Changeset 3415067
- Timestamp:
- 12/09/2025 08:35:00 AM (4 months ago)
- Location:
- wpstream
- Files:
-
- 28 edited
- 1 copied
-
tags/4.9.6 (copied) (copied from wpstream/trunk)
-
tags/4.9.6/admin/class-wpstream-admin.php (modified) (4 diffs)
-
tags/4.9.6/admin/js/wpstream-onboarding-page.js (modified) (7 diffs)
-
tags/4.9.6/admin/js/wpstream-onboarding2.js (modified) (12 diffs)
-
tags/4.9.6/includes/class-wpstream-live-api-connection.php (modified) (2 diffs)
-
tags/4.9.6/includes/class-wpstream-player.php (modified) (2 diffs)
-
tags/4.9.6/public/js/broadcaster.js (modified) (2 diffs)
-
tags/4.9.6/public/js/start_streaming.js (modified) (4 diffs)
-
tags/4.9.6/public/js/wpstream-player.js (modified) (3 diffs)
-
tags/4.9.6/readme.txt (modified) (2 diffs)
-
tags/4.9.6/streamify/streamify.php (modified) (2 diffs)
-
tags/4.9.6/templates/broadcaster-template.php (modified) (1 diff)
-
tags/4.9.6/woocommerce/myaccount/event_list.php (modified) (1 diff)
-
tags/4.9.6/woocommerce/myaccount/video_list.php (modified) (1 diff)
-
tags/4.9.6/wpstream.php (modified) (3 diffs)
-
trunk/admin/class-wpstream-admin.php (modified) (4 diffs)
-
trunk/admin/js/wpstream-onboarding-page.js (modified) (7 diffs)
-
trunk/admin/js/wpstream-onboarding2.js (modified) (12 diffs)
-
trunk/includes/class-wpstream-live-api-connection.php (modified) (2 diffs)
-
trunk/includes/class-wpstream-player.php (modified) (2 diffs)
-
trunk/public/js/broadcaster.js (modified) (2 diffs)
-
trunk/public/js/start_streaming.js (modified) (4 diffs)
-
trunk/public/js/wpstream-player.js (modified) (3 diffs)
-
trunk/readme.txt (modified) (2 diffs)
-
trunk/streamify/streamify.php (modified) (2 diffs)
-
trunk/templates/broadcaster-template.php (modified) (1 diff)
-
trunk/woocommerce/myaccount/event_list.php (modified) (1 diff)
-
trunk/woocommerce/myaccount/video_list.php (modified) (1 diff)
-
trunk/wpstream.php (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wpstream/tags/4.9.6/admin/class-wpstream-admin.php
r3410434 r3415067 282 282 283 283 284 284 $branch = isset($_GET['branch']) ? sanitize_text_field( wp_unslash( $_GET['branch'] ) ) : ''; 285 285 wp_enqueue_script('wpstream-on-boarding-js',plugin_dir_url( __DIR__ ) .'/admin/js/wpstream-onboarding2.js',array(), WPSTREAM_PLUGIN_VERSION, true); 286 286 wp_localize_script('wpstream-on-boarding-js', 'wpstreamonboarding_js_vars', 287 287 array( 288 'admin_url' =>get_admin_url(),289 'plugin_url' =>get_dashboard_url().'/plugins.php',290 'upload_url' => get_dashboard_url().'admin.php?page=wpstream_recordings'291 288 'admin_url' => get_admin_url(), 289 'plugin_url' => get_dashboard_url().'/plugins.php', 290 'upload_url' => get_dashboard_url().'admin.php?page=wpstream_recordings', 291 'branch' => $branch 292 292 )); 293 293 … … 298 298 $onboarding_visible = $is_wpstream_onboarding_page || $is_wpstream_onboarding_post_type_page; 299 299 if( $onboarding_visible) { 300 wp_enqueue_script('wpstream-on-boarding-page-js', plugin_dir_url( __DIR__ ) .' /admin/js/wpstream-onboarding-page.js',array(), WPSTREAM_PLUGIN_VERSION, true);300 wp_enqueue_script('wpstream-on-boarding-page-js', plugin_dir_url( __DIR__ ) .'admin/js/wpstream-onboarding-page.js',array(), WPSTREAM_PLUGIN_VERSION, true); 301 301 wp_localize_script( 'wpstream-on-boarding-page-js', 'wpstream_onboarding_page_vars', 302 302 array( 303 'admin_url' => get_admin_url(), 304 'request_url' => WPSTREAM_CLICK, 305 'wps_user' => get_option('wpstream_api_username_from_token'), 306 'current_page' => $is_wpstream_onboarding_post_type_page ? 'post_edit' : 'onboarding', 303 'admin_url' => get_admin_url(), 304 'request_url' => WPSTREAM_CLICK, 305 'wps_user' => get_option('wpstream_api_username_from_token'), 306 'current_page' => $is_wpstream_onboarding_post_type_page ? 'post_edit' : 'onboarding', 307 'plugin_version' => WPSTREAM_PLUGIN_VERSION, 308 'branch' => $branch, 307 309 ) 308 310 ); … … 310 312 311 313 if ( in_array( $current_screen->base, ['toplevel_page_wpstream_credentials', 'wpstream_page_wpstream_live_channels', 'wpstream_page_wpstream_recordings', 'wpstream_page_wpstream_onboard'] ) ) { 312 wp_enqueue_script( 'wpstream-user-quota-update', plugin_dir_url( __DIR__ ) . ' /admin/js/wpstream-user-quota.js', array(), WPSTREAM_PLUGIN_VERSION, true );314 wp_enqueue_script( 'wpstream-user-quota-update', plugin_dir_url( __DIR__ ) . 'admin/js/wpstream-user-quota.js', array(), WPSTREAM_PLUGIN_VERSION, true ); 313 315 wp_localize_script( 'wpstream-user-quota-update', 'wpstream_user_quota_vars', array( 314 316 'admin_url' => get_admin_url() … … 658 660 659 661 660 print '<div class="start_event wpstream_button wpstream_tooltip_wrapper" data-show-id="'.$the_id.'" > ' . $button_status; 662 $start_event_nonce = wp_create_nonce( 'wpstream_start_event_nonce' ); 663 print '<div class="start_event wpstream_button wpstream_tooltip_wrapper" data-show-id="'.$the_id.'" data-nonce="' . esc_attr( $start_event_nonce ) . '" > ' . $button_status; 661 664 print '<div class="wpstream_tooltip">'.esc_html__('Channel is now OFF. Click to turn ON.','wpestream').'</div>'; 662 665 print '</div>'; -
wpstream/tags/4.9.6/admin/js/wpstream-onboarding-page.js
r3408984 r3415067 1 // Initialize transaction ID at the start 2 const transactionId = getOrCreateTransactionId(); 3 console.log(transactionId); 4 1 5 /** 2 6 * Track onboarding steps … … 7 11 * @param {string} element_name - The name of the element (optional) 8 12 */ 9 function wpstream_track_onboarding_step(action, step, element_type= ' button', element_name = '') {13 function wpstream_track_onboarding_step(action, step, element_type= '', element_name = '') { 10 14 console.log('Tracking onboarding step:', action, step, element_type, element_name); 11 15 fetch( wpstream_onboarding_page_vars.request_url + '/onboarding/index.php', { … … 22 26 element_type: element_type, 23 27 element_name: element_name 24 } 28 }, 29 plugin_version: wpstream_onboarding_page_vars.plugin_version, 30 session_id: sessionId, 31 transaction_id: transactionId 25 32 }) 26 33 }).then(res => { … … 29 36 } 30 37 31 32 38 window.addEventListener('DOMContentLoaded', async function() { 33 39 // if it's the create channel page 34 40 if ( wpstream_onboarding_page_vars.current_page === 'post_edit' ) { 35 wpstream_track_onboarding_step('onboarding_loaded', 'create_channel_step'); 41 switch ( wpstream_onboarding_page_vars.branch ) { 42 case '1': 43 wpstream_track_onboarding_step('page_loaded', 'create_free_channel_step' ); 44 break; 45 case '2': 46 wpstream_track_onboarding_step('page_loaded', 'create_paid_channel_step' ); 47 break; 48 case '3': 49 wpstream_track_onboarding_step('page_loaded', 'create_free_vod_step' ); 50 break; 51 case '4': 52 wpstream_track_onboarding_step('page_loaded', 'create_paid_vod_step' ); 53 break; 54 default: 55 // do nothing 56 break; 57 } 36 58 } 37 59 … … 39 61 if ( wpstream_onboarding_page_vars.current_page === 'onboarding' ) { 40 62 if (jQuery('#wpstream_have_token').length > 0) { 41 wpstream_track_onboarding_step(' onboarding_loaded', 'wpstream_step_2');63 wpstream_track_onboarding_step('page_loaded', 'select_channel_or_vod_step' ); 42 64 } else { 43 wpstream_track_onboarding_step(' onboarding_loaded', 'register_step');65 wpstream_track_onboarding_step('page_loaded', 'register_step'); 44 66 } 45 67 } … … 54 76 parameters: { 55 77 step: wpstream_onboarding_page_vars.current_page, 56 } 78 }, 79 plugin_version: wpstream_onboarding_page_vars.plugin_version, 80 session_id: sessionId, 81 transaction_id: transactionId 57 82 }); 58 83 … … 70 95 }) 71 96 }); 97 98 /** 99 * Get a cookie value by name 100 * 101 * @param {string} name - Cookie name 102 * @return {string|null} - Cookie value or null if not found 103 */ 104 function getCookie(name) { 105 const value = `; ${document.cookie}`; 106 const parts = value.split(`; ${name}=`); 107 if (parts.length === 2) { 108 return decodeURIComponent(parts.pop().split(';').shift()); 109 } 110 return null; 111 } 112 113 /** 114 * Set a session cookie (expires when browser closes) 115 * 116 * @param {string} name - Cookie name 117 * @param {string} value - Cookie value 118 */ 119 function setSessionCookie(name, value) { 120 document.cookie = name + '=' + encodeURIComponent(value) + '; path=/'; 121 } 122 123 /** 124 * Get or create a transaction ID cookie 125 * 126 * @return {string} - Transaction ID 127 */ 128 function getOrCreateTransactionId() { 129 let transactionId = getCookie('transactionId'); 130 if (!transactionId) { 131 transactionId = 'txn_' + Date.now() + '_' + Math.random().toString(36).substr(2, 9); 132 setSessionCookie('transactionId', transactionId); 133 } 134 return transactionId; 135 } 136 137 function onboarding_step_to_string(step) { 138 switch (step) { 139 case 'wpstream_step_1': 140 return 'register_or_login'; 141 case 'wpstream_step_2': 142 return 'select_channel_or_vod'; 143 case 'wpstream_step_3': 144 return 'create_channel'; 145 case 'wpstream_step_3a': 146 return 'create_free_channel'; 147 case 'wpstream_step_3b': 148 return 'create_paid_channel'; 149 case 'wpstream_step_4': 150 return 'create_vod'; 151 case 'wpstream_step_4a': 152 return 'create_free_vod'; 153 case 'wpstream_step_4b': 154 return 'create_paid_vod'; 155 default: 156 return ''; 157 } 158 } 159 160 function branch_to_string(branch) { 161 switch (branch) { 162 case '1': 163 return 'free_channel'; 164 case '2': 165 return 'paid_channel'; 166 case '3': 167 return 'free_vod'; 168 case '4': 169 return 'paid_vod'; 170 default: 171 return ''; 172 } 173 } -
wpstream/tags/4.9.6/admin/js/wpstream-onboarding2.js
r3394809 r3415067 1 let sessionId = ''; 2 3 const urlParams = new URLSearchParams(window.location.search); 4 if ( urlParams.get('page') === 'wpstream_onboard' ) { 5 sessionId = crypto.randomUUID(); 6 } else { 7 sessionId = urlParams.get('session_id'); 8 } 9 1 10 const ONBOARD=(function(){ 2 11 … … 349 358 }); 350 359 351 wpstream_track_onboarding_step( 'account_login', ' wpstream_step_1' );360 wpstream_track_onboarding_step( 'account_login', 'login_step', 'button', 'account_login_button' ); 352 361 } 353 362 … … 512 521 } 513 522 }); 514 523 524 wpstream_track_onboarding_step('register_account', 'register_step', 'button', 'register_account_button'); 515 525 } 516 526 … … 597 607 jQuery('.wpstream_on_board_login_wrapper').show(); 598 608 jQuery('#wpstream_onboarding_action_register').show(); 599 wpstream_track_onboarding_step( 'already_have_account', ' wpstream_step_1', 'link' );609 wpstream_track_onboarding_step( 'already_have_account', 'register_step', 'link' ); 600 610 }); 601 611 … … 606 616 jQuery('.wpstream_on_board_register_wrapper').show(); 607 617 jQuery('#wpstream_onboarding_action_login').show(); 608 wpstream_track_onboarding_step( 'back_to_registration', ' wpstream_step_1', 'link' );618 wpstream_track_onboarding_step( 'back_to_registration', 'login_step', 'link' ); 609 619 }); 610 620 … … 615 625 jQuery('#'+nextThing).show(); 616 626 var buttonStep = jQuery(this).parent().attr('id'); 617 wpstream_track_onboarding_step( 'step_button_press', buttonStep, 'button', nextThing ); 627 628 wpstream_track_onboarding_step( 'step_button_press', onboarding_step_to_string(buttonStep) + '_step', 'button', onboarding_step_to_string(nextThing) + '_button' ); 618 629 }); 619 630 } … … 661 672 var new_link = data.link; 662 673 var decoded = new_link.replace(/&/g, '&'); 663 window.location.href=decodeURI(decoded); 674 var redirectUrl = new URL(decoded, window.location.origin); 675 redirectUrl.searchParams.append('session_id', sessionId); 676 window.location.href = redirectUrl.toString(); 664 677 } else { 665 678 jQuery('#wpstream_onboard_live_notice').empty().addClass('onboarding_error').show().text(wpstream_admin_control_vars.channel_create_error) … … 931 944 if (jQuery(this).css('display') === 'block') { 932 945 var current_step = jQuery(this).attr('id'); 933 wpstream_track_onboarding_step( 'close_onboarding', current_step);946 wpstream_track_onboarding_step( 'close_onboarding', onboarding_step_to_string(current_step) + '_step' ); 934 947 } 935 948 }); … … 973 986 974 987 var current_step = jQuery(this).parent().parent().attr('id'); 975 wpstream_track_onboarding_step( 'prev_button_click' , current_step);988 wpstream_track_onboarding_step( 'prev_button_click' , onboarding_step_to_string(current_step) + '_step' ); 976 989 }); 977 990 … … 1162 1175 1163 1176 function wpstream_onboarding_close_modal_logic(context) { 1164 wpstream_track_onboarding_step( ' onboard_bubble_close', 'bubble_step_' + jQuery('#wpstream_onboard_bubble').attr('data-bubble-step'));1177 wpstream_track_onboarding_step( 'close_onboarding', 'close_modal_acknowledge' ); 1165 1178 jQuery('.wpstream_onboard_bubble_finish').hide(); 1166 1179 var parent_modal=jQuery(context).parent(); … … 1192 1205 if( jQuery(this).hasClass('wpstream_onboard_bubble_next')){ 1193 1206 current_bubble_step++; 1194 wpstream_track_onboarding_step( 'onboard_ bubble_navigation', 'bubble_step_' + current_bubble_step, 'button', 'next' );1207 wpstream_track_onboarding_step( 'onboard_wpstream_navigation_' + branch_to_string(wpstreamonboarding_js_vars.branch), 'onboarding_step_' + current_bubble_step, 'button', 'next' ); 1195 1208 }else{ 1196 1209 current_bubble_step--; 1197 wpstream_track_onboarding_step( 'onboard_ bubble_navigation', 'bubble_step_' + current_bubble_step, 'button', 'prev' );1210 wpstream_track_onboarding_step( 'onboard_wpstream_navigation_' + branch_to_string(wpstreamonboarding_js_vars.branch), 'onboarding_step_' + current_bubble_step, 'button', 'prev' ); 1198 1211 } 1199 1212 … … 1230 1243 window.addEventListener('DOMContentLoaded', function() { 1231 1244 1232 }) 1233 1245 }); 1246 -
wpstream/tags/4.9.6/includes/class-wpstream-live-api-connection.php
r3410434 r3415067 259 259 260 260 public function wpstream_check_event_status(){ 261 check_ajax_referer( 'wpstream_start_event_nonce', 'nonce' ); 261 262 $channel_id = intval($_POST['channel_id']); 262 263 $notes = 'wpstream_check_event_status_note'; … … 314 315 315 316 public function wpstream_check_whipurl() { 317 check_ajax_referer( 'wpstream_start_event_nonce', 'nonce' ); 316 318 $channel_id = intval($_POST['channel_id']); 317 319 -
wpstream/tags/4.9.6/includes/class-wpstream-player.php
r3408984 r3415067 42 42 43 43 public function wpstream_player_check_status(){ 44 check_ajax_referer('wpstream_player_check_status_nonce', 'nonce'); 44 45 $channel_id = intval($_POST['channel_id']); 45 46 … … 402 403 } 403 404 404 405 406 echo '<div class="wpstream_live_player_wrapper function_wpstream_live_event_player" data-now="'.$now.'" data-me="'.esc_attr($usernamestream).'" data-product-id="'.$channel_id.'" id="wpstream_live_player_wrapper'.$now.'" > '; 405 406 407 $player_nonce = wp_create_nonce( 'wpstream_player_check_status_nonce' ); 408 echo '<div class="wpstream_live_player_wrapper function_wpstream_live_event_player" data-now="'.$now.'" data-me="'.esc_attr($usernamestream).'" data-product-id="'.$channel_id.'" id="wpstream_live_player_wrapper'.$now.'" data-nonce="' . $player_nonce . '" > '; 407 409 408 410 $show_viewer_count = ( -
wpstream/tags/4.9.6/public/js/broadcaster.js
r3408984 r3415067 721 721 } 722 722 723 var nonce = jQuery('#wpstream_start_event_nonce').val(); 724 723 725 jQuery.ajax({ 724 726 url: wpstream_broadcaster_vars.ajax_url, … … 727 729 action: 'wpstream_check_event_status', 728 730 channel_id: channelId, 731 nonce: nonce 729 732 }, 730 733 success: function(response) { -
wpstream/tags/4.9.6/public/js/start_streaming.js
r3408984 r3415067 435 435 function wpstream_check_event_status_in_js(channel_id,notes,successCallback, errorCallback){ 436 436 437 var ajaxurl = wpstream_start_streaming_vars.admin_url + 'admin-ajax.php'; 437 var ajaxurl = wpstream_start_streaming_vars.admin_url + 'admin-ajax.php'; 438 var nonce = jQuery('#wpstream_start_event_nonce').val(); 439 438 440 jQuery.ajax({ 439 441 type: 'POST', … … 446 448 'channel_id' : channel_id, 447 449 'notes' : notes, 448 450 'nonce' : nonce 449 451 }, 450 452 success: function (data) { … … 760 762 var whipUrl = ''; 761 763 var pendingPopup = window.open('', '_blank', 'location=yes,scrollbars=yes,status=yes'); 764 var nonce = jQuery('#wpstream_start_event_nonce').val(); 762 765 763 766 jQuery.ajax({ … … 769 772 'action': 'wpstream_check_whipurl', 770 773 'channel_id': channelId, 774 'nonce': nonce, 771 775 }, 772 776 success: function (data) { -
wpstream/tags/4.9.6/public/js/wpstream-player.js
r3408984 r3415067 126 126 console.log("getDynamicSettings()"); 127 127 let ajaxurl = wpstream_player_vars.admin_url + "admin-ajax.php"; 128 const nonce = jQuery('.wpstream_live_player_wrapper').attr('data-nonce'); 128 129 let owner = this; 129 130 jQuery.ajax({ … … 134 135 action: "wpstream_player_check_status", 135 136 channel_id: this.channelId, 137 nonce: nonce, 136 138 }, 137 139 success: function (data) { … … 213 215 break; 214 216 case 'error': 217 removeSpinner(4); 215 218 this.liveMessage.showMessage('error'); 216 219 } -
wpstream/tags/4.9.6/readme.txt
r3410434 r3415067 5 5 Tested up to: 6.8 6 6 Requires PHP: 7.1 7 Stable tag: 4.9. 57 Stable tag: 4.9.6 8 8 License: GPL 9 9 License URI: http://www.gnu.org/licenses/old-licenses/gpl-2.0.html … … 136 136 == Changelog == 137 137 138 = 4.9.6 = 139 * Fix - Show paid channels/VODs on the My Account dashboard 140 * Enhancements - Added nonce verification to AJAX requests 141 138 142 = 4.9.5 = 139 143 * Fix - Saving the Non-Admin User Roles Allowed to Broadcast setting -
wpstream/tags/4.9.6/streamify/streamify.php
r3312871 r3415067 22 22 if ($fileExtension === 'ts' || $fileExtension === 'm3u8') { 23 23 wpstreamify_process_hls_request($fileExtension, $cacheFile, $remoteUrl); 24 24 25 } else { 25 26 wpstreamify_serve_404(); … … 118 119 header('Cache-Control: public, max-age=2, must-revalidate'); 119 120 header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 2) . ' GMT'); 121 if ( ! defined( 'DONOTCACHEPAGE' ) ) { 122 define( 'DONOTCACHEPAGE', true ); 123 } 120 124 } 121 125 -
wpstream/tags/4.9.6/templates/broadcaster-template.php
r3408984 r3415067 113 113 <div class="settings-panel" id="settingsPanel"> 114 114 <div> 115 <?php 116 $ajax_nonce = wp_create_nonce( "wpstream_start_event_nonce" ); 117 print '<input type="hidden" id="wpstream_start_event_nonce" value="'.$ajax_nonce.'">'; 118 ?> 115 119 <div class="controls-container"> 116 120 <button id="startBroadcast" class="button start-broadcast" disabled><?php esc_html_e('Start Broadcast', 'wpstream'); ?></button> -
wpstream/tags/4.9.6/woocommerce/myaccount/event_list.php
r2996230 r3415067 12 12 13 13 }else{ 14 15 $customer_orders = get_posts( array( 16 'numberposts' => -1, 17 'meta_key' => '_customer_user', 18 'meta_value' => get_current_user_id(), 19 'post_type' => wc_get_order_types(), 20 'post_status' => array_keys( wc_get_order_statuses() ), 21 'orderby' => 'ID', 22 'order' => 'DESC', 23 ) ); 24 14 $customer_orders = wc_get_orders(array( 15 'customer_id' => get_current_user_id(), 16 'limit' => -1, 17 'orderby' => 'date', 18 'order' => 'DESC', 19 'status' => array_keys(wc_get_order_statuses()), 20 )); 21 25 22 $orders_array=array(); 26 23 foreach( $customer_orders as $order_data){ -
wpstream/tags/4.9.6/woocommerce/myaccount/video_list.php
r2996230 r3415067 7 7 wpstream_theme_purchased_video_list(); 8 8 } else { 9 $customer_orders = get_posts( array( 10 'numberposts' => -1, 11 'meta_key' => '_customer_user', 12 'meta_value' => get_current_user_id(), 13 'post_type' => wc_get_order_types(), 14 'post_status' => array_keys( wc_get_order_statuses() ), 15 'orderby' => 'ID', 16 'order' => 'DESC', 17 ) ); 9 $customer_orders = wc_get_orders(array( 10 'customer_id' => get_current_user_id(), 11 'limit' => -1, 12 'orderby' => 'date', 13 'order' => 'DESC', 14 'status' => array_keys(wc_get_order_statuses()), 15 )); 18 16 19 17 $orders_array=array(); -
wpstream/tags/4.9.6/wpstream.php
r3410434 r3415067 4 4 * Plugin URI: http://wpstream.net 5 5 * Description: WpStream is a platform that allows you to live stream, create Video-on-Demand, and offer Pay-Per-View videos. We provide an affordable and user-friendly way for businesses, non-profits, and public institutions to broadcast their content and monetize their work. 6 * Version: 4.9. 56 * Version: 4.9.6 7 7 * Author: wpstream 8 8 * Author URI: http://wpstream.net … … 15 15 die; 16 16 } 17 define('WPSTREAM_PLUGIN_VERSION', '4.9. 5');17 define('WPSTREAM_PLUGIN_VERSION', '4.9.6'); 18 18 define('WPSTREAM_CLUBLINK', 'wpstream.net'); 19 19 define('WPSTREAM_CLUBLINKSSL', 'https'); … … 23 23 define('WPSTREAM_PLUGIN_BASE', plugin_basename(__FILE__) ); 24 24 define('WPSTREAM_API', 'https://baker.wpstream.net'); 25 define('WPSTREAM_CLICK', 'https://click.wpstream.net'); 25 if ( !defined( 'WPSTREAM_CLICK' ) ) { 26 define( 'WPSTREAM_CLICK', 'https://click.wpstream.net' ); 27 } 26 28 27 29 -
wpstream/trunk/admin/class-wpstream-admin.php
r3410434 r3415067 282 282 283 283 284 284 $branch = isset($_GET['branch']) ? sanitize_text_field( wp_unslash( $_GET['branch'] ) ) : ''; 285 285 wp_enqueue_script('wpstream-on-boarding-js',plugin_dir_url( __DIR__ ) .'/admin/js/wpstream-onboarding2.js',array(), WPSTREAM_PLUGIN_VERSION, true); 286 286 wp_localize_script('wpstream-on-boarding-js', 'wpstreamonboarding_js_vars', 287 287 array( 288 'admin_url' =>get_admin_url(),289 'plugin_url' =>get_dashboard_url().'/plugins.php',290 'upload_url' => get_dashboard_url().'admin.php?page=wpstream_recordings'291 288 'admin_url' => get_admin_url(), 289 'plugin_url' => get_dashboard_url().'/plugins.php', 290 'upload_url' => get_dashboard_url().'admin.php?page=wpstream_recordings', 291 'branch' => $branch 292 292 )); 293 293 … … 298 298 $onboarding_visible = $is_wpstream_onboarding_page || $is_wpstream_onboarding_post_type_page; 299 299 if( $onboarding_visible) { 300 wp_enqueue_script('wpstream-on-boarding-page-js', plugin_dir_url( __DIR__ ) .' /admin/js/wpstream-onboarding-page.js',array(), WPSTREAM_PLUGIN_VERSION, true);300 wp_enqueue_script('wpstream-on-boarding-page-js', plugin_dir_url( __DIR__ ) .'admin/js/wpstream-onboarding-page.js',array(), WPSTREAM_PLUGIN_VERSION, true); 301 301 wp_localize_script( 'wpstream-on-boarding-page-js', 'wpstream_onboarding_page_vars', 302 302 array( 303 'admin_url' => get_admin_url(), 304 'request_url' => WPSTREAM_CLICK, 305 'wps_user' => get_option('wpstream_api_username_from_token'), 306 'current_page' => $is_wpstream_onboarding_post_type_page ? 'post_edit' : 'onboarding', 303 'admin_url' => get_admin_url(), 304 'request_url' => WPSTREAM_CLICK, 305 'wps_user' => get_option('wpstream_api_username_from_token'), 306 'current_page' => $is_wpstream_onboarding_post_type_page ? 'post_edit' : 'onboarding', 307 'plugin_version' => WPSTREAM_PLUGIN_VERSION, 308 'branch' => $branch, 307 309 ) 308 310 ); … … 310 312 311 313 if ( in_array( $current_screen->base, ['toplevel_page_wpstream_credentials', 'wpstream_page_wpstream_live_channels', 'wpstream_page_wpstream_recordings', 'wpstream_page_wpstream_onboard'] ) ) { 312 wp_enqueue_script( 'wpstream-user-quota-update', plugin_dir_url( __DIR__ ) . ' /admin/js/wpstream-user-quota.js', array(), WPSTREAM_PLUGIN_VERSION, true );314 wp_enqueue_script( 'wpstream-user-quota-update', plugin_dir_url( __DIR__ ) . 'admin/js/wpstream-user-quota.js', array(), WPSTREAM_PLUGIN_VERSION, true ); 313 315 wp_localize_script( 'wpstream-user-quota-update', 'wpstream_user_quota_vars', array( 314 316 'admin_url' => get_admin_url() … … 658 660 659 661 660 print '<div class="start_event wpstream_button wpstream_tooltip_wrapper" data-show-id="'.$the_id.'" > ' . $button_status; 662 $start_event_nonce = wp_create_nonce( 'wpstream_start_event_nonce' ); 663 print '<div class="start_event wpstream_button wpstream_tooltip_wrapper" data-show-id="'.$the_id.'" data-nonce="' . esc_attr( $start_event_nonce ) . '" > ' . $button_status; 661 664 print '<div class="wpstream_tooltip">'.esc_html__('Channel is now OFF. Click to turn ON.','wpestream').'</div>'; 662 665 print '</div>'; -
wpstream/trunk/admin/js/wpstream-onboarding-page.js
r3408984 r3415067 1 // Initialize transaction ID at the start 2 const transactionId = getOrCreateTransactionId(); 3 console.log(transactionId); 4 1 5 /** 2 6 * Track onboarding steps … … 7 11 * @param {string} element_name - The name of the element (optional) 8 12 */ 9 function wpstream_track_onboarding_step(action, step, element_type= ' button', element_name = '') {13 function wpstream_track_onboarding_step(action, step, element_type= '', element_name = '') { 10 14 console.log('Tracking onboarding step:', action, step, element_type, element_name); 11 15 fetch( wpstream_onboarding_page_vars.request_url + '/onboarding/index.php', { … … 22 26 element_type: element_type, 23 27 element_name: element_name 24 } 28 }, 29 plugin_version: wpstream_onboarding_page_vars.plugin_version, 30 session_id: sessionId, 31 transaction_id: transactionId 25 32 }) 26 33 }).then(res => { … … 29 36 } 30 37 31 32 38 window.addEventListener('DOMContentLoaded', async function() { 33 39 // if it's the create channel page 34 40 if ( wpstream_onboarding_page_vars.current_page === 'post_edit' ) { 35 wpstream_track_onboarding_step('onboarding_loaded', 'create_channel_step'); 41 switch ( wpstream_onboarding_page_vars.branch ) { 42 case '1': 43 wpstream_track_onboarding_step('page_loaded', 'create_free_channel_step' ); 44 break; 45 case '2': 46 wpstream_track_onboarding_step('page_loaded', 'create_paid_channel_step' ); 47 break; 48 case '3': 49 wpstream_track_onboarding_step('page_loaded', 'create_free_vod_step' ); 50 break; 51 case '4': 52 wpstream_track_onboarding_step('page_loaded', 'create_paid_vod_step' ); 53 break; 54 default: 55 // do nothing 56 break; 57 } 36 58 } 37 59 … … 39 61 if ( wpstream_onboarding_page_vars.current_page === 'onboarding' ) { 40 62 if (jQuery('#wpstream_have_token').length > 0) { 41 wpstream_track_onboarding_step(' onboarding_loaded', 'wpstream_step_2');63 wpstream_track_onboarding_step('page_loaded', 'select_channel_or_vod_step' ); 42 64 } else { 43 wpstream_track_onboarding_step(' onboarding_loaded', 'register_step');65 wpstream_track_onboarding_step('page_loaded', 'register_step'); 44 66 } 45 67 } … … 54 76 parameters: { 55 77 step: wpstream_onboarding_page_vars.current_page, 56 } 78 }, 79 plugin_version: wpstream_onboarding_page_vars.plugin_version, 80 session_id: sessionId, 81 transaction_id: transactionId 57 82 }); 58 83 … … 70 95 }) 71 96 }); 97 98 /** 99 * Get a cookie value by name 100 * 101 * @param {string} name - Cookie name 102 * @return {string|null} - Cookie value or null if not found 103 */ 104 function getCookie(name) { 105 const value = `; ${document.cookie}`; 106 const parts = value.split(`; ${name}=`); 107 if (parts.length === 2) { 108 return decodeURIComponent(parts.pop().split(';').shift()); 109 } 110 return null; 111 } 112 113 /** 114 * Set a session cookie (expires when browser closes) 115 * 116 * @param {string} name - Cookie name 117 * @param {string} value - Cookie value 118 */ 119 function setSessionCookie(name, value) { 120 document.cookie = name + '=' + encodeURIComponent(value) + '; path=/'; 121 } 122 123 /** 124 * Get or create a transaction ID cookie 125 * 126 * @return {string} - Transaction ID 127 */ 128 function getOrCreateTransactionId() { 129 let transactionId = getCookie('transactionId'); 130 if (!transactionId) { 131 transactionId = 'txn_' + Date.now() + '_' + Math.random().toString(36).substr(2, 9); 132 setSessionCookie('transactionId', transactionId); 133 } 134 return transactionId; 135 } 136 137 function onboarding_step_to_string(step) { 138 switch (step) { 139 case 'wpstream_step_1': 140 return 'register_or_login'; 141 case 'wpstream_step_2': 142 return 'select_channel_or_vod'; 143 case 'wpstream_step_3': 144 return 'create_channel'; 145 case 'wpstream_step_3a': 146 return 'create_free_channel'; 147 case 'wpstream_step_3b': 148 return 'create_paid_channel'; 149 case 'wpstream_step_4': 150 return 'create_vod'; 151 case 'wpstream_step_4a': 152 return 'create_free_vod'; 153 case 'wpstream_step_4b': 154 return 'create_paid_vod'; 155 default: 156 return ''; 157 } 158 } 159 160 function branch_to_string(branch) { 161 switch (branch) { 162 case '1': 163 return 'free_channel'; 164 case '2': 165 return 'paid_channel'; 166 case '3': 167 return 'free_vod'; 168 case '4': 169 return 'paid_vod'; 170 default: 171 return ''; 172 } 173 } -
wpstream/trunk/admin/js/wpstream-onboarding2.js
r3394809 r3415067 1 let sessionId = ''; 2 3 const urlParams = new URLSearchParams(window.location.search); 4 if ( urlParams.get('page') === 'wpstream_onboard' ) { 5 sessionId = crypto.randomUUID(); 6 } else { 7 sessionId = urlParams.get('session_id'); 8 } 9 1 10 const ONBOARD=(function(){ 2 11 … … 349 358 }); 350 359 351 wpstream_track_onboarding_step( 'account_login', ' wpstream_step_1' );360 wpstream_track_onboarding_step( 'account_login', 'login_step', 'button', 'account_login_button' ); 352 361 } 353 362 … … 512 521 } 513 522 }); 514 523 524 wpstream_track_onboarding_step('register_account', 'register_step', 'button', 'register_account_button'); 515 525 } 516 526 … … 597 607 jQuery('.wpstream_on_board_login_wrapper').show(); 598 608 jQuery('#wpstream_onboarding_action_register').show(); 599 wpstream_track_onboarding_step( 'already_have_account', ' wpstream_step_1', 'link' );609 wpstream_track_onboarding_step( 'already_have_account', 'register_step', 'link' ); 600 610 }); 601 611 … … 606 616 jQuery('.wpstream_on_board_register_wrapper').show(); 607 617 jQuery('#wpstream_onboarding_action_login').show(); 608 wpstream_track_onboarding_step( 'back_to_registration', ' wpstream_step_1', 'link' );618 wpstream_track_onboarding_step( 'back_to_registration', 'login_step', 'link' ); 609 619 }); 610 620 … … 615 625 jQuery('#'+nextThing).show(); 616 626 var buttonStep = jQuery(this).parent().attr('id'); 617 wpstream_track_onboarding_step( 'step_button_press', buttonStep, 'button', nextThing ); 627 628 wpstream_track_onboarding_step( 'step_button_press', onboarding_step_to_string(buttonStep) + '_step', 'button', onboarding_step_to_string(nextThing) + '_button' ); 618 629 }); 619 630 } … … 661 672 var new_link = data.link; 662 673 var decoded = new_link.replace(/&/g, '&'); 663 window.location.href=decodeURI(decoded); 674 var redirectUrl = new URL(decoded, window.location.origin); 675 redirectUrl.searchParams.append('session_id', sessionId); 676 window.location.href = redirectUrl.toString(); 664 677 } else { 665 678 jQuery('#wpstream_onboard_live_notice').empty().addClass('onboarding_error').show().text(wpstream_admin_control_vars.channel_create_error) … … 931 944 if (jQuery(this).css('display') === 'block') { 932 945 var current_step = jQuery(this).attr('id'); 933 wpstream_track_onboarding_step( 'close_onboarding', current_step);946 wpstream_track_onboarding_step( 'close_onboarding', onboarding_step_to_string(current_step) + '_step' ); 934 947 } 935 948 }); … … 973 986 974 987 var current_step = jQuery(this).parent().parent().attr('id'); 975 wpstream_track_onboarding_step( 'prev_button_click' , current_step);988 wpstream_track_onboarding_step( 'prev_button_click' , onboarding_step_to_string(current_step) + '_step' ); 976 989 }); 977 990 … … 1162 1175 1163 1176 function wpstream_onboarding_close_modal_logic(context) { 1164 wpstream_track_onboarding_step( ' onboard_bubble_close', 'bubble_step_' + jQuery('#wpstream_onboard_bubble').attr('data-bubble-step'));1177 wpstream_track_onboarding_step( 'close_onboarding', 'close_modal_acknowledge' ); 1165 1178 jQuery('.wpstream_onboard_bubble_finish').hide(); 1166 1179 var parent_modal=jQuery(context).parent(); … … 1192 1205 if( jQuery(this).hasClass('wpstream_onboard_bubble_next')){ 1193 1206 current_bubble_step++; 1194 wpstream_track_onboarding_step( 'onboard_ bubble_navigation', 'bubble_step_' + current_bubble_step, 'button', 'next' );1207 wpstream_track_onboarding_step( 'onboard_wpstream_navigation_' + branch_to_string(wpstreamonboarding_js_vars.branch), 'onboarding_step_' + current_bubble_step, 'button', 'next' ); 1195 1208 }else{ 1196 1209 current_bubble_step--; 1197 wpstream_track_onboarding_step( 'onboard_ bubble_navigation', 'bubble_step_' + current_bubble_step, 'button', 'prev' );1210 wpstream_track_onboarding_step( 'onboard_wpstream_navigation_' + branch_to_string(wpstreamonboarding_js_vars.branch), 'onboarding_step_' + current_bubble_step, 'button', 'prev' ); 1198 1211 } 1199 1212 … … 1230 1243 window.addEventListener('DOMContentLoaded', function() { 1231 1244 1232 }) 1233 1245 }); 1246 -
wpstream/trunk/includes/class-wpstream-live-api-connection.php
r3410434 r3415067 259 259 260 260 public function wpstream_check_event_status(){ 261 check_ajax_referer( 'wpstream_start_event_nonce', 'nonce' ); 261 262 $channel_id = intval($_POST['channel_id']); 262 263 $notes = 'wpstream_check_event_status_note'; … … 314 315 315 316 public function wpstream_check_whipurl() { 317 check_ajax_referer( 'wpstream_start_event_nonce', 'nonce' ); 316 318 $channel_id = intval($_POST['channel_id']); 317 319 -
wpstream/trunk/includes/class-wpstream-player.php
r3408984 r3415067 42 42 43 43 public function wpstream_player_check_status(){ 44 check_ajax_referer('wpstream_player_check_status_nonce', 'nonce'); 44 45 $channel_id = intval($_POST['channel_id']); 45 46 … … 402 403 } 403 404 404 405 406 echo '<div class="wpstream_live_player_wrapper function_wpstream_live_event_player" data-now="'.$now.'" data-me="'.esc_attr($usernamestream).'" data-product-id="'.$channel_id.'" id="wpstream_live_player_wrapper'.$now.'" > '; 405 406 407 $player_nonce = wp_create_nonce( 'wpstream_player_check_status_nonce' ); 408 echo '<div class="wpstream_live_player_wrapper function_wpstream_live_event_player" data-now="'.$now.'" data-me="'.esc_attr($usernamestream).'" data-product-id="'.$channel_id.'" id="wpstream_live_player_wrapper'.$now.'" data-nonce="' . $player_nonce . '" > '; 407 409 408 410 $show_viewer_count = ( -
wpstream/trunk/public/js/broadcaster.js
r3408984 r3415067 721 721 } 722 722 723 var nonce = jQuery('#wpstream_start_event_nonce').val(); 724 723 725 jQuery.ajax({ 724 726 url: wpstream_broadcaster_vars.ajax_url, … … 727 729 action: 'wpstream_check_event_status', 728 730 channel_id: channelId, 731 nonce: nonce 729 732 }, 730 733 success: function(response) { -
wpstream/trunk/public/js/start_streaming.js
r3408984 r3415067 435 435 function wpstream_check_event_status_in_js(channel_id,notes,successCallback, errorCallback){ 436 436 437 var ajaxurl = wpstream_start_streaming_vars.admin_url + 'admin-ajax.php'; 437 var ajaxurl = wpstream_start_streaming_vars.admin_url + 'admin-ajax.php'; 438 var nonce = jQuery('#wpstream_start_event_nonce').val(); 439 438 440 jQuery.ajax({ 439 441 type: 'POST', … … 446 448 'channel_id' : channel_id, 447 449 'notes' : notes, 448 450 'nonce' : nonce 449 451 }, 450 452 success: function (data) { … … 760 762 var whipUrl = ''; 761 763 var pendingPopup = window.open('', '_blank', 'location=yes,scrollbars=yes,status=yes'); 764 var nonce = jQuery('#wpstream_start_event_nonce').val(); 762 765 763 766 jQuery.ajax({ … … 769 772 'action': 'wpstream_check_whipurl', 770 773 'channel_id': channelId, 774 'nonce': nonce, 771 775 }, 772 776 success: function (data) { -
wpstream/trunk/public/js/wpstream-player.js
r3408984 r3415067 126 126 console.log("getDynamicSettings()"); 127 127 let ajaxurl = wpstream_player_vars.admin_url + "admin-ajax.php"; 128 const nonce = jQuery('.wpstream_live_player_wrapper').attr('data-nonce'); 128 129 let owner = this; 129 130 jQuery.ajax({ … … 134 135 action: "wpstream_player_check_status", 135 136 channel_id: this.channelId, 137 nonce: nonce, 136 138 }, 137 139 success: function (data) { … … 213 215 break; 214 216 case 'error': 217 removeSpinner(4); 215 218 this.liveMessage.showMessage('error'); 216 219 } -
wpstream/trunk/readme.txt
r3410434 r3415067 5 5 Tested up to: 6.8 6 6 Requires PHP: 7.1 7 Stable tag: 4.9. 57 Stable tag: 4.9.6 8 8 License: GPL 9 9 License URI: http://www.gnu.org/licenses/old-licenses/gpl-2.0.html … … 136 136 == Changelog == 137 137 138 = 4.9.6 = 139 * Fix - Show paid channels/VODs on the My Account dashboard 140 * Enhancements - Added nonce verification to AJAX requests 141 138 142 = 4.9.5 = 139 143 * Fix - Saving the Non-Admin User Roles Allowed to Broadcast setting -
wpstream/trunk/streamify/streamify.php
r3312871 r3415067 22 22 if ($fileExtension === 'ts' || $fileExtension === 'm3u8') { 23 23 wpstreamify_process_hls_request($fileExtension, $cacheFile, $remoteUrl); 24 24 25 } else { 25 26 wpstreamify_serve_404(); … … 118 119 header('Cache-Control: public, max-age=2, must-revalidate'); 119 120 header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 2) . ' GMT'); 121 if ( ! defined( 'DONOTCACHEPAGE' ) ) { 122 define( 'DONOTCACHEPAGE', true ); 123 } 120 124 } 121 125 -
wpstream/trunk/templates/broadcaster-template.php
r3408984 r3415067 113 113 <div class="settings-panel" id="settingsPanel"> 114 114 <div> 115 <?php 116 $ajax_nonce = wp_create_nonce( "wpstream_start_event_nonce" ); 117 print '<input type="hidden" id="wpstream_start_event_nonce" value="'.$ajax_nonce.'">'; 118 ?> 115 119 <div class="controls-container"> 116 120 <button id="startBroadcast" class="button start-broadcast" disabled><?php esc_html_e('Start Broadcast', 'wpstream'); ?></button> -
wpstream/trunk/woocommerce/myaccount/event_list.php
r2996230 r3415067 12 12 13 13 }else{ 14 15 $customer_orders = get_posts( array( 16 'numberposts' => -1, 17 'meta_key' => '_customer_user', 18 'meta_value' => get_current_user_id(), 19 'post_type' => wc_get_order_types(), 20 'post_status' => array_keys( wc_get_order_statuses() ), 21 'orderby' => 'ID', 22 'order' => 'DESC', 23 ) ); 24 14 $customer_orders = wc_get_orders(array( 15 'customer_id' => get_current_user_id(), 16 'limit' => -1, 17 'orderby' => 'date', 18 'order' => 'DESC', 19 'status' => array_keys(wc_get_order_statuses()), 20 )); 21 25 22 $orders_array=array(); 26 23 foreach( $customer_orders as $order_data){ -
wpstream/trunk/woocommerce/myaccount/video_list.php
r2996230 r3415067 7 7 wpstream_theme_purchased_video_list(); 8 8 } else { 9 $customer_orders = get_posts( array( 10 'numberposts' => -1, 11 'meta_key' => '_customer_user', 12 'meta_value' => get_current_user_id(), 13 'post_type' => wc_get_order_types(), 14 'post_status' => array_keys( wc_get_order_statuses() ), 15 'orderby' => 'ID', 16 'order' => 'DESC', 17 ) ); 9 $customer_orders = wc_get_orders(array( 10 'customer_id' => get_current_user_id(), 11 'limit' => -1, 12 'orderby' => 'date', 13 'order' => 'DESC', 14 'status' => array_keys(wc_get_order_statuses()), 15 )); 18 16 19 17 $orders_array=array(); -
wpstream/trunk/wpstream.php
r3410434 r3415067 4 4 * Plugin URI: http://wpstream.net 5 5 * Description: WpStream is a platform that allows you to live stream, create Video-on-Demand, and offer Pay-Per-View videos. We provide an affordable and user-friendly way for businesses, non-profits, and public institutions to broadcast their content and monetize their work. 6 * Version: 4.9. 56 * Version: 4.9.6 7 7 * Author: wpstream 8 8 * Author URI: http://wpstream.net … … 15 15 die; 16 16 } 17 define('WPSTREAM_PLUGIN_VERSION', '4.9. 5');17 define('WPSTREAM_PLUGIN_VERSION', '4.9.6'); 18 18 define('WPSTREAM_CLUBLINK', 'wpstream.net'); 19 19 define('WPSTREAM_CLUBLINKSSL', 'https'); … … 23 23 define('WPSTREAM_PLUGIN_BASE', plugin_basename(__FILE__) ); 24 24 define('WPSTREAM_API', 'https://baker.wpstream.net'); 25 define('WPSTREAM_CLICK', 'https://click.wpstream.net'); 25 if ( !defined( 'WPSTREAM_CLICK' ) ) { 26 define( 'WPSTREAM_CLICK', 'https://click.wpstream.net' ); 27 } 26 28 27 29
Note: See TracChangeset
for help on using the changeset viewer.