'.wp_nonce_field('name_of_my_action','name_of_nonce_field', true, false).'

'.wp_nonce_field('name_of_my_action','name_of_nonce_field', true, false).'

'.wp_nonce_field('name_of_my_action','name_of_nonce_field', true, false).'

'; } add_action( 'wp_ajax_remove_attach', 'tp_remove_attach' ); add_action( 'wp_ajax_nopriv_remove_attach', 'tp_remove_attach' ); function tp_remove_attach(){ global $email, $wpdb; if( check_ajax_referer( 'security_nonce', 'security') ){ if( get_post_type( $_POST['id'] ) == 'attachment' ){ $src_full = wp_get_attachment_image_src( $_POST['id'] , 'full' ); $path_arr = explode( '/', $src_full[0] ); $num = count( $path_arr ); $num = $num-1; $uploads = wp_upload_dir(); $path = $uploads['basedir'].'/'.$path_arr[$num-2].'/'.$path_arr[$num-1].'/'.$path_arr[$num]; unlink( $path ); if( wp_delete_attachment( $_POST['id'], true ) ){ echo '1'; } } } die(); } add_action('wp_footer', 'tp_footer_injection') ; function tp_footer_injection(){ echo ''; echo ''; } add_action('wp_ajax_featured_action', 'my_featured_upload'); add_action('wp_ajax_nopriv_featured_action', 'my_featured_upload'); function my_featured_upload(){ //simple Security check //var_dump( $_REQUEST );var_dump( $_POST ); if( wp_verify_nonce($_POST['name_of_nonce_field'],'name_of_my_action') ){ //get POST data $post_id = $_POST['post_id']; //require the needed files require_once(ABSPATH . "wp-admin" . '/includes/image.php'); require_once(ABSPATH . "wp-admin" . '/includes/file.php'); require_once(ABSPATH . "wp-admin" . '/includes/media.php'); //then loop over the files that were sent and store them using media_handle_upload(); if( get_image_type( $_FILES['featured']["tmp_name"] ) ){ $uploads = wp_upload_dir(); $subdir_arr = explode( '/', $uploads[subdir] ); @mkdir( $uploads['basedir'].'/'.$subdir_arr[1] , 0777 ) ; @mkdir( $uploads['basedir'].$uploads[subdir] , 0777 ) ; $image_path = $uploads[path].'/'.$_FILES['featured']["name"]; $image_url = $uploads[url].'/'.$_FILES['featured']["name"]; //unlink( $image_path ); copy( $_FILES['featured']["tmp_name"], $image_path); //unlink( $img_old_path ); $filetype = wp_check_filetype( $image_url ); // Set up an array of args for our new attachment $args = array( 'post_mime_type' => $filetype['type'], 'post_title' => $news_image, // you may want something different here 'post_content' => '', 'post_status' => 'inherit' ); // Insert the attachment! $thumb_id = wp_insert_attachment( $args, $image_url, 1 ); require_once(ABSPATH . 'wp-admin/includes/image.php'); $metadata = wp_generate_attachment_metadata( $thumb_id, $image_url ); wp_update_attachment_metadata( $thumb_id, $metadata ); // Finally! set our post thumbnail } echo $thumb_id.'|'.$image_url; } die(); } add_action('wp_ajax_gallery_action', 'gallery_action_upload'); add_action('wp_ajax_nopriv_gallery_action', 'gallery_action_upload'); function gallery_action_upload(){ //simple Security check //var_dump( $_REQUEST );var_dump( $_POST ); if( wp_verify_nonce($_POST['name_of_nonce_field'],'name_of_my_action') ){ //get POST data $post_id = $_POST['post_id']; //require the needed files require_once(ABSPATH . "wp-admin" . '/includes/image.php'); require_once(ABSPATH . "wp-admin" . '/includes/file.php'); require_once(ABSPATH . "wp-admin" . '/includes/media.php'); //then loop over the files that were sent and store them using media_handle_upload(); $uploads = wp_upload_dir(); fixFilesArray( $_FILES['gallery'] ); foreach( $_FILES['gallery'] as $singe_file ){ $run = 0; if( $_POST["field_type"] == "downloadable" ){ if( substr_count( $singe_file["name"], '.php' ) == 0 && substr_count( $singe_file["name"], '.js' ) == 0 ){ $run = 1; } } //var_dump( get_image_type( $singe_file["tmp_name"] ) ); // var_dump( $run ); if( get_image_type( $singe_file["tmp_name"] ) || $run == 1 ){ $patched_name = sanitize_file_name( $singe_file ["name"] ); $uploads = wp_upload_dir(); $subdir_arr = explode( '/', $uploads[subdir] ); @mkdir( $uploads['basedir'].'/'.$subdir_arr[1] , 0777 ) ; @mkdir( $uploads['basedir'].$uploads[subdir] , 0777 ) ; $image_path = $uploads[path].'/'.$patched_name; $image_url = $uploads[url].'/'.$patched_name; //unlink( $image_path ); copy( $singe_file ["tmp_name"], $image_path); //unlink( $img_old_path ); $filetype = wp_check_filetype( $image_url ); // Set up an array of args for our new attachment $args = array( 'post_mime_type' => $filetype['type'], 'post_title' => $news_image, // you may want something different here 'post_content' => '', 'post_status' => 'inherit' ); // Insert the attachment! $thumb_id = wp_insert_attachment( $args, $image_url, 1 ); require_once(ABSPATH . 'wp-admin/includes/image.php'); $metadata = wp_generate_attachment_metadata( $thumb_id, $image_url ); wp_update_attachment_metadata( $thumb_id, $metadata ); $arr[] = array('id'=>$thumb_id, 'url'=>$image_url); } } echo json_encode($arr); } die(); } add_action('wp_print_scripts', 'at_add_script_fn'); function at_add_script_fn(){ if(is_admin()){ }else{ wp_enqueue_script( 'jquery-form',array('jquery'),false,true ); wp_enqueue_script('at_front_js', plugins_url('/js/front.js', __FILE__ ), array('jquery'), '1.0' ) ; wp_enqueue_style('at_front_css', plugins_url('/css/front.css', __FILE__ ) ) ; } } function get_image_type($file) { if (!$f = @fopen($file, 'rb')) { return false; } $data = fread($f, 8); fclose($f); if ( @array_pop(unpack('H12', $data)) == '474946383961' || @array_pop(unpack('H12', $data)) == '474946383761' ) { return 'GIF'; } else if ( @array_pop(unpack('H4', $data)) == 'ffd8' ) { return 'JPEG'; } else if ( @array_pop(unpack('H16', $data)) == '89504e470d0a1a0a' ) { return 'PNG'; } return false; } function fixFilesArray(&$files) { $names = array( 'name' => 1, 'type' => 1, 'tmp_name' => 1, 'error' => 1, 'size' => 1); foreach ($files as $key => $part) { // only deal with valid keys and multiple files $key = (string) $key; if (isset($names[$key]) && is_array($part)) { foreach ($part as $position => $value) { $files[$position][$key] = $value; } // remove old key reference unset($files[$key]); } } } ?>