wp-plugins/twilio-wp-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
345ef43740ba8d96d07cfb75a4f2874cb993e71c
twilio-wp-plugin/includes/class-twp-shortcodes.php
jknapp 345ef43740 Security enhancement: Remove frontend browser phone interface 
- Updated shortcode to redirect to admin browser phone page for enhanced security
- Removed frontend browser phone assets (108KB total):
  - assets/js/browser-phone-frontend.js (85KB)
  - assets/css/browser-phone-frontend.css (23KB)
- Modified shortcode to show secure redirect interface with authentication checks
- Added new shortcode attributes: title, button_text, target
- Enhanced documentation with security improvements and new behavior
- Reduced frontend attack surface by eliminating JavaScript exposure
- Improved performance with minimal asset loading for shortcode pages

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-02 11:40:49 -07:00

99 lines
3.4 KiB
PHP
Raw Blame History

<?php
/**
* Handle plugin shortcodes
*/
class TWP_Shortcodes {
/**
* Initialize shortcodes
*/
public static function init() {
add_action('init', array(__CLASS__, 'register_shortcodes'));
add_action('wp_enqueue_scripts', array(__CLASS__, 'enqueue_frontend_assets'));
}
/**
* Register all shortcodes
*/
public static function register_shortcodes() {
add_shortcode('twp_browser_phone', array(__CLASS__, 'browser_phone_shortcode'));
}
/**
* Enqueue frontend assets when shortcode is present
* Since we now redirect to admin, only basic styling is needed
*/
public static function enqueue_frontend_assets() {
global $post;
if (is_a($post, 'WP_Post') && has_shortcode($post->post_content, 'twp_browser_phone')) {
// Add basic styling for the redirect interface
wp_add_inline_style('wp-admin', '
.twp-browser-phone-redirect {
padding: 20px;
border: 1px solid #ddd;
border-radius: 5px;
background: #f9f9f9;
text-align: center;
margin: 20px 0;
}
.twp-browser-phone-redirect h3 {
margin-top: 0;
color: #333;
}
.twp-browser-phone-redirect p {
margin-bottom: 15px;
}
.twp-error {
padding: 10px;
border: 1px solid #dc3232;
border-radius: 3px;
background: #fbeaea;
color: #dc3232;
margin: 10px 0;
}
');
}
}
/**
* Browser phone shortcode handler
* Redirects users to the admin browser phone page
*/
public static function browser_phone_shortcode($atts) {
// Check if user is logged in
if (!is_user_logged_in()) {
return '<div class="twp-error">You must be logged in to access the browser phone.</div>';
}
// Check if user has permission
if (!current_user_can('twp_access_browser_phone') && !current_user_can('manage_options')) {
return '<div class="twp-error">You don\'t have permission to access the browser phone.</div>';
}
// Parse shortcode attributes
$atts = shortcode_atts(array(
'title' => 'Browser Phone',
'button_text' => 'Access Browser Phone',
'target' => '_blank'
), $atts, 'twp_browser_phone');
// Generate admin URL for browser phone page
$admin_url = admin_url('admin.php?page=twilio-wp-browser-phone');
$target = ($atts['target'] === '_blank') ? 'target="_blank"' : '';
ob_start();
?>
<div class="twp-browser-phone-redirect">
<h3><?php echo esc_html($atts['title']); ?></h3>
<p>The browser phone interface has been moved to the WordPress admin area for enhanced security and functionality.</p>
<p>
<a href="<?php echo esc_url($admin_url); ?>" <?php echo $target; ?> class="button button-primary">
<?php echo esc_html($atts['button_text']); ?>
</a>
</p>
</div>
<?php
return ob_get_clean();
}
}
Reference in New Issue View Git Blame Copy Permalink