WordPress.org
Get WordPress

Plugin Directory

Changeset 1451430


Ignore:
Timestamp:
07/08/2016 03:15:17 PM (10 years ago)
Author:
Rincewind
Message:
  • Escaped some strings to address security issues.
  • Added "suppress_filters => false" to make the plugin WPML compatible.
  • Fixed uninstall hook as was incorrectly used.
Location:
wp-realtime-sitemap/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • wp-realtime-sitemap/trunk/readme.txt

    r1451359 r1451430  
    22Contributors: Rincewind
    33Donate link: http://goo.gl/mmUuGj
    4 Tags: seo, navigation, site, map, sitemap, sitemaps, posts, pages, custom, post, types, wpmu, wordpress, multisite, multiuser, bilingual, i18n, l10n, language, multilanguage, multilingual, translation, qtranslate
     4Tags: seo, navigation, site, map, sitemap, sitemaps, posts, pages, custom, post, types, wpmu, wpml, wordpress, multisite, multiuser, bilingual, i18n, l10n, language, multilanguage, multilingual, translation, qtranslate
    55Requires at least: 3.0
    66Tested up to: 4.5.3
    7 Stable tag: 1.5.5
     7Stable tag: 1.5.6
    88
    99A sitemap plugin to make it easier for your site to show all your pages, posts, archives, categories and tags in an easy to read format.
     
    27271. Supports use of the wordpress shortcode for including the sitemap in pages and posts.
    28281. Supports menus created with the inbuilt WordPress Menu Editor.
    29 1. Works on WordPress Multisite (WPMU) blogs.
     291. Works on WordPress Multisite (WPMU, WMPML) blogs.
    30301. Comes with an uninstaller, if you dont want it anymore just deactivate the plugin and delete it from within wordpress and it will delete all of its settings itself.
    3131
     
    151151
    152152== Changelog ==
     153
     154= 1.5.6 =
     155* Escaped some strings to address security issues.
     156* Added "suppress_filters => false" to make the plugin WPML compatible.
     157* Fixed uninstall hook as was incorrectly used.
    153158
    154159= 1.5.5 =

  • wp-realtime-sitemap/trunk/wp-realtime-sitemap.php

    r1451366 r1451430  
    55Plugin URI: http://goo.gl/ri9xU
    66Description: Adds a sitemap to your Wordpress blog that is always up-to-date. Add `[wp-realtime-sitemap]` to any page or post and the site map will be added there. Use Settings->WP Realtime Sitemap to set options.
    7 Version: 1.5.5
     7Version: 1.5.6
    88Author: Daniel Tweedy
    99Author URI: http://goo.gl/jdOfL
     
    2727*/
    2828
    29 define('WPRealtimeSitemap_Version', '1.5.5');
     29define('WPRealtimeSitemap_Version', '1.5.6');
    3030
    3131if (!class_exists('WPRealtimeSitemap')) {
     
    6969            register_activation_hook(__FILE__, array(&$this, 'installSettings'));
    7070
    71             // Uninstall Settings
    72             register_uninstall_hook(__FILE__, array(&$this, 'uninstallSettings'));
     71            // Uninstall Settings - Doesn't fire on Uninstall!!
     72            //register_deactivation_hook(__FILE__, array(&$this, 'UninstallSettings'));
     73
     74            // Uninstall Settings - Doesn't fire on Deactivations!!
     75            register_uninstall_hook(__FILE__, 'WPRealtimeSitemapUninstallSettings');
    7376        }
    7477
     
    857860                $optionFormat = '<option value="%s"%s>%s</option>';
    858861
    859                 $output = '<select name="plugin_wp_realtime_sitemap_settings[' . $args['dbfield'] . ']">';
     862                $output = '<select name="plugin_wp_realtime_sitemap_settings[' . esc_attr( $args['dbfield'] ) . ']">';
    860863
    861864                foreach ($values as $key => $label) {
     
    876879
    877880            if (array_key_exists('dbfield', $args) && isset($infotext)) {
    878                 echo '<input name="plugin_wp_realtime_sitemap_settings[' . $args['dbfield'] . ']" size="30" type="text" value="' . $$args['dbfield'] . '" /><br />' . $infotext;
     881                echo '<input name="plugin_wp_realtime_sitemap_settings[' . esc_attr( $args['dbfield'] ) . ']" size="30" type="text" value="' . esc_attr( $$args['dbfield'] ) . '" /><br />' . $infotext;
    879882            }
    880883        }
     
    15651568                    $menu_header = (empty($menu_header)) ? __('Menu', 'wp-realtime-sitemap') : $menu_header;
    15661569
    1567                     $menu = '<div id="wp-realtime-sitemap-menu"><h3>' . $menu_header . '</h3>';
     1570                    $menu = '<div id="wp-realtime-sitemap-menu"><h3>' . esc_html( $menu_header ) . '</h3>';
    15681571                    $menu .= '<ul>' . wp_nav_menu(array('menu' => $menu_id, 'container' => false, 'items_wrap' => '%3$s', 'echo' => '0')) . '</ul>';
    15691572                    $menu .= '</div>';
     
    15741577                    $pages_header = (empty($pages_header)) ? __('Pages', 'wp-realtime-sitemap') : $pages_header;
    15751578
    1576                     $pages = '<div id="wp-realtime-sitemap-pages"><h3>' . $pages_header . '</h3>';
     1579                    $pages = '<div id="wp-realtime-sitemap-pages"><h3>' . esc_html( $pages_header ) . '</h3>';
    15771580                    $pages .= '<ul>' . wp_list_pages(array('sort_column' => $page_sort_column, 'sort_order' => $page_sort_order, 'exclude' => $page_exclude, 'depth' => $page_depth, 'show_date' => $page_show_date, 'title_li' => '', 'echo' => '0')) . '</ul></div>';
    15781581                }
     
    15891592                            foreach($thecategories as $category) {
    15901593
    1591                                 $posts .= '<li><a href="' . get_category_link($category->term_id) . '" title="' . $category->category_description . '">' . $category->name . '</a><ul>';
     1594                                $posts .= '<li><a href="' . get_category_link($category->term_id) . '" title="' . esc_attr( $category->category_description ) . '">' . esc_html( $category->name ) . '</a><ul>';
    15921595
    15931596                                // Set options for post query
    15941597                                $theposts = get_posts(array(
    1595                                     'numberposts'   => $post_numberposts,
    1596                                     'category'  => $category->cat_ID,
    1597                                     'orderby'   => $post_orderby,
    1598                                     'order'     => $post_order,
    1599                                     'exclude'   => $post_exclude,
    1600                                     'post_type' => 'post',
     1598                                    'numberposts'       => $post_numberposts,
     1599                                    'category'      => $category->cat_ID,
     1600                                    'orderby'       => $post_orderby,
     1601                                    'order'         => $post_order,
     1602                                    'exclude'       => $post_exclude,
     1603                                    'post_type'     => 'post',
     1604                                    'suppress_filters'  => false
    16011605                                ));
    16021606
     
    16211625                            $posts_header = (empty($posts_header)) ? __('Posts', 'wp-realtime-sitemap') : $posts_header;
    16221626
    1623                             $posts = '<div id="wp-realtime-sitemap-posts"><h3>' . $posts_header . '</h3><ul>' . $posts . '</ul></div>';
     1627                            $posts = '<div id="wp-realtime-sitemap-posts"><h3>' . esc_html( $posts_header ) . '</h3><ul>' . $posts . '</ul></div>';
    16241628                        }
    16251629
     
    16271631                        // Set options for post query
    16281632                        $theposts = get_posts(array(
    1629                             'numberposts'   => $post_numberposts,
    1630                             'orderby'   => $post_orderby,
    1631                             'order'     => $post_order,
    1632                             'exclude'   => $post_exclude,
    1633                             'post_type' => 'post',
     1633                            'numberposts'       => $post_numberposts,
     1634                            'orderby'       => $post_orderby,
     1635                            'order'         => $post_order,
     1636                            'exclude'       => $post_exclude,
     1637                            'post_type'     => 'post',
     1638                            'suppress_filters'  => false
    16341639                        ));
    16351640
     
    16501655                            $posts_header = (empty($posts_header)) ? __('Posts', 'wp-realtime-sitemap') : $posts_header;
    16511656
    1652                             $posts = '<div id="wp-realtime-sitemap-posts"><h3>' . $posts_header . '</h3><ul>' . $posts . '</ul></div>';
     1657                            $posts = '<div id="wp-realtime-sitemap-posts"><h3>' . esc_html( $posts_header ) . '</h3><ul>' . $posts . '</ul></div>';
    16531658                        }
    16541659                    }
     
    16641669                        // Set options for post query
    16651670                        $theposts = get_posts(array(
    1666                             'numberposts'   => $post_numberposts,
    1667                             'orderby'   => $post_orderby,
    1668                             'order'     => $post_order,
    1669                             'exclude'   => $post_exclude,
    1670                             'post_type' => $post_type->name,
     1671                            'numberposts'       => $post_numberposts,
     1672                            'orderby'       => $post_orderby,
     1673                            'order'         => $post_order,
     1674                            'exclude'       => $post_exclude,
     1675                            'post_type'     => $post_type->name,
     1676                            'suppress_filters'  => false
    16711677                        ));
    16721678
     
    16951701                    $archives_header = (empty($archives_header)) ? __('Archives', 'wp-realtime-sitemap') : $archives_header;
    16961702
    1697                     $archives = '<div id="wp-realtime-sitemap-archives"><h3>' . $archives_header . '</h3>';
     1703                    $archives = '<div id="wp-realtime-sitemap-archives"><h3>' . esc_html( $archives_header ) . '</h3>';
    16981704                    $archives .= '<ul>' . wp_get_archives(array('type' => $archive_type, 'limit' => $archive_limit, 'show_post_count' => $archive_show_post_count, 'echo' => 0)) . '</ul></div>';
    16991705                }
     
    17031709                    $categories_header = (empty($categories_header)) ? __('Categories', 'wp-realtime-sitemap') : $categories_header;
    17041710
    1705                     $categories = '<div id="wp-realtime-sitemap-categories"><h3>' . $categories_header . '</h3>';
     1711                    $categories = '<div id="wp-realtime-sitemap-categories"><h3>' . esc_html( $categories_header ) . '</h3>';
    17061712
    17071713                    // Tag Cloud: Yes/No?
     
    17191725                    $tags_header = (empty($tags_header)) ? __('Tags', 'wp-realtime-sitemap') : $tags_header;
    17201726
    1721                     $tags = '<div id="wp-realtime-sitemap-tags"><h3>' . $tags_header . '</h3>';
     1727                    $tags = '<div id="wp-realtime-sitemap-tags"><h3>' . esc_html( $tags_header ) . '</h3>';
    17221728
    17231729                    // Tag Cloud: Yes/No?
     
    18641870        }
    18651871
    1866         function uninstallSettings() {
     1872        function WPRealtimeSitemapUninstallSettings() {
    18671873            global $wpdb, $wp_roles, $wp_version;
    18681874
     
    18991905if( class_exists('WPRealtimeSitemap') )
    19001906    $wpRealtimeSitemap = new WPRealtimeSitemap();
    1901 
    1902 ?>
Note: See TracChangeset for help on using the changeset viewer.