WordPress.org

Ready to get started?Download WordPress

Forums

Jetpack by WordPress.com
[resolved] OmniSearch Breaks Strictly TweetBot (7 posts)

  1. Strictly Software
    Member
    Posted 8 months ago #

    Hi

    I have just noticed that if the Omnisearch option is enabled then in my own plugin Strictly Tweetbot when I go to delete a Twitter account it takes me to a page (url mentions omnisearch) that says "you do not have sufficient permission to edit this".

    I am admin.

    I have never had problems before enabling Omnisearch.

    This reminds me of the current issue with WP-O-Matic where when I try and view "stats" either from the old wp-stats or new Jetpack stats it takes me to the WP-O-Matic campaign homepage instead.

    Seems like a rewrite rule is getting mixed up somewhere.

    In my code I am just setting a nonce, checking you are admin and then deleting some data from wp-options.

    De-activating omnisearch let me delete the accounts again.

    Just thought I would let you and any Strictly Tweetbot users know.

    http://wordpress.org/plugins/jetpack/

  2. Jeremy Herve
    Happiness Engineer
    Plugin Author

    Posted 8 months ago #

    Thanks for the report!

    Could you point me to the code that handles the removal of a Twitter account in your plugin, so we can take a closer look?

    Thanks!

  3. Strictly Software
    Member
    Posted 8 months ago #

    Hi it's a bit complicated due to the fact I allow people to add new accounts without submitting the page (so I just copy some HTML, and append the nodes to the HTML).

    The cross in the corner of the account to delete one account just calls some JS that updates a counter of how many accounts we are supposed to have in a hidden field (account_delete_counter) so if the page is then submitted I know we should only have X accounts and I just loop up to that number.

    I do supply a unique nonce and a flag the JS code is

    deleteaccount : function(c,n){
    						ShowDebug("IN delete account c = " + c + " n = " + n);
    
    						// if account was added on the fly then it hasnt been saved so we can just remove it again
    						if(confirm("' . __('Are your sure you want to remove this Twitter account?','strictlytweetbot') . '")){
    							ShowDebug("remove div = hx_"+c);
    
    							if(document.getElementById("hx_"+c)){
    								var el = document.getElementById("AccountWrapper"+c);
    								ShowDebug("el = " + el.id + " typeof = " + typeof(el));
    								el.parentNode.removeChild(el);
    								document.getElementById("account_delete_counter").value = document.getElementById("account_delete_counter").value+c+",";								
    
    								ShowDebug("gone");
    							}else{
    								ShowDebug("location.href=" + location.href);
    
    								document.forms[0].action=TwitterAccount.CleanURL(location.href) + "&_ajax_nonce=' . $nonce . '&del=1&key="+encodeURIComponent(n);
    								document.forms[0].submit();
    							}
    						}
    					},
    
    					CleanURL : function(url){
    
    						if(url!=""){
    							return url.replace(/&_ajax_nonce=\S+?&del=1&key=[^& ]+$/,"");
    						}
    
    					}
    				}
    
    				function ShowDebug(m){
    					if(typeof(window.console)!="undefined"){
    						console.log(m);
    					}
    				}

    If the form is submitted and there is a del=1 flag in the querystring in my submit action I run this code.

    if ( !$_POST['cmdSubmit'] && $_GET['del'] == "1"){
    
    	$key = $_GET['key'] ;
    
    	// check nonce - not AJAX but so what
    	check_ajax_referer('strictly-tweetbot-nonce');
    
    	$this->DeleteAccount($key);
    }

    And the DelteAccount function passes in the key to the function which removes all details of the account from the global array of all twitter accounts I have.

    /**
     * deletes an account
     *
     * @param string $account
     * @return bool
     */
    protected function DeleteAccount($key){
    
    	if(!empty($key)){
    
    		// get the account from the key - don't really need this now I have put code in to prevent duplicate account names from occurring
    		// added however there may be future reasons so I'll continue to use a surrogate key
    
    		$account = $this->GetAccountFromKey($key);
    
    		// update each array then re-save
    		// create array to store results
    
    		unset($this->accounts[$account]);
    		unset($this->account_names[$account]);
    		unset($this->access_token_secrets[$account]);
    		unset($this->access_tokens[$account]);
    		unset($this->verified[$account]);
    		unset($this->defaulttags[$account]);
    		unset($this->formats[$account]);
    		unset($this->active[$account]);
    		unset($this->tagtypes[$account]);
    		unset($this->contentanalysis[$account]);
    		unset($this->contentanalysistype[$account]);
    		unset($this->saved_keys[$account]);
    		unset($this->extra_querystring[$account]);
    		unset($this->ignoreterms[$account]);
    		unset($this->textshrink[$account]);
    		unset($this->tweetshrink[$account]);
    
    		$strictlytweet_options	= array(
    									"accounts" => $this->accounts,
    									"account_names" => $this->account_names,
    									"access_token_secrets" => $this->access_token_secrets,
    									"access_tokens" => $this->access_tokens,
    									"verified" => $this->verified,
    									"defaulttags" => $this->defaulttags,
    									"formats" => $this->formats,
    									"active" => $this->active,
    									"tagtypes" => $this->tagtypes,
    									"bitlyAPIkey" => $this->bitlyAPIkey,
    									"bitlyAPIusername" => $this->bitlyAPIusername,
    									"bitlyAPI" => $this->bitlyAPI,
    									"contentanalysis" => $this->contentanalysis,
    									"contentanalysistype" => $this->contentanalysistype,
    									"saved_keys" => $this->saved_keys,
    									"extra_querystring" => $this->extra_querystring,
    									"ignoreterms" => $this->ignoreterms,
    									"textshrink" => $this->textshrink,
    									"tweetshrink" => $this->tweetshrink
    								);
    
    		// save our data to the wordpress database
    		update_option('strictlytweetbot_options', $strictlytweet_options);
    
    	}
    
    }

    I basically just have a big array of all the parts I need and the name of the account is the key to the array (hashtags, verification, text etc)

    Hope this makes sense!

  4. Strictly Software
    Member
    Posted 8 months ago #

    I think I might have found the cause which explains why it works when I am in admin but not from CRON

    From ref about is_plugin_active (which I use to check if AutoTags is enabled in my code before adding the hook to the event to do the tweeting)

    https://codex.wordpress.org/Function_Reference/is_plugin_active

    NOTE: defined in wp-admin/includes/plugin.php, so this is only available from within the admin pages, and any references to this function must be hooked to admin_init or a later action. If you want to use this function from within a template, you will need to manually require plugin.php, an example is below.

    So when CRON / GET calls it I am not in admin so it just bombs out.

    I put this at the top of my test page

    $strictly_auto_tags_active = is_plugin_active('strictly-autotags/strictlyautotags.class.php');
    
    ShowTestDebug("is strictly autotags active = " . intval($strictly_auto_tags_active));
    
    die;

    And just got a blank screen!

    So I need another test for autotags being available like an option etc

  5. Strictly Software
    Member
    Posted 8 months ago #

    Yeah baby!

    That was it!

    Finally got it working and all because the check for a plugin only works if you are logged in as admin which explains EVERYTHING!

    So I just check for an option I store all my Strictly AutoTag settings in now instead and replaced the old is_plugin_active code.

    I suppose if the plugin is not active it would still wait for the tagging but then I could come up with some work around. I could set a flag on "de-activate" in the register hook and then use that to see if it was active or not.

    Anyway thanks for your help - I finally got there!

  6. Strictly Software
    Member
    Posted 8 months ago #

    Sorry - I thought this was another post!

    Those two answers were not meant for you. Still broken I am afraid - had too many tabs open! DOH!

  7. Jeremy Herve
    Happiness Engineer
    Plugin Author

    Posted 8 months ago #

    Alright. Thanks for the extra details in your first reply. I created a trac ticket here, and we'll have a closer look at what can cause this conflict.

    Feel free to add yourself in cc of the ticket to follow our progress.

Reply

You must log in to post.

About this Plugin

About this Topic