WordPress.org
Get WordPress

Plugin Directory

Changeset 583764


Ignore:
Timestamp:
08/10/2012 03:26:11 AM (14 years ago)
Author:
blazingtorch
Message:
 
Location:
praybox
Files:
24 added
4 edited

Legend:

Unmodified
Added
Removed

  • praybox/trunk/inc/functions.php

    r409757 r583764  
    11<?php
    22/* PLUGIN FUNCTIONS */
     3function clean($string){
     4    return strip_tags(nl2br($string),"<br>");
     5}
     6
    37function howManyFlags($req_id){
    48    global $wpdb;
     
    170174    return $req_list_output;
    171175}
     176
     177function getManagementUrl($authcode){
     178    $management_permalink=get_permalink(get_option('pb_management_page'));
     179   
     180    $pos=strpos($management_permalink,"?");
     181   
     182    if($pos===FALSE){
     183        $url_char="?";
     184    }else{ 
     185        $url_char="&";
     186    }
     187   
     188    $management_url=$management_permalink.$url_char."pbid=".$authcode;
     189   
     190    return $management_url;
     191
     192}

  • praybox/trunk/inc/inc_display_pb_forms.php

    r508379 r583764  
    3535}elseif($_POST['action']=="submit_request"){
    3636//Submit Request to DB, Email Mgmt Link, and Display a Message
    37     if($_POST['first_name']!=""){$first_name=mysql_real_escape_string(stripslashes($_POST['first_name']));}else{$first_name="anon";}
    38     if($_POST['last_name']!=""){$last_name=mysql_real_escape_string(stripslashes($_POST['last_name']));}else{$last_name="anon";}
     37    if($_POST['first_name']!=""){$first_name=clean($_POST['first_name']);}else{$first_name="anon";}
     38    if($_POST['last_name']!=""){$last_name=clean($_POST['last_name']);}else{$last_name="anon";}
    3939    if($_POST['anon']=='on'){$anon=1;}else{$anon=0;}   
    40     $email=mysql_real_escape_string(stripslashes($_POST['email']));
     40    $email=$_POST['email'];
    4141    $authcode=rand_chars();
    42     $title=mysql_real_escape_string(stripslashes($_POST['title']));
    43     $body=mysql_real_escape_string(stripslashes($_POST['body']));   
     42    $title=clean($_POST['title']); 
     43    $body=clean($_POST['body']);   
    4444    if($_POST['notify']=='on'){$notify=1;}else{$notify=0;}
    4545    $ip_address=$_SERVER['REMOTE_ADDR'];

  • praybox/trunk/praybox.php

    r508378 r583764  
    44Plugin URI: http://www.praybox.com/
    55Description: This is a plugin that facilitates intercessory prayer by allowing visitors to post prayer requests and/or respond to prayer requests that have been posted by clicking on a button indicating that the prayer request has been prayed for. At the end of each day, visitors who have submitted prayer requests receive an email that tells them how many times they have been prayed for that day.
    6 Version: 1.0.5
     6Version: 1.0.6
    77Author: Blazing Torch, Inc.
    88Author URI: http://www.blazingtorch.com

  • praybox/trunk/readme.txt

    r508394 r583764  
    44Tags: church, pray, prayer, religion, ministry, prayer request, ministry tools
    55Requires at least: 3.0
    6 Tested up to: 3.2
    7 Stable tag: 1.0.5
     6Tested up to: 3.4.1
     7Stable tag: 1.0.6
    88
    99PrayBox is a prayer request application that allows users to submit requests, or pray for existing requests, as well as allowing site administrators to manage prayer requests.
     
    8585* Fixed problems regarding url structure for sites not using 'pretty' permalinks.
    8686* Fixed escaping quotation marks for data input on General Settings page.
     87
     88= August 9, 2012 - 1.0.6 =
     89* Updated escaping to protect against MySQL injection attacks.
Note: See TracChangeset for help on using the changeset viewer.