Changeset 3276446
- Timestamp:
- 04/18/2025 08:53:45 AM (12 months ago)
- Location:
- theme-changer/trunk
- Files:
-
- 2 edited
-
readme.txt (modified) (2 diffs)
-
theme-changer.php (modified) (8 diffs)
Legend:
- Unmodified
- Added
- Removed
-
theme-changer/trunk/readme.txt
r3275878 r3276446 4 4 Requires at least: 3.0 5 5 Tested up to: 6.8 6 Stable tag: 1. 46 Stable tag: 1.5 7 7 License: GPLv2 or later 8 8 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 42 42 = 1.4 = 43 43 * Cross-site scripting vulnerability response. 44 45 = 1.5 = 46 * Cross-site scripting vulnerability response. -
theme-changer/trunk/theme-changer.php
r3275878 r3276446 2 2 /* 3 3 Plugin Name: Theme Changer 4 Plugin URI: http ://www.elegants.biz/theme-changer.php4 Plugin URI: https://wordpress.org/plugins/theme-changer/ 5 5 Description: Easy theme change in the get parameter. this to be a per-session only change, and one that everyone (all visitors) can use. I just enter the following URL. It's easy. e.g. http://wordpress_install_domain/?theme_changer=theme_folder_name 6 Version: 1. 46 Version: 1.5 7 7 Author: momen2009 8 8 License: GPLv2 or later … … 29 29 function add_meta_query_vars( $public_query_vars ) { 30 30 if(is_admin()) return; 31 $public_query_vars[] = "theme_changer"; 31 $query_list = array("theme_changer","theme_changer_password"); 32 foreach($query_list as $val){ 33 $public_query_vars[] = $val; 34 } 32 35 return $public_query_vars; 33 36 } … … 48 51 $theme_changer_theme = $now_theme -> get_stylesheet(); 49 52 50 if(isset($_SESSION["theme_changer_password"]) && !isset($_GET["theme_changer_password"])){53 if(isset($_SESSION["theme_changer_password"]) && null == get_query_var("theme_changer_password")){ 51 54 if($_SESSION["theme_changer_password"] != $theme_changer_password) return; 52 55 }else{ 53 if( !isset($_GET["theme_changer_password"])) return;54 if($theme_changer_password != sanitize_text_field(wp_unslash( $_GET["theme_changer_password"]))){56 if(null == get_query_var("theme_changer_password")) return; 57 if($theme_changer_password != sanitize_text_field(wp_unslash(get_query_var("theme_changer_password")))){ 55 58 return; 56 59 }else{ … … 60 63 } 61 64 62 if( isset($_GET["theme_changer"])){63 $theme_changer = sanitize_text_field(wp_unslash($wpdb->escape( $_GET["theme_changer"])));65 if(null != get_query_var("theme_changer")){ 66 $theme_changer = sanitize_text_field(wp_unslash($wpdb->escape(get_query_var("theme_changer")))); 64 67 } 65 68 if(isset($theme_changer) && $theme_changer != ""){ … … 97 100 if(!is_admin()){ 98 101 add_filter("query_vars","add_meta_query_vars"); 99 add_filter(" setup_theme","theme_changer");102 add_filter("wp","theme_changer"); 100 103 add_filter('stylesheet', 'my_theme_switcher'); 101 104 add_filter('template', 'my_theme_switcher'); … … 149 152 wp_die( esc_html(__( 'You do not have sufficient permissions to access this page.' )) ); 150 153 } 151 152 154 if (isset($_POST['theme_changer_password'])) { 155 if (check_admin_referer()) { 153 156 update_option('theme_changer_password', sanitize_text_field(wp_unslash($_POST['theme_changer_password']))); 157 } 154 158 } 155 159 ?> … … 157 161 <h1>Theme Changer Options</h1> 158 162 <?php 163 159 164 if(isset($_POST['theme_changer_password'])) { 165 if (check_admin_referer()) { 160 166 echo '<div id="setting-error-settings_updated" class="updated settings-error notice is-dismissible"><p><strong>Settings saved.</strong></p></div>'; 167 } 161 168 } 162 169 ?> … … 165 172 <tr> 166 173 <th scope="row"><label for="theme_changer_password">Password</label></th> 167 <td>< input name="theme_changer_password" type="text" id="theme_changer_password" value="<?php form_option('theme_changer_password'); ?>" class="regular-text" /><p class="description" id="theme-changer-password-description">You can attach a password to the Theme Changer. e.g. http://wordpress_install_domain/?theme_changer=theme_folder_name&<strong>theme_changer_password=input_password<strong></p></td>174 <td><?php wp_nonce_field(); ?><input name="theme_changer_password" type="text" id="theme_changer_password" value="<?php form_option('theme_changer_password'); ?>" class="regular-text" /><p class="description" id="theme-changer-password-description">You can attach a password to the Theme Changer. e.g. http://wordpress_install_domain/?theme_changer=theme_folder_name&<strong>theme_changer_password=input_password<strong></p></td> 168 175 </tr> 169 176 </table>
Note: See TracChangeset
for help on using the changeset viewer.