Changeset 3224709
- Timestamp:
- 01/18/2025 03:07:29 AM (15 months ago)
- Location:
- wp-polls/trunk
- Files:
-
- 3 edited
-
polls-logs.php (modified) (11 diffs)
-
readme.txt (modified) (2 diffs)
-
wp-polls.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wp-polls/trunk/polls-logs.php
r2008258 r3224709 96 96 $guest_sql = 'AND pollip_user != \''.__('Guest', 'wp-polls').'\''; 97 97 $num_choices_query = $wpdb->get_col("SELECT pollip_user, COUNT(pollip_ip) AS num_choices FROM $wpdb->pollsip WHERE pollip_qid = $poll_id GROUP BY pollip_ip, pollip_user HAVING num_choices $num_choices_sign_sql $num_choices"); 98 $num_choices_sql = 'AND pollip_user IN (\'' .implode('\',\'',$num_choices_query).'\')';98 $num_choices_sql = 'AND pollip_user IN (\'' . implode( '\',\'', array_map( 'esc_sql', $num_choices_query ) ) . '\')'; 99 99 $order_by = 'pollip_user, pollip_ip'; 100 100 break; … … 124 124 <div class="wrap"> 125 125 <h3><?php _e('Filter Poll\'s Logs', 'wp-polls') ?></h3> 126 <table width="100%" border="0"cellspacing="0" cellpadding="0">126 <table width="100%" cellspacing="0" cellpadding="0"> 127 127 <tr> 128 128 <td width="50%"> … … 161 161 </tr> 162 162 <tr> 163 <td colspan="2" align="center"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td>163 <td colspan="2" style="text-align: center;"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td> 164 164 </tr> 165 165 </table> … … 209 209 </tr> 210 210 <tr> 211 <td colspan="2" align="center"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td>211 <td colspan="2" style="text-align: center;"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td> 212 212 </tr> 213 213 </table> … … 244 244 </tr> 245 245 <tr> 246 <td colspan="2" align="center"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td>246 <td colspan="2" style="text-align: center;"><input type="submit" name="do" value="<?php _e('Filter', 'wp-polls'); ?>" class="button" /></td> 247 247 </tr> 248 248 </table> … … 252 252 <?php } // End if($poll_multiple > -1) ?> 253 253 </td> 254 <td align="center"><input type="button" value="<?php _e('Clear Filter', 'wp-polls'); ?>" onclick="self.location.href = '<?php echo esc_attr( $base_page ); ?>&mode=logs&id=<?php echo $poll_id; ?>';" class="button" /></td>254 <td style="text-align: center;"><input type="button" value="<?php _e('Clear Filter', 'wp-polls'); ?>" onclick="self.location.href = '<?php echo esc_attr( $base_page ); ?>&mode=logs&id=<?php echo $poll_id; ?>';" class="button" /></td> 255 255 </tr> 256 256 </table> … … 275 275 echo "<tr class=\"thead\">\n"; 276 276 echo "<th>".__('Answer', 'wp-polls')."</th>\n"; 277 echo "<th>".__('IP', 'wp-polls')."</th>\n"; 278 echo "<th>".__('Host', 'wp-polls')."</th>\n"; 277 echo "<th>".__('Hashed IP / Host', 'wp-polls')."</th>\n"; 279 278 echo "<th>".__('Date', 'wp-polls')."</th>\n"; 280 279 echo "</tr>\n"; … … 292 291 $style = 'class="alternate"'; 293 292 } 294 if ($pollip_user != $temp_pollip_user) {295 echo '<tr class="highlight">' ."\n";296 echo "<td colspan=\"4\"><strong>".__('User', 'wp-polls')." ".number_format_i18n($k).": $pollip_user</strong></td>\n";293 if ( $pollip_user !== $temp_pollip_user ) { 294 echo '<tr class="highlight">'; 295 echo '<td colspan="3"><strong>' . __( 'User', 'wp-polls') . ' ' . esc_html( number_format_i18n( $k ) ) . ': ' . esc_html( $pollip_user ) . '</strong></td>'; 297 296 echo '</tr>'; 298 297 $k++; 299 298 } 300 299 echo "<tr $style>\n"; 301 echo "<td>{$pollip_answers[$pollip_aid]}</td>\n"; 302 echo "<td>$pollip_ip</td>\n"; 303 echo "<td>$pollip_host</td>\n"; 304 echo "<td>$pollip_date</td>\n"; 300 echo '<td>' . esc_html( $pollip_answers[$pollip_aid] ) . '</td>'; 301 echo '<td>' . esc_html( $pollip_ip ) . ' / ' . esc_html( $pollip_host ) . '</td>'; 302 echo '<td>' . esc_html( $pollip_date ) . '</td>'; 305 303 echo "</tr>\n"; 306 304 $temp_pollip_user = $pollip_user; … … 316 314 $pollip_date = mysql2date(sprintf(__('%s @ %s', 'wp-polls'), get_option('date_format'), get_option('time_format')), gmdate('Y-m-d H:i:s', $poll_ip->pollip_timestamp)); 317 315 if($pollip_aid != $poll_last_aid) { 318 if ($pollip_aid == 0) {319 echo "<tr class=\"highlight\">\n<td colspan=\"4\"><strong>$pollip_answers[$pollip_aid]</strong></td>\n</tr>\n";316 if ( $pollip_aid === 0 ) { 317 echo '<tr class="highlight"><td colspan="4"><strong>' . esc_html( $pollip_answers[$pollip_aid] ) . '</strong></td></tr>'; 320 318 } else { 321 319 $polla_answer = ! empty( $pollip_answers[$pollip_aid] ) ? $pollip_answers[ $pollip_aid ] : $poll_answers_data[ $k-1 ]->polla_answers; 322 echo "<tr class=\"highlight\">\n<td colspan=\"4\"><strong>".__('Answer', 'wp-polls')." ".number_format_i18n($k).": " . $polla_answer . "</strong></td>\n</tr>\n";320 echo '<tr class="highlight"><td colspan="4"><strong>' . __('Answer', 'wp-polls') . ' ' . esc_html( number_format_i18n( $k ) ) . ': ' . esc_html( $polla_answer ) . '</strong></td></tr>'; 323 321 $k++; 324 322 } … … 337 335 } 338 336 echo "<tr $style>\n"; 339 echo "<td>".number_format_i18n($i)."</td>\n";340 echo "<td>$pollip_user</td>\n";341 echo "<td>$pollip_ip / $pollip_host</td>\n";342 echo "<td>$pollip_date</td>\n";337 echo '<td>' . esc_html( number_format_i18n( $i ) ) . '</td>'; 338 echo '<td>' . esc_html( $pollip_user ) . '</td>'; 339 echo '<td>' . esc_html( $pollip_ip ) . ' / ' . esc_html( $pollip_host ) . '</td>'; 340 echo '<td>' . esc_html( $pollip_date ) . '</td>'; 343 341 echo "</tr>\n"; 344 342 $poll_last_aid = $pollip_aid; … … 366 364 <h3><?php _e('Delete Poll Logs', 'wp-polls'); ?></h3> 367 365 <br class="clear" /> 368 <div align="center" id="poll_logs">366 <div style="text-align: center;" id="poll_logs"> 369 367 <?php if($poll_logs_count) { ?> 370 368 <strong><?php _e('Are You Sure You Want To Delete Logs For This Poll Only?', 'wp-polls'); ?></strong><br /><br /> -
wp-polls/trunk/readme.txt
r2949758 r3224709 4 4 Tags: poll, polls, polling, vote, booth, democracy, ajax, survey, post, widget 5 5 Requires at least: 4.9.6 6 Tested up to: 6. 37 Stable tag: 2.77. 26 Tested up to: 6.7 7 Stable tag: 2.77.3 8 8 9 9 Adds an AJAX poll system to your WordPress blog. You can also easily add a poll into your WordPress's blog post/page. … … 22 22 23 23 ## Changelog 24 ### Version 2.77.3 25 * FIXED: XSS In poll-logs.php. 26 24 27 ### Version 2.77.2 25 28 * FIXED: Read from default REMOTE_ADDR unless specified in options -
wp-polls/trunk/wp-polls.php
r2949758 r3224709 4 4 Plugin URI: https://lesterchan.net/portfolio/programming/php/ 5 5 Description: Adds an AJAX poll system to your WordPress blog. You can easily include a poll into your WordPress's blog post/page. WP-Polls is extremely customizable via templates and css styles and there are tons of options for you to choose to ensure that WP-Polls runs the way you wanted. It now supports multiple selection of answers. 6 Version: 2.77. 26 Version: 2.77.3 7 7 Author: Lester 'GaMerZ' Chan 8 8 Author URI: https://lesterchan.net … … 12 12 13 13 /* 14 Copyright 202 3Lester Chan (email : lesterchan@gmail.com)14 Copyright 2025 Lester Chan (email : lesterchan@gmail.com) 15 15 16 16 This program is free software; you can redistribute it and/or modify … … 30 30 31 31 ### Version 32 define( 'WP_POLLS_VERSION', '2.77. 2' );32 define( 'WP_POLLS_VERSION', '2.77.3' ); 33 33 34 34
Note: See TracChangeset
for help on using the changeset viewer.