diff options
Diffstat (limited to 'plugins/jetpack/modules/shortcodes/bandcamp.php')
-rw-r--r-- | plugins/jetpack/modules/shortcodes/bandcamp.php | 100 |
1 files changed, 55 insertions, 45 deletions
diff --git a/plugins/jetpack/modules/shortcodes/bandcamp.php b/plugins/jetpack/modules/shortcodes/bandcamp.php index 95553633..10a2ba5e 100644 --- a/plugins/jetpack/modules/shortcodes/bandcamp.php +++ b/plugins/jetpack/modules/shortcodes/bandcamp.php @@ -1,6 +1,6 @@ <?php // shortcode handler for [bandcamp], which inserts a bandcamp.com -// music player (embedded flash object) +// music player (iframe, html5) // // [bandcamp album=119385304] // [bandcamp album=3462839126 bgcol=FFFFFF linkcol=4285BB size=venti] @@ -10,41 +10,43 @@ function shortcode_handler_bandcamp( $atts ) { // there are no default values, but specify here anyway // to explicitly list supported atts $attributes = shortcode_atts( array( - 'album' => null, // integer album id - 'track' => null, // integer track id - 'video' => null, // integer track id for video player - 'size' => 'venti', // one of the supported sizes - 'bgcol' => 'FFFFFF', // hex, no '#' prefix - 'linkcol' => null, // hex, no '#' prefix - 'layout' => null, // encoded layout url - 'width' => null, // integer with optional "%" - 'height' => null, // integer with optional "%" - 'notracklist' => null, // may be string "true" (defaults false) - 'tracklist' => null, // may be string "false" (defaults true) - 'artwork' => null, // may be string "false" (alternately: "none") or "small" (default is large) - 'minimal' => null, // may be string "true" (defaults false) - 'theme' => null, // may be theme identifier string ("light"|"dark" so far) - 'package' => null, // integer package id - 't' => null // integer track number + 'album' => null, // integer album id + 'track' => null, // integer track id + 'video' => null, // integer track id for video player + 'size' => 'venti', // one of the supported sizes + 'bgcol' => 'FFFFFF', // hex, no '#' prefix + 'linkcol' => null, // hex, no '#' prefix + 'layout' => null, // encoded layout url + 'width' => null, // integer with optional "%" + 'height' => null, // integer with optional "%" + 'notracklist' => null, // may be string "true" (defaults false) + 'tracklist' => null, // may be string "false" (defaults true) + 'artwork' => null, // may be string "false" (alternately: "none") or "small" (default is large) + 'minimal' => null, // may be string "true" (defaults false) + 'theme' => null, // may be theme identifier string ("light"|"dark" so far) + 'package' => null, // integer package id + 't' => null, // integer track number + 'tracks' => null, // comma separated list of allowed tracks + 'esig' => null // hex, no '#' prefix ), $atts, 'bandcamp' ); $sizes = array( - 'venti' => array( 'width' => 400, 'height' => 100 ), - 'grande' => array( 'width' => 300, 'height' => 100 ), - 'grande2' => array( 'width' => 300, 'height' => 355 ), - 'grande3' => array( 'width' => 300, 'height' => 415 ), - 'tall_album' => array( 'width' => 150, 'height' => 295 ), - 'tall_track' => array( 'width' => 150, 'height' => 270 ), - 'tall2' => array( 'width' => 150, 'height' => 450 ), - 'short' => array( 'width' => 46, 'height' => 23 ), - 'large' => array( 'width' => 350, 'height' => 470 ), - 'medium' => array( 'width' => 450, 'height' => 120 ), - 'small' => array( 'width' => 350, 'height' => 42 ) + 'venti' => array( 'width' => 400, 'height' => 100 ), + 'grande' => array( 'width' => 300, 'height' => 100 ), + 'grande2' => array( 'width' => 300, 'height' => 355 ), + 'grande3' => array( 'width' => 300, 'height' => 415 ), + 'tall_album' => array( 'width' => 150, 'height' => 295 ), + 'tall_track' => array( 'width' => 150, 'height' => 270 ), + 'tall2' => array( 'width' => 150, 'height' => 450 ), + 'short' => array( 'width' => 46, 'height' => 23 ), + 'large' => array( 'width' => 350, 'height' => 470 ), + 'medium' => array( 'width' => 450, 'height' => 120 ), + 'small' => array( 'width' => 350, 'height' => 42 ) ); $sizekey = $attributes['size']; - $height = null; - $width = null; + $height = null; + $width = null; $isVideo = false; @@ -56,21 +58,21 @@ function shortcode_handler_bandcamp( $atts ) { // a video player or an audio player $argparts = array(); - if ( !isset( $attributes['album'] ) && !isset( $attributes['track'] ) && !isset( $attributes['video'] ) ) { + if ( ! isset( $attributes['album'] ) && ! isset( $attributes['track'] ) && ! isset( $attributes['video'] ) ) { return "[bandcamp: shortcode must include 'track', 'album', or 'video' param]"; } - if ( isset( $attributes['track'] ) ) { - $track = (int) $attributes['track']; + if ( isset( $attributes['track'] ) && is_numeric( $attributes['track'] ) ) { + $track = esc_attr( $attributes['track'] ); array_push( $argparts, "track={$track}" ); - } elseif ( isset( $attributes['video'] ) ) { - $track = (int) $attributes['video']; // videos are referenced by track id + } elseif ( isset( $attributes['video'] ) && is_numeric( $attributes['video'] ) ) { + $track = esc_attr( $attributes['video'] ); // videos are referenced by track id $urlbase = "//bandcamp.com/EmbeddedPlayer/v=2"; $isVideo = true; array_push( $argparts, "track={$track}" ); } - if ( isset( $attributes['album'] ) ) { - $album = (int) $attributes['album']; + if ( isset( $attributes['album'] ) && is_numeric( $attributes['album'] ) ) { + $album = esc_attr( $attributes['album'] ); array_push( $argparts, "album={$album}" ); } @@ -83,8 +85,8 @@ function shortcode_handler_bandcamp( $atts ) { } // if size specified that we don't recognize, fall back on venti - if ( empty( $sizes[$sizekey] ) ) { - $sizekey = 'venti'; + if ( empty( $sizes[ $sizekey ] ) ) { + $sizekey = 'venti'; $attributes['size'] = 'venti'; } @@ -104,13 +106,13 @@ function shortcode_handler_bandcamp( $atts ) { } } - if ( !$height ) { - $height = $sizes[$sizekey]['height']; + if ( ! $height ) { + $height = $sizes[ $sizekey ]['height']; $cssheight = $height . "px"; } - if ( !$width ) { - $width = $sizes[$sizekey]['width']; + if ( ! $width ) { + $width = $sizes[ $sizekey ]['width']; $csswidth = $width . "px"; } @@ -165,11 +167,19 @@ function shortcode_handler_bandcamp( $atts ) { array_push( $argparts, "theme={$attributes['theme']}" ); } + // param 'tracks' is signed digest param 'esig' + if ( isset( $attributes['tracks'] ) && preg_match( "|^[0-9\,]+$|", $attributes['tracks'] ) ) { + if ( isset( $attributes['esig'] ) && preg_match( "|^[0-9A-Fa-f]+$|", $attributes['esig'] ) ) { + array_push( $argparts, "tracks={$attributes['tracks']}" ); + array_push( $argparts, "esig={$attributes['esig']}" ); + } + } + if ( $isVideo ) { - $url = "//bandcamp.com/VideoEmbed?" . join( '&', $argparts ); + $url = "//bandcamp.com/VideoEmbed?" . join( '&', $argparts ); $extraAttrs = " mozallowfullscreen='1' webkitallowfullscreen='1' allowfullscreen='1'"; } else { - $url = "//bandcamp.com/EmbeddedPlayer/v=2/" . join( '/', $argparts ) . '/'; + $url = "//bandcamp.com/EmbeddedPlayer/v=2/" . join( '/', $argparts ) . '/'; $extraAttrs = ''; } |