Changeset 2585335
- Timestamp:
- 08/19/2021 09:47:58 AM (5 years ago)
- Location:
- availability-calendar/trunk
- Files:
-
- 6 edited
-
README.txt (modified) (2 diffs)
-
admin/includes/owac-category-add.php (modified) (1 diff)
-
admin/includes/owac-functions.php (modified) (8 diffs)
-
admin/includes/owac-settings.php (modified) (1 diff)
-
availabilitycalendar.php (modified) (2 diffs)
-
public/includes/frontend.php (modified) (7 diffs)
Legend:
- Unmodified
- Added
- Removed
-
availability-calendar/trunk/README.txt
r2541024 r2585335 5 5 Requires at least: 3.5 6 6 Requires PHP : 5.4.4 7 Tested up to: 5. 7.28 Stable tag: 1.2 7 Tested up to: 5.8 8 Stable tag: 1.2.1 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 67 67 68 68 == Changelog == 69 = 1.2 =70 * css and js issue update and Tested up to wordpress version 5.7.269 = 1.2.1 = 70 * ERROR: solved same security and SQL bugs and Tested up to wordpress version 5.8 71 71 72 = 1.1.9= 72 = 1.2 = 73 * ERROR: css issue update and Tested up to wordpress version 5.7 74 75 = 1.1.9 = 73 76 * ERROR: jquery issue updated. 74 77 75 = 1.1.8 =78 = 1.1.8 = 76 79 * New: Number Of Months To Display add 5 year 77 80 78 = 1.1.7 =81 = 1.1.7 = 79 82 * ERROR: css issue updated. 80 83 -
availability-calendar/trunk/admin/includes/owac-category-add.php
r2242384 r2585335 55 55 'add_category', // option_group 56 56 'add_category', // option_name 57 array( $this, 'add_category_sanitize' ) // sanitize_callback57 array( $this, 'add_category_sanitize' ) // sanitize_callback 58 58 ); 59 59 -
availability-calendar/trunk/admin/includes/owac-functions.php
r2157207 r2585335 317 317 $values = $_POST['add_availability_calendar']; 318 318 319 if($values['from_date'] != '' && $values['to_date'] != '' && $values['cat_id'] != ''){ 319 if(!strtotime($values['from_date']) || !strtotime($values['to_date']) || !intval($values['cat_id'])){ 320 321 function owac_error_notice() { 322 323 ?> 324 325 <div class="error notice"> 326 327 <p><?php _e( 'Please fill values properly', 'availability-calendar' ); ?></p> 328 329 </div> 330 331 <?php 332 333 } 334 335 add_action( 'admin_notices', 'owac_error_notice' ); 336 }else if($values['from_date'] != '' && $values['to_date'] != '' && $values['cat_id'] != ''){ 320 337 321 338 $add = new OWAC_Availability(); … … 355 372 356 373 $values = $_POST['add_availability_calendar']; 357 358 if($values['from_date'] != '' && $values['to_date'] != '' && $values['cat_id'] != ''){ 374 375 if(!strtotime($values['from_date']) || !strtotime($values['to_date']) || !intval($values['cat_id'])){ 376 377 function owac_error_notice() { 378 379 ?> 380 381 <div class="error notice"> 382 383 <p><?php _e( 'Please fill values properly', 'availability-calendar' ); ?></p> 384 385 </div> 386 387 <?php 388 389 } 390 391 add_action( 'admin_notices', 'owac_error_notice' ); 392 }else if($values['from_date'] != '' && $values['to_date'] != '' && $values['cat_id'] != ''){ 359 393 360 394 $add = new OWAC_Availability(); … … 392 426 393 427 $values = $_POST['add_category']; 428 429 $sanitary_values = array(); 430 if ( isset( $values['cat_name'] ) ) { 431 $sanitary_values['cat_name'] = sanitize_text_field( $values['cat_name'] ); 432 } 433 434 if ( isset( $values['cat_color'] ) ) { 435 $sanitary_values['cat_color'] = sanitize_text_field( $values['cat_color'] ); 436 } 437 438 if ( isset( $values['cat_ord_num'] ) ) { 439 $sanitary_values['cat_ord_num'] = intval( $values['cat_ord_num'] ); 440 } 394 441 395 442 global $wpdb; … … 400 447 `{$wpdb->prefix}OWAC_category` 401 448 WHERE `cat_name` LIKE %s OR `cat_color` LIKE %s", 402 $ values['cat_name'],403 $ values['cat_color']449 $sanitary_values['cat_name'], 450 $sanitary_values['cat_color'] 404 451 ) 405 452 ); … … 425 472 } else { 426 473 427 if($ values['cat_name'] != ''){474 if($sanitary_values['cat_name'] != ''){ 428 475 429 476 $add = new OWAC_category(); 430 477 431 $add->insert($ values);478 $add->insert($sanitary_values); 432 479 433 480 } else { … … 464 511 465 512 $values = $_POST['add_category']; 466 513 514 $sanitary_values = array(); 515 if ( isset( $values['cat_name'] ) ) { 516 $sanitary_values['cat_name'] = sanitize_text_field( $values['cat_name'] ); 517 } 518 519 if ( isset( $values['cat_color'] ) ) { 520 $sanitary_values['cat_color'] = sanitize_text_field( $values['cat_color'] ); 521 } 522 523 if ( isset( $values['cat_ord_num'] ) ) { 524 $sanitary_values['cat_ord_num'] = intval( $values['cat_ord_num'] ); 525 } 526 467 527 global $wpdb; 468 528 … … 472 532 `{$wpdb->prefix}OWAC_category` 473 533 WHERE `cat_color` LIKE %s AND `cat_id` <> %d", 474 $ values['cat_color'],534 $sanitary_values['cat_color'], 475 535 $id 476 536 ) … … 497 557 } else { 498 558 499 if($ values['cat_name'] != ''){559 if($sanitary_values['cat_name'] != ''){ 500 560 501 561 $add = new OWAC_category(); 502 562 503 $add->UPDATE($id , $ values);563 $add->UPDATE($id , $sanitary_values); 504 564 505 565 } else { -
availability-calendar/trunk/admin/includes/owac-settings.php
r2416483 r2585335 193 193 194 194 if ( isset( $input['header_add_text'] ) ) { 195 $sanitary_values['header_add_text'] = esc_textarea( $input['header_add_text'] );195 $sanitary_values['header_add_text'] = sanitize_textarea_field( $input['header_add_text'] ); 196 196 } 197 197 -
availability-calendar/trunk/availabilitycalendar.php
r2541024 r2585335 7 7 * Description: Availability Calendar Description A plugin that records post views and contains functions to easily list posts by popularity 8 8 9 * Version: 1.2 9 * Version: 1.2.1 10 10 11 11 * Author: Offshore Web Master … … 28 28 /** 29 29 * Currently plugin version. 30 * Start at version 1.2 30 * Start at version 1.2.1 31 31 */ 32 define( 'OWAC_VERSION', '1.2 ' );32 define( 'OWAC_VERSION', '1.2.1' ); 33 33 34 34 /** -
availability-calendar/trunk/public/includes/frontend.php
r2541024 r2585335 6 6 global $wpdb; 7 7 add_shortcode('availabilitycalendar', array($this, 'OWAC_calendar_front_shortcode')); 8 $contactus_table = $wpdb->prefix."OWAC_event"; 9 $this->event_data = $wpdb->get_results("SELECT * FROM $contactus_table WHERE 1 AND `flag`='0'"); 10 $ec_category_table = $wpdb->prefix."OWAC_category"; 11 $this->category_data = $wpdb->get_results("SELECT * FROM $ec_category_table where 1 AND `flag`='0' ORDER BY `cat_ord_num` ASC"); 8 12 } 9 13 … … 12 16 $return_value = ""; 13 17 global $wpdb; 14 $contactus_table = $wpdb->prefix."OWAC_event"; 18 if(empty($this->event_data)){ 19 $this->event_data = array(); 20 } 21 if(empty($this->category_data)){ 22 $this->category_data = array(); 23 } 15 24 if(!empty($category_short)){ 16 $total_pages_sql = $wpdb->get_results("SELECT * FROM $contactus_table WHERE 1 AND `cat_id` IN (".$category_short.") AND `flag`='0'"); 25 foreach($this->event_data as $key => $val){ 26 $category_short_new = explode(",",$category_short); 27 if(in_array($val->cat_id,$category_short_new)){ 28 $total_pages_sql[] = $val; 29 } 30 } 17 31 }else{ 18 $total_pages_sql = $wpdb->get_results("SELECT * FROM $contactus_table WHERE 1 AND `flag`='0'"); 32 $total_pages_sql = $this->event_data; 33 } 34 35 $cat_id_list = array(); 36 foreach($this->category_data as $key => $val){ 37 $cat_id_list[] = $val->cat_id; 19 38 } 20 39 21 40 for($i=0;$i<count($total_pages_sql);$i++){ 22 $ec_category_table = $wpdb->prefix."OWAC_category"; 23 $ec_category_sql = $wpdb->get_results("SELECT * FROM $ec_category_table where cat_id = ". $total_pages_sql[$i]->cat_id. " AND `flag`='0'"); 41 $ec_category_sql = array(); 42 foreach($cat_id_list as $val){ 43 $cat_id = ''; 44 if($total_pages_sql[$i]->cat_id == $val){ 45 $cat_id = $val; 46 } 47 } 48 49 foreach($this->category_data as $key => $val){ 50 if($total_pages_sql[$i]->cat_id == $val->cat_id){ 51 $ec_category_sql = $val; 52 } 53 } 54 24 55 $from_date = $total_pages_sql[$i]->from_date; 25 56 $to_date = $total_pages_sql[$i]->to_date; 26 $cat_color = $ec_category_sql[0]->cat_color;27 $cat_ name = $ec_category_sql[0]->cat_name;28 29 //$cat_color_style = "style='background-color:".$cat_color."'";57 58 $cat_color = $ec_category_sql->cat_color; 59 $cat_name = $ec_category_sql->cat_name; 60 30 61 $cat_color_style = ""; 31 62 if($j==$sat_sun['sat']){$sday = "holiday";}elseif($j==$sat_sun['sun']){$sday="holiday";}else{$sday="";} 32 63 if(!empty($old_date_fade_out_color)){ 33 64 $cat_color_style = $old_date_fade_out_color; 65 }else if(!empty($cat_color)){ 66 $cat_color_style = "style='background-color:".$cat_color."'"; 34 67 }else{ 35 $cat_color_style = "style='background-color:".$cat_color."'"; 36 } 37 68 $cat_color_style = ""; 69 $sday .= " disable"; 70 } 71 38 72 if($from_date <= $pv_r && $to_date >= $pv_r) { 39 73 $return_value = "<td class='".$sday."'><span class='owaccatdec' ".$cat_color_style.">$k</span></td>"; … … 41 75 } 42 76 } 77 43 78 return $return_value; 44 79 } … … 47 82 { 48 83 $atts = shortcode_atts(array('category' => ''), $atts); 49 $category_short = $atts['category']; 50 84 85 if(!empty($atts['category'])){ 86 $category_short = array(); 87 $category_atts_array = explode(",",$atts['category']); 88 foreach($category_atts_array as $val){ 89 if(is_numeric($val)){ 90 $category_short[] = $val; 91 } 92 } 93 $category_short = implode(",",$category_short); 94 } 95 96 if(empty($this->event_data)){ 97 $this->event_data = array(); 98 } 99 if(empty($this->category_data)){ 100 $this->category_data = array(); 101 } 102 51 103 /** 52 104 * Get Event and Category value 53 105 */ 54 global $wpdb; 55 $contactus_table = $wpdb->prefix."OWAC_event"; 56 $total_pages_sql = $wpdb->get_results("SELECT * FROM $contactus_table WHERE 1 AND `flag`='0'"); 57 $ec_category_table = $wpdb->prefix."OWAC_category"; 58 if($category_short != ""){ 59 $ec_category_sql = $wpdb->get_results("SELECT * FROM $ec_category_table WHERE 1 AND `cat_id` IN (".$category_short.") AND `flag`='0' ORDER BY `cat_ord_num` ASC"); 106 $total_pages_sql = $this->event_data; 107 108 if(!empty($category_short)){ 109 foreach($this->category_data as $key => $val){ 110 $category_short_new = explode(",",$category_short); 111 if(in_array($val->cat_id,$category_short_new)){ 112 $ec_category_sql[] = $val; 113 } 114 } 60 115 }else{ 61 $ec_category_sql = $wpdb->get_results("SELECT * FROM $ec_category_table WHERE 1 AND `flag`='0' ORDER BY `cat_ord_num` ASC"); 62 } 116 $ec_category_sql = $this->category_data; 117 } 118 63 119 $settings_options = get_option( 'OWAC_settings_option' ); 64 120 $display_calendar_month = preg_replace("/[^0-9\.]/", '', $settings_options['display_calendar_month']); … … 126 182 * Set Header And Category Display 127 183 */ 128 $data .= "<div class='header'>"; 129 if($settings_options['header_display'] == 'yes'){ 130 $data .= "<h1 class='title'>".$year."</h1> 131 <p>".$settings_options['header_add_text']."</p> 132 "; 133 } 134 if($settings_options['category_display'] == 'yes'){ 135 $data .= "<div class='event-calendar'> 136 <ul>"; 137 if($category_short == ''){ 138 for($i=0;$i<count($ec_category_sql);$i++){ 139 $cat_color = $ec_category_sql[$i]->cat_color; 140 $cat_name = $ec_category_sql[$i]->cat_name; 141 $data .= "<li>"; 142 $data .= "<span class='cat_color' style='background-color:".$cat_color." !important'></span>"; 143 $data .= "<span class='event-name'>".$cat_name."</span>"; 144 $data .= "</li>"; 145 } 146 }else{ 147 for($i=0;$i<count($ec_category_sql);$i++){ 148 $cat_color = $ec_category_sql[$i]->cat_color; 149 $cat_name = $ec_category_sql[$i]->cat_name; 150 $data .= "<li>"; 151 $data .= "<span class='cat_color' style='background-color:".$cat_color." !important'></span>"; 152 $data .= "<span class='event-name'>".$cat_name."</span>"; 153 $data .= "</li>"; 184 if($settings_options['header_display'] == 'yes' || $settings_options['category_display'] == 'yes'){ 185 $data .= "<div class='header'>"; 186 if($settings_options['header_display'] == 'yes'){ 187 $data .= "<h1 class='title'>".$year."</h1> 188 <p>".nl2br($settings_options['header_add_text'])."</p> 189 "; 190 } 191 if($settings_options['category_display'] == 'yes'){ 192 $data .= "<div class='event-calendar'> 193 <ul>"; 194 if($category_short == ''){ 195 for($i=0;$i<count($ec_category_sql);$i++){ 196 $cat_color = $ec_category_sql[$i]->cat_color; 197 $cat_name = $ec_category_sql[$i]->cat_name; 198 $data .= "<li>"; 199 $data .= "<span class='cat_color' style='background-color:".$cat_color." !important'></span>"; 200 $data .= "<span class='event-name'>".$cat_name."</span>"; 201 $data .= "</li>"; 202 } 203 }else{ 204 for($i=0;$i<count($ec_category_sql);$i++){ 205 $cat_color = $ec_category_sql[$i]->cat_color; 206 $cat_name = $ec_category_sql[$i]->cat_name; 207 $data .= "<li>"; 208 $data .= "<span class='cat_color' style='background-color:".$cat_color." !important'></span>"; 209 $data .= "<span class='event-name'>".$cat_name."</span>"; 210 $data .= "</li>"; 211 } 154 212 } 155 }156 157 $data .= "</ul>158 </div>";159 }160 $data .= "</div>";213 214 $data .= "</ul> 215 </div>"; 216 } 217 $data .= "</div>"; 218 } 161 219 /** 162 220 * Add JavaScript … … 200 258 var owacTrackHeight = jQuery(owacTrack).height(); 201 259 owacSlider.find('.owac-slide').css('height', owacTrackHeight + 'px'); 202 owacSlider.find('table.main').css('background-color', '#".$settings_options['calendar_background_color']."');203 260 } 204 261 jQuery(window).on('resize', function(e) { … … 358 415 * Set Month Name and Year 359 416 */ 360 $data .= "<table class='main owac owac_google_events' style='background-color: #".$settings_options['calendar_background_color']." !important;'><tr class='month_title'><td colspan=7 align=center><h4 style='background-color: #".$settings_options['month_background_color']." !important;; color: #".$settings_options['month_title_font_color']." !important;;'> $monthName $year</h4></td></tr>";417 $data .= "<table class='main owac' style='background-color: #".$settings_options['calendar_background_color']." !important;'><tr class='month_title'><td colspan=7 align=center><h4 style='background-color: #".$settings_options['month_background_color']." !important;; color: #".$settings_options['month_title_font_color']." !important;;'> $monthName $year</h4></td></tr>"; 361 418 /** 362 419 * Showing name of the days of the week
Note: See TracChangeset
for help on using the changeset viewer.