Changeset 2132000
- Timestamp:
- 08/01/2019 09:35:24 AM (7 years ago)
- Location:
- taugun/trunk
- Files:
-
- 11 edited
-
esf.php (modified) (2 diffs)
-
inc/abstracts/class-esf-post.php (modified) (1 diff)
-
inc/abstracts/class-esf-settings-page.php (modified) (1 diff)
-
inc/admin/menu/class-esf-menu-management.php (modified) (1 diff)
-
inc/admin/menu/class-esf-post-type-handler.php (modified) (2 diffs)
-
inc/admin/menu/class-esf-settings.php (modified) (1 diff)
-
inc/admin/menu/pages/class-esf-locations.php (modified) (2 diffs)
-
inc/admin/menu/pages/class-esf-organizers.php (modified) (2 diffs)
-
inc/admin/menu/wp-list-table/class-esf-locations-table.php (modified) (3 diffs)
-
inc/admin/menu/wp-list-table/class-esf-organizers-table.php (modified) (3 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
taugun/trunk/esf.php
r2130178 r2132000 4 4 * Plugin Name: Taugun Events Calendar 5 5 * Description: Taugun is a free Events Calendar plugin which allows you to create and manage events in your WordPress site. 6 * Version: 1. 36 * Version: 1.4 7 7 * Author: Flintop 8 8 * Author URI: https://flintop.com/ … … 27 27 * Version 28 28 * */ 29 private $version = '1. 3' ;29 private $version = '1.4' ; 30 30 31 31 /** -
taugun/trunk/inc/abstracts/class-esf-post.php
r2129128 r2132000 114 114 */ 115 115 public function exists() { 116 117 116 return isset( $this->post->post_type ) && $this->post->post_type == $this->post_type ; 118 117 } -
taugun/trunk/inc/abstracts/class-esf-settings-page.php
r2129128 r2132000 168 168 $section = ($current_sub_section) ? $current_sub_section : $current_section ; 169 169 170 if ( empty( $_POST[ 'reset' ] ) )170 if ( ! isset( $_POST[ 'reset' ] ) || empty( $_POST[ 'reset' ] ) ) 171 171 return ; 172 172 -
taugun/trunk/inc/admin/menu/class-esf-menu-management.php
r2106552 r2132000 93 93 $current_sub_section = empty( $_REQUEST[ 'subsection' ] ) ? '' : sanitize_title( wp_unslash( $_REQUEST[ 'subsection' ] ) ) ; 94 94 95 do_action( s elf::$plugin_slug . '_settings_save_' . $current_tab, $current_section ) ;96 do_action( s elf::$plugin_slug . '_settings_reset_' . $current_tab, $current_section ) ;95 do_action( sanitize_key( self::$plugin_slug . '_settings_save_' . $current_tab ) , $current_section ) ; 96 do_action( sanitize_key( self::$plugin_slug . '_settings_reset_' . $current_tab ) , $current_section ) ; 97 97 } 98 98 -
taugun/trunk/inc/admin/menu/class-esf-post-type-handler.php
r2129128 r2132000 238 238 239 239 // If this is an autosave, our form has not been submitted, so we don't want to do anything. 240 if ( empty( $post_id ) || empty( $post ) ) { 241 return ; 242 } 240 if ( empty( $post_id ) || empty( $post ) ) 241 return ; 243 242 244 243 // Check the nonce 245 if ( empty( $_POST[ 'esf_events_nonce' ] ) || ! wp_verify_nonce( $_POST[ 'esf_events_nonce' ], 'esf_save_event_settings' ) )244 if ( ! isset( $_POST[ 'esf_events_nonce' ] ) || empty( $_POST[ 'esf_events_nonce' ] ) || ! wp_verify_nonce( esf_sanitize_text_field( $_POST[ 'esf_events_nonce' ] ) , 'esf_save_event_settings' ) ) 246 245 return ; 247 246 … … 251 250 252 251 // Dont' save meta boxes for revisions or autosaves 253 if ( defined( 'DOING_AUTOSAVE' ) || is_int( wp_is_post_revision( $post_id ) ) || is_int( wp_is_post_autosave( $post_id ) ) ) { 254 return ; 255 } 252 if ( defined( 'DOING_AUTOSAVE' ) || is_int( wp_is_post_revision( $post_id ) ) || is_int( wp_is_post_autosave( $post_id ) ) ) 253 return ; 256 254 257 255 // Check user has permission to edit 258 if ( ! current_user_can( 'edit_post' , $post_id ) ) { 259 return ; 260 } 256 if ( ! current_user_can( 'edit_post' , $post_id ) ) 257 return ; 261 258 262 259 //Prevent to update post multi time. -
taugun/trunk/inc/admin/menu/class-esf-settings.php
r2125765 r2132000 50 50 } 51 51 52 self::$settings = apply_filters( s elf::$plugin_slug . '_get_settings_pages', $settings ) ;52 self::$settings = apply_filters( sanitize_key( self::$plugin_slug . '_get_settings_pages' ) , $settings ) ; 53 53 54 54 return self::$settings ; -
taugun/trunk/inc/admin/menu/pages/class-esf-locations.php
r2129128 r2132000 194 194 } 195 195 196 if ( isset( $meta_data[ 'esf_image' ] ) && ! filter_var( $meta_data[ 'esf_image' ] , FILTER_VALIDATE_URL ) === FALSE ) {197 throw new Exception( esc_html__( 'Inavlid Image URL' , ESF_LOCALE ) ) ;198 }199 200 196 $post_args = array( 201 197 'post_title' => esf_sanitize_text_field( $meta_data[ 'esf_name' ] ) , … … 272 268 } 273 269 274 if ( isset( $meta_data[ 'esf_image' ] ) && filter_var( $meta_data[ 'esf_image' ] , FILTER_VALIDATE_URL ) === FALSE ) {275 throw new Exception( esc_html__( 'Inavlid Image URL' , ESF_LOCALE ) ) ;276 }277 278 270 $post_args = array( 279 271 'post_title' => esf_sanitize_text_field( $meta_data[ 'esf_name' ] ) , -
taugun/trunk/inc/admin/menu/pages/class-esf-organizers.php
r2129128 r2132000 153 153 // Check user permission 154 154 if ( ! current_user_can( 'publish_posts' ) ) { 155 throw new Exception( esc_html__( 'You do not have permission to create Locations', ESF_LOCALE ) ) ;155 throw new Exception( esc_html__( "You don't have permission to do this action" , ESF_LOCALE ) ) ; 156 156 } 157 157 … … 161 161 } 162 162 163 $meta_data = $_POST[ 'organizer' ];163 $meta_data = esf_sanitize_text_field( $_POST[ 'organizer' ] ) ; 164 164 165 165 if ( $meta_data[ 'esf_name' ] == '' ) { -
taugun/trunk/inc/admin/menu/wp-list-table/class-esf-locations-table.php
r2106552 r2132000 66 66 $this->base_url = add_query_arg( array( 'page' => 'locations' ) , esf_get_event_page_url() ) ; 67 67 68 add_filter( $this->plugin_slug . '_query_where', array( $this , 'custom_search' ) , 10 , 1 ) ;68 add_filter( sanitize_key( $this->plugin_slug . '_query_where' ) , array( $this , 'custom_search' ) , 10 , 1 ) ; 69 69 70 70 $this->prepare_current_url() ; … … 218 218 return ; 219 219 220 if ( ! current_user_can( 'edit_post ' ) )221 wp_die( '<p class="esf_warning_notice">' . esc_html__( 'Sorry, you are not allowed to edit this Location.', ESF_LOCALE ) . '</p>' ) ;220 if ( ! current_user_can( 'edit_posts' ) ) 221 wp_die( '<p class="esf_warning_notice">' . esc_html__( "You don't have permission to do this action" , ESF_LOCALE ) . '</p>' ) ; 222 222 223 223 $action = $this->current_action() ; … … 287 287 $where = " where post_type='" . $this->post_type . "' and post_status" . $status ; 288 288 289 $where = apply_filters( $this->plugin_slug . '_query_where', $where ) ;290 $limit = apply_filters( $this->plugin_slug . '_query_limit', $this->perpage ) ;291 $offset = apply_filters( $this->plugin_slug . '_query_offset', $this->offset ) ;292 $orderby = apply_filters( $this->plugin_slug . '_query_orderby', $this->orderby ) ;289 $where = apply_filters( sanitize_key( $this->plugin_slug . '_query_where' ) , $where ) ; 290 $limit = apply_filters( sanitize_key( $this->plugin_slug . '_query_limit' ) , $this->perpage ) ; 291 $offset = apply_filters( sanitize_key( $this->plugin_slug . '_query_offset' ) , $this->offset ) ; 292 $orderby = apply_filters( sanitize_key( $this->plugin_slug . '_query_orderby' ) , $this->orderby ) ; 293 293 294 294 $count_items = $wpdb->get_results( "SELECT ID FROM " . $wpdb->posts . " $where $orderby" ) ; -
taugun/trunk/inc/admin/menu/wp-list-table/class-esf-organizers-table.php
r2106552 r2132000 66 66 $this->base_url = add_query_arg( array( 'page' => 'organizers' ) , esf_get_event_page_url() ) ; 67 67 68 add_filter( $this->plugin_slug . '_query_where', array( $this , 'custom_search' ) , 10 , 1 ) ;68 add_filter( sanitize_key( $this->plugin_slug . '_query_where' ) , array( $this , 'custom_search' ) , 10 , 1 ) ; 69 69 70 70 $this->prepare_current_url() ; … … 218 218 return ; 219 219 220 if ( ! current_user_can( 'edit_post ' ) )221 wp_die( '<p class="esf_warning_notice">' . esc_html__( 'Sorry, you are not allowed to edit this Organizer.', ESF_LOCALE ) . '</p>' ) ;220 if ( ! current_user_can( 'edit_posts' ) ) 221 wp_die( '<p class="esf_warning_notice">' . esc_html__( "You don't have permission to do this action" , ESF_LOCALE ) . '</p>' ) ; 222 222 223 223 $action = $this->current_action() ; … … 283 283 $where = " where post_type='" . $this->post_type . "' and post_status" . $status ; 284 284 285 $where = apply_filters( $this->plugin_slug . '_query_where', $where ) ;286 $limit = apply_filters( $this->plugin_slug . '_query_limit', $this->perpage ) ;287 $offset = apply_filters( $this->plugin_slug . '_query_offset', $this->offset ) ;288 $orderby = apply_filters( $this->plugin_slug . '_query_orderby', $this->orderby ) ;285 $where = apply_filters( sanitize_key( $this->plugin_slug . '_query_where' ) , $where ) ; 286 $limit = apply_filters( sanitize_key( $this->plugin_slug . '_query_limit' ) , $this->perpage ) ; 287 $offset = apply_filters( sanitize_key( $this->plugin_slug . '_query_offset' ) , $this->offset ) ; 288 $orderby = apply_filters( sanitize_key( $this->plugin_slug . '_query_orderby' ) , $this->orderby ) ; 289 289 290 290 $count_items = $wpdb->get_results( "SELECT ID FROM " . $wpdb->posts . " $where $orderby" ) ; -
taugun/trunk/readme.txt
r2130178 r2132000 5 5 Tested up to: 5.2.1 6 6 Requires PHP: 5.6.25 7 Stable tag: 1. 37 Stable tag: 1.4 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 156 156 == Changelog == 157 157 158 V1.4 159 160 Fix: Unable to update location without image once saved 161 158 162 V1.3 159 163
Note: See TracChangeset
for help on using the changeset viewer.