WordPress.org
Get WordPress

Plugin Directory

Changeset 3179636


Ignore:
Timestamp:
10/31/2024 06:48:06 PM (17 months ago)
Author:
expresspayby
Message:

Add new version 1.1.9

Location:
express-pay/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • express-pay/trunk/expresspay.payment.php

    r2872957 r3179636  
    44Plugin URI: https://express-pay.by/cms-extensions/wordpress
    55Description: Place the plugin shortcode at any of your pages and start to accept payments in WordPress instantly
    6 Version: 1.1.8
     6Version: 1.1.9
    77Author: LLC «TriIncom»
    88Author URI: https://express-pay.by

  • express-pay/trunk/src/class.expresspay.payment.php

    r2872957 r3179636  
    3939        global $wpdb;
    4040
    41         $response = $wpdb->get_row("SELECT id, name, type, options, isactive FROM " . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . " WHERE id = $type_id");
     41        $query = $wpdb->prepare("SELECT id, name, type, options, isactive FROM " . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . " WHERE id = %d", $type_id);
     42        $response = $wpdb->get_row($query);
    4243
    4344        if ($response->isactive == 1) {
     
    129130        global $wpdb;
    130131
    131         $response = $wpdb->get_row("SELECT options FROM " . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . " WHERE id = $type_id");
     132        $query = $wpdb->prepare("SELECT options FROM " . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . " WHERE id = %d", $type_id);
     133        $response = $wpdb->get_row($query);
    132134
    133135        $options = json_decode($response->options);
     
    266268            global $wpdb;
    267269
    268             $payment_options = $wpdb->get_row('SELECT id, name, type, options, isactive FROM ' . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . ' WHERE id = ' . $type_id);
    269 
     270            $query = $wpdb->prepare("SELECT id, name, type, options, isactive FROM " . EXPRESSPAY_TABLE_PAYMENT_METHOD_NAME . " WHERE id = %d", $type_id);
     271            $payment_options = $wpdb->get_row($query);
     272           
    270273            $options = json_decode($payment_options->options);
    271274

  • express-pay/trunk/src/class.payment.settings.php

    r2591340 r3179636  
    2727
    2828            $table_name = $wpdb->prefix . "expresspay_options";
    29             $response = $wpdb->get_row("SELECT * FROM $table_name WHERE id = $id");
    3029
     30            $query = $wpdb->prepare("SELECT * FROM $table_name WHERE id = %d", $type_id);
     31            $response = $wpdb->get_row($query);
     32           
    3133            $param = json_decode($response->options, true);
    3234        }
Note: See TracChangeset for help on using the changeset viewer.