Show Link Rating'); ?></label>//Cross Site Scripting
162 </p>
163<?php
164 }
165}
166
167/**
168 * Search widget class
169 *
170 * @since 2.8.0
171 */
172class WP_Widget_Search extends WP_Widget {
173
174 function WP_Widget_Search() {
175 $widget_ops = array('classname' => 'widget_search', 'description' => __( "A search form for your site") );
176 $this->WP_Widget('search', __('Search'), $widget_ops);
177 }
178
179 function widget( $args, $instance ) {
180 extract($args);//Possible Control Flow
181 $title = apply_filters('widget_title', $instance['title'], $instance, $this->id_base);
182
183 echo $before_widget;//Cross Site Scripting
184 if ( $title )
185 echo $before_title . $title . $after_title;//Cross Site Scripting
186
187 // Use current theme search form if it exists
188 get_search_form();
189
190 echo $after_widget;//Cross Site Scripting
191 }
192
193 function form( $instance ) {
194 $instance = wp_parse_args( (array) $instance, array( 'title' => '') );
195 $title = $instance['title'];
196?>
197 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></label></p>//Cross Site Scripting
198<?php
199 }
200
201 function update( $new_instance, $old_instance ) {
202 $instance = $old_instance;
203 $new_instance = wp_parse_args((array) $new_instance, array( 'title' => ''));
204 $instance['title'] = strip_tags($new_instance['title']);
205 return $instance;
206 }
207
208}
209
210/**
211 * Archives widget class
212 *
213 * @since 2.8.0
214 */
215class WP_Widget_Archives extends WP_Widget {
216
217 function WP_Widget_Archives() {
218 $widget_ops = array('classname' => 'widget_archive', 'description' => __( 'A monthly archive of your site’s posts') );
219 $this->WP_Widget('archives', __('Archives'), $widget_ops);
220 }
221
222 function widget( $args, $instance ) {
223 extract($args);//Possible Control Flow
224 $c = $instance['count'] ? '1' : '0';
225 $d = $instance['dropdown'] ? '1' : '0';
226 $title = apply_filters('widget_title', empty($instance['title']) ? __('Archives') : $instance['title'], $instance, $this->id_base);
227
228 echo $before_widget;//Cross Site Scripting
229 if ( $title )
230 echo $before_title . $title . $after_title;//Cross Site Scripting
231
232 if ( $d ) {
233?>
234 <select name="archive-dropdown" onchange='document.location.href=this.options[this.selectedIndex].value;'> <option value=""><?php echo esc_attr(__('Select Month')); ?></option> <?php wp_get_archives(apply_filters('widget_archives_dropdown_args', array('type' => 'monthly', 'format' => 'option', 'show_post_count' => $c))); ?> </select>
235<?php
236 } else {
237?>
238 <ul>
239 <?php wp_get_archives(apply_filters('widget_archives_args', array('type' => 'monthly', 'show_post_count' => $c))); ?>
240 </ul>
241<?php
242 }
243
244 echo $after_widget;//Cross Site Scripting
245 }
246
247 function update( $new_instance, $old_instance ) {
248 $instance = $old_instance;
249 $new_instance = wp_parse_args( (array) $new_instance, array( 'title' => '', 'count' => 0, 'dropdown' => '') );
250 $instance['title'] = strip_tags($new_instance['title']);
251 $instance['count'] = $new_instance['count'] ? 1 : 0;
252 $instance['dropdown'] = $new_instance['dropdown'] ? 1 : 0;
253
254 return $instance;
255 }
256
257 function form( $instance ) {
258 $instance = wp_parse_args( (array) $instance, array( 'title' => '', 'count' => 0, 'dropdown' => '') );
259 $title = strip_tags($instance['title']);
260 $count = $instance['count'] ? 'checked="checked"' : '';
261 $dropdown = $instance['dropdown'] ? 'checked="checked"' : '';
262?>
263 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></p>//Cross Site Scripting
264 <p>
265 <input class="checkbox" type="checkbox" <?php echo $count; ?> id="<?php echo $this->get_field_id('count'); ?>" name="<?php echo $this->get_field_name('count'); ?>" /> <label for="<?php echo $this->get_field_id('count'); ?>"><?php _e('Show post counts'); ?></label>//Cross Site Scripting
266 <br />
267 <input class="checkbox" type="checkbox" <?php echo $dropdown; ?> id="<?php echo $this->get_field_id('dropdown'); ?>" name="<?php echo $this->get_field_name('dropdown'); ?>" /> <label for="<?php echo $this->get_field_id('dropdown'); ?>"><?php _e('Display as a drop down'); ?></label>//Cross Site Scripting
268 </p>
269<?php
270 }
271}
272
273/**
274 * Meta widget class
275 *
276 * Displays log in/out, RSS feed links, etc.
277 *
278 * @since 2.8.0
279 */
280class WP_Widget_Meta extends WP_Widget {
281
282 function WP_Widget_Meta() {
283 $widget_ops = array('classname' => 'widget_meta', 'description' => __( "Log in/out, admin, feed and WordPress links") );
284 $this->WP_Widget('meta', __('Meta'), $widget_ops);
285 }
286
287 function widget( $args, $instance ) {
288 extract($args);//Possible Control Flow
289 $title = apply_filters('widget_title', empty($instance['title']) ? __('Meta') : $instance['title'], $instance, $this->id_base);
290
291 echo $before_widget;//Cross Site Scripting
292 if ( $title )
293 echo $before_title . $title . $after_title;//Cross Site Scripting
294?>
295 <ul>
296 <?php wp_register(); ?>
297 <li><?php wp_loginout(); ?></li>
298 <li><a href="<?php bloginfo('rss2_url'); ?>" title="<?php echo esc_attr(__('Syndicate this site using RSS 2.0')); ?>"><?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
299 <li><a href="<?php bloginfo('comments_rss2_url'); ?>" title="<?php echo esc_attr(__('The latest comments to all posts in RSS')); ?>"><?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>'); ?></a></li>
300 <li><a href="http://wordpress.org/" title="<?php echo esc_attr(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.')); ?>">WordPress.org</a></li>
301 <?php wp_meta(); ?>
302 </ul>
303<?php
304 echo $after_widget;//Cross Site Scripting
305 }
306
307 function update( $new_instance, $old_instance ) {
308 $instance = $old_instance;
309 $instance['title'] = strip_tags($new_instance['title']);
310
311 return $instance;
312 }
313
314 function form( $instance ) {
315 $instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
316 $title = strip_tags($instance['title']);
317?>
318 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label> <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></p>//Cross Site Scripting
319<?php
320 }
321}
322
323/**
324 * Calendar widget class
325 *
326 * @since 2.8.0
327 */
328class WP_Widget_Calendar extends WP_Widget {
329
330 function WP_Widget_Calendar() {
331 $widget_ops = array('classname' => 'widget_calendar', 'description' => __( 'A calendar of your site’s posts') );
332 $this->WP_Widget('calendar', __('Calendar'), $widget_ops);
333 }
334
335 function widget( $args, $instance ) {
336 extract($args);//Possible Control Flow
337 $title = apply_filters('widget_title', empty($instance['title']) ? ' ' : $instance['title'], $instance, $this->id_base);
338 echo $before_widget;//Cross Site Scripting
339 if ( $title )
340 echo $before_title . $title . $after_title;//Cross Site Scripting
341 echo '<div id="calendar_wrap">';
342 get_calendar();
343 echo '</div>';
344 echo $after_widget;//Cross Site Scripting
345 }
346
347 function update( $new_instance, $old_instance ) {
348 $instance = $old_instance;
349 $instance['title'] = strip_tags($new_instance['title']);
350
351 return $instance;
352 }
353
354 function form( $instance ) {
355 $instance = wp_parse_args( (array) $instance, array( 'title' => '' ) );
356 $title = strip_tags($instance['title']);
357?>
358 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label>//Cross Site Scripting
359 <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></p>//Cross Site Scripting
360<?php
361 }
362}
363
364/**
365 * Text widget class
366 *
367 * @since 2.8.0
368 */
369class WP_Widget_Text extends WP_Widget {
370
371 function WP_Widget_Text() {
372 $widget_ops = array('classname' => 'widget_text', 'description' => __('Arbitrary text or HTML'));
373 $control_ops = array('width' => 400, 'height' => 350);
374 $this->WP_Widget('text', __('Text'), $widget_ops, $control_ops);
375 }
376
377 function widget( $args, $instance ) {
378 extract($args);//Possible Control Flow
379 $title = apply_filters( 'widget_title', empty($instance['title']) ? '' : $instance['title'], $instance, $this->id_base);
380 $text = apply_filters( 'widget_text', $instance['text'], $instance );
381 echo $before_widget;//Cross Site Scripting
382 if ( !empty( $title ) ) { echo $before_title . $title . $after_title; } ?>//Cross Site Scripting
383 <div class="textwidget"><?php echo $instance['filter'] ? wpautop($text) : $text; ?></div>//Cross Site Scripting
384 <?php
385 echo $after_widget;//Cross Site Scripting
386 }
387
388 function update( $new_instance, $old_instance ) {
389 $instance = $old_instance;
390 $instance['title'] = strip_tags($new_instance['title']);
391 if ( current_user_can('unfiltered_html') )
392 $instance['text'] = $new_instance['text'];
393 else
394 $instance['text'] = stripslashes( wp_filter_post_kses( addslashes($new_instance['text']) ) ); // wp_filter_post_kses() expects slashed
395 $instance['filter'] = isset($new_instance['filter']);
396 return $instance;
397 }
398
399 function form( $instance ) {
400 $instance = wp_parse_args( (array) $instance, array( 'title' => '', 'text' => '' ) );
401 $title = strip_tags($instance['title']);
402 $text = format_to_edit($instance['text']);
403?>
404 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label>//Cross Site Scripting
405 <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo esc_attr($title); ?>" /></p>//Cross Site Scripting
406
407 <textarea class="widefat" rows="16" cols="20" id="<?php echo $this->get_field_id('text'); ?>" name="<?php echo $this->get_field_name('text'); ?>"><?php echo $text; ?></textarea>//Cross Site Scripting
408
409 <p><input id="<?php echo $this->get_field_id('filter'); ?>" name="<?php echo $this->get_field_name('filter'); ?>" type="checkbox" <?php checked(isset($instance['filter']) ? $instance['filter'] : 0); ?> /> <label for="<?php echo $this->get_field_id('filter'); ?>"><?php _e('Automatically add paragraphs'); ?></label></p>//Cross Site Scripting
410<?php
411 }
412}
413
414/**
415 * Categories widget class
416 *
417 * @since 2.8.0
418 */
419class WP_Widget_Categories extends WP_Widget {
420
421 function WP_Widget_Categories() {
422 $widget_ops = array( 'classname' => 'widget_categories', 'description' => __( "A list or dropdown of categories" ) );
423 $this->WP_Widget('categories', __('Categories'), $widget_ops);
424 }
425
426 function widget( $args, $instance ) {
427 extract( $args );//Possible Control Flow
428
429 $title = apply_filters('widget_title', empty( $instance['title'] ) ? __( 'Categories' ) : $instance['title'], $instance, $this->id_base);
430 $c = $instance['count'] ? '1' : '0';
431 $h = $instance['hierarchical'] ? '1' : '0';
432 $d = $instance['dropdown'] ? '1' : '0';
433
434 echo $before_widget;//Cross Site Scripting
435 if ( $title )
436 echo $before_title . $title . $after_title;//Cross Site Scripting
437
438 $cat_args = array('orderby' => 'name', 'show_count' => $c, 'hierarchical' => $h);
439
440 if ( $d ) {
441 $cat_args['show_option_none'] = __('Select Category');
442 wp_dropdown_categories(apply_filters('widget_categories_dropdown_args', $cat_args));
443?>
444
445<script type='text/javascript'>
446/* <![CDATA[ */
447 var dropdown = document.getElementById("cat");
448 function onCatChange() {
449 if ( dropdown.options[dropdown.selectedIndex].value > 0 ) {
450 location.href = "<?php echo home_url(); ?>/?cat="+dropdown.options[dropdown.selectedIndex].value;
451 }
452 }
453 dropdown.onchange = onCatChange;
454/* ]]> */
455</script>
456
457<?php
458 } else {
459?>
460 <ul>
461<?php
462 $cat_args['title_li'] = '';
463 wp_list_categories(apply_filters('widget_categories_args', $cat_args));
464?>
465 </ul>
466<?php
467 }
468
469 echo $after_widget;//Cross Site Scripting
470 }
471
472 function update( $new_instance, $old_instance ) {
473 $instance = $old_instance;
474 $instance['title'] = strip_tags($new_instance['title']);
475 $instance['count'] = !empty($new_instance['count']) ? 1 : 0;
476 $instance['hierarchical'] = !empty($new_instance['hierarchical']) ? 1 : 0;
477 $instance['dropdown'] = !empty($new_instance['dropdown']) ? 1 : 0;
478
479 return $instance;
480 }
481
482 function form( $instance ) {
483 //Defaults
484 $instance = wp_parse_args( (array) $instance, array( 'title' => '') );
485 $title = esc_attr( $instance['title'] );
486 $count = isset($instance['count']) ? (bool) $instance['count'] :false;
487 $hierarchical = isset( $instance['hierarchical'] ) ? (bool) $instance['hierarchical'] : false;
488 $dropdown = isset( $instance['dropdown'] ) ? (bool) $instance['dropdown'] : false;
489?>
490 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e( 'Title:' ); ?></label>//Cross Site Scripting
491 <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></p>//Cross Site Scripting
492
493 <p><input type="checkbox" class="checkbox" id="<?php echo $this->get_field_id('dropdown'); ?>" name="<?php echo $this->get_field_name('dropdown'); ?>"<?php checked( $dropdown ); ?> />//Cross Site Scripting
494 <label for="<?php echo $this->get_field_id('dropdown'); ?>"><?php _e( 'Show as dropdown' ); ?></label><br />//Cross Site Scripting
495
496 <input type="checkbox" class="checkbox" id="<?php echo $this->get_field_id('count'); ?>" name="<?php echo $this->get_field_name('count'); ?>"<?php checked( $count ); ?> />//Cross Site Scripting
497 <label for="<?php echo $this->get_field_id('count'); ?>"><?php _e( 'Show post counts' ); ?></label><br />//Cross Site Scripting
498
499 <input type="checkbox" class="checkbox" id="<?php echo $this->get_field_id('hierarchical'); ?>" name="<?php echo $this->get_field_name('hierarchical'); ?>"<?php checked( $hierarchical ); ?> />//Cross Site Scripting
500 <label for="<?php echo $this->get_field_id('hierarchical'); ?>"><?php _e( 'Show hierarchy' ); ?></label></p>//Cross Site Scripting
501<?php
502 }
503
504}
505
506/**
507 * Recent_Posts widget class
508 *
509 * @since 2.8.0
510 */
511class WP_Widget_Recent_Posts extends WP_Widget {
512
513 function WP_Widget_Recent_Posts() {
514 $widget_ops = array('classname' => 'widget_recent_entries', 'description' => __( "The most recent posts on your site") );
515 $this->WP_Widget('recent-posts', __('Recent Posts'), $widget_ops);
516 $this->alt_option_name = 'widget_recent_entries';
517
518 add_action( 'save_post', array(&$this, 'flush_widget_cache') );
519 add_action( 'deleted_post', array(&$this, 'flush_widget_cache') );
520 add_action( 'switch_theme', array(&$this, 'flush_widget_cache') );
521 }
522
523 function widget($args, $instance) {
524 $cache = wp_cache_get('widget_recent_posts', 'widget');
525
526 if ( !is_array($cache) )
527 $cache = array();
528
529 if ( isset($cache[$args['widget_id']]) ) {
530 echo $cache[$args['widget_id']];//Cross Site Scripting
531 return;
532 }
533
534 ob_start();
535 extract($args);//Possible Control Flow
536
537 $title = apply_filters('widget_title', empty($instance['title']) ? __('Recent Posts') : $instance['title'], $instance, $this->id_base);
538 if ( !$number = (int) $instance['number'] )
539 $number = 10;
540 else if ( $number < 1 )
541 $number = 1;
542 else if ( $number > 15 )
543 $number = 15;
544
545 $r = new WP_Query(array('showposts' => $number, 'nopaging' => 0, 'post_status' => 'publish', 'caller_get_posts' => 1));
546 if ($r->have_posts()) :
547?>
548 <?php echo $before_widget; ?>//Cross Site Scripting
549 <?php if ( $title ) echo $before_title . $title . $after_title; ?>//Cross Site Scripting
550 <ul>
551 <?php while ($r->have_posts()) : $r->the_post(); ?>
552 <li><a href="<?php the_permalink() ?>" title="<?php echo esc_attr(get_the_title() ? get_the_title() : get_the_ID()); ?>"><?php if ( get_the_title() ) the_title(); else the_ID(); ?></a></li>
553 <?php endwhile; ?>
554 </ul>
555 <?php echo $after_widget; ?>//Cross Site Scripting
556<?php
557 // Reset the global $the_post as this query will have stomped on it
558 wp_reset_postdata();
559
560 endif;
561
562 $cache[$args['widget_id']] = ob_get_flush();
563 wp_cache_set('widget_recent_posts', $cache, 'widget');
564 }
565
566 function update( $new_instance, $old_instance ) {
567 $instance = $old_instance;
568 $instance['title'] = strip_tags($new_instance['title']);
569 $instance['number'] = (int) $new_instance['number'];
570 $this->flush_widget_cache();
571
572 $alloptions = wp_cache_get( 'alloptions', 'options' );
573 if ( isset($alloptions['widget_recent_entries']) )
574 delete_option('widget_recent_entries');
575
576 return $instance;
577 }
578
579 function flush_widget_cache() {
580 wp_cache_delete('widget_recent_posts', 'widget');
581 }
582
583 function form( $instance ) {
584 $title = isset($instance['title']) ? esc_attr($instance['title']) : '';
585 if ( !isset($instance['number']) || !$number = (int) $instance['number'] )
586 $number = 5;
587?>
588 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label>//Cross Site Scripting
589 <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></p>//Cross Site Scripting
590
591 <p><label for="<?php echo $this->get_field_id('number'); ?>"><?php _e('Number of posts to show:'); ?></label>//Cross Site Scripting
592 <input id="<?php echo $this->get_field_id('number'); ?>" name="<?php echo $this->get_field_name('number'); ?>" type="text" value="<?php echo $number; ?>" size="3" /></p>//Cross Site Scripting
593<?php
594 }
595}
596
597/**
598 * Recent_Comments widget class
599 *
600 * @since 2.8.0
601 */
602class WP_Widget_Recent_Comments extends WP_Widget {
603
604 function WP_Widget_Recent_Comments() {
605 $widget_ops = array('classname' => 'widget_recent_comments', 'description' => __( 'The most recent comments' ) );
606 $this->WP_Widget('recent-comments', __('Recent Comments'), $widget_ops);
607 $this->alt_option_name = 'widget_recent_comments';
608
609 if ( is_active_widget(false, false, $this->id_base) )
610 add_action( 'wp_head', array(&$this, 'recent_comments_style') );
611
612 add_action( 'comment_post', array(&$this, 'flush_widget_cache') );
613 add_action( 'transition_comment_status', array(&$this, 'flush_widget_cache') );
614 }
615
616 function recent_comments_style() { ?>
617 <style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
618<?php
619 }
620
621 function flush_widget_cache() {
622 wp_cache_delete('widget_recent_comments', 'widget');
623 }
624
625 function widget( $args, $instance ) {
626 global $comments, $comment;
627
628 $cache = wp_cache_get('widget_recent_comments', 'widget');
629
630 if ( ! is_array( $cache ) )
631 $cache = array();
632
633 if ( isset( $cache[$args['widget_id']] ) ) {
634 echo $cache[$args['widget_id']];//Cross Site Scripting
635 return;
636 }
637
638 extract($args, EXTR_SKIP);//Possible Control Flow
639 $output = '';
640 $title = apply_filters('widget_title', empty($instance['title']) ? __('Recent Comments') : $instance['title']);
641
642 if ( ! $number = (int) $instance['number'] )
643 $number = 5;
644 else if ( $number < 1 )
645 $number = 1;
646
647 $comments = get_comments( array( 'number' => $number, 'status' => 'approve' ) );
648 $output .= $before_widget;
649 if ( $title )
650 $output .= $before_title . $title . $after_title;
651
652 $output .= '<ul id="recentcomments">';
653 if ( $comments ) {
654 foreach ( (array) $comments as $comment) {
655 $output .= '<li class="recentcomments">' . /* translators: comments widget: 1: comment author, 2: post link */ sprintf(_x('%1$s on %2$s', 'widgets'), get_comment_author_link(), '<a href="' . esc_url( get_comment_link($comment->comment_ID) ) . '">' . get_the_title($comment->comment_post_ID) . '</a>') . '</li>';
656 }
657 }
658 $output .= '</ul>';
659 $output .= $after_widget;
660
661 echo $output;//Cross Site Scripting
662 $cache[$args['widget_id']] = $output;
663 wp_cache_set('widget_recent_comments', $cache, 'widget');
664 }
665
666 function update( $new_instance, $old_instance ) {
667 $instance = $old_instance;
668 $instance['title'] = strip_tags($new_instance['title']);
669 $instance['number'] = (int) $new_instance['number'];
670 $this->flush_widget_cache();
671
672 $alloptions = wp_cache_get( 'alloptions', 'options' );
673 if ( isset($alloptions['widget_recent_comments']) )
674 delete_option('widget_recent_comments');
675
676 return $instance;
677 }
678
679 function form( $instance ) {
680 $title = isset($instance['title']) ? esc_attr($instance['title']) : '';
681 $number = isset($instance['number']) ? absint($instance['number']) : 5;
682?>
683 <p><label for="<?php echo $this->get_field_id('title'); ?>"><?php _e('Title:'); ?></label>//Cross Site Scripting
684 <input class="widefat" id="<?php echo $this->get_field_id('title'); ?>" name="<?php echo $this->get_field_name('title'); ?>" type="text" value="<?php echo $title; ?>" /></p>//Cross Site Scripting
685
686 <p><label for="<?php echo $this->get_field_id('number'); ?>"><?php _e('Number of comments to show:'); ?></label>//Cross Site Scripting
687 <input id="<?php echo $this->get_field_id('number'); ?>" name="<?php echo $this->get_field_name('number'); ?>" type="text" value="<?php echo $number; ?>" size="3" /></p>//Cross Site Scripting
688<?php
689 }
690}
691
692/**
693 * RSS widget class
694 *
695 * @since 2.8.0
696 */
697class WP_Widget_RSS extends WP_Widget {
698
699 function WP_Widget_RSS() {
700 $widget_ops = array( 'description' => __('Entries from any RSS or Atom feed') );
701 $control_ops = array( 'width' => 400, 'height' => 200 );
702 $this->WP_Widget( 'rss', __('RSS'), $widget_ops, $control_ops );
703 }
704
705 function widget($args, $instance) {
706
707 if ( isset($instance['error']) && $instance['error'] )
708 return;
709
710 extract($args, EXTR_SKIP);//Possible Control Flow
711
712 $url = $instance['url'];
713 while ( stristr($url, 'http') != $url )
714 $url = substr($url, 1);
715
716 if ( empty($url) )
717 return;
718
719 $rss = fetch_feed($url);
720 $title = $instance['title'];
721 $desc = '';
722 $link = '';
723
724 if ( ! is_wp_error($rss) ) {
725 $desc = esc_attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset'))));
726 if ( empty($title) )
727 $title = esc_html(strip_tags($rss->get_title()));
728 $link = esc_url(strip_tags($rss->get_permalink()));
729 while ( stristr($link, 'http') != $link )
730 $link = substr($link, 1);
731 }
732
733 if ( empty($title) )
734 $title = empty($desc) ? __('Unknown Feed') : $desc;
735
736 $title = apply_filters('widget_title', $title, $instance, $this->id_base);
737 $url = esc_url(strip_tags($url));
738 $icon = includes_url('images/rss.png');
739 if ( $title )
740 $title = "<a class='rsswidget' href='$url' title='" . esc_attr__( 'Syndicate this content' ) ."'><img style='border:0' width='14' height='14' src='$icon' alt='RSS' /></a> <a class='rsswidget' href='$link' title='$desc'>$title</a>";
741
742 echo $before_widget;//Cross Site Scripting
743 if ( $title )
744 echo $before_title . $title . $after_title;//Cross Site Scripting
745 wp_widget_rss_output( $rss, $instance );
746 echo $after_widget;//Cross Site Scripting
747
748 if ( ! is_wp_error($rss) )
749 $rss->__destruct();
750 unset($rss);
751 }
752
753 function update($new_instance, $old_instance) {
754 $testurl = ( isset($new_instance['url']) && ($new_instance['url'] != $old_instance['url']) );
755 return wp_widget_rss_process( $new_instance, $testurl );
756 }
757
758 function form($instance) {
759
760 if ( empty($instance) )
761 $instance = array( 'title' => '', 'url' => '', 'items' => 10, 'error' => false, 'show_summary' => 0, 'show_author' => 0, 'show_date' => 0 );
762 $instance['number'] = $this->number;
763
764 wp_widget_rss_form( $instance );
765 }
766}
767
768/**
769 * Display the RSS entries in a list.
770 *
771 * @since 2.5.0
772 *
773 * @param string|array|object $rss RSS url.
774 * @param array $args Widget arguments.
775 */
776function wp_widget_rss_output( $rss, $args = array() ) {
777 if ( is_string( $rss ) ) {
778 $rss = fetch_feed($rss);
779 } elseif ( is_array($rss) && isset($rss['url']) ) {
780 $args = $rss;
781 $rss = fetch_feed($rss['url']);
782 } elseif ( !is_object($rss) ) {
783 return;
784 }
785
786 if ( is_wp_error($rss) ) {
787 if ( is_admin() || current_user_can('manage_options') )
788 echo '<p>' . sprintf( __('<strong>RSS Error</strong>: %s'), $rss->get_error_message() ) . '</p>';
789 return;
790 }
791
792 $default_args = array( 'show_author' => 0, 'show_date' => 0, 'show_summary' => 0 );
793 $args = wp_parse_args( $args, $default_args );
794 extract( $args, EXTR_SKIP );//Possible Control Flow
795
796 $items = (int) $items;
797 if ( $items < 1 || 20 < $items )
798 $items = 10;
799 $show_summary = (int) $show_summary;
800 $show_author = (int) $show_author;
801 $show_date = (int) $show_date;
802
803 if ( !$rss->get_item_quantity() ) {
804 echo '<ul><li>' . __( 'An error has occurred; the feed is probably down. Try again later.' ) . '</li></ul>';
805 $rss->__destruct();
806 unset($rss);
807 return;
808 }
809
810 echo '<ul>';
811 foreach ( $rss->get_items(0, $items) as $item ) {
812 $link = $item->get_link();
813 while ( stristr($link, 'http') != $link )
814 $link = substr($link, 1);
815 $link = esc_url(strip_tags($link));
816 $title = esc_attr(strip_tags($item->get_title()));
817 if ( empty($title) )
818 $title = __('Untitled');
819
820 $desc = str_replace( array("\n", "\r"), ' ', esc_attr( strip_tags( @html_entity_decode( $item->get_description(), ENT_QUOTES, get_option('blog_charset') ) ) ) );
821 $desc = wp_html_excerpt( $desc, 360 );
822
823 // Append ellipsis. Change existing [...] to […].
824 if ( '[...]' == substr( $desc, -5 ) )
825 $desc = substr( $desc, 0, -5 ) . '[…]';
826 elseif ( '[…]' != substr( $desc, -10 ) )
827 $desc .= ' […]';
828
829 $desc = esc_html( $desc );
830
831 if ( $show_summary ) {
832 $summary = "<div class='rssSummary'>$desc</div>";
833 } else {
834 $summary = '';
835 }
836
837 $date = '';
838 if ( $show_date ) {
839 $date = $item->get_date();
840
841 if ( $date ) {
842 if ( $date_stamp = strtotime( $date ) )
843 $date = ' <span class="rss-date">' . date_i18n( get_option( 'date_format' ), $date_stamp ) . '</span>';
844 else
845 $date = '';
846 }
847 }
848
849 $author = '';
850 if ( $show_author ) {
851 $author = $item->get_author();
852 if ( is_object($author) ) {
853 $author = $author->get_name();
854 $author = ' <cite>' . esc_html( strip_tags( $author ) ) . '</cite>';
855 }
856 }
857
858 if ( $link == '' ) {
859 echo "<li>$title{$date}{$summary}{$author}</li>";
860 } else {
861 echo "<li><a class='rsswidget' href='$link' title='$desc'>$title</a>{$date}{$summary}{$author}</li>";
862 }
863 }
864 echo '</ul>';
865 $rss->__destruct();
866 unset($rss);
867}
868
869
870
871/**
872 * Display RSS widget options form.
873 *
874 * The options for what fields are displayed for the RSS form are all booleans
875 * and are as follows: 'url', 'title', 'items', 'show_summary', 'show_author',
876 * 'show_date'.
877 *
878 * @since 2.5.0
879 *
880 * @param array|string $args Values for input fields.
881 * @param array $inputs Override default display options.
882 */
883function wp_widget_rss_form( $args, $inputs = null ) {
884
885 $default_inputs = array( 'url' => true, 'title' => true, 'items' => true, 'show_summary' => true, 'show_author' => true, 'show_date' => true );
886 $inputs = wp_parse_args( $inputs, $default_inputs );
887 extract( $args );//Possible Control Flow
888 extract( $inputs, EXTR_SKIP);//Possible Control Flow
889
890 $number = esc_attr( $number );
891 $title = esc_attr( $title );
892 $url = esc_url( $url );
893 $items = (int) $items;
894 if ( $items < 1 || 20 < $items )
895 $items = 10;
896 $show_summary = (int) $show_summary;
897 $show_author = (int) $show_author;
898 $show_date = (int) $show_date;
899
900 if ( !empty($error) )
901 echo '<p class="widget-error"><strong>' . sprintf( __('RSS Error: %s'), $error) . '</strong></p>';
902
903 if ( $inputs['url'] ) :
904?>
905 <p><label for="rss-url-<?php echo $number; ?>"><?php _e('Enter the RSS feed URL here:'); ?></label>//Cross Site Scripting
906 <input class="widefat" id="rss-url-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][url]" type="text" value="<?php echo $url; ?>" /></p>//Cross Site Scripting
907<?php endif; if ( $inputs['title'] ) : ?>
908 <p><label for="rss-title-<?php echo $number; ?>"><?php _e('Give the feed a title (optional):'); ?></label>//Cross Site Scripting
909 <input class="widefat" id="rss-title-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][title]" type="text" value="<?php echo $title; ?>" /></p>//Cross Site Scripting
910<?php endif; if ( $inputs['items'] ) : ?>
911 <p><label for="rss-items-<?php echo $number; ?>"><?php _e('How many items would you like to display?'); ?></label>//Cross Site Scripting
912 <select id="rss-items-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][items]">//Cross Site Scripting
913<?php
914 for ( $i = 1; $i <= 20; ++$i )
915 echo "<option value='$i' " . ( $items == $i ? "selected='selected'" : '' ) . ">$i</option>";
916?>
917 </select></p>
918<?php endif; if ( $inputs['show_summary'] ) : ?>
919 <p><input id="rss-show-summary-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_summary]" type="checkbox" value="1" <?php if ( $show_summary ) echo 'checked="checked"'; ?>/>//Cross Site Scripting
920 <label for="rss-show-summary-<?php echo $number; ?>"><?php _e('Display item content?'); ?></label></p>//Cross Site Scripting
921<?php endif; if ( $inputs['show_author'] ) : ?>
922 <p><input id="rss-show-author-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_author]" type="checkbox" value="1" <?php if ( $show_author ) echo 'checked="checked"'; ?>/>//Cross Site Scripting
923 <label for="rss-show-author-<?php echo $number; ?>"><?php _e('Display item author if available?'); ?></label></p>//Cross Site Scripting
924<?php endif; if ( $inputs['show_date'] ) : ?>
925 <p><input id="rss-show-date-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][show_date]" type="checkbox" value="1" <?php if ( $show_date ) echo 'checked="checked"'; ?>/>//Cross Site Scripting
926 <label for="rss-show-date-<?php echo $number; ?>"><?php _e('Display item date?'); ?></label></p>//Cross Site Scripting
927<?php
928 endif;
929 foreach ( array_keys($default_inputs) as $input ) :
930 if ( 'hidden' === $inputs[$input] ) :
931 $id = str_replace( '_', '-', $input );
932?>
933 <input type="hidden" id="rss-<?php echo $id; ?>-<?php echo $number; ?>" name="widget-rss[<?php echo $number; ?>][<?php echo $input; ?>]" value="<?php echo $$input; ?>" />//Cross Site Scripting
934<?php
935 endif;
936 endforeach;
937}
938
939/**
940 * Process RSS feed widget data and optionally retrieve feed items.
941 *
942 * The feed widget can not have more than 20 items or it will reset back to the
943 * default, which is 10.
944 *
945 * The resulting array has the feed title, feed url, feed link (from channel),
946 * feed items, error (if any), and whether to show summary, author, and date.
947 * All respectively in the order of the array elements.
948 *
949 * @since 2.5.0
950 *
951 * @param array $widget_rss RSS widget feed data. Expects unescaped data.
952 * @param bool $check_feed Optional, default is true. Whether to check feed for errors.
953 * @return array
954 */
955function wp_widget_rss_process( $widget_rss, $check_feed = true ) {
956 $items = (int) $widget_rss['items'];
957 if ( $items < 1 || 20 < $items )
958 $items = 10;
959 $url = esc_url_raw(strip_tags( $widget_rss['url'] ));
960 $title = trim(strip_tags( $widget_rss['title'] ));
961 $show_summary = isset($widget_rss['show_summary']) ? (int) $widget_rss['show_summary'] : 0;
962 $show_author = isset($widget_rss['show_author']) ? (int) $widget_rss['show_author'] :0;
963 $show_date = isset($widget_rss['show_date']) ? (int) $widget_rss['show_date'] : 0;
964
965 if ( $check_feed ) {
966 $rss = fetch_feed($url);
967 $error = false;
968 $link = '';
969 if ( is_wp_error($rss) ) {
970 $error = $rss->get_error_message();
971 } else {
972 $link = esc_url(strip_tags($rss->get_permalink()));
973 while ( stristr($link, 'http') != $link )
974 $link = substr($link, 1);
975
976 $rss->__destruct();
977 unset($rss);
978 }
979 }
980
981 return compact( 'title', 'url', 'link', 'items', 'error', 'show_summary', 'show_author', 'show_date' );
982}
983
984/**
985 * Tag cloud widget class
986 *
987 * @since 2.8.0
988 */
989class WP_Widget_Tag_Cloud extends WP_Widget {
990
991 function WP_Widget_Tag_Cloud() {
992 $widget_ops = array( 'description' => __( "Your most used tags in cloud format") );
993 $this->WP_Widget('tag_cloud', __('Tag Cloud'), $widget_ops);
994 }
995
996 function widget( $args, $instance ) {
997 extract($args);//Possible Control Flow
998 $current_taxonomy = $this->_get_current_taxonomy($instance);
999 if ( !empty($instance['title']) ) {
1000 $title = $instance['title'];
/var/www/wordpress/wp-includes/deprecated.php
/var/www/wordpress/wp-includes/feed-atom-comments.php
/var/www/wordpress/wp-includes/feed-atom.php
/var/www/wordpress/wp-includes/feed-rdf.php
/var/www/wordpress/wp-includes/feed-rss.php
/var/www/wordpress/wp-includes/feed-rss2-comments.php
/var/www/wordpress/wp-includes/feed-rss2.php
/var/www/wordpress/wp-includes/feed.php
/var/www/wordpress/wp-includes/formatting.php
/var/www/wordpress/wp-includes/functions.php
/var/www/wordpress/wp-includes/functions.wp-scripts.php
/var/www/wordpress/wp-includes/functions.wp-styles.php
/var/www/wordpress/wp-includes/general-template.php
/var/www/wordpress/wp-includes/http.php
/var/www/wordpress/wp-includes/kses.php
/var/www/wordpress/wp-includes/l10n.php
/var/www/wordpress/wp-includes/link-template.php
/var/www/wordpress/wp-includes/load.php
/var/www/wordpress/wp-includes/locale.php
/var/www/wordpress/wp-includes/media.php
/var/www/wordpress/wp-includes/meta.php
/var/www/wordpress/wp-includes/ms-blogs.php
/var/www/wordpress/wp-includes/ms-default-constants.php
/var/www/wordpress/wp-includes/ms-default-filters.php
/var/www/wordpress/wp-includes/ms-deprecated.php
/var/www/wordpress/wp-includes/ms-files.php
/var/www/wordpress/wp-includes/ms-functions.php
/var/www/wordpress/wp-includes/ms-load.php
/var/www/wordpress/wp-includes/ms-settings.php
/var/www/wordpress/wp-includes/nav-menu-template.php
/var/www/wordpress/wp-includes/nav-menu.php
/var/www/wordpress/wp-includes/pluggable-deprecated.php
/var/www/wordpress/wp-includes/pluggable.php
/var/www/wordpress/wp-includes/plugin.php
/var/www/wordpress/wp-includes/post-template.php
/var/www/wordpress/wp-includes/post-thumbnail-template.php
/var/www/wordpress/wp-includes/post.php
/var/www/wordpress/wp-includes/query.php
/var/www/wordpress/wp-includes/registration-functions.php
/var/www/wordpress/wp-includes/registration.php
/var/www/wordpress/wp-includes/rewrite.php
/var/www/wordpress/wp-includes/rss-functions.php
/var/www/wordpress/wp-includes/rss.php
/var/www/wordpress/wp-includes/script-loader.php
/var/www/wordpress/wp-includes/shortcodes.php
/var/www/wordpress/wp-includes/taxonomy.php
/var/www/wordpress/wp-includes/template-loader.php
/var/www/wordpress/wp-includes/theme.php
/var/www/wordpress/wp-includes/update.php
/var/www/wordpress/wp-includes/user.php
/var/www/wordpress/wp-includes/vars.php
/var/www/wordpress/wp-includes/version.php
/var/www/wordpress/wp-includes/widgets.php
/var/www/wordpress/wp-includes/wp-db.php
/var/www/wordpress/wp-includes/wp-diff.php
/var/www/wordpress/index.php
/var/www/wordpress/wp-activate.php
/var/www/wordpress/wp-app.php
/var/www/wordpress/wp-atom.php
/var/www/wordpress/wp-blog-header.php
/var/www/wordpress/wp-comments-post.php
/var/www/wordpress/wp-commentsrss2.php
/var/www/wordpress/wp-config-sample.php
/var/www/wordpress/wp-cron.php
/var/www/wordpress/wp-feed.php
/var/www/wordpress/wp-links-opml.php
/var/www/wordpress/wp-load.php
/var/www/wordpress/wp-login.php
/var/www/wordpress/wp-mail.php
/var/www/wordpress/wp-pass.php
/var/www/wordpress/wp-rdf.php
/var/www/wordpress/wp-register.php
/var/www/wordpress/wp-rss.php
/var/www/wordpress/wp-rss2.php
/var/www/wordpress/wp-settings.php
/var/www/wordpress/wp-signup.php
/var/www/wordpress/wp-trackback.php
/var/www/wordpress/xmlrpc.php