WordPress.org
Get WordPress

Plugin Directory

Changeset 3440031


Ignore:
Timestamp:
01/15/2026 06:04:07 AM (3 months ago)
Author:
saju4wordpress
Message:

Release version v2.4.1

Location:
make-section-column-clickable-elementor
Files:
42 added
2 edited

Legend:

Unmodified
Added
Removed

  • make-section-column-clickable-elementor/trunk/make-section-clickable-elementor.php

    r3410552 r3440031  
    66 * Author: Riyadh Ahmed
    77 * Author URI: http://sajuahmed.epizy.com/
    8  * Version: 2.4
     8 * Version: 2.4.1
    99 * License: GPL2 or later
    1010 * License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    1313 */
    1414
     15/**
     16 * Prevent direct access and load dependencies
     17 */
     18if ( ! defined( 'ABSPATH' ) ) {
     19    exit; // Exit if accessed directly
     20}
    1521require __DIR__ . '/vendor/autoload.php';
    16 
    17 //don't call the file directly
    18 if (!defined('ABSPATH')) exit;
    1922
    2023use Elementor\Controls_Manager;
    2124use Elementor\Element_Base;
    22 
    23 defined('ABSPATH') || die();
    2425
    2526
     
    5657    add_action('elementor/element/common/_section_style/after_section_end', [__CLASS__, 'add_controls_section'], 1);
    5758    add_action('elementor/frontend/before_render', [__CLASS__, 'before_section_render'], 1);
     59    add_action('wp_enqueue_scripts',[ __CLASS__, 'enqueue_scripts' ] );
    5860  }
    5961  /**
     
    6567   */
    6668  public static function add_controls_section(Element_Base $element) {
     69   
    6770    $tabs = Controls_Manager::TAB_CONTENT;
    68 
    69     if ('section' === $element->get_name() || 'column' === $element->get_name()) {
     71    if ( in_array( $element->get_name(), [ 'section', 'column' ], true ) ) {
    7072      $tabs = Controls_Manager::TAB_LAYOUT;
    7173    }
     
    8587        'type'        => Controls_Manager::URL,
    8688        'placeholder' => 'https://example.com',
     89        'show_external' => true,
    8790      ]
    8891    );
     
    98101
    99102    $link_settings = $element->get_settings_for_display('ra_element_link');
    100     //$blank = $link_settings['is_external'] != '' ? '_blank' : '_self';
    101     $blank = isset($link_settings['is_external']) && $link_settings['is_external'] != '' ? '_blank' : '_self';
     103   
     104    if ( empty( $link_settings['url'] ) ) {
     105            return;
     106        }
    102107
    103     if ($link_settings && !empty($link_settings['url'])) {
    104       $element->add_render_attribute(
    105         '_wrapper',
    106         [
    107           'data-ra-element-link' => json_encode($link_settings),
    108           'style' => 'cursor: pointer',
    109           'target' => $blank,
    110           'onClick' => 'window.open(\'' . $link_settings['url'] . '\', \'' . $blank . '\')',
    111         ]
    112       );
    113     }
     108        $url = esc_url_raw( $link_settings['url'] );
     109
     110        if ( ! wp_http_validate_url( $url ) ) {
     111            return;
     112        }
     113
     114        $target = ! empty( $link_settings['is_external'] ) ? '_blank' : '_self';
     115
     116        $element->add_render_attribute(
     117            '_wrapper',
     118            [
     119                'data-ra-url'    => esc_url( $url ),
     120                'data-ra-target' => esc_attr( $target ),
     121                'class'          => 'ra-clickable-wrapper',
     122                'style'          => 'cursor:pointer;',
     123            ]
     124        );
    114125  }
     126
     127  /**
     128     * Enqueue safe JS handler
     129     */
     130    public static function enqueue_scripts() {
     131
     132        wp_register_script(
     133            'ra-make-section-clickable',
     134            plugins_url( 'assets/js/ra-clickable.js', __FILE__ ),[],'2.4.1',true );
     135
     136        wp_enqueue_script( 'ra-make-section-clickable' );
     137    }
    115138}
    116139/**

  • make-section-column-clickable-elementor/trunk/readme.txt

    r3410572 r3440031  
    77Requires at least: 5.2
    88Tested up to: 6.9
    9 Elementor tested up to: 3.32
    10 Stable tag: 2.4
     9Elementor tested up to: 3.34
     10Stable tag: 2.4.1
    1111License: GPLv2 or later
    1212License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    132132* Compatible with WordPress version
    133133
     134= 2.4.1 =
     135
     136* Compatible with WordPress version
     137* Compatible with Elementor version
     138
     139* 🔐 Security
     140* Fixed a stored XSS vulnerability caused by inline JavaScript usage
     141* Removed inline onclick handlers from frontend rendering
     142* Implemented secure click handling using external JavaScript
     143* Sanitized and escaped all user-provided URLs and attributes
     144* Improved compatibility with WordPress Multisite security restrictions
     145
     146* 🛠️ Improvements
     147* Cleaner frontend markup
     148* CSP-friendly implementation
     149* Improved long-term security hardening
     150
    134151== Upgrade notice ==
    135152N/A.
Note: See TracChangeset for help on using the changeset viewer.