Changeset 3050928
- Timestamp:
- 03/14/2024 09:48:24 AM (2 years ago)
- Location:
- proofreading/trunk
- Files:
-
- 6 edited
-
README.txt (modified) (2 diffs)
-
admin/includes/class-ajax-handler.php (modified) (3 diffs)
-
admin/partials/proofreading-admin-display.php (modified) (2 diffs)
-
includes/class-proofreading-activator.php (modified) (1 diff)
-
proofreading-consts.php (modified) (1 diff)
-
proofreading.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
proofreading/trunk/README.txt
r3049591 r3050928 5 5 Requires at least: 4.0 6 6 Tested up to: 6.4.3 7 Stable tag: 1.2 7 Stable tag: 1.2.1 8 8 Requires PHP: 5.6 9 9 License: GPLv2 or later … … 67 67 == Changelog == 68 68 69 = 1.2.1 = 70 * Security fixes 71 * Added prepare statements to queries 72 69 73 = 1.2 = 70 74 * Security fixes -
proofreading/trunk/admin/includes/class-ajax-handler.php
r2978549 r3050928 35 35 wp_send_json_error(); 36 36 } 37 38 if (!isset($_REQUEST['language']) || strlen($_REQUEST['language']) > 2) return; 37 39 38 40 require_once plugin_dir_path( __FILE__ ) . 'class-languagetool.php'; … … 40 42 41 43 global $wpdb; 42 $included_rules = $wpdb->get_var("SELECT `included_rules` FROM {$wpdb->prefix}proofreading_rules_settings WHERE lang_code = '" . $_REQUEST['language'] . "'"); 44 $sql = $wpdb->prepare("SELECT `included_rules` FROM {$wpdb->prefix}proofreading_rules_settings WHERE lang_code = %s", $_REQUEST['language']); 45 $included_rules = $wpdb->get_var($sql); 43 46 44 47 $body = $lt->check($_REQUEST['post_text'], $_REQUEST['language'], $included_rules); … … 60 63 $lang = esc_sql($_POST['lang_code']); 61 64 62 $ rules = $wpdb->get_results("SELECT `name`, `key`65 $sql = $wpdb->prepare("SELECT `name`, `key` 63 66 FROM {$wpdb->prefix}proofreading_rules 64 WHERE lang_code = '$lang' 65 ORDER BY `name` ASC", ARRAY_A); 67 WHERE lang_code = %s 68 ORDER BY `name` ASC", $lang); 69 $rules = $wpdb->get_results($sql, ARRAY_A); 66 70 67 $included_rules = $wpdb->get_var("SELECT `included_rules` FROM {$wpdb->prefix}proofreading_rules_settings 68 WHERE lang_code = '$lang'"); 71 $sql = $wpdb->prepare("SELECT `included_rules` 72 FROM {$wpdb->prefix}proofreading_rules_settings 73 WHERE lang_code = %s", $lang); 74 $included_rules = $wpdb->get_var($sql); 69 75 70 76 $rules_included_keys = array(); -
proofreading/trunk/admin/partials/proofreading-admin-display.php
r3049309 r3050928 57 57 global $wpdb; 58 58 59 $rules = $wpdb->get_results("SELECT `name`, `key` 59 $_POST['proofreading-language-rules-settings'] = esc_sql($_POST['proofreading-language-rules-settings']); 60 61 $sql = $wpdb->prepare("SELECT `name`, `key` 60 62 FROM {$wpdb->prefix}proofreading_rules 61 WHERE lang_code = '". $_POST['proofreading-language-rules-settings'] ."' 62 ORDER BY `name` ASC", ARRAY_A); 63 WHERE lang_code = %s 64 ORDER BY `name` ASC", $_POST['proofreading-language-rules-settings']); 65 $rules = $wpdb->get_results($sql, ARRAY_A); 63 66 $rules = array_column( $rules, 'key' ); 64 67 … … 69 72 } 70 73 71 $wpdb->delete( "{$wpdb->prefix}proofreading_rules_settings", array( 'lang_code' => esc_attr($_POST['proofreading-language-rules-settings'])), array( '%s' ) );74 $wpdb->delete( "{$wpdb->prefix}proofreading_rules_settings", array( 'lang_code' => $_POST['proofreading-language-rules-settings'] ), array( '%s' ) ); 72 75 $wpdb->insert( 73 76 "{$wpdb->prefix}proofreading_rules_settings", 74 77 array( 75 'lang_code' => esc_attr($_POST['proofreading-language-rules-settings']),78 'lang_code' => $_POST['proofreading-language-rules-settings'], 76 79 'included_rules' => implode(',', $_POST['rules']) 77 80 ), -
proofreading/trunk/includes/class-proofreading-activator.php
r2205884 r3050928 71 71 if ( $i = strrpos( $wp_lang, '-' ) ) $wp_lang = substr( $wp_lang, 0, $i ); 72 72 73 $res = $wpdb->get_col("SELECT code FROM `{$wpdb->prefix}proofreading_languages` WHERE longCode = '$wp_lang';"); 73 $sql = $wpdb->prepare("SELECT code 74 FROM `{$wpdb->prefix}proofreading_languages` 75 WHERE longCode = %s", $wp_lang); 76 $res = $wpdb->get_col($sql); 77 74 78 if ( count($res) > 0 ) update_option( 'proofreading-language-default', $res[0]); 75 76 79 } 77 80 78 81 update_option( PROOFREADING_VERSION_SETTINGNAME , PROOFREADING_VERSION ); 79 80 82 } 81 82 83 } -
proofreading/trunk/proofreading-consts.php
r3049309 r3050928 8 8 */ 9 9 10 define( 'PROOFREADING_VERSION', '1.2 ' );10 define( 'PROOFREADING_VERSION', '1.2.1' ); 11 11 12 12 define( 'PROOFREADING_VERSION_SETTINGNAME', 'proofreading-version' ); // From version 1.0.7 -
proofreading/trunk/proofreading.php
r3049309 r3050928 16 16 * Plugin URI: https://www.scribit.it/en/wordpress-plugins/proofreading-wordpress-plugin-corrects-your-errors/ 17 17 * Description: Proofreading allows you to correct texts on your Wordpress site. This plugin allows you to proofread in 30 different languages on articles and pages of your site also providing useful tips for the improvement of your writings. 18 * Version: 1.2 18 * Version: 1.2.1 19 19 * Author: Scribit 20 20 * Author URI: https://www.scribit.it/
Note: See TracChangeset
for help on using the changeset viewer.