WordPress.org
Get WordPress

Plugin Directory

Changeset 3412712


Ignore:
Timestamp:
12/06/2025 01:09:07 AM (4 months ago)
Author:
osamaesh
Message:

Bug fixing

Location:
wp-stats-manager
Files:
94 added
3 edited

Legend:

Unmodified
Added
Removed

  • wp-stats-manager/trunk/includes/wsm_statistics.php

    r3345313 r3412712  
    574574            'height' => '400px'
    575575        ), $atts, WSM_PREFIX . '_showLastDaysStatsChart');
     576       
     577       
     578            // SECURE: sanitize incoming shortcode values
     579        $atts['id']     = sanitize_key($atts['id']);
     580        $atts['title']  = sanitize_text_field($atts['title']);
     581        $atts['width']  = sanitize_text_field($atts['width']);
     582        $atts['height'] = sanitize_text_field($atts['height']);
     583        $atts['days']   = intval($atts['days']);
     584       
     585       
    576586        $html = '<div class="chartContainer">';
    577587        $html .= $this->wsm_getTopChartBar('lastdaychart');
    578         $html .= '<div id="' . $atts['id'] . '"></div></div>';
     588        $html .= '<div id="' . esc_attr($atts['id']) . '"></div></div>';
    579589        $tDays = 2;
    580590        $atts['days'] = intval($atts['days']);
     
    597607        $toDayForeCast['firstTimeVisitors'] = round(wsmFnCalculateForeCastData(array_keys($yArray['firstTimeVisitors']), $yArray['firstTimeVisitors'], 7), 0);
    598608        $colors = array('rgba(244,81,81,1)', 'rgba(251,194,70,1)', 'rgba(87,135,184,1)', 'rgba(0,128,0,1)');
    599         $wsmAdminJavaScript .= "
    600         //arrLiveStats.push('" . WSM_PREFIX . "CurrentDayStats_" . $atts['id'] . "_" . wsmGetYesterdayDateByTimeZone('Yxmxd') . "');
     609        $safeId = esc_js($atts['id']);
     610        $wsmAdminJavaScript .= "
     611        //arrLiveStats.push('" . WSM_PREFIX . "CurrentDayStats_" . esc_attr($atts['id']) . "_" . wsmGetYesterdayDateByTimeZone('Yxmxd') . "');
    601612        //jQuery('#" . WSM_PREFIX . "_lastDaysChart h2.hndle').html('<span>" . sprintf(__('Last %d Days', 'wp-stats-manager'), intval($atts['days'])) . "</span>');
    602         var {$atts['id']}_bpageViews=" . json_encode($arrLineData['pageViews']) . ";
    603         var {$atts['id']}_bvisitors=" . json_encode($arrLineData['visitors']) . ";
    604         var {$atts['id']}_bfirstVisitors=" . json_encode($arrLineData['firstTimeVisitors']) . ";
    605         var {$atts['id']}_bBounce = " . json_encode($arrLineData['Bounce']) . ";
    606         var {$atts['id']}_bppv = " . json_encode($arrLineData['ppv']) . ";
    607         var {$atts['id']}_bnewVisitor = " . json_encode($arrLineData['newVisitor']) . ";
    608         var {$atts['id']}_bavgOnline = " . json_encode($arrLineData['avgOnline']) . ";
    609         var {$atts['id']}_legendIndex=[];
     613       
     614       
     615        var {$safeId}_bpageViews=" . json_encode($arrLineData['pageViews']) . ";
     616        var {$safeId}_bvisitors=" . json_encode($arrLineData['visitors']) . ";
     617        var {$safeId}_bfirstVisitors=" . json_encode($arrLineData['firstTimeVisitors']) . ";
     618        var {$safeId}_bBounce = " . json_encode($arrLineData['Bounce']) . ";
     619        var {$safeId}_bppv = " . json_encode($arrLineData['ppv']) . ";
     620        var {$safeId}_bnewVisitor = " . json_encode($arrLineData['newVisitor']) . ";
     621        var {$safeId}_bavgOnline = " . json_encode($arrLineData['avgOnline']) . ";
     622        var {$safeId}_legendIndex=[];
    610623        var bcolors=" . json_encode($colors) . ";
    611624        var keyLabels=['" . __('First Time Visitor', 'wp-stats-manager') . "','" . __('Visitors', 'wp-stats-manager') . "','" . __('Page Views', 'wp-stats-manager') . "'];

  • wp-stats-manager/trunk/readme.txt

    r3345313 r3412712  
    33Tags: analytics, google analytics, insights, stats, visitors
    44Requires at least: 5.0
    5 Tested up to: 6.8.2
    6 Stable tag: 8.3
     5Tested up to: 6.9
     6Stable tag: 8.4
    77License: GPL3
    88
     
    8282
    8383== Changelog ==
     84
     85= 8.4
     86Security: Fixed stored XSS in wsm_showLastDaysStatsChart  shortcode by sanitizing data before output.
     87
    8488
    8589= 8.3

  • wp-stats-manager/trunk/wp-stats-manager.php

    r3345313 r3412712  
    44 * Plugin URI: http://plugins-market.com/contact-us
    55 * Description: This plugin will track the web analytics for each page and show various analytics report in admin panel as well as in front end.
    6  * Version: 8.3
     6 * Version: 8.4
    77 * Author: osamaesh
    88 * Author URI: http://plugins-market.com/
Note: See TracChangeset for help on using the changeset viewer.