WordPress.org
Get WordPress

Plugin Directory

Changeset 3035217


Ignore:
Timestamp:
02/13/2024 06:00:57 PM (2 years ago)
Author:
scribit
Message:

Version 1.5.6

Location:
shortcodes-finder/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • shortcodes-finder/trunk/README.txt

    r3022828 r3035217  
    44Tags: shortcode, shortcodes, unused, orphan, search, find, page, post, content, ultimate
    55Requires at least: 4.0
    6 Tested up to: 6.4.2
    7 Stable tag: 1.5.5
     6Tested up to: 6.4.3
     7Stable tag: 1.5.6
    88Requires PHP: 5.6
    99License: GPLv2 or later
     
    4646
    4747== Changelog ==
     48
     49= 1.5.6 =
     50* Changed escaping data methods
     51* WordPress 6.4.3 compatibility
    4852
    4953= 1.5.5 =

  • shortcodes-finder/trunk/admin/class-shortcodes-finder-admin.php

    r3022828 r3035217  
    8484
    8585            if (isset($_POST['subpage'])) {
    86                 $_POST['subpage'] = sanitize_text_field($_POST['subpage']);
     86                $_POST['subpage'] = esc_attr($_POST['subpage']);
    8787                if (($_POST['subpage'] == 'find_content' || $_POST['subpage'] == 'find_unused') && isset($_POST['search_into_content'])) {
    8888                    require_once plugin_dir_path(__FILE__) . '../includes/shortcodes-finder-utils.php';
    8989
    90                     $post_type = sanitize_text_field($_POST['search_into_content']);
    91                     $include_not_published = (isset($_POST['include_not_published']) && (sanitize_text_field($_POST['include_not_published']) == 'on'));
     90                    $post_type = esc_attr($_POST['search_into_content']);
     91                    $include_not_published = (isset($_POST['include_not_published']) && (esc_attr($_POST['include_not_published']) == 'on'));
    9292               
    9393                    $posts = sf_get_posts_ids($post_type, $include_not_published);  // Pass the post type

  • shortcodes-finder/trunk/admin/partials/shortcodes-finder-admin-display.php

    r3022828 r3035217  
    2525
    2626    if (isset($_GET['subpage'])){
    27         $_GET['subpage'] = sanitize_text_field($_GET['subpage']);
     27        $_GET['subpage'] = esc_attr($_GET['subpage']);
    2828        if ($_GET['subpage'] == 'find_content' || $_GET['subpage'] == 'test_shortcode' || $_GET['subpage'] == 'find_unused' ||
    2929                        $_GET['subpage'] == 'about' || $_GET['subpage'] == 'settings' || $_GET['subpage'] == 'test' || $_GET['subpage'] == 'documentation'
     
    132132
    133133            <label for="include_not_published" style="margin: 0 15px">
    134                 <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_GET['include_not_published']) && (sanitize_text_field($_GET['include_not_published']) == 'on')) ? 'checked' : '' ?>>
     134                <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_GET['include_not_published']) && (esc_attr($_GET['include_not_published']) == 'on')) ? 'checked' : '' ?>>
    135135                <?= __('Include not published contents', 'shortcodes-finder') ?>
    136136                <span class="shortcodes-finder-tooltip tooltip-help">
     
    158158                    ?>
    159159
    160                     <input type="checkbox" name="search_in_multisite" id="search_in_multisite" <?= (!$disabled && isset($_GET['search_in_multisite']) && (sanitize_text_field($_GET['search_in_multisite']) == 'on')) ? 'checked' : '' ?> <?= $disabled ? 'disabled' : '' ?>>
     160                    <input type="checkbox" name="search_in_multisite" id="search_in_multisite" <?= (!$disabled && isset($_GET['search_in_multisite']) && (esc_attr($_GET['search_in_multisite']) == 'on')) ? 'checked' : '' ?> <?= $disabled ? 'disabled' : '' ?>>
    161161                    <?php echo __('Search the whole multisite network', 'shortcodes-finder') ?>
    162162                    <span class="shortcodes-finder-tooltip tooltip-help">
     
    172172    <?php
    173173   if (isset($_GET['shortcode_to_search'])) {
    174         $shortcode_to_search = ($_GET['shortcode_to_search'] != -1) ? sanitize_text_field($_GET['shortcode_to_search']) : '';
    175         $include_not_published = (isset($_GET['include_not_published']) && (sanitize_text_field($_GET['include_not_published']) == 'on'));
    176         $search_in_multisite = (is_multisite() && isset($_GET['search_in_multisite']) && (sanitize_text_field($_GET['search_in_multisite']) == 'on'));
     174        $shortcode_to_search = ($_GET['shortcode_to_search'] != -1) ? esc_attr($_GET['shortcode_to_search']) : '';
     175        $include_not_published = (isset($_GET['include_not_published']) && (esc_attr($_GET['include_not_published']) == 'on'));
     176        $search_in_multisite = (is_multisite() && isset($_GET['search_in_multisite']) && (esc_attr($_GET['search_in_multisite']) == 'on'));
    177177
    178178        if ($search_in_multisite){
     
    286286    <form class="find_shortcode_form" method="post">
    287287        <input type="hidden" name="page" value="<?= SHORTCODES_FINDER_PLUGIN_SLUG ?>">
    288         <input type="hidden" name="subpage" value="<?= sanitize_text_field($_GET['subpage']) ?>">
     288        <input type="hidden" name="subpage" value="<?= esc_attr($_GET['subpage']) ?>">
    289289
    290290        <p>
     
    305305
    306306            <label for="include_not_published" style="margin: 0 15px">
    307                 <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_POST['include_not_published']) && (sanitize_text_field($_POST['include_not_published']) == 'on')) ? 'checked' : '' ?>>
     307                <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_POST['include_not_published']) && (esc_attr($_POST['include_not_published']) == 'on')) ? 'checked' : '' ?>>
    308308                <?= __('Include not published contents', 'shortcodes-finder') ?>
    309309                <span class="shortcodes-finder-tooltip tooltip-help">
     
    401401    <form class="find_shortcode_form" method="post">
    402402        <input type="hidden" name="page" value="<?= SHORTCODES_FINDER_PLUGIN_SLUG ?>">
    403         <input type="hidden" name="subpage" value="<?= sanitize_text_field($_GET['subpage']) ?>">
     403        <input type="hidden" name="subpage" value="<?= esc_attr($_GET['subpage']) ?>">
    404404
    405405        <p>
     
    420420
    421421            <label for="include_not_published" style="margin: 0 15px">
    422                 <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_POST['include_not_published']) && (sanitize_text_field($_POST['include_not_published']) == 'on')) ? 'checked' : '' ?>>
     422                <input type="checkbox" name="include_not_published" id="include_not_published" <?= (isset($_POST['include_not_published']) && (esc_attr($_POST['include_not_published']) == 'on')) ? 'checked' : '' ?>>
    423423                <?= __('Include not published contents', 'shortcodes-finder') ?>
    424424                <span class="shortcodes-finder-tooltip tooltip-help">
     
    492492
    493493    if (isset($_GET['shortcode_test_shortcode'])) {
    494         $shortcode = sanitize_text_field($_GET['shortcode_test_shortcode']);
    495         $parameters = (strlen($_GET['shortcode_test_parameters']) > 0) ? stripslashes(urldecode(sanitize_text_field($_GET['shortcode_test_parameters']))) : '';
    496         $content = (strlen($_GET['shortcode_test_content']) > 0) ? stripslashes(urldecode(sanitize_text_field($_GET['shortcode_test_content']))) : '';
     494        $shortcode = esc_attr($_GET['shortcode_test_shortcode']);
     495        $parameters = (strlen($_GET['shortcode_test_parameters']) > 0) ? stripslashes(urldecode(esc_attr($_GET['shortcode_test_parameters']))) : '';
     496        $content = (strlen($_GET['shortcode_test_content']) > 0) ? stripslashes(urldecode(esc_attr($_GET['shortcode_test_content']))) : '';
    497497    } else {
    498498        $parameters = '';
     
    518518                <tr>
    519519                    <th scope="row"><label for="shortcode_test_parameters"><?= __('Insert parameters string (optional)', 'shortcodes-finder') ?></label></th>
    520                     <td><textarea rows="5" id="shortcode_test_parameters" name="shortcode_test_parameters"><?= htmlentities($parameters) ?></textarea></td>
     520                    <td><textarea rows="5" id="shortcode_test_parameters" name="shortcode_test_parameters"><?php echo $parameters ?></textarea></td>
    521521                </tr>
    522522                <tr>
    523523                    <th scope="row"><label for="shortcode_test_content"><?= __('Insert content (optional)', 'shortcodes-finder') ?></label></th>
    524                     <td><textarea rows="5" id="shortcode_test_content" name="shortcode_test_content"><?= htmlentities($content) ?></textarea></td>
     524                    <td><textarea rows="5" id="shortcode_test_content" name="shortcode_test_content"><?php echo $content ?></textarea></td>
    525525                </tr>
    526526                <tr>
     
    574574    if (isset($_POST['save'])) {
    575575        $res = true;
    576         $nonce = sanitize_text_field($_POST['nonce']);
     576        $nonce = sanitize_text_field(wp_unslash($_POST['nonce']));
    577577
    578578        $sf_settings_disable_existing_shortcodes =
    579           isset($_POST['sf_settings_disable_existing_shortcodes']) && (sanitize_text_field($_POST['sf_settings_disable_existing_shortcodes']) == 'on') ? true : false;
     579          isset($_POST['sf_settings_disable_existing_shortcodes']) && (esc_attr($_POST['sf_settings_disable_existing_shortcodes']) == 'on') ? true : false;
    580580        $sf_settings_disable_unused =
    581           isset($_POST['sf_settings_disable_unused']) && (sanitize_text_field($_POST['sf_settings_disable_unused']) == 'on') ? true : false;
     581          isset($_POST['sf_settings_disable_unused']) && (esc_attr($_POST['sf_settings_disable_unused']) == 'on') ? true : false;
    582582
    583583        $sf_settings_disabled_shortcodes = array();
     
    626626
    627627    <form method="post" novalidate="novalidate">
    628         <input type="hidden" name="nonce" value="<?= $nonce ?>" />
     628        <input type="hidden" name="nonce" value="<?php echo esc_attr($nonce) ?>" />
    629629        <table class="form-table" role="presentation">
    630630            <tbody>
     
    822822
    823823    // Form options
    824     $object_to_search = (isset($_GET['object_to_search']) && $_GET['object_to_search'] != -1) ? sanitize_text_field($_GET['object_to_search']) : '';
    825     $load_attributes = (isset($_GET['load_attributes']) && sanitize_text_field($_GET['load_attributes']) == 'on');
     824    $object_to_search = (isset($_GET['object_to_search']) && $_GET['object_to_search'] != -1) ? esc_attr($_GET['object_to_search']) : '';
     825    $load_attributes = (isset($_GET['load_attributes']) && esc_attr($_GET['load_attributes']) == 'on');
    826826
    827827    // Get shortcodes: Load origins. Don't load attributes. Don't filter objects.
     
    839839        <form class="find_shortcode_form" method="get">
    840840            <input type="hidden" name="page" value="<?= SHORTCODES_FINDER_PLUGIN_SLUG ?>">
    841             <input type="hidden" name="subpage" value="<?= sanitize_text_field($_GET['subpage']) ?>">
     841            <input type="hidden" name="subpage" value="<?= esc_attr($_GET['subpage']) ?>">
    842842
    843843            <p>

  • shortcodes-finder/trunk/shortcodes-finder-consts.php

    r3022828 r3035217  
    88 */
    99
    10 define('SHORTCODES_FINDER_VERSION', '1.5.5');
     10define('SHORTCODES_FINDER_VERSION', '1.5.6');
    1111
    1212define('SHORTCODES_FINDER_OPTION_VERSION', 'sf_version');   // From version 1.3.0

  • shortcodes-finder/trunk/shortcodes-finder.php

    r3022828 r3035217  
    1616 * Plugin URI:        https://www.scribit.it/en/wordpress-plugins/find-wordpress-website-shortcodes-in-one-click/
    1717 * Description:       Find, test, disable, clean and get informations about the shortcodes in your Wordpress website posts, pages and custom contents (also in multisite network).
    18  * Version:           1.5.5
     18 * Version:           1.5.6
    1919 * Author:            Scribit
    2020 * Author URI:        https://www.scribit.it/
Note: See TracChangeset for help on using the changeset viewer.