Douglas "BearlyDoug" Hazard
Forum Replies Created
-
@andrrrewk, respectfully, I’m a senior-level WordPress developer (and have four plugins released). Please trust me when I say I need help, it’s a very legitimate request and I’ve outlined the steps to be able to re-produce the issue. This is most definitely an issue within the plugin’s validation system.
- This reply was modified 5 months, 4 weeks ago by Douglas "BearlyDoug" Hazard.
@thbunte, go to the bottom of https://ww.wp.xz.cn/plugins/events-manager/advanced/ and download/install version 7.1.7. This restores the recurring events section PROPERLY.
To the plugin developers, this was broken in version 7.2 and the latest version. I’m using this on four sites and only one was reverted back to 7.1.7 and is now working properly. Hope this helps.
EDIT: Reverted this from 7.2.1 down to 7.1.7 on all five sites and all are working properly again.
- This reply was modified 6 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
Forum: Plugins
In reply to: [Maps Widget for Google Maps] “Classic Widgets Plugin missing” warningThank you, @talextech, for doing that. Please make sure you build in native auto-support for the Disable Gutenberg plugin like you’ve got with the Classic Widgets plugin. That, or detect if either of those is installed, then toggle that checkbox automatically (you can also go the other route… if those plugins get removed, then un-toggle the checkbox. I actually do that with a couple of my own items, as a self-preservation measure).
Thank you, again, for hearing me on this. 🙂
Forum: Plugins
In reply to: [Maps Widget for Google Maps] “Classic Widgets Plugin missing” warning@talextech, please understand that I *love* the fact that y’all don’t support Gutenberg (I’m very anti-Gutenberg, as well, and my own plugins reflect that to an almost fanatical level). I just want to be able to have that toggle available within the plugin settings interface. It’s not entirely 100% compliant with WP Plugin development guidelines, but it’s juuuuuuuust close enough to pass muster (IMHO. I’m not going to pretend to speak for them, haha!)
Thanks!
Forum: Plugins
In reply to: [Maps Widget for Google Maps] “Classic Widgets Plugin missing” warningAgain, this is why I asked that it be put under SETTINGS and not necessarily with an X feature on the actual alert window (which is what’s supposed to be there, per proper WordPress plugin development guidelines (all messages are supposed to be dismissible)). (Documentation for this is at THIS LINK, Section 11, 2nd paragraph, FYI.)
This also doesn’t address my request for the “Disable Gutenberg” plugin to also be factored in. And considering there’s over 600,000 installs, it seems that would be kind of important, too. 🙂
- This reply was modified 8 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
- This reply was modified 8 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
- This reply was modified 8 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
Forum: Plugins
In reply to: [Maps Widget for Google Maps] “Classic Widgets Plugin missing” warning@talextech, give me a *little* credit, please…. if there *were* a way to dismiss this error message, do you think I’d be here posting about it (especially if I’m capable enough of doing my own plugin and finding a way to TEMPORARILY hide the warning box)?
There’s a reason why I asked that this specifically be configured within the SETTINGS panel of this plugin. 🙂
- This reply was modified 8 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
Forum: Plugins
In reply to: [Classic Editor] Word Press 6.8.1@jfbresse, I’m not tied in with this plugin, but on the 13+ sites where I’m using this plugin (instead of Disable Gutenberg), it’s working perfectly on 6.8.1. (I manage over 130 sites and all but 10 have either this plugin or the Disable Gutenberg plugin activated)
- This reply was modified 9 months ago by Douglas "BearlyDoug" Hazard.
Thank you, @fierevere! I appreciate you weighing in on this. 🙂
@wizardlopes, keep in mind my code does NOT address the javascript issue… only the actual PHP vulnerability.
I’m not sure if I’m allowed to provide a link to a zip file containing the scrubbed javascript code or not. Last thing I want to do is step on any toes, and as a fellow WordPress plugin developer, break any rules. I’ve reported my own post to ask for clarification on this issue.
That being said, I’m considering releasing my own version of Widget Logic, but need to give the WL folks time to get their issue addressed.
- This reply was modified 9 months, 2 weeks ago by Douglas "BearlyDoug" Hazard.
I need to note that my fix above does not address the (VERY VALID) external JavaScript/remote image concern others have noted, though I have scrubbed that “feature” from the version of the plugin I’m using.
The JS issue is absolutely an issue that must be addressed. I am hopeful that the WordPress plugin team will get that addressed for us, once and for all.
If you need to whitelist a custom function you’ve created (I’ve created “is_tree()”, which checks if a page is a child page of a parent page, by checking against the parent page’s ID (similar to is_page()), then the following function in your theme’s functions.php file (or a custom plugin) can be used. Change “is_tree” with your function’s name.
As always, EXERCISE CAUTION when using this code!
add_filter('widget_logic_allowed_functions', function($allowed_funcs) {
$allowed_funcs[] = 'is_tree';
return $allowed_funcs;
});REPLACE the entire contents of widget/logic.php with the following:
<?php
if (!defined('ABSPATH')) exit; // Exit if accessed directly
/**
* Evaluate widget logic safely.
* Supports basic && and || operations with a whitelist of WP conditional functions,
* and allows extension via filter hook for custom functions.
*
* @param string|bool $logic The widget logic string or boolean.
* @return bool True if widget should display, false otherwise.
*/
function widget_logic_check_logic($logic)
{
$logic = trim((string) $logic);
// Allow external override (must return true/false)
$logic = apply_filters('widget_logic_eval_override', $logic);
if (is_bool($logic)) {
return $logic;
}
if ($logic === '') {
return true;
}
// Split by OR (||) operators
$or_parts = preg_split('/\s*\|\|\s*/', $logic);
foreach ($or_parts as $or_part) {
// Split by AND (&&) operators
$and_parts = preg_split('/\s*&&\s*/', $or_part);
$and_result = true;
foreach ($and_parts as $and_part) {
$and_part = trim($and_part);
if (!evaluate_condition($and_part)) {
$and_result = false;
break;
}
}
if ($and_result) {
return true;
}
}
return false;
}
/**
* Evaluate a single condition string.
*
* @param string $condition Single condition like is_home() or current_user_can('edit_posts').
* @return bool
*/
function evaluate_condition($condition)
{
// Match function name and optional args: functionName() or functionName('arg')
if (!preg_match('/^([a-zA-Z_][a-zA-Z0-9_]*)\s*(\(.*\))?$/', $condition, $matches)) {
return false;
}
$func = $matches[1];
$args = isset($matches[2]) ? $matches[2] : '';
// Whitelist allowed functions — filterable so themes/plugins can add more
$allowed_funcs = array(
'is_home',
'is_front_page',
'is_single',
'is_page',
'is_category',
'is_tag',
'is_archive',
'is_author',
'is_search',
'is_404',
'is_user_logged_in',
'current_user_can',
'is_active_sidebar',
);
$allowed_funcs = apply_filters('widget_logic_allowed_functions', $allowed_funcs);
if (!in_array($func, $allowed_funcs, true)) {
return false;
}
if ($args === '') {
return function_exists($func) ? $func() : false;
}
// Process args string to array
$args = trim($args, '() ');
if ($args === '') {
return function_exists($func) ? $func() : false;
}
// Split arguments respecting commas
$argList = preg_split('/\s*,\s*/', $args);
// Trim quotes and whitespace from each arg
$argList = array_map(function ($arg) {
return trim($arg, "'\" ");
}, $argList);
if (!function_exists($func)) {
return false;
}
return call_user_func_array($func, $argList);
}
/**
* Custom error handler for widget logic errors.
*
* @param int $errno
* @param string $errstr
* @return bool
*/
function widget_logic_error_handler($errno, $errstr)
{
global $wl_options;
$show_errors = !empty($wl_options['widget_logic-options-show_errors']) && current_user_can('manage_options');
if ($show_errors) {
echo 'Invalid Widget Logic: ' . esc_html($errstr);
}
return true;
}
/**
* Retrieve widget logic string for a widget ID.
*
* @param string $widget_id
* @return string
*/
function widget_logic_by_id($widget_id)
{
global $wl_options;
if (preg_match('/^(.+)-(\d+)$/', $widget_id, $m)) {
$widget_class = $m[1];
$widget_i = $m[2];
$info = get_option('widget_' . $widget_class);
if (empty($info[$widget_i])) {
return '';
}
$info = $info[$widget_i];
} else {
$info = (array) get_option('widget_' . $widget_id, array());
}
if (isset($info['widget_logic'])) {
$logic = $info['widget_logic'];
} elseif (isset($wl_options[$widget_id])) {
$logic = stripslashes($wl_options[$widget_id]);
widget_logic_save($widget_id, $logic);
unset($wl_options[$widget_id]);
update_option('widget_logic', $wl_options);
} else {
$logic = '';
}
return $logic;
}
/**
* Save widget logic string for a widget ID.
*
* @param string $widget_id
* @param string $logic
* @return void
*/
function widget_logic_save($widget_id, $logic)
{
global $wl_options;
if (preg_match('/^(.+)-(\d+)$/', $widget_id, $m)) {
$widget_class = $m[1];
$widget_i = $m[2];
$info = get_option('widget_' . $widget_class);
if (!is_array($info[$widget_i])) {
$info[$widget_i] = array();
}
$info[$widget_i]['widget_logic'] = $logic;
update_option('widget_' . $widget_class, $info);
} elseif (
isset($_POST['widget_logic_nonce'])
&& wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['widget_logic_nonce'])), 'widget_logic_save')
) {
$info = (array) get_option('widget_' . $widget_id, array());
$info['widget_logic'] = $logic;
update_option('widget_' . $widget_id, $info);
}
}I turned on debugging, took the site to JUST the 2019 theme and ONLY the custom fonts plugin. Everything was updated to the latest and greatest.
Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the custom-fonts domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6121 Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/wp-includes/functions.php:6121) in /var/www/html/wp-includes/functions.php on line 7168 Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/wp-includes/functions.php:6121) in /var/www/html/wp-includes/functions.php on line 7144 Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/wp-includes/functions.php:6121) in /var/www/html/wp-admin/admin-header.php on line 14root@5fdae495a921:/var/www/html# php -v
PHP 8.3.8 (cli) (built: Jun 13 2024 02:03:10) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.8, Copyright (c) Zend Technologies
with Zend OPcache v8.3.8, Copyright (c), by Zend TechnologiesForum: Plugins
In reply to: [ICS Calendar] Feature request: Daylight Savings Time auto-detectionI gotta tip my hat in a sign of MAJOR respect to @room34. Absolutely awesome to work with. And definitely super knowledgeable.
Thank you, S!