WordPress.org
Get WordPress

Plugin Directory

Changeset 3360423


Ignore:
Timestamp:
09/12/2025 09:46:26 AM (7 months ago)
Author:
kamilkhan
Message:

6.2.10

Location:
couponapi/trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • couponapi/trunk/brandlogos-resync.php

    r3160492 r3360423  
    125125
    126126        $resync = array('empty_logos' => isset($_POST['empty_logos']), 'grey_logos' => isset($_POST['grey_logos']), 'custom_logos' => isset($_POST['custom_logos']));
    127         $resync['store_slugs'] = $_POST['store_slugs'] ? explode(',', sanitize_text_field($_POST['store_slugs'])) : false;
     127        $resync['store_slugs'] = $_POST['store_slugs'] ? explode(',', esc_sql(sanitize_text_field($_POST['store_slugs']))) : false;
    128128        $wpdb->query("INSERT INTO `{$wpdb->prefix}couponapi_logs` (`microtime`, `msg_type`, `message`) VALUES (" . microtime(true) . ", 'info', 'Starting logos resync process. This may take several minutes...') ");
    129129        wp_schedule_single_event(time(), 'couponapi_process_brandlogos_resync_event', array($resync));

  • couponapi/trunk/couponapi.php

    r3235774 r3360423  
    55 * Plugin URI: https://couponapi.org
    66 * Description: Automatically import Coupons & Deals from popular Affiliate Networks into your WordPress Coupon Website.
    7  * Version: 6.2.9
     7 * Version: 6.2.10
    88 * Author: CouponAPI.org
    99 * Author URI: https://couponapi.org
     
    493493
    494494    $file_location =  "https://couponapi.org/api/download_feed.php";
    495     $file = $_GET['filename'];
     495    $file = esc_sql($_GET['filename']);
    496496
    497497    $sql = "SELECT * FROM " . $wp_prefix . "couponapi_config WHERE name IN ('API_KEY','pingback_setting')";

  • couponapi/trunk/save-api-config.php

    r2866319 r3360423  
    2626       
    2727        $autopilot = ((isset($_POST['autopilot']) AND sanitize_text_field($_POST['autopilot']) == 'on')? 'On':'Off');
    28         $API_KEY = sanitize_key(trim($_POST['API_KEY']));
     28        $API_KEY = esc_sql(sanitize_key(trim($_POST['API_KEY'])));
    2929        $last_extract_date = esc_sql(sanitize_text_field($_POST['last_extract_date']));
    3030        $last_extract_time = esc_sql(sanitize_text_field($_POST['last_extract_time']));

  • couponapi/trunk/save-brandlogos-config.php

    r3015468 r3360423  
    2323
    2424        global $wpdb;
    25         $use_logos = (sanitize_text_field($_POST['use_logos'] ?? 'if_empty'));
     25        $use_logos = esc_sql(sanitize_text_field($_POST['use_logos'] ?? 'if_empty'));
    2626        $use_grey_image = $_POST['use_grey_image'] != 'on' ? 'off' : 'on';
    2727        couponapi_process_use_logos($use_logos);
    28         $size = (sanitize_text_field($_POST['size'] ?? 'horizontal'));
     28        $size = esc_sql(sanitize_text_field($_POST['size'] ?? 'horizontal'));
    2929
    3030        $sql = "REPLACE INTO {$wpdb->prefix}couponapi_config (name,value) VALUES ('use_logos','$use_logos'), ('use_grey_image','$use_grey_image'), ('size','$size')";

  • couponapi/trunk/save-import-config.php

    r3166980 r3360423  
    2828        $pingback_setting = ((isset($_POST['pingback_setting']) and sanitize_text_field($_POST['pingback_setting']) == 'on') ? 'On' : 'Off');
    2929        $batch_size = intval($_POST['batch_size']);
    30         $generic_import_image = sanitize_text_field($_POST['generic_import_image']??'off');
     30        $generic_import_image = esc_sql(sanitize_text_field($_POST['generic_import_image']??'off'));
    3131        $set_as_featured_image = (isset($_POST['set_as_featured_image']) and $generic_import_image != 'off') ? 'On' : 'Off';
    32         $ctype_code = $_POST['ctype_code'] ?? '';
    33         $ctype_deal = $_POST['ctype_deal'] ?? '';
    34         $store = isset($_POST['store'])?$_POST['store']:'store';
    35         $category = isset($_POST['category'])?$_POST['category']:'category';
    36         $code_text = $_POST['code_text'] ?? '';
    37         $expiry_text = $_POST['expiry_text'] ?? '';
     32        $ctype_code = esc_sql($_POST['ctype_code']) ?? '';
     33        $ctype_deal = esc_sql($_POST['ctype_deal']) ?? '';
     34        $store = isset($_POST['store'])?esc_sql($_POST['store']):'store';
     35        $category = isset($_POST['category'])?esc_sql($_POST['category']):'category';
     36        $code_text = esc_sql($_POST['code_text']) ?? '';
     37        $expiry_text = esc_sql($_POST['expiry_text']) ?? '';
    3838
    3939        if (empty($batch_size)) $batch_size = 500;

  • couponapi/trunk/views.php

    r3166980 r3360423  
    558558    // Get Logs
    559559    if (!empty($_POST['log_duration'])) {
    560         $log_duration = $_POST['log_duration'];
     560        $log_duration = esc_sql($_POST['log_duration']);
    561561    } else {
    562562        $log_duration = '1 HOUR';
Note: See TracChangeset for help on using the changeset viewer.