HEX
Server: nginx/1.24.0
System: Linux server 6.12.74+deb13+1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.74-2 (2026-03-08) x86_64
User: www (1001)
PHP: 8.5.2
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
Upload Files
File: /www/wwwroot/claudiayancor.duckdns.org/wp-content/plugins/photonic/Core/Template.php
<?php

namespace Photonic_Plugin\Core;

/**
 * Class Template
 * Used for cases where clicking on an album link opens a Photonic gallery on its own page. This is triggered when the shortcode attribute
 * <code>popup='page'</code> is set
 */
class Template {
	public function __construct() {
		add_filter('the_content', [&$this, 'load_gallery'], 100, 1);
		add_filter('the_title', [&$this, 'set_title'], 10, 2);
	}

	/**
	 * Changes the title of the template page to the title of the album being displayed.
	 *
	 * @param $title
	 * @param $id
	 * @return string|void
	 */
	public function set_title($title, $id = null) {
		global $photonic_page_title, $photonic_gallery_template_page;
		if (!empty($id)) {
			if (!empty($photonic_gallery_template_page) && is_page($photonic_gallery_template_page) && 'replace-if-available' === $photonic_page_title && absint($photonic_gallery_template_page) === absint($id)) {
				if (isset($_REQUEST['photonic_gallery_title'])) {
					return wptexturize(stripslashes_deep(wp_kses_post($_REQUEST['photonic_gallery_title'])));
				}
			}
		}
		return $title;
	}

	/**
	 * Changes the content of the template page to have the description and contents of the gallery.
	 *
	 * @param $content
	 * @return string
	 */
	public function load_gallery($content) {
		global $photonic_gallery_template_page;
		if (!empty($photonic_gallery_template_page) && is_page($photonic_gallery_template_page)) {
			// Cannot check nonce for front-end gallery, but will vet the request fully
			if (isset($_REQUEST['photonic_gallery'])) {
				global $photonic_alternative_shortcode;

				$shortcode_tag = esc_attr($photonic_alternative_shortcode ?: 'gallery');
				$shortcode = sanitize_text_field($_REQUEST['photonic_gallery']);
				$shortcode = base64_decode($shortcode); // The `encode` is defined in Core.php's get_gallery_url method. We check this in the following steps.

				// Input is coming via a URL, so we have to ensure it is safe.
				// The input is expected to be a Photonic shortcode, so the simplest way is to strip out all instances of the Photonic
				// shortcode and verify that the input is blank. If it is blank, then all that the input had was a Photonic shortcode.
				$content_without_shortcodes = strip_shortcodes($shortcode);
				if (!empty(trim($shortcode)) && has_shortcode($shortcode, $shortcode_tag) && empty(trim($content_without_shortcodes))) {
					// Looks good. Let's proceed.
					global $photonic_page_content;
					if ('replace-if-available' === $photonic_page_content) {
						$content = do_shortcode($shortcode);
					}
					elseif ('append-if-available' === $photonic_page_content) {
						$content .= do_shortcode($shortcode);
					}
				}
				else {
					// Input looks funny. Stay safe and exit
					$content .= esc_html__('You are trying to display a gallery, but no gallery was found corresponding to the input.', 'photonic');
				}
			}
			else {
				// Input is blank. Show nothing and exit
				$content .= esc_html__('You are trying to display a gallery, but no input was provided.', 'photonic');
			}
		}
		return $content;
	}
}

new Template();