33Plugin Name: Sync QCloud COS
44Plugin URI: https://qq52o.me/2518.html
55Description: 使用腾讯云对象存储服务 COS 作为附件存储空间。(Using Tencent Cloud Object Storage Service COS as Attachment Storage Space.)
6- Version: 2.6.5
6+ Version: 2.6.6
77Author: 沈唁
88Author URI: https://qq52o.me
99License: Apache2.0
2727use SyncQcloudCos \Monitor \DataPoints ;
2828use SyncQcloudCos \Object \Head ;
2929
30- define ('COS_VERSION ' , '2.6.5 ' );
30+ define ('COS_VERSION ' , '2.6.6 ' );
3131define ('COS_PLUGIN_SLUG ' , 'sync-qcloud-cos ' );
3232define ('COS_PLUGIN_PAGE ' , plugin_basename (dirname (__FILE__ )) . '%2F ' . basename (__FILE__ ));
3333
@@ -894,6 +894,7 @@ function cos_sync_setting_form($cos_options)
894894 }
895895
896896 $ noncewp_nonce_field ('qcloud_cos_replace ' , 'qcloud_cos_replace-nonce ' , true , false );
897+ $ replaceNoncewp_nonce_field ('qcloud_cos_all ' , 'qcloud_cos_all-nonce ' , true , false );
897898
898899 return <<<HTML
899900 <form method="post">
@@ -903,7 +904,7 @@ function cos_sync_setting_form($cos_options)
903904 <legend>数据库内容替换</legend>
904905 </th>
905906 <td>
906- <input type="text" name="old_url" size="50" placeholder="请输入要替换的内容"/>
907+ <input type="text" required name="old_url" size="50" placeholder="请输入要替换的内容"/>
907908 <p><b>可能会填入:<code> {$ old_url</code></b></p>
908909 <p>例如:<code>https://qq52o.me/wp-content/uploads</code></p>
909910 </td>
@@ -938,6 +939,7 @@ function cos_sync_setting_form($cos_options)
938939 <legend>同步历史附件</legend>
939940 </th>
940941 <input type="hidden" name="type" value="qcloud_cos_all">
942+ {$ replaceNonce
941943 <td>
942944 <input type="submit" class="button button-secondary" value="开始同步"/>
943945 <p><b>注意:如果是首次同步,执行时间将会非常长(根据你的历史附件数量),有可能会因为执行时间过长,导致页面显示超时或者报错。<br> 所以建议附件数量过多的用户,直接使用官方的<a target="_blank" rel="nofollow" href="https://cloud.tencent.com/document/product/436/63143">COSCLI 工具</a>进行迁移,具体可参考<a target="_blank" rel="nofollow" href="https://qq52o.me/2809.html">使用 COSCLI 快速迁移本地数据到 COS</a></b></p>
@@ -1056,6 +1058,8 @@ function cos_ci_image_slim_page($options)
10561058 }
10571059 }
10581060
1061+ $ noncewp_nonce_field ('qcloud_cos_ci_image_slim ' , 'qcloud_cos_ci_image_slim-nonce ' , true , false );
1062+
10591063 return <<<EOF
10601064 <form method="post">
10611065 <table class="form-table">
@@ -1112,6 +1116,7 @@ function cos_ci_image_slim_page($options)
11121116 <tr>
11131117 <th></th>
11141118 <input type="hidden" name="type" value="qcloud_cos_ci_image_slim">
1119+ {$ nonce
11151120 <td><input type="submit" class="button button-primary" value="保存"/></td>
11161121 </tr>
11171122 </table>
@@ -1150,6 +1155,8 @@ function cos_ci_text_page($options)
11501155 $ select_roles'<input type="checkbox" name="ci_text_comments_check_roles[]" value=" ' . $ role'" ' . $ check'> ' . $ name'<br> ' ;
11511156 }
11521157
1158+ $ noncewp_nonce_field ('qcloud_cos_ci_text ' , 'qcloud_cos_ci_text-nonce ' , true , false );
1159+
11531160 return <<<EOF
11541161 <form method="post">
11551162 <table class="form-table">
@@ -1197,6 +1204,7 @@ function cos_ci_text_page($options)
11971204 <tr>
11981205 <th></th>
11991206 <input type="hidden" name="type" value="qcloud_cos_ci_text">
1207+ {$ nonce
12001208 <td><input type="submit" class="button button-primary" value="保存"/></td>
12011209 </tr>
12021210 </table>
@@ -1298,7 +1306,7 @@ function cos_process_comments($comment_data)
12981306 return $ comment_data
12991307}
13001308
1301- add_filter ('preprocess_comment ' , 'cos_process_comments ' );
1309+ add_filter ('preprocess_comment ' , 'cos_process_comments ' , 99 );
13021310
13031311function cos_request_txt_check ($ options$ comment
13041312{
@@ -1387,6 +1395,8 @@ function cos_document_page($options)
13871395 $ disableSubmit$ status'disabled=disabled ' : '' ;
13881396 $ disableMessage$ status"<p>如需使用请先访问 <a href='https://console.cloud.tencent.com/ci/bucket?bucket= {$ bucket®ion= {$ options'regional ' ]}&type=document' target='_blank'>腾讯云控制台</a> 开启。</p> " : '' ;
13891397
1398+ $ noncewp_nonce_field ('qcloud_cos_ci_attachment_preview ' , 'qcloud_cos_ci_attachment_preview-nonce ' , true , false );
1399+
13901400 return <<<EOF
13911401 <form method="post">
13921402 <table class="form-table">
@@ -1406,6 +1416,7 @@ function cos_document_page($options)
14061416 <tr>
14071417 <th></th>
14081418 <input type="hidden" name="type" value="qcloud_cos_ci_attachment_preview">
1419+ {$ nonce
14091420 <td>
14101421 <input type="submit" class="button button-primary" {$ disableSubmit value="保存"/>
14111422 {$ disableMessage
@@ -1485,8 +1496,14 @@ function cos_setting_page()
14851496 if (!current_user_can ('manage_options ' )) {
14861497 wp_die ('Insufficient privileges! ' );
14871498 }
1499+ if (!empty ($ _POST empty ($ _POST 'type ' ])) {
1500+ $ nonce$ _POST "{$ _POST 'type ' ]}-nonce " ] ?? '' ;
1501+ if (empty ($ noncewp_verify_nonce ($ nonce$ _POST 'type ' ])) {
1502+ wp_die ('Illegal requests! ' );
1503+ }
1504+ }
14881505 $ options
1489- if (!empty ($ _POST and $ _POST 'type ' ] == 'cos_set ' ) {
1506+ if (!empty ($ _POST && $ _POST 'type ' ] == 'qcloud_cos_set ' ) {
14901507 $ options'bucket ' ] = isset ($ _POST 'bucket ' ]) ? sanitize_text_field ($ _POST 'bucket ' ]) : '' ;
14911508 $ options'regional ' ] = isset ($ _POST 'regional ' ]) ? sanitize_text_field ($ _POST 'regional ' ]) : '' ;
14921509 $ options'app_id ' ] = isset ($ _POST 'app_id ' ]) ? sanitize_text_field ($ _POST 'app_id ' ]) : '' ;
@@ -1518,15 +1535,10 @@ function cos_setting_page()
15181535 }
15191536
15201537 // 替换数据库链接
1521- if (!empty ($ _POST and $ _POST 'type ' ] == 'qcloud_cos_replace ' ) {
1522- $ nonce$ _POST 'qcloud_cos_replace-nonce ' ] ?? '' ;
1523- if (empty ($ noncewp_verify_nonce ($ nonce'qcloud_cos_replace ' )) {
1524- wp_die ('Illegal requests! ' );
1525- }
1526-
1538+ if (!empty ($ _POST $ _POST 'type ' ] == 'qcloud_cos_replace ' ) {
15271539 $ old_urlesc_url_raw ($ _POST 'old_url ' ]);
15281540 $ new_urlesc_url_raw ($ _POST 'new_url ' ]);
1529- if (!empty ($ old_url && ! empty ( $ new_url ) ) {
1541+ if (!empty ($ old_url
15301542 global $ wpdb
15311543 // 文章内容
15321544 $ posts_name$ wpdbprefix . 'posts ' ;
@@ -1542,15 +1554,15 @@ function cos_setting_page()
15421554 }
15431555 }
15441556
1545- if (!empty ($ _POST and $ _POST 'type ' ] == 'qcloud_cos_ci_image_slim ' ) {
1557+ if (!empty ($ _POST && $ _POST 'type ' ] == 'qcloud_cos_ci_image_slim ' ) {
15461558 cos_ci_image_slim_setting ($ _POST
15471559 }
15481560
1549- if (!empty ($ _POST and $ _POST 'type ' ] == 'qcloud_cos_ci_text ' ) {
1561+ if (!empty ($ _POST && $ _POST 'type ' ] == 'qcloud_cos_ci_text ' ) {
15501562 cos_ci_text_setting ($ _POST
15511563 }
15521564
1553- if (!empty ($ _POST and $ _POST 'type ' ] == 'qcloud_cos_ci_attachment_preview ' ) {
1565+ if (!empty ($ _POST && $ _POST 'type ' ] == 'qcloud_cos_ci_attachment_preview ' ) {
15541566 cos_ci_attachment_preview_setting ($ _POST
15551567 }
15561568
@@ -1604,7 +1616,7 @@ function cos_setting_page()
16041616 $ current_tabcos_get_current_tab ();
16051617
16061618 $ color_schemecos_get_user_color_scheme ();
1607- ?>
1619+ ?>
16081620 <style>
16091621 .new-tab{margin-left: 5px;padding: 3px;border-radius: 10px;font-size: 10px;}
16101622 .open{color: #007017;}
@@ -1805,7 +1817,8 @@ function cos_setting_page()
18051817 <td><input type="submit" class="button button-primary" value="保存更改"/></td>
18061818 </tr>
18071819 </table>
1808- <input type="hidden" name="type" value="cos_set">
1820+ <input type="hidden" name="type" value="qcloud_cos_set">
1821+ <?php wp_nonce_field ('qcloud_cos_set ' , 'qcloud_cos_set-nonce ' ); ?>
18091822 </form>
18101823 <?php elseif ($ current_tab'sync ' ): ?>
18111824 <?php echo cos_sync_setting_form ($ cos_options?>
0 commit comments