Changeset 2758097
- Timestamp:
- 07/18/2022 05:45:36 PM (4 years ago)
- Location:
- simple-student-result/trunk
- Files:
-
- 3 edited
-
lib/api.php (modified) (5 diffs)
-
readme.txt (modified) (1 diff)
-
views/options.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
simple-student-result/trunk/lib/api.php
r2757474 r2758097 37 37 38 38 function ssr_needsCleaning($str){ 39 return s trip_tags(esc_attr(esc_html($str)));39 return sanitize_text_field(strip_tags(esc_attr(esc_html($str)))); 40 40 } 41 41 42 42 function ssr_clean_arr($arr){ 43 $newArr =[]; 44 foreach($arr as $key => $val){ 45 $newArr[$key]= ssr_needsCleaning($val); 46 } 47 return $newArr; 48 } 43 49 44 50 add_action( 'rest_api_init', function () { … … 56 62 global $wpdb; 57 63 if (isset($parameters['rid'])) { 58 $wpdb->delete( $wpdb->prefix.SSR_TABLE, array( 'rid' => $parameters['rid']) );59 $p = $wpdb->insert($wpdb->prefix.SSR_TABLE, $parameters, array( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ));64 $wpdb->delete( $wpdb->prefix.SSR_TABLE, array( 'rid' => ssr_needsCleaning($parameters['rid'])) ); 65 $p = $wpdb->insert($wpdb->prefix.SSR_TABLE, ssr_clean_arr($parameters) , array( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )); 60 66 } 61 67 $student_count =$wpdb->get_var( "SELECT COUNT(*) FROM ".$wpdb->prefix.SSR_TABLE ); … … 82 88 global $wpdb; 83 89 if (isset($parameters['rid'])) { 84 $p=$wpdb->delete( $wpdb->prefix.SSR_TABLE, array( 'rid' => $parameters['rid']) );90 $p=$wpdb->delete( $wpdb->prefix.SSR_TABLE, array( 'rid' => ssr_needsCleaning($parameters['rid'])) ); 85 91 } 86 92 $student_count =$wpdb->get_var( "SELECT COUNT(*) FROM ".$wpdb->prefix.SSR_TABLE ); … … 89 95 } 90 96 91 92 function fn_ssr_del_st_submit() {93 if (!current_user_can('edit_posts')) return false;94 ?><script type="text/javascript">console.log(<?php echo 'Deleted ID : '.$_POST['rid']; ?>);</script><?php95 global $wpdb;96 if (isset($_POST['rid'])) {97 $student_count =$wpdb->get_var($wpdb->prepare( "SELECT COUNT(*) FROM ".$wpdb->prefix.SSR_TABLE." where rid=%s", $_POST['rid'] ));98 }99 if ($student_count>0){100 $student_count =$wpdb->prepare( "delete from ".$wpdb->prefix.SSR_TABLE." where rid=%s", $_POST['rid'] );101 $wpdb->query($student_count);102 $student_count =$wpdb->get_var( "SELECT COUNT(*) FROM ".$wpdb->prefix.SSR_TABLE );103 echo $student_count;104 }else{echo 'no';}105 if ($wpdb->last_error) {106 die('error=' . var_dump($wpdb->last_query) . ',' . var_dump($wpdb->error));107 }108 die();109 }110 97 111 98 … … 124 111 if( !isset( $parameters['optionId'] ) || empty( $parameters['optionId'] ) || strlen($parameters['optionId']) == 0) return array( 'success' => false,'message' => 'option Id not found','code' => 404 ); 125 112 if( !isset( $parameters['optionValue'] ) || empty( $parameters['optionValue'] ) || strlen($parameters['optionValue']) == 0) return array( 'success' => false,'message' => 'option Value not found','code' => 404 ); 126 return array( 'success' => update_option('ssr_settings_ssr_item'.intval($parameters['optionId']), ssr_needsCleaning($parameters['optionValue'])) ,'code' => 701 ); 113 $text = sanitize_text_field( ssr_needsCleaning($parameters['optionValue']) ); 114 return array( 'success' => update_option('ssr_settings_ssr_item'.intval($parameters['optionId']), $text) ,'code' => 701 ); 127 115 } 128 116 -
simple-student-result/trunk/readme.txt
r2757474 r2758097 6 6 Requires at least: 3.8 7 7 Tested up to: 6.0.1 8 Stable tag: 6.0.18 Stable tag: 1.7.5 9 9 License: licensed under “GPLv2 or later” 10 10 -
simple-student-result/trunk/views/options.php
r2757474 r2758097 56 56 $i=1;$j=9; 57 57 while($i <= 13) { 58 echo '<tr valign="top"><th scope="row">Field '.$i.'</th>';59 echo '<td><input type="text" class="std_input" id="ssr_settings_ssr_item'.$j.'" name="ssr_settings_ssr_item'.$j.'" value="'.esc_attr( get_option('ssr_settings_ssr_item'.$j.'') ).'" />';60 echo '<input type="checkbox" name="ssr_item'.$i.'" id="ssr_item'.$i.'" optionId="'.$i.'" class="css-checkbox"';58 echo esc_attr('<tr valign="top"><th scope="row">Field '.$i.'</th>'); 59 echo esc_attr('<td><input type="text" class="std_input" id="ssr_settings_ssr_item'.$j.'" name="ssr_settings_ssr_item'.$j.'" value="'.esc_attr( get_option('ssr_settings_ssr_item'.$j.'') ).'" />'); 60 echo esc_attr('<input type="checkbox" name="ssr_item'.$i.'" id="ssr_item'.$i.'" optionId="'.$i.'" class="css-checkbox"'); 61 61 if ($i==1){ 62 62 echo 'checked="checked" onclick="return false" ><label for="ssr_item1" class="css-label">Mandatory</label>'; 63 63 }else{ 64 if (esc_attr( get_option('checkedssr_item'.$i.'') ) >0) {echo 'checked="checked"';}65 echo '><label for="ssr_item'.$i.'" class="css-label">Required</label>';}66 echo '</td></tr>';64 if (esc_attr( get_option('checkedssr_item'.$i.'') ) > 0) {echo 'checked="checked"';} 65 echo esc_attr('><label for="ssr_item'.$i.'" class="css-label">Required</label>');} 66 echo esc_attr('</td></tr>'); 67 67 $i++;$j++; 68 68 } … … 98 98 console.log("All Old Data"); 99 99 jQuery("#ssr_save_btn").css({opacity: .1,cursor: "no-drop"});;jQuery("#ssr_save_btn").prop('disabled', true);jQuery("#ssr_save_btn").attr('disabled',true); 100 jQuery("#ssr_save_btn").html("<?php echo __('Save','SSR') ?> ");100 jQuery("#ssr_save_btn").html("<?php echo esc_attr_e('Save','SSR') ?> "); 101 101 }else{ 102 jQuery("#ssr_save_btn").html("<?php echo __('Save','SSR') ?> ("+jQuery('.ssr_unsaved').length+")");102 jQuery("#ssr_save_btn").html("<?php echo esc_attr_e('Save','SSR') ?> ("+jQuery('.ssr_unsaved').length+")"); 103 103 } 104 104 }); … … 124 124 success: function (s) { 125 125 if(s.success){ 126 console.log("<?php echo __('Saved','SSR') ?> : " + t + " and Saved item :" + e)126 console.log("<?php echo esc_attr_e('Saved','SSR') ?> : " + t + " and Saved item :" + e) 127 127 } 128 128 } … … 131 131 e = e + 1; 132 132 } 133 new jQuery.Zebra_Dialog("<?php echo __('Please wait ...','SSR') ?>", {133 new jQuery.Zebra_Dialog("<?php echo esc_attr_e('Please wait ...','SSR') ?>", { 134 134 buttons: !1, 135 135 type: "confirmation", 136 title: "<?php echo __('Saving','SSR') ?>",136 title: "<?php echo esc_attr_e('Saving','SSR') ?>", 137 137 modal: !1, 138 138 auto_close: 2e3 … … 141 141 function() 142 142 { 143 new jQuery.Zebra_Dialog("<?php echo __('Saved Successfully','SSR') ?>", {143 new jQuery.Zebra_Dialog("<?php echo esc_attr_e('Saved Successfully','SSR') ?>", { 144 144 buttons: !1, 145 145 type: "confirmation", 146 title: "<?php echo __('Saved','SSR') ?>",146 title: "<?php echo esc_attr_e('Saved','SSR') ?>", 147 147 modal: !1, 148 148 auto_close: 4e3 … … 150 150 }, 1000 151 151 ); 152 s_item=0;jQuery(".std_input").removeClass("ssr_unsaved");jQuery("#ssr_save_btn").attr("disabled","disabled");jQuery("#ssr_save_btn").prop('disabled', true);jQuery("#ssr_save_btn").css({opacity: .1,cursor: "no-drop"});jQuery("#ssr_save_btn").html("<?php echo __('Save','SSR') ?>");152 s_item=0;jQuery(".std_input").removeClass("ssr_unsaved");jQuery("#ssr_save_btn").attr("disabled","disabled");jQuery("#ssr_save_btn").prop('disabled', true);jQuery("#ssr_save_btn").css({opacity: .1,cursor: "no-drop"});jQuery("#ssr_save_btn").html("<?php echo esc_attr_e('Save','SSR') ?>"); 153 153 } 154 154 });
Note: See TracChangeset
for help on using the changeset viewer.