shell bypass 403
<?php
namespace ElementorPro\Modules\Social\Widgets;
use Elementor\Controls_Manager;
use ElementorPro\Base\Base_Widget;
use ElementorPro\Modules\Social\Classes\Facebook_SDK_Manager;
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
class Facebook_Page extends Base_Widget {
public function get_name() {
return 'facebook-page';
}
public function get_title() {
return esc_html__( 'Facebook Page', 'elementor-pro' );
}
public function get_icon() {
return 'eicon-fb-feed';
}
public function get_keywords() {
return [ 'facebook', 'social', 'embed', 'page' ];
}
protected function is_dynamic_content(): bool {
return false;
}
protected function register_controls() {
$this->start_controls_section(
'section_content',
[
'label' => esc_html__( 'Page', 'elementor-pro' ),
]
);
Facebook_SDK_Manager::add_app_id_control( $this );
$this->add_control(
'url',
[
'label' => esc_html__( 'Link', 'elementor-pro' ),
'placeholder' => 'https://www.facebook.com/your-page/',
'default' => 'https://www.facebook.com/elemntor/',
'label_block' => true,
'description' => esc_html__( 'Paste the URL of the Facebook page.', 'elementor-pro' ),
]
);
$this->add_control(
'tabs',
[
'label' => esc_html__( 'Layout', 'elementor-pro' ),
'type' => Controls_Manager::SELECT2,
'multiple' => true,
'label_block' => true,
'default' => [
'timeline',
],
'options' => [
'timeline' => esc_html__( 'Timeline', 'elementor-pro' ),
'events' => esc_html__( 'Events', 'elementor-pro' ),
'messages' => esc_html__( 'Messages', 'elementor-pro' ),
],
]
);
$this->add_control(
'small_header',
[
'label' => esc_html__( 'Small Header', 'elementor-pro' ),
'type' => Controls_Manager::SWITCHER,
'default' => '',
]
);
$this->add_control(
'show_cover',
[
'label' => esc_html__( 'Cover Photo', 'elementor-pro' ),
'type' => Controls_Manager::SWITCHER,
'default' => 'yes',
]
);
$this->add_control(
'show_facepile',
[
'label' => esc_html__( 'Profile Photos', 'elementor-pro' ),
'type' => Controls_Manager::SWITCHER,
'default' => 'yes',
]
);
$this->add_control(
'show_cta',
[
'label' => esc_html__( 'Custom CTA Button', 'elementor-pro' ),
'type' => Controls_Manager::SWITCHER,
'default' => 'yes',
]
);
$this->add_control(
'height',
[
'label' => esc_html__( 'Height', 'elementor-pro' ),
'type' => Controls_Manager::SLIDER,
'size_units' => [ 'px', 'em', 'rem', 'custom' ],
'default' => [
'size' => 500,
],
'range' => [
'px' => [
'min' => 50,
'max' => 1000,
],
'em' => [
'min' => 5,
'max' => 100,
],
'rem' => [
'min' => 5,
'max' => 100,
],
],
]
);
$this->end_controls_section();
}
public function render() {
$settings = $this->get_settings_for_display();
if ( empty( $settings['url'] ) ) {
echo $this->get_title() . ': ' . esc_html__( 'Please enter a valid URL', 'elementor-pro' ); // XSS ok.
return;
}
$height = $settings['height']['size'] . $settings['height']['unit'];
$attributes = [
'class' => 'elementor-facebook-widget fb-page',
'data-href' => $settings['url'],
'data-tabs' => implode( ',', $settings['tabs'] ),
'data-height' => $height,
'data-width' => '500px', // Try the max possible width
'data-small-header' => $settings['small_header'] ? 'true' : 'false',
'data-hide-cover' => $settings['show_cover'] ? 'false' : 'true', // if `show` - don't hide.
'data-show-facepile' => $settings['show_facepile'] ? 'true' : 'false',
'data-hide-cta' => $settings['show_cta'] ? 'false' : 'true', // if `show` - don't hide.
// The style prevent's the `widget.handleEmptyWidget` to set it as an empty widget.
'style' => 'min-height: 1px;height:' . $height,
];
$this->add_render_attribute( 'embed_div', $attributes );
echo '<div ' . $this->get_render_attribute_string( 'embed_div' ) . '></div>'; // XSS ok.
}
public function render_plain_content() {}
public function get_group_name() {
return 'social';
}
}