Changeset 2971944
- Timestamp:
- 09/26/2023 05:30:52 PM (2 years ago)
- Location:
- libsyn-podcasting/trunk
- Files:
-
- 11 edited
-
admin/config.php (modified) (1 diff)
-
admin/functions.php (modified) (2 diffs)
-
admin/lib/Libsyn.php (modified) (1 diff)
-
admin/lib/Libsyn/Api.php (modified) (1 diff)
-
admin/lib/Libsyn/Post.php (modified) (1 diff)
-
admin/lib/Libsyn/Service.php (modified) (5 diffs)
-
admin/lib/Libsyn/Service/Sanitize.php (modified) (1 diff)
-
admin/lib/Libsyn/Utilities.php (modified) (5 diffs)
-
admin/settings.php (modified) (1 diff)
-
libsyn-podcasting.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
libsyn-podcasting/trunk/admin/config.php
r2584186 r2971944 10 10 11 11 function uninstall() { 12 /* 13 global $wpdb; 14 15 $meta_query = "DELETE FROM $wpdb->postmeta WHERE meta_key LIKE '" . LIBSYN_NS . "%';"; 16 $option_query = "DELETE FROM $wpdb->options WHERE option_name LIKE '" . LIBSYN_NS . "%';"; 17 $post_query = "DELETE FROM $wpdb->posts WHERE post_type = 'jw_playlist';"; 18 19 $wpdb->query($meta_query); 20 $wpdb->query($option_query); 21 $wpdb->query($post_query); 22 23 @unlink(LongTailFramework::getPlayerPath()); 24 @unlink(LongTailFramework::getEmbedderPath()); 25 @rmdir(JWPLAYER_FILES_DIR . "/player/"); 26 27 $handler = @opendir(JWPLAYER_FILES_DIR . "/configs"); 28 if ($handler) { 29 while ($file = readdir($handler)) { 30 if ($file != "." && $file != ".." && strstr($file, ".xml")) { 31 @unlink(JWPLAYER_FILES_DIR . "/configs/$file"); 32 } 33 } 34 closedir($handler); 35 } 36 @rmdir(JWPLAYER_FILES_DIR . "/configs/"); 37 @rmdir(JWPLAYER_FILES_DIR); 38 39 update_option(LIBSYN_NS . "uninstalled", true); 40 feedback_message(__('Files and settings deleted. The plugin can now be deactivated.', 'jw-player-plugin-for-wordpress')); 41 */ 12 /* Run uninstall*/ 42 13 } 43 14 -
libsyn-podcasting/trunk/admin/functions.php
r2951699 r2971944 706 706 add_filter('query_vars','Libsyn\\Ajax::plugin_add_trigger_load_form_data'); 707 707 add_action('wp_ajax_load_libsyn_media', 'Libsyn\\Post::loadFormData'); 708 add_action('wp_ajax_nopriv_load_libsyn_media', 'Libsyn\\Post::loadFormData');709 708 710 709 //post remove ftp unreleased ajax 711 710 add_filter('query_vars','Libsyn\\Ajax::plugin_add_trigger_remove_ftp_unreleased'); 712 711 add_action('wp_ajax_remove_ftp_unreleased', 'Libsyn\\Post::removeFTPUnreleased'); 713 add_action('wp_ajax_nopriv_remove_ftp_unreleased', 'Libsyn\\Post::removeFTPUnreleased');714 712 715 713 //post add custom postmeta (for block editor) 716 714 add_filter('query_vars','Libsyn\\Ajax::plugin_add_trigger_update_libsyn_postmeta'); 717 715 add_action('wp_ajax_update_libsyn_postmeta', 'Libsyn\\Post::updateLibsynPostmeta'); 718 add_action('wp_ajax_nopriv_update_libsyn_postmeta', 'Libsyn\\Post::updateLibsynPostmeta');719 716 720 717 //post form player settings dialog ajax 721 718 add_filter('query_vars','Libsyn\\Ajax::plugin_add_trigger_load_player_settings'); 722 719 add_action('wp_ajax_load_player_settings', 'Libsyn\\Post::loadPlayerSettings'); 723 add_action('wp_ajax_nopriv_load_player_settings', 'Libsyn\\Post::loadPlayerSettings');724 720 725 721 //get player shortcode ajax … … 731 727 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_check_ajax'); 732 728 add_action( 'wp_ajax_libsyn_check_url', 'Libsyn\\Ajax::checkAjax' ); 733 add_action( 'wp_ajax_nopriv_libsyn_check_url', 'Libsyn\\Ajax::checkAjax' );734 729 735 730 //phpinfo debug_log ajax 736 731 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_phpinfo'); 737 732 add_action( 'wp_ajax_libsyn_phpinfo', 'Libsyn\\Utilities::getPhpinfo' ); 738 add_action( 'wp_ajax_nopriv_libsyn_phpinfo', 'Libsyn\\Utilities::getPhpinfo' );739 733 740 734 //plugins list debug_log ajax 741 735 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_debuginfo'); 742 736 add_action( 'wp_ajax_libsyn_debuginfo', 'Libsyn\\Utilities::logPluginData' ); 743 add_action( 'wp_ajax_nopriv_libsyn_debuginfo', 'Libsyn\\Utilities::logPluginData' );744 737 745 738 //powerpress feed import loader ajax 746 739 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_pploadfeed'); 747 740 add_action( 'wp_ajax_libsyn_pploadfeed', 'Libsyn\\Utilities::loadPPFeed' ); 748 add_action( 'wp_ajax_nopriv_libsyn_pploadfeed', 'Libsyn\\Utilities::loadPPFeed' );749 741 750 742 //oauth settings save 751 743 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_oauth_settings'); 752 744 add_action( 'wp_ajax_libsyn_oauth_settings', 'Libsyn\\Utilities::saveOauthSettings' ); 753 add_action( 'wp_ajax_nopriv_libsyn_oauth_settings', 'Libsyn\\Utilities::saveOauthSettings' );754 745 755 746 //clear settings 756 747 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_update_oauth_settings'); 757 748 add_action( 'wp_ajax_libsyn_update_oauth_settings', 'Libsyn\\Utilities::updateOauthSettings' ); 758 add_action( 'wp_ajax_nopriv_libsyn_update_oauth_settings', 'Libsyn\\Utilities::updateOauthSettings' );759 749 760 750 //create WP Post 761 751 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_create_new_post'); 762 752 add_action( 'wp_ajax_libsyn_create_new_post', 'Libsyn\\Service\\Importer::createPostAjax' ); 763 add_action( 'wp_ajax_nopriv_libsyn_create_new_post', 'Libsyn\\Service\\Importer::createPostAjax' );764 753 765 754 //create metadata 766 755 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_create_metadata'); 767 756 add_action( 'wp_ajax_libsyn_create_metadata', 'Libsyn\\Service\\Importer::createMetadataAjax' ); 768 add_action( 'wp_ajax_nopriv_libsyn_create_metadata', 'Libsyn\\Service\\Importer::createMetadataAjax' );769 757 770 758 //create metadata 771 759 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_add_player'); 772 760 add_action( 'wp_ajax_libsyn_add_player', 'Libsyn\\Service\\Importer::addPlayerAjax' ); 773 add_action( 'wp_ajax_nopriv_libsyn_add_player', 'Libsyn\\Service\\Importer::addPlayerAjax' );774 761 775 762 //imports data 776 763 add_filter('query_vars', 'Libsyn\\Ajax::plugin_add_trigger_libsyn_run_import'); 777 764 add_action( 'wp_ajax_libsyn_run_import', 'Libsyn\\Service\\Importer::importAjax' ); 778 add_action( 'wp_ajax_nopriv_libsyn_run_import', 'Libsyn\\Service\\Importer::importAjax' );779 765 780 766 /* Add Uninstall Hook */ -
libsyn-podcasting/trunk/admin/lib/Libsyn.php
r2960268 r2971944 4 4 protected $text_dom = LIBSYN_TEXT_DOMAIN; 5 5 protected $plugin_name = "Libsyn/Wordpress"; 6 protected $plugin_version = "1.4. 3";6 protected $plugin_version = "1.4.4"; 7 7 protected $api_table_name = "libsyn_podcast_plugin"; 8 8 protected $api_base_uri = "https://api.libsyn.com"; -
libsyn-podcasting/trunk/admin/lib/Libsyn/Api.php
r2213760 r2971944 61 61 62 62 //first check to see if we need to make the call 63 if (strtotime($this->refresh_token_expires) >= strtotime("+87 days 23 hours 59 minutes")) return true;63 if ( empty($this->refresh_token_expires) || strtotime($this->refresh_token_expires) >= strtotime("+87 days 23 hours 59 minutes") ) return true; 64 64 /* 65 65 add_action('http_api_curl', function( $handle ){ -
libsyn-podcasting/trunk/admin/lib/Libsyn/Post.php
r2951699 r2971944 2099 2099 $wpdb->delete($wpdb->prefix . 'posts', array('post_mime_type' => 'audio/ftp-unreleased')); 2100 2100 $wpdb->delete($wpdb->prefix . 'posts', array('post_mime_type' => 'video/ftp-unreleased')); 2101 $wpdb->query($wpdb->prepare("DELETE FROM ".$wpdb->prefix."postmeta WHERE meta_value LIKE %s", "\"%libsyn/ftp-unreleased%\"")); 2101 $wpdb->query( 2102 $wpdb->prepare( 2103 "DELETE FROM %i WHERE meta_value LIKE %s", 2104 [ $wpdb->prefix . 'postmeta', '%libsyn/ftp-unreleased%' ] 2105 ) 2106 ); 2102 2107 } catch ( Exception $e ) { 2103 2108 $plugin = new Service(); -
libsyn-podcasting/trunk/admin/lib/Libsyn/Service.php
r2951699 r2971944 881 881 ); 882 882 $lastId = $wpdb->insert_id; 883 $data = $wpdb->get_results("SELECT * FROM $api_table_name WHERE plugin_api_id = $lastId AND is_active = 1"); 883 $data = $wpdb->get_results( 884 $wpdb->prepare( 885 "SELECT * FROM %i WHERE plugin_api_id = %d AND is_active = %d", 886 [ $api_table_name, $lastId, 1 ] 887 ) 888 ); 884 889 if ( $this->hasLogger ) $this->logger->info("Service:\tcreateLibsynApi:\tCreating New Libsyn API"); 885 890 return new \Libsyn\Api($data[0]); … … 898 903 public function getApi() { 899 904 global $wpdb; 900 $usersmetaTable = $wpdb->get_var( "SHOW TABLES LIKE \"{$wpdb->prefix}usermeta\"");905 $usersmetaTable = $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $wpdb->prefix . 'usermeta' ) ); 901 906 if ( empty($usersmetaTable) ) { //Check table name without prefix (could be multisite) 902 907 $prefix_modified = str_replace('__', '_', preg_replace('/\d/', '', $wpdb->prefix)); 903 $usersmetaTable = $wpdb->get_var( "SHOW TABLES LIKE \"{$prefix_modified}usermeta\"");908 $usersmetaTable = $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $prefix_modified . 'usermeta' ) ); 904 909 } 905 910 906 911 $apiUserId = get_option('libsyn_podcasting_wp_user_id'); 907 if ( !$apiUserId ) {908 $userIdSearch = "";909 } else {910 $userIdSearch = " AND user_id={$apiUserId}";911 }912 912 913 913 if ( !empty($usersmetaTable) ) { … … 930 930 931 931 if ( empty($results) || empty(maybe_unserialize($results)) ) { 932 $results = $wpdb->get_var("SELECT meta_value FROM {$usersmetaTable} WHERE meta_key=\"{$meta_key_prefixed}\" OR meta_key=\"{$meta_key}\"{$userIdSearch} LIMIT 1"); 932 933 if ( !$apiUserId ) { 934 $userIdSearch = $wpdb->prepare( 935 "SELECT meta_value FROM %i WHERE meta_key = %s OR meta_key = %s LIMIT 1", 936 [ $usersmetaTable, $meta_key_prefixed, $meta_key ] 937 ); 938 } else { 939 $userIdSearch = $wpdb->prepare( 940 "SELECT meta_value FROM %i WHERE meta_key = %s OR meta_key = %s AND user_id = %d LIMIT 1", 941 [ $usersmetaTable, $meta_key_prefixed, $meta_key, $apiUserId ] 942 ); 943 } 944 945 $results = $wpdb->get_var( $userIdSearch ); 933 946 } 934 947 935 948 if ( empty($results) || empty(maybe_unserialize($results)) ) { 936 $results = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE meta_key LIKE '%{$meta_key}'"); 949 $results = $wpdb->get_var( 950 $wpdb->prepare( 951 "SELECT meta_value FROM %i WHERE meta_key LIKE %s", 952 [ $wpdb->usermeta, '%' . $wpdb->esc_like($meta_key) ] 953 ) 954 ); 937 955 } 938 956 … … 949 967 $meta_key = $this->getApiTableName(); 950 968 $meta_key_prefixed = $wpdb->prefix . $meta_key; 951 $results = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE meta_key LIKE \"%{$meta_key}\""); 969 $results = $wpdb->get_var( 970 $wpdb->prepare( 971 "SELECT meta_value FROM %i WHERE meta_key LIKE %s", 972 [ $wpdb->usermeta, '%' . $wpdb->esc_like( $meta_key ) ] 973 ) 974 ); 952 975 953 976 if ( empty($results) ) { … … 1139 1162 try { 1140 1163 $results = $wpdb->get_results( 1141 $wpdb->prepare("SELECT post_id FROM {$wpdb->prefix}postmeta WHERE meta_key='libsyn-item-id' AND meta_value='%d'", $this->sanitize->itemId($itemId)) 1164 $wpdb->prepare( 1165 "SELECT post_id FROM %i WHERE meta_key = 'libsyn-item-id' AND meta_value = '%d'", 1166 [ $wpdb->prefix . 'postmeta', $this->sanitize->itemId($itemId) ] 1167 ) 1142 1168 ); 1143 1169 } catch (Exception $e) { -
libsyn-podcasting/trunk/admin/lib/Libsyn/Service/Sanitize.php
r2584186 r2971944 246 246 $safe_itunesSubscriptionUrl = esc_url_raw($itunesSubscriptionUrl); 247 247 } else $safe_itunesSubscriptionUrl = ''; 248 return $safe_itunesSubscriptionUrl; 248 249 } 249 250 -
libsyn-podcasting/trunk/admin/lib/Libsyn/Utilities.php
r2951699 r2971944 494 494 if ( !empty($api_table_name) ) { 495 495 try { 496 $wpdb->query( "DROP TABLE IF EXISTS ".$api_table_name); //old without prefix497 $wpdb->query( "DROP TABLE IF EXISTS {$wpdb->prefix}".$api_table_name);496 $wpdb->query( $wpdb->prepare( "DROP TABLE IF EXISTS %i", $api_table_name ) ); //old without prefix 497 $wpdb->query( $wpdb->prepare( "DROP TABLE IF EXISTS %i", $wpdb->prefix . $api_table_name ) ); 498 498 } catch( Exception $e ) { 499 499 if ( $plugin->hasLogger ) $plugin->logger->error("Utilities::uninstallSettings:\t" . $e); … … 580 580 global $wp; 581 581 return add_query_arg( $_SERVER['QUERY_STRING'], '', home_url( $wp->request ) ); 582 }583 584 /**585 * Takes an __PHP_Incomplete_Class and casts it to a stdClass object.586 * All properties will be made public in this step.587 *588 * @since 1.0.1.6589 * @param object $object __PHP_Incomplete_Class590 *591 * @return object592 */593 function fixObject( $object ) {594 // preg_replace_callback handler. Needed to calculate new key-length.595 $fix_key = create_function(596 '$matches',597 'return ":" . strlen( $matches[1] ) . ":\"" . $matches[1] . "\"";'598 );599 600 // 1. Serialize the object to a string.601 $dump = serialize( $object );602 603 // 2. Change class-type to 'stdClass'.604 $dump = preg_replace( '/^O:\d+:"[^"]++"/', 'O:8:"stdClass"', $dump );605 606 // 3. Make private and protected properties public.607 $dump = preg_replace_callback( '/:\d+:"\0.*?\0([^"]+)"/', $fix_key, $dump );608 609 // 4. Unserialize the modified object again.610 return unserialize( $dump );611 582 } 612 583 … … 775 746 " 776 747 SELECT DISTINCT meta_value 777 FROM {$wpdb->postmeta}AS pm778 JOIN {$wpdb->posts}AS p ON pm.post_id = p.ID748 FROM %i AS pm 749 JOIN %i AS p ON pm.post_id = p.ID 779 750 WHERE meta_key = %s 780 751 AND post_status = 'publish' … … 782 753 ORDER BY meta_value ASC 783 754 ", 784 array($postMeta_key, $postMeta_value)755 [ $wpdb->postmeta, $wpdb->posts, $postMeta_key, $postMeta_value ] 785 756 ) 786 757 ); … … 1030 1001 public function get_id_from_guid( $guid ){ 1031 1002 global $wpdb; 1032 return $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->posts WHERE guid=%s", $guid) );1003 return $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM %i WHERE guid = %s", [ $wpdb->posts, $guid ] ) ); 1033 1004 } 1034 1005 -
libsyn-podcasting/trunk/admin/settings.php
r2584186 r2971944 1352 1352 text: "Clear Settings", 1353 1353 click: function(){ 1354 $('#clientId').removeAttr('required'); 1355 $('#clientSecret').removeAttr('required'); 1354 1356 $("select[name^='showSelect']").removeAttr('required'); 1355 1357 $('#<?php echo LIBSYN_NS . 'form'; ?>').append('<input type="hidden" name="clear-settings-data" value="<?php echo time(); ?>" />'); -
libsyn-podcasting/trunk/libsyn-podcasting.php
r2960268 r2971944 5 5 * Description: Post or edit Libsyn Podcast episodes directly through Wordpress. 6 6 * Tags: libsyn, podcast, podcasting, audio, video, liberated syndication, publisher hub, hosting 7 * Version: 1.4. 37 * Version: 1.4.4 8 8 * Requires PHP: 7.4 9 * Requires at least: 5. 69 * Requires at least: 5.1 10 10 * Tested up to: 6.3.1 11 11 * Author: Libsyn -
libsyn-podcasting/trunk/readme.txt
r2960268 r2971944 2 2 Contributors: libsyn 3 3 Tags: libsyn publisher hub, libsyn podcasting, libsyn publishing, libsyn, podcast, podcasting, audio, video, liberated syndication, hosting, libsyn podcast plugin, libsin, libsun, libson 4 Requires at least: 5. 64 Requires at least: 5.1 5 5 Requires PHP: 7.4 6 6 Tested up to: 6.3.1 7 Stable tag: 1.4. 37 Stable tag: 1.4.4 8 8 License: GPLv3 or later 9 9 Author URI: https://help.libsynsupport.com/hc/en-us/articles/360041220971-Installing-Configuring-the-Libsyn-Publisher-Hub-WordPress-Plugin … … 57 57 == Changelog == 58 58 59 = 1.4.4 = 60 * Testing up to Wordpress 6.3.1 61 * Changes to some of the ajax calls 62 * Updates for plugin security 63 59 64 = 1.4.2 = 60 65 * Testing up to Wordpress 6.3
Note: See TracChangeset
for help on using the changeset viewer.