WordPress.org
Get WordPress

Plugin Directory

Changeset 3453076


Ignore:
Timestamp:
02/03/2026 04:48:00 PM (7 weeks ago)
Author:
sonaar
Message:

Version 5.11

Location:
mp3-music-player-by-sonaar
Files:
735 added
6 edited

Legend:

Unmodified
Added
Removed

  • mp3-music-player-by-sonaar/trunk/README.txt

    r3404288 r3453076  
    44Donate link: https://sonaar.io
    55Requires at least: 4.7
    6 Tested up to: 6.8
     6Tested up to: 6.9
    77Requires PHP: 5.6
    8 Stable tag: 5.10
     8Stable tag: 5.11
    99License: GPLv2 or later
    1010License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    343343
    344344== Changelog ==
     345= 5.11 =
     346- Fix: Waveform width issue caused by css from third party themes or plugins
     347- Fix: PHP error with RSS feed as source in some condition
     348- Fix: Add to cart button on mobile
     349- Fix: Tracklist Note button issue when reverse tracklist option is enable from post option
     350- Fix: Icecasts - Convert the feed to json format. Some feed was received as string
     351- Fix: PHP error with the license pdf generator
     352- Fix: Bulk importer - Set the audio file(s) as the purchased file(s) option to prevent manual work
     353- Tweak: License Contract - Removed unused LICENSE_TYPE variable type
     354- Fix: Resolved a security vulnerability
     355
    345356= 5.10 =
    346357- New: WooCommerce – Added option to set separate Preview and Purchased audio files. After buying a track, customers can instantly download and listen to their purchased version on the frontend, and the Add to Cart button can automatically adjust based on purchase status. All new settings are available under MP3 Player > Settings > WooCommerce

  • mp3-music-player-by-sonaar/trunk/admin/class-sonaar-music-admin.php

    r3404288 r3453076  
    82228222                         /* translators: %1$s: company name, %2$s: section spacing, %3$s: effective date, %4$s: producer name, %5$s: licensee name, %6$s: licensee address, %7$s: beat title, %8$s: payment type, %9$s: section break, %10$s: may or may not (conditional text), %11$s: number of radio stations, %12$s: number or name of an audiovisual work, %13$s: number of allowed downloads, %14$s: number of allowed monetized streams, %15$s: number of allowed monetized video streams, %16$s: number of allowed free downloads, %19$s: section header, %20$s: colon after section header, */
    82238223                         esc_html__('%1$s
    8224 %2$sThis License Agreement (the “Agreement”), having been made on and effective as of %3$s (the “Effective Date”) by and between %4$s (the “Producer” or “Licensor”); and you, %5$s (“You” or “Licensee”), residing at %6$s, sets forth the terms and conditions of the Licensee’s use, and the rights granted in, the Producer’s instrumental music file entitled %7$s (the “Beat”) in consideration for Licensee’s payment, on a so-called “%8$s” basis.%9$s
     8224%2$sThis License Agreement (the “Agreement”), having been made on and effective as of %3$s (the “Effective Date”) by and between %4$s (the “Producer” or “Licensor”); and you, %5$s (“You” or “Licensee”), residing at %6$s, sets forth the terms and conditions of the Licensee’s use, and the rights granted in, the Producer’s instrumental music file entitled %7$s (the “Beat”) in consideration for Licensee’s payment.%9$s
    82258225
    82268226%2$sThis Agreement is issued solely in connection with and for Licensee use of the Beat pursuant and subject to all terms and conditions set forth herein.%9$s

  • mp3-music-player-by-sonaar/trunk/includes/class-sonaar-music-widget.php

    r3404288 r3453076  
    785785        $currentTrackId = ''; //Used to set the $trackIndexRelatedToItsPost
    786786        $trackNumber = 0; // Dont Count Relataded track
    787         $trackCountFromPlaylist = 0; //Count tracks from same playlist
    788787        $playlistID = '';
    789788        $excerptTrimmed = '[...]';
     
    805804            if(! isset( $track['poster'] ) || $track['poster'] === null){
    806805                $track['poster'] = '';
    807             }
    808             if( $playlistID == $track['sourcePostID'] ){
    809                 $trackCountFromPlaylist++;
    810             }else{
    811                 $playlistID = $track['sourcePostID'];
    812                 $trackCountFromPlaylist = 0;
    813                 if( $this->getOptionValue('reverse_tracklist') ){ //If reverse track list order is enable, start to count (the incrementation) from the number of track the playlist post has (in negative) rather than 0
    814                     $i = $key1 + 1;
    815                     while (  $i < (count( $playlist['tracks'] )) && $playlist['tracks'][$i]['sourcePostID'] == $playlistID ) {
    816                     $i++;
    817                     $trackCountFromPlaylist--;
    818                     }
    819                 }
    820806            }
    821807
     
    894880            $trackTitle = esc_html($track['track_title']);
    895881            $trackTitle .= ( Sonaar_Music::get_option('show_artist_name', 'srmp3_settings_general') )?  '<span class="srp_trackartist">' . esc_html($artistSeparator_string) . esc_html($track['track_artist']) .'</span>': '';
    896             $noteButton =  $this->addNoteButton($track['sourcePostID'], abs($trackCountFromPlaylist), $trackTitle, $trackdescEscapedValue, $excerptTrimmed, $track_desc_postcontent ); // We are using abs() here, because when the "reverse order" option is enable, the "$trackCountFromPlaylist" variable has a negative value
     882            $noteButton =  $this->addNoteButton($track['sourcePostID'], $track['track_pos'], $trackTitle, $trackdescEscapedValue, $excerptTrimmed, $track_desc_postcontent );
     883           
    897884            $playlistItemClass = (isset($trackdescEscapedValue) || $noteButton != null ) ? 'sr-playlist-item' : 'sr-playlist-item sr-playlist-item-flex';
    898885            if( isset($track['user_has_purchased']) ){
     
    11511138
    11521139                if(function_exists('acf')){
    1153                     if(is_array(get_fields($postid, true))){
     1140                    if( !empty($postid) && is_numeric($postid) && is_array(get_fields($postid, true))){
    11541141                        foreach (get_fields($postid, true) as $key => $value) {
    11551142                            if(is_array($value) && (isset($value[0]) && is_string($value[0]))){ // Prevent array values

  • mp3-music-player-by-sonaar/trunk/public/css/_iron-audioplayer.scss

    r3188034 r3453076  
    969969}
    970970
    971 .iron-audioplayer .player canvas,
     971.iron-audioplayer canvas,
    972972#sonaar-player .player canvas {
    973973  max-width: initial !important;

  • mp3-music-player-by-sonaar/trunk/public/css/sonaar-music-public.css

    r3188034 r3453076  
    52585258      image-rendering: crisp-edges;*/ }
    52595259
    5260 .iron-audioplayer .player canvas,
     5260.iron-audioplayer canvas,
    52615261#sonaar-player .player canvas {
    52625262  max-width: initial !important; }

  • mp3-music-player-by-sonaar/trunk/sonaar-music.php

    r3404288 r3453076  
    1717 * Plugin URI:        https://sonaar.io/mp3-audio-player-pro/?utm_source=Sonaar+Music+Free+Plugin&utm_medium=plugin
    1818 * Description:       The most popular and complete Music & Podcast Player for WordPress.
    19  * Version:           5.10
     19 * Version:           5.11
    2020 * Author:            Sonaar Music
    2121 * Author URI:        https://sonaar.io/?utm_source=Sonaar%20Music%20Free%20Plugin&utm_medium=plugin
     
    3131}
    3232
    33 define('SRMP3_VERSION', '5.10'); // important to avoid cache issues on update
    34 define('SRMP3_PRO_MIN_VERSION', '5.10'); // Minimum pro version required
     33define('SRMP3_VERSION', '5.11'); // important to avoid cache issues on update
     34define('SRMP3_PRO_MIN_VERSION', '5.11'); // Minimum pro version required
    3535if ( !defined( 'SRMP3_DIR_PATH' ) ) {
    3636    define( 'SRMP3_DIR_PATH', plugin_dir_path( __FILE__ ) );
     
    176176add_action('wp_ajax_load_track_note_ajax', 'load_track_note_ajax_callback');
    177177add_action('wp_ajax_nopriv_load_track_note_ajax', 'load_track_note_ajax_callback');
    178  
     178
    179179function load_track_note_ajax_callback() {
    180180    check_ajax_referer('sonaar_music_ajax_nonce', 'nonce');
    181    
    182     if($_POST['track-desc-postcontent'] == '1'){
    183         $postobj = get_post(sanitize_text_field($_POST['post-id']));
    184         $description = sanitize_text_field($postobj->post_content);
    185     }else{
    186         $postobj = get_post_meta(sanitize_text_field($_POST['post-id']), 'alb_tracklist', true );
    187         $description = $postobj[sanitize_text_field($_POST['track-position'])]['track_description'];
    188     }
    189     echo wp_json_encode( '<div class="srp_note_title">' . sanitize_text_field(stripslashes($_POST['track-title'])) . '</div>'. $description );
    190    
     181
     182    $post_id = absint($_POST['post-id']);
     183    if (!$post_id) {
     184        wp_send_json_error('Invalid post ID');
     185    }
     186
     187    if (!empty($_POST['track-desc-postcontent']) && $_POST['track-desc-postcontent'] == '1') {
     188
     189        $postobj = get_post($post_id);
     190        if (!$postobj) {
     191            wp_send_json_error('Post not found');
     192        }
     193
     194        if ($postobj->post_status !== 'publish') {
     195            if (!is_user_logged_in() || !current_user_can('read_post', $post_id)) {
     196                wp_send_json_error('Permission denied');
     197            }
     198        }
     199
     200        $description = wp_kses_post($postobj->post_content);
     201
     202    } else {
     203
     204        $tracks = get_post_meta($post_id, 'alb_tracklist', true);
     205        $track_position = absint($_POST['track-position']);
     206
     207        if (!isset($tracks[$track_position]['track_description'])) {
     208            wp_send_json_error('Track not found');
     209        }
     210
     211        $description = wp_kses_post($tracks[$track_position]['track_description']);
     212    }
     213
     214    echo wp_json_encode(
     215        '<div class="srp_note_title">' .
     216        sanitize_text_field(stripslashes($_POST['track-title'])) .
     217        '</div>' .
     218        $description
     219    );
     220
    191221    wp_die();
    192222}
    193223
    194224add_action('wp_ajax_load_lyrics_ajax', 'load_lyrics_ajax_callback');
    195 add_action('wp_ajax_nopriv_load_lyrics_ajax', 'load_lyrics_ajax_callback');
     225
    196226function load_lyrics_ajax_callback() {
    197227    check_ajax_referer('sonaar_music_ajax_nonce', 'nonce');
    198     $ttml_content = get_post_meta(sanitize_text_field($_POST['post-id']), 'sr_sonaar_tts_post_ttml', true); // coming from TTS Plugin
    199     $postmeta = get_post_meta(sanitize_text_field($_POST['post-id']), 'alb_tracklist', true);
    200 
    201     if (isset($postmeta[sanitize_text_field($_POST['track-position'])]['track_lyrics']) || $ttml_content) {
    202         $ttml_content = ($ttml_content) ? $ttml_content : $postmeta[sanitize_text_field($_POST['track-position'])]['track_lyrics'];
    203         $response = wp_remote_get($ttml_content, array('sslverify' => false));
     228
     229    if (!current_user_can('manage_options')) {
     230        wp_send_json_error('Permission denied');
     231    }
     232
     233    $post_id = absint($_POST['post-id']);
     234    if (!$post_id) {
     235        wp_send_json_error('Invalid post ID');
     236    }
     237
     238    $track_position = isset($_POST['track-position']) ? absint($_POST['track-position']) : null;
     239
     240    $ttml_content = get_post_meta($post_id, 'sr_sonaar_tts_post_ttml', true);
     241    $postmeta = get_post_meta($post_id, 'alb_tracklist', true);
     242
     243    if (
     244        $ttml_content ||
     245        ($track_position !== null && isset($postmeta[$track_position]['track_lyrics']))
     246    ) {
     247        $ttml_content = $ttml_content ?: $postmeta[$track_position]['track_lyrics'];
     248
     249        if (!filter_var($ttml_content, FILTER_VALIDATE_URL)) {
     250            wp_send_json_error('Invalid URL');
     251        }
     252
     253        $response = wp_safe_remote_get($ttml_content, array(
     254            'timeout' => 5,
     255        ));
    204256
    205257        if (is_wp_error($response)) {
    206             $error_response = array(
    207                 'error' => 'Failed to retrieve lyrics. Error: ' . $response->get_error_message()
    208             );
    209             echo wp_json_encode($error_response);
    210         } else {
    211             $body = wp_remote_retrieve_body($response);
    212             //$response_code = wp_remote_retrieve_response_code($response);
    213             //error_log('Lyrics Response Code: ' . $response_code);
    214             echo wp_json_encode($body);
     258            wp_send_json_error($response->get_error_message());
    215259        }
     260
     261        echo wp_json_encode(wp_remote_retrieve_body($response));
    216262    } else {
    217         // Return a JSON response indicating that the key is not set
    218         $error_response = array(
    219             'error' => 'The key "track_lyrics" is not set or is undefined.'
    220         );
    221         echo wp_json_encode($error_response);
     263        wp_send_json_error('Lyrics not found');
    222264    }
    223265
     
    225267}
    226268
     269
Note: See TracChangeset for help on using the changeset viewer.