Can't echo code correctly. CSS dissapears - javascript

I want to make an email-signature page with Elementor and then generate the HTML-code like the code when you that appears when you "View Source" of a page, but code gets not exactly correct. I am using a Custom post type and a Elementor template that is not published so it works only when writing: https://mysite123123.com/a/site/?theme_template_id=1164
I have a PHP snippet plugin and this code gets the Post type HTML but not the same like when you press rightclick/View Source. (Its missing some css etc)
Can you see what Im doing wrong or if you know how to echo the correct html from a webpage like a regular visitor see it?
(Im using this code to give a user a HTML signature)
<?php
global $wp;
$vpost = get_post($post_id);
$urlcard = $vpost->post_name;
$current_url = home_url( $wp->request );
$data = file_get_contents("https://mysite123123.com/a/".$urlcard."/?theme_template_id=1164");
$html_encoded = htmlentities($data);
echo $html_encoded;

You can tell the browser how it should render your data using a Content-Type HTTP Response header.
To have your data rendered as plain text -- as the 'View source' view does -- use "text/plain" as mime-type;
header("Content-Type: text/plain");
echo $data

Related

using ajax to pass string from php to javascript

So I have a piece of javascript code in an html document that responds to a button click. I want a new url to open, and if I specify the link in javascript as I've done below, everything works fine.
<input type="submit" id="submitbtn" value="Purchase Module"/>
<script type="text/javascript">
document.getElementById("submitbtn").addEventListener("click",handle_click);
function handle_click() {
var link;
link="http://www.google.com";
window.location.href=link;
}
</script>
Problem is I want to hide the real link on the server side as it includes a username:password. The php script below calls a function (not shown) that generates the link (a string). This also works fine.
<?php
$link=get_page_link();
?>
I want to pass the link string to the javascript and have tried various iterations of
link=<?php echo $link ;?> to no avail. As I understand it you can't pass strings this way and you need to use ajax. That's where I'm stuck. Seems like I need a $_POST on the php side and a $_GET on the java side, but not sure on the specifics. Any help would be appreciated. Thanks.

esc_url on WordPress ACF oEmbed

I'm using the ACF WordPress plugin to create an oEmbed field. The field accepts a URL from Vimeo and outputs an iframe on the front end.
I usually escape urls and attributes within my theme like so:
<a href="<?= esc_url( get_field('link') ); ?>" title="<?= esc_attr( get_field('title') ); ?>">
When I try and escape the oEmbed, nothing shows up:
<?= esc_url( get_field('video') ); ?>
If I test XSS with the following script, the ACF field completely breaks with a JS error.
<script>alert('hello')</script>
Do I need to escape this field? I assume that WordPress takes care of the escaping through the oEmbed function?
From the official documentation:
The oEmbed field will return a string containing the embed HTML.
Even if the input is of type URL, when getting the value, ACF transforms it to a full HTML embed code. In conclusion, it is wrong to call esc_url on this HTML, you just have to use the_field('video') or echo get_field('video').
As for ACF accepting invalid (non-URL) data in oEmbed type inputs, you can write a custom validator to raise an error, if needed by implementing a filter: acf/validate_value.
Have you tried using the_field() instead of get_field()?
<?= esc_url( the_field('video') ); ?>
The oEmbed actually returns more than just a url so that could be the issue as well. I haven't worked with esc_url() much in the past but it could be breaking because whatever is getting passed through is not only a url.
As stated here, https://www.advancedcustomfields.com/resources/oembed/, "The oEmbed field will return a string containing the embed HTML".

Including a PHP from another server using JS

I am attempting to build a very simple advertising system which is included on all of my websites and is called using a variable above the script to determine what kind of advert is displayed.
For this system, I have been using basic include functions. For example, on a clients website, near the footer, I would have:
$ad_type = 'banner';
include = '../../adsystem/adsystem.php';
The code for this adsystem.php is:
///// BANNER AD //////
if($ad_type == 'banner'){
$today = date("Y-m-d");
$sql = "SELECT * FROM `ad_adverts` WHERE `ad_start_date` <= '$today' AND `ad_end_date` >= '$today' AND `ad_type` = 'banner' ORDER BY RAND() LIMIT 1";
$result = $ad_conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$ad_id = $row["ad_id"];
$ad_link = $row["ad_link"];
$ad_direc = $row["ad_direc"];
?>
<div align="center">
<a target="_blank" href="http://mysite.co.uk/adsystem/adsystem.php?redirect=<? echo $ad_link; ?>&adid=<? echo $ad_id; ?>"><img src="<? echo $ad_direc; ?>" alt="<? echo $ad_link; ?>" style="width:70%; height:70px;"></a>
</div>
<?
}
}
$ad_type = '';
}
/////////////////////
VERY BASIC AT THE MOMENT - IS NOT YET COMPLETE. Simply using this as a test to get it working, then I will deal with fixing security problems and SQL injection, etc...
This will then display the adsystem.php code at the bottom of the site, or wherever I decide to add it. And this works perfectly for local websites - although I am working with websites which are not on the same server, and as you can imagine, that's where I run in to problems due to security issues.
Google Adsense and other advertising agencies combat this issue by using JS code to call the adverts, although I'm not skilled enough with JS to do this. On that direction though, I am wondering if it might be possible to use JS to just call the PHP script or if that would even work?
If anybody could point me in the right place here that would be great?
Without JS you are not able to do it. Please check document.write method. Here you have an example how to add dynamically your JS file with ads into html document:
<script>
var url = 'http://ads.com/buyme?rand='+Math.random()
document.write('<script src="'+url+'"></scr'+'ipt>')
</script>
Under this url, you should generate piece of JavaScript code dynamically in PHP, which should contains content of advertising and write in into html document using document.write method again.
You could use AJAX to call asynchronously to that script. In your php return a JSON with available advertisements.
Also you should consider using template engine and/or PHP framework. Mixing views with business logic isn't great idea.

PHP: Reading DOM info of own HTML page

So, let's say I have only one file on my server called index.php :
<!DOCTYPE html>
<html>
<body style="background-color: orange;">
<!-- On/Off button's picture -->
<?php
echo ("<img id='button' src='data/button.jpg' alt='off'/>");
?>
</body>
</html>
Now, let's say I attach a JavaScript that changes the buttons ALT to ON when I click the button at some point.
How can I read the DOM elements on this page using PHP?
So far, I've found this code:
$dom = new DOMDocument;
$dom->loadHTML($html);
$main = $dom->getElementById('alt');
but I can't figure out how I would fit that in my code above, what page should I call loadHTML() for?
How do I make PHP read DOM elements it generated using echo?
First of all, your button has id button, so searching for the id alt would return no results.
Second: The piece of php you found reads a page $html (probably file_get_contents('some_url'), puts it in the variable dom and parses it, searching for the id alt. In your case it would read your own page, breaking it down in pieces looking for that button.
Thats of no use if you can read the status with javascript on your own page. You can then pass it to php trough an ajax-call or by adding it to the url like mypage.php?button=off
$main = $dom->getElementById('button');

How to add inline JavaScript to a wordpress tempate file

How to add inline JavaScript to a WordPress template file?" Plus add it to every post on my page? for instance, <script type="text/javascript">alert('hello world');</script> would be...
Adding it to a template is easy; just stick it within a tag in any part of the template you want to add it to. For instance:
<script>alert('Hello world!');</script>
as an incredibly basic (and kinda messy and improper) way to demonstrate it. Any template file is just a PHP file, or in other words an HTML file with some extra PHP code thrown in.
Also, to add something to a post, you'll want to add it to the appropriate part of your Wordpress template. For instance, in the default Twentytwelve theme, that'd be the content.php file--that contains the code for a single article, and adding something to that will add it to every instance of an article on the page.
To add some javascript to every post on your page just place it inside the loop. Something like:
<?php
if ( have_posts() ) {
while ( have_posts() ) {
the_post();
?>
<script type="text/javascript">alert('hello world');</script>
<?php
the_title();
the_excerpt();
} // end while
} // end if
?>
Would add an alert for every post on the page. That would be pretty messy to have a popup for every post but that's the gist.

Categories