diff --git a/README.md b/README.md index f561048..276bd8a 100644 --- a/README.md +++ b/README.md @@ -3,8 +3,8 @@ **Donate link:** https://www.paypal.me/BrainstormForce **Tags:** schema markup, structured data, rich snippets, schema.org, Microdata, schema **Requires at least:** 3.7 -**Tested up to:** 5.5 -**Stable tag:** 1.6.3 +**Tested up to:** 5.5.1 +**Stable tag:** 1.6.4 **License:** GPLv2 or later **License URI:** http://www.gnu.org/licenses/gpl-2.0.html Boost CTR. Improve SEO & Rankings. Supports most of the content type. Works perfectly with Google, Bing, Yahoo & Facebook. @@ -80,6 +80,11 @@ Review, Event, People, Product, Recipe, Software Application, Video, Articles et ## Changelog ## +### 1.6.4 ### +- Improvement - Hardened the security of the plugin. +- Fixed - Reset functionality was not working in the backend settings. +- Fixed - Console warning jquery-fn-load-is-deprecated. + ### 1.6.3 ### - Improvement - Compatibility with WordPress 5.5. - Improvement - Updated the Hashchange jquery. diff --git a/admin/index.php b/admin/index.php index cb4a168..56cd9b8 100644 --- a/admin/index.php +++ b/admin/index.php @@ -936,7 +936,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'review_title', 'item_reviewer', 'review_date', 'item_name', 'item_rating' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_review', $args ); @@ -951,7 +951,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'event_title', 'event_location', 'event_performer', 'start_time', 'end_time', 'event_desc', 'events_price' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_event', $args ); @@ -966,7 +966,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'person_name', 'person_nickname', 'person_job_title', 'person_website', 'person_company', 'person_address' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_person', $args ); @@ -981,7 +981,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'product_rating', 'product_brand', 'product_name', 'product_agr', 'product_price', 'product_avail' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_product', $args ); @@ -996,7 +996,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'recipe_name', 'author_name', 'recipe_pub', 'recipe_prep', 'recipe_cook', 'recipe_time', 'recipe_desc', 'recipe_rating' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_recipe', $args ); @@ -1011,7 +1011,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'software_rating', 'software_agr', 'software_price', 'software_name', 'software_os', 'software_website' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_software', $args ); @@ -1026,7 +1026,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'video_title', 'video_desc', 'video_time', 'video_date' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_video', $args ); @@ -1041,7 +1041,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'article_name', 'article_author', 'article_desc', 'article_image', 'article_publisher', 'article_publisher_logo' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_article', $args ); @@ -1056,7 +1056,7 @@ function rich_snippet_dashboard() { } else { foreach ( array( 'snippet_title', 'service_type', 'service_area', 'service_desc', 'service_provider_name', 'provider_location', 'service_rating', 'service_channel', 'service_url_link' ) as $option ) { if ( isset( $_POST[ $option ] ) ) { - $args[ $option ] = esc_attr( $_POST[ $option ] ); + $args[ $option ] = sanitize_text_field( $_POST[ $option ] ); } } $status = update_option( 'bsf_service', $args ); @@ -1121,7 +1121,7 @@ function display_status( $status ) { * @param string $option_to_reset . */ function bsf_reset_options( $option_to_reset ) { - require_once dirname( esc_html__FILEesc_html__ ) . '/../settings.php'; + require_once AIOSRS_PRO_DIR . '/settings.php'; if ( 'review' == $option_to_reset ) { add_review_option(); } diff --git a/index.php b/index.php index e3b5ccf..b4a79b0 100644 --- a/index.php +++ b/index.php @@ -5,7 +5,7 @@ * Author: Brainstorm Force * Author URI: https://www.brainstormforce.com * Description: Welcome to the Schema - All In One Schema Rich Snippets! You can now easily add schema markup on various * pages and posts of your website. Implement schema types such as Review, Events, Recipes, Article, Products, Services * *etc. - * Version: 1.6.3 + * Version: 1.6.4 * Text Domain: rich-snippets * License: GPL2 * @@ -38,6 +38,7 @@ public function __construct() { register_activation_hook( __FILE__, array( $this, 'register_bsf_settings' ) ); add_action( 'admin_init', array( $this, 'aiosrs_admin_redirect' ) ); add_action( 'admin_head', array( $this, 'star_icons' ) ); + $this->define_constants(); // Add Admin Menu. add_action( 'admin_menu', array( $this, 'register_custom_menu_page' ) ); add_action( 'admin_init', array( $this, 'set_styles' ) ); @@ -56,6 +57,17 @@ public function __construct() { add_action( 'admin_bar_menu', array( $this, 'aiosrs_admin_bar' ), 100 ); } + /** + * Defines all constants + */ + public function define_constants() { + define( 'AIOSRS_PRO_FILE', __FILE__ ); + define( 'AIOSRS_PRO_BASE', plugin_basename( AIOSRS_PRO_FILE ) ); + define( 'AIOSRS_PRO_DIR', plugin_dir_path( AIOSRS_PRO_FILE ) ); + define( 'AIOSRS_PRO_URI', plugins_url( '/', AIOSRS_PRO_FILE ) ); + define( 'AIOSRS_PRO_VER', '1.6.4' ); + } + /** * Admin bar menu. */ @@ -316,11 +328,11 @@ public function submit_color() { print esc_attr( 'Sorry, your nonce did not verify.' ); exit; } else { - $snippet_box_bg = esc_attr( $_POST['snippet_box_bg'] ); - $snippet_title_bg = esc_attr( $_POST['snippet_title_bg'] ); - $border_color = esc_attr( $_POST['snippet_border'] ); - $title_color = esc_attr( $_POST['snippet_title_color'] ); - $box_color = esc_attr( $_POST['snippet_box_color'] ); + $snippet_box_bg = sanitize_text_field( $_POST['snippet_box_bg'] ); + $snippet_title_bg = sanitize_text_field( $_POST['snippet_title_bg'] ); + $border_color = sanitize_text_field( $_POST['snippet_border'] ); + $title_color = sanitize_text_field( $_POST['snippet_title_color'] ); + $box_color = sanitize_text_field( $_POST['snippet_box_color'] ); $color_opt = array( 'snippet_box_bg' => $snippet_box_bg, 'snippet_title_bg' => $snippet_title_bg, @@ -375,9 +387,9 @@ public function bsf_color_scripts() { require_once plugin_dir_path( __FILE__ ) . '/lib/notices/class-astra-notices.php'; } // BSF Analytics library. - if ( ! class_exists( 'BSF_Analytics_Loader' ) ) { - require_once plugin_dir_path( __FILE__ ) . 'admin/bsf-analytics/class-bsf-analytics-loader.php'; - } +if ( ! class_exists( 'BSF_Analytics_Loader' ) ) { + require_once plugin_dir_path( __FILE__ ) . 'admin/bsf-analytics/class-bsf-analytics-loader.php'; +} $bsf_analytics = BSF_Analytics_Loader::get_instance(); @@ -391,9 +403,9 @@ public function bsf_color_scripts() { ), ) ); - add_filter( 'bsf_meta_boxes', 'bsf_metaboxes' ); -// Instantiating the Class. -if ( class_exists( 'RichSnippets' ) ) { - $richsnippets = new RichSnippets(); -} -?> + add_filter( 'bsf_meta_boxes', 'bsf_metaboxes' ); + // Instantiating the Class. + if ( class_exists( 'RichSnippets' ) ) { + $richsnippets = new RichSnippets(); + } + ?> diff --git a/init.php b/init.php index d6ac28b..119be75 100644 --- a/init.php +++ b/init.php @@ -506,7 +506,7 @@ public function save( $post_id ) { $name = esc_attr( $field['id'] ) . '_id'; $old = get_post_meta( $post_id, $name, ! $field['multiple'] /* If multicheck this can be multiple values */ ); if ( isset( $field['save_id'] ) && $field['save_id'] ) { - $new = isset( $_POST[ $name ] ) ? esc_attr( $_POST[ $name ] ) : null; + $new = isset( $_POST[ $name ] ) ? sanitize_text_field( $_POST[ $name ] ) : null; } else { $new = ''; } diff --git a/js/toggle.js b/js/toggle.js index bee9fae..1f4a7d3 100644 --- a/js/toggle.js +++ b/js/toggle.js @@ -5,7 +5,7 @@ jQuery(document).ready(function() { hidden(); else expand_default(selected); - jQuery( window ).load(function() { + jQuery(window).on('load',function () { if(item_type == "none") item_hidden(); else if(selected != "1" && item_type != "none") diff --git a/languages/all-in-one-schemaorg-rich-snippets.pot b/languages/all-in-one-schemaorg-rich-snippets.pot index 01d6e12..b8b4650 100644 --- a/languages/all-in-one-schemaorg-rich-snippets.pot +++ b/languages/all-in-one-schemaorg-rich-snippets.pot @@ -2,10 +2,10 @@ # This file is distributed under the GPL2. msgid "" msgstr "" -"Project-Id-Version: Schema - All In One Schema Rich Snippets 1.6.3\n" +"Project-Id-Version: Schema - All In One Schema Rich Snippets 1.6.4\n" "Report-Msgid-Bugs-To: " "https://wordpress.org/support/plugin/all-in-one-schemaorg-rich-snippets\n" -"POT-Creation-Date: 2020-08-18 11:37:36+00:00\n" +"POT-Creation-Date: 2020-10-14 07:30:50+00:00\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -632,19 +632,19 @@ msgstr "" msgid "Ratings updated successfully !" msgstr "" -#: index.php:302 +#: index.php:314 msgid "Thank you!" msgstr "" -#: index.php:302 +#: index.php:314 msgid "Something went wrong!" msgstr "" -#: index.php:331 +#: index.php:343 msgid "Settings saved !" msgstr "" -#: index.php:331 +#: index.php:343 msgid "Error occured. Settings were not saved !" msgstr "" diff --git a/package-lock.json b/package-lock.json index 53d7e44..96e9ee0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "all-in-one-schemaorg-rich-snippets", - "version": "1.5.2", + "version": "1.6.4", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 67f0856..8194595 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "all-in-one-schemaorg-rich-snippets", - "version": "1.5.2", + "version": "1.6.4", "main": "Gruntfile.js", "author": "Brainstorm Force", "devDependencies": { diff --git a/readme.txt b/readme.txt index 66492bc..f66f3ba 100644 --- a/readme.txt +++ b/readme.txt @@ -3,8 +3,8 @@ Contributors: brainstormforce Donate link: https://www.paypal.me/BrainstormForce Tags: schema markup, structured data, rich snippets, schema.org, Microdata, schema Requires at least: 3.7 -Tested up to: 5.5 -Stable tag: 1.6.3 +Tested up to: 5.5.1 +Stable tag: 1.6.4 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Boost CTR. Improve SEO & Rankings. Supports most of the content type. Works perfectly with Google, Bing, Yahoo & Facebook. @@ -80,6 +80,11 @@ Review, Event, People, Product, Recipe, Software Application, Video, Articles et == Changelog == += 1.6.4 = +- Improvement - Hardened the security of the plugin. +- Fixed - Reset functionality was not working in the backend settings. +- Fixed - Console warning jquery-fn-load-is-deprecated. + = 1.6.3 = - Improvement - Compatibility with WordPress 5.5. - Improvement - Updated the Hashchange jquery.