Changeset 1380034

Timestamp:

03/28/2016 02:21:32 AM (10 years ago)

Author:

chartbeat

Message:

Encoding updates, widget fixes

File:

• chartbeat/trunk/chartbeat.php (modified) (6 diffs)

chartbeat/trunk/chartbeat.php

@@ -38 +38 @@
 function display_chartbeat_accountid_error() {
         $class = 'notice notice-error';
-        $message = 'You need to set your Chartbeat <a href="'.admin_url( esc_url('options-general.php?page=chartbeat-options' )).'">Account ID</a> in the Chartbeat options page';
+        $message = 'You need to set your Chartbeat <a href="'.esc_url(admin_url('options-general.php?page=chartbeat-options')).'">Account ID</a> in the Chartbeat options page';
 
         printf( '<div class="%1$s"><p>%2$s</p></div>', $class, $message );
@@ -432 +432 @@
         <script type="text/javascript">
         var options = { };
-        new CBTopPagesWidget( <?php echo json_encode( json_decode( get_option('chartbeat_widgetconfig') ) ); ?> );
+        new CBTopPagesWidget( <?php echo json_encode(get_option('chartbeat_widgetconfig')); ?> );
         </script>
         <?php
@@ -451 +451 @@
     $url = 'https://api.chartbeat.com';
     $url .= $_GET['url'];
-    $url .= '&host=' . chartbeat_get_display_url(esc_js($domain)) .'&apikey=' . get_option('chartbeat_apikey');
+    $url .= '&host=' . chartbeat_get_display_url(esc_js($domain)) .'&apikey=' . urlencode(get_option('chartbeat_apikey'));
     $transient = 'cbproxy_' . md5($url);
-    header( 'Content-Type: application/json' );
+    header( 'Content-Type: application/jsonp' );
     $response = get_transient( $transient );
     if ( !$response ) {
@@ -465 +465 @@
     }
     
-    echo json_encode( json_decode( $response ) );
+    echo htmlspecialchars_decode( esc_js($response) );
     exit;
 }
@@ -582 +582 @@
 
     wp_enqueue_style( 'cbplugin_css' );
-    // wp_enqueue_script( 'closure' );
-    // wp_enqueue_script( 'deps' );
     wp_enqueue_script( 'cbdashboard' );
     wp_add_dashboard_widget('chartbeat_dashboard_widget', 'Chartbeat', 'chartbeat_dashboard_widget_function');
@@ -590 +588 @@
 function chartbeat_plugin_admin_init() {
     wp_register_style('cbplugin_css',plugins_url('media/cb_plugin.css', __FILE__));
-    // wp_register_script( 'closure','http://local.chartbeat.com/chartbeat/frontend/js/closure-library-read-only/closure/goog/base.js');
-    // wp_register_script( 'deps','http://local.chartbeat.com/chartbeat/frontend/js/deps.js');
-    // wp_register_script( 'cbdashboard','http://local.chartbeat.com/chartbeat/frontend/js/cmswidgets/cbdashboard.js');
 
     wp_register_script( 'cbdashboard',plugins_url('media/cbdashboard.compiled.js', __FILE__));