WordPress.org
Get WordPress

Plugin Directory

Changeset 3185158


Ignore:
Timestamp:
11/10/2024 03:35:27 PM (16 months ago)
Author:
mtomic
Message:

Rectify xss vulnerabilities. v6.1.0

Location:
smsify/trunk
Files:
9 edited

Legend:

Unmodified
Added
Removed

  • smsify/trunk/images/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/includes/functions.php

    r3185120 r3185158  
    1414    $smsify_params->jsurl = plugins_url() . '/smsify/js';
    1515    $smsify_params->imageurl = plugins_url() . '/smsify/images';
    16     $smsify_params->smsifydir = $_SERVER["DOCUMENT_ROOT"] . '/' . PLUGINDIR . '/smsify';
     16    $smsify_params->smsifydir = WP_PLUGIN_DIR . '/smsify';
    1717   
    1818    $smsify_params->messages = array(
     
    143143                        "method" => "POST",
    144144                        "headers" => array("x-smsify-key" => $key, 'Content-Type' => 'application/json'),
    145                         "body" => json_encode(array(
     145                        "body" => wp_json_encode(array(
    146146                            "contacts" => array($contact),
    147147                            "message" => $message,
     
    206206   
    207207   if (!$passthrough) {
    208     echo json_encode($returnMessage);
     208    echo wp_json_encode($returnMessage);
    209209    die();
    210210   }
     
    233233                        "method" => "POST",
    234234                        "headers" => array("x-smsify-key" => $key, 'Content-Type' => 'application/json'),
    235                         "body" => json_encode(array(
     235                        "body" => wp_json_encode(array(
    236236                            "contacts" => array($contact),
    237237                            "message" => $args->message,
     
    366366                        "method" => "POST",
    367367                        "headers" => array("x-smsify-key" => $key, 'Content-Type' => 'application/json'),
    368                         "body" => json_encode(array(
     368                        "body" => wp_json_encode(array(
    369369                            "contacts" => $contacts,
    370370                            "message" => $message,
     
    429429    }
    430430
    431    echo json_encode($returnMessage);
     431   echowp_json_encode($returnMessage);
    432432   die();
    433433}
     
    485485        $returnMessage->message = $validationMessage;
    486486    }
    487    echo json_encode($returnMessage);
     487   echo wp_json_encode($returnMessage);
    488488   die();
    489489}
     
    572572function smsify_update_usage($total, $year=null, $month=null) {
    573573    if(!$year) {
    574         $year = date('Y');
     574        $year = gmdate('Y');
    575575    }       
    576576    if(!$month) {
    577         $month = date('n');
     577        $month = gmdate('n');
    578578    }
    579579    $user_id = get_current_user_id();
     
    587587    }
    588588    $stats->$year->$month += $total;
    589     update_user_meta($user_id, $meta_key, json_encode($stats));
     589    update_user_meta($user_id, $meta_key, wp_json_encode($stats));
    590590}
    591591

  • smsify/trunk/includes/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/licensing/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/modules/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/modules/usergroups/UserGroups.php

    r3185136 r3185158  
    189189
    190190        /* Get the terms of the 'profession' taxonomy. */
    191         $terms = get_terms( 'user-group', array( 'hide_empty' => false ) ); ?>
     191        $terms = get_terms( 'user-group' ); ?>
    192192
    193193        <h3 id="user-groups">User Groups</h3>
     
    552552    function bulk_edit($views) {
    553553        if (!current_user_can('edit_users') ) { return $views; }
    554         $terms = get_terms('user-group', array('hide_empty' => false));
     554        $terms = get_terms('user-group');
    555555?>
    556556        <form method="post" id="bulkeditusergroupform" class="alignright" style="clear:right; margin:0 10px;">
     
    608608    function views($views) {
    609609        global $wp_roles;
    610         $terms = get_terms('user-group', array('hide_empty' => true));
     610        $terms = get_terms('user-group');
    611611
    612612        $select = '<select name="user-group" id="user-groups-select">

  • smsify/trunk/modules/usergroups/index.php

    r841171 r3185158  
     1<?php
     2# Silence is golden

  • smsify/trunk/views/smsify-reporting.php

    r3185136 r3185158  
    3636        <?php foreach($stats->$selected_year as $month_num => $total) : ?>
    3737            <tr class="alternate"<?php if($month_num % 2 == 0) { echo ' style="background:#eee"'; } ?>>
    38                 <td scope="row"><?php echo esc_html(date('F', mktime(0, 0, 0, $month_num, 10))); ?></label></td>
     38                <td scope="row"><?php echo esc_html(gmdate('F', mktime(0, 0, 0, $month_num, 10))); ?></label></td>
    3939                <td><?php echo esc_html($total); $grandtotal += $total; ?></td>
    4040            </tr>
Note: See TracChangeset for help on using the changeset viewer.