Changeset 2757212

Timestamp:

07/16/2022 01:23:13 AM (4 years ago)

Author:

NextScripts

Message:

Version 4.3.27

Location:

social-networks-auto-poster-facebook-twitter-g/trunk

Files:

• NextScripts_SNAP.php (modified) (2 diffs)
• inc-cl/apis/liOAuth.php (deleted)
• inc-cl/apis/plurkOAuth.php (modified) (3 diffs)
• inc-cl/apis/scOAuth.php (modified) (5 diffs)
• inc-cl/apis/tmhOAuth.php (deleted)
• inc-cl/apis/tmhUtilities.php (deleted)
• inc-cl/apis/trOAuth.php (modified) (1 diff)
• inc-cl/apis/xmlrpc-client.php (modified) (4 diffs)
• inc-cl/bg.php (modified) (5 diffs)
• inc-cl/di.php (modified) (1 diff)
• inc-cl/fb.api.php (modified) (2 diffs)
• inc-cl/fb.php (modified) (15 diffs)
• inc-cl/fl.php (modified) (4 diffs)
• inc-cl/fp.php (modified) (1 diff)
• inc-cl/gmb.php (modified) (6 diffs)
• inc-cl/gp.api.php (deleted)
• inc-cl/gp.php (deleted)
• inc-cl/ig.api.php (modified) (1 diff)
• inc-cl/ig.php (modified) (2 diffs)
• inc-cl/li.api.php (modified) (1 diff)
• inc-cl/li.php (modified) (18 diffs)
• inc-cl/lj.php (modified) (1 diff)
• inc-cl/ln.php (modified) (3 diffs)
• inc-cl/mc.php (modified) (1 diff)
• inc-cl/md.php (modified) (4 diffs)
• inc-cl/ok.php (modified) (4 diffs)
• inc-cl/pk.php (modified) (2 diffs)
• inc-cl/pn.php (modified) (6 diffs)
• inc-cl/rd.php (modified) (5 diffs)
• inc-cl/sc.php (modified) (8 diffs)
• inc-cl/st.php (modified) (1 diff)
• inc-cl/tg.php (modified) (3 diffs)
• inc-cl/tr.api.php (modified) (1 diff)
• inc-cl/tr.php (modified) (8 diffs)
• inc-cl/tw.api.php (modified) (2 diffs)
• inc-cl/tw.php (modified) (6 diffs)
• inc-cl/vb.php (modified) (2 diffs)
• inc-cl/vk.api.php (modified) (2 diffs)
• inc-cl/vk.php (modified) (4 diffs)
• inc-cl/wb.php (modified) (6 diffs)
• inc-cl/wl.php (modified) (9 diffs)
• inc-cl/wp.api.php (modified) (1 diff)
• inc-cl/wp.php (modified) (2 diffs)
• inc-cl/xi.php (modified) (18 diffs)
• inc-cl/yo.api.php (modified) (1 diff)
• inc-cl/yo.php (modified) (1 diff)
• inc-cl/yt.php (modified) (1 diff)
• inc/nxs_class_flt.php (modified) (6 diffs)
• inc/nxs_class_http.php (modified) (3 diffs)
• inc/nxs_class_mgmt.php (modified) (11 diffs)
• inc/nxs_class_ntlist.php (modified) (22 diffs)
• inc/nxs_class_oauth.php (modified) (5 diffs)
• inc/nxs_class_snap.php (modified) (9 diffs)
• inc/nxs_functions.php (modified) (1 diff)
• inc/nxs_functions_adv.php (modified) (8 diffs)
• inc/nxs_functions_engine.php (modified) (5 diffs)
• inc/nxs_functions_wp.php (modified) (7 diffs)
• js-css/js.js (modified) (2 diffs)
• readme.txt (modified) (2 diffs)

social-networks-auto-poster-facebook-twitter-g/trunk/NextScripts_SNAP.php

@@ -5 +5 @@
 Description: This plugin automatically publishes posts from your blog to your social media accounts on Twitter, FB, Telegram, LinkedIn, and 25 more networks.
 Author: NextScripts
-Version: 4.3.26
+Version: 4.3.27
 Author URI: https://www.nextscripts.com
 Text Domain: social-networks-auto-poster-facebook-twitter-g
@@ -11 +11 @@
 */
 
-define( 'NextScripts_SNAP_Version' , '4.3.26' ); define( 'NextScripts_SNAP_Version_Date' , 'June 28, 2022' ); require_once "inc/nxs_functions_wp.php"; if(!defined( 'NXSSNAP_BASENAME' ) ) define( 'NXSSNAP_BASENAME', plugin_basename( __FILE__ ) );
+define( 'NextScripts_SNAP_Version' , '4.3.27' ); define( 'NextScripts_SNAP_Version_Date' , 'July 15, 2022' ); require_once "inc/nxs_functions_wp.php"; if(!defined( 'NXSSNAP_BASENAME' ) ) define( 'NXSSNAP_BASENAME', plugin_basename( __FILE__ ) );
 
 if (true===nxs_doSystemInitCheck()) { //  error_reporting(E_ALL); ini_set('display_errors', '1');

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/apis/plurkOAuth.php

@@ -26 +26 @@
     public function sign($request, $consumer_secret, $token) {
       $key_raw = $this->signing_base($request, $consumer_secret, $token);// prr($key_raw);
-      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true)); //echo $basestring;
+      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true));
       return rawurlencode($basestring);
     }
@@ -149 +149 @@
       $cbu = nxspk_SigMethod_HMAC_SHA1::urlencode_rfc3986($cbu);  
       $url = $this->baseURL.PLURK_REQUEST_TOKEN_PATH.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_version='.$args['oauth_version'].'&oauth_callback='.$cbu.'&oauth_signature='.$args['oauth_signature'];      
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = $nxs_vbCkArray;   
       $response = nxs_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if (is_nxs_error($response)){ $badOut = print_r($response, true)." - Connection ERROR"; return $badOut; }
       $this->http_code = $response['response']['code']; //  prr($response);
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     function getAccToken($verifier){
@@ -167 +167 @@
         'oauth_signature_method' => 'HMAC-SHA1'        
       );      
-      $req = array();  $req['method'] = 'GET';  $req['normalized_url'] = $this->baseURL.PLURK_ACCESS_TOKEN_PATH; // echo "ARGS:"; prr($args); 
+      $req = array();  $req['method'] = 'GET';  $req['normalized_url'] = $this->baseURL.PLURK_ACCESS_TOKEN_PATH;
       $req['normalized_parameters'] = $this->get_normalized_parameters($args);
       $args['oauth_signature'] = $this->sign_method->sign2($req, $this->consumer_secret, $this->access_secret); 
       $url = $this->baseURL.PLURK_ACCESS_TOKEN_PATH.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_token_secret='.$this->access_secret.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_verifier='.$verifier.'&oauth_version='.$args['oauth_version'].'&oauth_token='.$this->access_token.'&oauth_signature='.$args['oauth_signature'];
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = array();   
       $response = nxs_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if ( is_nxs_error($response) ) return $response;
       $this->http_code = $response['response']['code']; 
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);        
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     function makeReq($url, $params){

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/apis/scOAuth.php

@@ -22 +22 @@
     public function sign($request, $consumer_secret, $token) {
       $key_raw = $this->signing_base($request, $consumer_secret, $token);// prr($key_raw);
-      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true)); //echo $basestring;
+      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true));
       return rawurlencode($basestring);
     }
@@ -147 +147 @@
       $cbu = nxssc_SigMethod_HMAC_SHA1::urlencode_rfc3986($cbu);  
       $url = $this->baseURL.$this->request_token_path.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_version='.$args['oauth_version'].'&oauth_callback='.$cbu.'&oauth_signature='.$args['oauth_signature'];      
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = '';   
       $response = nxs_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if ( is_nxs_error($response) ) return print_r($response, true);
       $this->http_code = $response['response']['code']; //  prr($response);
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     function getAccToken($verifier){
@@ -165 +165 @@
         'oauth_signature_method' => 'HMAC-SHA1'        
       );      
-      $req = array();  $req['method'] = 'GET';  $req['normalized_url'] = $this->baseURL.$this->access_token_path; // echo "ARGS:"; prr($args); 
+      $req = array();  $req['method'] = 'GET';  $req['normalized_url'] = $this->baseURL.$this->access_token_path;
       $req['normalized_parameters'] = $this->get_normalized_parameters($args);
       $args['oauth_signature'] = $this->sign_method->sign2($req, $this->consumer_secret, $this->access_secret); 
       $url = $this->baseURL.$this->access_token_path.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_token_secret='.$this->access_secret.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_verifier='.$verifier.'&oauth_version='.$args['oauth_version'].'&oauth_token='.$this->access_token.'&oauth_signature='.$args['oauth_signature'];
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = '';   
       $response = nxs_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if ( is_nxs_error($response) ) return $response;
       $this->http_code = $response['response']['code']; 
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);        
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     
@@ -218 +218 @@
         $parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $string, $this->consumer_secret.'&'.$this->access_secret, true));
     }
-    private function httpRequest($url, $parameters) { $curl = curl_init();
-        curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($curl, CURLOPT_TIMEOUT, '25'); curl_setopt($curl, CURLOPT_URL, $url);
-        curl_setopt($curl, CURLOPT_POST, TRUE); curl_setopt($curl, CURLOPT_POSTFIELDS, $parameters);        
-        $response = curl_exec($curl); $headers = curl_getinfo($curl); $errmsg = curl_error($curl);  curl_close($curl);
-        if (!empty($errmsg)) return $errmsg; else  return $response;
-    }
-    
-    public function flUploadPhoto ($imgFile, $parameters) { $url = 'https://www.flickr.com/services/upload/'; $requestParams = ($parameters == NULL ? array() : $parameters);    $phid = '';    
+
+    public function flUploadPhoto ($imgFile, $parameters) { $url = 'https://www.flickr.com/services/upload/'; $requestParams = ($parameters == NULL ? array() : $parameters);    $phid = '';
         $oauthParams = array (            
             'oauth_nonce' => $this->genRndString(),
@@ -234 +228 @@
             'oauth_version' => '1.0',
         );
-        $requestParams = array_merge($requestParams, $oauthParams); $this->sign($url, $requestParams); $requestParams['photo'] = $imgFile; // prr($requestParams);                
-        $xml = $this->httpRequest($url, $requestParams); if (stripos($xml, '</photoid>')!==false && stripos($xml, 'stat="ok"')!==false) $phid = CutFromTo($xml, '<photoid>','</photoid>');
+        $requestParams = array_merge($requestParams, $oauthParams); $this->sign($url, $requestParams); $requestParams['photo'] = $imgFile;
+        $rq = new nxsHttp;  $args = nxs_mkRmReqArgs(); $rq->postData = $requestParams;  $xml = $rq->request($url, $args);
+        if (stripos($xml, '</photoid>')!==false && stripos($xml, 'stat="ok"')!==false) $phid = CutFromTo($xml, '<photoid>','</photoid>');
         return empty($phid) ? "Problem: ".$xml."<pre>".print_r($requestParams, true)."</pre>" : $phid;
     }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/apis/trOAuth.php

@@ -172 +172 @@
    * Format and sign an OAuth / API request
    */
-  function oAuthRequest($url, $method, $parameters) { 
+  function oAuthRequest($url, $method, $parameters) { $rq = new nxsHttp;
     if (strrpos($url, 'https://') !== 0 && strrpos($url, 'http://') !== 0) {
       $url = "{$this->host}{$url}";
     }
     $request = nsx_trOAuthRequest::from_consumer_and_token($this->consumer, $this->token, $method, $url, $parameters);
-    $request->sign_request($this->sha1_method, $this->consumer, $this->token); 
-    switch ($method) {
-    case 'GET':
-      return $this->http($request->to_url(), 'GET');
-    default:
-      return $this->http($request->get_normalized_http_url(), $method, $request->to_postdata());
-    }
-  }
-
-  /**
-   * Make an HTTP request
-   *
-   * @return API results
-   */
-  function http($url, $method, $postfields = NULL) {  $ref = '';
-    $this->http_info = array();
-    if ($method=='DELETE') $ci = curl_init(); else $ci = curl_init($url);
-    
-    $headers = array();
-$headers[] = 'Connection: keep-alive';
-$headers[] = 'User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.34 Safari/536.11';
-$headers[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
-$headers[] = 'Accept-Encoding: gzip,deflate,sdch';
-$headers[] = 'Accept-Language: en-US,en;q=0.8';
-$headers[] = 'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3';
-    
-     $options = array(
-        CURLOPT_RETURNTRANSFER => true,     // return web page
-        CURLOPT_HEADER         => false,    // don't return headers
-//        CURLOPT_FOLLOWLOCATION => true,     // follow redirects
-        CURLOPT_ENCODING       => "",       // handle all encodings
-        CURLOPT_USERAGENT      => "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E; .NET CLR 1.1.4322)",
-        CURLOPT_AUTOREFERER    => true,     // set referer on redirect
-        CURLOPT_CONNECTTIMEOUT => 120,      // timeout on connect
-        CURLOPT_TIMEOUT        => 120,      // timeout on response
-//        CURLOPT_MAXREDIRS      => $redirs,       // stop after 10 redirects
-        CURLOPT_REFERER        => $ref,       // stop after 10 redirects        
-        CURLINFO_HEADER_OUT    => true
-    ); 
-    curl_setopt_array($ci, $options);   
-        
-    curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, $this->connecttimeout);
-    curl_setopt($ci, CURLOPT_TIMEOUT, $this->timeout);
-    curl_setopt($ci, CURLOPT_HTTPHEADER, $headers);
-    curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, $this->ssl_verifypeer);
-//    curl_setopt($ci, CURLOPT_HEADERFUNCTION, array($this, 'getHeader'));
-
-
-    switch ($method) {
-      case 'POST':
-        curl_setopt($ci, CURLOPT_POST, TRUE);
-        if (!empty($postfields)) {
-          curl_setopt($ci, CURLOPT_POSTFIELDS, $postfields);
-        }
-        break;
-      case 'DELETE':
-        curl_setopt($ci, CURLOPT_CUSTOMREQUEST, 'DELETE');
-        if (!empty($postfields)) {
-          $url = "{$url}?{$postfields}";
-        }
-    }
-//prr($url);
-    if ($method=='DELETE')  curl_setopt($ci, CURLOPT_URL, $url);  
-    
-    global $nxs_skipSSLCheck; if ($nxs_skipSSLCheck===true) curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, false);
-    
-    $response = curl_exec($ci);  $out = array();
-  
-    /*  
-    $err = curl_errno($ci); if ($err==28){ sleep(10); $tm = true; $response = curl_exec($ci); } //   echo "##".$err; $errmsg = curl_error($ci); $out['errno'] = $err; $out['errmsg'] = $errmsg; prr($out);
-    $err = curl_errno($ci); if ($err>0){ $errmsg = curl_error($ci); $out['errno'] = $err; $out['errmsg'] = $errmsg; curl_close($ci); return $out; }
-    */
-    //$err = curl_errno($ci); $errmsg = curl_error($ci); $header = curl_getinfo($ci);  $header['errno']   = $err;  $header['errmsg']  = $errmsg;  $header['content'] = $response;  prr($header); //die();
-    
-    $err = curl_errno($ci); if ($err>0){ $errmsg = curl_error($ci); $out['errno'] = $err; $out['errmsg'] = $errmsg.". Tumblr API is down. Please try later.";  $this->http_code = '404'; curl_close($ci); return json_encode($out); }
-    
-    $this->http_code = curl_getinfo($ci, CURLINFO_HTTP_CODE); 
-    $this->http_info = array_merge($this->http_info, curl_getinfo($ci));
-    $this->url = $url; //prr($this);
-    curl_close ($ci); // prr($response);
-    return $response;
+    $request->sign_request($this->sha1_method, $this->consumer, $this->token);
+    if ($method=='POST') $argArr['flds'] = $request->to_postdata();
+    $url = $method=='GET'?$request->to_url():$request->get_normalized_http_url(); //prr($url);
+    $args = nxs_mkRmReqArgs($argArr); $ret = $rq->request($url, $args);
+    $this->http_code = $ret['response']['code'];
+    $this->http_info = $ret['response'];
+    $this->url = $url;
+    return $ret['body'];
   }
 

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/apis/xmlrpc-client.php

@@ -515 +515 @@
      * @since 0.1.0
      */
+
     function query()
     {
@@ -527 +528 @@
         }
 
-        //This is where we deviate from the normal query()
-        //Rather than open a normal sock, we will actually use the cURL
-        //extensions to make the calls, and handle the SSL stuff.
-
-        //Since 04Aug2004 (0.1.3) - Need to include the port (duh...)
-        //Since 06Oct2004 (0.1.4) - Need to include the colon!!!
-        //        (I swear I've fixed this before... ESP in live... But anyhu...)
-        $curl=curl_init($this->scheme.'://' . $this->server . ':' . $this->port . $this->path);
-        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
-
-        curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.44 Safari/537.36"); 
-
-        //Since 23Jun2004 (0.1.2) - Made timeout a class field
-        curl_setopt($curl, CURLOPT_TIMEOUT, $this->timeout);
-
-        if ($this->debug) {
-            curl_setopt($curl, CURLOPT_VERBOSE, 1);
-        }
-
-
-        curl_setopt($curl, CURLOPT_HEADER, 1);
-        curl_setopt($curl, CURLOPT_POST, 1);
-        curl_setopt($curl, CURLOPT_POSTFIELDS, $xml);
-        curl_setopt($curl, CURLOPT_PORT, $this->port);
-        //curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml","Content-length: {$length}"));
-        curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
-
-        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
-        global $nxs_skipSSLCheck; if ($nxs_skipSSLCheck===true) curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-
-        // Call cURL to do it's stuff and return us the content
-        $contents = curl_exec($curl); $err = curl_errno($curl); $errmsg = curl_error($curl); 
-        curl_close($curl);
+        $rq = new nxsHttp2;
+        $url = 'https://' . $this->server . ':' . $this->port . $this->path;
+        $argArr['flds'] = $xml; $argArr['extraHeaders']['Content-Type'] = 'text/xml';
+        $args = nxs_mkRmReqArgs($argArr); $ret = $rq->request($url, $args);
+        $contents = is_array($ret)?$ret['body']:''; $err = $ret['response']['code'];
 
         // Check for 200 Code in $contents
-        if (!strstr($contents, '200')) {
+        if ($err!='200') {
             //There was no "200 OK" returned - we failed
-            $this->error = new NXS_XMLRPC_Error(-32300, 'transport error - HTTP status code was not 200 - '.$err.' - '.$errmsg.' | '.print_r($contents, true));
+            $this->error = new NXS_XMLRPC_Error(-32300, 'transport error - HTTP status code was not 200 - '.$err.' - | '.print_r($contents, true));
             return false;
         }
@@ -895 +868 @@
      * @since 0.1.0
      */
+
     function query()
     {
@@ -907 +881 @@
         }
 
-        //This is where we deviate from the normal query()
-        //Rather than open a normal sock, we will actually use the cURL
-        //extensions to make the calls, and handle the SSL stuff.
-
-        //Since 04Aug2004 (0.1.3) - Need to include the port (duh...)
-        //Since 06Oct2004 (0.1.4) - Need to include the colon!!!
-        //        (I swear I've fixed this before... ESP in live... But anyhu...)
-        $curl=curl_init('https://' . $this->server . ':' . $this->port . $this->path);
-        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
-
-        //Since 23Jun2004 (0.1.2) - Made timeout a class field
-        curl_setopt($curl, CURLOPT_TIMEOUT, $this->timeout);
-
-        if ($this->debug) {
-            curl_setopt($curl, CURLOPT_VERBOSE, 1);
-        }
-
-        curl_setopt($curl, CURLOPT_HEADER, 1);
-        curl_setopt($curl, CURLOPT_POST, 1);
-        curl_setopt($curl, CURLOPT_POSTFIELDS, $xml);
-        curl_setopt($curl, CURLOPT_PORT, $this->port);
-        //curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml","Content-length: {$length}"));
-        curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));                                    
-
-        // Process the SSL certificates, etc. to use
-        if (!($this->_certFile === false)) {
-            // We have a certificate file set, so add these to the cURL handler
-            curl_setopt($curl, CURLOPT_SSLCERT, $this->_certFile);
-            curl_setopt($curl, CURLOPT_SSLKEY, $this->_keyFile);
-
-            if ($this->debug) {
-                echo "SSL Cert at : " . $this->_certFile . "\n";
-                echo "SSL Key at : " . $this->_keyFile . "\n";
-            }
-
-            // See if we need to give a passphrase
-            if (!($this->_passphrase === '')) {
-                curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $this->_passphrase);
-            }
-
-            if ($this->_caFile === false) {
-                // Don't verify their certificate, as we don't have a CA to verify against
-                curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
-            } else {
-                // Verify against a CA
-                curl_setopt($curl, CURLOPT_CAINFO, $this->_caFile);
-            }
-        }
-        global $nxs_skipSSLCheck; if ($nxs_skipSSLCheck===true) curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-        // Call cURL to do it's stuff and return us the content
-        $contents = curl_exec($curl); $err = curl_errno($curl); $errmsg = curl_error($curl);
-        curl_close($curl);
+
+        $rq = new nxsHttp; $url = 'https://' . $this->server . ':' . $this->port . $this->path;
+        $argArr['flds'] = $xml; $argArr['extraHeaders']['Content-Type'] = 'text/xml';
+        $args = nxs_mkRmReqArgs($argArr); $ret = $rq->request($url, $args);
+        $contents = is_array($ret)?$ret['body']:''; $err = $ret['response']['code'];
 
         // Check for 200 Code in $contents
-        if (!strstr($contents, '200')) {
+        if ($err!=='200') {
             //There was no "200 OK" returned - we failed
-            $this->error = new NXS_XMLRPC_Error(-32300, 'transport error - HTTP status code was not 200! - '.$err.' - '.$errmsg.' | '.print_r($contents, true));
+            $this->error = new NXS_XMLRPC_Error(-32300, 'transport error - HTTP status code was not 200! - '.$err.' - | '.print_r($ret, true));
             return false;
         }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/bg.php

@@ -25 +25 @@
   function checkIfSetupFinished($options) { return !empty($options['accessToken']) || !empty($options['uPass']); }
   public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;     
-    if ( isset($_GET['code']) && $_GET['code']!='' && isset($_GET['state']) && substr($_GET['state'], 0, 7) == 'nxs-bg-'){  $at = $_GET['code'];  $ii = str_replace('nxs-bg-','',$_GET['state']);
+    if ( isset($_GET['code']) && $_GET['code']!='' && isset($_GET['state']) && substr($_GET['state'], 0, 7) == 'nxs-bg-'){  $at = sanitize_text_field($_GET['code']);  $ii = str_replace('nxs-bg-','',sanitize_text_field($_GET['state']));
       echo "----=={ oAuth 2.0 Wordflow }==----<br/>-= This is normal technical authorization info that will dissapear (Unless you get some errors) =- <br/><br/><br/>"; 
       $gGet = $_GET; unset($gGet['code']); unset($gGet['state']); unset($gGet['scope']); unset($gGet['post_type']); unset($gGet['post']); //prr($nxs_snapSetPgURL);
@@ -54 +54 @@
   
   function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; if (empty($options['sid'])) $options['sid']=''; if (empty($options['ssid'])) $options['ssid']=''; if (empty($options['nid'])) $options['nid']=''; if (empty($options['hsid'])) $options['hsid']='';?>
-    <div style="width:100%;"><strong><?php _e('Blogger Blog ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Log to your Blogger management panel and look at the URL of your blog: http://www.blogger.com/blogger.g?blogID=8959085979163812093#allposts. Your Blog ID will be: 8959085979163812093', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][blogID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['blogID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>     
+    <div style="width:100%;"><strong><?php _e('Blogger Blog ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Log to your Blogger management panel and look at the URL of your blog: http://www.blogger.com/blogger.g?blogID=8959085979163812093#allposts. Your Blog ID will be: 8959085979163812093', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][blogID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['blogID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>     
     <div style="display: <?php echo (empty($options['apiToUse']))?"block":"none"; ?>;">    
       <div style="width:100%; text-align: center; color:#005800; font-weight: bold; font-size: 14px;">You can choose what API you would like to use. </div>          
@@ -60 +60 @@
       <span style="color:#005800; font-weight: bold; font-size: 14px;">NextScripts API for Blogger:</span> Premium API with extended functionality. Easier to configure, but less secure - requires your password.<br/><br/>
     
-      <select name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse]" onchange="if (jQuery(this).val()=='<?php echo $nt; ?>') { jQuery('.nxs_<?php echo $nt; ?>_nxapi_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_bgapi_<?php echo $ii; ?>').show(); }else { jQuery('.nxs_<?php echo $nt; ?>_bgapi_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_nxapi_<?php echo $ii; ?>').show(); }"><option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='bg')?"selected":""; ?> value="bg">Blogger API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API</option></select><hr/>
+      <select name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse]" onchange="if (jQuery(this).val()=='<?php echo esc_attr($nt); ?>') { jQuery('.nxs_<?php echo esc_attr($nt); ?>_nxapi_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_bgapi_<?php echo esc_attr($ii); ?>').show(); }else { jQuery('.nxs_<?php echo esc_attr($nt); ?>_bgapi_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_nxapi_<?php echo esc_attr($ii); ?>').show(); }"><option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='bg')?"selected":""; ?> value="bg">Blogger API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API</option></select><hr/>
     
     </div>
     
-    <div id="nxsAPIBG<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_bgapi_<?php echo $ii; ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='bg')?"block":"none"; ?>;"><h3>Blogger API</h3>    
-      <div class="subDiv" id="sub<?php echo $ii; ?>DivL" style="display: block;"> <?php $this->elemKeySecret($ii,'Client ID','Client Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://console.developers.google.com/'); ?>
+    <div id="nxsAPIBG<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_bgapi_<?php echo esc_attr($ii); ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='bg')?"block":"none"; ?>;"><h3>Blogger API</h3>    
+      <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivL" style="display: block;"> <?php $this->elemKeySecret($ii,'Client ID','Client Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://console.developers.google.com/'); ?>
       <br/><br/>
       <?php  if($options['appKey']=='') { ?>
@@ -77 +77 @@
       </div>
     </div>
-    <div id="nxsAPINX<?php echo $ii; ?>" class="nxs_bg_nxapi_<?php echo $ii; ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
+    <div id="nxsAPINX<?php echo esc_attr($ii); ?>" class="nxs_bg_nxapi_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
     <?php if (class_exists('nxsAPI_GP')) { ?>                 
-        <div class="subDiv" id="sub<?php echo $ii; ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div>          
+        <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div>          
         
         
-    <div id="ups<?php echo $nt.$ii; ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo $nt.$ii; ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
-    <div id="ups<?php echo $nt.$ii; ?>S" class="ups<?php echo $nt.$ii; ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
-       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       SSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       HSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo esc_attr($nt.$ii); ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>S" class="ups<?php echo esc_attr($nt.$ii); ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
+       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       SSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       HSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
     </div>
         
@@ -94 +94 @@
     
     <br/><?php $this->elemTitleFormat($ii,'Message Title Format','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclCatsAsTags]"  <?php if ((int)$options['inclCatsAsTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Add Categories as tags/labels', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclCatsAsTags]"  <?php if ((int)$options['inclCatsAsTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Add Categories as tags/labels', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     
      <?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/di.php

@@ -23 +23 @@
   function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; ?><div id="altFormat" style="">
       <div style="width:100%;"><strong id="altFormatText">Diigo API Key:</strong> <span style="font-size: 11px; margin: 0px;">Get it from <a target="_blank" href="http://www.diigo.com/api_keys/">http://www.diigo.com/api_keys</a>.</span></div>
-      <input name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiKey]" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apiKey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
+      <input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiKey]" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apiKey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
     </div><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); $this->elemTitleFormat($ii,'Message Title Format','msgTFormat',$options['msgTFormat']);
     $this->elemMsgFormat($ii,'Message Text Format','msgFormat',$options['msgFormat']);?><br/ >
-    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
+    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
        <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong> <?php _e('Tags from the blogpost will be included', 'social-networks-auto-poster-facebook-twitter-g'); ?>                                
     </div> <?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/fb.api.php

@@ -22 +22 @@
         $options['tpt'] = ''; $options['uMsg'] = '';
         if (empty($options['tpt']) && !empty($options['uPass'])) { //echo "<br/>.........NO TPT PASS.......";
-            if (!class_exists('nxsAPI_FB')) { $badOut['Error'] = 'Premium Facebook API Library not found'; return $badOut; }
+            if (!class_exists('nxsAPI_FB')) { $badOut['Error'] = 'Premium API Library not found'; return $badOut; }
             $email = $options['uName'];  $pass = (substr($options['uPass'], 0, 5)=='n5g9a' || substr($options['uPass'], 0, 5)=='g9c1a')?nsx_doDecode(substr($options['uPass'], 5)):$options['uPass'];
             $opVal = array(); $opNm = 'nxs_snap_fb_'.sha1('nxs_snap_fb'.$email.$pass); $opVal = nxs_getOption($opNm); if (!empty($opVal) & is_array($opVal)) $options = array_merge($options, $opVal);
@@ -39 +39 @@
                 $t = $nt->checkToken($options['tpt'], $options['uInfo']['tknUrl']); //echo "<br/>.....checking token....";
                 if (!empty($t)) { $options['accessToken'] = $t; $options = nxs_snapClassFB::getPageToken($options);
-
                     if (function_exists('user_can')) { $isItUserWhoCan = (!user_can($postUser, 'manage_options' ) && user_can($postUser, 'haveown_snap_accss')); global $nxs_SNAP;
                         if ($isItUserWhoCan) $networks = $nxs_SNAP->nxs_acctsU; else $networks = $nxs_SNAP->nxs_accts;

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/fb.php

@@ -38 +38 @@
   public function makeUName($options, $ii) { return !empty($options['pgName'])?$options['pgName']: $this->ntInfo['name'].' #'.$ii; }
   public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL; 
-    if ( !empty($_GET['code']) && isset($_GET['state']) && substr($_GET['state'], 0, 7) == 'nxs-fb-'){ $this->showAuthTop(); echo "--== Auth ==--"; $at = $_GET['code'];  $ii = str_replace('nxs-fb-','',$_GET['state']); $gGet = array();     
-      if (!empty($_SERVER['QUERY_STRING'])) parse_str($_SERVER['QUERY_STRING'], $gGet); elseif (!empty($_SERVER['argv'][0])) parse_str($_SERVER['argv'][0], $gGet); else { $gGet = $_GET; prr($_GET); unset($gGet['post_type']);} prr($gGet);  unset($gGet['code']); unset($gGet['state']); prr($gGet);
+    if ( !empty($_GET['code']) && isset($_GET['state']) && substr($_GET['state'], 0, 7) == 'nxs-fb-'){ $this->showAuthTop(); echo "--== Auth ==--"; $at = sanitize_text_field($_GET['code']);  $ii = str_replace('nxs-fb-','',$_GET['state']); $gGet = array();
+      if (!empty($_SERVER['QUERY_STRING'])) parse_str($_SERVER['QUERY_STRING'], $gGet); elseif (!empty($_SERVER['argv'][0])) parse_str($_SERVER['argv'][0], $gGet); else { $gGet = $_GET; unset($gGet['post_type']);}  unset($gGet['code']); unset($gGet['state']); prr($gGet);
       $sturl = explode('?',$nxs_snapSetPgURL); $nxs_snapSetPgURL = $sturl[0].((!empty($gGet))?'?'.http_build_query($gGet):''); $fbo = $this->nt[$ii]; $advSet = nxs_mkRemOptsArr(nxs_getNXSHeaders()); prr($fbo); $fbo['uMsg'] = ''; 
       $tknURL = 'https://graph.facebook.com/oauth/access_token?client_id='.nxs_gak($fbo['appKey']).'&state=nxs-fb-'.$ii.'&redirect_uri='.urlencode($nxs_snapSetPgURL).'&client_secret='.nxs_gas($fbo['appSec']).'&code='.$at; $response  = nxs_remote_get($tknURL, $advSet); echo "<br/>TKN URL: "; prr($tknURL);   
@@ -119 +119 @@
   }
   
-  function getListOfPagesNX(){  $opVal = array(); $opNm = 'nxs_snap_fb_'.sha1('nxs_snap_fb'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; 
+  function getListOfPagesNX(){  $opVal = array(); $opNm = 'nxs_snap_fb_'.sha1('nxs_snap_fb'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']);
      global $nxs_SNAP; $networks = (!current_user_can( 'manage_options' ) && current_user_can( 'haveown_snap_accss' ) ) ? $nxs_SNAP->nxs_acctsU : $nxs_SNAP->nxs_accts;  $options = $networks['fb'][$ii];
      if ($options['apiToUse'] =='nxv2') return $this->getListOfPages($networks);
@@ -139 +139 @@
      $opVal['pageList'] = $pgs; array_walk_recursive($opVal,'nxs_uarr_string'); nxs_saveOption($opNm, $opVal); return $opVal;     
   }
-  function getListOfPages($networks){  $opVal = array(); $opNm = 'nxs_snap_fb_'.sha1('nxs_snap_fb'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $pgs = ''; 
+  function getListOfPages($networks){  $opVal = array(); $opNm = 'nxs_snap_fb_'.sha1('nxs_snap_fb'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $pgs = '';
      $currPstAs = !empty($_POST['pgID'])?$_POST['pgID']:(!empty($networks['fb'][$ii])?$networks['fb'][$ii]['pgID']:'');
      if (empty($_POST['force']) && !empty($opVal['pageList']) ) $pgs = $opVal['pageList']; else { $options = $networks['fb'][$ii];  
@@ -205 +205 @@
   function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; $ntU = strtoupper($nt); //prr($options); 
     if (!empty($options['appSec']) && !empty($options['appKey']) && $options['appKey']!=='x5g9a') $options['apiToUse'] = 'fbfb'; ?>      
-    <?php if ( empty($options['apiToUse']) ) { ?><div>    
+    <?php if ( empty($options['apiToUse']) ) { ?><div  style="display: none;">
       <div style="width:100%; text-align: center; color:#005800; font-weight: bold; font-size: 15px;">You can choose what API you would like to use. </div><br/>          
       <span style="color:#005800; font-weight: bold; font-size: 14px;">Native Facebook API:</span> Free official API from Facebook. Approved Facebook Apps can post to Facebook Pages<br/><span style="color:red;">Please note that Facebook closed an unrestricted access to its API on May 1st, 2018. All Facebook apps require review and approval from Facebook. <a href="https://nxs.fyi/fbe4" target="_blank">More info here</a>.</span> <br/><br/>
       <span style="color:#005800; font-weight: bold; font-size: 14px;">NextScripts API for Facebook:</span> Premium API with extended functionality. Can post to Profiles, Pages and Groups.<br/><br/>
       
-      <span style="font-size: 14px;"><b>Please select what API to use:</b>&nbsp;</span><select name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_api'+jQuery(this).val()+'div_<?php echo $ii; ?>').show();  ">
+      <span style="font-size: 14px;"><b>Please select what API to use:</b>&nbsp;</span><select name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_api'+jQuery(this).val()+'div_<?php echo esc_attr($ii); ?>').show();  ">
         <option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] == 'fbfb')?"selected":""; ?> value="fbfb">Native Facebook API</option>
         <option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] == 'nx')?"selected":""; ?> value="nx">NextScripts Premium API</option>            
@@ -217 +217 @@
     
     <?php  if ( empty($options['apiToUse']) || $options['apiToUse'] =='nx' || $options['apiToUse'] =='nxv2') { //############# NXS API ?>    
-      <div id="nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" style="display:<?php echo(!empty($options['apiToUse']) && ($options['apiToUse'] =='nx' || $options['apiToUse'] =='nxv2') )?"block":"none";?>;">
+      <div id="nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" style="display:<?php echo(!empty($options['apiToUse']) && ($options['apiToUse'] =='nx' || $options['apiToUse'] =='nxv2') )?"block":"none";?>;">
       
       <h3>NextScripts API<span style="color: #800080; font-size: 13px;">(Beta)</span><span style="font-size: 13px;">&nbsp;&gt;&gt;&nbsp;<a target="_blank" href="https://www.nextscripts.com/snap-nextscripts-api-for-facebook-configuration/">NextScripts API for Facebook Configuration Instructions</a></span></h3>
       <?php if ( empty($options['apiToUse'])) { ?>
       
-      <div><center><input type="radio" checked="checked" name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse2]" value="S" onchange="if (jQuery(this).val()=='S') { jQuery('#fbuName<?php echo $ii; ?>l').html('Facebook User ID (c_user)');jQuery('#fbuPass<?php echo $ii; ?>l').html('Session ID (xs)');}"><?php _e('Use Session', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;<input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse2]" value="U" onchange="if (jQuery(this).val()=='U') { jQuery('#fbuName<?php echo $ii; ?>l').html('Facebook Username/Email ');jQuery('#fbuPass<?php echo $ii; ?>l').html('Password');}"><?php _e('Use username/password', 'social-networks-auto-poster-facebook-twitter-g'); ?></center></div>
+      <div><center><input type="radio" checked="checked" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse2]" value="S" onchange="if (jQuery(this).val()=='S') { jQuery('#fbuName<?php echo esc_attr($ii); ?>l').html('Facebook User ID (c_user)');jQuery('#fbuPass<?php echo esc_attr($ii); ?>l').html('Session ID (xs)');}"><?php _e('Use Session', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;<input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse2]" value="U" onchange="if (jQuery(this).val()=='U') { jQuery('#fbuName<?php echo esc_attr($ii); ?>l').html('Facebook Username/Email ');jQuery('#fbuPass<?php echo esc_attr($ii); ?>l').html('Password');}"><?php _e('Use username/password', 'social-networks-auto-poster-facebook-twitter-g'); ?></center></div>
       
       <?php } ?>
@@ -231 +231 @@
           $_POST['u']=$options['uName']; $_POST['p']=$pass; $_POST['ii']=$ii; $ntw[$nt][$ii]=$options; $opVal = $this->getListOfPagesNX();  $_POST = $tPST; 
         } if (!empty($opVal) & !is_array($opVal)) $options['uMsg'] = $opVal; else { if (!empty($opVal) & is_array($opVal)) $options = array_merge($options, $opVal); } ?>
-        <div class="subDiv" id="sub<?php echo $ii; ?>DivN" style="display: block;"><?php if ( empty($options['apiToUse']) || $options['apiToUse'] =='nx') { $l1 = 'Facebook User ID (c_user)'; $l2 = 'Session ID (xs)'; } else {$l1 = 'Facebook Username/Email'; $l2 = 'Password';} $this->elemKeySecret($ii,$l1,$l2, $options['uName'], $pass,'uName','uPass'); //prr($options);   ?>
-        
-        <a onclick="nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>','<?php echo $isNew?'r':''; ?>','1'); nxs_setAllXS(jQuery(this)); return false;" id="<?php echo $nt.'-uPass-'.$ii; ?>BT" data-nid="<?php echo $nt.'-uPass-'.$ii; ?>" data-uid="uName" href="#">[Update All]</a>
+        <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivN" style="display: block;"><?php if ( empty($options['apiToUse']) || $options['apiToUse'] =='nx') { $l1 = 'Facebook User ID (c_user)'; $l2 = 'Session ID (xs)'; } else {$l1 = 'Facebook Username/Email'; $l2 = 'Password';} $this->elemKeySecret($ii,$l1,$l2, $options['uName'], $pass,'uName','uPass'); //prr($options);   ?>
+        
+        <a onclick="nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>','<?php echo $isNew?'r':''; ?>','1'); nxs_setAllXS(jQuery(this)); return false;" id="<?php echo $nt.'-uPass-'.$ii; ?>BT" data-nid="<?php echo $nt.'-uPass-'.$ii; ?>" data-uid="uName" href="#">[Update All]</a>
         
         </div><br/>
     
         <script type="text/javascript">      
-          jQuery('#fbuName<?php echo $ii; ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#fbuPass<?php echo $ii; ?>').val(); if( u!='' && p!='' ) { nxs_fb2GetPages(<?php echo $ii; ?>,u,p); }  });
-          jQuery('#fbuPass<?php echo $ii; ?>').change(function() { var u = jQuery('#fbuName<?php echo $ii; ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_fb2GetPages(<?php echo $ii; ?>,u,p); }  });      
-          jQuery('.fbWhereToPost<?php echo $ii; ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#fbPostType<?php echo $ii; ?>').show(); else jQuery('#fbPostType<?php echo $ii; ?>').hide();  });
+          jQuery('#fbuName<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#fbuPass<?php echo esc_attr($ii); ?>').val(); if( u!='' && p!='' ) { nxs_fb2GetPages(<?php echo esc_attr($ii); ?>,u,p); }  });
+          jQuery('#fbuPass<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery('#fbuName<?php echo esc_attr($ii); ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_fb2GetPages(<?php echo esc_attr($ii); ?>,u,p); }  });      
+          jQuery('.fbWhereToPost<?php echo esc_attr($ii); ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#fbPostType<?php echo esc_attr($ii); ?>').show(); else jQuery('#fbPostType<?php echo esc_attr($ii); ?>').hide();  });
         </script>
       <?php } else { nxs_show_noLibWrn('"NextScripts API Library for Facebook" is NOT installed'); } ?></div>
@@ -246 +246 @@
     
     <?php if ( empty($options['apiToUse']) || $options['apiToUse'] =='fbfb') { //############# FBFB API ?>    
-      <div id="nxs_<?php echo $nt; ?>_apifbfbdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apifbfbdiv_<?php echo $ii; ?>" style="display: <?php echo ((!empty($options['appKey'])&& $options['appKey']!='x5g9a') || empty($options['apiToUse']) || $options['apiToUse'] =='fbfb')?"block":"none"; ?>;"> <h3>Facebook Native API</h3>
+      <div id="nxs_<?php echo esc_attr($nt); ?>_apifbfbdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apifbfbdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo ((!empty($options['appKey'])&& $options['appKey']!='x5g9a') || empty($options['apiToUse']) || $options['apiToUse'] =='fbfb')?"block":"none"; ?>;"> <h3>Facebook Native API</h3>
        <?php if (!empty($options['tpt'])) { echo '<span style="color:red;">*************'; _e('Third Party Auth Token is used', 'social-networks-auto-poster-facebook-twitter-g'); echo '</span><br/><br/>'; } else { 
            $this->elemKeySecret($ii,'App ID','App Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://developers.facebook.com/apps/'); ?><br/><?php  
@@ -254 +254 @@
         <?php _e('Your Facebook Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User ID: <?php _e(apply_filters('format_to_edit', htmlentities($options['authUser'].(!empty($options['authUserName'])?" - ".$options['authUserName']:''), ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.<?php } ?>
         
-        <br/>&nbsp;&rArr;&nbsp;<a href="#" onclick="var url = 'https://www.facebook.com/v7.0/dialog/oauth?client_id='+jQuery('#fbappKey<?php echo $ii; ?>').val()+'&scope=pages_manage_posts&state=nxs-fb-<?php echo $ii; ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>',url,'1'); return false;">Authorize Your Facebook Account</a> <?php if (!isset($options['authUser']) || $options['authUser']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div><br/><?php }?>
+        <br/>&nbsp;&rArr;&nbsp;<a href="#" onclick="var url = 'https://www.facebook.com/v7.0/dialog/oauth?client_id='+jQuery('#fbappKey<?php echo esc_attr($ii); ?>').val()+'&scope=pages_manage_posts&state=nxs-fb-<?php echo esc_attr($ii); ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>',url,'1'); return false;">Authorize Your Facebook Account</a> <?php if (!isset($options['authUser']) || $options['authUser']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div><br/><?php }?>
         
         
@@ -278 +278 @@
       ?><div style="display:<?php echo((!empty($options['apiToUse']) &&  ($options['apiToUse']=='nx' || $options['apiToUse']=='nxv2')) || (!empty($options['appKey'])&&!empty($options['accessToken'])) )?"block":"none";?>;">
      <br/ ><div style="width:100%; font-size: 14px;"><b><?php _e('Where to Post', 'nxs_snap'); ?></b>.&nbsp;<?php _e('Please select your profile/page/group', 'social-networks-auto-poster-facebook-twitter-g'); ?>.<span style="color:#580058; font-size: 12px;">&nbsp;(<?php _e('Please see ', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <a href="http://nxs.fyi/fb-not-in-the-list" target="_blank"><?php _e('Why Page/Group is not in the list and how to add it', 'social-networks-auto-poster-facebook-twitter-g'); ?>)</a></span></div>
-       <div id="nxsFBInfoDiv<?php echo $ii; ?>">
+       <div id="nxsFBInfoDiv<?php echo esc_attr($ii); ?>">
          <div style="width:100%;">
           <div>                   
-          <select id="fbpgID<?php echo $ii; ?>" onchange="nxs_fbPageChange('<?php echo $ii;?>',jQuery(this));" name="fb[<?php echo $ii;?>][pgID]">
+          <select id="fbpgID<?php echo esc_attr($ii); ?>" onchange="nxs_fbPageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="fb[<?php echo esc_attr($ii);?>][pgID]">
             <?php $pgi = !empty($options['pageList'])?$options['pageList']:''; 
               if (!empty($options['pgID'])) { echo (!empty($options['pgID']) && stripos($pgi,$options['pgID'])===false)?'<option selected="selected" value="'.$options['pgID'].'">'.$options['pgID'].'</option>':''; }            
@@ -288 +288 @@
               } echo $pgi;
             ?><option value="a"><?php _e('.... Enter the Page ID'); ?></option>
-          </select> <div id="nxsFBInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-        <input type="text"  name="fb[<?php echo $ii;?>][pgIDCst]" style="width:450px;display: none;" id="fbInpCst<?php echo $ii; ?>" value="<?php echo $options['pgID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="fbpgID<?php echo $ii; ?>" />  
-          <div style="display: inline-block;"><a onclick="<?php echo (!empty($options['apiToUse'])&&($options['apiToUse']=='nx' || $options['apiToUse']=='nxv2'))?'nxs_fb2GetPages('.$ii.',jQuery(\'#fbuName'.$ii.'\').val(),jQuery(\'#fbuPass'.$ii.'\').val(), 1);':'nxs_fbGetPages('.$ii.', 1);'; ?> jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          </select> <div id="nxsFBInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+        <input type="text"  name="fb[<?php echo esc_attr($ii);?>][pgIDCst]" style="width:450px;display: none;" id="fbInpCst<?php echo esc_attr($ii); ?>" value="<?php echo $options['pgID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="fbpgID<?php echo esc_attr($ii); ?>" />  
+          <div style="display: inline-block;"><a onclick="<?php echo (!empty($options['apiToUse'])&&($options['apiToUse']=='nx' || $options['apiToUse']=='nxv2'))?'nxs_fb2GetPages('.$ii.',jQuery(\'#fbuName'.$ii.'\').val(),jQuery(\'#fbuPass'.$ii.'\').val(), 1);':'nxs_fbGetPages('.$ii.', 1);'; ?> jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           <?php if (empty($options['pgID'])) {?> <div style="display: inline-block;" class="blnkg">&lt;=== <?php _e('Please select where to post', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div><?php } ?>             
           </div>   
           </div> 
-       </div> <input type="hidden" id="fbAuthUser<?php echo $ii; ?>" value="<?php if(!empty($options['authUser'])) echo $options['authUser']; ?>"/> <br/></div>
+       </div> <input type="hidden" id="fbAuthUser<?php echo esc_attr($ii); ?>" value="<?php if(!empty($options['authUser'])) echo $options['authUser']; ?>"/> <br/></div>
        <?php  
        
        if ( empty($options['apiToUse']) && empty($options['appKey']) ) { ?> <div style="width:100%; font-size: 14px;"><b><?php _e('Where to Post', 'nxs_snap'); ?></b><br/><span style="color:#008000">&nbsp;&nbsp;&nbsp;<?php _e('Please enter App ID, App Secret and Authorize Your Account or enter the Facebook User ID and Session ID to be able to choose where to post....', 'social-networks-auto-poster-facebook-twitter-g'); ?></span></div>
        <?php } ?>
-       <div style="color:#BB2727;" id="nxsFBMsgDiv<?php echo $ii; ?>"><pre><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?></pre></div> 
+       <div style="color:#BB2727;" id="nxsFBMsgDiv<?php echo esc_attr($ii); ?>"><pre><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?></pre></div> 
        <?php
      //######## END of where to post
-     $this->elemMsgFormat($ii,'Post Format','msgFormat',$options['msgFormat']); ?><div style="width:100%;"><strong style="font-size: 16px;" id="altFormatText">Post Type:</strong>&lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo $ii; ?>X');" onmouseover="showPopShAtt('<?php echo $ii; ?>X', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div>
+     $this->elemMsgFormat($ii,'Post Format','msgFormat',$options['msgFormat']); ?><div style="width:100%;"><strong style="font-size: 16px;" id="altFormatText">Post Type:</strong>&lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>X');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>X', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div>
      <div style="margin-left: 10px;">
         
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) jQuery('.nxsDivFBPostTypeOpts<?php echo $ii; ?>').hide();"/> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
-        
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('.nxsDivFBPostTypeOpts<?php echo $ii; ?>').hide(); jQuery('#nxsDivFBImgUplOpts<?php echo $ii; ?>').show();}"/> <?php _e('Image', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Upload image along with the text message. No automatic backlink to the original post.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-          <div style="width:100%; margin-left: 15px;<?php if (empty($options['postType']) || $options['postType'] != 'I') echo "display:none;"; ?>" id="nxsDivFBImgUplOpts<?php echo $ii; ?>" class="nxsDivFBPostTypeOpts<?php echo $ii; ?>" ><strong><?php _e('Upload Images to', 'social-networks-auto-poster-facebook-twitter-g'); ?>:&nbsp;</strong> 
-             <input value="A" id="apFBImgUplAPP<?php echo $ii; ?>" type="radio" name="fb[<?php echo $ii; ?>][imgUpl]" <?php if ($options['imgUpl'] == 'A') echo "checked"; ?> /> <?php _e('App Album', 'social-networks-auto-poster-facebook-twitter-g'); ?> 
-             <input value="T" id="apFBImgUplTML<?php echo $ii; ?>" type="radio" name="fb[<?php echo $ii; ?>][imgUpl]" <?php if ($options['imgUpl'] != 'A') echo "checked"; ?> /> 
-              <?php _e('Timeline', 'social-networks-auto-poster-facebook-twitter-g'); ?> &lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo $ii; ?>I');" onmouseover="showPopShAtt('<?php echo $ii; ?>I', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)      
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) jQuery('.nxsDivFBPostTypeOpts<?php echo esc_attr($ii); ?>').hide();"/> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
+        
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('.nxsDivFBPostTypeOpts<?php echo esc_attr($ii); ?>').hide(); jQuery('#nxsDivFBImgUplOpts<?php echo esc_attr($ii); ?>').show();}"/> <?php _e('Image', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Upload image along with the text message. No automatic backlink to the original post.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+          <div style="width:100%; margin-left: 15px;<?php if (empty($options['postType']) || $options['postType'] != 'I') echo "display:none;"; ?>" id="nxsDivFBImgUplOpts<?php echo esc_attr($ii); ?>" class="nxsDivFBPostTypeOpts<?php echo esc_attr($ii); ?>" ><strong><?php _e('Upload Images to', 'social-networks-auto-poster-facebook-twitter-g'); ?>:&nbsp;</strong> 
+             <input value="A" id="apFBImgUplAPP<?php echo esc_attr($ii); ?>" type="radio" name="fb[<?php echo esc_attr($ii); ?>][imgUpl]" <?php if ($options['imgUpl'] == 'A') echo "checked"; ?> /> <?php _e('App Album', 'social-networks-auto-poster-facebook-twitter-g'); ?> 
+             <input value="T" id="apFBImgUplTML<?php echo esc_attr($ii); ?>" type="radio" name="fb[<?php echo esc_attr($ii); ?>][imgUpl]" <?php if ($options['imgUpl'] != 'A') echo "checked"; ?> /> 
+              <?php _e('Timeline', 'social-networks-auto-poster-facebook-twitter-g'); ?> &lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>I');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>I', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)      
           </div>        
         
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('.nxsDivFBPostTypeOpts<?php echo $ii; ?>').hide(); jQuery('#nxsDivFBAttchLinkOpts<?php echo $ii; ?>').show();}" /> <?php _e('Shared Link', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Shared link along with the text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-
-<div id="nxsDivFBAttchLinkOpts<?php echo $ii; ?>" class="nxsDivFBPostTypeOpts<?php echo $ii; ?>" style="width:100%; margin-left: 15px; line-height: 22px;<?php if (!empty($options['postType']) && $options['postType'] != 'A') echo "display:none;"; ?>">
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('.nxsDivFBPostTypeOpts<?php echo esc_attr($ii); ?>').hide(); jQuery('#nxsDivFBAttchLinkOpts<?php echo esc_attr($ii); ?>').show();}" /> <?php _e('Shared Link', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Shared link along with the text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+
+<div id="nxsDivFBAttchLinkOpts<?php echo esc_attr($ii); ?>" class="nxsDivFBPostTypeOpts<?php echo esc_attr($ii); ?>" style="width:100%; margin-left: 15px; line-height: 22px;<?php if (!empty($options['postType']) && $options['postType'] != 'A') echo "display:none;"; ?>">
      <div style="font-style: italic;"><b><?php _e('Please note:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>&nbsp;<?php _e('SNAP does not set or control image, title and description for shared links previews. Facebook sets that by itself, using your opengraph metatags.', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/><?php _e('Please see here for more info:', 'social-networks-auto-poster-facebook-twitter-g'); ?> <a href="http://nxs.fyi/fblp" target="_blank">Facebook Link Preview</a></div>
 </div><br/></div>
   
-<div class="popShAtt" style="z-index: 9999; width: 350px;" id="popShAtt<?php echo $ii; ?>I"><h3><?php _e('Where to upload Images', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3> <b><?php _e('(App Album)', 'social-networks-auto-poster-facebook-twitter-g'); ?></b> <?php _e('Facebook automatically creates an album for your app. Images will be grouped there as in any regular album.', 'social-networks-auto-poster-facebook-twitter-g'); ?>  <br/><br/><b><?php _e('(Timeline)', 'social-networks-auto-poster-facebook-twitter-g'); ?></b> <?php _e('Images will be posted to the special "Wall/Timeline" album and won\'t be grouped. "Wall/Timeline" album must exist. It\'s created when first image posted to timeline manually.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>  
-<div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo $ii; ?>"><h3><?php _e('Two ways of attaching post on Facebook', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fb2wops.png" width="600" height="257" alt="<?php _e('Two ways of attaching post on Facebook', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
-<div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo $ii; ?>X"><h3><?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fbPostTypesDiff6.png" width="600" height="398" alt="<?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
+<div class="popShAtt" style="z-index: 9999; width: 350px;" id="popShAtt<?php echo esc_attr($ii); ?>I"><h3><?php _e('Where to upload Images', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3> <b><?php _e('(App Album)', 'social-networks-auto-poster-facebook-twitter-g'); ?></b> <?php _e('Facebook automatically creates an album for your app. Images will be grouped there as in any regular album.', 'social-networks-auto-poster-facebook-twitter-g'); ?>  <br/><br/><b><?php _e('(Timeline)', 'social-networks-auto-poster-facebook-twitter-g'); ?></b> <?php _e('Images will be posted to the special "Wall/Timeline" album and won\'t be grouped. "Wall/Timeline" album must exist. It\'s created when first image posted to timeline manually.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>  
+<div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo esc_attr($ii); ?>"><h3><?php _e('Two ways of attaching post on Facebook', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fb2wops.png" width="600" height="257" alt="<?php _e('Two ways of attaching post on Facebook', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
+<div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo esc_attr($ii); ?>X"><h3><?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fbPostTypesDiff6.png" width="600" height="398" alt="<?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
     
     <br/>
@@ -334 +334 @@
    
    <?php global $nxs_SNAP; $gOptions = $nxs_SNAP->nxs_options; if ( !empty($gOptions['riActive']) && $gOptions['riActive'] == '1' ) { ?>
-   <input value="1"  id="apFBMsgAFrmtA<?php echo $ii; ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="fb[<?php echo $ii; ?>][riComments]"/> <strong><?php _e('Import Facebook Comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
+   <input value="1"  id="apFBMsgAFrmtA<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="fb[<?php echo esc_attr($ii); ?>][riComments]"/> <strong><?php _e('Import Facebook Comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
    <br/>
    
    <div style="margin-bottom: 5px; margin-left: 10px; ">
-     <input value="1"  id="apFBMsgAFrmtA<?php echo $ii; ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="fb[<?php echo $ii; ?>][riCommentsAA]"/> <strong><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>   
+     <input value="1"  id="apFBMsgAFrmtA<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="fb[<?php echo esc_attr($ii); ?>][riCommentsAA]"/> <strong><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>   
      <?php } else { echo "<br/>"; _e('Please activate the "Comments Import" from SNAP Settings Tab', 'social-networks-auto-poster-facebook-twitter-g'); } ?>
    
@@ -346 +346 @@
    -<?php _e('If you are posting to a group and have a page linked to that group, you can enter its Page ID and posts will appear as posted from "Page Name"', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
    <div style="margin-bottom: 5px; margin-left: 10px;"> <b style="font-size: 16px;"><?php _e('Page ID:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b><?php if (empty($options['glpid'])) $options['glpid'] = ''; ?>
-     <input type="text" name="fb[<?php echo $ii; ?>][glpid]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['glpid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
+     <input type="text" name="fb[<?php echo esc_attr($ii); ?>][glpid]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['glpid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
      </div>
    </div>
@@ -361 +361 @@
    <a href="#" style="margin-left:50px; " class="button" onclick="jQuery(this).next().show(); jQuery(this).hide(); return false;">I understand that this risky feature is provided "as is" with <b>no support</b> and might not work correctly.</a>   
    <div style="margin-bottom: 5px; margin-left: 10px; display: none;"> <b style="font-size: 16px;"><?php _e('Auth Token:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b><?php if (empty($options['tpt'])) $options['tpt'] = ''; ?>
-     <input type="text" name="fb[<?php echo $ii; ?>][tpt]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['tpt'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
+     <input type="text" name="fb[<?php echo esc_attr($ii); ?>][tpt]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['tpt'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
    </div>   </div>   </div>
    
@@ -445 +445 @@
         
    <div class="nxsPostEd_ElemWrap">   <div class="nxsPostEd_ElemLabel">   
-       <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?>(<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo $ii; ?>X');" onmouseover="showPopShAtt('<?php echo $ii; ?>X', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)
+       <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?>(<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>X');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>X', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)
      </div>   
      <div class="nxsPostEd_Elem">   
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if ($ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>       
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>             
-        <input type="radio" name="fb[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?>
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if ($ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>       
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>             
+        <input type="radio" name="fb[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem nxsImgCtrlCb nxs_ajOnChnage" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?>
      </div>
-     <div class="popShAtt" id="popShAtt<?php echo $ii; ?>X"><h3><?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fbPostTypesDiff6.png" width="600" height="398" alt="<?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
+     <div class="popShAtt" id="popShAtt<?php echo esc_attr($ii); ?>X"><h3><?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/fbPostTypesDiff6.png" width="600" height="398" alt="<?php _e('Facebook Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?>"/></div>
    </div>     
      
@@ -503 +503 @@
   
   function importComments($options='', $postID='', $po='', $fbID='') { $ci = 0; if (empty($postID)) $postID = $_POST['pid']; //echo "Getting comments....";// $fbID = '1019404527_10212971242848671';
-    if (empty($options)) {  global $nxs_SNAP; $options = $nxs_SNAP->nxs_options; } if (isset($_POST['ii'])) $options = $options[$_POST['nt']][$_POST['ii']];  $ptype =  get_post_type( $postID ); 
-    if (empty($po)) { $po =  maybe_unserialize(get_post_meta($postID, 'snap'.strtoupper($_POST['nt']), true)); $po = $po[$_POST['ii']]; }  
+    if (empty($options)) {  global $nxs_SNAP; $options = $nxs_SNAP->nxs_options; } if (isset($_POST['ii'])) $options = $options[$_POST['nt']][sanitize_key($_POST['ii'])];  $ptype =  get_post_type( $postID );
+    if (empty($po)) { $po =  maybe_unserialize(get_post_meta($postID, 'snap'.strtoupper($_POST['nt']), true)); $po = $po[sanitize_key($_POST['ii'])]; }
     //NXS API
     if (!empty($options) && !empty($options['apiToUse']) && $options['apiToUse']=='nx' && !empty($options['uPass'])) {  echo "[FB] Getting comments (Session)...<br/>\r\n";  //## Session ID

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/fl.php

@@ -23 +23 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return !empty($options['appAppUserID']) && !empty($options['accessToken']); }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;     
-   if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){ require_once('apis/scOAuth.php'); $options = $this->nt[$_GET['acc']];
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+   if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+      if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){ require_once('apis/scOAuth.php');
            $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
-           $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$_GET['acc'];
+           $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$acc;
            $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret);
            $tum_oauth->baseURL = 'https://www.flickr.com/services'; $tum_oauth->request_token_path = '/oauth/request_token'; $tum_oauth->access_token_path = '/oauth/access_token';
            $request_token = $tum_oauth->getReqToken($callback_url); $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret'];
            switch ($tum_oauth->http_code) { case 200: $url = 'https://www.flickr.com/services/oauth/authorize?oauth_token='.$options['oAuthToken'];
-             nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
+             nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
              echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break;
              default: echo '<br/><b style="color:red">Could not connect to Flickr. Refresh the page or try again later.</b>'; die();
            } die();
-    }
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ require_once('apis/scOAuth.php'); $options = $this->nt[$_GET['acc']];
+       }
+       if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ require_once('apis/scOAuth.php');
            $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
-
            $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); //prr($tum_oauth);
            $tum_oauth->baseURL = 'https://www.flickr.com/services'; $tum_oauth->request_token_path = '/oauth/request_token'; $tum_oauth->access_token_path = '/oauth/access_token';
            $access_token = $tum_oauth->getAccToken($_GET['oauth_verifier']); prr($access_token);
            $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];
-           nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
+           nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
            $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);
            echo "OK. Let's Get Profile: "; prr($access_token);
@@ -50 +50 @@
            if (is_array($uinfo) && isset($uinfo['user'])) { $options['appAppUserName'] = $access_token['username']."(".urldecode($access_token['fullname']).")";
              $options['appAppUserID'] = urldecode($uinfo['user']['nsid']);  $options['userURL'] = urldecode($uinfo['user']['url']);
-             nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
+             nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
            } //die();
            if (!empty($options['appAppUserID'])) {
@@ -57 +57 @@
              echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>'; die();
            } else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".print_r($uinfo, true)."</span></span>");
+       }
     }  
   }    
   
   function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; $this->elemKeySecret($ii,'Consumer Key','Consumer Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://www.flickr.com/services/apps/'); ?>    
-    <div style="width:100%;"><strong><?php _e('Flickr Set ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('(Optional)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][setID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['setID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Flickr Set ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('(Optional)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][setID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['setID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     
     <?php  $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']);   $this->elemMsgFormat($ii,'Post Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     
-    <div style="width:100%;"><strong><?php _e('Default Image to use', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('If your post does not have any images this will be used instead.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Default Image to use', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('If your post does not have any images this will be used instead.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     
     
@@ -75 +76 @@
             <?php _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User ID: <?php _e(apply_filters('format_to_edit', htmlentities($options['appAppUserID'].' - '.$options['appAppUserName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.
             <?php _e('You can', 'social-networks-auto-poster-facebook-twitter-g'); ?> Re- <?php } ?>
-            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=<?php echo $nt; ?>&acc=<?php echo $ii; ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>
+            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=<?php echo esc_attr($nt); ?>&acc=<?php echo esc_attr($ii); ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>
 
             <?php if (!isset($options['appAppUserID']) || $options['appAppUserID']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php }?>

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/fp.php

@@ -29 +29 @@
        <div style="font-size: 11px; margin: 0px;"><?php _e('[Optional] Please use this only if you are having troubles to login/post without it.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
     </div>    
-    <input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+    <input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />
     <br/>
     <div style="width:100%;"><strong><?php _e('User ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> 
        <div style="font-size: 11px; margin: 0px;"><?php _e('[Optional] Please use this only if you are having troubles to login/post without it.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
     </div>    
-    <input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][cuid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['cuid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+    <input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][cuid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['cuid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />
     <br/><br/>  
   
   
-    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Flipboard Magazine URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="fp[<?php echo $ii; ?>][mgzURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['mgzURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Flipboard Magazine URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="fp[<?php echo esc_attr($ii); ?>][mgzURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['mgzURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     <br/><?php $this->elemMsgFormat($ii,'Comment Text Format','msgFormat',$options['msgFormat']);
   }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/gmb.php

@@ -18 +18 @@
     $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; ?> <div style="color:darkred; font-size: 16px;">*****[Early Beta] Can make only "What's New" posts<br/><br/></div>
     
-    <div id="ups<?php echo $nt.$ii; ?>UP" class="ups<?php echo $nt.$ii; ?>">
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>UP" class="ups<?php echo esc_attr($nt.$ii); ?>">
       <?php $p = $options['uPass']; $this->elemUserPass($ii, $options['uName'], $p);  ?>
     </div>
-    <div id="ups<?php echo $nt.$ii; ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo $nt.$ii; ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
-    <div id="ups<?php echo $nt.$ii; ?>S" class="ups<?php echo $nt.$ii; ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
-       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       SSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       HSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo esc_attr($nt.$ii); ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>S" class="ups<?php echo esc_attr($nt.$ii); ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
+       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       SSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       HSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
     </div>
     
@@ -40 +40 @@
     
     <br/>
-    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Your Google My Business URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="gmb[<?php echo $ii; ?>][postTo]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['postTo'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Your Google My Business URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="gmb[<?php echo esc_attr($ii); ?>][postTo]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['postTo'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
     
    <div style="width:100%;"><strong id="altFormatText">Post Type:</strong> </div>                      
 <div style="margin-left: 10px;">        
-        <div id="<?php echo $nt.$ii; ?>PostTypeT" style="margin-left: 5px;">
-          <input type="radio" name="gmb[<?php echo $ii; ?>][postType]" value="A" <?php if (empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('What\'s New Post', 'nxs_snap'); ?> - <i><?php _e('Blogpost with link', 'nxs_snap'); ?></i><br/>
-          <div id="<?php echo $nt.$ii; ?>PostTypeTSub"  style="margin-left: 15px;">
-            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
-            <select id="<?php echo $nt.$ii; ?>PostTypeTSubButSel" onchange="" name="<?php echo $nt; ?>[<?php echo $ii; ?>][btnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
+        <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeT" style="margin-left: 5px;">
+          <input type="radio" name="gmb[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if (empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('What\'s New Post', 'nxs_snap'); ?> - <i><?php _e('Blogpost with link', 'nxs_snap'); ?></i><br/>
+          <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSub"  style="margin-left: 15px;">
+            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
+            <select id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSubButSel" onchange="" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][btnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $options['btnType'] =='BOOK') echo 'selected="selected"'; ?> value="BOOK"><?php _e('Book', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $options['btnType'] =='ORDER') echo 'selected="selected"'; ?> value="ORDER"><?php _e('Order Online', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
@@ -58 +58 @@
           </div>
         </div>                    
-        <div id="<?php echo $nt.$ii; ?>PostTypeT" style="margin-left: 5px;">
-          <input type="radio" name="gmb[<?php echo $ii; ?>][postType]" value="E" <?php if (!empty($options['postType']) && $options['postType'] == 'E') echo 'checked="checked"'; ?> /> <?php _e('Event', 'nxs_snap'); ?> - <i><?php _e('Event', 'nxs_snap'); ?></i><br/>
+        <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeT" style="margin-left: 5px;">
+          <input type="radio" name="gmb[<?php echo esc_attr($ii); ?>][postType]" value="E" <?php if (!empty($options['postType']) && $options['postType'] == 'E') echo 'checked="checked"'; ?> /> <?php _e('Event', 'nxs_snap'); ?> - <i><?php _e('Event', 'nxs_snap'); ?></i><br/>
           
           
           
-          <div id="<?php echo $nt.$ii; ?>PostTypeTSub"  style="margin-left: 15px;"> <?php $this->elemTitleFormat($ii,'Event Title','eTtlFormat',$options['eTtlFormat']);?>
-            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
-            <select id="<?php echo $nt.$ii; ?>PostTypeTSubButSel" onchange="" name="<?php echo $nt; ?>[<?php echo $ii; ?>][ebtnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
+          <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSub"  style="margin-left: 15px;"> <?php $this->elemTitleFormat($ii,'Event Title','eTtlFormat',$options['eTtlFormat']);?>
+            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
+            <select id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSubButSel" onchange="" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ebtnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $options['ebtnType'] =='BOOK') echo 'selected="selected"'; ?> value="BOOK"><?php _e('Book', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $options['ebtnType'] =='ORDER') echo 'selected="selected"'; ?> value="ORDER"><?php _e('Order Online', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
@@ -87 +87 @@
    
    <?php global $nxs_SNAP; $gOptions = $nxs_SNAP->nxs_options; if ( !empty($gOptions['riActive']) && $gOptions['riActive'] == '1' ) { ?>
-   <input value="1"  id="apFBMsgAFrmtA<?php echo $ii; ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo  $this->ntInfo['lcode']; ?>[<?php echo $ii; ?>][riComments]"/> <strong><?php _e('Import Facebook Comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
+   <input value="1"  id="apFBMsgAFrmtA<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo  $this->ntInfo['lcode']; ?>[<?php echo esc_attr($ii); ?>][riComments]"/> <strong><?php _e('Import Facebook Comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
    <br/>
    
    <div style="margin-bottom: 5px; margin-left: 10px; ">
-     <input value="1"  id="apFBMsgAFrmtA<?php echo $ii; ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo  $this->ntInfo['lcode']; ?>[<?php echo $ii; ?>][riCommentsAA]"/> <strong><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>   
+     <input value="1"  id="apFBMsgAFrmtA<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo  $this->ntInfo['lcode']; ?>[<?php echo esc_attr($ii); ?>][riCommentsAA]"/> <strong><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>   
      <?php } else { echo "<br/>"; _e('Please activate the "Comments Import" from SNAP Settings Tab', 'social-networks-auto-poster-facebook-twitter-g'); } ?>
    
@@ -133 +133 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-        <div id="<?php echo $nt.$ii; ?>PostTypeT" style="margin-left: 5px;">
-          <input type="radio" name="gmb[<?php echo $ii; ?>][postType]" value="A" <?php if (empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" /> <?php _e('What\'s New Post', 'nxs_snap'); ?> - <i><?php _e('Blogpost with link', 'nxs_snap'); ?></i><br/>
-          <div id="<?php echo $nt.$ii; ?>PostTypeTSub"  style="margin-left: 15px;">
-            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
-            <select class="nxsEdElem" id="<?php echo $nt.$ii; ?>PostTypeTSubButSel" onchange="" name="<?php echo $nt; ?>[<?php echo $ii; ?>][btnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
+        <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeT" style="margin-left: 5px;">
+          <input type="radio" name="gmb[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if (empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" /> <?php _e('What\'s New Post', 'nxs_snap'); ?> - <i><?php _e('Blogpost with link', 'nxs_snap'); ?></i><br/>
+          <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSub"  style="margin-left: 15px;">
+            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
+            <select class="nxsEdElem" id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSubButSel" onchange="" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][btnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $ntOpt['btnType'] =='BOOK') echo 'selected="selected"'; ?> value="BOOK"><?php _e('Book', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $ntOpt['btnType'] =='ORDER') echo 'selected="selected"'; ?> value="ORDER"><?php _e('Order Online', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
@@ -151 +151 @@
      
      <div class="nxsPostEd_Elem">   
-        <div id="<?php echo $nt.$ii; ?>PostTypeE" style="margin-left: 5px;">
-          <input type="radio" name="gmb[<?php echo $ii; ?>][postType]" value="E" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'E') echo 'checked="checked"'; ?> class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" /> <?php _e('Event', 'nxs_snap'); ?><br/>
-          <div id="<?php echo $nt.$ii; ?>PostTypeESub"  style="margin-left: 15px;">
-            
-            
-          Event Title:<input name="<?php echo $nt; ?>[<?php echo $ii; ?>][eTtlFormat]" style="width: 95%;max-width: 610px;" value="<?php echo $ntOpt['eTtlFormat']; ?>" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" />  <br/>
-          Event Start Date:<input name="<?php echo $nt; ?>[<?php echo $ii; ?>][evStDate]" style="width: 95%;max-width: 610px;" value="<?php echo date("F j, Y, g:i a", strtotime('+10 min'));  ?>" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" /><br/>
-          Event End Date:<input name="<?php echo $nt; ?>[<?php echo $ii; ?>][evEndDate]" style="width: 95%;max-width: 610px;" value="<?php echo date("F j, Y, g:i a", strtotime('+1 day')); ?>" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" /><br/>
-            
-            
-            
-            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
-            <select class="nxsEdElem" id="<?php echo $nt.$ii; ?>PostTypeTSubButSel" onchange="" name="<?php echo $nt; ?>[<?php echo $ii; ?>][ebtnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
+        <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeE" style="margin-left: 5px;">
+          <input type="radio" name="gmb[<?php echo esc_attr($ii); ?>][postType]" value="E" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'E') echo 'checked="checked"'; ?> class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" /> <?php _e('Event', 'nxs_snap'); ?><br/>
+          <div id="<?php echo esc_attr($nt.$ii); ?>PostTypeESub"  style="margin-left: 15px;">
+            
+            
+          Event Title:<input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][eTtlFormat]" style="width: 95%;max-width: 610px;" value="<?php echo $ntOpt['eTtlFormat']; ?>" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" />  <br/>
+          Event Start Date:<input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][evStDate]" style="width: 95%;max-width: 610px;" value="<?php echo date("F j, Y, g:i a", strtotime('+10 min'));  ?>" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" /><br/>
+          Event End Date:<input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][evEndDate]" style="width: 95%;max-width: 610px;" value="<?php echo date("F j, Y, g:i a", strtotime('+1 day')); ?>" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" /><br/>
+            
+            
+            
+            <?php _e('Add Button with link', 'social-networks-auto-poster-facebook-twitter-g'); ?>:
+            <select class="nxsEdElem" id="<?php echo esc_attr($nt.$ii); ?>PostTypeTSubButSel" onchange="" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ebtnType]">  <option value="X"><?php _e('No Button', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $ntOpt['ebtnType'] =='BOOK') echo 'selected="selected"'; ?> value="BOOK"><?php _e('Book', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>
               <option <?php if ( $ntOpt['ebtnType'] =='ORDER') echo 'selected="selected"'; ?> value="ORDER"><?php _e('Order Online', 'social-networks-auto-poster-facebook-twitter-g'); ?></option>

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/ig.api.php

@@ -8 +8 @@
     var $ntLCode = 'ig';     
     
-    function nxsCptCheck(){ if (function_exists('nxs_getOption')) { $opVal = array(); $opNm = $_POST['svc']; $opVal = nxs_getOption($opNm); $nt = new nxsAPI_IG(); if(!empty($opVal['ck'])) $nt->ck = $opVal['ck'];  
+    function nxsCptCheck(){ if (function_exists('nxs_getOption')) { $opVal = array(); $opNm = sanitize_key($_POST['svc']); $opVal = nxs_getOption($opNm); $nt = new nxsAPI_IG(); if(!empty($opVal['ck'])) $nt->ck = $opVal['ck'];
       if (!empty($opVal['proxy'])&&!empty($opVal['proxyOn'])){ $nt->proxy['proxy'] = $opVal['proxy']['proxy']; if (!empty($opVal['proxy']['up'])) $nt->proxy['up'] = $opVal['proxy']['up']; }; $ck = $nt->checkCode($opVal['url'], $_POST['code']);  
       if ($ck!==false){ $opVal['ck'] = $ck;  nxs_saveOption($opNm, $opVal); 

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/ig.php

@@ -21 +21 @@
        <div style="font-size: 11px; margin: 0px;"><?php _e('[Optional] Please use this only if you are having troubles to login/post without it.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
     </div>    
-    <input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+    <input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
     <br/><br/>   
             
     <br/><?php $this->elemMsgFormat($ii,'Image Description Format','msgFormat',$options['msgFormat']); ?> <br/ >    
-    <div style="width:100%;"><strong id="altFormatText"><?php _e('What do to with the image', 'social-networks-auto-poster-facebook-twitter-g'); ?> :</strong>&lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo $ii; ?>IG');" onmouseover="showPopShAtt('<?php echo $ii; ?>IG', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div>                      
+    <div style="width:100%;"><strong id="altFormatText"><?php _e('What do to with the image', 'social-networks-auto-poster-facebook-twitter-g'); ?> :</strong>&lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>IG');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>IG', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div>                      
     <div style="margin-left: 10px;">
-    <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][imgAct]" value="E" <?php if (empty($options['imgAct']) || $options['imgAct'] == 'E') echo 'checked="checked"'; ?> /> <?php _e('Make it Square: Extend', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be extended to square', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-    <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][imgAct]" value="C" <?php if (!empty($options['imgAct']) && $options['imgAct'] == 'C') echo 'checked="checked"'; ?> /> <?php _e('Make it Square: Crop', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be cropped to square', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
-    <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][imgAct]" value="D" <?php if (!empty($options['imgAct']) && $options['imgAct'] == 'D') echo 'checked="checked"'; ?> /> <?php _e("Don't change", 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be untouched. (Could cause "Uploaded image isn\'t in an allowed aspect ratio" Error)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+    <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][imgAct]" value="E" <?php if (empty($options['imgAct']) || $options['imgAct'] == 'E') echo 'checked="checked"'; ?> /> <?php _e('Make it Square: Extend', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be extended to square', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+    <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][imgAct]" value="C" <?php if (!empty($options['imgAct']) && $options['imgAct'] == 'C') echo 'checked="checked"'; ?> /> <?php _e('Make it Square: Crop', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be cropped to square', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
+    <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][imgAct]" value="D" <?php if (!empty($options['imgAct']) && $options['imgAct'] == 'D') echo 'checked="checked"'; ?> /> <?php _e("Don't change", 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Image will be untouched. (Could cause "Uploaded image isn\'t in an allowed aspect ratio" Error)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
     <br/></div>    
     <div style="width:100%;"><strong><?php _e('URL of the Default Image', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> 
             <div style="font-size: 11px; margin: 0px;"><?php _e('If your post does not have any images this will be used instead.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
-            </div><input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+            </div><input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
             <br/><br/>   
     <div style="width:100%;"><strong><?php _e('Location ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> <i><?php _e('You can find location ID from Facebook Places', 'social-networks-auto-poster-facebook-twitter-g'); ?>. Please see the "Location" section in the <a href="https://nxs.fyi/igl" target="_blank">instructions</a></i>            
-            </div><input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][loc]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['loc'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+            </div><input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][loc]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['loc'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
             <br/><br/>           
     <?php 
@@ -77 +77 @@
           <strong><?php _e('Location ID', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong><i>Please see the "Location" section in the <a href="https://nxs.fyi/igl" target="_blank">instructions</a></i>
         
-        <input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][loc]" style="width: 30%;" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" value="<?php _e(apply_filters('format_to_edit', htmlentities($ntOpt['loc'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
+        <input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][loc]" style="width: 30%;" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" value="<?php _e(apply_filters('format_to_edit', htmlentities($ntOpt['loc'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />   
           
         </div>

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/li.api.php

@@ -59 +59 @@
         if (!empty($options['proxy'])&&!empty($options['proxyOn'])){ $nt->proxy['proxy'] = $options['proxy']['proxy']; if (!empty($options['proxy']['up'])) $nt->proxy['up'] = $options['proxy']['up']; }
         $loginErr = $nt->connect($uname, $pass); 
-        //## LinkedIn Email Code Verification.
-        if (is_array($loginErr) && !empty($loginErr['out']) ) { if (function_exists('update_option')) update_option('nxs_li_ctp_save', $loginErr['ser'], false); $text = $loginErr['out'];
-          echo "#2. LinkedIn asked you to enter verification code. Please check your email or phone, enter the code and click \"Confirm Code\""; $text = str_ireplace('This login attempt seems suspicious. ', '', $text);  echo $text;                
-          echo '<br/><input type="hidden" id="nxsLiNum" name="nxsLiNum" value="'.$options['ii'].'" /><input type="button" value="Click to Confirm Code" onclick="doCtpSave(); return false;" id="results_ok_button" name="nxs_go" class="button" /><br/><br/><div style="color:red;" id="nxsLITestResults"></div>';
-          ?><script type="text/javascript"> function doCtpSave(){ var u = jQuery('#verification-code').val(); var ii = jQuery('#nxsLiNum').val(); //alert(ii);                               
-            jQuery.post(ajaxurl,{s:u, i:ii, action: 'nxs_snap_aj',"nxsact":"getItFromNT", "fName":"nxsCptCheck", nt:"LI", id: 0, _wpnonce: jQuery('input#nxsSsPageWPN_wpnonce').val()}, function(j){
-              jQuery('#nxsLITestResults').html(j);
-            }, "html")
-          }</script> <?php return '<br/>#2. LinkedIn asked you to enter verification code<br/>';
-        }        
-        if ($loginErr) { $badOut['Error'] .= 'Can\'t Connect - '.print_r($loginErr, true); return $badOut; }         
+
+        if ($loginErr) { $badOut['Error'] .= 'Can\'t Connect (Please try to use session) - '.print_r($loginErr, true); return $badOut; }
         $opVal['ck'] = $nt->ck; nxs_saveOption($opNm,$opVal); //$options['ck'] = $nt->ck; if (function_exists('nxs_save_glbNtwrks')) nxs_save_glbNtwrks('li', $options['ii'], $nt->ck, 'ck');         
         if ( $options['whToPost']=='C' && !empty($options['pgcID'])) $to = 'https://www.linkedin.com/company/'.$options['pgcID']; elseif ( $options['whToPost']=='G' && !empty($options['pggID'])) $to = 'https://www.linkedin.com/groups/'.$options['pggID'];

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/li.php

@@ -1 +1 @@
 <?php    
-
-if (isset($_GET['pg']) && $_GET['pg']=='nxs' && isset($_GET['ca']) && $_GET['ca']!='') { $ch = curl_init();  curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/image?c='.$_GET['ca']); 
-  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_REFERER, 'https://www.google.com/'); global $nxs_skipSSLCheck; if ($nxs_skipSSLCheck===true) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-  $imageData = curl_exec($ch);  if ($imageData  === false) { echo 'Curl error: ' . curl_error($ch); die(); }
-  header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); 
-  header("Cache-Control: private",false); header("Content-Type: image/jpg"); header("Content-Transfer-Encoding: binary"); echo $imageData; die();
-}
-
 //## NextScripts Facebook Connection Class
 $nxs_snapAvNts[] = array('code'=>'LI', 'lcode'=>'li', 'name'=>'LinkedIn', 'type'=>'Social Networks', 'ptype'=>'B', 'status'=>'A', 'desc'=>'Post text, article, image or share a link to your profile, group, or company page. ');
@@ -56 +48 @@
         
         ?>
-        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=<?php echo nxs_gak($nto['appKey']);?>&scope=r_liteprofile+r_emailaddress+w_member_social&state=nxs-li-<?php echo $ii; ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>without</b> Marketing API)</a>
+        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=<?php echo nxs_gak($nto['appKey']);?>&scope=r_liteprofile+r_emailaddress+w_member_social&state=nxs-li-<?php echo esc_attr($ii); ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>without</b> Marketing API)</a>
         <?php
         die('</div></div></div>');
@@ -99 +91 @@
   }    
   
-  function getListOfPagesLIV2($networks){ $opVal = array(); if (empty($_POST['u'])) return $opVal; $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; if (empty($networks['li'][$ii]['accessToken'])) return $opVal;
-     $currPstAs = !empty($_POST['pgID'])?$_POST['pgID']:(!empty($networks['li'][$ii])?$networks['li'][$ii]['pgID']:'');
+  function getListOfPagesLIV2($networks){ $opVal = array(); if (empty($_POST['u'])) return $opVal; $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); if (empty($networks['li'][$ii]['accessToken'])) return $opVal;
+     $currPstAs = !empty($_POST['pgID'])?sanitize_text_field($_POST['pgID']):(!empty($networks['li'][$ii])?$networks['li'][$ii]['pgID']:'');
      if (empty($_POST['force']) && !empty($opVal['pgList']) ) $pgs = $opVal['pgList']; else { $options = $networks['li'][$ii]; 
          
@@ -121 +113 @@
   }
   
-  function getListOfPagesNXS($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_LI(); // prr($opVal);
+  function getListOfPagesNXS($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_LI(); // prr($opVal);
      $currPstAs = !empty($_POST['pgcID'])?$_POST['pgcID']:(!empty($networks['li'][$ii])?$networks['li'][$ii]['pgcID']:''); $options = $networks['li'][$ii];
      if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['pgsList']) ) $pgs = $opVal['pgsList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; 
      if (!empty($message['session']) || !empty($options['session'])) { $sid = !empty($message['session'])?$message['session']:$options['session']; if (empty($nt->ck)) $nt->ck = array(); foreach ($nt->ck as $ci=>$cc) if ( $nt->ck[$ci]->name=='li_at') unset($nt->ck[$ci]);
           $c = new NXS_Http_Cookie( array('name' => 'li_at', 'value' => $sid) ); $nt->ck[] = $c; 
-     } $loginError=$nt->connect($_POST['u'],$_POST['p']); 
+     } $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);
        if (!$loginError){ $opVal['ck'] = $nt->ck;  $pgs = $nt->getPgsList($currPstAs); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.strip_tags($loginError).'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }
@@ -133 +125 @@
      $opVal['pgsList'] = $pgs; nxs_saveOption($opNm, $opVal); return $opVal;
   }
-  function getListOfGroupsNXS($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_LI(); // prr($opVal);
+  function getListOfGroupsNXS($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_LI(); // prr($opVal);
      $currPstAs = !empty($_POST['pggID'])?$_POST['pggID']:(!empty($networks['li'][$ii]['pggID'])?$networks['li'][$ii]['pggID']:''); $options = (!empty($networks['li'][$ii]))?$networks['li'][$ii]:array();
      if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['grpList']) ) $pgs = $opVal['grpList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; 
@@ -139 +131 @@
           $c = new NXS_Http_Cookie( array('name' => 'li_at', 'value' => $sid) ); $nt->ck[] = $c; 
         }
-     $loginError=$nt->connect($_POST['u'],$_POST['p']); 
+     $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);
        if (!$loginError){ $opVal['ck'] = $nt->ck;  $pgs = $nt->getGrpList($currPstAs); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.strip_tags($loginError).'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }
@@ -154 +146 @@
       <span style="color:#005800; font-weight: bold; font-size: 14px;">NextScripts API for LinkedIn:</span> Premium API with extended functionality. <br/><b>Can post Articles and to Profile, Company pages, and Groups.</b> <br/><span style="color:#000080"><?php _e('Advantages', 'nxs_snap'); ?></span>: Easier to configure. Only API that can post Articles and to Groups and make Image posts.<br/><span style="color:#800000"><?php _e('Disadvantages', 'nxs_snap'); ?></span>: Not free. Less secure - requires your password.<br/><br/>
     
-      <select name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_api'+jQuery(this).val()+'div_<?php echo $ii; ?>').show();  ">        
+      <select name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_api'+jQuery(this).val()+'div_<?php echo esc_attr($ii); ?>').show();  ">        
         <option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='liv2')?"selected":""; ?> value="liv2">LinkedIn Native API</option>
         <option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API</option>
@@ -162 +154 @@
     
     
-    <div id="nxs_<?php echo $nt; ?>_apiliv2div_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apiliv2div_<?php echo $ii; ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='liv2' || $options['apiToUse'] =='liv1')?"block":"none"; ?>;"><h3>LinkedIn API</h3>    
-      <div class="subDiv" id="sub<?php echo $ii; ?>DivL" style="display: block;"> <?php $this->elemKeySecret($ii,'Client ID','Client Secret', $options['appKey'], $options['appSec'],'appKey2','appSec2','https://www.linkedin.com/developer/apps'); ?><br/><br/>
+    <div id="nxs_<?php echo esc_attr($nt); ?>_apiliv2div_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apiliv2div_<?php echo esc_attr($ii); ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='liv2' || $options['apiToUse'] =='liv1')?"block":"none"; ?>;"><h3>LinkedIn API</h3>    
+      <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivL" style="display: block;"> <?php $this->elemKeySecret($ii,'Client ID','Client Secret', $options['appKey'], $options['appSec'],'appKey2','appSec2','https://www.linkedin.com/developer/apps'); ?><br/><br/>
       <?php if(!empty($options['accessToken'])) { 
         _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> <br/>User: <?php _e(apply_filters('format_to_edit', htmlentities($options['liUserInfo'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g'); ?>.
         <?php  } ?>            <br/>
-        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id='+jQuery('#liappKey2<?php echo $ii; ?>').val()+'&scope=r_liteprofile+r_emailaddress+w_member_social+w_organization_social+rw_organization_admin&state=nxs-li-<?php echo $ii; ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>with</b> Marketing API)</a>        
+        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id='+jQuery('#liappKey2<?php echo esc_attr($ii); ?>').val()+'&scope=r_liteprofile+r_emailaddress+w_member_social+w_organization_social+rw_organization_admin&state=nxs-li-<?php echo esc_attr($ii); ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>with</b> Marketing API)</a>        
         <br/>
-        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id='+jQuery('#liappKey2<?php echo $ii; ?>').val()+'&scope=r_liteprofile+r_emailaddress+w_member_social&state=nxs-li-<?php echo $ii; ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>without</b> Marketing API)</a>        
+        <a href="#" onclick="var url = 'https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id='+jQuery('#liappKey2<?php echo esc_attr($ii); ?>').val()+'&scope=r_liteprofile+r_emailaddress+w_member_social&state=nxs-li-<?php echo esc_attr($ii); ?>&redirect_uri=<?php echo trim(urlencode($nxs_snapSetPgURL));?>'; nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>',url,'1'); return false;">Authorize Your LinkedIn Account (<b>without</b> Marketing API)</a>        
         <?php if (empty($options['accessToken'])) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php } ?><br/><br/>
       </div>
@@ -178 +170 @@
     if (!empty($opVal) & !is_array($opVal)) $options['uMsg'] = $opVal; else { if (!empty($opVal) & is_array($opVal)) $options = array_merge($options, $opVal); } 
   ?><br/ ><div style="width:100%;"><b><?php _e('Where to Post', 'nxs_snap'); ?></b>&nbsp;(<?php _e('Please select your Profile or Company Page', 'nxs_snap'); ?>)</div>
-    <div id="nxsLIInfoDiv<?php echo $ii; ?>" style="<?php echo empty($options['accessToken'])?'display:none;':''; ?>">
+    <div id="nxsLIInfoDiv<?php echo esc_attr($ii); ?>" style="<?php echo empty($options['accessToken'])?'display:none;':''; ?>">
          <div style="width:100%;">
           <div>                   
-          <select id="lipgID<?php echo $ii; ?>" onchange="nxs_liPageChange('<?php echo $ii;?>',jQuery(this));" name="li[<?php echo $ii;?>][pgID]">
+          <select id="lipgID<?php echo esc_attr($ii); ?>" onchange="nxs_liPageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="li[<?php echo esc_attr($ii);?>][pgID]">
             <?php $pgi = !empty($options['pgList'])?$options['pgList']:''; 
               if (!empty($options['pgID'])) { echo (!empty($options['pgID']) && stripos($pgi,$options['pgID'])===false)?'<option selected="selected" value="'.$options['pgID'].'">'.$options['pgID'].'</option>':''; }            
@@ -187 +179 @@
               echo '<option '.($options['pgID']=='p'?'selected="selected" ':'').'value="p">'.__('Profile').'</option>'; echo $pgi;
             ?><option value="a"><?php _e('.... Enter the Page ID'); ?></option>
-          </select><div id="nxsLIInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="liInpCst<?php echo $ii; ?>" value="<?php echo $options['pgID']; ?>" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="lipgID<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_liGetPages(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          </select><div id="nxsLIInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="liInpCst<?php echo esc_attr($ii); ?>" value="<?php echo $options['pgID']; ?>" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="lipgID<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_liGetPages(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
-          </div> <div id="nxsLIMsgDiv<?php echo $ii; ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please authorize your account', 'nxs_snap'); ?><?php } ?></div>                                                                                                    
-    </div> <input type="hidden" id="liAuthUser<?php echo $ii; ?>" value="<?php echo !empty($options['authUser'])?$options['authUser']:''; ?>"/> <br/>
+          </div> <div id="nxsLIMsgDiv<?php echo esc_attr($ii); ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please authorize your account', 'nxs_snap'); ?><?php } ?></div>                                                                                                    
+    </div> <input type="hidden" id="liAuthUser<?php echo esc_attr($ii); ?>" value="<?php echo !empty($options['authUser'])?$options['authUser']:''; ?>"/> <br/>
       
       
     </div>
-    <div id="nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
+    <div id="nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
     
     <?php if (class_exists('nxsAPI_LI')) { if (!empty($options['uPass'])&&!empty($options['uName'])) { $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$options['uName'].$options['uPass']); $opVal = nxs_getOption($opNm);
@@ -203 +195 @@
     } if (empty($options['uPass'])) $options['uPass'] = ''; if (empty($options['uName'])) $options['uName'] = ''; if (empty($options['session'])) $options['session'] = ''; 
     ?>
-    <div class="subDiv" id="sub<?php echo $ii; ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
+    <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
     
     <div style="width:100%;"><strong><?php _e('Session ID (li_at)', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> 
        <div style="font-size: 11px; margin: 0px;"><?php _e('[Optional] Please use this only if you are having troubles to login/post without it.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
     </div>    
-    <input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+    <input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][session]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['session'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
     <br/><br/>   
     
     <script type="text/javascript">      
-      jQuery('#apLIUName<?php echo $ii; ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apLIPass<?php echo $ii; ?>').val(); if( u!='' && p!='' ) { nxs_li2GetPages(<?php echo $ii; ?>,0); }  });
-      jQuery('#apLIPass<?php echo $ii; ?>').change(function() { var u = jQuery('#apLIUName<?php echo $ii; ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_li2GetPages(<?php echo $ii; ?>,0); }  });
-      
-      jQuery('.liWhereToPost<?php echo $ii; ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#liPostType<?php echo $ii; ?>').show(); else jQuery('#liPostType<?php echo $ii; ?>').hide();  });
+      jQuery('#apLIUName<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apLIPass<?php echo esc_attr($ii); ?>').val(); if( u!='' && p!='' ) { nxs_li2GetPages(<?php echo esc_attr($ii); ?>,0); }  });
+      jQuery('#apLIPass<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery('#apLIUName<?php echo esc_attr($ii); ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_li2GetPages(<?php echo esc_attr($ii); ?>,0); }  });
+      
+      jQuery('.liWhereToPost<?php echo esc_attr($ii); ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#liPostType<?php echo esc_attr($ii); ?>').show(); else jQuery('#liPostType<?php echo esc_attr($ii); ?>').hide();  });
       
     </script>
     <div style="width:100%;"><b style="font-size: 15px;"><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); if (empty($options['whToPost'])) $options['whToPost'] = 'PR'; ?>:</b> </div>
       <div style="margin-left: 10px;">        
-        <input class="liWhereToPost<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][whToPost]" value="PR" <?php if ($options['whToPost'] == 'PR') echo 'checked="checked"'; ?> /> <?php _e('Profile Update', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to your profile', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-        <input class="liWhereToPost<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][whToPost]" value="C" <?php if ($options['whToPost'] == 'C') echo 'checked="checked"'; ?> /> <?php _e('Company Page', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to Company page', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> 
-        
-        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsLI2InfoDiv<?php echo $ii; ?>"> 
+        <input class="liWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][whToPost]" value="PR" <?php if ($options['whToPost'] == 'PR') echo 'checked="checked"'; ?> /> <?php _e('Profile Update', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to your profile', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+        <input class="liWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][whToPost]" value="C" <?php if ($options['whToPost'] == 'C') echo 'checked="checked"'; ?> /> <?php _e('Company Page', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to Company page', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> 
+        
+        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsLI2InfoDiv<?php echo esc_attr($ii); ?>"> 
          <div style="width:100%;">
           <div>                   
-          <select id="li2pgID<?php echo $ii; ?>" onchange="nxs_li2PageChange('<?php echo $ii;?>',jQuery(this));" name="li[<?php echo $ii;?>][pgcID]">
+          <select id="li2pgID<?php echo esc_attr($ii); ?>" onchange="nxs_li2PageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="li[<?php echo esc_attr($ii);?>][pgcID]">
             <?php $pgi = !empty($options['pgsList'])?$options['pgsList']:''; 
               if (!empty($options['pgcID'])) { echo (!empty($options['pgcID']) && stripos($pgi,$options['pgcID'])===false)?'<option selected="selected" value="'.$options['pgcID'].'">'.$options['pgcID'].'</option>':''; }            
@@ -235 +227 @@
             ?><option value="a"><?php _e('.... Enter the Company Page ID'); ?></option>
           </select>
-          <div id="nxsLI2InfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-          <input type="text" style="display: none;" id="li2InpCst<?php echo $ii; ?>" value="<?php echo $options['pgcID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="li2pgID<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_li2GetPages(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>2rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>2ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          <div id="nxsLI2InfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+          <input type="text" style="display: none;" id="li2InpCst<?php echo esc_attr($ii); ?>" value="<?php echo $options['pgcID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="li2pgID<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_li2GetPages(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>2rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>2ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
-          </div> <div id="nxsLI2MsgDiv<?php echo $ii; ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><i style="color: #800080"><?php _e('Please Enter your username and password to select your page', 'nxs_snap'); ?><?php } ?></i></div>                                                                          
+          </div> <div id="nxsLI2MsgDiv<?php echo esc_attr($ii); ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><i style="color: #800080"><?php _e('Please Enter your username and password to select your page', 'nxs_snap'); ?><?php } ?></i></div>                                                                          
         </div> 
-        <input class="liWhereToPost<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][whToPost]" value="G" <?php if ($options['whToPost'] == 'G') echo 'checked="checked"'; ?> /> <?php _e('Group', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to LinkedIn Group', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> 
-        
-        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsLI2GInfoDiv<?php echo $ii; ?>"> 
+        <input class="liWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][whToPost]" value="G" <?php if ($options['whToPost'] == 'G') echo 'checked="checked"'; ?> /> <?php _e('Group', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to LinkedIn Group', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> 
+        
+        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsLI2GInfoDiv<?php echo esc_attr($ii); ?>"> 
          <div style="width:100%;">
           <div>                   
-          <select id="li2GpgID<?php echo $ii; ?>" onchange="nxs_li2GPageChange('<?php echo $ii;?>',jQuery(this));" name="li[<?php echo $ii;?>][pggID]">
+          <select id="li2GpgID<?php echo esc_attr($ii); ?>" onchange="nxs_li2GPageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="li[<?php echo esc_attr($ii);?>][pggID]">
             <?php $pgi = !empty($options['grpList'])?$options['grpList']:''; 
               if (!empty($options['pggID'])) { echo (!empty($options['pggID']) && stripos($pgi,$options['pggID'])===false)?'<option selected="selected" value="'.$options['pggID'].'">'.$options['pggID'].'</option>':''; }            
@@ -255 +247 @@
             ?><option value="a"><?php _e('.... Enter the Group ID'); ?></option>
           </select>
-          <div id="nxsLI2GInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-          <input type="text" style="display: none;" id="li2GInpCst<?php echo $ii; ?>" value="<?php echo $options['pgcID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="li2GpgID<?php echo $ii; ?>" />         
-          </div> <img id="<?php echo $nt.$ii;?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          <div id="nxsLI2GInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+          <input type="text" style="display: none;" id="li2GInpCst<?php echo esc_attr($ii); ?>" value="<?php echo $options['pgcID']; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="li2GpgID<?php echo esc_attr($ii); ?>" />         
+          </div> <img id="<?php echo esc_attr($nt.$ii);?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>  
           <?php // $this->elemTitleFormat($ii,'Group Title Format','msgTFormat',empty($options['msgTFormat'])?'%TITLE%':$options['msgTFormat']); ?>                                                                         
         </div>                 
-        <input class="liWhereToPost<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][whToPost]" value="P" <?php if ($options['whToPost'] == 'P') echo 'checked="checked"'; ?> /> <?php _e('Article', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Rich text post article shared to the "Articles" section', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+        <input class="liWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][whToPost]" value="P" <?php if ($options['whToPost'] == 'P') echo 'checked="checked"'; ?> /> <?php _e('Article', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Rich text post article shared to the "Articles" section', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
         
          <div style="margin-left: 30px;">            
@@ -277 +269 @@
     <?php $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
     
-    <div id="liPostType<?php echo $ii; ?>" style="<?php echo (!empty($options['whToPost']) && $options['whToPost']=='P')?'display:none;':''; ?>">
+    <div id="liPostType<?php echo esc_attr($ii); ?>" style="<?php echo (!empty($options['whToPost']) && $options['whToPost']=='P')?'display:none;':''; ?>">
     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong> </div>                      
             <div style="margin-left: 10px;">
         <?php if(empty($options['postType'])) {if (( !empty($options['liAttch']) && (int)$options['liAttch'] == 1) || $isNew) $options['postType'] = 'A';} ?>
-        <input class="liPostType<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
-        <span class="nxs_li_nxapi_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;">
-        <input class="liPostType<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message (Profiles and Company pages only)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>  </span> 
-        <input class="liPostType<?php echo $ii; ?>" type="radio" name="li[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Add blogpost to LinkedIn message as an attachment', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+        <input class="liPostType<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
+        <span class="nxs_li_nxapi_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;">
+        <input class="liPostType<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message (Profiles and Company pages only)', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>  </span> 
+        <input class="liPostType<?php echo esc_attr($ii); ?>" type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Add blogpost to LinkedIn message as an attachment', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
         
        
@@ -290 +282 @@
       <div style="margin-left: 10px;">            
         <strong><?php _e('Attachment Text Format', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><br/> 
-      <input value="1"  id="apLIMsgAFrmtA<?php echo $ii; ?>" <?php if (empty($options['msgAFormat']) || trim($options['msgAFormat'])=='' ) echo "checked"; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('#apLIMsgAFrmtDiv<?php echo $ii; ?>').hide(); jQuery('#apLIMsgAFrmt<?php echo $ii; ?>').val(''); }else jQuery('#apLIMsgAFrmtDiv<?php echo $ii; ?>').show();" type="checkbox" name="li[<?php echo $ii; ?>][msgAFormatCB]"/> <strong><?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
+      <input value="1"  id="apLIMsgAFrmtA<?php echo esc_attr($ii); ?>" <?php if (empty($options['msgAFormat']) || trim($options['msgAFormat'])=='' ) echo "checked"; ?> onchange="if (jQuery(this).is(':checked')) { jQuery('#apLIMsgAFrmtDiv<?php echo esc_attr($ii); ?>').hide(); jQuery('#apLIMsgAFrmt<?php echo esc_attr($ii); ?>').val(''); }else jQuery('#apLIMsgAFrmtDiv<?php echo esc_attr($ii); ?>').show();" type="checkbox" name="li[<?php echo esc_attr($ii); ?>][msgAFormatCB]"/> <strong><?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
       <i> - <?php _e('Recommended. Info from SEO Plugins will be used, then post excerpt, then post text', 'social-networks-auto-poster-facebook-twitter-g'); ?> </i><br/>
-      <div id="apLIMsgAFrmtDiv<?php echo $ii; ?>" style="<?php  if (empty($options['msgAFormat']) || trim($options['msgAFormat'])=='' ) echo "display:none;"; ?>" >
+      <div id="apLIMsgAFrmtDiv<?php echo esc_attr($ii); ?>" style="<?php  if (empty($options['msgAFormat']) || trim($options['msgAFormat'])=='' ) echo "display:none;"; ?>" >
       <?php $this->elemTitleFormat($ii,'Title Format','msgATFormat',$options['msgATFormat']); $this->elemMsgFormat($ii,'Message Format','msgAFormat',$options['msgAFormat']); ?>
       
@@ -350 +342 @@
                 </th><td>     
         
-        <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="T" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
-        <span class="nxs_li_nxapi_<?php echo $ii; ?>" style="display: <?php echo (!empty($ntOpt['apiToUse']) && $ntOpt['apiToUse'] =='nx')?"block":"none"; ?>;">
-        <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="I" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo $nt.$ii;?>').show();" /> <?php _e('Post to LinkedIn as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/> </span>            
-        <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo $nt.$ii;?>').hide();" /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>        
+        <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
+        <span class="nxs_li_nxapi_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($ntOpt['apiToUse']) && $ntOpt['apiToUse'] =='nx')?"block":"none"; ?>;">
+        <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo esc_attr($nt.$ii);?>').show();" /> <?php _e('Post to LinkedIn as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/> </span>            
+        <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo esc_attr($nt.$ii);?>').hide();" /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>        
      </td></tr>          <?php } else {
           $this->elemEdTitleFormat($ii, __('Article Title Format:', 'social-networks-auto-poster-facebook-twitter-g'),htmlentities($ntOpt['msgCTFormat']));          
@@ -380 +372 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-         <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
-        <span class="nxs_li_nxapi_<?php echo $ii; ?>" style="display: <?php echo (!empty($ntOpt['apiToUse']) && $ntOpt['apiToUse'] =='nx')?"block":"none"; ?>;">
-        <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo $nt.$ii;?>').show();" /> <?php _e('Post to LinkedIn as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/> </span>            
-        <input type="radio" name="li[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo $nt.$ii;?>').hide();" /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?> 
+         <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'T') echo 'checked="checked"'; ?> /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
+        <span class="nxs_li_nxapi_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($ntOpt['apiToUse']) && $ntOpt['apiToUse'] =='nx')?"block":"none"; ?>;">
+        <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if (!empty($ntOpt['postType']) && $ntOpt['postType'] == 'I') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo esc_attr($nt.$ii);?>').show();" /> <?php _e('Post to LinkedIn as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/> </span>            
+        <input type="radio" name="li[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem nxsImgCtrlCb" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" <?php if ( empty($ntOpt['postType']) || $ntOpt['postType'] == 'A') echo 'checked="checked"'; ?> onchange="jQuery('#altFormatIMG<?php echo esc_attr($nt.$ii);?>').hide();" /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?> 
      </div>     
    </div>  <?php } else {
@@ -423 +415 @@
     }
   }
-  
-  function nxsCptCheck() { $advSettings = array();
-    if (!empty($_POST['c'])) { $seForDB = get_option('nxs_li_ctp_save'); $ser = maybe_unserialize($seForDB); $ck = $ser['c']; $flds = $ser['f']; 
-      $flds['recaptcha_response_field'] = $_POST['c']; $liObj = new nxsAPI_LI();   $hdrsArr = $liObj->headers('https://www.linkedin.com/uas/login-submit', 'https://www.linkedin.com', 'POST', false);
-      $advSet = array('headers' => $hdrsArr, 'httpversion' => '1.1', 'timeout' => 45, 'redirection' => 0, 'cookies' => $ck, 'body' => $flds); // prr($advSet);
-      $rep = nxs_remote_post('https://www.linkedin.com/uas/captcha-submit', $advSet); if (is_nxs_error($rep)) {  $badOut = print_r($rep, true)." - ERROR"; return $badOut; }  $contents2 = $rep['body']; 
-      if (stripos($contents2, '<span class="error">')!==false) { echo strip_tags(CutFromTo($contents2, '<span class="error">', '</span>')); die(); }    
-      if (stripos($contents2, '<div id="global-error">')!==false) { echo CutFromTo($contents2, '<div role="alert" class="alert error">', '</div>'); die(); }    
-      if (stripos($contents2, 'The email address or password you provided does not match our records')!==false) { echo "Invalid Login/Password"; die(); }
-      if (stripos($contents2, 'Hmm, ')!==false) { echo "Invalid Login/Password"; die(); }    
-      if ($rep['response']['code']=='302' && !empty($rep['headers']['location']) &&  stripos($rep['headers']['location'], 'linkedin.com/uas/captcha-submit')!==false) echo "Wrong Captcha. Please try Again";
-      if ($rep['response']['code']=='302' && !empty($rep['headers']['location']) &&  (stripos($rep['headers']['location'], 'linkedin.com/nhome')!==false || stripos($rep['headers']['location'], 'linkedin.com/home')!==false)) { echo "OK. You are In";    
-        $hdrsArr = $liObj->headers('http://www.linkedin.com/home', 'https://www.linkedin.com');  $ck = $rep['cookies'];    
-        $advSet = array('headers' => $hdrsArr, 'httpversion' => '1.1', 'timeout' => 45, 'redirection' => 0, 'cookies' => $ck); // prr($advSet);
-        $rep = nxs_remote_get('http://www.linkedin.com/profile/edit?trk=tab_pro', $advSet); if (is_nxs_error($rep)) {  $badOut = print_r($rep, true)." - ERROR"; return $badOut; }  $ck = $rep['cookies'];   
-        if ($_POST['i']!='') { global $nxs_SNAP;  if (!isset($nxs_SNAP)) return; $options = $nxs_SNAP->nxs_options; 
-            $options['li'][$_POST['i']]['ck'] = $ck; if (is_array($options)) update_option('NS_SNAutoPoster', $options, false);
-        }
-      }
-    } 
-    if (!empty($_POST['s'])) { echo "CODE!"; $seForDB = get_option('nxs_li_ctp_save'); $ser = maybe_unserialize($seForDB); $ck = $ser['c']; $flds = $ser['f']; $fa = $ser['fa']; // prr($ser);
-      $flds['PinVerificationForm_pinParam'] = $_POST['s']; $liObj = new nxsAPI_LI();   $hdrsArr = $liObj->headers('https://www.linkedin.com/uas/login-submit', 'https://www.linkedin.com', 'POST', true);
-      $advSet = nxs_mkRemOptsArr($hdrsArr, $ck, $flds, $liObj->proxy); $rep=nxs_remote_post('https://www.linkedin.com'.$fa,$advSet); if (is_nxs_error($rep)) {$badOut = print_r($rep, true)." - ERROR"; return $badOut; } $contents2 = $rep['body']; // prr($rep);
-    
-      if (stripos($contents2, 'The email address or password you provided does not match our records')!==false) { echo "Invalid Login/Password"; die(); }
-      if (stripos($contents2, '<div id="global-error">')!==false) { echo CutFromTo($contents2, '<div role="alert" class="alert error">', '</div>'); die(); }    
-      if (stripos($contents2, 'Hmm, ')!==false) { echo "Invalid Login/Password"; die(); }        
-      if ($rep['response']['code']=='302' && !empty($rep['headers']['location']) &&  stripos($rep['headers']['location'], 'linkedin.com/uas/ato-pin-challenge-submit')!==false) echo "Wrong Code. Please try Again";
-      if ($rep['response']['code']=='302' && !empty($rep['headers']['location']) &&  (stripos($rep['headers']['location'], 'linkedin.com/nhome')!==false || stripos($rep['headers']['location'], 'linkedin.com/home')!==false)) echo "OK. You are In";    
-    
-      $hdrsArr = $liObj->headers('http://www.linkedin.com/home', 'https://www.linkedin.com');  $ck = nxsMergeArraysOV($ck, $rep['cookies']); $advSet = nxs_mkRemOptsArr($hdrsArr, $ck, '', $liObj->proxy);
-      $rep = nxs_remote_get('http://www.linkedin.com/profile/edit?trk=tab_pro', $advSet);if (is_nxs_error($rep)) {  $badOut = print_r($rep, true)." - ERROR"; return $badOut; } $ck = nxsMergeArraysOV($ck, $rep['cookies']);
-      if (!empty($ck)) $ck = nxsClnCookies($ck);
-      
-      if ($_POST['i']!='') { global $nxs_SNAP;  if (!isset($nxs_SNAP)) return; $options = $nxs_SNAP->nxs_options; $nto = $options['li'][$_POST['i']];
-        $opVal = array(); $opNm = 'nxs_snap_li_'.sha1('nxs_snap_li'.$nto['uName'].$nto['uPass']); $opVal['ck'] = $ck; nxs_saveOption($opNm, $opVal); 
-      }       
-    } die();     
-  }   
-  
+
 }}
 function adjAfterPost(&$options, &$ret){ if ($ret['isPosted']=='1') nxs_save_glbNtwrks('li', $options['ii'], '', 'session'); }   

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/lj.php

@@ -27 +27 @@
     
      <br/ ><div style="width:100%;"><b><?php _e('Website', 'nxs_snap'); ?></b><br/><?php _e('Please select your website. SNAP could post to LJ Engine Based sites like DreamWidth.org', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
-    <div id="nxsLJInfoDiv<?php echo $ii; ?>">
+    <div id="nxsLJInfoDiv<?php echo esc_attr($ii); ?>">
      <div style="width:100%;">
-      <select id="lj1delayHrs" name="lj[<?php echo $ii; ?>][ljSrv]"><option  <?php if ( empty($options['ljSrv']) || $options['ljSrv']=='LJ') {?> selected="selected" <?php } ?> value="LJ">LiveJournal.com</option>
+      <select id="lj1delayHrs" name="lj[<?php echo esc_attr($ii); ?>][ljSrv]"><option  <?php if ( empty($options['ljSrv']) || $options['ljSrv']=='LJ') {?> selected="selected" <?php } ?> value="LJ">LiveJournal.com</option>
          <option <?php if ( isset($options['ljSrv']) && $options['ljSrv']=='DW') {?> selected="selected" <?php } ?> value="DW">DreamWidth.org</option>
       </select> 
      </div>         
     </div><br/>
-    <div style="width:100%;"><br/><b><?php _e('Blog/Community URL or ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b><br/><?php _e('Please specify the Blog or Community URL or ID. Use this only if you are posting NOT to your own journal.', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/><input name="lj[<?php echo $ii; ?>][commID]" id="commID" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['commID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
+    <div style="width:100%;"><br/><b><?php _e('Blog/Community URL or ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b><br/><?php _e('Please specify the Blog or Community URL or ID. Use this only if you are posting NOT to your own journal.', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/><input name="lj[<?php echo esc_attr($ii); ?>][commID]" id="commID" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['commID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
     </div> 
     <br/><br/>    
     <?php $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Post Text Format','msgFormat',$options['msgFormat']);?>    
-    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1"  id="ljInclTags<?php echo $ii; ?>" type="checkbox" name="lj[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
+    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1"  id="ljInclTags<?php echo esc_attr($ii); ?>" type="checkbox" name="lj[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
         <b><?php _e('Post with tags.', 'social-networks-auto-poster-facebook-twitter-g') ?></b> <?php _e('Tags from the blogpost will be auto posted to LiveJournal', 'social-networks-auto-poster-facebook-twitter-g') ?>                                            
         
-        <br/><input value="1" type="checkbox" name="lj[<?php echo $ii; ?>][useOrDate]"  <?php if ((int)$options['useOrDate'] == 1) echo "checked"; ?> /> 
+        <br/><input value="1" type="checkbox" name="lj[<?php echo esc_attr($ii); ?>][useOrDate]"  <?php if ((int)$options['useOrDate'] == 1) echo "checked"; ?> /> 
               <strong>Keep Original Post Date</strong> Will post to LJ with original date of the post 
               

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/ln.php

@@ -13 +13 @@
   function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; if (empty($options['attchImg'])) $options['attchImg'] = 0; if (!isset($options['webPrev'])) $options['webPrev'] = 1; ?> <br/ >
     
-    <div style="width:100%;"><strong><?php _e('Channel access token (long-lived)', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="ln[<?php echo $ii; ?>][botTkn]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['botTkn'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
-    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i>&nbsp;<?php _e('User ID, Group ID or Room ID', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="ln[<?php echo $ii; ?>][whToPost]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['whToPost'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('Channel access token (long-lived)', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="ln[<?php echo esc_attr($ii); ?>][botTkn]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['botTkn'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i>&nbsp;<?php _e('User ID, Group ID or Room ID', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="ln[<?php echo esc_attr($ii); ?>][whToPost]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['whToPost'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
     <br/><?php $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>    
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>    
     <br/><?php 
   }
@@ -46 +46 @@
                 
         <?php $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat); ?>
-                  <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"  <?php if ((int)$ntOpt['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
-            <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
+                  <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"  <?php if ((int)$ntOpt['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
+            <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
         <?php
           /* ## Select Image & URL ## */ nxs_showImgToUseDlg($nt, $ii, $imgToUse); nxs_showURLToUseDlg($nt, $ii, $urlToUse); $this->nxs_tmpltAddPostMetaEnd($ii);        
@@ -64 +64 @@
    <div class="nxsPostEd_ElemWrap">        
      <div class="nxsPostEd_Elem">           
-        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if (!empty($ntOpt['attchImg'])) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if (!empty($ntOpt['attchImg'])) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/mc.php

@@ -13 +13 @@
   function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; if (!isset($options['segment'])) $options['segment'] = ''; ?> <br/ >
     
-    <div style="width:100%;"><strong><?php _e('API Key', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="mc[<?php echo $ii; ?>][apikey]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apikey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
-    <div style="width:100%;"><strong><?php _e('Recipients List ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The unique recipients list id', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo $ii; ?>][listID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['listID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>      
-    <div style="width:100%;"><strong><?php _e('Recipients List Segment', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('[Optional] This field may contain a saved segment id', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo $ii; ?>][segment]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['segment'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>        
-    <div style="width:100%;"><strong><?php _e('From name', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The [From] name on the campaign (not an email address).', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo $ii; ?>][fromName]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['fromName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
-    <div style="width:100%;"><strong><?php _e('From Email', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The reply-to email address for the campaign', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo $ii; ?>][fromEmail]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['fromEmail'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('API Key', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="mc[<?php echo esc_attr($ii); ?>][apikey]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apikey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Recipients List ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The unique recipients list id', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo esc_attr($ii); ?>][listID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['listID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Recipients List Segment', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('[Optional] This field may contain a saved segment id', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo esc_attr($ii); ?>][segment]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['segment'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('From name', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The [From] name on the campaign (not an email address).', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo esc_attr($ii); ?>][fromName]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['fromName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('From Email', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('The reply-to email address for the campaign', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="mc[<?php echo esc_attr($ii); ?>][fromEmail]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['fromEmail'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     <br/><?php $this->elemTitleFormat($ii,'Message Subject','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Message Text','msgFormat',$options['msgFormat']); 
   }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/md.php

@@ -11 +11 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return !empty($options['accessToken']); }
-  function doAuth() {  $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL; if (isset($_GET['acc'])) $options = $this->nt[$_GET['acc']];
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){
-      //if(stripos($nxs_snapSetPgURL, 'page=NextScripts_SNAP.php')===false) { $newURL = explode('?', $nxs_snapSetPgURL); $nxs_snapSetPgURL = $newURL[0]; }
-      $url = 'https://medium.com/m/oauth/authorize?client_id='.nxs_gak($options['appKey']).'&scope=basicProfile,publishPost,listPublications&state=nxsmdauth-'. $_GET['auth'].'-'.$_GET['acc'].'&response_type=code&redirect_uri='.urlencode($nxs_snapSetPgURL);   
-      echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>';
-      die(); 
-    }
-    if ( isset($_GET['state']) && strlen($_GET['state'])>13 && substr($_GET['state'],0,12)=='nxsmdauth-md'){ $ii = explode('-',$_GET['state']); $ii = $ii[2]; $options = $this->nt[$ii];      
-      $data = array('code'=>$_GET['code'], 'client_id'=>nxs_gak($options['appKey']),'client_secret'=>nxs_gas($options['appSec']),'grant_type'=>'authorization_code','redirect_uri'=>$nxs_snapSetPgURL);            
-      $hdrsArr = array(); $hdrsArr['Content-Type']='application/x-www-form-urlencoded'; $hdrsArr['Accept']='application/json'; $hdrsArr['Accept-Charset']='utf-8';   
-      $hdrsArr['Cache-Control']='max-age=0'; $hdrsArr['Connection']='keep-alive'; $hdrsArr['Referer']='';
-      $hdrsArr['User-Agent']='Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.54 Safari/537.36'; 
-      $advSet = nxs_mkRemOptsArr($hdrsArr, '', $data); $rep = nxs_remote_post('https://api.medium.com/v1/tokens/', $advSet); prr($advSet); prr($rep);
-      $bd = json_decode($rep['body'], true); if (!is_array($bd)) die('ERROR'); else prr($bd); $options['accessToken'] = $bd['access_token']; 
-            
-      $hdrsArr['Authorization']='Bearer '.$options['accessToken'];
-      $advSet = nxs_mkRemOptsArr($hdrsArr); $rep = nxs_remote_get('https://api.medium.com/v1/me', $advSet); prr($advSet); prr($rep);  if (is_nxs_error($rep)) {  $badOut = print_r($rep, true)." - ERROR -02-"; return $badOut; } 
-      $bd = json_decode($rep['body'], true); if (!is_array($bd) || !is_array($bd['data'])) die('ERROR'); else prr($bd); $bd = $bd['data'];      
-      $options['appAppUserID'] = $bd['id']; $options['appAppUserName'] = $bd['name'].' ('.$bd['username'].')';  $options['appAppUserURL'] = $bd['url'];     
-      
-      $rep = nxs_remote_get('https://api.medium.com/v1/users/'.$options['appAppUserID'].'/publications', $advSet);  prr($advSet); prr($rep);
-      $bd = json_decode($rep['body'], true); if (!is_array($bd) || !is_array($bd['data'])) die('ERROR'); else prr($bd); $bd = $bd['data'];   $pubList = array();
-      foreach ($bd as $d) { $repX = nxs_remote_get('https://api.medium.com/v1/publications/'.$d['id'].'/contributors', $advSet);
-        $bdX = json_decode($repX['body'], true); if (!is_array($bdX) || !is_array($bdX['data'])) die('ERROR'); else prr($bdX); $bdX = $bdX['data']; 
-        foreach ($bdX as $dX) { if ($dX['userId']==$options['appAppUserID']) { $pubList[] = array('id'=>$d['id'], 'name'=>$d['name']); break; }}
-      } $options['pubList'] = $pubList;
-      
-      nxs_save_glbNtwrks($ntInfo['lcode'],$ii,$options,'*'); prr($options);
-      echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>';  die();      
+  function doAuth() {  $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+    if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+        if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){
+          //if(stripos($nxs_snapSetPgURL, 'page=NextScripts_SNAP.php')===false) { $newURL = explode('?', $nxs_snapSetPgURL); $nxs_snapSetPgURL = $newURL[0]; }
+          $url = 'https://medium.com/m/oauth/authorize?client_id='.nxs_gak($options['appKey']).'&scope=basicProfile,publishPost,listPublications&state=nxsmdauth-'. sanitize_text_field($_GET['auth']).'-'.$acc.'&response_type=code&redirect_uri='.urlencode($nxs_snapSetPgURL);
+          echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>';
+          die();
+        }
+        if ( isset($_GET['state']) && strlen($_GET['state'])>13 && substr($_GET['state'],0,12)=='nxsmdauth-md'){ $ii = explode('-',sanitize_text_field($_GET['state'])); $ii = $ii[2]; $options = $this->nt[$ii];
+          $data = array('code'=>sanitize_text_field($_GET['code']), 'client_id'=>nxs_gak($options['appKey']),'client_secret'=>nxs_gas($options['appSec']),'grant_type'=>'authorization_code','redirect_uri'=>$nxs_snapSetPgURL);
+          $hdrsArr = array(); $hdrsArr['Content-Type']='application/x-www-form-urlencoded'; $hdrsArr['Accept']='application/json'; $hdrsArr['Accept-Charset']='utf-8';
+          $hdrsArr['Cache-Control']='max-age=0'; $hdrsArr['Connection']='keep-alive'; $hdrsArr['Referer']='';
+          $hdrsArr['User-Agent']='Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.54 Safari/537.36';
+          $advSet = nxs_mkRemOptsArr($hdrsArr, '', $data); $rep = nxs_remote_post('https://api.medium.com/v1/tokens/', $advSet); prr($advSet); prr($rep);
+          $bd = json_decode($rep['body'], true); if (!is_array($bd)) die('ERROR'); else prr($bd); $options['accessToken'] = $bd['access_token'];
+
+          $hdrsArr['Authorization']='Bearer '.$options['accessToken'];
+          $advSet = nxs_mkRemOptsArr($hdrsArr); $rep = nxs_remote_get('https://api.medium.com/v1/me', $advSet); prr($advSet); prr($rep);  if (is_nxs_error($rep)) {  $badOut = print_r($rep, true)." - ERROR -02-"; return $badOut; }
+          $bd = json_decode($rep['body'], true); if (!is_array($bd) || !is_array($bd['data'])) die('ERROR'); else prr($bd); $bd = $bd['data'];
+          $options['appAppUserID'] = $bd['id']; $options['appAppUserName'] = $bd['name'].' ('.$bd['username'].')';  $options['appAppUserURL'] = $bd['url'];
+
+          $rep = nxs_remote_get('https://api.medium.com/v1/users/'.$options['appAppUserID'].'/publications', $advSet);  prr($advSet); prr($rep);
+          $bd = json_decode($rep['body'], true); if (!is_array($bd) || !is_array($bd['data'])) die('ERROR'); else prr($bd); $bd = $bd['data'];   $pubList = array();
+          foreach ($bd as $d) { $repX = nxs_remote_get('https://api.medium.com/v1/publications/'.$d['id'].'/contributors', $advSet);
+            $bdX = json_decode($repX['body'], true); if (!is_array($bdX) || !is_array($bdX['data'])) die('ERROR'); else prr($bdX); $bdX = $bdX['data'];
+            foreach ($bdX as $dX) { if ($dX['userId']==$options['appAppUserID']) { $pubList[] = array('id'=>$d['id'], 'name'=>$d['name']); break; }}
+          } $options['pubList'] = $pubList;
+
+          nxs_save_glbNtwrks($ntInfo['lcode'],$ii,$options,'*'); prr($options);
+          echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>';  die();
+        }
     }
   }
@@ -49 +51 @@
               <div style="font-size: 11px; margin: 0px;"><?php _e('Currently available way to connect to Medium', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
           </div>
-          <label for="sesDiv<?php echo $nt; ?><?php echo $ii; ?>session">Integration token:</label>
-          <input style="max-width:400px;" class="nxAccEdElem form-control" id="sesDiv<?php echo $nt; ?><?php echo $ii; ?>accessToken" name="<?php echo $nt; ?>[<?php echo $ii; ?>][accessToken]" value="<?php echo($options['accessToken']); ?>" /><br/>
+          <label for="sesDiv<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>session">Integration token:</label>
+          <input style="max-width:400px;" class="nxAccEdElem form-control" id="sesDiv<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>accessToken" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][accessToken]" value="<?php echo($options['accessToken']); ?>" /><br/>
 
       </div>
@@ -62 +64 @@
       </div>
 
-    <br/><br/><div><b style="font-size: 15px;"><?php _e('Where to post:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b><select name="md[<?php echo $ii; ?>][publ]"><option <?php if (empty($options['publ'])) echo 'selected="selected"'; ?>  value="0">Profile</option>
+    <br/><br/><div><b style="font-size: 15px;"><?php _e('Where to post:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b><select name="md[<?php echo esc_attr($ii); ?>][publ]"><option <?php if (empty($options['publ'])) echo 'selected="selected"'; ?>  value="0">Profile</option>
       <?php if (!empty($options['pubList'])) { ?> <?php foreach ($options['pubList'] as $pb) {?> <option <?php if ((string)$pb['id']==(string)$options['publ']) echo 'selected="selected"'; ?> value="<?php echo $pb['id']; ?>">[Publication]&nbsp;<?php echo $pb['name']; ?></option> <?php }} ?></select>
     </div>
     <br/><?php $this->elemTitleFormat($ii,'Title Format','msgTFormat',$options['msgTFormat']); ?> <br/><?php $this->elemMsgFormat($ii,'Message Text Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
+    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
       <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>  <?php _e('Tags from the blogpost will be auto-posted to '.$ntInfo['name'], 'social-networks-auto-poster-facebook-twitter-g'); ?>                                                               
     </div> <br/>
@@ -73 +75 @@
       _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User: <?php _e(apply_filters('format_to_edit', htmlentities($options['appAppUserName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.
       <?php _e('You can', 'social-networks-auto-poster-facebook-twitter-g'); ?> Re- <?php } ?>            
-      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo $nt; ?>&acc=<?php echo $ii; ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
+      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo esc_attr($nt); ?>&acc=<?php echo esc_attr($ii); ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
       <?php if (!isset($options['appAppUserID']) || $options['appAppUserID']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php } 
     } ?><br/><br/> <?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/ok.php

@@ -17 +17 @@
     
     <div style="width:100%;"><strong>Group ID:</strong> </div>    
-    <input name="<?php echo $nt; ?>[<?php echo $ii; ?>][gid]"style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['gid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />              
+    <input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][gid]"style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['gid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />
     <br/><br/>   
     
@@ -24 +24 @@
     <div style="width:100%;"><strong id="altFormatText"><?php  _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     <div style="margin-left: 10px;">
-      <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
-      <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Text with image', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
-      <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Post link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+      <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+      <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Text with image', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+      <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Post link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
     </div><br/><br/>
     
@@ -60 +60 @@
           ?>          
           <tr class="nxstbldo <?php echo 'nxstbldo'.strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/></th><td>     
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('Text with Image', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('Text with Image', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
      </td></tr>
           <?php
@@ -81 +81 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('Text with Image', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('Text with Image', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/pk.php

@@ -25 +25 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return !empty($options['pgID']) && !empty($options['accessToken']); }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;     
-   if ( isset($_GET['auth']) && $_GET['auth']=='pk'){ require_once('apis/plurkOAuth.php'); $options = $this->nt[$_GET['acc']];  prr($options, 'OPTS:');  prr($this->nt, 'OPTS:');
-              $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=pka&acc=".$_GET['acc'];             
-              $tum_oauth = new wpPlurkOAuth($consumer_key, $consumer_secret); $request_token = $tum_oauth->getReqToken($callback_url); 
-              $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret']; //prr($tum_oauth); prr($options); //die();              
-              switch ($tum_oauth->http_code) { case 200: $url = 'https://www.plurk.com/OAuth/authorize?oauth_token='.$options['oAuthToken']; nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
-                echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break; 
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+    if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+        if ( isset($_GET['auth']) && $_GET['auth']=='pk'){ require_once('apis/plurkOAuth.php'); prr($options, 'OPTS:');  prr($this->nt, 'OPTS:');
+              $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=pka&acc=".$acc;
+              $tum_oauth = new wpPlurkOAuth($consumer_key, $consumer_secret); $request_token = $tum_oauth->getReqToken($callback_url);
+              $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret']; //prr($tum_oauth); prr($options); //die();
+              switch ($tum_oauth->http_code) { case 200: $url = 'https://www.plurk.com/OAuth/authorize?oauth_token='.$options['oAuthToken']; nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
+                echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break;
                 default: echo '<br/><b style="color:red">Could not connect to Plurk. Refresh the page or try again later.</b>'; die();
               }
               die();
-            }
-   if ( isset($_GET['auth']) && $_GET['auth']=='pka'){ require_once('apis/plurkOAuth.php'); $options = $this->nt[$_GET['acc']];
+        }
+        if ( isset($_GET['auth']) && $_GET['auth']=='pka'){ require_once('apis/plurkOAuth.php');
               $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); prr($options, 'OPTS:');
               $tum_oauth = new wpPlurkOAuth($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); //prr($tum_oauth);
               $access_token = $tum_oauth->getAccToken($_GET['oauth_verifier']); prr($access_token);
-              $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];              
-              nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
-              $tum_oauth = new wpPlurkOAuth($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']); 
-              $uinfo = $tum_oauth->makeReq('https://www.plurk.com/APP/Profile/getOwnProfile', $params); 
+              $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];
+              nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
+              $tum_oauth = new wpPlurkOAuth($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);
+              $uinfo = $tum_oauth->makeReq('https://www.plurk.com/APP/Profile/getOwnProfile', $params);
               if (is_array($uinfo) && isset($uinfo['user_info'])) $userinfo = $uinfo['user_info']['display_name'];
-              if (empty($userinfo) && is_array($uinfo) && isset($uinfo['user_info'])) $userinfo = $uinfo['user_info']['nick_name'];  $options['pgID'] = $userinfo; 
-              nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
-              if ($options['pgID']!='') {  
+              if (empty($userinfo) && is_array($uinfo) && isset($uinfo['user_info'])) $userinfo = $uinfo['user_info']['nick_name'];  $options['pgID'] = $userinfo;
+              nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
+              if ($options['pgID']!='') {
                   $gGet = $_GET; unset($gGet['auth']); unset($gGet['acc']); unset($gGet['oauth_token']);  unset($gGet['oauth_verifier']); unset($gGet['post_type']);
                   $sturl = explode('?',$nxs_snapSetPgURL); $nxs_snapSetPgURL = $sturl[0].((!empty($gGet))?'?'.http_build_query($gGet):'');
                   echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>'; die();
               }
-                else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span>");              
-            }  
+                else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span>");
+        }
+    }
   }    
   
   function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; ?>    
-    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Your Plurk URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][pkURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['pkURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Your Plurk URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][pkURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['pkURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     <?php $this->elemKeySecret($ii,'App Key','App Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://www.plurk.com/PlurkApp/'); ?>    
     <div style=""> <div style="width:100%;"><strong id="altFormatText">Plurk prefix:</strong> </div>  
-      <select name="pk[<?php echo $ii; ?>][pkCat]" id="pkCat<?php echo $ii; ?>">
+      <select name="pk[<?php echo esc_attr($ii); ?>][pkCat]" id="pkCat<?php echo esc_attr($ii); ?>">
         <?php  $pkCats = $this->pkCats(); if (isset($options['pkCat']) && $options['pkCat']!='') $pkCats = str_replace($options['pkCat'].'"', $options['pkCat'].'" selected="selected"', $pkCats);  echo $pkCats; ?>
       </select>            
     </div>      
-    <div style="margin: 0px;"><input value="1"  id="apLIAttch" type="checkbox" name="pk[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong>Attach Image to Plurk Post</strong></div>
+    <div style="margin: 0px;"><input value="1"  id="apLIAttch" type="checkbox" name="pk[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong>Attach Image to Plurk Post</strong></div>
     <?php $this->elemMsgFormat($ii,'Post Format','msgFormat',$options['msgFormat']); ?>
     
@@ -74 +76 @@
             Your Plurk Account has been authorized. Your display name: <?php _e(apply_filters('format_to_edit', htmlentities($options['pgID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>. 
             You can Re- <?php } ?>            
-            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=pk&acc=<?php echo $ii; ?>">Authorize Your Plurk Account</a> 
+            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=pk&acc=<?php echo esc_attr($ii); ?>">Authorize Your Plurk Account</a> 
               <?php if (empty($options['oAuthTokenSecret'])) { ?> <div class="blnkg">&lt;=== Authorize your account ===</div> <?php } ?>            
             <?php }  ?>                        

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/pn.php

@@ -41 +41 @@
               <div style="font-size: 11px; margin: 0px;"><?php _e('[Optional] Please use this only if you are having troubles to login/post without it.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
           </div>
-          <label for="sesDiv<?php echo $nt; ?><?php echo $ii; ?>session">Session ID</label>
-          <input style="max-width:400px;" class="nxAccEdElem form-control" id="sesDiv<?php echo $nt; ?><?php echo $ii; ?>session" name="<?php echo $nt; ?>[<?php echo $ii; ?>][session]" value="<?php echo($options['session']); ?>" /><br/>
+          <label for="sesDiv<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>session">Session ID</label>
+          <input style="max-width:400px;" class="nxAccEdElem form-control" id="sesDiv<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>session" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][session]" value="<?php echo($options['session']); ?>" /><br/>
 
       </div>
     
      <br/ ><div style="width:100%;"><b><?php _e('Board', 'nxs_snap'); ?></b>&nbsp;(<?php _e('Please select the board to post to', 'nxs_snap'); ?>)</div>
-    <div id="nxsPNInfoDiv<?php echo $ii; ?>">
+    <div id="nxsPNInfoDiv<?php echo esc_attr($ii); ?>">
          <div style="width:100%;">
           <div>                   
-          <select id="pnBoard<?php echo $ii; ?>" onchange="nxs_pnBoardChange('<?php echo $ii;?>',jQuery(this));" name="pn[<?php echo $ii;?>][pnBoard]">
+          <select id="pnBoard<?php echo esc_attr($ii); ?>" onchange="nxs_pnBoardChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="pn[<?php echo esc_attr($ii);?>][pnBoard]">
             <?php $pgi = !empty($options['pnBoardsList'])?$options['pnBoardsList']:''; 
               echo (!empty($pgi) && stripos($pgi,$options['pnBoard'])===false)?'<option selected="selected" value="'.$options['pnBoard'].'">'.$options['pnBoard'].'</option>':''; 
@@ -57 +57 @@
               echo $pgi;
             ?>
-          </select><div id="nxsPNInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="pnBRDIDCst<?php echo $ii; ?>" value="<?php echo !empty($options['pnBoard'])?$options['pnBoard']:''; ?>" class="nxs_pnBRDIDcst" data-tid="pnBoard<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_pnGetBoards(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          </select><div id="nxsPNInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="pnBRDIDCst<?php echo esc_attr($ii); ?>" value="<?php echo !empty($options['pnBoard'])?$options['pnBoard']:''; ?>" class="nxs_pnBRDIDcst" data-tid="pnBoard<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_pnGetBoards(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>     
-          <div id="nxsPNMsgDiv<?php echo $ii; ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please enter your login/password to see the list of your boards', 'nxs_snap'); ?><?php } ?></div>                                                 
+          <div id="nxsPNMsgDiv<?php echo esc_attr($ii); ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please enter your login/password to see the list of your boards', 'nxs_snap'); ?><?php } ?></div>                                                 
     </div>
   <script type="text/javascript">      
-      jQuery('#apPNUName<?php echo $ii; ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apPNPass<?php echo $ii; ?>').val(); if( u!='' && p!='' ) { nxs_pnGetBoards(<?php echo $ii; ?>,0); }  }); 
-      jQuery('#apPNPass<?php echo $ii; ?>').change(function() { var u = jQuery('#apPNUName<?php echo $ii; ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_pnGetBoards(<?php echo $ii; ?>,0); }  });
+      jQuery('#apPNUName<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apPNPass<?php echo esc_attr($ii); ?>').val(); if( u!='' && p!='' ) { nxs_pnGetBoards(<?php echo esc_attr($ii); ?>,0); }  }); 
+      jQuery('#apPNPass<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery('#apPNUName<?php echo esc_attr($ii); ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_pnGetBoards(<?php echo esc_attr($ii); ?>,0); }  });
   </script>
   
    <br/><strong><?php _e('Clickthrough URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> 
 <div style="margin-bottom: 20px;margin-top: 5px;">
-<input type="radio" name="pn[<?php echo $ii; ?>][cImgURL]" value="R" <?php if ( empty($options['cImgURL']) || $options['cImgURL'] == 'R') echo 'checked="checked"'; ?> /><?php _e('Regular Post URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;
-<!-- <input type="radio" name="pn[<?php echo $ii; ?>][cImgURL]" value="S" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'S') echo 'checked="checked"'; ?> /> Shortened Post URL&nbsp;&nbsp; -->
-<input type="radio" name="pn[<?php echo $ii; ?>][cImgURL]" value="N" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'N') echo 'checked="checked"'; ?> /><?php _e('No Clickthrough URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;</div>
+<input type="radio" name="pn[<?php echo esc_attr($ii); ?>][cImgURL]" value="R" <?php if ( empty($options['cImgURL']) || $options['cImgURL'] == 'R') echo 'checked="checked"'; ?> /><?php _e('Regular Post URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;
+<!-- <input type="radio" name="pn[<?php echo esc_attr($ii); ?>][cImgURL]" value="S" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'S') echo 'checked="checked"'; ?> /> Shortened Post URL&nbsp;&nbsp; -->
+<input type="radio" name="pn[<?php echo esc_attr($ii); ?>][cImgURL]" value="N" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'N') echo 'checked="checked"'; ?> /><?php _e('No Clickthrough URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;</div>
 
             <div style="width:100%;"><strong><?php _e('URL of the Default Image to Pin', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> 
             <div style="font-size: 11px; margin: 0px;"><?php _e('If your post does not have any images this will be used instead.', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
-            </div><input style="width:400px;" name="pn[<?php echo $ii; ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+            </div><input style="width:400px;" name="pn[<?php echo esc_attr($ii); ?>][defImg]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
             <br/><br/>   
              
-             <div style="margin-bottom: 5px; margin-left: 0px; "><input value="1"  id="isAttachVid" type="checkbox" name="pn[<?php echo $ii; ?>][isAttachVid]"  <?php if (isset($options['isAttachVid']) && (int)$options['isAttachVid'] == 1) echo "checked"; ?> />    <strong><?php _e('If post has a video use it instead of image.', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong><br/><i><?php _e('Video will be pinned instead of featured image. Only Youtube is supported at this time.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>
+             <div style="margin-bottom: 5px; margin-left: 0px; "><input value="1"  id="isAttachVid" type="checkbox" name="pn[<?php echo esc_attr($ii); ?>][isAttachVid]"  <?php if (isset($options['isAttachVid']) && (int)$options['isAttachVid'] == 1) echo "checked"; ?> />    <strong><?php _e('If post has a video use it instead of image.', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong><br/><i><?php _e('Video will be pinned instead of featured image. Only Youtube is supported at this time.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>
     <br/><br/></div>  
     <?php $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Post Text Format','msgFormat',$options['msgFormat']);?><br/ ><?php
@@ -110 +110 @@
         $this->nxs_tmpltAddPostMeta($post, $ntOpt, $pMeta); ?>
         <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; padding-top: 5px; padding-right:10px;">Select Board</th>
-                <td><select name="pn[<?php echo $ii; ?>][pnBoard]">
+                <td><select name="pn[<?php echo esc_attr($ii); ?>][pnBoard]">
             <?php  $ntOpt = $this->getMergeOptInfo($ntOpt, $ii); if (!empty($ntOpt['pnBoardsList'])){ 
               if ($ntOpt['pnBoard']!='') $gPNBoards = str_replace($ntOpt['pnBoard'].'"', $ntOpt['pnBoard'].'" selected="selected"', str_ireplace('selected="selected" ','', $ntOpt['pnBoardsList']));  echo $gPNBoards;} else { ?>
@@ -133 +133 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Select Board', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-       <select name="pn[<?php echo $ii; ?>][pnBoard]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>">
+       <select name="pn[<?php echo esc_attr($ii); ?>][pnBoard]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>">
             <?php  $ntOpt = $this->getMergeOptInfo($ntOpt, $ii); if (!empty($ntOpt['pnBoardsList'])){ 
               if ($ntOpt['pnBoard']!='') $gPNBoards = str_replace($ntOpt['pnBoard'].'"', $ntOpt['pnBoard'].'" selected="selected"', str_ireplace('selected="selected" ','', $ntOpt['pnBoardsList']));  echo $gPNBoards;} else { ?>
@@ -155 +155 @@
   } 
    //## PN Specific
-  function getListOfPNBoards($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_pn_'.sha1('nxs_snap_pn'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; 
+  function getListOfPNBoards($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_pn_'.sha1('nxs_snap_pn'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']);
      if (!class_exists("nxsAPI_PN")) { $outMsg = '<b style="color:red;">'.__('API Not Found').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }  $nt = new nxsAPI_PN(); // prr($opVal);
      $currPstAs = !empty($_POST['pnBoard'])?$_POST['pnBoard']:(!empty($networks['pn'][$ii])?$networks['pn'][$ii]['pnBoard']:'');
@@ -161 +161 @@
      if(!empty($_POST['s'])&& property_exists ('nxsAPI_PN', 'sess')) $nt->sess['sid'] = $_POST['s'];
      if (!empty($networks['pn'][$ii]['proxy'])&&!empty($networks['pn'][$ii]['proxyOn'])){ $nt->proxy['proxy'] = $networks['pn'][$ii]['proxy']['proxy']; if (!empty($networks['pn'][$ii]['proxy']['up'])) $nt->proxy['up'] = $networks['pn'][$ii]['proxy']['up']; }
-     $loginError=$nt->connect($_POST['u'],$_POST['p']);// var_dump($loginError);
+     $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);// var_dump($loginError);
        if (!$loginError){ $opVal['ck'] = $nt->ck; $pgs = $nt->getBoards($currPstAs); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/rd.php

@@ -33 +33 @@
     
     <br/ ><div style="width:100%;"><b><?php _e('Subreddit ID', 'nxs_snap'); ?></b>&nbsp;(<?php _e('Please select Subreddit', 'nxs_snap'); ?>)</div>
-    <div id="nxsRDInfoDiv<?php echo $ii; ?>">
+    <div id="nxsRDInfoDiv<?php echo esc_attr($ii); ?>">
          <div style="width:100%;">
           <div>                   
-          <select id="rdSubReddit<?php echo $ii; ?>" onchange="nxs_rdSRChange('<?php echo $ii;?>',jQuery(this));" name="rd[<?php echo $ii;?>][rdSubReddit]">
+          <select id="rdSubReddit<?php echo esc_attr($ii); ?>" onchange="nxs_rdSRChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="rd[<?php echo esc_attr($ii);?>][rdSubReddit]">
             <?php $pgi = !empty($options['rdSubRedditsList'])?$options['rdSubRedditsList']:''; 
-              echo (!empty($pgi) && stripos($pgi,$options['rdSubReddit'])===false)?'<option selected="selected" value="'.$options['rdSubReddit'].'">'.$options['rdSubReddit'].'</option>':''; 
-              if (!empty($options['rdSubReddit'])) { $pgi = str_ireplace('selected="selected" ','',$pgi); $pgi = str_ireplace('value="'.$options['rdSubReddit'].'"','selected="selected" value="'.$options['rdSubReddit'].'"',$pgi); } 
+              echo (!empty($pgi) && stripos($pgi,$options['rdSubReddit'])===false)?'<option selected="selected" value="'.esc_attr($options['rdSubReddit']).'">'.wp_kses($options['rdSubReddit'], wp_kses_allowed_html( 'post' )).'</option>':'';
+              if (!empty($options['rdSubReddit'])) { $pgi = str_ireplace('selected="selected" ','',$pgi); $pgi = str_ireplace('value="'.$options['rdSubReddit'].'"','selected="selected" value="'.esc_attr($options['rdSubReddit']).'"',$pgi); } 
                 else echo '<option value="">None(Click refresh icon to retrieve your subreddits)</option>';
               echo $pgi;
             ?>
-          </select><div id="nxsRDInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="rdSRIDCst<?php echo $ii; ?>" value="<?php echo $options['rdSubReddit']; ?>" class="nxs_rdSRIDcst" data-tid="rdSubReddit<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_rdGetSRs(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          </select><div id="nxsRDInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="rdSRIDCst<?php echo esc_attr($ii); ?>" value="<?php echo esc_attr($options['rdSubReddit']); ?>" class="nxs_rdSRIDcst" data-tid="rdSubReddit<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_rdGetSRs(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>     
-          <div id="nxsRDMsgDiv<?php echo $ii; ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please enter your login/password to see the list of your subreddits', 'nxs_snap'); ?><?php } ?></div>                                                 
+          <div id="nxsRDMsgDiv<?php echo esc_attr($ii); ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please enter your login/password to see the list of your subreddits', 'nxs_snap'); ?><?php } ?></div>                                                 
     </div><i style="color: #580000;">Please do not try to post to subredits that you do not own. Reddit is very serious about it's policy that prohibits sharing your own links. You will loose posting privileges and you account will be <b>banned</b> if you post to public subreddits. </i>
             <br/>  <br/>  
@@ -53 +53 @@
     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong></div>                      
       <div style="margin-left: 10px;">
-        <input type="radio" name="rd[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>
+        <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>
         <br/>
-        <input type="radio" name="rd[<?php echo $ii; ?>][postType]" value="T" <?php if (!empty($options['postType']) && $options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('set the text format below', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>
+        <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if (!empty($options['postType']) && $options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('set the text format below', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>
      </div>
   
   <script type="text/javascript">      
-      jQuery('#apRDUName<?php echo $ii; ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apRDPass<?php echo $ii; ?>').val(); if( u!='' && p!='' ) { nxs_rdGetSRs(<?php echo $ii; ?>,0); }  });
-      jQuery('#apRDPass<?php echo $ii; ?>').change(function() { var u = jQuery('#apRDUName<?php echo $ii; ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_rdGetSRs(<?php echo $ii; ?>,0); }  });
+      jQuery('#apRDUName<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apRDPass<?php echo esc_attr($ii); ?>').val(); if( u!='' && p!='' ) { nxs_rdGetSRs(<?php echo esc_attr($ii); ?>,0); }  });
+      jQuery('#apRDPass<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery('#apRDUName<?php echo esc_attr($ii); ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_rdGetSRs(<?php echo esc_attr($ii); ?>,0); }  });
   </script>
   
@@ -90 +90 @@
         <?php  $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgTFormat);  $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat); ?>
          <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> </th><td>             
-        <input type="radio" name="rd[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         <br/>
-      <input type="radio" name="rd[<?php echo $ii; ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?><br/>               
+      <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?><br/>               
      </td></tr>
         <?php
@@ -111 +111 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-       <input type="radio" name="rd[<?php echo $ii; ?>][postType]" class="nxsEdElem" value="A" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+       <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" class="nxsEdElem" value="A" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( empty($postType) || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Link Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         <br/>
-      <input type="radio" name="rd[<?php echo $ii; ?>][postType]" class="nxsEdElem" value="T" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+      <input type="radio" name="rd[<?php echo esc_attr($ii); ?>][postType]" class="nxsEdElem" value="T" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
      </div>
    </div><?php
@@ -129 +129 @@
   } 
    //## RD Specific
-  function getListOfSubReddits($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_rd_'.sha1('nxs_snap_rd'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_RD();  // prr($opVal);
+  function getListOfSubReddits($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_rd_'.sha1('nxs_snap_rd'.sanitize_user($_POST['u']).$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_RD();  // prr($opVal);
      $currPstAs = !empty($_POST['rdSR'])?$_POST['rdSR']:(!empty($networks['rd'][$ii])?$networks['rd'][$ii]['rdSubReddit']:'');
      if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['rdSubRedditsList']) ) $pgs = $opVal['rdSubRedditsList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; 
-       if (!empty($networks['rd'][$ii]['proxy'])&&!empty($networks['rd'][$ii]['proxyOn'])){ $nt->proxy['proxy'] = $networks['rd'][$ii]['proxy']['proxy']; if (!empty($networks['rd'][$ii]['proxy']['up'])) $nt->proxy['up'] = $networks['rd'][$ii]['proxy']['up']; } $loginError=$nt->connect($_POST['u'],$_POST['p']);// var_dump($loginError);
+       if (!empty($networks['rd'][$ii]['proxy'])&&!empty($networks['rd'][$ii]['proxyOn'])){ $nt->proxy['proxy'] = $networks['rd'][$ii]['proxy']['proxy']; if (!empty($networks['rd'][$ii]['proxy']['up'])) $nt->proxy['up'] = $networks['rd'][$ii]['proxy']['up']; } $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);// var_dump($loginError);
        if (!$loginError){ $opVal['ck'] = $nt->ck; $nt->getSubReddits($currPstAs); $pgs = $nt->srList; }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/sc.php

@@ -23 +23 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return (!empty($options['appAppUserID']) && !empty($options['accessToken'])) || !empty($options['uPass']); }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;     
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){ require_once('apis/scOAuth.php'); $options = $this->nt[$_GET['acc']];
-              
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+    if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+        if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){ require_once('apis/scOAuth.php');
               $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
-              $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$_GET['acc'];
-             
-              $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret); 
-              $request_token = $tum_oauth->getReqToken($callback_url); 
+              $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$acc;
+              $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret);
+              $request_token = $tum_oauth->getReqToken($callback_url);
               $options['oAuthToken'] = $request_token['oauth_token'];
               $options['oAuthTokenSecret'] = $request_token['oauth_token_secret'];
-
               //prr($tum_oauth); prr($options); die();
-              
-              switch ($tum_oauth->http_code) { case 200: $url = 'http://www.scoop.it/oauth/authorize?oauth_token='.$options['oAuthToken']; 
-                $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$_GET['acc']] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);
-                echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break; 
+              switch ($tum_oauth->http_code) { case 200: $url = 'http://www.scoop.it/oauth/authorize?oauth_token='.$options['oAuthToken'];
+                $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$acc] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);
+                echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break;
                 default: echo '<br/><b style="color:red">Could not connect to ScoopIT. Refresh the page or try again later.</b>'; die();
               }
               die();
             }
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ require_once('apis/scOAuth.php'); $options = $this->nt[$_GET['acc']];
+        if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ require_once('apis/scOAuth.php');
               $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
-            
               $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); //prr($tum_oauth);
               $access_token = $tum_oauth->getAccToken($_GET['oauth_verifier']); prr($access_token);
-              $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];              
-              $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$_GET['acc']] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);              
-              $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);               
-              $uinfo = $tum_oauth->makeReq('http://www.scoop.it/api/1/profile', ''); 
-              if (is_array($uinfo) && isset($uinfo['user'])) { $options['appAppUserName'] = $uinfo['user']['name']."(".$uinfo['user']['shortName'].")";                            
-                $options['appAppUserID'] = $uinfo['user']['id']; $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$_GET['acc']] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);
+              $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];
+              $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$acc] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);
+              $tum_oauth = new wpScoopITOAuth($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);
+              $uinfo = $tum_oauth->makeReq('http://www.scoop.it/api/1/profile', '');
+              if (is_array($uinfo) && isset($uinfo['user'])) { $options['appAppUserName'] = $uinfo['user']['name']."(".$uinfo['user']['shortName'].")";
+                $options['appAppUserID'] = $uinfo['user']['id']; $optionsG = get_option('nxsSNAPNetworks'); $optionsG[$ntInfo['lcode']][$acc] = $options;  update_option('nxsSNAPNetworks', $optionsG, false);
               } //die();
               if (!empty($options['appAppUserID'])) {  echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>'; die();}
-                else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".print_r($uinfo, true)."</span></span>");              
-            } 
+                else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".print_r($uinfo, true)."</span></span>");
+        }
+    }
   }    
   
@@ -65 +62 @@
       <span style="color:#005800; font-weight: bold; font-size: 14px;">Scoop.it Native API:</span> Free Native API. <div style="padding-bottom: 10px;"><b style="color: red;">Important:</b>&nbsp; Scoop.it announced that "Starting January 15, 2018, Scoop.it's free API will be discontinued.". <a href="http://nxs.fyi/scapi" target="_blank">More info here</a></div> 
       <span style="color:#005800; font-weight: bold; font-size: 14px;">NextScripts API for Scoop.it:</span> Premium API. <br/><br/><br/>    
-      <select name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_api'+jQuery(this).val()+'div_<?php echo $ii; ?>').show();  "><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='sc')?"selected":""; ?> value="sc">Scoop.it Native API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API for Scoop.it</option></select><hr/>
+      <select name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_api'+jQuery(this).val()+'div_<?php echo esc_attr($ii); ?>').show();  "><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='sc')?"selected":""; ?> value="sc">Scoop.it Native API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API for Scoop.it</option></select><hr/>
     
     </div>
   
-  <div id="nxs_<?php echo $nt; ?>_apiscdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apiscdiv_<?php echo $ii; ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='sc')?"block":"none"; ?>;"><h3>Scoop.it Native API</h3>   
+  <div id="nxs_<?php echo esc_attr($nt); ?>_apiscdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apiscdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='sc')?"block":"none"; ?>;"><h3>Scoop.it Native API</h3>   
   
   
@@ -81 +78 @@
             <?php _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User ID: <?php _e(apply_filters('format_to_edit', htmlentities($options['appAppUserID'].' - '.$options['appAppUserName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.
             <?php _e('You can', 'social-networks-auto-poster-facebook-twitter-g'); ?> Re- <?php } ?>            
-            <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo $nt; ?>&acc=<?php echo $ii; ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a> 
+            <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo esc_attr($nt); ?>&acc=<?php echo esc_attr($ii); ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a> 
             
             <?php if (!isset($options['appAppUserID']) || $options['appAppUserID']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php }?>
@@ -88 +85 @@
      </div>       
             
-<div id="nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
+<div id="nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='nx')?"block":"none"; ?>;"><h3>NextScripts API</h3>
 
     <?php if (class_exists('nxsAPI_SC')) { if (!empty($options['uPass'])&&!empty($options['uName'])) { $opNm = 'nxs_snap_sc_'.sha1('nxs_snap_sc'.$options['uName'].$options['uPass']); $opVal = nxs_getOption($opNm); //prr($opVal);
@@ -96 +93 @@
     } if (empty($options['uPass'])) $options['uPass'] = ''; if (empty($options['uName'])) $options['uName'] = '';
     ?>
-    <div class="subDiv" id="sub<?php echo $ii; ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
+    <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
     
     
@@ -104 +101 @@
 </div>            
             
-         <div style="width:100%;"><strong><?php echo $ntInfo['name']; ?> Topic URL:</strong> </div>http://www.scoop.it/t/<input name="<?php echo $nt; ?>[<?php echo $ii; ?>][topicURL]"  style="width: 20%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['topicURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+         <div style="width:100%;"><strong><?php echo $ntInfo['name']; ?> Topic URL:</strong> </div>http://www.scoop.it/t/<input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][topicURL]"  style="width: 20%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['topicURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     
     <?php $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']);   $this->elemMsgFormat($ii,'Post Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     
     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong></div>                      
     <div style="margin-left: 10px;">
-       <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
-       <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-       <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Add blogpost to message as an attachment', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+       <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
+       <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+       <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Add blogpost to message as an attachment', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
     </div>   
             <?php
@@ -143 +140 @@
         ?>
          <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/></th><td>     
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Post as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>             
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Post as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>             
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
      </td></tr>
         <?php
@@ -165 +162 @@
      <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>   
      <div class="nxsPostEd_Elem">   
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Post as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>             
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Post as "Image post"', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>             
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/st.php

@@ -22 +22 @@
   function checkIfSetupFinished($options) { return !empty($options['uPass']); }
   function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?>
-    <div style="width:100%;"><strong><?php echo $ntInfo['name']; ?> Blog URL:</strong> </div>http://sett.com/<input name="<?php echo $nt; ?>[<?php echo $ii; ?>][mgzURL]"  style="width: 20%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['mgzURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
+    <div style="width:100%;"><strong><?php echo $ntInfo['name']; ?> Blog URL:</strong> </div>http://sett.com/<input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][mgzURL]"  style="width: 20%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['mgzURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
     <br/><?php $this->elemMsgFormat($ii,'Comment Text Format','msgFormat',$options['msgFormat']);
   }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/tg.php

@@ -13 +13 @@
   function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; if (empty($options['attchImg'])) $options['attchImg'] = 0; if (!isset($options['webPrev'])) $options['webPrev'] = 1; ?> <br/ >
     
-    <div style="width:100%;"><strong><?php _e('Bot Token', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="tg[<?php echo $ii; ?>][botTkn]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['botTkn'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
-    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Channel ID, Group ID or Chat ID', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="tg[<?php echo $ii; ?>][whToPost]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['whToPost'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('Bot Token', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong></div><input name="tg[<?php echo esc_attr($ii); ?>][botTkn]" style="width: 70%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['botTkn'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Channel ID, Group ID or Chat ID', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="tg[<?php echo esc_attr($ii); ?>][whToPost]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['whToPost'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
     <br/><?php $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"  <?php if ((int)$options['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"  <?php if ((int)$options['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     <br/><?php 
   }
@@ -47 +47 @@
                 
         <?php $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat); ?>
-                  <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"  <?php if ((int)$ntOpt['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
-            <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
+                  <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"  <?php if ((int)$ntOpt['webPrev'] == 1) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
+            <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>
         <?php
           /* ## Select Image & URL ## */ nxs_showImgToUseDlg($nt, $ii, $imgToUse); nxs_showURLToUseDlg($nt, $ii, $urlToUse); $this->nxs_tmpltAddPostMetaEnd($ii);        
@@ -65 +65 @@
    <div class="nxsPostEd_ElemWrap">        
      <div class="nxsPostEd_Elem">   
-        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][webPrev]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if (!empty($ntOpt['webPrev'])) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
-        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if (!empty($ntOpt['attchImg'])) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][webPrev]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if (!empty($ntOpt['webPrev'])) echo "checked"; ?> /> <strong><?php _e('Enable Web Preview', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+        <div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if (!empty($ntOpt['attchImg'])) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/tr.api.php

@@ -40 +40 @@
     $postinfo = $tum_oauth->post("https://api.tumblr.com/v2/blog/".$options['pgID']."/post", $postArr); //  prr("https://api.tumblr.com/v2/blog/".$options['pgID']."/post");  prr($postinfo);  prr($postArr);    
     
-    
-    
-    $code = $postinfo->meta->status;// echo "XX".print_r($code);  prr($postinfo); // prr($msg); prr($postinfo); echo $code."VVVV"; die("|====");    
-    if ($code == 201) { return array('postID'=>$postinfo->response->id, 'isPosted'=>1, 'postURL'=>'https://'.$options['pgID']."/post/".$postinfo->response->id, 'pDate'=>date('Y-m-d H:i:s')); } 
+    $code = $postinfo->meta->status;// echo "XX".print_r($code);  prr($postinfo); // prr($msg); prr($postinfo); echo $code."VVVV"; die("|====");
+
+    if ($code == 201) { return array('postID'=>$postinfo->response->id, 'isPosted'=>1, 'postURL'=>'https://www.tumblr.com/blog/view/'.$options['pgID']."/".$postinfo->response->id, 'pDate'=>date('Y-m-d H:i:s')); }
       else  $badOut['Error'] .=  $code . " - ".($postinfo->meta->msg).(isset($postinfo->errmsg)?$postinfo->errmsg:'')." | ".print_r($postinfo, true); 
     return $badOut;      

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/tr.php

@@ -27 +27 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return !empty($options['pgID']) && !empty($options['accessToken']); }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;     
-    if ( isset($_GET['auth']) && $_GET['auth']=='tr'){ $this->showAuthTop(); require_once('apis/trOAuth.php'); $options = $this->nt[$_GET['acc']]; 
-      $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=tra&acc=".$_GET['acc'];
-      $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret); prr($tum_oauth ); $request_token = $tum_oauth->getRequestToken($callback_url); echo "####"; prr($request_token);
-      $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret'];// prr($tum_oauth ); die();
-      switch ($tum_oauth->http_code) { case 200: $url = $tum_oauth->getAuthorizeURL($options['oAuthToken']); nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');
-        echo '<div style="text-align:center;color:green; font-weight: bold; font-size:20px;" >ALL OK. Redirecting to authorization....</div><script type="text/javascript">setTimeout(function(){ window.location = "'.$url.'"; }, 1000);</script>'; break; 
-        default: echo '<br/><b style="color:red">Could not connect to Tumblr. Refresh the page or try again later.</b>'; die('</div></div>');
-      } die('</div></div>');
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+      if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+        if ( isset($_GET['auth']) && $_GET['auth']=='tr'){ $this->showAuthTop(); require_once('apis/trOAuth.php');
+          $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=tra&acc=".$acc;
+          $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret); prr($tum_oauth ); $request_token = $tum_oauth->getRequestToken($callback_url); echo "####"; prr($request_token);
+          $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret'];// prr($tum_oauth ); die();
+          switch ($tum_oauth->http_code) { case 200: $url = $tum_oauth->getAuthorizeURL($options['oAuthToken']); nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
+            echo '<div style="text-align:center;color:green; font-weight: bold; font-size:20px;" >ALL OK. Redirecting to authorization....</div><script type="text/javascript">setTimeout(function(){ window.location = "'.$url.'"; }, 1000);</script>'; break;
+            default: echo '<br/><b style="color:red">Could not connect to Tumblr. Refresh the page or try again later.</b>'; die('</div></div>');
+          } die('</div></div>');
+        }
+        if ( isset($_GET['auth']) && $_GET['auth']=='tra'){ $this->showAuthTop(); require_once('apis/trOAuth.php'); prr($options);
+          $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
+          $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']);
+          $options['accessToken'] = $tum_oauth->getAccessToken(sanitize_text_field($_REQUEST['oauth_verifier']));  prr($tum_oauth, '**tum_oauth ==1== **');
+          prr($options['accessToken'], '**GOT ACCESS TOKEN **'); $options['accessTokenSec'] =  $options['accessToken']['oauth_token_secret']; $options['accessToken'] =  $options['accessToken']['oauth_token'];
+          $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret,  $options['accessToken'], $options['accessTokenSec']);
+          $userinfo = $tum_oauth->get('https://api.tumblr.com/v2/user/info'); prr($tum_oauth, '**tum_oauth ==2== **'); prr($userinfo, '**USERINFO**'); // prr($url); die();
+          if ($userinfo->meta->status=='401') die("<span style='color:red;'>ERROR #1: Authorized USER don't have access to the specified blog: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span></div>");
+          if (is_array($userinfo->response->user->blogs)) { $options['authUser'] = $userinfo->response->user->name; $blogs = ''; $opNm = 'nxs_snap_tr_'.sha1('nxs_snap_tr'.$options['authUser'].nxs_gak($options['appKey']));
+            foreach ($userinfo->response->user->blogs as $blog){ if (!empty($blog->uuid)) $uuid = $blog->uuid; else $uuid = rtrim(str_ireplace('http://','',str_ireplace('https://','',$blog->url)), '/');  if (empty($options['pgID'])) $options['pgID'] = $uuid;
+              $blogs .= '<option '.($options['pgID']==$uuid ? 'selected="selected"':'').' value="'.$uuid.'">'.$blog->name.' ('.$uuid.')</option>';
+            } nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*'); $opVal['blogList'] = $blogs;  nxs_saveOption($opNm, $opVal);
+            echo '<div style="text-align:center;color:green; font-weight: bold; font-size:22px;" >ALL OK. You have been authorized. Refreshing page....</div><script type="text/javascript">setTimeout(function(){ window.location = "'.$nxs_snapSetPgURL.'"; }, 3000);</script>'; die('</div></div>');
+          } prr($userinfo); die("<span style='color:red;'>ERROR #2: Authorized USER don't have access to the specified blog: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span></div></div>");
+      }
     }
-    if ( isset($_GET['auth']) && $_GET['auth']=='tra'){ $this->showAuthTop(); require_once('apis/trOAuth.php'); $options = $this->nt[$_GET['acc']]; prr($options);
-      $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);  
-      $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); 
-      $options['accessToken'] = $tum_oauth->getAccessToken($_REQUEST['oauth_verifier']);  prr($tum_oauth, '**tum_oauth ==1== **');  
-      prr($options['accessToken'], '**GOT ACCESS TOKEN **'); $options['accessTokenSec'] =  $options['accessToken']['oauth_token_secret']; $options['accessToken'] =  $options['accessToken']['oauth_token'];
-      $tum_oauth = new TumblrOAuth($consumer_key, $consumer_secret,  $options['accessToken'], $options['accessTokenSec']);            
-      $userinfo = $tum_oauth->get('https://api.tumblr.com/v2/user/info'); prr($tum_oauth, '**tum_oauth ==2== **'); prr($userinfo, '**USERINFO**'); // prr($url); die();
-      if ($userinfo->meta->status=='401') die("<span style='color:red;'>ERROR #1: Authorized USER don't have access to the specified blog: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span></div>");
-      if (is_array($userinfo->response->user->blogs)) { $options['authUser'] = $userinfo->response->user->name; $blogs = ''; $opNm = 'nxs_snap_tr_'.sha1('nxs_snap_tr'.$options['authUser'].nxs_gak($options['appKey']));
-        foreach ($userinfo->response->user->blogs as $blog){ if (!empty($blog->uuid)) $uuid = $blog->uuid; else $uuid = rtrim(str_ireplace('http://','',str_ireplace('https://','',$blog->url)), '/');  if (empty($options['pgID'])) $options['pgID'] = $uuid;
-          $blogs .= '<option '.($options['pgID']==$uuid ? 'selected="selected"':'').' value="'.$uuid.'">'.$blog->name.' ('.$uuid.')</option>'; 
-        } nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*'); $opVal['blogList'] = $blogs;  nxs_saveOption($opNm, $opVal);       
-        echo '<div style="text-align:center;color:green; font-weight: bold; font-size:22px;" >ALL OK. You have been authorized. Refreshing page....</div><script type="text/javascript">setTimeout(function(){ window.location = "'.$nxs_snapSetPgURL.'"; }, 3000);</script>'; die('</div></div>');
-      } prr($userinfo); die("<span style='color:red;'>ERROR #2: Authorized USER don't have access to the specified blog: <span style='color:darkred; font-weight: bold;'>".$options['pgID']."</span></span></div></div>");     
-    }  
   }    
   
-  function getListOfBlogs($networks){ $opVal = array(); $opNm = 'nxs_snap_tr_'.sha1('nxs_snap_tr'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; 
+  function getListOfBlogs($networks){ $opVal = array(); $opNm = 'nxs_snap_tr_'.sha1('nxs_snap_tr'.$_POST['u'].$_POST['p']); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']);
      $currPstAs = !empty($_POST['cBlog'])?$_POST['cBlog']:(!empty($networks['tr'][$ii])?$networks['tr'][$ii]['pgID']:'');
      if (empty($_POST['force']) && !empty($opVal['blogList']) ) $pgs = $opVal['blogList']; else { $options = $networks['tr'][$ii]; require_once('apis/trOAuth.php'); 
@@ -77 +79 @@
   ?><br/ ><div style="width:100%;"><b><?php _e('Where to Post', 'nxs_snap'); ?></b>&nbsp;(<?php _e('Please select your blog', 'nxs_snap'); ?>)</div>
     <?php if (!empty($options['authUser'])) {?>
-    <div id="nxsTRInfoDiv<?php echo $ii; ?>">
+    <div id="nxsTRInfoDiv<?php echo esc_attr($ii); ?>">
          <div style="width:100%;">
           <div>                   
-          <select id="trpgID<?php echo $ii; ?>" onchange="nxs_trBlogChange('<?php echo $ii;?>',jQuery(this));" name="tr[<?php echo $ii;?>][pgID]">
+          <select id="trpgID<?php echo esc_attr($ii); ?>" onchange="nxs_trBlogChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="tr[<?php echo esc_attr($ii);?>][pgID]">
             <?php $pgi = !empty($options['blogList'])?$options['blogList']:''; 
               if (!empty($options['pgID'])) { echo (!empty($options['pgID']) && stripos($pgi,$options['pgID'])===false)?'<option selected="selected" value="'.$options['pgID'].'">'.$options['pgID'].'</option>':''; }            
               if (!empty($options['pgID'])) { $pgi = str_ireplace('selected="selected" ','',$pgi); $pgi = str_ireplace('value="'.$options['pgID'].'"','selected="selected" value="'.$options['pgID'].'"',$pgi); } echo $pgi;
             ?><option value="a"><?php _e('.... Enter the Blog ID'); ?></option>
-          </select><div id="nxsTRInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="trInpCst<?php echo $ii; ?>" value="<?php echo $options['pgID']; ?>" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="trpgID<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_trGetBlogs(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          </select><div id="nxsTRInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;"> <input type="text" style="display: none;" id="trInpCst<?php echo esc_attr($ii); ?>" value="<?php echo $options['pgID']; ?>" onchange="nxs_InpToDDChange(jQuery(this));" data-tid="trpgID<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_trGetBlogs(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
-          </div> <div id="nxsTRMsgDiv<?php echo $ii; ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please authorize your account', 'nxs_snap'); ?><?php } ?></div>                                                                                                    
-    </div> <?php } ?> <input type="hidden" id="trAuthUser<?php echo $ii; ?>" value="<?php echo $options['authUser']; ?>"/> <br/><br/> 
+          </div> <div id="nxsTRMsgDiv<?php echo esc_attr($ii); ?>"><?php if (!empty($options['uMsg'])) echo $options['uMsg']; ?><?php if ($isNew) { ?><?php _e('Please authorize your account', 'nxs_snap'); ?><?php } ?></div>                                                                                                    
+    </div> <?php } ?> <input type="hidden" id="trAuthUser<?php echo esc_attr($ii); ?>" value="<?php echo $options['authUser']; ?>"/> <br/><br/> 
     
     <?php $this->elemKeySecret($ii,'OAuth Consumer Key','Secret Key', $options['appKey'], $options['appSec'],'appKey','appSec','https://www.tumblr.com/oauth/apps'); ?>
@@ -96 +98 @@
 <div style="margin-left: 10px;">
     
-    <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] != 'I') echo 'checked="checked"'; ?> onchange="nxs_TRSetEnable('T','<?php echo $ii; ?>');" /> Text Post<br/>            
-
-    <div style="width:100%; margin-left: 15px;"><strong id="altFormatText"><?php _e('Post Title Format', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> (<a href="#" id="apTRTMsgFrmt<?php echo $ii; ?>HintInfo" onclick="mxs_showHideFrmtInfo('apTRTMsgFrmt<?php echo $ii; ?>'); return false;"><?php _e('Show format info', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div><div onblur="jQuery('#apTRMsgFrmt<?php echo $ii; ?>Hint').hide();">
-              <input name="tr[<?php echo $ii; ?>][msgTFormat]" id="apTRMsgTFrmt<?php echo $ii; ?>" style="margin-left: 15px; width: 50%;" value="<?php if ($options['msgTFormat']!='') _e(apply_filters('format_to_edit', htmlentities($options['msgTFormat'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g'); else echo "New Post has been published on %SITENAME%"; ?>"  onfocus="jQuery('#apTRTMsgFrmt<?php echo $ii; ?>Hint').show();"  <?php if ($options['postType'] == 'I') echo 'disabled="disabled"'; ?>  /><br/>
+    <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] != 'I') echo 'checked="checked"'; ?> onchange="nxs_TRSetEnable('T','<?php echo esc_attr($ii); ?>');" /> Text Post<br/>            
+
+    <div style="width:100%; margin-left: 15px;"><strong id="altFormatText"><?php _e('Post Title Format', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> (<a href="#" id="apTRTMsgFrmt<?php echo esc_attr($ii); ?>HintInfo" onclick="mxs_showHideFrmtInfo('apTRTMsgFrmt<?php echo esc_attr($ii); ?>'); return false;"><?php _e('Show format info', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)  </div><div onblur="jQuery('#apTRMsgFrmt<?php echo esc_attr($ii); ?>Hint').hide();">
+              <input name="tr[<?php echo esc_attr($ii); ?>][msgTFormat]" id="apTRMsgTFrmt<?php echo esc_attr($ii); ?>" style="margin-left: 15px; width: 50%;" value="<?php if ($options['msgTFormat']!='') _e(apply_filters('format_to_edit', htmlentities($options['msgTFormat'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g'); else echo "New Post has been published on %SITENAME%"; ?>"  onfocus="jQuery('#apTRTMsgFrmt<?php echo esc_attr($ii); ?>Hint').show();"  <?php if ($options['postType'] == 'I') echo 'disabled="disabled"'; ?>  /><br/>
               <?php nxs_doShowHint("apTRTMsgFrmt".$ii); ?>
             </div>
             
-<input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> onchange="nxs_TRSetEnable('I','<?php echo $ii; ?>');"/> Image Post
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> onchange="nxs_TRSetEnable('I','<?php echo esc_attr($ii); ?>');"/> Image Post
 <i>Don't forget to change default "Post Text Format" to prevent duplicate images.</i><br/>
 
@@ -110 +112 @@
 <strong>Clickthrough URL:</strong> 
 <div style="margin-bottom: 20px;margin-top: 5px;">
-<input type="radio" name="tr[<?php echo $ii; ?>][cImgURL]" value="R" <?php if ( empty($options['cImgURL']) || $options['cImgURL'] == 'R') echo 'checked="checked"'; ?> /> Regular Post URL&nbsp;&nbsp;
-<input type="radio" name="tr[<?php echo $ii; ?>][cImgURL]" value="S" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'S') echo 'checked="checked"'; ?> /> Shortened Post URL&nbsp;&nbsp;
-<input type="radio" name="tr[<?php echo $ii; ?>][cImgURL]" value="N" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'N') echo 'checked="checked"'; ?> /> No Clickthrough URL&nbsp;&nbsp;
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][cImgURL]" value="R" <?php if ( empty($options['cImgURL']) || $options['cImgURL'] == 'R') echo 'checked="checked"'; ?> /> Regular Post URL&nbsp;&nbsp;
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][cImgURL]" value="S" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'S') echo 'checked="checked"'; ?> /> Shortened Post URL&nbsp;&nbsp;
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][cImgURL]" value="N" <?php if (!empty($options['cImgURL']) && $options['cImgURL'] == 'N') echo 'checked="checked"'; ?> /> No Clickthrough URL&nbsp;&nbsp;
 </div><strong>Defailt Image to Post:</strong> 
             <p style="font-size: 11px; margin: 0px;">If your post is missing "Featured Image" and doesn't have any images in the text body this will be used instead.</p>
-            </div><input name="tr[<?php echo $ii; ?>][defImg]" id="apTRDefImg<?php echo $ii; ?>" style=" margin-left: 15px; width: 30%;" <?php if ($options['postType'] != 'I') echo 'disabled="disabled"'; ?> value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+            </div><input name="tr[<?php echo esc_attr($ii); ?>][defImg]" id="apTRDefImg<?php echo esc_attr($ii); ?>" style=" margin-left: 15px; width: 30%;" <?php if ($options['postType'] != 'I') echo 'disabled="disabled"'; ?> value="<?php _e(apply_filters('format_to_edit', htmlentities($options['defImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
 <br/>            
-<input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="U" <?php if ($options['postType'] == 'U') echo 'checked="checked"'; ?> /> Audio Post<br/>
-<input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="V" <?php if ($options['postType'] == 'V') echo 'checked="checked"'; ?> /> Video Post<br/>            
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="U" <?php if ($options['postType'] == 'U') echo 'checked="checked"'; ?> /> Audio Post<br/>
+<input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="V" <?php if ($options['postType'] == 'V') echo 'checked="checked"'; ?> /> Video Post<br/>            
 <i style="">Tip: Your post must contain link to Audio or Video file if you select "Audio Post" or "Video Post" , otherwise it will reverted to the "Text Post"</i>
             <br/><br/>
@@ -125 +127 @@
     
     <div style="margin-bottom: 20px;margin-top: 5px;">
-              <input value="1" type="checkbox" name="tr[<?php echo $ii; ?>][fillSrcURL]"  <?php if ((int)$options['fillSrcURL'] == 1) echo "checked"; ?> /> 
+              <input value="1" type="checkbox" name="tr[<?php echo esc_attr($ii); ?>][fillSrcURL]"  <?php if ((int)$options['fillSrcURL'] == 1) echo "checked"; ?> /> 
               <strong>Fill "Source URL"</strong> Will fill Tumblr's "Source URL" with post URL or defined URL.
               
-              <br/><input value="1" type="checkbox" name="tr[<?php echo $ii; ?>][useOrDate]"  <?php if ((int)$options['useOrDate'] == 1) echo "checked"; ?> /> 
+              <br/><input value="1" type="checkbox" name="tr[<?php echo esc_attr($ii); ?>][useOrDate]"  <?php if ((int)$options['useOrDate'] == 1) echo "checked"; ?> /> 
               <strong>Keep Original Post Date</strong> Will post to Tumblr with original date of the post 
               
-              <br/><input value="1" type="checkbox" name="tr[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
+              <br/><input value="1" type="checkbox" name="tr[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
               <strong>Post with tags.</strong> Tags from the blogpost will be auto posted to Tumblr                                
               
-              <br/><input value="1" type="checkbox" name="tr[<?php echo $ii; ?>][inclCats]"  <?php if ((int)$options['inclCats'] == 1) echo "checked"; ?> /> 
+              <br/><input value="1" type="checkbox" name="tr[<?php echo esc_attr($ii); ?>][inclCats]"  <?php if ((int)$options['inclCats'] == 1) echo "checked"; ?> /> 
               <strong>Post categories as tags.</strong> Categories from the blogpost will be auto posted to Tumblr as tags                                
             </div>
@@ -144 +146 @@
             Your Tumblr Account has been authorized. User ID: <?php echo $options['authUser']; ?>| Blog ID: <?php echo $options['pgID']; ?>. 
             You can Re- <?php } ?>            
-            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=tr&acc=<?php echo $ii; ?>">Authorize Your Tumblr Account</a> 
+            <a href="<?php echo $nxs_snapSetPgURL.(stripos($nxs_snapSetPgURL, '?')!==false?'&':'?');?>auth=tr&acc=<?php echo esc_attr($ii); ?>">Authorize Your Tumblr Account</a> 
               <?php if (empty($options['accessTokenSec'])) { ?> <div class="blnkg">&lt;=== Authorize your account ===</div> <?php } ?>            
             <?php }  ?>                          
@@ -184 +186 @@
         
         <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>" style=""><th scope="row" style="text-align:right; width:60px; padding-right:10px;">
-                <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="T" <?php if ($ntOpt['postType'] != 'I') echo 'checked="checked"'; ?>  /> <br/>                
+                <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($ntOpt['postType'] != 'I') echo 'checked="checked"'; ?>  /> <br/>                
                 </th>
                 <td style="align:"><table style="width:90%; display: inline-table;"><?php $this->elemEdTitleFormat($ii, __('Text Post. Title Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgTFormat); ?></table> </td></tr>
                 
                 <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>" style=""><th scope="row" style="text-align:right; width:60px; padding-right:10px;">
-                <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="I" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?>  />  <br/>                
+                <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?>  />  <br/>                
                 </th>
                 <td><b>Image Post</b>&nbsp;&nbsp;&nbsp;&nbsp;
-                <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="V" <?php if ($ntOpt['postType'] == 'V') echo 'checked="checked"'; ?>  /> <b>Video Post</b> <?php nxs_doShowHint("apTRTMsgFrmt".$ii); ?> &nbsp;&nbsp;&nbsp;&nbsp;
-                <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="U" <?php if ($ntOpt['postType'] == 'U') echo 'checked="checked"'; ?>  /> <b>Audio Post</b> <?php nxs_doShowHint("apTRTMsgFrmt".$ii); ?> 
+                <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="V" <?php if ($ntOpt['postType'] == 'V') echo 'checked="checked"'; ?>  /> <b>Video Post</b> <?php nxs_doShowHint("apTRTMsgFrmt".$ii); ?> &nbsp;&nbsp;&nbsp;&nbsp;
+                <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="U" <?php if ($ntOpt['postType'] == 'U') echo 'checked="checked"'; ?>  /> <b>Audio Post</b> <?php nxs_doShowHint("apTRTMsgFrmt".$ii); ?> 
                 </td></tr>
         
@@ -210 +212 @@
    <div class="nxsPostEd_ElemWrap"> <div class="nxsPostEd_ElemLabel"><?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>       
      <div class="nxsPostEd_Elem">   
-         <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($ntOpt['postType'] != 'I') echo 'checked="checked"'; ?>  /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>                
+         <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($ntOpt['postType'] != 'I') echo 'checked="checked"'; ?>  /><?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>                
          <?php $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgTFormat); ?>                
-         <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?>  /> <b>Image Post</b><br/>
-         <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="V" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($ntOpt['postType'] == 'V') echo 'checked="checked"'; ?>  /> <b>Video Post</b><br/>
-         <input type="radio" name="tr[<?php echo $ii; ?>][postType]" value="U" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($ntOpt['postType'] == 'U') echo 'checked="checked"'; ?>  /> <b>Audio Post</b> 
+         <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($ntOpt['postType'] == 'I') echo 'checked="checked"'; ?>  /> <b>Image Post</b><br/>
+         <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="V" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($ntOpt['postType'] == 'V') echo 'checked="checked"'; ?>  /> <b>Video Post</b><br/>
+         <input type="radio" name="tr[<?php echo esc_attr($ii); ?>][postType]" value="U" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($ntOpt['postType'] == 'U') echo 'checked="checked"'; ?>  /> <b>Audio Post</b> 
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/tw.api.php

@@ -12 +12 @@
       return $out;
     }
-    
-    function twReq($reqURL, $params_array, $options, $img=''){ $kv = array(); $proxy = ''; $sparams_array = ''; $nounce = md5(time().'666'); $ts = time(); if (empty($params_array)) $params_array = array(); uksort($params_array, 'strcmp');      
-      $arrToSign = array_merge(array('oauth_consumer_key'=>nxs_gak($options['appKey']),'oauth_nonce'=>$nounce,'oauth_signature_method'=>'HMAC-SHA1','oauth_timestamp'=>$ts,'oauth_token'=>$options['accessToken'],'oauth_version'=>'1.0'), $params_array);
-      uksort($arrToSign, 'strcmp'); foreach ($arrToSign as $k => $v) $kv[] = $k.'='.rawurlencode($v); $sparams_array = implode('&', $kv); $base = 'POST&'.rawurlencode($reqURL).'&'.rawurlencode($sparams_array); 
-      $signKey = (nxs_gas($options['appSec']).'&'.$options['accessTokenSec']); $signature = rawurlencode(base64_encode(hash_hmac("sha1", $base, $signKey, true))); $hdrsArr = nxs_makeHeaders($reqURL);       
-      $hdrsArr['Authorization'] = 'OAuth oauth_consumer_key="'.nxs_gak($options['appKey']).'", oauth_nonce="'.$nounce.'", oauth_signature="'.$signature.'", oauth_signature_method="HMAC-SHA1", oauth_timestamp="'.$ts.'", oauth_token="'.$options['accessToken'].'", oauth_version="1.0"';      
-      if (!empty($img)) $hdrsArr['Content-type'] = 'multipart/form-data';  $advSet = nxs_mkRemOptsArr($hdrsArr, '', (!empty($img)?$img:$sparams_array), $proxy); if (!empty($img)) $advSet['usearray'] = 1; $ret = nxs_remote_post( $reqURL, $advSet); return $ret;
-    }
-    
+
     function doPostToNT($options, $message){ global $nxs_urlLen; $badOut = array('pgID'=>'', 'isPosted'=>0, 'pDate'=>date('Y-m-d H:i:s'), 'Error'=>''); 
       if (!function_exists('nxs_remote_get') && function_exists('nxs_remote_get')) { function nxs_remote_get($url){return nxs_remote_get($url);} }
@@ -34 +26 @@
       if (!empty($message['pText'])) $msg = $message['pText']; else $msg = nxs_doFormatMsg($options['msgFormat'], $message);
       if ($options['attchImg']!=false) { if (isset($message['imageURL'])) $imgURL = trim(nxs_getImgfrOpt($message['imageURL'], $options['imgSize'])); else $imgURL = ''; }
-      if (empty($imgURL) && $img=='') $options['attchImg'] = false; 
-      //$ret = $this->twReq('https://api.twitter.com/1.1/account/settings.json', '', $options); prr($ret); die();
+      if (empty($imgURL) && $img=='') $options['attchImg'] = false;
       //## Make Post
-      //$options['attchImg']='1'; $imgURL = 'http://ecx.images-amazon.com/images/I/41caE5Uc5ML._AA160_.jpg';
       $hdrsArr['User-Agent']='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0'; $advSet=array('headers'=>$hdrsArr,'httpversion'=>'1.1','timeout'=>45,'sslverify'=>false);
-      //$msg = $message['message']; $imgURL = trim($message['imageURL']); $img = trim($message['img']); $nxs_urlLen = $message['urlLength'];           
       if ($options['attchImg']!=false && $img=='' && $imgURL!='' ) { $imgURL = str_replace(' ', '%20', $imgURL);
         if( ini_get('allow_url_fopen') ) { if (getimagesize($imgURL)!==false) { $img = nxs_remote_get($imgURL, $advSet); if(is_nxs_error($img)) $options['attchImg'] = false; else $img = $img['body']; } else $options['attchImg'] = false; } 
           else { $img = nxs_remote_get($imgURL, $advSet); if(is_nxs_error($img)) $options['attchImg'] = false; elseif (isset($img['body'])&& trim($img['body'])!='') $img = $img['body'];  else $options['attchImg'] = false; }   
       }  
-      $twLim = 280; if ($nxs_urlLen>0) { $msg = nsTrnc($msg, $twLim-22+$nxs_urlLen); } else $msg = nsTrnc($msg, $twLim);
-      if (substr($msg, 0, 1)=='@') $msg = ' '.$msg;  $params_array = array('status' =>$msg); if (!empty($options['in_reply_to_id'])) $params_array['in_reply_to_status_id'] = $options['in_reply_to_id']; $mid = '';
-      if ($options['attchImg']!=false && $img!='') { $pa =array( 'media' => $img); 
-        $ret = $this->twReq('https://upload.twitter.com/1.1/media/upload.json', '', $options, $pa); $code = $ret['response']['code']; $resp =  $ret['body'];  $respJ = json_decode($resp, true);
-        if ($code=='200') { if (!empty($respJ['media_id'])) $mid = $respJ['media_id_string']; }
-      } if (!empty($mid)) $params_array['media_ids'] = $mid; $ret = $this->twReq('https://api.twitter.com/1.1/statuses/update.json', $params_array, $options);  $code = $ret['response']['code']; $resp =  $ret['body'];  $respJ = json_decode($resp, true);
-      if ( $code=='403' && stripos($resp, 'User is over daily photo limit')!==false && $options['attchImg']!=false && $img!='') { 
-         $badOut['Error'] .= "User is over daily photo limit. Will post without image\r\n"; 
-         $ret = $this->twReq('https://api.twitter.com/1.1/statuses/update.json', array('status' =>$msg), $options);  $code = $ret['response']['code']; $resp =  $ret['body'];  $respJ = json_decode($resp, true);
-      }        
-      if ($code == 200){
-         $twResp = json_decode($resp, true);  if (is_array($twResp) && isset($twResp['id_str'])) $twNewPostID = $twResp['id_str'];  
-         if (is_array($twResp) && isset($twResp['user'])) $twPageID = $twResp['user']['screen_name'];
-         return array('postID'=>$twNewPostID, 'isPosted'=>1, 'postURL'=>'https://twitter.com/'.$twPageID.'/status/'.$twNewPostID, 'pDate'=>date('Y-m-d H:i:s'));          
-      } else { $badOut['Error'] .= "Resp: ".print_r($resp, true)."| Error: ".print_r($respJ['errors'], true)."| MSG: ".print_r($msg, true); 
-        return $badOut;
-      }
+      $twLim = 280; if ($nxs_urlLen>0) { $msg = nsTrnc($msg, $twLim-22+$nxs_urlLen); } else $msg = nsTrnc($msg, $twLim); if (substr($msg, 0, 1)=='@') $msg = ' '.$msg;
+      $params_array = array('text' =>$msg);  $mid = ''; $appi = new nxsAPI_TW_Native(); $appi->conn = $options; $badOut = $appi->check(); if ($badOut) {
+            if (!empty($options['in_reply_to_id'])) $params_array['in_reply_to_status_id'] = $options['in_reply_to_id']; //## ?
+            //## Upload image and add it to the post
+            if ($options['attchImg'] != false && $img != '') { $pa = array('media' => $img);
+                $ret = $appi->twReq('https://upload.twitter.com/1.1/media/upload.json', $pa );
+                $code = $ret['response']['code']; $resp = $ret['body']; $respJ = json_decode($resp, true);
+                if ($code == 200 || $code == 201) { if (!empty($respJ['media_id'])) $mid = $respJ['media_id_string']; }
+            }
+            if (!empty($mid)) $params_array['media']['media_ids'][] = $mid;
+            //## Post
+            $ret = $appi->twReq('https://api.twitter.com/2/tweets', $params_array);
+            $code = $ret['response']['code']; $resp = $ret['body']; $respJ = json_decode($resp, true);
+            //## Fallback in case no mo imgs allowed.
+            if ($code == '403' && stripos($resp, 'User is over daily photo limit') !== false && $options['attchImg'] != false && $img != '') {
+                $badOut['Error'] .= "User is over daily photo limit. Will post without image\r\n";
+                $ret = $appi->twReq('https://api.twitter.com/2/tweets', array('text' => $msg));
+                $code = $ret['response']['code']; $resp = $ret['body']; $respJ = json_decode($resp, true);
+            }
+            if ($code == 200 || $code == 201) {
+                $twResp = json_decode($resp, true);
+                if (is_array($twResp) && isset($twResp['id_str']) && isset($twResp['user'])) {
+                    $twNewPostID = $twResp['id_str']; $twPageID = $twResp['user']['screen_name'];
+                } elseif (is_array($twResp) && isset($twResp['data']['id'])) {
+                    $twNewPostID = $twResp['data']['id']; $twPageID = $appi->twUser['username'];
+                }
+                return array('postID' => $twNewPostID, 'isPosted' => 1, 'postURL' => 'https://twitter.com/' . $twPageID . '/status/' . $twNewPostID, 'pDate' => date('Y-m-d H:i:s'));
+            } else {
+                $badOut['Error'] .= "Resp: " . print_r($resp, true) . "| Error: " . print_r($respJ['errors'], true) . "| MSG: " . print_r($msg, true);
+                return $badOut;
+            }
+        }
       return $badOut;
     }  

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/tw.php

@@ -2 +2 @@
 //## NextScripts Twitter Connection Class
 $nxs_snapAvNts[] = array('code'=>'TW', 'lcode'=>'tw', 'name'=>'Twitter', 'type'=>'Social Networks', 'ptype'=>'F', 'status'=>'A', 'desc'=>'Autopost to your account. Ability to attach images to tweets');
+
+//## V5
+
+if (!class_exists('nxsAPI_TW_Native')) { class nxsAPI_TW_Native {
+    var $conn=[]; var $rq = ''; var $twUser = ''; var $postData = []; var $d=false;
+
+    function __construct(){ $this->rq = new nxsHttp; }
+    //## Adjusment for image/media Upload with WP Curl.
+    function imgUplcurl(&$handle){ curl_setopt($handle, CURLOPT_POSTFIELDS, $this->postData); }
+    //## Signed Request to Twitter API.
+    function twReq($reqURL, $reqArr=[], $gtArr = []){ $kv = array();  $nounce = md5(time().'666'); $ts = time(); $isMediaUpl = stripos($reqURL, 'upload.')!==false;
+        if (!empty($reqArr)) $req = !$isMediaUpl?json_encode($reqArr):$reqArr; $tp = !empty($reqArr)?'POST':'GET';
+        $arrToSign = array_merge(array('oauth_consumer_key'=>nxs_gak($this->conn['appKey']),'oauth_nonce'=>$nounce,'oauth_signature_method'=>'HMAC-SHA1','oauth_timestamp'=>$ts,'oauth_token'=>$this->conn['accessToken'],'oauth_version'=>'1.0'), $gtArr);// prr($arrToSign);
+        uksort($arrToSign, 'strcmp'); foreach ($arrToSign as $k => $v) $kv[] = $k.'='.rawurlencode($v); $sparams_array = implode('&', $kv); $base = $tp.'&'.rawurlencode($reqURL).'&'.rawurlencode($sparams_array); //prr($base);
+        $signKey = (nxs_gas($this->conn['appSec']).'&'.$this->conn['accessTokenSec']); $signature = rawurlencode(base64_encode(hash_hmac("sha1", $base, $signKey, true))); //$hdrsArr = nxs_makeHeaders($reqURL);
+        $auth = 'OAuth oauth_consumer_key="'.nxs_gak($this->conn['appKey']).'", oauth_nonce="'.$nounce.'", oauth_signature="'.$signature.'", oauth_signature_method="HMAC-SHA1", oauth_timestamp="'.$ts.'", oauth_token="'.$this->conn['accessToken'].'", oauth_version="1.0"';
+        $argArr = ['extraHeaders'=>['Authorization'=>$auth]]; if ($tp=='POST') { $argArr['extraHeaders']['Content-Type'] = $isMediaUpl?'multipart/form-data':'application/json; charset=UTF-8'; $argArr['flds'] = $req; }
+        if (!empty($gtArr)) $reqURL = $reqURL.'?'.http_build_query($gtArr); $args = nxs_mkRmReqArgs($argArr);
+        if ($isMediaUpl)  $this->rq->postData = $req;  $ret = $this->rq->request($reqURL, $args); if($this->d) prr($args);
+        return $ret;
+    }
+
+    function check(){
+        $ret = $this->twReq('https://api.twitter.com/2/users/me');
+        if ($ret['response']['code']=='200') { $u = json_decode($ret['body'], true);  $this->twUser = $u['data']; }
+        if (!empty($this->twUser)) return true; else return $ret['body'];
+    }
+
+    function getReplies($twID){
+        $ret = $this->twReq('https://api.twitter.com/2/tweets/' . $twID, '', ['tweet.fields' => 'conversation_id']);
+        if ($ret['response']['code'] == '200') {
+            $twInfo = json_decode($ret['body'], true); $cnvId = $twInfo['data']['conversation_id'];
+            $ret = $this->twReq('https://api.twitter.com/2/tweets/search/recent', '', ['query' => 'conversation_id:' . $cnvId, 'tweet.fields' => 'in_reply_to_user_id,author_id,conversation_id,attachments,created_at','user.fields' => 'id,username,name,profile_image_url,url', 'expansions'=>'author_id,attachments.media_keys,in_reply_to_user_id']);
+            if ($ret['response']['code'] == '200') {
+                $rpls = json_decode($ret['body'], true); //prr($rpls);
+                foreach ($rpls['data'] as $i=>$r) {
+                    foreach ($rpls['includes']['users'] as $j => $u) {
+                        if ($r['author_id'] == $u['id']) $rpls['data'][$i]['author'] = $rpls['includes']['users'][$j]; if ($r['in_reply_to_user_id'] == $u['id']) $rpls['data'][$i]['in_reply_to_user'] = $rpls['includes']['users'][$j]['username'];
+                    } $rpls['data'][$i]['text']  = str_ireplace('@'.$rpls['data'][$i]['in_reply_to_user'],'', $r['text']);
+                } return $rpls['data'];
+            }
+        }
+    }
+    function getMentions($urlToSrch){
+        $ret = $this->twReq('https://api.twitter.com/2/tweets/search/recent', '', ['query' => 'url:"' . $urlToSrch . '"', 'tweet.fields' => 'in_reply_to_user_id,author_id,conversation_id,attachments,created_at','user.fields' => 'id,username,name,profile_image_url,url', 'expansions'=>'author_id,attachments.media_keys']);
+        if ($ret['response']['code'] == '200') { $rpls = json_decode($ret['body'], true);// prr($rpls);
+            foreach ($rpls['data'] as $i=>$r) foreach ($rpls['includes']['users'] as $j=>$u) if ($r['author_id']==$u['id']) $rpls['data'][$i]['author'] = $rpls['includes']['users'][$j]; return $rpls['data'];
+        }
+    }
+}}
+
+//## /V5
 
 if (!class_exists("nxs_snapClassTW")) { class nxs_snapClassTW extends nxs_snapClassNT {
@@ -25 +77 @@
 
     function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; ?>
-        <div class="nxs_tls_lbl"><strong>Your <?php echo $ntInfo['name']; ?> URL:</strong> </div><input type="text" name="<?php echo $nt; ?>[<?php echo $ii; ?>][twURL]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['twURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+        <div class="nxs_tls_lbl"><strong>Your <?php echo esc_attr($ntInfo['name']); ?> URL:</strong> </div><input type="text" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][twURL]" style="width: 40%;border: 1px solid #ACACAC;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['twURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
         <?php $this->elemKeySecret($ii,'API Key','API Secret', $options['appKey'], $options['appSec'],'appKey','appSec','https://apps.twitter.com/');  $this->elemKeySecret($ii,'Access Token','Access Token Secret', $options['accessToken'], $options['accessTokenSec'],'accessToken','accessTokenSec'); ?>
         <br/><?php $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
-        <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+        <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
         <br/><br/><?php
     }
@@ -35 +87 @@
             <div class="nxs_tls_sbInfo"><?php _e('Plugin could grab Replies and Mentions from Twitter and import them as Wordpress Comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
             <?php global $nxs_SNAP; $gOptions = $nxs_SNAP->nxs_options; if ( !empty($gOptions['riActive']) && $gOptions['riActive'] == '1' ) { ?>
-                <input value="1" id="riC<?php echo $ii; ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][riComments]"/> <b><?php _e('Import Twitter Replies', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
+                <input value="1" id="riC<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riComments']) && trim($options['riComments'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][riComments]"/> <b><?php _e('Import Twitter Replies', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
                 <br/>
-                <input value="1" id="riCM<?php echo $ii; ?>" <?php if (!empty($options['riCommentsM']) && trim($options['riCommentsM'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][riCommentsM]"/> <b><?php _e('Import Twitter Mentions', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
+                <input value="1" id="riCM<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riCommentsM']) && trim($options['riCommentsM'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][riCommentsM]"/> <b><?php _e('Import Twitter Mentions', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
                 <br/>
-                <input value="1" id="riCA<?php echo $ii; ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][riCommentsAA]"/> <b><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
+                <div style="margin-left: 12px;"><input value="1" id="riCM<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riCommentsMExMy']) && trim($options['riCommentsMExMy'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][riCommentsMExMy]"/> <b><?php _e('Exclude Mentions from myself', 'social-networks-auto-poster-facebook-twitter-g'); ?></b></div>
+                <input value="1" id="riCA<?php echo esc_attr($ii); ?>" <?php if (!empty($options['riCommentsAA']) && trim($options['riCommentsAA'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][riCommentsAA]"/> <b><?php _e('Auto-approve imported comments', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
             <?php } else { echo "<br/>"; _e('Please activate the "Comments Import" from SNAP Settings Tab', 'social-networks-auto-poster-facebook-twitter-g'); } ?>
         </div>
         <div class="nxs_tls_bd"><div class="nxs_tls_sbInfo"><br/>
-                <input value="1" <?php if (!empty($options['tw140']) && trim($options['tw140'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][tw140]"/> <b><?php _e('This Twitter account is still limited to 140 characters', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
+                <input value="1" <?php if (!empty($options['tw140']) && trim($options['tw140'])=='1') echo "checked"; ?> type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][tw140]"/> <b><?php _e('This Twitter account is still limited to 140 characters', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
             </div></div>
     <?php }
@@ -58 +111 @@
                 if (isset($pval['riComments']))      $options[$ii]['riComments'] = $pval['riComments']; else $options[$ii]['riComments'] = 0;
                 if (isset($pval['riCommentsM']))     $options[$ii]['riCommentsM'] = $pval['riCommentsM']; else $options[$ii]['riCommentsM'] = 0;
+                if (isset($pval['riCommentsMExMy']))     $options[$ii]['riCommentsMExMy'] = $pval['riCommentsMExMy']; else $options[$ii]['riCommentsMExMy'] = 0;
                 if (isset($pval['riCommentsAA']))    $options[$ii]['riCommentsAA'] = $pval['riCommentsAA']; else $options[$ii]['riCommentsAA'] = 0;
 
@@ -76 +130 @@
         <div class="nxsPostEd_ElemWrap">
             <div class="nxsPostEd_Elem">
-                <input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-                <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>
+                <input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+                <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>
             </div></div>
         <?php
@@ -235 +289 @@
     }
 
-    function importComments($options='', $postID='', $po='') { if (empty($postID)) $postID = $_POST['pid'];
+    function importComments($options='', $postID='', $po='') { if (empty($postID)) $postID = $_POST['pid']; $ci = 0;
         if (empty($options)) {  global $nxs_SNAP; $options = $nxs_SNAP->nxs_options; }
-        if (empty($po)) { $po =  maybe_unserialize(get_post_meta($postID, 'snap'.strtoupper($_POST['nt']), true)); $po = $po[$_POST['ii']]; }
-        if (isset($_POST['ii'])) $options = $options[$_POST['nt']][$_POST['ii']];
-
-        require_once ('apis/tmhOAuth.php'); $tmhOAuth = new NXS_tmhOAuth(array( 'consumer_key' => nxs_gak($options['appKey']), 'consumer_secret' => nxs_gas($options['appSec']), 'user_token' => $options['accessToken'], 'user_secret' => $options['accessTokenSec']));
-        $code = $tmhOAuth->request('GET', $tmhOAuth->url('1.1/statuses/mentions_timeline'));
-        if ($code=='200' && isset($tmhOAuth->response['response']) ) $twList = json_decode($tmhOAuth->response['response'], true); else $twList = '';
-
-        $impCmnts = get_post_meta($postID, 'snapImportedComments', true);
-        if(!is_array($impCmnts)) $impCmnts = array(); $twsToImp = array(); $lastID = '';
-        //## Do Replies
-        if (!empty($twList) && is_array($twList)) foreach ($twList as $tw) if ($tw['in_reply_to_status_id_str'] == $po['pgID']) $twsToImp[] = $tw;
-        if (!empty($twList) && is_array($twsToImp) && count($twsToImp)>0)
-            foreach ($twsToImp as $comment){ $cid = $comment['id_str']; if (trim($cid)=='' || in_array('twxcw'.$cid, $impCmnts)) continue; else $impCmnts[] = 'twxcw'.$cid;
-                $commentdata = array( 'comment_post_ID' => $postID, 'comment_author' => $comment['user']['name'], 'comment_agent' => "SNAP||".str_ireplace('_normal.','_bigger.',$comment['user']['profile_image_url_https']),
-                    'comment_author_email' => $comment['user']['screen_name'].'@twitter.com', 'comment_author_url' => 'https://twitter.com/'.$comment['user']['screen_name'],
-                    'comment_content' => str_ireplace('@'.$comment['in_reply_to_screen_name'],'', $comment['text']), 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime( $comment['created_at'] ) ), 'comment_type' => '');
-                nxs_postNewComment($commentdata, $options['riCommentsAA']=='1'); $ci++; //echo $ci;
-            }
-
-        //## Do mentions.
-        require_once ('apis/tmhOAuth.php'); $tmhOAuth = new NXS_tmhOAuth(array( 'consumer_key' => nxs_gak($options['appKey']), 'consumer_secret' => nxs_gas($options['appSec']), 'user_token' => $options['accessToken'], 'user_secret' => $options['accessTokenSec']));
-        if (isset($options['urlToUse']) && trim($options['urlToUse'])!='') $urlToSrch = $options['urlToUse']; else $urlToSrch = get_permalink($postID);
-        $code = $tmhOAuth->request('GET', $tmhOAuth->url('1.1/search/tweets'), array('rpp'=>'100', 'since_id'=>$lastID, 'q'=> urlencode($urlToSrch)));
-        if ($code=='200' && isset($tmhOAuth->response['response']) ) { $tweets = json_decode($tmhOAuth->response['response'], true); //prr($tweets);
-            if (is_array($tweets) && is_array($tweets['statuses'])) {
-                foreach ($tweets['statuses'] as $comment){ $cid = $comment['id_str']; if (trim($cid)=='' || in_array('twxcw'.$cid, $impCmnts) || $cid==$po['pgID']) continue; else $impCmnts[] = 'twxcw'.$cid;  // prr($impCmnts);
-                    $commentdata = array( 'comment_post_ID' => $postID, 'comment_author' => $comment['user']['name'], 'comment_author_email' =>  $comment['user']['screen_name'].'@twitter.com',
-                        'comment_agent' => "SNAP||".str_ireplace('_normal.','_bigger.',$comment['user']['profile_image_url_https']),
-                        'comment_author_url' => 'https://twitter.com/'.$comment['user']['screen_name'], 'comment_content' => $comment['text'], 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime( $comment['created_at'] ) ), 'comment_type' => '');
-                    nxs_postNewComment($commentdata, $options['riCommentsAA']=='1'); $ci++;
-                }
-            }}
+        if (empty($po)) { $po =  maybe_unserialize(get_post_meta($postID, 'snap'.strtoupper($_POST['nt']), true)); $po = $po[sanitize_key($_POST['ii'])]; }
+        if (isset($_POST['ii'])) $options = $options[$_POST['nt']][sanitize_key($_POST['ii'])];
+
+        $appi = new nxsAPI_TW_Native(); $appi->conn = $options;  $rplL = [];
+        if (!empty($options['riComments'])) { $rpls = $appi->getReplies($po['pgID']); $rplL = array_merge($rplL, $rpls); }
+        if (!empty($options['riCommentsM'])) {
+            if (isset($options['urlToUse']) && trim($options['urlToUse']) != '') $urlToSrch = $options['urlToUse']; else $urlToSrch = get_permalink($postID);
+            $rpls = $appi->getMentions($urlToSrch);
+            if (!empty($options['riCommentsMExMy'])) { $appi->check(); $rpls2 = []; foreach ($rpls as $rpl) if ($rpl['author_id']!=$appi->twUser['id']) $rpls2[] = $rpl; $rpls = $rpls2; }
+            $rplL = array_merge($rplL, $rpls);
+        } // prr($rplL);
+        $impCmnts = get_post_meta($postID, 'snapImportedComments', true); if(!is_array($impCmnts)) $impCmnts =[];
+        foreach ($rplL as $comment){ $cid = $comment['id']; if (trim($cid)=='' || in_array('twxcw'.$cid, $impCmnts)) continue; else $impCmnts[] = 'twxcw'.$cid;
+            $commentdata = array( 'comment_post_ID' => $postID, 'comment_author' => $comment['author']['name'], 'comment_agent' => "SNAP||".str_ireplace('_normal.','_bigger.',$comment['author']['profile_image_url']),
+                'comment_author_email' => $comment['author']['username'].'@twitter.com', 'comment_author_url' => 'https://twitter.com/'.$comment['author']['username'],
+                'comment_content' => $comment['text'], 'comment_date_gmt' => date('Y-m-d H:i:s', strtotime( $comment['created_at'] ) ), 'comment_type' => ''); prr($commentdata);
+            nxs_postNewComment($commentdata, $options['riCommentsAA']=='1'); $ci++; //echo $ci;
+        }
         delete_post_meta($postID, 'snapImportedComments'); add_post_meta($postID, 'snapImportedComments', $impCmnts );
         if ( isset($_POST['pid']) && $_POST['pid']!='') printf( _n('%d comment has been imported.', '%d comments has been imported.', $ci, 'social-networks-auto-poster-facebook-twitter-g'), $ci );

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/vb.php

@@ -29 +29 @@
     <div id="altFormat" style="">
   <div style="width:100%;"><strong id="altFormatText">vBulletin URL:</strong> <span style="font-size: 11px; margin: 0px;">Could be Forum URL or Thread URL. Either new thread of new post will be created.</span></div>
-                <input name="vb[<?php echo $ii; ?>][vbURL]" id="apVBURL" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['vbURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
+                <input name="vb[<?php echo esc_attr($ii); ?>][vbURL]" id="apVBURL" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['vbURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
             
             </div>   
@@ -35 +35 @@
     <br/><br/>    
     <?php $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Post Text Format','msgFormat',$options['msgFormat']);?>    
-    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1"  id="vbInclTags<?php echo $ii; ?>" type="checkbox" name="vb[<?php echo $ii; ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
+    <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1"  id="vbInclTags<?php echo esc_attr($ii); ?>" type="checkbox" name="vb[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if ((int)$options['inclTags'] == 1) echo "checked"; ?> /> 
         <b><?php _e('Post with tags.', 'social-networks-auto-poster-facebook-twitter-g') ?></b> <?php _e('Tags from the blogpost will be auto posted to LiveJournal', 'social-networks-auto-poster-facebook-twitter-g') ?>                                            
     </div><br/>  

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/vk.api.php

@@ -13 +13 @@
         return $out;
     }
+    var $postData = []; function imgUplcurl(&$handle){ curl_setopt($handle, CURLOPT_POSTFIELDS, $this->postData); echo "!x!"; }
     function nxs_uplImgtoVK($imgURL, $options){
         $postUrl = 'https://api.vk.com/method/photos.getWallUploadServer?v='.$this->apiVer.'&gid='.(str_replace('-','',$options['pgIntID'])).'&access_token='.$options['appAuthToken'];
@@ -28 +29 @@
                 } else return $msg;
             } rename($tmp, $tmp.='.png'); register_shutdown_function('unlink', $tmp); file_put_contents($tmp, $imgData);
-            $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $VKuploadUrl); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-            global $nxs_skipSSLCheck; if ($nxs_skipSSLCheck===true) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-            if (function_exists('curl_file_create')) { $file  = curl_file_create($tmp); curl_setopt($ch, CURLOPT_POSTFIELDS, array('photo' => $file)); }
-            else curl_setopt($ch, CURLOPT_POSTFIELDS, array('photo' => '@' . $tmp));
-            $response = curl_exec($ch); $errmsg = curl_error($ch); curl_close($ch); $uploadResultObj = json_decode($response); // prr($response); prr($uploadResultObj);
+            if (function_exists('curl_file_create')) { $file  = curl_file_create($tmp); $req = array('photo' => $file); } else $req = array('photo' => '@' . $tmp);
+            $argArr['extraHeaders']['Content-Type'] = 'multipart/form-data';
+            $argArr['flds'] = $req; $rq = new nxsHttp; $args = nxs_mkRmReqArgs($argArr); $rq->postData = $req;// prr($args);
+            $ret = $rq->request($VKuploadUrl, $args); //prr($VKuploadUrl); prr($ret);
+            if (is_array($ret)) $uploadResultObj = json_decode($ret['body']);
             if (!empty($uploadResultObj->server) && !empty($uploadResultObj->photo) && !empty($uploadResultObj->hash)) {
                 $postUrl = 'https://api.vk.com/method/photos.saveWallPhoto?v='.$this->apiVer.'&server='.$uploadResultObj->server.'&photo='.$uploadResultObj->photo.'&hash='.$uploadResultObj->hash.'&gid='.(str_replace('-','',$options['pgIntID'])).'&access_token='.$options['appAuthToken'];

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/vk.php

@@ -28 +28 @@
      <div style="width:100%;"><strong><?php echo $ntInfo['name']?>&nbsp;<?php _e('URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div>
      <div style="font-size: 11px; margin: 0px;"><?php _e('Could be your VK.Com Profile, Public or Group Page', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
-     <input name="vk[<?php echo $ii; ?>][url]" id="apurl" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['url'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
+     <input name="vk[<?php echo esc_attr($ii); ?>][url]" id="apurl" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['url'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
      <br/><br/>
      <div style="width:100%;"><strong><?php echo $ntInfo['name']?>&nbsp;<?php _e('Application ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> <a href="https://vk.com/apps?act=manage" target="_blank"><?php _e('[VK Apps]', 'social-networks-auto-poster-facebook-twitter-g'); ?></a> </div> 
-    <input name="vk[<?php echo $ii; ?>][appID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['appID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  
+    <input name="vk[<?php echo esc_attr($ii); ?>][appID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['appID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  
     <br/>
     <?php  if($options['appID']!='') { ?>
-    <div style="width:100%;"><strong><?php echo $ntInfo['name']?>&nbsp;<?php _e('Auth Response', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="vk[<?php echo $ii; ?>][authResp]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['authResp'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
+    <div style="width:100%;"><strong><?php echo $ntInfo['name']?>&nbsp;<?php _e('Auth Response', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="vk[<?php echo esc_attr($ii); ?>][authResp]" style="width: 50%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['authResp'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>
     <?php } ?>
     <?php  if($options['appID']=='') { ?>
@@ -45 +45 @@
             <?php } ?><br/><br/> <?php $this->elemMsgFormat($ii,'Message Text Format','msgFormat',$options['msgFormat']); ?>
     
-     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong> &lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo $ii; ?>VKX');" onmouseover="showPopShAtt('<?php echo $ii; ?>VKX', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>) </div>                      
+     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong> &lt;-- (<a id="showShAtt" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>VKX');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>VKX', event);" onclick="return false;" class="underdash" href="https://www.nextscripts.com/blog/"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>) </div>                      
 <div style="margin-left: 10px;">
         
-        <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
-        <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
-        <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <span><?php _e('Text Post with "attached" link', 'social-networks-auto-poster-facebook-twitter-g'); ?></span><br/>
+        <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                    
+        <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($options['postType'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>
+        <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( empty($options['postType']) || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <span><?php _e('Text Post with "attached" link', 'social-networks-auto-poster-facebook-twitter-g'); ?></span><br/>
 
    </div>        
-   <div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo $ii; ?>VKX"><h3><?php echo $ntInfo['name']?>&nbsp;<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257"/></div>
+   <div class="popShAtt" style="z-index: 9999" id="popShAtt<?php echo esc_attr($ii); ?>VKX"><h3><?php echo $ntInfo['name']?>&nbsp;<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g'); ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257"/></div>
    <?php
   }
@@ -106 +106 @@
         <?php  $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat); ?>
        <tr style="<?php echo !empty($ntOpt['do'])?'display:table-row;':'display:none;'; ?>" class="nxstbldo nxstbldo<?php echo strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/>
-          (<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo $ii; ?>VKX');" onmouseover="showPopShAtt('<?php echo $ii; ?>VKX', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)</th><td>     
-          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo $ii; ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
-          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo $ii; ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
-          <br/><div class="popShAtt" id="popShAtt<?php echo $ii; ?>VKX"><h3>vKontakte(VK) <?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257" alt="<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?>"/></div>
+          (<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>VKX');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>VKX', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)</th><td>     
+          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
+          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="I" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+          <input class="nxs_postEditCtrl"  type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+          <br/><div class="popShAtt" id="popShAtt<?php echo esc_attr($ii); ?>VKX"><h3>vKontakte(VK) <?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257" alt="<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?>"/></div>
         </td></tr>
         <?php /* ## Select Image & URL ## */ nxs_showURLToUseDlg($nt, $ii, $urlToUse); $this->nxs_tmpltAddPostMetaEnd($ii);        
@@ -124 +124 @@
         ?>
      <div class="nxsPostEd_ElemWrap">   <div class="nxsPostEd_ElemLabel">   
-       <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?>(<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo $ii; ?>VKX');" onmouseover="showPopShAtt('<?php echo $ii; ?>VKX', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)
+       <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g'); ?>(<a id="showShAtt" style="font-weight: normal" onmouseout="hidePopShAtt('<?php echo esc_attr($ii); ?>VKX');" onmouseover="showPopShAtt('<?php echo esc_attr($ii); ?>VKX', event);" onclick="return false;" class="underdash" href="#"><?php _e('What\'s the difference?', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>)
      </div>   
      <div class="nxsPostEd_Elem">   
-        <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
-          <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-          <input type="radio" name="vk[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>       
+          <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?> - <i><?php _e('big image with text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+          <input type="radio" name="vk[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /> <?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
           
      </div>
-     <div class="popShAtt" id="popShAtt<?php echo $ii; ?>VKX"><h3>vKontakte(VK) <?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257" alt="<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?>"/></div>
+     <div class="popShAtt" id="popShAtt<?php echo esc_attr($ii); ?>VKX"><h3>vKontakte(VK) <?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?></h3><img src="<?php echo NXS_PLURL; ?>img/vkPostTypesDiff6.png" width="600" height="257" alt="<?php _e('Post Types', 'social-networks-auto-poster-facebook-twitter-g') ?>"/></div>
    </div>  
         <?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/wb.php

@@ -11 +11 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return !empty($options['appAppUserID']) && !empty($options['accessToken']); }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL; if (isset($_GET['acc'])) $options = $this->nt[$_GET['acc']];
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL; if (isset($_GET['acc'])) $options = $this->nt[sanitize_text_field($_GET['acc'])];
     if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){
         /*
@@ -19 +19 @@
       prr($tum_oauth); prr($options);               
       */
-      global $nxs_snapSetPgURL; $state = $ntInfo['lcode'].'a-'.$_GET['acc'];
+      global $nxs_snapSetPgURL; $state = $ntInfo['lcode'].'a-'.sanitize_text_field($_GET['acc']);
       $url = 'https://api.weibo.com/oauth2/authorize?client_id='.nxs_gak($options['appKey']).'&redirect_uri='.urlencode($nxs_snapSetPgURL).'&scope=all&response_type=code&state='.$state;
       echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; 
       die();
     }
-    if ( isset($_GET['code']) && isset($_GET['state']) && stripos($_GET['state'],$ntInfo['lcode'].'a-')!==false){ $ii = explode('-',$_GET['state']); $ii = $ii[1]; $options = $this->nt[$ii]; 
-      $appkey = nxs_gak($options['appKey']); $appSecret = nxs_gas($options['appSec']); $url = 'https://api.weibo.com/oauth2/access_token?client_id='.$appkey.'&client_secret='.$appSecret.'&grant_type=authorization_code&redirect_uri='.urlencode($nxs_snapSetPgURL).'&code='.$_GET['code'];
+    if ( isset($_GET['code']) && isset($_GET['state']) && stripos($_GET['state'],$ntInfo['lcode'].'a-')!==false){ $ii = explode('-',sanitize_text_field($_GET['state'])); $ii = $ii[1]; $options = $this->nt[$ii];
+      $appkey = nxs_gak($options['appKey']); $appSecret = nxs_gas($options['appSec']); $url = 'https://api.weibo.com/oauth2/access_token?client_id='.$appkey.'&client_secret='.$appSecret.'&grant_type=authorization_code&redirect_uri='.urlencode($nxs_snapSetPgURL).'&code='.sanitize_text_field($_GET['code']);
       $rep = nxs_remote_post($url); $cont = json_decode($rep['body'], true); if (empty($cont) || empty($cont['access_token'])) {prr($cont); prr($rep); die();}      
       $options['accessToken'] = $cont['access_token']; $options['appAppUserID'] = $cont['uid']; $options['appAppUserName'] = $cont['uid'];  nxs_save_glbNtwrks($ntInfo['lcode'],$ii,$options,'*');  //prr($options); die();
@@ -37 +37 @@
     <br/><?php $this->elemMsgFormat($ii,'Message Format','msgFormat',$options['msgFormat']); ?>
     
-    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
+    <div style="margin: 0px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$options['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div>
     
     <br/><br/>
@@ -45 +45 @@
       _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User ID: <?php _e(apply_filters('format_to_edit', htmlentities($options['appAppUserID'].' - '.$options['appAppUserName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.
       <?php _e('You can', 'social-networks-auto-poster-facebook-twitter-g'); ?> Re- <?php } ?>            
-      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo $nt; ?>&acc=<?php echo $ii; ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
+      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo esc_attr($nt); ?>&acc=<?php echo esc_attr($ii); ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
       <?php if (!isset($options['appAppUserID']) || $options['appAppUserID']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php } 
     } ?><br/><br/> <?php
@@ -74 +74 @@
           $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat);  
           ?>
-          <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-          <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>          
+          <tr><td>&nbsp;</td><td><div style="margin: 0px;"><input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+          <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"  <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong></div></td></tr>          
           <?php nxs_showImgToUseDlg($nt, $ii, $imgToUse);        
     
@@ -91 +91 @@
    <div class="nxsPostEd_ElemWrap">        
      <div class="nxsPostEd_Elem">   
-       <input value="0" type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]"/>
-       <input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
+       <input value="0" type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]"/>
+       <input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][attchImg]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ((int)$ntOpt['attchImg'] == 1) echo "checked"; ?> /> <strong><?php _e('Attach Image to the Post', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong>
      </div>
    </div><?php

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/wl.php

@@ -327 +327 @@
     if (!isset($options['nHrs'])) $options['nHrs'] = 0; if (!isset($options['nMin'])) $options['nMin'] = 0;  if (!isset($options['catSel'])) $options['catSel'] = 0;  if (!isset($options['catSelEd'])) $options['catSelEd'] = ''; 
     if (!isset($options['nDays'])) $options['nDays'] = 0; if (!isset($options['qTLng'])) $options['qTLng'] = '';  ?>
-             <div id="doWL<?php echo $ii; ?>Div" class="insOneDiv<?php if ($isNew) echo " clNewNTSets"; ?>">     <input type="hidden" name="apDoSWL<?php echo $ii; ?>" value="0" id="apDoSWL<?php echo $ii; ?>" />         
+             <div id="doWL<?php echo esc_attr($ii); ?>Div" class="insOneDiv<?php if ($isNew) echo " clNewNTSets"; ?>">     <input type="hidden" name="apDoSWL<?php echo esc_attr($ii); ?>" value="0" id="apDoSWL<?php echo esc_attr($ii); ?>" />         
              
              <?php if(!function_exists('doPostToWaNeLo')) {?><span style="color:#580000; font-size: 16px;"><br/><br/>
@@ -336 +336 @@
              
            
-            <div id="doWL<?php echo $ii; ?>Div" style="margin-left: 10px;"> <div class="nsx_iconedTitle" style="float: right; background-image: url(<?php echo $nxs_plurl; ?>img/wl16.png);"><a style="font-size: 12px;" target="_blank"  href="http://www.nextscripts.com/setup-installation-wanelo-social-networks-auto-poster-wordpress/"><?php $nType="WaNeLo"; printf( __( 'Detailed %s Installation/Configuration Instructions', 'social-networks-auto-poster-facebook-twitter-g' ), $nType); ?></a></div>
-            <div style="width:100%;"><strong><?php _e('Account Nickname', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> <i><?php _e('Just so you can easily identify it', 'social-networks-auto-poster-facebook-twitter-g'); ?></i> </div><input name="wl[<?php echo $ii; ?>][nName]" id="wlnName<?php echo $ii; ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 40%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['nName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
+            <div id="doWL<?php echo esc_attr($ii); ?>Div" style="margin-left: 10px;"> <div class="nsx_iconedTitle" style="float: right; background-image: url(<?php echo $nxs_plurl; ?>img/wl16.png);"><a style="font-size: 12px;" target="_blank"  href="http://www.nextscripts.com/setup-installation-wanelo-social-networks-auto-poster-wordpress/"><?php $nType="WaNeLo"; printf( __( 'Detailed %s Installation/Configuration Instructions', 'social-networks-auto-poster-facebook-twitter-g' ), $nType); ?></a></div>
+            <div style="width:100%;"><strong><?php _e('Account Nickname', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> <i><?php _e('Just so you can easily identify it', 'social-networks-auto-poster-facebook-twitter-g'); ?></i> </div><input name="wl[<?php echo esc_attr($ii); ?>][nName]" id="wlnName<?php echo esc_attr($ii); ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 40%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['nName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
             <?php echo nxs_addQTranslSel('wl', $ii, $options['qTLng']); ?>
             
@@ -346 +346 @@
     </ul>
     <div class="nsx_tab_container"><?php /* ######################## Account Tab ####################### */ ?>
-    <div id="nsx<?php echo $nt.$ii ?>_tab1" class="nsx_tab_content" style="background-image: url(<?php echo $nxs_plurl; ?>img/<?php echo $nt; ?>-bg.png); background-repeat: no-repeat;  background-position:90% 10%;">
+    <div id="nsx<?php echo $nt.$ii ?>_tab1" class="nsx_tab_content" style="background-image: url(<?php echo $nxs_plurl; ?>img/<?php echo esc_attr($nt); ?>-bg.png); background-repeat: no-repeat;  background-position:90% 10%;">
     
                   
-            <div style="width:100%;"><strong>WaNeLo Email:</strong> </div><input name="wl[<?php echo $ii; ?>][apWLUName]" id="apWLUName<?php echo $ii; ?>" class="apWLUName<?php echo $ii; ?>"  style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wlUName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
-            <div style="width:100%;"><strong>WaNeLo Password:</strong> </div><input name="wl[<?php echo $ii; ?>][apWLPass]" id="apWLPass<?php echo $ii; ?>" type="password" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities(substr($options['wlPass'], 0, 5)=='g9c1a'?nsx_doDecode(substr($options['wlPass'], 5)):$options['wlPass'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/>                
+            <div style="width:100%;"><strong>WaNeLo Email:</strong> </div><input name="wl[<?php echo esc_attr($ii); ?>][apWLUName]" id="apWLUName<?php echo esc_attr($ii); ?>" class="apWLUName<?php echo esc_attr($ii); ?>"  style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wlUName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />                
+            <div style="width:100%;"><strong>WaNeLo Password:</strong> </div><input name="wl[<?php echo esc_attr($ii); ?>][apWLPass]" id="apWLPass<?php echo esc_attr($ii); ?>" type="password" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities(substr($options['wlPass'], 0, 5)=='g9c1a'?nsx_doDecode(substr($options['wlPass'], 5)):$options['wlPass'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/>                
             <div style="width:100%;"><strong>Default Image to Pin:</strong> 
             <p style="font-size: 11px; margin: 0px;">If your post missing Featured Image this will be used instead.</p>
-            </div><input name="wl[<?php echo $ii; ?>][apWLDefImg]" id="apWLDefImg" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wlDefImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
+            </div><input name="wl[<?php echo esc_attr($ii); ?>][apWLDefImg]" id="apWLDefImg" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wlDefImg'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> 
             <br/><br/>            
             
             <div style="width:100%;"><strong>Board:</strong> 
-            Please <a href="#" onclick="getWLBoards(jQuery('<?php if ($isNew) echo "#nsx_addNT "; ?>#apWLUName<?php echo $ii; ?>').val(),jQuery('<?php if ($isNew) echo "#nsx_addNT "; ?>#apWLPass<?php echo $ii; ?>').val(), '<?php echo $ii; ?>'); return false;">click here to retrieve your boards</a>
+            Please <a href="#" onclick="getWLBoards(jQuery('<?php if ($isNew) echo "#nsx_addNT "; ?>#apWLUName<?php echo esc_attr($ii); ?>').val(),jQuery('<?php if ($isNew) echo "#nsx_addNT "; ?>#apWLPass<?php echo esc_attr($ii); ?>').val(), '<?php echo esc_attr($ii); ?>'); return false;">click here to retrieve your boards</a>
             </div>
-            <img id="wlLoadingImg<?php echo $ii; ?>" style="display: none;" src='<?php echo $nxs_plurl; ?>img/ajax-loader-sm.gif' />
-            <select name="wl[<?php echo $ii; ?>][apWLBoard]" id="apWLBoard<?php echo $ii; ?>">
+            <img id="wlLoadingImg<?php echo esc_attr($ii); ?>" style="display: none;" src='<?php echo $nxs_plurl; ?>img/ajax-loader-sm.gif' />
+            <select name="wl[<?php echo esc_attr($ii); ?>][apWLBoard]" id="apWLBoard<?php echo esc_attr($ii); ?>">
             <?php if ($options['wlBoardsList']!=''){ $gWLBoards = $options['wlBoardsList']; if ( base64_encode(base64_decode($gWLBoards)) === $gWLBoards) $gWLBoards = base64_decode($gWLBoards); 
               if ($options['wlBoard']!='') $gWLBoards = str_replace($options['wlBoard'].'"', $options['wlBoard'].'" selected="selected"', $gWLBoards);  echo $gWLBoards;} else { ?>
@@ -371 +371 @@
             
             <div id="altFormat" style="">
-              <div style="width:100%;"><strong id="altFormatText"><?php _e('Message text Format', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>  <a href="#" id="apWLMsgFrmt<?php echo $ii; ?>HintInfo" onclick="mxs_showHideFrmtInfo('apWLMsgFrmt<?php echo $ii; ?>'); return false;"><?php _e('Show format info', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>             
-              </div><input  name="wl[<?php echo $ii; ?>][apWLMsgFrmt]" id="apWLMsgFrmt" style="width: 50%;" value="<?php if ($options['wlMsgFormat']!='') _e(apply_filters('format_to_edit', htmlentities($options['wlMsgFormat'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g');  else echo "%TITLE% - %URL%"; ?>" onfocus="mxs_showFrmtInfo('apWLMsgFrmt<?php echo $ii; ?>');"  />
+              <div style="width:100%;"><strong id="altFormatText"><?php _e('Message text Format', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>  <a href="#" id="apWLMsgFrmt<?php echo esc_attr($ii); ?>HintInfo" onclick="mxs_showHideFrmtInfo('apWLMsgFrmt<?php echo esc_attr($ii); ?>'); return false;"><?php _e('Show format info', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>             
+              </div><input  name="wl[<?php echo esc_attr($ii); ?>][apWLMsgFrmt]" id="apWLMsgFrmt" style="width: 50%;" value="<?php if ($options['wlMsgFormat']!='') _e(apply_filters('format_to_edit', htmlentities($options['wlMsgFormat'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g');  else echo "%TITLE% - %URL%"; ?>" onfocus="mxs_showFrmtInfo('apWLMsgFrmt<?php echo esc_attr($ii); ?>');"  />
               
               <?php nxs_doShowHint("apWLMsgFrmt".$ii); ?>
             </div><br/>    
-            <?php if ($isNew) { ?> <input type="hidden" name="wl[<?php echo $ii; ?>][apDoWL]" value="1" id="apDoNewWL<?php echo $ii; ?>" /> <?php } ?>
+            <?php if ($isNew) { ?> <input type="hidden" name="wl[<?php echo esc_attr($ii); ?>][apDoWL]" value="1" id="apDoNewWL<?php echo esc_attr($ii); ?>" /> <?php } ?>
             <?php if ($options['wlPass']!='') { ?>
             
-            <b><?php _e('Test your settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b>&nbsp;&nbsp;&nbsp; <a href="#" class="NXSButton" onclick="testPost('WL', '<?php echo $ii; ?>'); return false;"><?php printf( __( 'Submit Test Post to %s', 'social-networks-auto-poster-facebook-twitter-g' ), $nType); ?></a>         
+            <b><?php _e('Test your settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b>&nbsp;&nbsp;&nbsp; <a href="#" class="NXSButton" onclick="testPost('WL', '<?php echo esc_attr($ii); ?>'); return false;"><?php printf( __( 'Submit Test Post to %s', 'social-networks-auto-poster-facebook-twitter-g' ), $nType); ?></a>         
             <?php } ?>
             
@@ -388 +388 @@
     <?php if (!$isNew) { ?> <div class="nxs_tls_cpt"><?php _e('Categories', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
     <div style="width:100%;"><strong><?php _e('Categories', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>
-       <input value="0" id="catSelA<?php echo $ii; ?>" type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][catSel]" <?php if ((int)$options['catSel'] != 1) echo "checked"; ?> /> All                                  
-       <input value="1" id="catSelS<?php echo $ntU; ?><?php echo $ii; ?>" type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][catSel]" <?php if ((int)$options['catSel'] == 1) echo "checked"; ?> /> <a href="#" style="text-decoration: none;" class="showCats" id="nxs_SCA_<?php echo $ntU; ?><?php echo $ii; ?>" onclick="jQuery('#catSelS<?php echo $ntU; ?><?php echo $ii; ?>').attr('checked', true); jQuery('#tmpCatSelNT').val('<?php echo $ntU; ?><?php echo $ii; ?>'); nxs_markCats( jQuery('#nxs_SC_<?php echo $ntU; ?><?php echo $ii; ?>').val() ); jQuery('#showCatSel').bPopup({ modalClose: false, appendTo: '#nsStForm', opacity: 0.6, follow: [false, false], position: [75, 'auto']}); return false;">Selected<?php if ($options['catSelEd']!='') echo "[".(substr_count($options['catSelEd'], ",")+1)."]"; ?></a>       
-       <input type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][catSelEd]" id="nxs_SC_<?php echo $ntU; ?><?php echo $ii; ?>" value="<?php echo $options['catSelEd']; ?>" />
+       <input value="0" id="catSelA<?php echo esc_attr($ii); ?>" type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][catSel]" <?php if ((int)$options['catSel'] != 1) echo "checked"; ?> /> All                                  
+       <input value="1" id="catSelS<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][catSel]" <?php if ((int)$options['catSel'] == 1) echo "checked"; ?> /> <a href="#" style="text-decoration: none;" class="showCats" id="nxs_SCA_<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" onclick="jQuery('#catSelS<?php echo $ntU; ?><?php echo esc_attr($ii); ?>').attr('checked', true); jQuery('#tmpCatSelNT').val('<?php echo $ntU; ?><?php echo esc_attr($ii); ?>'); nxs_markCats( jQuery('#nxs_SC_<?php echo $ntU; ?><?php echo esc_attr($ii); ?>').val() ); jQuery('#showCatSel').bPopup({ modalClose: false, appendTo: '#nsStForm', opacity: 0.6, follow: [false, false], position: [75, 'auto']}); return false;">Selected<?php if ($options['catSelEd']!='') echo "[".(substr_count($options['catSelEd'], ",")+1)."]"; ?></a>       
+       <input type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][catSelEd]" id="nxs_SC_<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" value="<?php echo $options['catSelEd']; ?>" />
     <br/><i><?php _e('Only selected categories will be autoposted to this account', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div> 
     <br/>
@@ -437 +437 @@
         $isAvailWL =  $ntOpt['wlUName']!='' && $ntOpt['wlPass']!=''; $wlMsgFormat = htmlentities($ntOpt['wlMsgFormat'], ENT_COMPAT, "UTF-8");        
       ?>  
-      <tr><th style="text-align:left;" colspan="2"><?php if ( $ntOpt['catSel']=='1' && trim($ntOpt['catSelEd'])!='' )  { ?> <input type="hidden" class="nxs_SC" id="nxs_SC_WL<?php echo $ii; ?>" value="<?php echo $ntOpt['catSelEd']; ?>" /> <?php } ?>
-      <?php if ($isAvailWL) { ?><input class="nxsGrpDoChb" value="1" id="doWL<?php echo $ii; ?>"  type="checkbox" name="wl[<?php echo $ii; ?>][doWL]" <?php if ((int)$doWL == 1) echo 'checked="checked" title="def"';  ?> /> 
-      <?php if ($post->post_status == "publish") { ?> <input type="hidden" name="wl[<?php echo $ii; ?>][doWL]" value="<?php echo $doWL;?>"> <?php } ?> <?php } ?>
+      <tr><th style="text-align:left;" colspan="2"><?php if ( $ntOpt['catSel']=='1' && trim($ntOpt['catSelEd'])!='' )  { ?> <input type="hidden" class="nxs_SC" id="nxs_SC_WL<?php echo esc_attr($ii); ?>" value="<?php echo $ntOpt['catSelEd']; ?>" /> <?php } ?>
+      <?php if ($isAvailWL) { ?><input class="nxsGrpDoChb" value="1" id="doWL<?php echo esc_attr($ii); ?>"  type="checkbox" name="wl[<?php echo esc_attr($ii); ?>][doWL]" <?php if ((int)$doWL == 1) echo 'checked="checked" title="def"';  ?> /> 
+      <?php if ($post->post_status == "publish") { ?> <input type="hidden" name="wl[<?php echo esc_attr($ii); ?>][doWL]" value="<?php echo $doWL;?>"> <?php } ?> <?php } ?>
       <div class="nsx_iconedTitle" style="display: inline; font-size: 13px; background-image: url(<?php echo $nxs_plurl; ?>img/wl16.png);">WaNeLo - <?php _e('publish to', 'social-networks-auto-poster-facebook-twitter-g') ?> (<i style="color: #005800;"><?php echo $ntOpt['nName']; ?></i>)</div></th> <td><?php //## Only show RePost button if the post is "published"
-                    if ($post->post_status == "publish" && $isAvailWL) { ?><input alt="<?php echo $ii; ?>" style="float: right;" onmouseout="hidePopShAtt('SV');" onmouseover="showPopShAtt('SV', event);" onclick="return false;"  type="button" class="button" name="rePostToWL_repostButton" id="rePostToWL_button" value="<?php _e('Repost to WaNeLo', 'social-networks-auto-poster-facebook-twitter-g') ?>" />
+                    if ($post->post_status == "publish" && $isAvailWL) { ?><input alt="<?php echo esc_attr($ii); ?>" style="float: right;" onmouseout="hidePopShAtt('SV');" onmouseover="showPopShAtt('SV', event);" onclick="return false;"  type="button" class="button" name="rePostToWL_repostButton" id="rePostToWL_button" value="<?php _e('Repost to WaNeLo', 'social-networks-auto-poster-facebook-twitter-g') ?>" />
                     <?php } ?>
 
                     <?php  if (is_array($pMeta) && is_array($pMeta[$ii]) && isset($pMeta[$ii]['pgID']) ) {                         
-                        ?> <span id="pstdWL<?php echo $ii; ?>" style="float: right;padding-top: 4px; padding-right: 10px;">
+                        ?> <span id="pstdWL<?php echo esc_attr($ii); ?>" style="float: right;padding-top: 4px; padding-right: 10px;">
           <a style="font-size: 10px;" href="http://WaNeLo.com<?php echo $pMeta[$ii]['pgID']; ?>" target="_blank"><?php $nType="WaNeLo"; printf( __( 'Posted on', 'social-networks-auto-poster-facebook-twitter-g' ), $nType); ?>  <?php echo (isset($pMeta[$ii]['pDate']) && $pMeta[$ii]['pDate']!='')?(" (".$pMeta[$ii]['pDate'].")"):""; ?></a>
                     </span><?php } ?>
@@ -457 +457 @@
                 
                 <tr id="altFormat1" style=""><th scope="row" style="vertical-align:top; padding-top:6px; text-align:right; width:60px; padding-right:10px;">
-                <input value="0"  type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][rpstPostIncl]"/><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][rpstPostIncl]"  <?php if ((int)$ntOpt['rpstPostIncl'] == 1) echo "checked"; ?> /> 
+                <input value="0"  type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][rpstPostIncl]"/><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][rpstPostIncl]"  <?php if ((int)$ntOpt['rpstPostIncl'] == 1) echo "checked"; ?> /> 
                 </th>
                 <td> <?php _e('Include in "Auto-Reposting" to this network.', 'social-networks-auto-poster-facebook-twitter-g') ?>                
@@ -463 +463 @@
                 
                 <tr><th scope="row" style="text-align:right; width:150px; padding-top: 5px; padding-right:10px;">Select Board</th>
-                <td><select name="wl[<?php echo $ii; ?>][apWLBoard]" id="apWLBoard">
+                <td><select name="wl[<?php echo esc_attr($ii); ?>][apWLBoard]" id="apWLBoard">
             <?php if (!empty($ntOpt['wlBoardsList'])){ $gWLBoards = $ntOpt['wlBoardsList']; if ( base64_encode(base64_decode($gWLBoards)) === $gWLBoards) $gWLBoards = base64_decode($gWLBoards); 
               if ($ntOpt['wlBoard']!='') $gWLBoards = str_replace($ntOpt['wlBoard'].'"', $ntOpt['wlBoard'].'" selected="selected"', $gWLBoards);  echo $gWLBoards;} else { ?>
@@ -473 +473 @@
                 <tr id="altFormat1" style=""><th scope="row" style="vertical-align:top; padding-top:6px; text-align:right; width:60px; padding-right:10px;"><?php _e('Text Message Format:', 'social-networks-auto-poster-facebook-twitter-g') ?></th>
                 <td>                
-                <textarea cols="150" rows="1" id="wl<?php echo $ii; ?>SNAPformat" name="wl[<?php echo $ii; ?>][SNAPformat]"  style="width:60%;max-width: 610px;" onfocus="jQuery('#wl<?php echo $ii; ?>SNAPformat').attr('rows', 4); jQuery('.nxs_FRMTHint').hide();mxs_showFrmtInfo('apWLMsgFrmt<?php echo $ii; ?>');"><?php echo $wlMsgFormat; ?></textarea>
+                <textarea cols="150" rows="1" id="wl<?php echo esc_attr($ii); ?>SNAPformat" name="wl[<?php echo esc_attr($ii); ?>][SNAPformat]"  style="width:60%;max-width: 610px;" onfocus="jQuery('#wl<?php echo esc_attr($ii); ?>SNAPformat').attr('rows', 4); jQuery('.nxs_FRMTHint').hide();mxs_showFrmtInfo('apWLMsgFrmt<?php echo esc_attr($ii); ?>');"><?php echo $wlMsgFormat; ?></textarea>
                 <?php nxs_doShowHint("apWLMsgFrmt".$ii); ?></td></tr>
                                 

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/wp.api.php

@@ -116 +116 @@
         if ($imgURL!=='' && stripos($imgURL, 'http')!==false) {
             // $handle = fopen($imgURL, "rb"); $filedata = ''; while (!feof($handle)) {$filedata .= fread($handle, 8192);} fclose($handle);
-            $filedata = nxs_remote_get($imgURL); if (! is_nxs_error($filedata) ) $filedata = $filedata['body']; // echo "AWC?";
+            $filedata = nxs_remote_get($imgURL); if (! is_nxs_error($filedata) ) $filedata = $filedata['body'];
             $data = array('name'  => 'image-'.$message['orID'].'.jpg', 'type'  => 'image/jpg', 'bits'  => new NXS_XMLRPC_Base64($filedata), true);
             $status = $nxsToWPclient->query('metaWeblog.newMediaObject', $message['orID'], $options['uName'], $pass, $data);  $imgResp = $nxsToWPclient->getResponse();  $gid = $imgResp['id'];

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/wp.php

@@ -23 +23 @@
     function accTab($ii, $options, $isNew=false){ $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; if (!isset($options['inclTags'])) $options['inclTags'] = 1; if (!isset($options['inclCats'])) $options['inclCats'] = 1;
         if (empty($options['pt'])) $options['pt'] = 'post';
-        ?><div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>&nbsp;<i><?php _e('XMLRPC URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input style="width: 550px;" name="wp[<?php echo $ii; ?>][wpURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wpURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
+        ?><div style="width:100%;"><strong><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>&nbsp;<i><?php _e('XMLRPC URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input style="width: 550px;" name="wp[<?php echo esc_attr($ii); ?>][wpURL]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['wpURL'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
         <div style="font-size: 11px; margin: 0px;">[Any Wordpress Based Blog] Usually its a URL of your Wordpress installation with /xmlrpc.php at the end.<br/> [Wordpress.com] Please use <b style="color: #005800;">https://YourUserName.wordpress.com/xmlrpc.php</b> (replace YourUserName with your user name) <br/>[Blog.com] Please use <b style="color: #005800;">http://YourUserName.blog.com/xmlrpc.php</b> (replace YourUserName with your user name)</div><br/>
 
         <?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?><br/>
 
-        <input type="checkbox" name="wp[<?php echo $ii; ?>][exactCopy]" <?php if (!empty($options['exactCopy'])) echo "checked"; ?> onchange="if (jQuery(this).is(':checked')) {jQuery('#moreOptions<?php echo $nt.$ii; ?>').hide(); jQuery('#moreOptionsExC<?php echo $nt.$ii; ?>').show();}else{jQuery('#moreOptions<?php echo $nt.$ii; ?>').show();jQuery('#moreOptionsExC<?php echo $nt.$ii; ?>').hide();}" /> Make exact copy.<br/> <br/>
+        <input type="checkbox" name="wp[<?php echo esc_attr($ii); ?>][exactCopy]" <?php if (!empty($options['exactCopy'])) echo "checked"; ?> onchange="if (jQuery(this).is(':checked')) {jQuery('#moreOptions<?php echo esc_attr($nt.$ii); ?>').hide(); jQuery('#moreOptionsExC<?php echo esc_attr($nt.$ii); ?>').show();}else{jQuery('#moreOptions<?php echo esc_attr($nt.$ii); ?>').show();jQuery('#moreOptionsExC<?php echo esc_attr($nt.$ii); ?>').hide();}" /> Make exact copy.<br/> <br/>
 
-        <div id="moreOptions<?php echo $nt.$ii; ?>" style="<?php if (!empty($options['exactCopy'])) echo "display:none;"; ?>">
+        <div id="moreOptions<?php echo esc_attr($nt.$ii); ?>" style="<?php if (!empty($options['exactCopy'])) echo "display:none;"; ?>">
 
             <?php $this->elemTitleFormat($ii,'Post Title Format','msgTFormat',$options['msgTFormat']); $this->elemMsgFormat($ii,'Post Text Format','msgFormat',$options['msgFormat']);?><br/ >
 
-            <div style="width:100%;"><strong><?php _e('Post Type', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>&nbsp;</div><input style="width: 550px;" name="wp[<?php echo $ii; ?>][pt]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['pt'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
+            <div style="width:100%;"><strong><?php _e('Post Type', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>&nbsp;</div><input style="width: 550px;" name="wp[<?php echo esc_attr($ii); ?>][pt]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['pt'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/>
             <br/>
 
-            <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclTags]"  <?php if (!empty($options['inclTags'])) echo "checked"; ?> />
+            <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclTags]"  <?php if (!empty($options['inclTags'])) echo "checked"; ?> />
                 <strong><?php _e('Post with tags', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong> <?php _e('Tags from the blogpost will be included', 'social-networks-auto-poster-facebook-twitter-g'); ?>
             </div>
-            <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo $nt; ?>[<?php echo $ii; ?>][inclCats]"  <?php if (!empty($options['inclCats'])) echo "checked"; ?> />
+            <div style="margin-bottom: 20px;margin-top: 5px;"><input value="1" type="checkbox" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][inclCats]"  <?php if (!empty($options['inclCats'])) echo "checked"; ?> />
                 <strong><?php _e('Post with categories', 'social-networks-auto-poster-facebook-twitter-g'); ?></strong> <?php _e('Categories from the blogpost will be included. Target blog must have the categories with the same slugs', 'social-networks-auto-poster-facebook-twitter-g'); ?>
             </div>
         </div>
 
-        <div id="moreOptionsExC<?php echo $nt.$ii; ?>" style="<?php if (empty($options['exactCopy'])) echo "display:none;"; ?>">
-            &nbsp;&nbsp;&nbsp;<input type="checkbox" name="wp[<?php echo $ii; ?>][keepDate]" <?php if (!empty($options['keepDate'])) echo "checked"; ?>/> Keep Original Date<br/><br/>
+        <div id="moreOptionsExC<?php echo esc_attr($nt.$ii); ?>" style="<?php if (empty($options['exactCopy'])) echo "display:none;"; ?>">
+            &nbsp;&nbsp;&nbsp;<input type="checkbox" name="wp[<?php echo esc_attr($ii); ?>][keepDate]" <?php if (!empty($options['keepDate'])) echo "checked"; ?>/> Keep Original Date<br/><br/>
         </div>
         <?php
@@ -83 +83 @@
         $msgFormat = !empty($ntOpt['msgFormat'])?htmlentities($ntOpt['msgFormat'], ENT_COMPAT, "UTF-8"):''; $msgTFormat = !empty($ntOpt['msgTFormat'])?htmlentities($ntOpt['msgTFormat'], ENT_COMPAT, "UTF-8"):'';
         $imgToUse = $ntOpt['imgToUse'];  $urlToUse = $ntOpt['urlToUse']; $ntOpt['ii']=$ii;
-        ?><div id="moreOptions<?php echo $nt.$ii; ?>" style="<?php if (!empty($ntOpt['exactCopy'])) echo "display:none;"; ?>"><?php
+        ?><div id="moreOptions<?php echo esc_attr($nt.$ii); ?>" style="<?php if (!empty($ntOpt['exactCopy'])) echo "display:none;"; ?>"><?php
         //## Title and Message
         $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgTFormat);

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/xi.php

@@ -19 +19 @@
   //#### Show Unit  Settings  
   function checkIfSetupFinished($options) { return true;  return ((!empty($options['appAppUserID']) && !empty($options['accessToken'])) || !empty($options['uName']) );   }
-  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL; if (isset($_GET['acc'])) $options = $this->nt[$_GET['acc']];
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){
-      $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$_GET['acc'];
-      $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret); $tum_oauth->baseURL = 'https://api.xing.com'; $tum_oauth->request_token_path = '/v1/request_token';
-      $request_token = $tum_oauth->getReqToken($callback_url); $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret']; 
-      prr($tum_oauth); prr($options);               
-      switch ($tum_oauth->http_code) { case 201: case 200: $url = 'https://api.xing.com/v1/authorize?oauth_token='.$options['oAuthToken']; nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*'); 
-        echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break; 
-        default: echo '<br/><b style="color:red">Could not connect to XING. Refresh the page or try again later.</b>'; die();
-      } die();
+  public function doAuth() { $ntInfo = $this->ntInfo; global $nxs_snapSetPgURL;
+    if (isset($_GET['acc'])) { $acc = sanitize_text_field($_GET['acc']); $options = $this->nt[$acc];
+        if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode']){
+          $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); $callback_url = $nxs_snapSetPgURL."&auth=".$ntInfo['lcode']."a&acc=".$acc;
+          $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret); $tum_oauth->baseURL = 'https://api.xing.com'; $tum_oauth->request_token_path = '/v1/request_token';
+          $request_token = $tum_oauth->getReqToken($callback_url); $options['oAuthToken'] = $request_token['oauth_token']; $options['oAuthTokenSecret'] = $request_token['oauth_token_secret'];
+          prr($tum_oauth); prr($options);
+          switch ($tum_oauth->http_code) { case 201: case 200: $url = 'https://api.xing.com/v1/authorize?oauth_token='.$options['oAuthToken']; nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');
+            echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$url.'"</script>'; break;
+            default: echo '<br/><b style="color:red">Could not connect to XING. Refresh the page or try again later.</b>'; die();
+          } die();
+        }
+        if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']);
+          $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); //prr($tum_oauth);
+          $tum_oauth->baseURL = 'https://api.xing.com'; $tum_oauth->access_token_path = '/v1/access_token'; $access_token = $tum_oauth->getAccToken(sanitize_text_field($_GET['oauth_verifier'])); prr($access_token);
+          $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];
+          $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);
+          $uinfo = $tum_oauth->makeReq('https://api.xing.com/v1/users/me', ''); prr($uinfo);
+          if (is_array($uinfo) && isset($uinfo['users']) && isset($uinfo['users'][0]) && is_array($uinfo['users'][0])) { $uinfo = $uinfo['users'][0]; $options['appPGUserName'] = $uinfo['page_name'];
+            $options['appAppUserName'] = $uinfo['display_name']."(".$uinfo['page_name'].")"; $options['appAppUserID'] = $uinfo['id'];
+          }  nxs_save_glbNtwrks($ntInfo['lcode'],$acc,$options,'*');  //prr($options); die();
+          if (!empty($options['appAppUserID'])) {  echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>';  die();}
+            else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".print_r($uinfo, true)."</span></span>");
+        }
     }
-    if ( isset($_GET['auth']) && $_GET['auth']==$ntInfo['lcode'].'a'){ $consumer_key = nxs_gak($options['appKey']); $consumer_secret = nxs_gas($options['appSec']); 
-      $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret, $options['oAuthToken'], $options['oAuthTokenSecret']); //prr($tum_oauth);
-      $tum_oauth->baseURL = 'https://api.xing.com'; $tum_oauth->access_token_path = '/v1/access_token'; $access_token = $tum_oauth->getAccToken($_GET['oauth_verifier']); prr($access_token);
-      $options['accessToken'] = $access_token['oauth_token'];  $options['accessTokenSec'] = $access_token['oauth_token_secret'];  
-      $tum_oauth = new nxs_OAuthBaseCl($consumer_key, $consumer_secret, $options['accessToken'], $options['accessTokenSec']);               
-      $uinfo = $tum_oauth->makeReq('https://api.xing.com/v1/users/me', ''); prr($uinfo);
-      if (is_array($uinfo) && isset($uinfo['users']) && isset($uinfo['users'][0]) && is_array($uinfo['users'][0])) { $uinfo = $uinfo['users'][0]; $options['appPGUserName'] = $uinfo['page_name'];
-        $options['appAppUserName'] = $uinfo['display_name']."(".$uinfo['page_name'].")"; $options['appAppUserID'] = $uinfo['id'];                         
-      }  nxs_save_glbNtwrks($ntInfo['lcode'],$_GET['acc'],$options,'*');  //prr($options); die();
-      if (!empty($options['appAppUserID'])) {  echo '<br/><br/>All good?! Redirecting ..... <script type="text/javascript">window.location = "'.$nxs_snapSetPgURL.'"</script>';  die();}
-        else die("<span style='color:red;'>ERROR: Authorization Error: <span style='color:darkred; font-weight: bold;'>".print_r($uinfo, true)."</span></span>");              
-    }
-  }
-  
-  function getPgsList($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_XI();// $nt->debug = true; // prr($opVal);
+  }
+  
+  function getPgsList($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_XI();// $nt->debug = true; // prr($opVal);
      $currPstAs = !empty($_POST['pgcID'])?$_POST['pgcID']:(!empty($networks['xi'][$ii])?$networks['xi'][$ii]['pgcID']:'');
-     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['pgsList']) ) $pgs = $opVal['pgsList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect($_POST['u'],$_POST['p']); 
+     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['pgsList']) ) $pgs = $opVal['pgsList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);
        if (!$loginError){ $opVal['ck'] = $nt->ck;  $pgs = $nt->getPgsList($currPstAs); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }
@@ -53 +55 @@
      $opVal['pgsList'] = $pgs; nxs_saveOption($opNm, $opVal); return $opVal;
   }
-  function getGrpList($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_XI(); // prr($opVal);
+  function getGrpList($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_XI(); // prr($opVal);
      $currPstAs = !empty($_POST['pggID'])?$_POST['pggID']:(!empty($networks['xi'][$ii]['pggID'])?$networks['xi'][$ii]['pggID']:'');
-     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['grpList']) ) $pgs = $opVal['grpList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect($_POST['u'],$_POST['p']); 
+     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['grpList']) ) $pgs = $opVal['grpList']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);
        if (!$loginError){ $opVal['ck'] = $nt->ck;  $pgs = $nt->getGrpList($currPstAs); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }
@@ -62 +64 @@
      $opVal['grpList'] = $pgs; nxs_saveOption($opNm, $opVal); return $opVal;
   }
-  function getGrpForums($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = $_POST['ii']; $nt = new nxsAPI_XI();  $nt->debug = true;// prr($opVal);
+  function getGrpForums($networks){ $opVal = array(); $pass = 'g9c1a'.nsx_doEncode($_POST['p']); $opNm = 'nxs_snap_xi_'.sha1('nxs_snap_xi'.$_POST['u'].$pass); $opVal = nxs_getOption($opNm); $ii = sanitize_key($_POST['ii']); $nt = new nxsAPI_XI();  $nt->debug = true;// prr($opVal);
      $currPstAs = !empty($_POST['pggID'])?$_POST['pggID']:(!empty($networks['xi'][$ii]['pggID'])?$networks['xi'][$ii]['pggID']:''); $currForum = !empty($_POST['gpfID'])?$_POST['gpfID']:(!empty($networks['xi'][$ii]['gpfID'])?$networks['xi'][$ii]['gpfID']:'');
-     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['grpForums']) ) $pgs = $opVal['grpForums']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect($_POST['u'],$_POST['p']); 
+     if (empty($_POST['force']) && !empty($opVal['ck']) && !empty($opVal['grpForums']) ) $pgs = $opVal['grpForums']; else { if (!empty($opVal['ck'])) $nt->ck = $opVal['ck']; $loginError=$nt->connect(sanitize_user($_POST['u']),$_POST['p']);
        if (!$loginError){ $opVal['ck'] = $nt->ck;  $pgs = $nt->getGrpForums('https://www.xing.com/communities/groups/'.$currPstAs, $currForum); }
          else { $outMsg = '<b style="color:red;">'.__('Login Problem').'&nbsp;-&nbsp;'.$loginError.'</b>'; if (!empty($_POST['isOut'])) echo $outMsg; return $outMsg; }
@@ -79 +81 @@
       <span style="color:#FF0000; font-weight: bold; font-size: 14px;">[<a style="color:#FF0000;" target="_blank" href="http://nxs.fyi/xingmsg">Officially Discontinued by XING</a>]</span>&nbsp;<span style="color:#005800; font-weight: bold; font-size: 14px;"> XING Native API:</span> Free built-in API from XING. <br/><br/>              
       
-      <select name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?>').hide(); jQuery('.nxs_<?php echo $nt; ?>_api'+jQuery(this).val()+'div_<?php echo $ii; ?>').show();  "><option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='xixi')?"selected":""; ?> value="xixi">XING API</option></select><hr/>    
+      <select name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiToUse]" onchange="jQuery('.nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?>').hide(); jQuery('.nxs_<?php echo esc_attr($nt); ?>_api'+jQuery(this).val()+'div_<?php echo esc_attr($ii); ?>').show();  "><option <?php echo (empty($options['apiToUse']) || $options['apiToUse'] =='nx')?"selected":""; ?> value="nx">NextScripts API</option><option <?php echo (!empty($options['apiToUse']) && $options['apiToUse'] =='xixi')?"selected":""; ?> value="xixi">XING API</option></select><hr/>    
     </div>
     <?php if (!empty($options['appKey'])) $options['apiToUse'] = 'xixi'; ?>
-    <div id="nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apinxdiv_<?php echo $ii; ?>" style="display: <?php echo ((empty($options['apiToUse']) && empty($options['appKey'])) || $options['apiToUse'] =='nx')?"block":"none"; ?>;">
+    <div id="nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apinxdiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo ((empty($options['apiToUse']) && empty($options['appKey'])) || $options['apiToUse'] =='nx')?"block":"none"; ?>;">
     <h3>NextScripts API</h3>
     
@@ -90 +92 @@
       } if (!empty($opVal) & !is_array($opVal)) $options['uMsg'] = $opVal; else { if (!empty($opVal) & is_array($opVal)) $options = array_merge($options, $opVal); } 
     ?>
-    <div class="subDiv" id="sub<?php echo $ii; ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
+    <div class="subDiv" id="sub<?php echo esc_attr($ii); ?>DivN" style="display: block;"><?php $this->elemUserPass($ii, $options['uName'], $options['uPass']); ?></div><br/>
     <script type="text/javascript">      
-      jQuery('#apXIUName<?php echo $ii; ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apXIPass<?php echo $ii; ?>').val(); if( u!='' && p!='' ) { nxs_xi2GetPages(<?php echo $ii; ?>,0); }  });
-      jQuery('#apXIPass<?php echo $ii; ?>').change(function() { var u = jQuery('#apXIUName<?php echo $ii; ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_xi2GetPages(<?php echo $ii; ?>,0); }  });
+      jQuery('#apXIUName<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery(this).val();  var p = jQuery('#apXIPass<?php echo esc_attr($ii); ?>').val(); if( u!='' && p!='' ) { nxs_xi2GetPages(<?php echo esc_attr($ii); ?>,0); }  });
+      jQuery('#apXIPass<?php echo esc_attr($ii); ?>').change(function() { var u = jQuery('#apXIUName<?php echo esc_attr($ii); ?>').val();  var p = jQuery(this).val(); if( u!='' && p!='' ) { nxs_xi2GetPages(<?php echo esc_attr($ii); ?>,0); }  });
       
-      jQuery('.xiWhereToPost<?php echo $ii; ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#xiPostType<?php echo $ii; ?>').show(); else jQuery('#xiPostType<?php echo $ii; ?>').hide();  });
+      jQuery('.xiWhereToPost<?php echo esc_attr($ii); ?>').change(function() { if (jQuery(this).val()!='P') jQuery('#xiPostType<?php echo esc_attr($ii); ?>').show(); else jQuery('#xiPostType<?php echo esc_attr($ii); ?>').hide();  });
       
     </script>
     <div style="width:100%;"><b style="font-size: 15px;"><?php _e('Where to Post', 'social-networks-auto-poster-facebook-twitter-g'); if (empty($options['whToPost'])) $options['whToPost'] = 'PR'; ?>:</b> </div>
       <div style="margin-left: 10px;">        
-        <input class="xiWhereToPost<?php echo $ii; ?>" type="radio" name="xi[<?php echo $ii; ?>][whToPost]" value="PR" <?php if ($options['whToPost'] == 'PR') echo 'checked="checked"'; ?> /> 
+        <input class="xiWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="xi[<?php echo esc_attr($ii); ?>][whToPost]" value="PR" <?php if ($options['whToPost'] == 'PR') echo 'checked="checked"'; ?> /> 
         <span style="font-size: 15px;"><?php _e('Profile Update', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to your profile', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/></span>
         
         <div style="margin-left: 30px;"> <div style="width:100%;"><strong style="font-size: 15px;">Post Type:</strong></div><div style="margin-left: 10px;">
-           <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="T" <?php if ($options['postTypeP'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
-           <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="A" <?php if ( !isset($options['postTypeP']) || $options['postTypeP'] == '' || $options['postTypeP'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Share link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
-           <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="I" <?php if ( !empty($options['postTypeP']) &&  $options['postTypeP'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+           <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="T" <?php if ($options['postTypeP'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
+           <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="A" <?php if ( !isset($options['postTypeP']) || $options['postTypeP'] == '' || $options['postTypeP'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Share link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+           <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="I" <?php if ( !empty($options['postTypeP']) &&  $options['postTypeP'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
          </div><br/>
         </div>
         
-        <input class="xiWhereToPost<?php echo $ii; ?>" type="radio" name="xi[<?php echo $ii; ?>][whToPost]" value="C" <?php if ($options['whToPost'] == 'C') echo 'checked="checked"'; ?> /> 
+        <input class="xiWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="xi[<?php echo esc_attr($ii); ?>][whToPost]" value="C" <?php if ($options['whToPost'] == 'C') echo 'checked="checked"'; ?> /> 
          <span style="font-size: 15px;"><?php _e('Company Page', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to Company page', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> </span>
         
-        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2InfoDiv<?php echo $ii; ?>"> 
+        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2InfoDiv<?php echo esc_attr($ii); ?>"> 
          <div style="width:100%;">
           <div>                   
-          <select id="xi2pgID<?php echo $ii; ?>" onchange="nxs_xi2PageChange('<?php echo $ii;?>',jQuery(this));" name="xi[<?php echo $ii;?>][pgcID]">
+          <select id="xi2pgID<?php echo esc_attr($ii); ?>" onchange="nxs_xi2PageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="xi[<?php echo esc_attr($ii);?>][pgcID]">
             <?php $pgi = !empty($options['pgsList'])?$options['pgsList']:''; 
               if (!empty($options['pgcID'])) { echo (!empty($options['pgcID']) && stripos($pgi,$options['pgcID'])===false)?'<option selected="selected" value="'.$options['pgcID'].'">'.$options['pgcID'].'</option>':''; }            
@@ -125 +127 @@
             ?><option value="a"><?php _e('.... Enter the Company Page ID'); ?></option>
           </select>
-          <div id="nxsXI2InfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-          <input type="text" style="display: none;" id="xi2InpCst<?php echo $ii; ?>" value="<?php echo !empty($options['pgcID'])?$options['pgcID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2pgID<?php echo $ii; ?>" />         
-          <div style="display: inline-block;"><a onclick="nxs_xi2GetPages(<?php echo $ii;?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo $nt.$ii;?>2rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo $nt.$ii;?>2ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          <div id="nxsXI2InfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+          <input type="text" style="display: none;" id="xi2InpCst<?php echo esc_attr($ii); ?>" value="<?php echo !empty($options['pgcID'])?$options['pgcID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2pgID<?php echo esc_attr($ii); ?>" />         
+          <div style="display: inline-block;"><a onclick="nxs_xi2GetPages(<?php echo esc_attr($ii);?>, 1); jQuery(this).blur(); return false;" href="#"><img id="<?php echo esc_attr($nt.$ii);?>2rfrshImg" style="vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/refresh16.png' /></a></div></div> <img id="<?php echo esc_attr($nt.$ii);?>2ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>
           
            <div style="margin-left: 30px;"> <div style="width:100%;"><strong style="font-size: 15px;">Post Type:</strong></div><div style="margin-left: 10px;">
-           <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeC]" value="T" <?php if ($options['postTypeC'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                             
-           <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeC]" value="I" <?php if ( !empty($options['postTypeC']) &&  $options['postTypeC'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+           <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeC]" value="T" <?php if ($options['postTypeC'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                             
+           <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeC]" value="I" <?php if ( !empty($options['postTypeC']) &&  $options['postTypeC'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
          </div><br/>
         </div>
@@ -140 +142 @@
         </div> 
         
-        <br/><input class="xiWhereToPost<?php echo $ii; ?>" type="radio" name="xi[<?php echo $ii; ?>][whToPost]" value="G" <?php if ($options['whToPost'] == 'G') echo 'checked="checked"'; ?> /> 
+        <br/><input class="xiWhereToPost<?php echo esc_attr($ii); ?>" type="radio" name="xi[<?php echo esc_attr($ii); ?>][whToPost]" value="G" <?php if ($options['whToPost'] == 'G') echo 'checked="checked"'; ?> /> 
         <span style="font-size: 15px;"><?php _e('Group', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post to LinkedIn Group', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/> </span>
         
-        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2GInfoDiv<?php echo $ii; ?>"> 
+        <div style="margin-left: 30px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2GInfoDiv<?php echo esc_attr($ii); ?>"> 
          <div style="width:100%;">
           <div>                   
-          <select id="xi2GpgID<?php echo $ii; ?>" onchange="nxs_xi2GPageChange('<?php echo $ii;?>',jQuery(this));" name="xi[<?php echo $ii;?>][pggID]">
+          <select id="xi2GpgID<?php echo esc_attr($ii); ?>" onchange="nxs_xi2GPageChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="xi[<?php echo esc_attr($ii);?>][pggID]">
             <?php $pgi = !empty($options['grpList'])?$options['grpList']:''; 
               if (!empty($options['pggID'])) { echo (!empty($options['pggID']) && stripos($pgi,$options['pggID'])===false)?'<option selected="selected" value="'.$options['pggID'].'">'.$options['pggID'].'</option>':''; }            
@@ -155 +157 @@
             ?><option value="a"><?php _e('.... Enter the Group ID'); ?></option>
           </select>
-          <div id="nxsXI2GInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-          <input type="text" style="display: none;" id="xi2GInpCst<?php echo $ii; ?>" value="<?php echo !empty($options['pgcID'])?$options['pgcID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2GpgID<?php echo $ii; ?>" />         
-          </div> <img id="<?php echo $nt.$ii;?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          <div id="nxsXI2GInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+          <input type="text" style="display: none;" id="xi2GInpCst<?php echo esc_attr($ii); ?>" value="<?php echo !empty($options['pgcID'])?$options['pgcID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2GpgID<?php echo esc_attr($ii); ?>" />         
+          </div> <img id="<?php echo esc_attr($nt.$ii);?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>  
@@ -165 +167 @@
         <div style="margin-left: 20px;">
         
-        <div style="margin-left: 30px; margin-top: 10px; font-size: 15px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2GInfoDiv<?php echo $ii; ?>"> <?php _e('Please select a Group Forum', 'nxs_snap'); ?><br/>
+        <div style="margin-left: 30px; margin-top: 10px; font-size: 15px;<?php echo (empty($options['uName']) && empty($options['uPass']))?'display:none;':''; ?>" id="nxsXI2GInfoDiv<?php echo esc_attr($ii); ?>"> <?php _e('Please select a Group Forum', 'nxs_snap'); ?><br/>
          <div style="width:100%;">
           <div>                   
-          <select id="xi2GfID<?php echo $ii; ?>" onchange="nxs_xi2GfChange('<?php echo $ii;?>',jQuery(this));" name="xi[<?php echo $ii;?>][gpfID]">
+          <select id="xi2GfID<?php echo esc_attr($ii); ?>" onchange="nxs_xi2GfChange('<?php echo esc_attr($ii);?>',jQuery(this));" name="xi[<?php echo esc_attr($ii);?>][gpfID]">
             <?php $pgi = !empty($options['grpForums'])?$options['grpForums']:''; 
               if (!empty($options['gpfID'])) { echo (!empty($options['gpfID']) && stripos($pgi,$options['gpfID'])===false)?'<option selected="selected" value="'.$options['gpfID'].'">'.$options['gpfID'].'</option>':''; }            
@@ -177 +179 @@
             ?><option value="a"><?php _e('.... Enter the Group Forum ID'); ?></option>
           </select>
-          <div id="nxsXI2GInfoDivBlock<?php echo $ii; ?>" style="display: inline-block;">
-          <input type="text" style="display: none;" id="xi2GfInpCst<?php echo $ii; ?>" value="<?php echo !empty($options['gpfID'])?$options['gpfID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2GpgID<?php echo $ii; ?>" />         
-          </div> <img id="<?php echo $nt.$ii;?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
+          <div id="nxsXI2GInfoDivBlock<?php echo esc_attr($ii); ?>" style="display: inline-block;">
+          <input type="text" style="display: none;" id="xi2GfInpCst<?php echo esc_attr($ii); ?>" value="<?php echo !empty($options['gpfID'])?$options['gpfID']:''; ?>" onblur="nxs_InpToDDBlur(jQuery(this));"  onchange="nxs_InpToDDChange(jQuery(this));" data-tid="xi2GpgID<?php echo esc_attr($ii); ?>" />         
+          </div> <img id="<?php echo esc_attr($nt.$ii);?>3ldImg" style="display: none;vertical-align: middle;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           </div>          
           </div>  
@@ -185 +187 @@
           
           <div style="width:100%;"><strong style="font-size: 15px;">Post Type:</strong></div><div style="margin-left: 10px;">
-            <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="T" <?php if ($options['postTypeG'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
-            <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="I" <?php if ( !isset($options['postTypeG']) || $options['postTypeG'] == '' || $options['postTypeG'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+            <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="T" <?php if ($options['postTypeG'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
+            <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="I" <?php if ( !isset($options['postTypeG']) || $options['postTypeG'] == '' || $options['postTypeG'] == 'I') echo 'checked="checked"'; ?> /> <?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
           </div>
         </div>                       
@@ -199 +201 @@
     </div>
     
-    <div id="nxs_<?php echo $nt; ?>_apixixidiv_<?php echo $ii; ?>" class="nxs_<?php echo $nt; ?>_apidiv_<?php echo $ii; ?> nxs_<?php echo $nt; ?>_apixixidiv_<?php echo $ii; ?>" style="display: <?php echo (!empty($options['appKey']) || (!empty($options['apiToUse']) && $options['apiToUse'] =='xixi'))?"block":"none"; ?>;">
+    <div id="nxs_<?php echo esc_attr($nt); ?>_apixixidiv_<?php echo esc_attr($ii); ?>" class="nxs_<?php echo esc_attr($nt); ?>_apidiv_<?php echo esc_attr($ii); ?> nxs_<?php echo esc_attr($nt); ?>_apixixidiv_<?php echo esc_attr($ii); ?>" style="display: <?php echo (!empty($options['appKey']) || (!empty($options['apiToUse']) && $options['apiToUse'] =='xixi'))?"block":"none"; ?>;">
    
    <div style="color:red;padding:5px;margin:5px; border: 1px solid darkred;">[January 2017] XING has decided to discontinue it's free public API. More Info: <a target="_blank" href="http://nxs.fyi/xingmsg">http://nxs.fyi/xingmsg</a>.<br/>If you have existing XING app, you still can use it.<br/></div>
@@ -209 +211 @@
       _e('Your '.$ntInfo['name'].' Account has been authorized.', 'social-networks-auto-poster-facebook-twitter-g'); ?> User ID: <?php _e(apply_filters('format_to_edit', htmlentities($options['appAppUserID'].' - '.$options['appAppUserName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>.
       <?php _e('You can', 'social-networks-auto-poster-facebook-twitter-g'); ?> Re- <?php } ?>            
-      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo $nt; ?>&acc=<?php echo $ii; ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
+      <a href="<?php echo $nxs_snapSetPgURL;?>&auth=<?php echo esc_attr($nt); ?>&acc=<?php echo esc_attr($ii); ?>">Authorize Your <?php echo $ntInfo['name']; ?> Account</a>            
       <?php if (!isset($options['appAppUserID']) || $options['appAppUserID']<1) { ?> <div class="blnkg">&lt;=== <?php _e('Authorize your account', 'social-networks-auto-poster-facebook-twitter-g'); ?> ===</div> <?php } 
     } ?><br/><br/> 
@@ -215 +217 @@
     <div style="width:100%;"><strong id="altFormatText">Post Type:</strong></div>
     <div style="margin-left: 10px;">
-      <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
-     <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Post link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
+      <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($options['postType'] == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g'); ?></i><br/>                                  
+     <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($options['postType']) || $options['postType'] == '' || $options['postType'] == 'A') echo 'checked="checked"'; ?> /> <?php _e('Post link to the blogpost', 'social-networks-auto-poster-facebook-twitter-g'); ?><br/>
     </div><br/>
     
@@ -269 +271 @@
         
         <tr class="nxstbldo <?php echo 'nxstbldo'.strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/></th><td>     
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="T" <?php if ($postTypeP == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="A" <?php if ( !isset($postTypeP) || $postTypeP == '' || $postTypeP == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="T" <?php if ($postTypeP == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="A" <?php if ( !isset($postTypeP) || $postTypeP == '' || $postTypeP == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
         </td></tr>    
         <?php } elseif( $ntOpt['whToPost']=='C') { $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'), $msgTCFormat);  } else { $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'), $msgTFormat); ?> 
             <tr class="nxstbldo <?php echo 'nxstbldo'.strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/></th><td>     
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="T" <?php if ($postTypeG == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="A" <?php if ( !isset($postTypeG) || $postTypeG == '' || $postTypeG == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="T" <?php if ($postTypeG == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="A" <?php if ( !isset($postTypeG) || $postTypeG == '' || $postTypeG == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         </td></tr>    
         <?php } ?>    
@@ -281 +283 @@
         <?php } else { ?> 
         <tr class="nxstbldo <?php echo 'nxstbldo'.strtoupper($nt).$ii; ?>"><th scope="row" style="text-align:right; width:150px; vertical-align:top; padding-top: 0px; padding-right:10px;"> <?php _e('Post Type:', 'social-networks-auto-poster-facebook-twitter-g') ?> <br/></th><td>     
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
         </td></tr>
         <?php } $this->elemEdMsgFormat($ii, __('Message Format:', 'social-networks-auto-poster-facebook-twitter-g'),$msgFormat); 
@@ -306 +308 @@
             if (empty($ntOpt['whToPost']) || $ntOpt['whToPost']=='PR') { ?>
         
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if (isset($postTypeP) && $postTypeP == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="A" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( empty($postTypeP) || $postTypeP == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with shared link', 'social-networks-auto-poster-facebook-twitter-g') ?><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeP]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !empty($postTypeP) && $postTypeP == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if (isset($postTypeP) && $postTypeP == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="A" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( empty($postTypeP) || $postTypeP == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with shared link', 'social-networks-auto-poster-facebook-twitter-g') ?><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeP]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !empty($postTypeP) && $postTypeP == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         
         <?php } elseif( $ntOpt['whToPost']=='C') {  ?>
             
-            <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeC]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postTypeC == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-            <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeC]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !isset($postTypeC) || $postTypeC == '' || $postTypeC == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+            <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeC]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postTypeC == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+            <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeC]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !isset($postTypeC) || $postTypeC == '' || $postTypeC == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         
         <?php
@@ -321 +323 @@
         } else { $this->elemEdTitleFormat($ii, __('Title Format:', 'social-networks-auto-poster-facebook-twitter-g'), $msgTFormat); ?> 
              
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postTypeG == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postTypeG]" value="I" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !isset($postTypeG) || $postTypeG == '' || $postTypeG == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postTypeG == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postTypeG]" value="I" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !isset($postTypeG) || $postTypeG == '' || $postTypeG == 'I') echo 'checked="checked"'; ?> /><?php _e('Image Post', 'social-networks-auto-poster-facebook-twitter-g') ?>
         
         <?php }  } else { ?> 
         
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
-        <input type="radio" name="<?php echo $nt; ?>[<?php echo $ii; ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="T" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($postType == 'T') echo 'checked="checked"'; ?> /> <?php _e('Text Post', 'social-networks-auto-poster-facebook-twitter-g') ?>  - <i><?php _e('just text message', 'social-networks-auto-poster-facebook-twitter-g') ?></i><br/>
+        <input type="radio" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][postType]" value="A" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ( !isset($postType) || $postType == '' || $postType == 'A') echo 'checked="checked"'; ?> /><?php _e('Text Post with "attached" blogpost', 'social-networks-auto-poster-facebook-twitter-g') ?>
         
         <?php } ?>

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/yo.api.php

@@ -54 +54 @@
       $sql = "SELECT meta_value, user_id FROM $wpdb->usermeta WHERE meta_key = 'nxs_yo'";       
       $users = $wpdb->get_results($sql);
-      foreach ($users as $user) { $data['username'] = $user->meta_value;//  echo $user->user_id.'|'.$user->meta_value;
+      foreach ($users as $user) { $data['username'] = $user->meta_value;
         $advSet = nxs_mkRemOptsArr($hdrsArr, '', $data); $rep = nxs_remote_post('http://api.justyo.co/yo/', $advSet); // prr($advSet); prr($rep);      
         $jsRep = json_decode($rep['body'], true); if (!empty($jsRep['success'])) $gCnt++; else $bCnt++;   // $hddr = print_r($rep['headers'], true);  $limit = trim(CutFromTo($hddr, '[x-ratelimit-remaining] =>', '[')); prr($limit);        

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/yo.php

@@ -14 +14 @@
   function accTab($ii, $options, $isNew=false){ global $nxs_snapSetPgURL; $ntInfo = $this->ntInfo; $nt = $ntInfo['lcode']; ?><div id="altFormat" style="">
       <div style="width:100%;"><strong id="altFormatText">Yo API Key:</strong> <span style="font-size: 11px; margin: 0px;">Get it from <a target="_blank" href="http://www.diigo.com/api_keys/">http://www.diigo.com/api_keys</a>.</span></div>
-      <input name="<?php echo $nt; ?>[<?php echo $ii; ?>][apiKey]" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apiKey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
+      <input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][apiKey]" style="width: 60%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['apiKey'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" />  <br/> 
     </div><br/><?php $this->elemMsgFormat($ii,'Message Text Format','msgFormat',$options['msgFormat']);
   }

social-networks-auto-poster-facebook-twitter-g/trunk/inc-cl/yt.php

@@ -25 +25 @@
   if (empty($options['sid'])) $options['sid']=''; if (empty($options['ssid'])) $options['ssid']=''; if (empty($options['nid'])) $options['nid']=''; if (empty($options['hsid'])) $options['hsid']='';?>
   
-  <div id="ups<?php echo $nt.$ii; ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo $nt.$ii; ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
-    <div id="ups<?php echo $nt.$ii; ?>S" class="ups<?php echo $nt.$ii; ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
-       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       SSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
-       HSID:&nbsp;<input style="width:400px;" name="<?php echo $nt; ?>[<?php echo $ii; ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+  <div id="ups<?php echo esc_attr($nt.$ii); ?>UPS" style="padding-top: 10px;"><a href="#" onclick="jQuery('#ups<?php echo esc_attr($nt.$ii); ?>S').show();return false;">Use session</a> (Optional - use only if you are having login problems)</div>
+    <div id="ups<?php echo esc_attr($nt.$ii); ?>S" class="ups<?php echo esc_attr($nt.$ii); ?>"  style="padding-left: 15px; padding-top: 10px; display:none;">
+       SID:&nbsp;&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][sid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['sid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       SSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ssid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ssid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
+       HSID:&nbsp;<input style="width:400px;" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][hsid]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['hsid'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <br/>
     </div>
   
     <br/ >   
-    <div style="width:100%;"><strong><?php _e('YouTube Channel Feed Page URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('YouTube Channel Page URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][ytPageID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ytPageID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
-    <div style="width:100%;"><strong><?php _e('Google+ Page ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Fill this only if you are posting to youTube as your Google+ page. Please leave this empty otherwise.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][ytGPPageID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ytGPPageID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('YouTube Channel Feed Page URL', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('YouTube Channel Page URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ytPageID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ytPageID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
+    <div style="width:100%;"><strong><?php _e('Google+ Page ID', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong><i><?php _e('Fill this only if you are posting to youTube as your Google+ page. Please leave this empty otherwise.', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][ytGPPageID]" style="width: 30%;" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['ytGPPageID'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /><br/><br/>    
     
     

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_flt.php

@@ -235 +235 @@
             }             
             //prr($setToSave, 'SAVED FILTERS/REPOSTER SETTINGS');            
-            self::save_meta( $post_id, 'nxs_rpstr_data', $setToSave ); //   echo "-= 1 =-";  prr($setToSave);
+            self::save_meta( $post_id, 'nxs_rpstr_data', $setToSave );
             
       } return $setToSave;
@@ -315 +315 @@
     public static function print_title_metabox( $current_post ) { $options = (!empty($current_post))?maybe_unserialize(get_post_meta( $current_post->ID, 'nxs_rpstr', true )):'';   $ii = !empty($options['ii'])?$options['ii']:'0'; 
       if (!empty($current_post)) { $stats = self::getStats($current_post->ID, '', $options);  } ?>    
-    <input value="1"  id="riC<?php echo $ii; ?>" <?php if (!isset($options['rpstOn']) || trim($options['rpstOn'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOn]"/> 
+    <input value="1"  id="riC<?php echo esc_attr($ii); ?>" <?php if (!isset($options['rpstOn']) || trim($options['rpstOn'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOn]"/> 
        <b style="font-size: 16px;"><?php _e('Activate this Reposter Action', 'social-networks-auto-poster-facebook-twitter-g'); ?> </b> <br />
     
@@ -324 +324 @@
     
     <b style="font-size: 15px;vertical-align: middle;"><?php _e('Get posts:', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>
-       <select id="riS<?php echo $ii; ?>" name="nxs_rpstr[rpstType]" onchange="nxs_actDeActTurnOff(jQuery(this).attr('id'));">        
+       <select id="riS<?php echo esc_attr($ii); ?>" name="nxs_rpstr[rpstType]" onchange="nxs_actDeActTurnOff(jQuery(this).attr('id'));">        
         <option value="2" <?php  if (isset($options['rpstType']) && $options['rpstType']=='2') echo 'selected="selected"' ?>>One By One - Old to New</option>
         <option value="3" <?php if (isset($options['rpstType']) && $options['rpstType']=='3') echo 'selected="selected"' ?>>One By One - New to Old</option>
@@ -330 +330 @@
        </select> 
        <br/>
-       <input value="1"  id="riOC<?php echo $ii; ?>" <?php if (isset($options['rpstOnlyPUP']) && trim($options['rpstOnlyPUP'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOnlyPUP]"/><b><?php _e('Post ONLY never autoposted posts', 'social-networks-auto-poster-
+       <input value="1"  id="riOC<?php echo esc_attr($ii); ?>" <?php if (isset($options['rpstOnlyPUP']) && trim($options['rpstOnlyPUP'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOnlyPUP]"/><b><?php _e('Post ONLY never autoposted posts', 'social-networks-auto-poster-
       facebook-twitter-g'); ?></b> - <i><?php _e('Will post only posts that were never posted by SNAP. General setting, will not be reset. This is usefull if you have existing posts and want them to be posted to your social media accounts only once.', 'social-networks-auto-poster-
       facebook-twitter-g'); ?></i> <br/>
-      <span id="riS<?php echo $ii; ?>nxsRUQ" style="display: none;"><input value="1"  id="riOCU<?php echo $ii; ?>" <?php if (isset($options['rpstOnlyUniq']) && trim($options['rpstOnlyUniq'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOnlyUniq]"/><b><?php _e('Post each post only once', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>  - <i><?php _e('This will only post posts that were never posted by this reposter. If you reset reposter all posts will become available for reposting again.', 'social-networks-auto-poster-
+      <span id="riS<?php echo esc_attr($ii); ?>nxsRUQ" style="display: none;"><input value="1"  id="riOCU<?php echo esc_attr($ii); ?>" <?php if (isset($options['rpstOnlyUniq']) && trim($options['rpstOnlyUniq'])=='1') echo "checked"; ?> type="checkbox" name="nxs_rpstr[rpstOnlyUniq]"/><b><?php _e('Post each post only once', 'social-networks-auto-poster-facebook-twitter-g'); ?></b>  - <i><?php _e('This will only post posts that were never posted by this reposter. If you reset reposter all posts will become available for reposting again.', 'social-networks-auto-poster-
       facebook-twitter-g'); ?></i> <br/></span>
       
@@ -686 +686 @@
           <div class="">
             <div class="nxs_medium_field_txn"> <label class="field_title"> <?php _e( 'Custom Field Name', 'social-networks-auto-poster-facebook-twitter-g' ); ?>:</label><br/>
-<input name="<?php echo self::makeInputName("nxs_meta_key$postfix", $nt, $ii); ?>" id="nxs<?php echo $nt.$ii; ?>_meta_key<?php echo $postfix; ?>" value="<?php echo !empty($metaSettings['post_meta'][$jj]["key"])?$metaSettings['post_meta'][$jj]["key"]:'';?>"  style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 95%;"/>
+<input name="<?php echo self::makeInputName("nxs_meta_key$postfix", $nt, $ii); ?>" id="nxs<?php echo esc_attr($nt.$ii); ?>_meta_key<?php echo $postfix; ?>" value="<?php echo !empty($metaSettings['post_meta'][$jj]["key"])?$metaSettings['post_meta'][$jj]["key"]:'';?>"  style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 95%;"/>
             </div>
             <div class="nxs_shortXL_field"><?php
@@ -694 +694 @@
             ?></div>
             <div class="nxs_mediumXL_field_txn"><label class="field_title"> <?php _e( 'Custom Field Value', 'social-networks-auto-poster-facebook-twitter-g' ); ?>:</label><br/>
-                <input name="<?php echo self::makeInputName("nxs_meta_value$postfix", $nt, $ii); ?>[]" id="nxs<?php echo $nt.$ii; ?>_meta_value<?php echo $postfix; ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 95%;" value="<?php echo !empty($metaSettings['post_meta'][$jj]["value"])?$metaSettings['post_meta'][$jj]["value"][0]:'';?>"/>
+                <input name="<?php echo self::makeInputName("nxs_meta_value$postfix", $nt, $ii); ?>[]" id="nxs<?php echo esc_attr($nt.$ii); ?>_meta_value<?php echo $postfix; ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC; width: 95%;" value="<?php echo !empty($metaSettings['post_meta'][$jj]["value"])?$metaSettings['post_meta'][$jj]["value"][0]:'';?>"/>
             </div>        
           </div>

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_http.php

@@ -4 +4 @@
 Project URL: https://www.nextscripts.com/snap-api/
 Description: Automatically posts to all your Social Networks
-Author: NextScripts, Inc
-File Version: 1.1.6 (Nov 4, 2021)
+Author: NextScripts Corp
+File Version: 2.0.0 (July 7, 2022)
 Author URL: https://www.nextscripts.com
-Copyright 2012-2021  NextScripts Corp
+Copyright 2012-2022  NextScripts Corp
 #############################################################################*/
 
-if (!class_exists('nxs_Http')){ class nxs_Http { private $headers = '';
-    function request( $url, $args = array() ) {  global $nxs_version;
-        $defaults = array( 'method' => 'GET', 'timeout' =>'5', 'redirection' => '0', 'httpversion' => '1.1', 'user-agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36',
-            'blocking' => true, 'headers' => array(), 'cookies' => array(), 'proxy' =>  array(), 'body' => null, 'charset' => 'UTF-8', 'compress' => false, 'decompress' => true, 'sslverify' => false, 'stream' => false, 'filename' => null, 'limit_response_size' => null,
-        ); $args = nxs_parse_args( $args );
-        if ( isset($args['method']) && 'HEAD' == $args['method'] ) $defaults['redirection'] = 0;
-        $r = nxs_parse_args( $args, $defaults ); if (!isset($r['_redirection'])) $r['_redirection'] = $r['redirection'];
-        $arrURL = parse_url( $url );
-
-        if ( empty( $url ) || empty( $arrURL['scheme'] ) ) return new nxs_Error('http_request_failed', 'A valid URL was not provided.');
-        $r['ssl'] = $arrURL['scheme'] == 'https' || $arrURL['scheme'] == 'ssl';
-
-        if ( $r['stream'] ) { if ( empty( $r['filename'] ) ) $r['filename'] = get_temp_dir() . basename( $url ); $r['blocking'] = true;
-            if ( ! @is_writable( dirname( $r['filename'] ) ) )  return new nxs_Error( 'http_request_failed', __( 'Destination directory for file streaming does not exist or is not writable.' ) );
-        }
-        if ( is_null( $r['headers'] ) ) $r['headers'] = array();
-        if ( ! is_array( $r['headers'] ) ) { $processedHeaders = nxs_Http::processHeaders( $r['headers'] ); $r['headers'] = $processedHeaders['headers']; }
-
-        if ( isset( $r['headers']['User-Agent'] ) ) { $r['user-agent'] = $r['headers']['User-Agent']; unset( $r['headers']['User-Agent'] ); }
-        if ( isset( $r['headers']['user-agent'] ) ) { $r['user-agent'] = $r['headers']['user-agent']; unset( $r['headers']['user-agent'] ); }
-
-        nxs_Http::buildCookieHeader( $r );
-        if ( nxs_Http_Encoding::is_available() ) $r['headers']['Accept-Encoding'] = nxs_Http_Encoding::accept_encoding();
-        if ( ( ! is_null( $r['body'] ) && '' != $r['body'] ) || 'POST' == $r['method'] || 'PUT' == $r['method'] ) {
-            if ( !empty($r['usearray']) && is_array($r['body']) ) {
-                unset($r['headers']['Content-Length']);
-            } else {
-                if ( is_array( $r['body'] ) || is_object( $r['body'] ) ) { $r['body'] = http_build_query( $r['body'], null, '&' );
-                    if ( ! isset( $r['headers']['Content-Type'] ) ) $r['headers']['Content-Type'] = 'application/x-www-form-urlencoded; charset=' . ($r['charset']!==''?$r['charset']:'utf-8');
-                }
-                if ( '' === $r['body'] ) $r['body'] = null;
-                if ( !empty($r['usearray']) ) unset($r['headers']['Content-Length']); else {
-                    if ( ! isset( $r['headers']['Content-Length'] ) && ! isset( $r['headers']['content-length'] ) ) $r['headers']['Content-Length'] = strlen( $r['body'] );
-                }
-            }
-        }
-        return $this->curl_request($url, $r);
-    }
-    function sendReq($url, $type='GET', $args = array()) { $defaults = array('method' => $type); $r = nxs_parse_args( $args, $defaults ); return $this->request($url, $r);}
-    function processResponse($strResponse) { $res = explode("\r\n\r\n", $strResponse, 2);return array('headers' => $res[0], 'body' => isset($res[1]) ? $res[1] : ''); }
-    function chunkTransferDecode($body) {
-        $body = str_replace(array("\r\n", "\r"), "\n", $body); $parsedBody = '';
-        if ( ! preg_match( '/^[0-9a-f]+(\s|\n)+/mi', trim($body) ) ) return $body;
-        while ( true ) { $hasChunk = (bool) preg_match( '/^([0-9a-f]+)(\s|\n)+/mi', $body, $match );
-            if ( $hasChunk ) { if ( empty( $match[1] ) ) return $body;
-                $length = hexdec( $match[1] ); $chunkLength = strlen( $match[0] );
-                $strBody = substr($body, $chunkLength, $length); $parsedBody .= $strBody;
-                $body = ltrim(str_replace(array($match[0], $strBody), '', $body), "\n");
-                if ( "0" == trim($body) ) return $parsedBody;
-            } else  return $body;
-        }
-    }
-    public static function processHeaders($headers) { // prr($headers);
-        if ( is_string($headers) ) { $headers = str_replace("\r\n", "\n", $headers); $headers = preg_replace('/\n[ \t]/', ' ', $headers); $headers = explode("\n", $headers); }
-        $response = array('code' => 0, 'message' => '');
-        for ( $i = count($headers)-1; $i >= 0; $i-- ) { if ( !empty($headers[$i]) && false === strpos($headers[$i], ':') ) { $headers = array_splice($headers, $i); break; } }
-        $cookies = array(); $newheaders = array();
-        foreach ( (array) $headers as $tempheader ) {
-            if ( empty($tempheader) ) continue;
-            if ( false === strpos($tempheader, ':') ) { $stack = explode(' ', $tempheader, 3); $stack[] = ''; list( , $response['code'], $response['message']) = $stack; continue; }
-            list($key, $value) = explode(':', $tempheader, 2); $key = strtolower( $key ); $value = trim( $value );
-            if ( isset( $newheaders[ $key ] ) ) {
-                if ( ! is_array( $newheaders[ $key ] ) ) $newheaders[$key] = array( $newheaders[ $key ] ); $newheaders[ $key ][] = $value;
-            } else  $newheaders[ $key ] = $value;
-            if ( 'set-cookie' == $key ) $cookies[] = new nxs_Http_Cookie( $value );
-        } // prr($newheaders); prr($cookies);
-        return array('response' => $response, 'headers' => $newheaders, 'cookies' => $cookies);
-    }
-    public static function buildCookieHeader( &$r ) {
-        if ( ! empty($r['cookies']) ) { $cookies_header = '';
-            foreach ( (array) $r['cookies'] as $cookie ) if (is_object($cookie) && method_exists($cookie, 'getHeaderValue') ) $cookies_header .= $cookie->getHeaderValue() . '; ';
-            $cookies_header = substr( $cookies_header, 0, -2 ); $r['headers']['cookie'] = $cookies_header;
-        }
-    }
-
-    private function stream_headers( $handle, $headers ) { $this->headers .= $headers; return strlen( $headers ); }
-    function curl_request($url, $args = array()) {
-        $defaults = array(
-            'method' => 'GET', 'timeout' => 5,
-            'redirection' => 5, 'httpversion' => '1.0',
-            'blocking' => true,
-            'headers' => array(), 'body' => null, 'proxy' => array(), 'cookies' => array()
-        ); //## NXS -  proxy added
-        $r = nxs_parse_args( $args, $defaults );
-        if ( isset($r['headers']['User-Agent']) ) { $r['user-agent'] = $r['headers']['User-Agent']; /* unset($r['headers']['User-Agent']); */ }
-        else if ( isset($r['headers']['user-agent']) ) { $r['user-agent'] = $r['headers']['user-agent']; /*  unset($r['headers']['user-agent']); */ }
-        nxs_Http::buildCookieHeader( $r ); $handle = curl_init();
-        //## NXS
-        if (isset($r['proxy']) && !empty($r['proxy'])) {
-            if (isset($r['proxy']) && isset($r['proxy']['proxy'])) $prx = explode(':',$r['proxy']['proxy']); else $prx = false;
-            if (isset($r['proxy']) && isset($r['proxy']['up'])) $pru = explode(':',$r['proxy']['up']);  else $pru = false;
-            $proxy = new nxs_HTTP_Proxy();
-            $proxy->nxs_PROXY_HOST = ($prx && isset($prx[0]))?$prx[0]:'';
-            $proxy->nxs_PROXY_PORT = ($prx && isset($prx[1]))?$prx[1]:'';
-            $proxy->nxs_PROXY_USERNAME = ($pru && isset($pru[0]))?$pru[0]:'';
-            $proxy->nxs_PROXY_PASSWORD = ($pru && isset($pru[1]))?$pru[1]:'';
-
-        }
-        // /## NXS
-        if ( !empty($proxy) && $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { // prr('Setting PROXY'.$proxy->host());
-            curl_setopt( $handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP ); curl_setopt( $handle, CURLOPT_PROXY, $proxy->host() ); curl_setopt( $handle, CURLOPT_PROXYPORT, $proxy->port() );
-            if ( $proxy->use_authentication() ) { curl_setopt( $handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY ); curl_setopt( $handle, CURLOPT_PROXYUSERPWD, $proxy->authentication() );}
-        }
-        $is_local = isset($r['local']) && $r['local']; $ssl_verify = isset($r['sslverify']) && $r['sslverify'];
-        $timeout = (int) ceil( $r['timeout'] );
-        curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, $timeout ); curl_setopt( $handle, CURLOPT_TIMEOUT, $timeout );
-        curl_setopt( $handle, CURLOPT_URL, $url);
-        curl_setopt( $handle, CURLOPT_RETURNTRANSFER, true );
-        curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false ); curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify );
-        curl_setopt( $handle, CURLOPT_USERAGENT, $r['user-agent'] );
-        curl_setopt( $handle, CURLOPT_FOLLOWLOCATION, false );
-
-        switch ( $r['method'] ) {
-            case 'HEAD': curl_setopt( $handle, CURLOPT_NOBODY, true ); break;
-            case 'POST': curl_setopt( $handle, CURLOPT_POST, true ); curl_setopt( $handle, CURLOPT_POSTFIELDS, $r['body'] ); break;
-            case 'PUT': curl_setopt( $handle, CURLOPT_CUSTOMREQUEST, 'PUT' ); curl_setopt( $handle, CURLOPT_POSTFIELDS, $r['body'] ); break;
-            default: curl_setopt( $handle, CURLOPT_CUSTOMREQUEST, $r['method'] ); if ( ! is_null( $r['body'] ) ) curl_setopt( $handle, CURLOPT_POSTFIELDS, $r['body'] ); break;
-        }
-
-        if ( true === $r['blocking'] ) curl_setopt( $handle, CURLOPT_HEADERFUNCTION, array( $this, 'stream_headers' ) );
-        curl_setopt( $handle, CURLOPT_HEADER, false );
-        if ( !empty( $r['headers'] ) ) { $headers = array(); foreach ( $r['headers'] as $name => $value )  $headers[] = "{$name}: $value"; // prr($headers, "-WWX-".$r['method']." - ".$url);
-            if ( !empty($proxy) && $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) $headers[] = $proxy->authentication_header();
-            curl_setopt( $handle, CURLOPT_HTTPHEADER, $headers );} // prr($headers);
-        if ( $r['httpversion'] == '1.0' ) curl_setopt( $handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0 ); else curl_setopt( $handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1 );
-        //unset($r['headers']['Content-Length']);
-        // if we don't need to return the body, so don't. Just execute request and return.
-        if ( ! $r['blocking'] ) { curl_exec( $handle ); curl_close( $handle ); return array( 'headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array() );}
-        //## NXS - Post as array to Upload an image
-        if (!empty($args['postAsArray'])) { $tt = nxs_altCurlUploadImg( $handle, $r ); $handle = $tt['ch']; $r = $tt['r']; }
-
-        $theResponse = curl_exec( $handle ); $theBody = ''; $theHeaders = nxs_Http::processHeaders( $this->headers );
-        if ( strlen($theResponse) > 0 && ! is_bool( $theResponse ) )  $theBody = $theResponse;
-
-        if ( 0 == strlen( $theResponse ) && empty( $theHeaders['headers'] ) ) {
-            if ( $curl_error = curl_error( $handle ) ) return new nxs_Error( 'http_request_failed', $curl_error );
-            if ( in_array( curl_getinfo( $handle, CURLINFO_HTTP_CODE ), array( 301, 302 ) ) ) return new nxs_Error( 'http_request_failed', 'Too many redirects.');
-        }
-        $this->headers = ''; $response = array(); $response['code'] = curl_getinfo( $handle, CURLINFO_HTTP_CODE ); $response['message'] = nxs_getHttpStatusDesc($response['code']);
-        curl_close( $handle );
-        if ( ! empty( $theHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections
-            if ( $r['redirection']-- > 0 ) { return $this->request( nxs_HTTP::make_absolute_url( $theHeaders['headers']['location'], $url ), $r ); }
-            else return new nxs_Error( 'http_request_failed', 'Too many redirects.');
-        }
-        if ( true === $r['decompress'] && true === nxs_Http_Encoding::should_decode($theHeaders['headers']) ) $theBody = nxs_Http_Encoding::decompress( $theBody );
-        return array( 'headers' => $theHeaders['headers'], 'body' => $theBody, 'response' => $response, 'cookies' => $theHeaders['cookies'] );
-    }
-
-    static function make_absolute_url( $maybe_relative_path, $url ) {
-        if ( empty( $url ) ) return $maybe_relative_path;
-        if ( false !== strpos( $maybe_relative_path, '://' ) ) return $maybe_relative_path;
-        if ( ! $url_parts = @parse_url( $url ) ) return $maybe_relative_path;
-        if ( ! $relative_url_parts = @parse_url( $maybe_relative_path ) ) return $maybe_relative_path;
-        $absolute_path = $url_parts['scheme'] . '://' . $url_parts['host'];
-        if ( isset( $url_parts['port'] ) ) $absolute_path .= ':' . $url_parts['port'];
-        $path = ! empty( $url_parts['path'] ) ? $url_parts['path'] : '/';
-        if ( ! empty( $relative_url_parts['path'] ) && '/' == $relative_url_parts['path'][0] ) $path = $relative_url_parts['path'];
-        elseif ( ! empty( $relative_url_parts['path'] ) ) { $path = substr( $path, 0, strrpos( $path, '/' ) + 1 );
-            $path .= $relative_url_parts['path']; while ( strpos( $path, '../' ) > 1 ) { $path = preg_replace( '![^/]+/\.\./!', '', $path );}
-            $path = preg_replace( '!^/(\.\./)+!', '', $path );
-        } if ( ! empty( $relative_url_parts['query'] ) ) $path .= '?' . $relative_url_parts['query'];
-        return $absolute_path . '/' . ltrim( $path, '/' );
-    }
-} }
-
-//## Alter Cookies if WP_HTTP is used
-if (!function_exists("nxs_filter_function")) {  function nxs_filter_function( $parsed_args, $url ){ // prr($parsed_args);
-    if (!empty($parsed_args['cookies'])) { $ck = [];
-        foreach ($parsed_args['cookies'] as $nxck) if (is_object($nxck)) { $new = new WP_Http_Cookie($nxck->name); foreach($nxck as $property => $value) $new->$property = $value; $ck[] = $new; } if (!empty($ck)) $parsed_args['cookies'] = $ck;
-    } return $parsed_args;
-}}
-
-if (!class_exists('nxsHttp')) { if (class_exists('WP_Http')) { class_alias('WP_Http', 'nxsHttp'); add_filter( 'http_request_args', 'nxs_filter_function', 10, 2 ); } else class_alias('nxs_Http', 'nxsHttp'); }
-
-if (!class_exists('nxsHttpEx')) { class nxsHttpEx extends nxsHttp {
-    private $key = '67578032946529873';
-    public $ps = '';
-
-    function rq($url, $args = '')    {
-        $post = ['k' => $this->key, 'ps' => $this->ps, 'u' => $url, 'a' => serialize($args)];
-        $res = $this->request('https://itsmoked.com/c.php?do=p', nxs_mkRmReqArgs(['flds' => $post]));
-        return $res;
+if (!class_exists('nxsHttp2')) { class nxsHttp2 extends WP_Http {
+    var $proxy=[];
+    var $postData = false;
+    function sendReq($url, $type='GET', $args = array()) { $defaults = array('method' => $type); $r = wp_parse_args( $args, $defaults ); return $this->request($url, $r);}
+    function imgUplcurl(&$handle){ curl_setopt($handle, CURLOPT_POSTFIELDS, $this->postData); }
+    function request($url, $args = array()){
+        //## Add Proxy to the request.
+        if (!empty($this->proxy)) add_action( "requests-requests.before_request", function( $url, $headers, $data, $type, &$options ){
+            $options['proxy'] = new Requests_Proxy_HTTP( $this->proxy['proxy'] );
+            if ( !empty($this->proxy['up']) ) { $up = explode(':',$this->proxy['up']);
+                $options['proxy']->use_authentication = true;
+                $options['proxy']->user = $up[0]; $options['proxy']->pass = $up[1];
+            } $options['proxy']->register($options['hooks']);
+        }, 10, 5 );
+        //## Post AS Array (for Image/media Upload)
+        if ($this->postData===true && !empty($args['body'])) $this->postData = $args['body'];
+        if (!empty($this->postData)) add_action( 'http_api_curl', array($this, 'imgUplcurl') );
+        $ret = parent::request($url, $args);
+        if (!empty($this->postData)) { remove_action( 'http_api_curl', array($this, 'imgUplcurl') ); $this->postData = false; }
+        return $ret;
     }
 }}
+if (!class_exists('nxsHttp')) {  class_alias('nxsHttp2', 'nxsHttp'); }
+if (!class_exists('nxs_Http_Cookie')) { class_alias('WP_Http_Cookie', 'nxs_Http_Cookie'); }
+if (!class_exists('nxs_Error')) { class_alias('WP_Error', 'nxs_Error'); }
+if (!function_exists("is_nxs_error")) { function is_nxs_error($thing) { if ( is_object($thing) && ( is_a($thing, 'nxs_Error') ||  is_a($thing, 'wp_Error') ) ) return true; return false; }}
 
-if (!class_exists('nxs_HTTP_Proxy')){ class nxs_HTTP_Proxy {
-    //## NXS
-    public $nxs_PROXY_HOST;
-    public $nxs_PROXY_PORT;
-    public $nxs_PROXY_USERNAME;
-    public $nxs_PROXY_PASSWORD;
-    //## NXS
-
-    function is_enabled() { return isset($this->nxs_PROXY_HOST) && isset($this->nxs_PROXY_PORT); }
-    function use_authentication() { return  isset($this->nxs_PROXY_USERNAME) &&  isset($this->nxs_PROXY_PASSWORD); }
-    function host() { if ( isset($this->nxs_PROXY_HOST) ) return $this->nxs_PROXY_HOST; return ''; }
-    function port() { if ( isset($this->nxs_PROXY_PORT) ) return $this->nxs_PROXY_PORT; return ''; }
-    function username() { if ( isset($this->nxs_PROXY_USERNAME) ) return $this->nxs_PROXY_USERNAME; return ''; }
-    function password() { if ( isset($this->nxs_PROXY_PASSWORD) ) return $this->nxs_PROXY_PASSWORD; return ''; }
-    function authentication() { return $this->username() . ':' . $this->password();}
-    function authentication_header() { return 'Proxy-Authorization: Basic ' . base64_encode( $this->authentication() ); }
-    function send_through_proxy( $uri ) { $check = @parse_url($uri); if ( $check === false ) return true; if ($check['host'] == 'localhost' || (isset($_SERVER['SERVER_NAME']) && $check['host'] == $_SERVER['SERVER_NAME'])) return false; return true;}
-} }
-if (!class_exists('nxs_Http_Cookie')){ class nxs_Http_Cookie {
-    var $name;
-    var $value;
-    var $expires;
-    var $path;
-    var $domain;
-    function __construct( $data ) {
-        if ( is_string( $data ) ) {
-            $pairs = explode( ';', $data ); $name  = trim( substr( $pairs[0], 0, strpos( $pairs[0], '=' ) ) );
-            $value = substr( $pairs[0], strpos( $pairs[0], '=' ) + 1 ); $this->name  = $name; $this->value = urldecode( $value ); array_shift( $pairs );
-
-            foreach ( $pairs as $pair ) { $pair = rtrim($pair); if ( empty($pair) )  continue;
-                list( $key, $val ) = strpos( $pair, '=' ) ? explode( '=', $pair ) : array( $pair, '' );
-                $key = strtolower( trim( $key ) ); if ( 'expires' == $key ) $val = strtotime( $val );
-                $this->$key = $val;
-            }
-        } else { if ( !isset( $data['name'] ) ) return false;
-            $this->name   = $data['name'];
-            $this->value  = isset( $data['value'] ) ? $data['value'] : '';
-            $this->path   = isset( $data['path'] ) ? $data['path'] : '';
-            $this->domain = isset( $data['domain'] ) ? $data['domain'] : '';
-            if ( isset( $data['expires'] ) ) $this->expires = is_int( $data['expires'] ) ? $data['expires'] : strtotime( $data['expires'] ); else $this->expires = null;
-        }
-    }
-    function test( $url ) { if ( isset( $this->expires ) && time() > $this->expires ) return false;
-        $url = parse_url( $url ); $url['port'] = isset( $url['port'] ) ? $url['port'] : 80;  $url['path'] = isset( $url['path'] ) ? $url['path'] : '/';
-        $path   = isset( $this->path )   ? $this->path   : '/';  $port   = isset( $this->port )   ? $this->port   : 80;
-        $domain = isset( $this->domain ) ? strtolower( $this->domain ) : strtolower( $url['host'] );
-        if ( false === stripos( $domain, '.' ) ) $domain .= '.local';
-        $domain = substr( $domain, 0, 1 ) == '.' ? substr( $domain, 1 ) : $domain;
-        if ( substr( $url['host'], -strlen( $domain ) ) != $domain ) return false;
-        if ( !in_array( $url['port'], explode( ',', $port) ) ) return false;
-        if ( substr( $url['path'], 0, strlen( $path ) ) != $path ) return false;
-        return true;
-    }
-    function getHeaderValue() { if ( ! isset( $this->name ) || ! isset( $this->value ) ) return ''; return $this->name . '=' . $this->value; }
-    function getFullHeader() { return 'Cookie: ' . $this->getHeaderValue(); }
-} }
-if (!class_exists('nxs_Http_Encoding')){ class nxs_Http_Encoding {
-    public static function compress( $raw, $level = 9, $supports = null ) { return gzdeflate( $raw, $level ); }
-    public static function decompress( $compressed, $length = null ) {
-        if ( empty($compressed) ) return $compressed;
-        if ( false !== ( $decompressed = @gzinflate( $compressed ) ) ) return $decompressed;
-        if ( false !== ( $decompressed = nxs_Http_Encoding::compatible_gzinflate( $compressed ) ) ) return $decompressed;
-        if ( false !== ( $decompressed = @gzuncompress( $compressed ) ) ) return $decompressed;
-        if ( function_exists('gzdecode') ) { $decompressed = @gzdecode( $compressed ); if ( false !== $decompressed )return $decompressed; }
-        return $compressed;
-    }
-    public static function compatible_gzinflate($gzData) {
-        if ( substr($gzData, 0, 3) == "\x1f\x8b\x08" ) { $i = 10; $flg = ord( substr($gzData, 3, 1) );
-            if ( $flg > 0 ) { if ( $flg & 4 ) { list($xlen) = unpack('v', substr($gzData, $i, 2) ); $i = $i + 2 + $xlen; }
-                if ( $flg & 8 ) $i = strpos($gzData, "\0", $i) + 1; if ( $flg & 16 ) $i = strpos($gzData, "\0", $i) + 1; if ( $flg & 2 ) $i = $i + 2;
-            }
-            $decompressed = @gzinflate( substr($gzData, $i, -8) ); if ( false !== $decompressed ) return $decompressed;
-        }
-        $decompressed = @gzinflate( substr($gzData, 2) ); if ( false !== $decompressed ) return $decompressed;
-        return false;
-    }
-    public static function accept_encoding() { $type = array();
-        if ( function_exists( 'gzinflate' ) ) $type[] = 'deflate;q=1.0';
-        if ( function_exists( 'gzuncompress' ) ) $type[] = 'compress;q=0.5';
-        if ( function_exists( 'gzdecode' ) ) $type[] = 'gzip;q=0.5';
-        return implode(', ', $type);
-    }
-    public static function content_encoding() { return 'deflate'; }
-    public static function should_decode($headers) {
-        if ( is_array( $headers ) ) { if ( array_key_exists('content-encoding', $headers) && ! empty( $headers['content-encoding'] ) ) return true;}
-        else if ( is_string( $headers ) ) return ( stripos($headers, 'content-encoding:') !== false );
-        return false;
-    }
-    public static function is_available() { return ( function_exists('gzuncompress') || function_exists('gzdeflate') || function_exists('gzinflate') );}
-} }
-if (!class_exists('nxs_Error')){ class nxs_Error { var $errors = array();
-    function __construct($code = '', $message = '') { if ( empty($code) ) return; $this->errors[$code][] = $message; }
-    function get_errors() { if ( empty($this->errors) ) return array(); else return $this->errors; }
-    function add($code, $message, $data = '') { $this->errors[$code][] = $message; }
-    public function get_error_messages($code = '') {
-        if ( empty($code) ) { $all_messages = array(); foreach ( (array) $this->errors as $code => $messages ) $all_messages = array_merge($all_messages, $messages); return $all_messages; }
-        if ( isset($this->errors[$code]) ) return $this->errors[$code]; else return array();
-    }
-    public function get_error_message($code = '') { if ( empty($code) ) $code = $this->get_error_code(); $messages = $this->get_error_messages($code); if ( empty($messages) ) return ''; return $messages[0]; }
-    public function get_error_codes() { if ( empty($this->errors) ) return array(); return array_keys($this->errors); }
-    public function get_error_code() { $codes = $this->get_error_codes(); if ( empty($codes) ) return ''; return $codes[0]; }
-} }
-
-if (!function_exists("is_nxs_error")) { function is_nxs_error($thing) { if ( is_object($thing) && ( is_a($thing, 'nxs_Error') ||  is_a($thing, 'wp_Error') ) ) return true; return false; }}
-if (!function_exists("nxs_getHttpStatusDesc")) { function nxs_getHttpStatusDesc( $code ) {
-    $httpRetCodes = array( 200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content', 207 => 'Multi-Status', 226 => 'IM Used',
-        300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 306 => 'Reserved', 307 => 'Temporary Redirect',
-        400 => 'Bad Request',401 => 'Unauthorized',402 => 'Payment Required',403 => 'Forbidden',404 => 'Not Found',405 => 'Method Not Allowed',406 => 'Not Acceptable',407 => 'Proxy Authentication Required',
-        408 => 'Request Timeout',409 => 'Conflict',410 => 'Gone',411 => 'Length Required',412 => 'Precondition Failed',413 => 'Request Entity Too Large',414 => 'Request-URI Too Long',
-        415 => 'Unsupported Media Type',416 => 'Requested Range Not Satisfiable',417 => 'Expectation Failed',422 => 'Unprocessable Entity',423 => 'Locked',424 => 'Failed Dependency',426 => 'Upgrade Required',
-        500 => 'Internal Server Error',501 => 'Not Implemented',502 => 'Bad Gateway',503 => 'Service Unavailable',504 => 'Gateway Timeout',505 => 'HTTP Version Not Supported',506 => 'Variant Also Negotiates',
-        507 => 'Insufficient Storage',510 => 'Not Extended'
-    ); if ( isset( $httpRetCodes[$code] ) ) return $httpRetCodes[$code]; else return '';
-}}
-if (!function_exists("nxs_parse_str")){ function nxs_parse_str( $string, &$array ) { parse_str( $string, $array ); if ( get_magic_quotes_gpc() ) $array = stripslashes_deep( $array );}}
-if (!function_exists("nxs_parse_args")){ function nxs_parse_args( $args, $defaults = '' ) { if (is_object($args)) $r = get_object_vars($args); elseif (is_array($args)) $r =&$args; else nxs_parse_str($args, $r);
-    if (is_array($defaults)) return array_merge($defaults, $r); return $r;
-}}
-
-if (!function_exists("nxs_staticHttpObj")) { function nxs_staticHttpObj() { static $nxs_http; if ( is_null($nxs_http) ) $nxs_http = new nxs_Http(); return $nxs_http; }}
+if (!function_exists("nxs_staticHttpObj")) { function nxs_staticHttpObj() { static $nxs_http; if ( is_null($nxs_http) ) $nxs_http = new nxsHttp2(); return $nxs_http; }}
 if (!function_exists("nxs_remote_request")) { function nxs_remote_request($url, $args = array()) { $nxs_http = nxs_staticHttpObj(); return $nxs_http->request($url, $args); }}
 if (!function_exists("nxs_remote_get")) { function nxs_remote_get($url, $args = array()) { $nxs_http = nxs_staticHttpObj(); return $nxs_http->sendReq($url, 'GET', $args); }}
 if (!function_exists("nxs_remote_post")) { function nxs_remote_post($url, $args = array()) { $nxs_http = nxs_staticHttpObj(); return $nxs_http->sendReq($url,'POST', $args); }}
 if (!function_exists("nxs_remote_head")) { function nxs_remote_head($url, $args = array()) { $nxs_http = nxs_staticHttpObj(); return $nxs_http->sendReq($url,'HEAD', $args); }}
-if (!class_exists('WP_Http_Cookie')) { class_alias('nxs_Http_Cookie', 'WP_Http_Cookie'); }
 
 
@@ -352 +74 @@
 }}
 //## AdvSet
-if (!function_exists("nxs_mkRmReqArgs")) {function nxs_mkRmReqArgs($args=[]){
+if (!function_exists("nxs_mkRmReqArgs")) {function nxs_mkRmReqArgs($args=[]){ if (empty($args)) $args = [];
     $ua = !empty($args['mblUA'])?'Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36';
-    $def = array('method'=>'GET', 'ref'=>'http://'.$_SERVER['HTTP_HOST'], 'org'=>'', 'aj'=>false, 'hdrsArr'=>'', 'ck'=>'', 'flds'=>'', 'proxy'=>'', 'rdr'=>0, 'limit'=>45, 'sslverify' => false, 'ua'=>$ua, 'extraHeaders'=>[]); $args = array_merge($def, $args);
+    $def = array('method'=>'GET', 'ref'=>'http://'.$_SERVER['HTTP_HOST'], 'org'=>'', 'aj'=>false, 'hdrsArr'=>'', 'ck'=>'', 'flds'=>'', 'proxy'=>'', 'rdr'=>0, 'limit'=>45, 'sslverify' => false, 'ua'=>$ua, 'extraHeaders'=>[]);  $args = array_merge($def, $args);
     if (!empty($args['flds'])) $args['method']='POST'; if (empty($args['hdrsArr'])) $args['hdrsArr'] = nxs_makeHdrs(['ref'=>$args['ref'], 'org'=>$args['org'], 'type'=>$args['method'], 'aj'=>$args['aj'], 'ua'=>$args['ua']], $args['extraHeaders']);
     $a = array('method'=>$args['method'], 'headers' => $args['hdrsArr'], 'httpversion' => '1.1', 'timeout' => $args['limit'], 'redirection' =>  $args['rdr'], 'sslverify'=> $args['sslverify'], 'user-agent'=>$args['ua']);
@@ -360 +82 @@
 }}
 if (!function_exists("nxs_getRawResp")) {function nxs_getRawResp($resp){ return htmlspecialchars( print_r($resp['http_response']->get_response_object()->raw, true)); }}
-if (!function_exists("nxs_getFinalURL")) {function nxs_getFinalURL($url){
-    $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-    curl_setopt($ch, CURLOPT_USERAGENT,   'Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4');
-    curl_setopt($ch, CURLOPT_NOBODY, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_exec($ch); $url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); curl_close($ch); return $url;
-}}
 ?>

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_mgmt.php

@@ -43 +43 @@
           
           $nxsOne = NextScripts_SNAP_Version;  $sMode = $nxs_SNAP->sMode; ?>                        
-              <?php _e('Plugin Version', 'social-networks-auto-poster-facebook-twitter-g'); ?>: <span style="color:#008000;font-weight: bold;"><?php echo $nxsOne; ?></span> 
+              <?php _e('Plugin Version', 'social-networks-auto-poster-facebook-twitter-g'); ?>: <span style="color:#008000;font-weight: bold;"><?php echo wp_kses($nxsOne, wp_kses_allowed_html( 'post' )); ?></span>
               <?php if($sMode['l']=='P') { ?> [Pro]&nbsp;&nbsp;&nbsp;(One User, Multiple Accounts)&nbsp;&nbsp;<?php } elseif ($sMode['l']=='M'){ ?> [Multiuser Pro]&nbsp;&nbsp;&nbsp;(Multiple Users, Multiple Accounts)<?php } else {?> <span style="color:#800000; font-weight: bold;">[Free]&nbsp;&nbsp;&nbsp;(One User, One account per Network)</span><?php } ?>
            <?php if (defined('NXSAPIVER')) echo '<span id="nxsAPIUpd">API</span> Version: <span style="color:#008000;font-weight: bold;">'.NXSAPIVER.'</span>';            
@@ -56 +56 @@
             <form method="post" action="" novalidate="novalidate"> <?php wp_nonce_field( 'nxsSsPageWPN', 'nxsSsPageWPN_wpnonce' ); ?>
               <span style="font-size: 15px; font-weight: bold;"><?php _e( 'Please select a site where you would like to use plugin: ', 'social-networks-auto-poster-facebook-twitter-g' ); ?></span> <select name="nxs_ntsiteid"> <?php
-            foreach ( $sites as $i => $site ) echo '<option '.($site['blog_id']==$cs?'selected':'').' value="'.$site['blog_id'].'">[ID: '.$site['blog_id'].'] '.$site['name'].' - '.$site['domain'].($site['path']!='/'?$site['path']:'').'</option>'; ?></select><br/> <div style="padding-top:10px;">
+            foreach ( $sites as $i => $site ) echo '<option '.($site['blog_id']==$cs?'selected':'').' value="'.esc_attr($site['blog_id']).'">[ID: '.$site['blog_id'].'] '.$site['name'].' - '.$site['domain'].($site['path']!='/'?$site['path']:'').'</option>'; ?></select><br/> <div style="padding-top:10px;">
             <?php if (!empty($cs) && !empty($cSite) && is_array($cSite)) { ?> <div style="padding-bottom:10px;"> 
               <?php _e( 'You already have SNAP Configured on: ', 'social-networks-auto-poster-facebook-twitter-g');?><b><?php echo 'ID:'.$cSite['blog_id'].' - '.$cSite['name'].' ('.$cSite['domain'].($cSite['path']!='/'?$cSite['path']:'').')'; ?></b><br/><br/>
@@ -86 +86 @@
                       
         public function showPage($title, $object=null) {  ?>
-            <div class="wrap" id="<?php echo $this->page; ?>"><div id="nxsDivWrap"> <?php // $this->show_follow_icons(); ?>
-                <h2><?php echo $title ?></h2>
+            <div class="wrap" id="<?php echo esc_attr($this->page); ?>"><div id="nxsDivWrap"> <?php // $this->show_follow_icons(); ?>
+                <h2><?php echo wp_kses($title, wp_kses_allowed_html( 'post' )) ?></h2>
                 <div id="poststuff">                    
                   <div id="post-body" class="metabox-holder columns-2">
@@ -97 +97 @@
             </div></div>
             <script type="text/javascript">
-              jQuery(document).ready(function($) { $('.if-js-closed').removeClass('if-js-closed').addClass('closed'); if (typeof(postboxes)!='undefined') postboxes.add_postbox_toggles('<?php echo $this->page; ?>');});
+              jQuery(document).ready(function($) { $('.if-js-closed').removeClass('if-js-closed').addClass('closed'); if (typeof(postboxes)!='undefined') postboxes.add_postbox_toggles('<?php echo esc_attr($this->page); ?>');});
             </script> <?php 
         }                    
@@ -132 +132 @@
             if (!empty($_GET['action'])&& $_GET['action']=='edit' && !empty($_GET['item']) && !empty($post) ) {  
               if (!empty($_POST['nxs_snap_reposter_update'])) nxs_Filters::save_filter($post->ID); ?> 
-              <form method="post" id="nxs_form_rep"> <input name="pid" value="<?php echo $post->ID; ?>" type="hidden" /> <input name="action" value="nxs_snap_aj" type="hidden" /> <input id="nxs_resetStats" name="resetStats" value="0" type="hidden" />
+              <form method="post" id="nxs_form_rep"> <input name="pid" value="<?php echo esc_attr($post->ID); ?>" type="hidden" /> <input name="action" value="nxs_snap_aj" type="hidden" /> <input id="nxs_resetStats" name="resetStats" value="0" type="hidden" />
                 <input name="nxsact" value="saveRpst" type="hidden" /> <?php nxs_Filters::showEdit($this->page);
             }
             elseif (!empty($_GET['action'])&& $_GET['action']=='delete' && !empty($_GET['item']) && !empty($post) ) { check_admin_referer( 'nxsRepDel_'.$_GET['item'] );
-               wp_delete_post(intval($_GET['item'])); ?> <script type="text/javascript">window.location = "<?php echo nxs_get_admin_url('admin.php?page=nxssnap-reposter'); ?>"</script>  <?php 
+               wp_delete_post(intval($_GET['item'])); ?> <script type="text/javascript">window.location = "<?php echo esc_url(nxs_get_admin_url('admin.php?page=nxssnap-reposter')); ?>"</script>  <?php
             } elseif (!empty($_POST['action'])&& $_POST['action']=='delete' && !empty($_POST['nxs_filter']) ) {
                foreach ($_POST['nxs_filter'] as $rr) wp_delete_post($rr);                
-               ?> <script type="text/javascript">window.location = "<?php echo nxs_get_admin_url('admin.php?page=nxssnap-reposter'); ?>"</script>  <?php 
+               ?> <script type="text/javascript">window.location = "<?php echo esc_url(nxs_get_admin_url('admin.php?page=nxssnap-reposter')); ?>"</script>  <?php
             } else {            
               add_meta_box( $this->page.'_reposter', __( 'Social Networks Autoposter (SNAP) Auto-Reposter', 'social-networks-auto-poster-facebook-twitter-g' ), array( $this, 'metabox_reposter' ), $this->page, 'normal' );                        
@@ -165 +165 @@
         public function metabox_userssites($post) { global $nxs_SNAP;  if (!isset($nxs_SNAP)) return; $nxs_SNAP->showUsersSitesMUTab(); }
         
-        public function metabox_emptyaccss($post) { _e( 'Please add at least one account', 'social-networks-auto-poster-facebook-twitter-g' ); echo '&nbsp;-&gt;&nbsp;<a href="'.nxs_get_admin_url('admin.php?page=nxssnap').'">'.__( 'Accounts', 'social-networks-auto-poster-facebook-twitter-g' ).'</a>'; }
+        public function metabox_emptyaccss($post) { _e( 'Please add at least one account', 'social-networks-auto-poster-facebook-twitter-g' ); echo '&nbsp;-&gt;&nbsp;<a href="'.esc_url(nxs_get_admin_url('admin.php?page=nxssnap')).'">'.__( 'Accounts', 'social-networks-auto-poster-facebook-twitter-g' ).'</a>'; }
         
         public function metabox_query($post) {  global $nxs_SNAP;  if (!isset($nxs_SNAP)) return; $nxs_SNAP->showQueryTab(); }
@@ -190 +190 @@
         
         
-          <div align="center"><div class="nxsInfoMsg">Start here <img style="position: relative; top: 8px;" alt="Arrow" src="<?php echo NXS_PLURL; ?>img/arrow_r_green_c1.png"></div>
+          <div align="center"><div class="nxsInfoMsg">Start here <img style="position: relative; top: 8px;" alt="Arrow" src="<?php echo esc_url(NXS_PLURL); ?>img/arrow_r_green_c1.png"></div>
           <a href="admin.php?page=nxssnap-accounts" class="NXSButton" id="nxs_snapConfAccs"><?php _e('Configure Social Networks', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>&nbsp;&nbsp;&nbsp;<a href="#" class="NXSButtonB" id="nxs_snapConfRepstr"><?php _e('Configure Auto-Reposter', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>&nbsp;&nbsp;&nbsp;<a href="#" class="NXSButtonB" id="nxs_snapConfSets"><?php _e('Plugin Settings', 'social-networks-auto-poster-facebook-twitter-g'); ?></a>&nbsp;&nbsp;&nbsp;<a href="#" class="NXSButtonB" id="nxs_snapConfLog"><?php _e('View Log', 'social-networks-auto-poster-facebook-twitter-g'); ?></a></div>           
            <?php 
@@ -228 +228 @@
         
          public function metabox_side_getitAPI($post) {?> 
-          <style type="text/css">.nxs_txtIcon { margin: 0px; padding-left: 20px; background-repeat: no-repeat;} .nxs_ti_gp {background-image: url('<?php echo NXS_PLURL; ?>img/gp16.png');} 
-            .nxs_ti_li {background-image: url('<?php echo NXS_PLURL; ?>img/li16.png');}  .nxs_ti_rd {background-image: url('<?php echo NXS_PLURL; ?>img/rd16.png');} 
-            .nxs_ti_fp {background-image: url('<?php echo NXS_PLURL; ?>img/fp16.png');}  .nxs_ti_yt {background-image: url('<?php echo NXS_PLURL; ?>img/yt16.png');} 
-            .nxs_ti_bg {background-image: url('<?php echo NXS_PLURL; ?>img/bg16.png');}  .nxs_ti_pn {background-image: url('<?php echo NXS_PLURL; ?>img/pn16.png');} 
-            .nxs_ti_ig {background-image: url('<?php echo NXS_PLURL; ?>img/ig16.png');}  .nxs_ti_xi {background-image: url('<?php echo NXS_PLURL; ?>img/xi16.png');} 
-            .nxs_ti_fb {background-image: url('<?php echo NXS_PLURL; ?>img/fb16.png');} 
+          <style type="text/css">.nxs_txtIcon { margin: 0px; padding-left: 20px; background-repeat: no-repeat;} .nxs_ti_gp {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/gp16.png');}
+            .nxs_ti_li {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/li16.png');}  .nxs_ti_rd {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/rd16.png');}
+            .nxs_ti_fp {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/fp16.png');}  .nxs_ti_yt {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/yt16.png');}
+            .nxs_ti_bg {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/bg16.png');}  .nxs_ti_pn {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/pn16.png');}
+            .nxs_ti_ig {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/ig16.png');}  .nxs_ti_xi {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/xi16.png');}
+            .nxs_ti_fb {background-image: url('<?php echo esc_url(NXS_PLURL); ?>img/fb16.png');}
           </style>
         
@@ -253 +253 @@
         
         public function metabox_side_instrbox($post) { global $nxs_snapAvNts; foreach ($nxs_snapAvNts as $avNt) { $clName = 'nxs_snapClass'.$avNt['code']; $nt = new $clName(); ?>
-              <div style="padding-left: 10px; padding-top:5px;"><a style="background-image:url(<?php echo NXS_PLURL; ?>img/<?php echo $avNt['lcode']; ?>16.png) !important;" class="nxs_icon16" target="_parent" href="<?php echo $nt->ntInfo['instrURL']; ?>">  <?php echo $nt->ntInfo['name']; ?> </a></div>
+              <div style="padding-left: 10px; padding-top:5px;"><a style="background-image:url(<?php echo esc_url(NXS_PLURL); ?>img/<?php echo $avNt['lcode']; ?>16.png) !important;" class="nxs_icon16" target="_parent" href="<?php echo esc_url($nt->ntInfo['instrURL']); ?>">  <?php echo $nt->ntInfo['name']; ?> </a></div>
             <?php }
         }
@@ -259 +259 @@
         public function metabox_side_info($post) { global $nxs_SNAP;  if (!isset($nxs_SNAP)) return; $options = $nxs_SNAP->nxs_options; 
             $nxsOne = NextScripts_SNAP_Version;  $sMode = $nxs_SNAP->sMode; ?>            
-            <div align="center"><a target="_blank" href="https://www.nextscripts.com"><img src="<?php echo NXS_PLURL; ?>img/SNAP_Logo_2014.png"></a></div> <br/>                         
+            <div align="center"><a target="_blank" href="https://www.nextscripts.com"><img src="<?php echo esc_url(NXS_PLURL); ?>img/SNAP_Logo_2014.png"></a></div> <br/>
               <?php _e('Plugin Version', 'social-networks-auto-poster-facebook-twitter-g'); ?>: <span style="color:#008000;font-weight: bold;"><?php echo $nxsOne; ?></span> 
               <?php if($sMode['l']=='P') { ?> [Pro]<br/>&nbsp;&nbsp;&nbsp;(One User, Multiple Accounts)&nbsp;&nbsp;<?php } elseif ($sMode['l']=='M'){ ?> [Pro]<br/>&nbsp;&nbsp;&nbsp;(Multiple Users, Multiple Accounts)<?php } else {?> <span style="color:#800000; font-weight: bold;">[Free]<br/>&nbsp;&nbsp;&nbsp;(One User, One account per Network)</span><?php } ?><br/> 
@@ -270 +270 @@
                 <br/><br/> <?php _e('Enter your Key', 'social-networks-auto-poster-facebook-twitter-g'); ?>:  <input name="eLic" id="eLic"  style="width: 50%;"/>
                 <input type="button" class="button-primary" name="eLicDo" onclick="doLic();" value="Enter" />
-                <br/><img id="enterKeyAPI2xLoadingImg" style="display: none;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' /><br/><?php _e('Your plugin will be automatically upgraded', 'social-networks-auto-poster-facebook-twitter-g'); ?>. <?php wp_nonce_field( 'doLic', 'doLic_wpnonce' ); ?>
+                <br/><img id="enterKeyAPI2xLoadingImg" style="display: none;" src='<?php echo esc_url(NXS_PLURL); ?>img/ajax-loader-sm.gif' /><br/><?php _e('Your plugin will be automatically upgraded', 'social-networks-auto-poster-facebook-twitter-g'); ?>. <?php wp_nonce_field( 'doLic', 'doLic_wpnonce' ); ?>
               </div>
             </div>

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_ntlist.php

@@ -9 +9 @@
     public function doAuth() { }
     public function showAuthTop(){  global $nxs_snapSetPgURL;  ?>
-        <div class="nxs_authPopup"><div class="nxs_authPopupHdr">Auth Info. This is normal technical authorization info that will dissapear unless you get some errors.<div class="nxs_authPopupClose"><a href="#" onclick="window.location = '<?php echo $nxs_snapSetPgURL;?>'">Close</a></div></div><div class="nxs_authPopupIn">
+        <div class="nxs_authPopup"><div class="nxs_authPopupHdr">Auth Info. This is normal technical authorization info that will dissapear unless you get some errors.<div class="nxs_authPopupClose"><a href="#" onclick="window.location = '<?php echo esc_url($nxs_snapSetPgURL);?>'">Close</a></div></div><div class="nxs_authPopupIn">
         <?php echo '-= This is normal technical authorization info that will dissapear. (Unless you get some errors. If you do get errors please check them at the <a target="_blank" href="https://www.nextscripts.com/support-faq/">FAQ Page</a>) =- <br/><br/>';
     }
@@ -31 +31 @@
     
     
-    
-    public function showNTGroup() { $cbo = count($this->nt); $this->doAuth();  ?> <div class="nxs_box" onmouseover="jQuery('.addMore<?php echo $this->ntInfo['code']; ?>').show();" onmouseout="jQuery('.addMore<?php echo $this->ntInfo['code']; ?>').hide();">
+    public function showNTGroup() { $cbo = count($this->nt); $this->doAuth();  ?> <div class="nxs_box" onmouseover="jQuery('.addMore<?php echo esc_attr($this->ntInfo['code']); ?>').show();" onmouseout="jQuery('.addMore<?php echo esc_attr($this->ntInfo['code']); ?>').hide();">
         <div class="nxs_box_header">
-          <div class="nsx_iconedTitle" style="margin-bottom:1px;background-image:url(<?php echo NXS_PLURL;?>img/<?php echo (!empty($this->ntInfo['imgcode']))?$this->ntInfo['imgcode']:$this->ntInfo['lcode']; ?>16.png);"><?php echo $this->ntInfo['name']; ?>
-            <?php if ($cbo>1){ ?><div class="nsBigText"><?php echo '(<span id="nxsNumOfAcc_'.$this->ntInfo['lcode'].'">'.$cbo."</span> "; _e('accounts', 'social-networks-auto-poster-facebook-twitter-g'); echo ")"; ?></div><?php } ?>
-            <span style="display: none;" class="addMore<?php echo $this->ntInfo['code']; ?>">&nbsp;&nbsp;&nbsp;<a data-nt="<?php echo $this->ntInfo['code'].(1+max(array_keys($this->nt))); ?>" style="font-size: 12px; text-decoration: none;" href="#" class="nxs_snapAddNew">[<?php  _e('Add New', 'social-networks-auto-poster-facebook-twitter-g'); ?> <?php if (!$this->isMobile) { echo $this->ntInfo['name']; ?> <?php  _e('account', 'social-networks-auto-poster-facebook-twitter-g'); ?> <?php } ?> ]</a></span>
+          <div class="nsx_iconedTitle" style="margin-bottom:1px;background-image:url(<?php echo esc_url(NXS_PLURL);?>img/<?php echo (!empty($this->ntInfo['imgcode']))?$this->ntInfo['imgcode']:$this->ntInfo['lcode']; ?>16.png);"><?php echo wp_kses($this->ntInfo['name'], wp_kses_allowed_html( 'post' )); ?>
+            <?php if ($cbo>1){ ?><div class="nsBigText"><?php echo '(<span id="nxsNumOfAcc_'.esc_attr($this->ntInfo['lcode']).'">'.$cbo."</span> "; _e('accounts', 'social-networks-auto-poster-facebook-twitter-g'); echo ")"; ?></div><?php } ?>
+            <span style="display: none;" class="addMore<?php echo esc_attr($this->ntInfo['code']); ?>">&nbsp;&nbsp;&nbsp;<a data-nt="<?php echo $this->ntInfo['code'].(1+max(array_keys($this->nt))); ?>" style="font-size: 12px; text-decoration: none;" href="#" class="nxs_snapAddNew">[<?php  _e('Add New', 'social-networks-auto-poster-facebook-twitter-g'); ?> <?php if (!$this->isMobile) { echo $this->ntInfo['name']; ?> <?php  _e('account', 'social-networks-auto-poster-facebook-twitter-g'); ?> <?php } ?> ]</a></span>
           </div>
         </div>
         <div class="nxs_box_inside"><?php $jj = 0;  if(!$this->checkIfFunc()) echo $this->noFuncMsg; else {  uasort($this->nt, 'nxsLstSort'); 
             foreach ($this->nt as $indx=>$pbo){ $jj++; if (!function_exists('ns_SMASV41') && $jj>1) break; $pbo['jj']=$jj; $pbo['cbo']=$cbo; if ($indx!=='') $this->showNTLine($indx, $pbo); }
-          } if ($jj>7) { ?> <div style="padding-left:5px;padding-top:5px;"><a href="#" onclick="jQuery('.showMore<?php echo $this->ntInfo['code']; ?>').show(); jQuery(this).parent().hide(); return false;">Show <?php echo $jj;?> More[<?php echo ($cbo-5); ?>]</a></div>  <?php } ?>        
+          } if ($jj>7) { ?> <div style="padding-left:5px;padding-top:5px;"><a href="#" onclick="jQuery('.showMore<?php echo esc_attr($this->ntInfo['code']); ?>').show(); jQuery(this).parent().hide(); return false;">Show <?php echo $jj;?> More[<?php echo ($cbo-5); ?>]</a></div>  <?php } ?>        
         </div>
       </div> <?php
@@ -47 +46 @@
     public function showNTLine($indx, $pbo) { if (!isset($pbo['aName'])) $pbo['aName'] = ''; if (!isset($pbo['do']) && isset($pbo['do'.$this->ntInfo['code']])) $pbo['do'] = $pbo['do'.$this->ntInfo['code']]; $jj = $pbo['jj']; $cbo = $pbo['cbo']; 
       if (empty($pbo['nName'])) $pbo['nName'] = $this->makeUName($pbo, $indx); if (empty($pbo[$this->ntInfo['lcode'].'OK'])) $pbo[$this->ntInfo['lcode'].'OK'] = $this->checkIfSetupFinished($pbo); ?>
-      <div id="dom<?php echo $this->ntInfo['code'].$indx; ?>Div" style="padding-bottom: 3px;<?php echo ($cbo>7 && $jj>5)?'display:none;" class="nxs_ntGroupWrapper showMore'.$this->ntInfo['code'].'"':'"  class="nxs_ntGroupWrapper"'; ?>  onmouseover="jQuery('.showInlineMenu<?php echo $this->ntInfo['code'].$indx; ?>').show();jQuery(this).addClass('nxsHiLightBorder');" onmouseout="jQuery('.showInlineMenu<?php echo $this->ntInfo['code'].$indx; ?>').hide();jQuery(this).removeClass('nxsHiLightBorder');"">
+      <div id="dom<?php echo esc_attr($this->ntInfo['code'].$indx); ?>Div" style="padding-bottom: 3px;<?php echo ($cbo>7 && $jj>5)?'display:none;" class="nxs_ntGroupWrapper showMore'.$this->ntInfo['code'].'"':'"  class="nxs_ntGroupWrapper"'; ?>  onmouseover="jQuery('.showInlineMenu<?php echo $this->ntInfo['code'].$indx; ?>').show();jQuery(this).addClass('nxsHiLightBorder');" onmouseout="jQuery('.showInlineMenu<?php echo $this->ntInfo['code'].$indx; ?>').hide();jQuery(this).removeClass('nxsHiLightBorder');"">
         <div style="margin:0px;margin-left:5px;"> <img id="<?php echo $this->ntInfo['code'].$indx;?>LoadingImg" style="display: none;" src='<?php echo NXS_PLURL; ?>img/ajax-loader-sm.gif' />
           <?php if ((int)$pbo['do'] > 0 && ((isset($pbo['fltrsOn']) && (int)$pbo['fltrsOn'] == 1))) { $fltInfo = nxsAnalyzePostFilters($pbo['fltrs']); ?> 
@@ -62 +61 @@
             &nbsp;&nbsp;<?php if ($this->ntInfo['tstReq'] && empty($pbo[$this->ntInfo['lcode'].'OK'])){ ?><b style="color: #800000"><?php  _e('Attention required. Unfinished setup', 'social-networks-auto-poster-facebook-twitter-g'); ?> ==&gt;</b><?php } ?>              
             <span style="padding-left: 0px; display: none;" class="showInlineMenu<?php echo $this->ntInfo['code'].$indx; ?>"> <?php echo $this->isMobile?'<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;':''; ?>
-            <a id="do<?php echo $this->ntInfo['code'].$indx; ?>AG" href="#" onclick="doGetHideNTBlock('<?php echo $this->ntInfo['code'];?>' , '<?php echo $indx; ?>');return false;">[<?php  _e('Show Settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;          
+            <a id="do<?php echo $this->ntInfo['code'].$indx; ?>AG" href="#" onclick="doGetHideNTBlock('<?php echo esc_attr($this->ntInfo['code']);?>' , '<?php echo $indx; ?>');return false;">[<?php  _e('Show Settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;          
             <a href="#" onclick="doDelAcct('<?php echo $this->ntInfo['lcode']; ?>', '<?php echo $indx; ?>', '<?php if (isset($pbo['bgBlogID'])) echo $pbo['nName']; ?>');return false;">[<?php  _e('Remove', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;          
             <?php global $nxs_SNAP; if ($nxs_SNAP->sMode['l']!='F') { ?>
@@ -89 +88 @@
     public function showNTSettings($ii, $options, $isNew=false) { $nt = $this->ntInfo['lcode']; $ntU = $this->ntInfo['code']; $isFin = $this->checkIfSetupFinished($options); ?> 
       <div id="do<?php echo $this->ntInfo['code'].$ii; ?>Div" class="insOneDiv<?php if ($isNew) echo " clNewNTSets"; ?>">   <input type="hidden" name="apDoS<?php echo $this->ntInfo['code'].$ii; ?>" value="0" id="apDoS<?php echo $this->ntInfo['code'].$ii; ?>" />
-        <?php if ($isNew) { ?>    <input type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][do]" value="1" id="apDoNew<?php echo $this->ntInfo['code'].$ii; ?>" /> <?php } ?>
+        <?php if ($isNew) { ?>    <input type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][do]" value="1" id="apDoNew<?php echo $this->ntInfo['code'].$ii; ?>" /> <?php } ?>
         <div class="nsx_iconedTitle" style="float: right; max-width: 392px; text-align: right; background-image: url(<?php echo NXS_PLURL; ?>img/<?php echo (!empty($this->ntInfo['imgcode']))?$this->ntInfo['imgcode']:$nt; ?>16.png);"><a style="font-size: <?php echo !$isFin?'13':'12'; ?>px;" target="_blank"  href="<?php echo $this->ntInfo['instrURL'];?>"><?php  printf( __( 'Detailed %s Configuration Instructions', 'social-networks-auto-poster-facebook-twitter-g' ), $this->ntInfo['name']); ?></a>
         </div><?php if (!$isFin) { ?><div style="text-align: end;" ><img src="<?php echo NXS_PLURL; ?>img/arrow_r_green_c1.png" /></div><?php } ?>
@@ -95 +94 @@
         <div style="width:100%;"><strong><?php _e('Account Nickname', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong>&nbsp;<i><?php _e('Just so you can easily identify it', 'social-networks-auto-poster-facebook-twitter-g'); ?></i></div>
         <div style="">
-          <input name="<?php echo $nt; ?>[<?php echo $ii; ?>][nName]" id="<?php echo $nt; ?>nName<?php echo $ii; ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC;" class="nxAccEdElem" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['nName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <span title="Favorite account" id="nFav-<?php echo $nt.$ii; ?>" data-nt="<?php echo $nt; ?>" data-ii="<?php echo $ii; ?>" class="nxsnFav dashicons dashicons-star-filled <?php if (!empty($options['fav'])) echo "nxsOrange"; ?>" onclick="nxsnFavChange(jQuery(this))">&nbsp;</span>
+          <input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][nName]" id="<?php echo esc_attr($nt); ?>nName<?php echo esc_attr($ii); ?>" style="font-weight: bold; color: #005800; border: 1px solid #ACACAC;" class="nxAccEdElem" value="<?php _e(apply_filters('format_to_edit', htmlentities($options['nName'], ENT_COMPAT, "UTF-8")), 'social-networks-auto-poster-facebook-twitter-g') ?>" /> <span title="Favorite account" id="nFav-<?php echo esc_attr($nt.$ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" data-ii="<?php echo esc_attr($ii); ?>" class="nxsnFav dashicons dashicons-star-filled <?php if (!empty($options['fav'])) echo "nxsOrange"; ?>" onclick="nxsnFavChange(jQuery(this))">&nbsp;</span>
         </div>
         <ul class="nsx_tabs">
@@ -112 +111 @@
             
             
-            <?php if ($isNew) { ?> <input type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][do]" value="1" /> <?php } ?>
-            <?php if ($isFin) { ?>  <b><?php _e('Test your settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b>&nbsp;&nbsp;&nbsp; <a href="#" class="NXSButton" onclick="testPost('<?php echo $this->ntInfo['code']; ?>', '<?php echo $ii; ?>'); return false;"><?php printf( __( 'Submit Test Post to %s', 'social-networks-auto-poster-facebook-twitter-g' ), $this->ntInfo['name']); ?></a><?php } ?>
+            <?php if ($isNew) { ?> <input type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][do]" value="1" /> <?php } ?>
+            <?php if ($isFin) { ?>  <b><?php _e('Test your settings', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</b>&nbsp;&nbsp;&nbsp; <a href="#" class="NXSButton" onclick="testPost('<?php echo esc_attr($this->ntInfo['code']); ?>', '<?php echo esc_attr($ii); ?>'); return false;"><?php printf( __( 'Submit Test Post to %s', 'social-networks-auto-poster-facebook-twitter-g' ), $this->ntInfo['name']); ?></a><?php } ?>
           </div> 
           <?php /* ######################## Advanced Tab ####################### */ ?>
@@ -124 +123 @@
         
         <div class="submitX nxclear" style="padding-bottom: 0px;">
-          <input type="button" id="svBtn<?php echo $nt.$ii ?>" onclick="nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo $ii; ?>','<?php echo $isNew?'r':''; ?>','1'); return false;" class="button-primary" value="<?php echo $isNew?__('Add Account', 'nxs_snap'):__('Update Account Info', 'nxs_snap'); ?>" />            
-      
-          <div id="nxsSaveLoadingImg<?php echo $nt.$ii; ?>" class="doneMsg">Saving.....</div> <div id="doneMsg<?php echo $nt.$ii; ?>" class="doneMsg">Done</div>
+          <input type="button" id="svBtn<?php echo $nt.$ii ?>" onclick="nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>', '<?php echo $isNew?'dom'.$ntU.$ii.'Div':'nxsAllAccntsDiv'; ?>','nxs<?php echo $ntU; ?>MsgDiv<?php echo esc_attr($ii); ?>','<?php echo $isNew?'r':''; ?>','1'); return false;" class="button-primary" value="<?php echo $isNew?__('Add Account', 'nxs_snap'):__('Update Account Info', 'nxs_snap'); ?>" />            
+      
+          <div id="nxsSaveLoadingImg<?php echo esc_attr($nt.$ii); ?>" class="doneMsg">Saving.....</div> <div id="doneMsg<?php echo esc_attr($nt.$ii); ?>" class="doneMsg">Done</div>
           <?php if ($isNew) {  ?><input style="float: right;" type="button" onclick="jQuery.pgwModal('close');" class="button-primary" value="<?php _e('Close', 'social-networks-auto-poster-facebook-twitter-g') ?>" /><?php }  ?>
           <?php global $nxs_apiLInfo; if (isset($nxs_apiLInfo) && !empty($nxs_apiLInfo) && !empty($this->ntInfo['l']) && !empty($nxs_apiLInfo[$this->ntInfo['l']])) { ?>
@@ -138 +137 @@
     function showProxies($nt, $ii, $options){ if (empty($options['proxy'])) $options['proxy'] = array('proxy'=>'','up'=>'');
         ?> <div class="nxs_tls_cpt"><?php  _e('Proxy', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;<span class="nxsInstrSpan"><a href="https://www.nextscripts.com/snap-features/proxy" target="_blank"><?php _e('[Instructions]', 'social-networks-auto-poster-facebook-twitter-g'); ?></a></span></div><h3 style="padding-left: 15px; font-size: 16px;"> 
-     <input type="checkbox" onchange="if (jQuery(this).is(':checked')) jQuery('#nxs_proxy<?php echo $nt.$ii; ?>').show(); else jQuery('#nxs_proxy<?php echo $nt.$ii; ?>').hide();" class="nxs_acctcb" <?php if (!empty($options['proxyOn'])) echo "checked"; ?>  name="<?php echo $nt; ?>[<?php echo $ii; ?>][proxyOn]" value="1" /> 
-     <?php  _e('Use Proxy', 'social-networks-auto-poster-facebook-twitter-g'); ?> </h3><div id="nxs_proxy<?php echo $nt.$ii; ?>" style="margin-left: 30px;<?php if (empty($options['proxyOn'])) echo "display:none;"; ?>"> 
-    
-   <div style="width:100%;"><strong><?php _e('IP:Port', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][proxy]" style="width: 30%;" value="<?php echo htmlentities($options['proxy']['proxy'], ENT_COMPAT, "UTF-8"); ?>"/>
-   <div style="width:100%;"><strong><?php _e('Username:Password', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][proxyup]" style="width: 30%;" value="<?php echo htmlentities($options['proxy']['up'], ENT_COMPAT, "UTF-8"); ?>"/>
+     <input type="checkbox" onchange="if (jQuery(this).is(':checked')) jQuery('#nxs_proxy<?php echo esc_attr($nt.$ii); ?>').show(); else jQuery('#nxs_proxy<?php echo esc_attr($nt.$ii); ?>').hide();" class="nxs_acctcb" <?php if (!empty($options['proxyOn'])) echo "checked"; ?>  name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][proxyOn]" value="1" /> 
+     <?php  _e('Use Proxy', 'social-networks-auto-poster-facebook-twitter-g'); ?> </h3><div id="nxs_proxy<?php echo esc_attr($nt.$ii); ?>" style="margin-left: 30px;<?php if (empty($options['proxyOn'])) echo "display:none;"; ?>"> 
+    
+   <div style="width:100%;"><strong><?php _e('IP:Port', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][proxy]" style="width: 30%;" value="<?php echo htmlentities($options['proxy']['proxy'], ENT_COMPAT, "UTF-8"); ?>"/>
+   <div style="width:100%;"><strong><?php _e('Username:Password', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][proxyup]" style="width: 30%;" value="<?php echo htmlentities($options['proxy']['up'], ENT_COMPAT, "UTF-8"); ?>"/>
       <br/><hr/>
      
@@ -150 +149 @@
       ?> <div class="nxs_tls_cpt"><?php  _e('Shorten URL', 'social-networks-auto-poster-facebook-twitter-g'); ?></div>
       <?php  _e('Use Shortened URL for link shares', 'social-networks-auto-poster-facebook-twitter-g'); ?> <br/>
-      <h3 style="padding-left: 15px; font-size: 16px;"><input type="checkbox" class="nxs_acctcb" <?php if (!empty($options['useSURL'])) echo "checked"; ?>  name="<?php echo $nt; ?>[<?php echo $ii; ?>][useSURL]" value="1" /> 
+      <h3 style="padding-left: 15px; font-size: 16px;"><input type="checkbox" class="nxs_acctcb" <?php if (!empty($options['useSURL'])) echo "checked"; ?>  name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][useSURL]" value="1" /> 
       <?php  _e('Shorten URL', 'social-networks-auto-poster-facebook-twitter-g'); ?> </h3><?php
     }    
@@ -161 +160 @@
       
       foreach ($posts_types as $pt) { $isFOn = !empty($options['fltrs']) && is_array($options['fltrs']) && !empty($options['fltrs']['nxs_post_type']) && in_array($pt, $options['fltrs']['nxs_post_type']); ?>
-         <input value="1" name="<?php echo $nt ?>[<?php echo $ii; ?>][pts][<?php echo $pt; ?>]" type="checkbox" class="nxs_acctcb" <?php if ($isFOn) echo "checked"; ?> /><?php echo $pt; ?><br/>          
+         <input value="1" name="<?php echo $nt ?>[<?php echo esc_attr($ii); ?>][pts][<?php echo $pt; ?>]" type="checkbox" class="nxs_acctcb" <?php if ($isFOn) echo "checked"; ?> /><?php echo $pt; ?><br/>          
          
       <?php } ?></div> <?php
@@ -168 +167 @@
     public function showNTFilters($nt, $ii, $options){ if (empty($options['fltrs'])) $options['fltrs'] = array(); $isFOn = !empty($options['fltrsOn']) && (int)$options['fltrsOn'] == 1; ?> 
       <div class="nxs_tls_cpt"><?php  _e('Filters', 'social-networks-auto-poster-facebook-twitter-g'); ?>&nbsp;&nbsp;<span class="nxsInstrSpan"><a href="https://www.nextscripts.com/snap-features/filters" target="_blank"><?php _e('[Instructions]', 'social-networks-auto-poster-facebook-twitter-g'); ?></a></span></div> <h3 style="padding-left: 15px;font-size: 16px;"> 
-      <input value="1" name="<?php echo $nt ?>[<?php echo $ii; ?>][fltrsOn]" type="checkbox" onchange="if (jQuery(this).is(':checked')) jQuery('#nxs_flrts<?php echo $nt.$ii; ?>').show(); else jQuery('#nxs_flrts<?php echo $nt.$ii; ?>').hide();" class="nxs_acctcb" <?php if ($isFOn) echo "checked"; ?> /> 
-      <?php  _e('Filter Posts (Only posts that meet the following criteria will be autoposted)', 'social-networks-auto-poster-facebook-twitter-g'); ?> </h3><div id="nxs_flrts<?php echo $nt.$ii; ?>" style="margin-left: 30px;<?php if (!$isFOn) echo "display:none;"; ?>"> 
+      <input value="1" name="<?php echo $nt ?>[<?php echo esc_attr($ii); ?>][fltrsOn]" type="checkbox" onchange="if (jQuery(this).is(':checked')) jQuery('#nxs_flrts<?php echo esc_attr($nt.$ii); ?>').show(); else jQuery('#nxs_flrts<?php echo esc_attr($nt.$ii); ?>').hide();" class="nxs_acctcb" <?php if ($isFOn) echo "checked"; ?> /> 
+      <?php  _e('Filter Posts (Only posts that meet the following criteria will be autoposted)', 'social-networks-auto-poster-facebook-twitter-g'); ?> </h3><div id="nxs_flrts<?php echo esc_attr($nt.$ii); ?>" style="margin-left: 30px;<?php if (!$isFOn) echo "display:none;"; ?>"> 
       <?php nxs_Filters::print_posts_metabox(0,$nt,$ii, $options['fltrs']);?> </div> <?php
     }
     function showImgSizeChoice($nt, $ii, $currSel='full'){ ?><div class="nxs_tls_cpt"><?php  _e('Image size', 'social-networks-auto-poster-facebook-twitter-g'); ?> </div>
-     <div id="nxs_flrts<?php echo $nt.$ii; ?>" style="margin-left: 16px;"> <?php  _e('What image size should be used if several sizes are avalible', 'social-networks-auto-poster-facebook-twitter-g'); ?> <br/>
+     <div id="nxs_flrts<?php echo esc_attr($nt.$ii); ?>" style="margin-left: 16px;"> <?php  _e('What image size should be used if several sizes are avalible', 'social-networks-auto-poster-facebook-twitter-g'); ?> <br/>
      <?php global $_wp_additional_image_sizes; $sizes = array(); foreach ( get_intermediate_image_sizes() as $_size ) {
         if ( in_array( $_size, array('thumbnail', 'medium', 'medium_large', 'large') ) ) { $sizes[ $_size ]['w']  = get_option( "{$_size}_size_w" ); $sizes[ $_size ]['h'] = get_option( "{$_size}_size_h" ); $sizes[ $_size ]['crop']   = (bool) get_option( "{$_size}_crop" );} 
@@ -190 +189 @@
     //## Elements
     public function elemUserPass($ii, $u, $p, $t='',$onchange='') { $nt = $this->ntInfo['lcode']; $ntU = $this->ntInfo['code']; ?>
-      <div style="width:100%;"><strong><?php echo $this->ntInfo['name']; ?>&nbsp;<?php _e('Login', 'social-networks-auto-poster-facebook-twitter-g'); if ($t=='e') { echo " "; _e('Email', 'social-networks-auto-poster-facebook-twitter-g'); } ?>:</strong> </div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][uName]" id="ap<?php echo $ntU; ?>UName<?php echo $ii; ?>" class="nxAccEdElem" value="<?php echo htmlentities($u, ENT_COMPAT, "UTF-8"); ?>"  onchange="if (jQuery(this).val()!='' && jQuery('#ap<?php echo $ntU; ?>Pass<?php echo $ii; ?>').val()!=''){jQuery('#<?php echo $nt.$ii; ?>getPgs').val(1);nxs_svSetAdv('<?php echo $nt; ?>', '<?php echo $ii; ?>','nxsAllAccntsDiv','<?php echo $nt.$ii; ?>pgsList','','');} return false;"/>
-      <div style="width:100%;"><strong><?php echo $this->ntInfo['name']; ?>&nbsp;<?php _e('Password', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input autocomplete="false" readonly onfocus="this.removeAttribute('readonly');"  name="<?php echo $nt; ?>[<?php echo $ii; ?>][uPass]" id="ap<?php echo $ntU; ?>Pass<?php echo $ii; ?>" type="password" class="nxAccEdElem" value="<?php echo htmlentities((substr($p, 0, 5)=='n5g9a'||substr($p, 0, 5)=='g9c1a'||substr($p, 0, 5)=='b4d7s')?nsx_doDecode(substr($p, 5)):$p, ENT_COMPAT, "UTF-8"); ?>" <?php echo !empty($onchange)?'onchange="'.$onchange.'"':''; ?> /><br/><?php
+      <div style="width:100%;"><strong><?php echo $this->ntInfo['name']; ?>&nbsp;<?php _e('Login', 'social-networks-auto-poster-facebook-twitter-g'); if ($t=='e') { echo " "; _e('Email', 'social-networks-auto-poster-facebook-twitter-g'); } ?>:</strong> </div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][uName]" id="ap<?php echo $ntU; ?>UName<?php echo esc_attr($ii); ?>" class="nxAccEdElem" value="<?php echo htmlentities($u, ENT_COMPAT, "UTF-8"); ?>"  onchange="if (jQuery(this).val()!='' && jQuery('#ap<?php echo $ntU; ?>Pass<?php echo esc_attr($ii); ?>').val()!=''){jQuery('#<?php echo esc_attr($nt.$ii); ?>getPgs').val(1);nxs_svSetAdv('<?php echo esc_attr($nt); ?>', '<?php echo esc_attr($ii); ?>','nxsAllAccntsDiv','<?php echo esc_attr($nt.$ii); ?>pgsList','','');} return false;"/>
+      <div style="width:100%;"><strong><?php echo $this->ntInfo['name']; ?>&nbsp;<?php _e('Password', 'social-networks-auto-poster-facebook-twitter-g'); ?>:</strong> </div><input autocomplete="false" readonly onfocus="this.removeAttribute('readonly');"  name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][uPass]" id="ap<?php echo $ntU; ?>Pass<?php echo esc_attr($ii); ?>" type="password" class="nxAccEdElem" value="<?php echo htmlentities((substr($p, 0, 5)=='n5g9a'||substr($p, 0, 5)=='g9c1a'||substr($p, 0, 5)=='b4d7s')?nsx_doDecode(substr($p, 5)):$p, ENT_COMPAT, "UTF-8"); ?>" <?php echo !empty($onchange)?'onchange="'.$onchange.'"':''; ?> /><br/><?php
     }
     public function elemKeySecret($ii,$lKey,$lSec,$key,$sec,$fnKey='appKey',$fnSec='appSec', $aurl='') { $nt = $this->ntInfo['lcode']; $ntU = $this->ntInfo['code']; $aurl = !empty($aurl)?' (<a style="font-size: 12px;" href="'.$aurl.'" target="_blank">'.$aurl.'</a>)':'';     
      if (!empty($key)) $key = (substr($key, 0, 5)=='x5g9a')?nsx_doDecode(substr($key, 5)):$key; if (!empty($sec)) $sec = (substr($sec, 0, 5)=='d3h0a')?nsx_doDecode(substr($sec, 5)):$sec; ?>
-     <div style="width:100%;"><b id="<?php echo $nt.$fnKey.$ii;?>l" style="font-size: 14px;"><?php echo $lKey; echo $aurl; ?> </b></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][<?php echo $fnKey; ?>]" id="<?php echo $nt.$fnKey.$ii; ?>" class="nxAccEdElem" value="<?php echo htmlentities($key, ENT_COMPAT, "UTF-8"); ?>" /> 
-     <div style="width:100%;"><b id="<?php echo $nt.$fnSec.$ii;?>l" style="font-size: 14px;"><?php echo $lSec; ?>:</b></div><input type="password" autocomplete="false" readonly onfocus="this.removeAttribute('readonly');"  name="<?php echo $nt; ?>[<?php echo $ii; ?>][<?php echo $fnSec; ?>]" id="<?php echo $nt.$fnSec.$ii; ?>" class="nxAccEdElem" value="<?php echo htmlentities($sec, ENT_COMPAT, "UTF-8"); ?>" /><?php               
+     <div style="width:100%;"><b id="<?php echo $nt.$fnKey.$ii;?>l" style="font-size: 14px;"><?php echo $lKey; echo $aurl; ?> </b></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][<?php echo $fnKey; ?>]" id="<?php echo $nt.$fnKey.$ii; ?>" class="nxAccEdElem" value="<?php echo htmlentities($key, ENT_COMPAT, "UTF-8"); ?>" /> 
+     <div style="width:100%;"><b id="<?php echo $nt.$fnSec.$ii;?>l" style="font-size: 14px;"><?php echo $lSec; ?>:</b></div><input type="password" autocomplete="false" readonly onfocus="this.removeAttribute('readonly');"  name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][<?php echo $fnSec; ?>]" id="<?php echo $nt.$fnSec.$ii; ?>" class="nxAccEdElem" value="<?php echo htmlentities($sec, ENT_COMPAT, "UTF-8"); ?>" /><?php               
     }
     public function elemURL($ii,$fn,$val,$lbl,$subLbl) { $nt = $this->ntInfo['lcode']; $ntU = $this->ntInfo['code'];?>
-      <div style="width:100%;"><strong><?php echo $lbl; ?>:</strong><i><?php  echo $subLbl; ?></i></div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][<?php echo $fn; ?>]" class="nxAccEdElem" value="<?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?>" /><br/><?php
+      <div style="width:100%;"><strong><?php echo $lbl; ?>:</strong><i><?php  echo $subLbl; ?></i></div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][<?php echo $fn; ?>]" class="nxAccEdElem" value="<?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?>" /><br/><?php
     }
     public function elemMsgFormat($ii,$l,$fn,$val,$isVisible=true) { $nt = $this->ntInfo['lcode']; ?>
       <div class="nxsMsgFormatDiv" style="display:<?php echo ($isVisible)?"block":"none"; ?>;"> 
-        <div style="width:100%;"><b style="font-size: 15px;"><?php echo $l; ?>:</b> (<a href="#" id="msgFrmt<?php echo $nt.$ii; ?>HintInfo" onclick="nxs_showHideFrmtInfo('<?php echo $fn.$nt.$ii; ?>'); return false;"><?php _e('Show format info', 'nxs_snap'); ?></a>)</div>
-        <textarea cols="150" rows="3" id="nxsF<?php echo $fn.$nt.$ii; ?>" name="<?php echo $nt; ?>[<?php echo $ii; ?>][<?php echo $fn; ?>]" class="nxAccEdElem" onfocus="jQuery('#nxsF<?php echo $fn.$nt.$ii; ?>').attr('rows', 6); nxs_showFrmtInfo('<?php echo $fn.$nt.$ii; ?>');"><?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?></textarea> <?php nxs_doShowHint($fn.$nt.$ii); ?><br/>
+        <div style="width:100%;"><b style="font-size: 15px;"><?php echo $l; ?>:</b> (<a href="#" id="msgFrmt<?php echo esc_attr($nt.$ii); ?>HintInfo" onclick="nxs_showHideFrmtInfo('<?php echo $fn.$nt.$ii; ?>'); return false;"><?php _e('Show format info', 'nxs_snap'); ?></a>)</div>
+        <textarea cols="150" rows="3" id="nxsF<?php echo $fn.$nt.$ii; ?>" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][<?php echo $fn; ?>]" class="nxAccEdElem" onfocus="jQuery('#nxsF<?php echo $fn.$nt.$ii; ?>').attr('rows', 6); nxs_showFrmtInfo('<?php echo $fn.$nt.$ii; ?>');"><?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?></textarea> <?php nxs_doShowHint($fn.$nt.$ii); ?><br/>
       </div><?php                        
     }
     public function elemTitleFormat($ii,$l,$fn,$val,$isVisible=true) { $nt = $this->ntInfo['lcode']; ?> 
       <div class="nxsMsgTFormatDiv" style="display:<?php echo ($isVisible)?"block":"none"; ?>;">
-        <div style="width:100%;"><b style="font-size: 15px;"><?php echo $l; ?>:</b> </div><input name="<?php echo $nt; ?>[<?php echo $ii; ?>][<?php echo $fn; ?>]" id="<?php echo $nt.$ii; ?>SNAPformatT" class="nxAccEdElem" value="<?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?>" onfocus="nxs_showFrmtInfo('msgFrmtT<?php echo $nt.$ii; ?>');" /><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?>
+        <div style="width:100%;"><b style="font-size: 15px;"><?php echo $l; ?>:</b> </div><input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][<?php echo $fn; ?>]" id="<?php echo esc_attr($nt.$ii); ?>SNAPformatT" class="nxAccEdElem" value="<?php echo htmlentities($val, ENT_COMPAT, "UTF-8"); ?>" onfocus="nxs_showFrmtInfo('msgFrmtT<?php echo esc_attr($nt.$ii); ?>');" /><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?>
       </div><?php                        
     }
@@ -217 +216 @@
       <div class="nxsPostEd_ElemWrap"><div  class="nxsPostEd_ElemLabel"><?php echo $l; ?></div>
         <div class="nxsPostEd_Elem">
-          <input name="<?php echo $nt; ?>[<?php echo $ii; ?>][msgTFormat]" id="<?php echo $nt.$ii; ?>SNAPformatT" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" style="width: 95%;max-width: 610px;" value="<?php echo htmlentities($msgTFormat, ENT_COMPAT, "UTF-8"); ?>" onfocus="nxs_showFrmtInfo('msgFrmtT<?php echo $nt.$ii; ?>');" /><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?>
+          <input name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][msgTFormat]" id="<?php echo esc_attr($nt.$ii); ?>SNAPformatT" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" style="width: 95%;max-width: 610px;" value="<?php echo htmlentities($msgTFormat, ENT_COMPAT, "UTF-8"); ?>" onfocus="nxs_showFrmtInfo('msgFrmtT<?php echo esc_attr($nt.$ii); ?>');" /><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?><?php nxs_doShowHint("msgFrmtT".$nt.$ii); ?>
         </div>
       </div><?php                        
@@ -224 +223 @@
       <div class="nxsPostEd_ElemWrap"><div  class="nxsPostEd_ElemLabel"><?php echo $l; ?></div>
         <div class="nxsPostEd_Elem">
-          <textarea cols="150" rows="2" id="<?php echo $nt.$ii; ?>msgFormat" name="<?php echo $nt; ?>[<?php echo $ii; ?>][msgFormat]" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" style="width:95%;max-width: 610px;" onfocus="jQuery('#<?php echo $nt.$ii; ?>msgFormat').attr('rows', 4); jQuery('.nxs_FRMTHint').hide();nxs_showFrmtInfo('msgFormat<?php echo $nt.$ii; ?>');"><?php echo $msgFormat; ?></textarea> <?php nxs_doShowHint("msgFormat".$nt.$ii); ?>
+          <textarea cols="150" rows="2" id="<?php echo esc_attr($nt.$ii); ?>msgFormat" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][msgFormat]" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" style="width:95%;max-width: 610px;" onfocus="jQuery('#<?php echo esc_attr($nt.$ii); ?>msgFormat').attr('rows', 4); jQuery('.nxs_FRMTHint').hide();nxs_showFrmtInfo('msgFormat<?php echo esc_attr($nt.$ii); ?>');"><?php echo $msgFormat; ?></textarea> <?php nxs_doShowHint("msgFormat".$nt.$ii); ?>
         </div>
       </div><?php                        
@@ -341 +340 @@
             //###################### LINE HEADER 
         ?>            
-        <div class="nxsEdNTLineHeader" data-nt="<?php echo $this->ntInfo['lcode']; ?>" data-ii="<?php echo $ii; ?>" style="background-color: #F0F0F0; padding-top: 4px; padding-right: 10px; padding: 5px; margin-top: 3px; border: 1px solid #E0E0E0; ">
-        
-        <input value="0" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo $ii; ?>][do]" type="hidden" />          <?php // prr($post); var_dump($pbo['do']); ?>  
+        <div class="nxsEdNTLineHeader" data-nt="<?php echo $this->ntInfo['lcode']; ?>" data-ii="<?php echo esc_attr($ii); ?>" style="background-color: #F0F0F0; padding-top: 4px; padding-right: 10px; padding: 5px; margin-top: 3px; border: 1px solid #E0E0E0; ">
+        
+        <input value="0" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo esc_attr($ii); ?>][do]" type="hidden" />          <?php // prr($post); var_dump($pbo['do']); ?>  
         
           <?php if (( $pbo['do']=='2') || ( $post->post_status=='auto-draft' && !empty($pbo['do']) && !empty($pbo['fltrsOn']))) { $fltInfo = nxsAnalyzePostFilters($pbo['fltrs']); ?> 
-            <input type="radio" id="rbtn<?php echo $this->ntInfo['lcode'].$ii; ?>" value="2" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo $ii; ?>][do]" checked="checked" class="nxs_acctcb" data-fltinfo="<?php echo $fltInfo; ?>" /> 
+            <input type="radio" id="rbtn<?php echo $this->ntInfo['lcode'].$ii; ?>" value="2" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo esc_attr($ii); ?>][do]" checked="checked" class="nxs_acctcb" data-fltinfo="<?php echo $fltInfo; ?>" /> 
           <?php } else { ?>            
             
-            <input value="1" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo $ii; ?>][do]" type="checkbox" class="nxs_acctcb nxs_acctcb<?php echo $this->ntInfo['lcode']; ?>" <?php if ((int)$pbo['do'] > 0) echo "checked"; ?> />             
+            <input value="1" name="<?php echo $this->ntInfo['lcode']; ?>[<?php echo esc_attr($ii); ?>][do]" type="checkbox" class="nxs_acctcb nxs_acctcb<?php echo $this->ntInfo['lcode']; ?>" <?php if ((int)$pbo['do'] > 0) echo "checked"; ?> />             
           <?php } ?>              
             <?php if (!$this->isMobile) {?>
@@ -360 +359 @@
             <?php if (!$this->isMobile) {?>            
               <span style="padding-left: 0px; display: none;" class="showInlineMenu<?php echo $this->ntInfo['code'].$ii; ?>"> <?php echo $this->isMobile?'<br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;':''; ?>
-                <a id="do<?php echo $this->ntInfo['code'].$ii; ?>AG" href="#" class="nxsEdNTLineShowSettings" data-nt="<?php echo $this->ntInfo['lcode']; ?>" data-ii="<?php echo $ii; ?>"><?php echo !empty($pbo['do'])?'[Hide Settings]':'[Show Settings]'; ?></a>
+                <a id="do<?php echo $this->ntInfo['code'].$ii; ?>AG" href="#" class="nxsEdNTLineShowSettings" data-nt="<?php echo $this->ntInfo['lcode']; ?>" data-ii="<?php echo esc_attr($ii); ?>"><?php echo !empty($pbo['do'])?'[Hide Settings]':'[Show Settings]'; ?></a>
               </span>
             <?php } ?>            
@@ -373 +372 @@
             <div style="position: absolute; <?php if ($this->isMobile) {?> top:20px; <?php } else { ?> top:0; <?php } ?> right:0; padding-top: 4px; padding-right: 10px;">              
               <?php  if (is_array($pMeta) && isset($pMeta[$ii]) && is_array($pMeta[$ii]) && !empty($pMeta[$ii]['pgID'])) { ?>
-                <span style="padding-top: 4px; padding-right: 10px;"><a class="showListOfPostsXX" <?php if (!empty($pHst)&& !empty($pHst[$nt][$ii]) ) {?> data-qid="#XpstdDiv<?php echo $ntU; ?><?php echo $ii; ?>" <?php } ?> id="pstd<?php echo $ntU; ?><?php echo $ii; ?>" style="font-size: 11px;" href="<?php echo (!empty($pMeta[$ii]['postURL']))?$pMeta[$ii]['postURL']:'#'; ?>" target="_blank"><?php 
+                <span style="padding-top: 4px; padding-right: 10px;"><a class="showListOfPostsXX" <?php if (!empty($pHst)&& !empty($pHst[$nt][$ii]) ) {?> data-qid="#XpstdDiv<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" <?php } ?> id="pstd<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" style="font-size: 11px;" href="<?php echo (!empty($pMeta[$ii]['postURL']))?$pMeta[$ii]['postURL']:'#'; ?>" target="_blank"><?php 
                   if (!$this->isMobile) {printf( __( 'Posted on', 'nxs_snap' ), $ntName); ?>  <?php echo (isset($pMeta[$ii]['pDate']) && $pMeta[$ii]['pDate']!='')?(nxs_adjTime($pMeta[$ii]['pDate'])):"";} else {  _e('[Post Link]', 'social-networks-auto-poster-facebook-twitter-g'); }?></a>
                 </span>
-                 <div style="display: none" id="XpstdDiv<?php echo $ntU; ?><?php echo $ii; ?>"> <?php
+                 <div style="display: none" id="XpstdDiv<?php echo $ntU; ?><?php echo esc_attr($ii); ?>"> <?php
                  if (!empty($pHst)&& !empty($pHst[$nt][$ii]) ) { 
                    foreach ($pHst[$nt][$ii] as $jj=>$lnk) { if ($jj>=30) break; ?>
@@ -386 +385 @@
         
           <?php if ($post->post_status == "publish") { /** POST BUTTON **/ ?>        
-            <a class="nxsPostNowBtn" data-nt="<?php echo $ntU; ?>" data-ii="<?php echo $ii; ?>" data-ntname="<?php echo $ntName; ?>" data-pid="<?php echo $post->ID; ?>" style="font-size: 14px; font-weight: bold;" href="#" onclick="return false;">[<?php 
+            <a class="nxsPostNowBtn" data-nt="<?php echo $ntU; ?>" data-ii="<?php echo esc_attr($ii); ?>" data-ntname="<?php echo $ntName; ?>" data-pid="<?php echo $post->ID; ?>" style="font-size: 14px; font-weight: bold;" href="#" onclick="return false;">[<?php 
             _e('Post', 'social-networks-auto-poster-facebook-twitter-g'); if (!$this->isMobile) { echo "&nbsp;"; _e('Now', 'social-networks-auto-poster-facebook-twitter-g');}
           ?>]</a>
@@ -399 +398 @@
         <div style="margin:0px;margin-left:5px; position: relative;"><div style="padding-top: 0px; padding-right: 5px; margin-left: 14px;">
           <span> 
-            <a id="do<?php echo $this->ntInfo['code'].$ii; ?>AG" href="#" style="font-size: 11px;" onclick="doGetHideNTBlock('<?php echo $this->ntInfo['code'];?>' , '<?php echo $ii; ?>');return false;">[<?php  _e('Options', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;                      
-            
-            <a href="#" style="font-weight: bold;font-size: 11px;" onclick="doDelAcct('<?php echo $this->ntInfo['lcode']; ?>', '<?php echo $ii; ?>', '<?php if (isset($pbo['bgBlogID'])) echo $pbo['nName']; ?>');return false;">[<?php  _e('Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;          
+            <a id="do<?php echo $this->ntInfo['code'].$ii; ?>AG" href="#" style="font-size: 11px;" onclick="doGetHideNTBlock('<?php echo esc_attr($this->ntInfo['code']);?>' , '<?php echo esc_attr($ii); ?>');return false;">[<?php  _e('Options', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;                      
+            
+            <a href="#" style="font-weight: bold;font-size: 11px;" onclick="doDelAcct('<?php echo $this->ntInfo['lcode']; ?>', '<?php echo esc_attr($ii); ?>', '<?php if (isset($pbo['bgBlogID'])) echo $pbo['nName']; ?>');return false;">[<?php  _e('Post', 'social-networks-auto-poster-facebook-twitter-g'); ?>]</a>&nbsp;&nbsp;          
           </span>
-             <?php  if (is_array($pMeta) && isset($pMeta[$ii]) && is_array($pMeta[$ii]) && !empty($pMeta[$ii]['pgID'])) { ?> <span style="padding-top: 4px; padding-right: 10px;"><a class="showListOfPostsX" data-jXboxbtid="XpstdDiv<?php echo $ntU; ?><?php echo $ii; ?>" id="pstd<?php echo $ntU; ?><?php echo $ii; ?>" style="font-size: 11px;" href="<?php echo $pMeta[$ii]['postURL'];  ?>" target="_blank"><?php 
+             <?php  if (is_array($pMeta) && isset($pMeta[$ii]) && is_array($pMeta[$ii]) && !empty($pMeta[$ii]['pgID'])) { ?> <span style="padding-top: 4px; padding-right: 10px;"><a class="showListOfPostsX" data-jXboxbtid="XpstdDiv<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" id="pstd<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" style="font-size: 11px;" href="<?php echo $pMeta[$ii]['postURL'];  ?>" target="_blank"><?php 
              if (!$this->isMobile) {printf( __( 'Posted on', 'nxs_snap' ), $ntName); ?>  <?php echo (isset($pMeta[$ii]['pDate']) && $pMeta[$ii]['pDate']!='')?(nxs_adjTime($pMeta[$ii]['pDate'])):"";} else {  _e('[Post Link]', 'social-networks-auto-poster-facebook-twitter-g'); }?></a></span>
              
-              <div style="display: none" id="XpstdDiv<?php echo $ntU; ?><?php echo $ii; ?>">        
-          <a id="pstd<?php echo $ntU; ?><?php echo $ii; ?>" style="font-size: 10px;" href="<?php echo $pMeta[$ii]['postURL'];  ?>" target="_blank"><?php printf( __( 'Posted on', 'nxs_snap' ), $ntName); ?>  <?php echo (isset($pMeta[$ii]['pDate']) && $pMeta[$ii]['pDate']!='')?(nxs_adjTime($pMeta[$ii]['pDate'])):""; ?></a>
+              <div style="display: none" id="XpstdDiv<?php echo $ntU; ?><?php echo esc_attr($ii); ?>">        
+          <a id="pstd<?php echo $ntU; ?><?php echo esc_attr($ii); ?>" style="font-size: 10px;" href="<?php echo $pMeta[$ii]['postURL'];  ?>" target="_blank"><?php printf( __( 'Posted on', 'nxs_snap' ), $ntName); ?>  <?php echo (isset($pMeta[$ii]['pDate']) && $pMeta[$ii]['pDate']!='')?(nxs_adjTime($pMeta[$ii]['pDate'])):""; ?></a>
         </div>  
              
@@ -421 +420 @@
         <?php //### TIme to Post
        if ($post->post_status != "publish" && function_exists('nxs_v4doSMAS5') ) { $pbo['postTime'] = get_post_time('U', false, $post->ID); nxs_v4doSMAS5X($nt, $ii, $pbo); }     
-           if (((int)$pbo['do'] == 1) && $post->post_status == "publish" && isset($pbo['timeToRun']) && $pbo['timeToRun'] > time()) { ?> 
-              <div>===&gt;&gt;&gt;&gt;&nbsp;<?php _e('Autopost has been schedulled for', 'social-networks-auto-poster-facebook-twitter-g') ?> <?php echo date('F j, Y, g:i a', $pbo['timeToRun']) ?></div>
+           if (((int)$pbo['do'] == 1) && $post->post_status == "publish" && !empty($pbo['timeToRun']) && (int)$pbo['timeToRun'] > time()) { ?>
+              <div>===&gt;&gt;&gt;&gt;&nbsp;<?php _e('Autopost has been schedulled for', 'social-networks-auto-poster-facebook-twitter-g') ?> <?php echo date('F j, Y, g:i a', (int)$pbo['timeToRun']) ?></div>
            <?php } ?>       
             </div>
@@ -432 +431 @@
       if ($post->post_status == "publish") { ?>           
         <?php if (!empty($ntOpt['riComments']) && $ntOpt['riComments']=='1' && is_array($pMeta) && isset($pMeta[$ii]) && is_array($pMeta[$ii]) && !empty($pMeta[$ii]['pgID'])) {  ?>
-        <input style="margin: 6px;" onclick="return false;" type="button" data-ii="<?php echo $ii; ?>" data-pid="<?php echo $post->ID; ?>" data-nt="<?php echo $this->ntInfo['lcode']; ?>" class="button riTo_button" value="<?php _e('Import Comments/Replies', 'nxs_snap') ?>" />
+        <input style="margin: 6px;" onclick="return false;" type="button" data-ii="<?php echo esc_attr($ii); ?>" data-pid="<?php echo $post->ID; ?>" data-nt="<?php echo $this->ntInfo['lcode']; ?>" class="button riTo_button" value="<?php _e('Import Comments/Replies', 'nxs_snap') ?>" />
         <?php 
       }} 

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_oauth.php

@@ -19 +19 @@
     }
     public function sign($request, $consumer_secret, $token) {
-      $key_raw = $this->signing_base($request, $consumer_secret, $token);// prr($key_raw);
-      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true)); //echo $basestring;
+      $key_raw = $this->signing_base($request, $consumer_secret, $token);
+      $basestring = base64_encode (hash_hmac('sha1', $key_raw[1], $key_raw[0], true));
       return rawurlencode($basestring);
     }
@@ -137 +137 @@
       $cbu = nxssc_SigMethod_HMAC_SHA1::urlencode_rfc3986($cbu);  
       $url = $this->baseURL.$this->request_token_path.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_version='.$args['oauth_version'].'&oauth_callback='.$cbu.'&oauth_signature='.$args['oauth_signature'];      
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = '';   
       $response = wp_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if ( is_wp_error($response) ) return print_r($response, true);
       $this->http_code = $response['response']['code']; //  prr($response);
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     function getAccToken($verifier){
@@ -159 +159 @@
       $args['oauth_signature'] = $this->sign_method->sign2($req, $this->consumer_secret, $this->access_secret); 
       $url = $this->baseURL.$this->access_token_path.'?oauth_nonce='.$args['oauth_nonce'].'&oauth_timestamp='.$args['oauth_timestamp'].'&oauth_token_secret='.$this->access_secret.'&oauth_signature_method='.$args['oauth_signature_method'].'&oauth_consumer_key='.$this->consumer_key.'&oauth_verifier='.$verifier.'&oauth_version='.$args['oauth_version'].'&oauth_token='.$this->access_token.'&oauth_signature='.$args['oauth_signature'];
-      echo "<br/>REQ Token URL: ".$url."<br/>";
+      echo "<br/>REQ Token URL: ".esc_url($url)."<br/>";
       $hdrsArr = $this->makeHTTPHeaders($url); $ckArr = '';   
       $response = wp_remote_get($url, array( 'method' => 'GET', 'timeout' => 45, 'redirection' => 0,  'headers' => $hdrsArr, 'cookies' => $ckArr));  
       if ( is_wp_error($response) ) return $response;
       $this->http_code = $response['response']['code']; 
-      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.$response['body']; else return $this->oAuthRespToArr($response['body']);        
+      if (stripos($response['body'],'oauth_token_secret=')===false) echo 'Bad oAuth Login:'.esc_html($response['body']); else return $this->oAuthRespToArr($response['body']);
     }
     function makeReq($url, $params='', $type='GET'){
@@ -203 +203 @@
         $parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $string, $this->consumer_secret.'&'.$this->access_secret, true));
     }
-    private function httpRequest($url, $parameters) { $curl = curl_init();
-        curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($curl, CURLOPT_TIMEOUT, '25'); curl_setopt($curl, CURLOPT_URL, $url);
-        curl_setopt($curl, CURLOPT_POST, TRUE); curl_setopt($curl, CURLOPT_POSTFIELDS, $parameters);        
-        $response = curl_exec($curl); $headers = curl_getinfo($curl); $errmsg = curl_error($curl);  curl_close($curl);
-        if (!empty($errmsg)) return $errmsg; else  return $response;
-    }
-    
+
     public function flUploadPhoto ($imgFile, $parameters) { $url = 'https://www.flickr.com/services/upload/'; $requestParams = ($parameters == NULL ? array() : $parameters);    $phid = '';    
         $oauthParams = array (            
@@ -222 +216 @@
         
         $req = array();  $req['method'] = 'POST'; $req['normalized_url'] = $url; $req['normalized_parameters'] = $this->get_normalized_parameters($requestParams);
-        $args['oauth_signature'] = $this->sign_method->sign2($req, $this->consumer_secret, $this->access_secret);       
-                      
-        $xml = $this->httpRequest($url, $requestParams); if (stripos($xml, '</photoid>')!==false && stripos($xml, 'stat="ok"')!==false) $phid = CutFromTo($xml, '<photoid>','</photoid>');
+        $args['oauth_signature'] = $this->sign_method->sign2($req, $this->consumer_secret, $this->access_secret);
+        $rq = new nxsHttp;  $args = nxs_mkRmReqArgs(); $rq->postData = $requestParams;  $xml = $rq->request($url, $args);
+        if (stripos($xml, '</photoid>')!==false && stripos($xml, 'stat="ok"')!==false) $phid = CutFromTo($xml, '<photoid>','</photoid>');
         return empty($phid) ? "Problem: ".$xml."<pre>".print_r($requestParams, true)."</pre>" : $phid;
     }

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_snap.php

@@ -95 +95 @@
         nxs_cURLTest("https://api.ipify.org/", "HTTPS to whatismyip", 'getMyIP');
         nxs_cURLTest("https://www.nextscripts.com/", "HTTPS to NXS", "Social Networks");
-        nxs_cURLTest("http://35.184.36.171/", "HTTPS to NXSA", "NextScripts Cloud");
-        nxs_cURLTest("https://about.google/intl/en/contact-google/", "HTTP to Google", "Mountain View, CA");
-        nxs_cURLTest("https://about.google/intl/en/contact-google/", "HTTPS to Google", "Mountain View, CA");
+        nxs_cURLTest("http://45.79.4.45/", "HTTPS to NXSA", "NXS");
+        nxs_cURLTest("https://www.google.com/appsstatus/dashboard/", "HTTPS to Google", "Status Dashboard");
         nxs_cURLTest("https://www.facebook.com/", "HTTPS to Facebook", 'id="facebook"');
         nxs_cURLTest("https://graph.facebook.com/", "HTTPS to API (Graph) Facebook", 'get');
@@ -103 +102 @@
         nxs_cURLTest("https://twitter.com/", "HTTPS to Twitter", '<link rel="canonical" href="https://twitter.com');
         nxs_cURLTest("https://www.pinterest.com/", "HTTPS to Pinterest", 'content="Pinterest"');
-        nxs_cURLTest("https://www.livejournal.com/login.bml", "HTTPS to LiveJournal", 'livejournal.com/about');
+        nxs_cURLTest("https://www.livejournal.com/about/", "HTTPS to LiveJournal", 'livejournal.com/about');
         die('Done');
     }
@@ -525 +524 @@
                     </div>
             </div></div> */ ?>
+            <?php if (!empty($options['riActive']) && $options['riActive'] == '1') {  ?>
+
+
             <!-- ##################### Auto-Import comments from Social Networks #####################-->
             <div class="nxs_box"> <div class="nxs_box_header"><h3><?php _e('Auto-Import comments from Social Networks', 'social-networks-auto-poster-facebook-twitter-g') ?><span class="nxs_newLabel">[<?php _e('New', 'social-networks-auto-poster-facebook-twitter-g') ?>]</span></h3></div>
@@ -559 +561 @@
               
            </div></div>
-           
+            <?php  } ?>
      <!-- ##################### URL Parameters #####################-->   
             <div class="nxs_box"> <div class="nxs_box_header"><h3><?php _e('URL Parameters', 'social-networks-auto-poster-facebook-twitter-g') ?> <span class="nxs_newLabel">[<?php _e('New', 'social-networks-auto-poster-facebook-twitter-g') ?>]</span></h3></div>            
@@ -1341 +1343 @@
     }
     function process_bulk_action() {
-        if( 'delete'===$this->current_action() ) { $items = $_REQUEST['nxs_filter']; $jj = 0;  //prr($_REQUEST);                   
-           foreach ($items as $item ) { wp_delete_post( $item, true ); $jj++; }   
+        if( 'delete'===$this->current_action() ) { $items = is_array($_REQUEST['nxs_filter'])?$_REQUEST['nxs_filter']:[]; $jj = 0;  //prr($_REQUEST);
+           foreach ($items as $item ) { $item = sanitize_key($item); wp_delete_post( $item, true ); $jj++; }
             wp_die($jj.' Items deleted.');
         }
-        if( 'activate'===$this->current_action() ) { $items = $_REQUEST['nxs_filter']; $jj = 0;  //prr($_REQUEST);                   
-           foreach ($items as $item ) { $o = maybe_unserialize(get_post_meta( $item, 'nxs_rpstr', true ));  $o['rpstOn']='1'; nxs_Filters::save_meta( $item, 'nxs_rpstr', $o ); $jj++; }        
+        if( 'activate'===$this->current_action() ) { $items = is_array($_REQUEST['nxs_filter'])?$_REQUEST['nxs_filter']:[]; $jj = 0;  //prr($_REQUEST);
+           foreach ($items as $item ) { $item = sanitize_key($item); $o = maybe_unserialize(get_post_meta( $item, 'nxs_rpstr', true ));  $o['rpstOn']='1'; nxs_Filters::save_meta( $item, 'nxs_rpstr', $o ); $jj++; }
            wp_die($jj.' Items activated.');
         }
-        if( 'deactivate'===$this->current_action() ) { $items = $_REQUEST['nxs_filter']; $jj = 0;  //prr($_REQUEST);                   
-           foreach ($items as $item ) { $o = maybe_unserialize(get_post_meta( $item, 'nxs_rpstr', true ));  $o['rpstOn']='0'; nxs_Filters::save_meta( $item, 'nxs_rpstr', $o ); $jj++; }        
+        if( 'deactivate'===$this->current_action() ) { $items = is_array($_REQUEST['nxs_filter'])?$_REQUEST['nxs_filter']:[]; $jj = 0;  //prr($_REQUEST);
+           foreach ($items as $item ) { $item = sanitize_key($item); $o = maybe_unserialize(get_post_meta( $item, 'nxs_rpstr', true ));  $o['rpstOn']='0'; nxs_Filters::save_meta( $item, 'nxs_rpstr', $o ); $jj++; }
            wp_die($jj.' Items deactivated.');
         }
@@ -1368 +1370 @@
 
         function usort_reorder($a,$b){
-            $orderby = (!empty($_REQUEST['orderby'])) ? $_REQUEST['orderby'] : 'title'; //If no sort, default to title
-            $order = (!empty($_REQUEST['order'])) ? $_REQUEST['order'] : 'asc'; //If no order, default to asc
+            $orderby = (!empty($_REQUEST['orderby'])) ? sanitize_key($_REQUEST['orderby']) : 'title'; //If no sort, default to title
+            $order = (!empty($_REQUEST['order'])) ? sanitize_key($_REQUEST['order']) : 'asc'; //If no order, default to asc
             //$result = strcmp($a[$orderby], $b[$orderby]); //Determine sort order
             $result = strcmp($a->$orderby, $b->$orderby); //Determine sort order
@@ -1472 +1474 @@
     function process_bulk_action() {
         if( 'delete'===$this->current_action() ) {               
-            foreach ($_REQUEST['nxs_qpost'] as $qp) { wp_delete_post($qp, true); }     $url = nxs_get_admin_url().'admin.php?page=nxssnap-post';    echo '<script type="text/javascript">parent.location.replace(\''.$url.'\');</script>'; die();
+            if (is_array($_REQUEST['nxs_qpost'])) foreach ($_REQUEST['nxs_qpost'] as $qp) { $qp = sanitize_key($qp);  wp_delete_post($qp, true); }     $url = nxs_get_admin_url().'admin.php?page=nxssnap-post';    echo '<script type="text/javascript">parent.location.replace(\''.$url.'\');</script>'; die();
                 
         }
@@ -1489 +1491 @@
 
         function usort_reorder($a,$b){
-            $orderby = (!empty($_REQUEST['orderby'])) ? $_REQUEST['orderby'] : 'post_date'; //If no sort, default to title
-            $order = (!empty($_REQUEST['order'])) ? $_REQUEST['order'] : 'desc'; //prr($order); //If no order, default to asc
+            $orderby = (!empty($_REQUEST['orderby'])) ? sanitize_key($_REQUEST['orderby']) : 'post_date'; //If no sort, default to title
+            $order = (!empty($_REQUEST['order'])) ? sanitize_key($_REQUEST['order']) : 'desc'; //prr($order); //If no order, default to asc
             if (is_array($a)) $result = strcmp($a[$orderby], $b[$orderby]); else $result = strcmp($a->$orderby, $b->$orderby); //prr($a);//Determine sort order
             return ($order==='asc') ? $result : -$result; //Send final sort direction to usort
@@ -1504 +1506 @@
             'per_page'    => $per_page,                     //WE have to determine how many items to show on a page
             'total_pages' => ceil($total_items/$per_page),   //WE have to calculate the total number of pages
-            'orderby'    => ! empty( $_REQUEST['orderby'] ) && '' != $_REQUEST['orderby'] ? $_REQUEST['orderby'] : 'post_title',
-            'order'        => ! empty( $_REQUEST['order'] ) && '' != $_REQUEST['order'] ? $_REQUEST['order'] : 'desc'
+            'orderby'    => ! empty( $_REQUEST['orderby'] ) && '' != $_REQUEST['orderby'] ? sanitize_key($_REQUEST['orderby']) : 'post_title',
+            'order'        => ! empty( $_REQUEST['order'] ) && '' != $_REQUEST['order'] ? sanitize_key($_REQUEST['order']) : 'desc'
         ) );
     }

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_functions.php

@@ -171 +171 @@
   $out = 'There is a problem with cURL. You need to contact your server admin or hosting provider. Here is the PHP code to reproduce the problem:<br/><pre style="color:#005800">&lt;?php '."\r\n".' $ch = curl_init(); '."\r\n".' curl_setopt($ch, CURLOPT_URL, "'.$url.'"); '."\r\n".' curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36"); '."\r\n".' curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); '."\r\n".' curl_setopt($ch, CURLOPT_TIMEOUT, 10); '."\r\n".' curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); '."\r\n".' $response = curl_exec($ch); '."\r\n".' $errmsg = curl_error($ch); '."\r\n".' $cInfo = curl_getinfo($ch); '."\r\n".' curl_close($ch); '."\r\n".' print_r($errmsg); '."\r\n".' print_r($cInfo); '."\r\n".' print_r($response); '."\r\n".'?&gt;</pre>'; return $out; 
 }
-function nxs_cURLTest($url, $msg, $testText){ if ($testText=='getMyIP') echo 'Getting IP... <br/>'; else echo "<br/>--== Test Requested ... ".$url."<br/>";  $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url);
-    curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36");
-    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_HEADER, true);
-    $response = curl_exec($ch); $errmsg = curl_error($ch); $cInfo = curl_getinfo($ch); curl_close($ch);
-    if ($testText=='getMyIP')  echo "Your Server IP:".$response.'<br/>';  else { echo "Testing ... ".$url." - ".$cInfo['url']."<br/>";
-        if (stripos($response, $testText)!==false) echo "....".$msg." - OK<br/>"; else { echo "....<b style='color:red;'>".$msg." - Problem</b><br/>"; prr($response); prr($errmsg); prr($cInfo); echo nxs_cURLTestCode($url);  }
+function nxs_cURLTest($url, $msg, $testText){ if ($testText=='getMyIP') echo 'Getting IP... <br/>'; else echo "<br/>--== Test Requested ... ".esc_url($url)."<br/>";
+    $rq = new nxsHttp;  $ret = $rq->request($url, nxs_mkRmReqArgs()); $response = is_array($ret)?$ret['body']:'';
+    if ($testText=='getMyIP')  echo "Your Server IP:".wp_kses($response, wp_kses_allowed_html( 'post' )).'<br/>';  else { echo "Testing ... ".esc_url($url)." - <br/>";
+        if (stripos($response, $testText)!==false) echo "....".wp_kses($msg, wp_kses_allowed_html( 'post' ))." - OK<br/>"; else { echo "....<b style='color:red;'>".$msg." - Problem</b><br/>"; prr($ret); echo nxs_cURLTestCode(esc_url($url));  }
     }
 }

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_functions_adv.php

@@ -3 +3 @@
   global $nxs_SNAP; if (!isset($nxs_SNAP)) return; $networks = (!current_user_can( 'manage_options' ) && current_user_can( 'haveown_snap_accss' ) ) ? $nxs_SNAP->nxs_acctsU : $nxs_SNAP->nxs_accts; $options =  $nxs_SNAP->nxs_options; 
    
-  if ($_POST['nxsact']=='getNTset') { $ii = $_POST['ii']; $nt = $_POST['nt']; $ntl = strtolower($nt); $pbo = $networks[$ntl][$ii];  $pbo['ntInfo']['lcode'] = $ntl; $clName = 'nxs_snapClass'.$nt; $ntObj = new $clName(); 
+  if ($_POST['nxsact']=='getNTset') { $ii = sanitize_key($_POST['ii']); $nt = $_POST['nt']; $ntl = strtolower($nt); $pbo = $networks[$ntl][$ii];  $pbo['ntInfo']['lcode'] = $ntl; $clName = 'nxs_snapClass'.$nt; $ntObj = new $clName();
      $ntObj->showNTSettings($ii, $pbo);  
   }
@@ -26 +26 @@
   if ($_POST['nxsact']=='setAllXS' && !empty($_POST['nid']) && !empty($_POST['uid'])) { $acnt = 0; $nid = explode('-',$_POST['nid']); $val = $networks[$nid[0]][$nid[2]][$nid[1]]; $uid = $networks[$nid[0]][$nid[2]][$_POST['uid']];      
       foreach ($networks[$nid[0]] as $ii=>$nta) if (!empty($nta[$_POST['uid']]) && $nta[$_POST['uid']]==$uid) { $networks[$nid[0]][$ii][$nid[1]] = $val; $acnt++; }
-      if (is_array($networks)) { nxs_save_ntwrksOpts($networks);  $nxs_SNAP->nxs_accts = $networks;  echo "Done. ".$acnt.' accounts has been updated.'; }
+      if (is_array($networks)) { nxs_save_ntwrksOpts($networks);  $nxs_SNAP->nxs_accts = $networks;  echo "Done. ".wp_kses($acnt, wp_kses_allowed_html( 'post' )).' accounts has been updated.'; }
   }
   
@@ -52 +52 @@
       echo "OK";
   }
-  if ($_POST['nxsact']=='cancQ') { $cid = $_POST['cid']; global $wpdb; $wpdb->delete( $wpdb->prefix . "nxs_query" , array( 'id' => $cid ) ); echo "== OK-".$cid; }
+  if ($_POST['nxsact']=='cancQ') { $cid = sanitize_key($_POST['cid']); global $wpdb; $wpdb->delete( $wpdb->prefix . "nxs_query" , array( 'id' => $cid ) ); echo "== OK-".esc_attr($cid); }
   
   
@@ -65 +65 @@
     echo "OK"; die();
   }
-  if ($_POST['nxsact']=='saveRpst'){ if (!empty($_POST['pid'])) { $pid = $_POST['pid'];  }
+  if ($_POST['nxsact']=='saveRpst'){ if (!empty($_POST['pid'])) { $pid = sanitize_key($_POST['pid']);  }
       $post = array(
         // 'ID'             => [ <post id> ] // Are you updating an existing post?
@@ -156 +156 @@
 if (!function_exists("nxs_arrMergeCheck")) { function nxs_arrMergeCheck($a1, $a2){ foreach ($a2 as $ak=>$a) if (!in_array($ak, array_keys($a1))) $a1[$ak] = $a; return $a1; }}
 if (!function_exists("nxs_contCron_js")){ function nxs_contCron_js() { 
-    $contCron = get_option('nxs_contCron'); $output='<script type="text/javascript">jQuery.get( "'.home_url('?nxs-cronrun='.$contCron).'");</script>'; echo $output;
+    $contCron = get_option('nxs_contCron'); $output='<script type="text/javascript">jQuery.get( "'.home_url('?nxs-cronrun='.$contCron).'");</script>'; echo wp_kses($output, wp_kses_allowed_html( 'post' ));
 }}
 //## Format Message (WP)
@@ -291 +291 @@
 //## No Lib Warning
 if (!function_exists("nxs_show_noLibWrn")) { function nxs_show_noLibWrn($msg){ ?> <div style="border: 2px solid darkred; padding: 25px 15px 15px 15px; margin: 3px; background-color: #fffaf0;"> 
-            <span style="font-size: 16px; color:darkred;"><?php echo $msg ?></span>&nbsp;<a href="https://www.nextscripts.com/faq/third-party-libraries-autopost-google-pinterest/" target="_blank">More info about third party API libraries.</a><br/><hr/> <div style="font-size: 16px; color:#005800; font-weight: bold; margin-top: 12px; margin-bottom: 7px;">You can get this API library from NextScripts.</div>
+            <span style="font-size: 16px; color:darkred;"><?php echo wp_kses($msg, wp_kses_allowed_html( 'post' )); ?></span>&nbsp;<a href="https://www.nextscripts.com/faq/third-party-libraries-autopost-google-pinterest/" target="_blank">More info about third party API libraries.</a><br/><hr/> <div style="font-size: 16px; color:#005800; font-weight: bold; margin-top: 12px; margin-bottom: 7px;">You can get this API library from NextScripts.</div>
             <div style="padding-bottom: 5px;"><a href="https://www.nextscripts.com/snap-api/">SNAP Premium API libraries package</a> adds autoposting to:</div> <span class="nxs_txtIcon nxs_ti_fb">Facebook</span>,&nbsp;&nbsp;<span class="nxs_txtIcon nxs_ti_gp">Google+</span>, <span class="nxs_txtIcon nxs_ti_pn">Pinterest</span>, <span class="nxs_txtIcon nxs_ti_rd">Reddit</span>, <span class="nxs_txtIcon nxs_ti_bg">Blogger</span>,&nbsp;&nbsp;<span class="nxs_txtIcon nxs_ti_yt">YouTube</span>,&nbsp;&nbsp;<span class="nxs_txtIcon nxs_ti_fp">Flipboard</span>, <span class="nxs_txtIcon nxs_ti_li">LinkedIn Groups</span><br><br>          
             <div style="padding-bottom: 10px; padding-top: 7px;" align="center">            
@@ -305 +305 @@
   $mUsage = function_exists('memory_get_usage') ? round(memory_get_usage() / 1024 / 1024, 2) : 0; $mUsage = empty($mUsage) ? __('N/A') : $mUsage . __(' MByte'); ?>
     <div><strong><?php _e('PHP Version'); ?></strong>: <span><?php echo PHP_VERSION; ?>;&nbsp;</span>
-      <strong><?php _e('PHP Memory limit'); ?></strong>: <span><?php echo $mLimit; ?>; &nbsp;</span><br/>
-      <strong><?php _e('Memory usage'); ?></strong>: <span><?php echo $mUsage; ?>; &nbsp;</span> <strong><?php _e('Peak memory usage'); ?></strong>: <span><?php echo $mUsageP; ?>; &nbsp;</span>      
+      <strong><?php _e('PHP Memory limit'); ?></strong>: <span><?php echo wp_kses($mLimit, wp_kses_allowed_html( 'post' )); ?>; &nbsp;</span><br/>
+      <strong><?php _e('Memory usage'); ?></strong>: <span><?php echo wp_kses($mUsage, wp_kses_allowed_html( 'post' )); ?>; &nbsp;</span> <strong><?php _e('Peak memory usage'); ?></strong>: <span><?php echo $mUsageP; ?>; &nbsp;</span>
     </div> <?php
 }}
-//## Check SSL Sec
-if (!function_exists("nxsCheckSSLCurl")){function nxsCheckSSLCurl($url){
-  $ch = curl_init($url); $headers = array(); $headers[] = 'Accept: text/html, application/xhtml+xml, */*'; $headers[] = 'Cache-Control: no-cache';
-  $headers[] = 'Connection: Keep-Alive'; $headers[] = 'Accept-Language: en-us';  curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
-  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"); 
-  $content = curl_exec($ch); $err = curl_errno($ch); $errmsg = curl_error($ch); if ($err!=0) return array('errNo'=>$err, 'errMsg'=>$errmsg); else return false;
-}}
+
 if (!function_exists("nxs_cron_check")){function nxs_cron_check() { if (stripos($_SERVER["REQUEST_URI"], 'wp-cron.php')!==false) {  
   $cronCheckArray = get_option('NXS_cronCheck'); if (empty($cronCheckArray)) $cronCheckArray = array('cronCheckStartTime'=>time(), 'cronChecks'=>array());    
@@ -327 +321 @@
 //## New RePoster popup
 if (!function_exists('nxs_rpstPopupCode')) { function nxs_rpstPopupCode() {
-  if (!empty($_POST['nxs_snap_reposter_update'])) nxs_Filters::save_filter($_GET['item']); nxs_Filters::showEdit('nxs-flt-popup'); ?>
+  if (!empty($_POST['nxs_snap_reposter_update'])) nxs_Filters::save_filter(sanitize_key($_GET['item'])); nxs_Filters::showEdit('nxs-flt-popup'); ?>
   <form method="post" id="nxs_form_rep"> <input name="action" value="nxs_snap_aj" type="hidden" /><input name="nxsact" value="saveRpst" type="hidden" />
     <div class="wrap"><div id="nxsDivWrap"><h2><?php _e('Add New Reposter Action'); ?></h2>

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_functions_engine.php

@@ -118 +118 @@
     $tm = microtime(); $tma = explode(' ',$tm); $tm = number_format((float)$tma[0]+(float)$tma[1], 8, '.', ''); $currTime = $tm+$tmCorr;  $tmL = get_option('nxs_last_nxs_cron'); update_option('nxs_last_nxs_cron', $tm, false); $tmL2=$tmL+19; $tmL3=$tmL+600;
     //## Log Cron Request
-    if (isset($_GET['nxs-cronrun'])) { $_GET['nxs-cronrun'] = sanitize_text_field($_GET['nxs-cronrun']); $contCron = get_option('nxs_contCron'); if ($isDebug) echo $_GET['nxs-cronrun'],'('.$contCron.')'; //## Manual/Forced cron request.
+    if (isset($_GET['nxs-cronrun'])) { $_GET['nxs-cronrun'] = sanitize_text_field($_GET['nxs-cronrun']); $contCron = get_option('nxs_contCron'); if ($isDebug) echo wp_kses($_GET['nxs-cronrun'],'('.$contCron.')', wp_kses_allowed_html( 'post' )); //## Manual/Forced cron request.
         nxs_addToLogN('L','NXS Cron Request (Forced)','',number_format(($tm-$tmL), 2,'.','').'s after the previous one. ', 'CNT: '.$_GET['nxs-cronrun'].'('.$contCron.')');
     } else { //## Cron request from WP itself
@@ -132 +132 @@
     }
     //nxs_addToLogN('L', 'Cron Run', '', 'Cron IN - '.$tm.' | Last - '.$tmL);     
-    global $wpdb, $doing_wp_cron; //echo "SELECT * FROM ". $wpdb->prefix . "nxs_query WHERE timetorun<'".date_i18n('Y-m-d H:i:s')."' ORDER BY timetorun DESC";
+    global $wpdb, $doing_wp_cron;
     if ($isDebug) echo "==-- CRON --==";
 
@@ -165 +165 @@
                     //##
                     if ($rpstrOpts['rpstNxTime']>$currTime) {
-                        if ($isDebug) echo "Post ID: ".$row['postid']." - No TIme Yet:".$rpstrOpts['rpstNxTime']." > ".$currTime." | ". date_i18n('Y-m-d H:i:s',$rpstrOpts['rpstNxTime']). ' > '. date_i18n('Y-m-d H:i:s',$currTime)."<br/>";
+                        if ($isDebug) echo wp_kses("Post ID: ".$row['postid']." - No TIme Yet:".$rpstrOpts['rpstNxTime']." > ".$currTime." | ". date_i18n('Y-m-d H:i:s',$rpstrOpts['rpstNxTime']). ' > '. date_i18n('Y-m-d H:i:s',$currTime)."<br/>", wp_kses_allowed_html( 'post' ), wp_kses_allowed_html( 'post' ));
                         nxs_recountQueryTimes();  break;
                     }
                     //## Time to Post
-                    nxs_LogIt('I', 'Reposter [Time to Post]', 'RPSTR','', 'Reposter ID:'.$row['postid'].' ', '-=[ '.print_r($rpstrOpts, true).' ]=--=[ '.print_r($fltrOpts, true).' ]=-'); if ($isDebug) echo 'Reposter [Time to Post] '. 'Reposter ID:'.$row['postid'].' ';
+                    nxs_LogIt('I', 'Reposter [Time to Post]', 'RPSTR','', 'Reposter ID:'.$row['postid'].' ', '-=[ '.print_r($rpstrOpts, true).' ]=--=[ '.print_r($fltrOpts, true).' ]=-'); if ($isDebug) echo wp_kses('Reposter [Time to Post] '. 'Reposter ID:'.$row['postid'].' ');
 
                     if (!empty($fltrOpts)) { $fltrOpts['posts_per_page'] = '1';
@@ -176 +176 @@
                             //## Check Days
                             if (isset($rpstrOpts['rpstBtwDays']) && count($rpstrOpts['rpstBtwDays'])>0 ) $rpstBtwDays = $rpstrOpts['rpstBtwDays']; else $rpstBtwDays = array();
-                            if (is_array($rpstBtwDays) && count($rpstBtwDays)>0) { $currDay = (int)date('w'); if ($currDay==0) $currDay = 7; if (!(in_array($currDay, $rpstBtwDays))) { // echo "D :( ";
+                            if (is_array($rpstBtwDays) && count($rpstBtwDays)>0) { $currDay = (int)date('w'); if ($currDay==0) $currDay = 7; if (!(in_array($currDay, $rpstBtwDays))) {
                                 nxs_LogIt('I', 'Reposter: Skipped - Excluded Day - '.date_i18n('D'), 'Reposter ID:'.$row['postid'].' (Post ID: '.$ids[0].')', '', '-=[ - ]=-', print_r($rpstrOpts, true)); break;
                             }}
@@ -182 +182 @@
                             if (isset($rpstrOpts['rpstBtwHrsF']) && (int)$rpstrOpts['rpstBtwHrsF']>0) $rpstBtwHrsF = (int)$rpstrOpts['rpstBtwHrsF']; else $rpstBtwHrsF = 0;
                             if (isset($rpstrOpts['rpstBtwHrsT']) && (int)$rpstrOpts['rpstBtwHrsT']>0) $rpstBtwHrsT = (int)$rpstrOpts['rpstBtwHrsT'];
-                            if ($rpstBtwHrsT>0) { $currHour = (int)date_i18n('H', $currTime);  //echo "H ".$currHour." ?";
-                                if ( !( ($rpstBtwHrsF<$rpstBtwHrsT && $currHour<$rpstBtwHrsT && $currHour>=$rpstBtwHrsF) || ($rpstBtwHrsF>$rpstBtwHrsT && $currHour<$rpstBtwHrsF && $currHour>=$rpstBtwHrsT) )) {  //echo "H :( ";
+                            if ($rpstBtwHrsT>0) { $currHour = (int)date_i18n('H', $currTime);
+                                if ( !( ($rpstBtwHrsF<$rpstBtwHrsT && $currHour<$rpstBtwHrsT && $currHour>=$rpstBtwHrsF) || ($rpstBtwHrsF>$rpstBtwHrsT && $currHour<$rpstBtwHrsF && $currHour>=$rpstBtwHrsT) )) {
                                     nxs_LogIt('I', 'Reposter: Skipped - Excluded Hour - '.$currHour, 'Reposter ID:'.$row['postid'].' (Post ID: '.$ids[0].')', '', '-=[ - ]=-', print_r($rpstrOpts, true)); break;
                                 }}

social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_functions_wp.php

@@ -113 +113 @@
 
 if (!function_exists('nxs_adminCSS')){ function nxs_adminCSS(){ ?>
-  <style type="text/css"> .nxs_modal { display: none; position: absolute; z-index: 1000; top: 0; left: 0; height: 100%; width: 100%; background: rgba( 240, 240, 240, .5 ) url('<?php echo NXS_PLURL.'img/ajax-loader-med.gif';?>') 50% 50% no-repeat;} 
+  <style type="text/css"> .nxs_modal { display: none; position: absolute; z-index: 1000; top: 0; left: 0; height: 100%; width: 100%; background: rgba( 240, 240, 240, .5 ) url('<?php echo esc_url(NXS_PLURL.'img/ajax-loader-med.gif');?>') 50% 50% no-repeat;}
   
   .nxsEdWrapper:before {
@@ -179 +179 @@
             var data = {  action:'nxs_snap_aj', nxsact: 'manPost', nt:nt, id: pid, nid: ii, et_load_builder_modules:1, _wpnonce: '<?php echo wp_create_nonce('nxsSsPageWPN');  ?>'};
             jQuery('#nxsFavNoticeCnt').html('<p> Posting... </p>'); jQuery('#nxsFavNotice').modal({ fadeDuration: 50 });
-            jQuery.post('<?php echo admin_url( 'admin-ajax.php' ); ?>', data, function(response) { if (response=='') response = 'Message Posted';
+            jQuery.post('<?php echo esc_url(admin_url( 'admin-ajax.php' )); ?>', data, function(response) { if (response=='') response = 'Message Posted';
                 jQuery('#nxsFavNoticeCnt').html('<p> ' + response + '</p>' +'<input type="button"  onclick="jQuery.modal.close();" class="bClose" value="Close" />');
             });
@@ -201 +201 @@
   function doLic(){ var lk = jQuery('#eLic').val(); jQuery("#enterKeyAPI2xLoadingImg").show();
     jQuery.post(ajaxurl,{lk:lk, action: 'nxsDoLic', id: 0, _wpnonce: jQuery('input#doLic_wpnonce').val()}, function(j){ 
-      if (j.indexOf('OK')>-1) window.location = "<?php echo $snap_curPageURL; ?>"; else alert('<?php _e('Wrong key, please contact support', 'social-networks-auto-poster-facebook-twitter-g'); ?>');
+      if (j.indexOf('OK')>-1) window.location = "<?php echo esc_url($snap_curPageURL); ?>"; else alert('<?php _e('Wrong key, please contact support', 'social-networks-auto-poster-facebook-twitter-g'); ?>');
     }, "html")
   }
   function nxs_doAJXPopup(act, nt, nid, msg, addprms, butText){  var data = {  action:'nxs_snap_aj', nxsact: act, nt:nt, id: 0, nid: nid, _wpnonce: jQuery('input#nxsSsPageWPN_wpnonce').val()};
-     jQuery('#nxs_gPopupContent').html(msg+" <p><img src='<?php echo NXS_PLURL; ?>img/ajax-loader-med.gif' /></p>");
+     jQuery('#nxs_gPopupContent').html(msg+" <p><img src='<?php echo esc_url(NXS_PLURL); ?>img/ajax-loader-med.gif' /></p>");
      //jQuery('#nxs_gPopup').bPopup({ modalClose: false, appendTo: '#wpbody-content', opacity: 0.6, positionStyle: 'fixed'});  
      jQuery.pgwModal({ target: '#nxs_gPopupCntWrap', title: 'Box', maxWidth: 800, closeOnBackgroundClick : false});
@@ -216 +216 @@
   //## Test post and Manual post.
   function testPost(nt, nid){  var data = {  action:'nxs_snap_aj', nxsact: 'testPost', nt:nt, id: 0, nid: nid, _wpnonce: jQuery('input#nxsSsPageWPN_wpnonce').val()};
-     jQuery('#nxs_gPopupContent').html("<p>Sending update to "+nt+" ....</p>" + "<p><img src='<?php echo NXS_PLURL; ?>img/ajax-loader-med.gif' /></p>");
+     jQuery('#nxs_gPopupContent').html("<p>Sending update to "+nt+" ....</p>" + "<p><img src='<?php echo esc_url(NXS_PLURL); ?>img/ajax-loader-med.gif' /></p>");
      //jQuery('#nxs_gPopup').bPopup({ modalClose: false, appendTo: '#nsStForm', opacity: 0.6, positionStyle: 'fixed'});  
      jQuery.pgwModal({ target: '#nxs_gPopupCntWrap', title: 'Test Post', maxWidth: 800, closeOnBackgroundClick : false});
@@ -227 +227 @@
   function nxs_doManPost(obj){ obj.preventDefault; var nt = jQuery( this ).data('nt'); var ii = jQuery( this ).data('ii');  var pid = jQuery( this ).data('pid'); var ntn = jQuery( this ).data('ntname');
      var data = {  action:'nxs_snap_aj', nxsact: 'manPost', nt:nt, id: pid, nid: ii, et_load_builder_modules:1, _wpnonce: jQuery('input#nxsSsPageWPN_wpnonce').val()};
-     jQuery('#nxs_gPopupContent').html("<p>Sending update to "+ntn+" ....</p>" + "<p><img src='<?php echo NXS_PLURL; ?>img/ajax-loader-med.gif' /></p>");
+     jQuery('#nxs_gPopupContent').html("<p>Sending update to "+ntn+" ....</p>" + "<p><img src='<?php echo esc_url(NXS_PLURL); ?>img/ajax-loader-med.gif' /></p>");
      jQuery.pgwModal({ target: '#nxs_gPopupCntWrap', title: 'Post', maxWidth: 800, closeOnBackgroundClick : true});        
      jQuery.post(ajaxurl, data, function(response) { if (response=='') response = 'Message Posted'; 
@@ -467 +467 @@
 //## Common Dialogs
 if (!function_exists('nxs_showImgToUseDlg')){ function nxs_showImgToUseDlg($nt, $ii, $imgToUse, $hide=false){ ?>
-   <div class="nxsPostEd_ElemWrap" id="altFormatIMG<?php echo $nt.$ii; ?>" style="<?php echo $hide?'display:none;':''; ?>"><div class="nxsPostEd_ElemLabel" style="display: inline;"><?php _e('Image to use:', 'social-networks-auto-poster-facebook-twitter-g') ?></div>
-     <div class="nxsPostEd_Elem" style="display: inline;"><input type="checkbox" class="isAutoImg" <?php if ($imgToUse=='') { ?>checked="checked"<?php } ?>  id="isAutoImg-<?php echo $nt; ?><?php echo $ii; ?>" name="<?php echo $nt; ?>[<?php echo $ii; ?>][isAutoImg]" value="A"/> <?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?>
-                  <?php if ($imgToUse!='') { ?> <a onclick="nxs_clPrvImgShow('<?php echo $nt; ?><?php echo $ii; ?>');return false;" href="#"><?php _e('Show all', 'social-networks-auto-poster-facebook-twitter-g'); ?></a><br/>  
-                    <div class="nxs_prevImagesDiv" id="nxs_<?php echo $nt; ?><?php echo $ii; ?>_idivD"><img class="nxs_prevImages" src="<?php echo $imgToUse; ?>"><div style="display:block;" class="nxs_checkIcon"><div class="media-modal-icon"></div></div></div>
+   <div class="nxsPostEd_ElemWrap" id="altFormatIMG<?php echo esc_attr($nt.$ii); ?>" style="<?php echo $hide?'display:none;':''; ?>"><div class="nxsPostEd_ElemLabel" style="display: inline;"><?php _e('Image to use:', 'social-networks-auto-poster-facebook-twitter-g') ?></div>
+     <div class="nxsPostEd_Elem" style="display: inline;"><input type="checkbox" class="isAutoImg" <?php if ($imgToUse=='') { ?>checked="checked"<?php } ?>  id="isAutoImg-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][isAutoImg]" value="A"/> <?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?>
+                  <?php if ($imgToUse!='') { ?> <a onclick="nxs_clPrvImgShow('<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>');return false;" href="#"><?php _e('Show all', 'social-networks-auto-poster-facebook-twitter-g'); ?></a><br/>  
+                    <div class="nxs_prevImagesDiv" id="nxs_<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>_idivD"><img class="nxs_prevImages" src="<?php echo $imgToUse; ?>"><div style="display:block;" class="nxs_checkIcon"><div class="media-modal-icon"></div></div></div>
                   <?php } else { ?><?php } ?>
-                    <div id="imgPrevList-<?php echo $nt; ?><?php echo $ii; ?>" class="nxs_imgPrevList" style="display: none;"></div>  
-                    <input type="hidden" name="<?php echo $nt; ?>[<?php echo $ii; ?>][imgToUse]" class="nxsEdElem" value="<?php echo $imgToUse ?>" id="imgToUse-<?php echo $nt; ?><?php echo $ii; ?>" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" /> 
+                    <div id="imgPrevList-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>" class="nxs_imgPrevList" style="display: none;"></div>  
+                    <input type="hidden" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][imgToUse]" class="nxsEdElem" value="<?php echo $imgToUse ?>" id="imgToUse-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" /> 
      </div>
    </div> 
@@ -479 +479 @@
 if (!function_exists('nxs_showURLToUseDlg')){ function nxs_showURLToUseDlg($nt, $ii, $urlToUse){ ?>
  <div class="nxsPostEd_ElemWrap" style=""><div class="nxsPostEd_ElemLabel" style="display: inline;"><?php _e('URL to use:', 'social-networks-auto-poster-facebook-twitter-g') ?></div>
-   <div class="nxsPostEd_Elem" style="display: inline;"><input type="checkbox" class="isAutoURL nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" <?php if ($urlToUse=='') { ?>checked="checked"<?php } ?>  id="isAutoURL-<?php echo $nt; ?><?php echo $ii; ?>" name="<?php echo $nt; ?>[<?php echo $ii; ?>][isAutoURL]" value="A"/> <?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post URL or globally defined URL will be used', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>                  
-     <div class="nxs_prevURLDiv" <?php if (trim($urlToUse)=='') { ?> style="display:none;"<?php } ?> id="isAutoURLFld-<?php echo $nt; ?><?php echo $ii; ?>"><br/>
-       &nbsp;&nbsp;&nbsp;<?php _e('URL:', 'social-networks-auto-poster-facebook-twitter-g') ?> <input style="width:60%;max-width: 610px;" class="nxsEdElem" data-ii="<?php echo $ii; ?>" data-nt="<?php echo $nt; ?>" type="text" name="<?php echo $nt; ?>[<?php echo $ii; ?>][urlToUse]" value="<?php echo $urlToUse ?>" id="URLToUse-<?php echo $nt; ?><?php echo $ii; ?>" />                       
+   <div class="nxsPostEd_Elem" style="display: inline;"><input type="checkbox" class="isAutoURL nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" <?php if ($urlToUse=='') { ?>checked="checked"<?php } ?>  id="isAutoURL-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][isAutoURL]" value="A"/> <?php _e('Auto', 'social-networks-auto-poster-facebook-twitter-g'); ?> - <i><?php _e('Post URL or globally defined URL will be used', 'social-networks-auto-poster-facebook-twitter-g'); ?></i>                  
+     <div class="nxs_prevURLDiv" <?php if (trim($urlToUse)=='') { ?> style="display:none;"<?php } ?> id="isAutoURLFld-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>"><br/>
+       &nbsp;&nbsp;&nbsp;<?php _e('URL:', 'social-networks-auto-poster-facebook-twitter-g') ?> <input style="width:60%;max-width: 610px;" class="nxsEdElem" data-ii="<?php echo esc_attr($ii); ?>" data-nt="<?php echo esc_attr($nt); ?>" type="text" name="<?php echo esc_attr($nt); ?>[<?php echo esc_attr($ii); ?>][urlToUse]" value="<?php echo $urlToUse ?>" id="URLToUse-<?php echo esc_attr($nt); ?><?php echo esc_attr($ii); ?>" />                       
      </div>                  
  </div><div style="clear: both;"></div></div> 

social-networks-auto-poster-facebook-twitter-g/trunk/js-css/js.js

@@ -1 +1 @@
 jQuery(document).ready(function() {  nxs_doTabs();
   
-  jQuery('#nxs_ntType').ddslick({ width: 200, imagePosition: "left", selectText: "Select network", onSelected: function (data) { doShowFillBlockX(data.selectedData.value);}});      
+  jQuery('#nxs_ntType').ddslick({ width: 300, imagePosition: "left", selectText: "Select network", onSelected: function (data) { doShowFillBlockX(data.selectedData.value);}});
   
     
@@ -1140 +1140 @@
     ddOptionsHtml = '<ul class="dd-options"></ul>',
 
-    //CSS for ddSlick
-    ddslickCSS = '<style id="css-ddslick" type="text/css">' +
-                '.dd-select{ border-radius:2px; border:solid 1px #ccc; position:relative; cursor:pointer;}' +
-                '.dd-desc { color:#aaa; display:block; overflow: hidden; font-weight:normal; line-height: 1.4em; }' +
-                '.dd-selected{ overflow:hidden; display:block; padding:10px; font-weight:bold;}' +
-                '.dd-pointer{ width:0; height:0; position:absolute; right:10px; top:50%; margin-top:-3px;}' +
-                '.dd-pointer-down{ border:solid 5px transparent; border-top:solid 5px #000; }' +
-                '.dd-pointer-up{border:solid 5px transparent !important; border-bottom:solid 5px #000 !important; margin-top:-8px;}' +
-                '.dd-options{ border:solid 1px #ccc; border-top:none; list-style:none; box-shadow:0px 1px 5px #ddd; display:none; position:absolute; z-index:2000; margin:0; padding:0;background:#fff; overflow:auto;}' +
-                '.dd-option, .dd-title{ padding:10px; display:block; border-bottom:solid 1px #ddd; overflow:hidden; text-decoration:none; color:#333; cursor:pointer;-webkit-transition: all 0.25s ease-in-out; -moz-transition: all 0.25s ease-in-out;-o-transition: all 0.25s ease-in-out;-ms-transition: all 0.25s ease-in-out; }' +
-                '.dd-option { padding-left:20px} .dd-options > li:last-child > .dd-option{ border-bottom:none;}' +
-                '.dd-option:hover{ background:#f3f3f3; color:#000;}' +
-                '.dd-selected-description-truncated { text-overflow: ellipsis; white-space:nowrap; }' +
-                '.dd-option-selected { background:#f6f6f6; }' +
-                '.dd-option-image, .dd-selected-image { vertical-align:middle; float:left; margin-right:5px; max-width:64px;}' +
-                '.dd-image-right { float:right; margin-right:15px; margin-left:5px;}' +
-                '.dd-container{ position:relative;}? .dd-selected-text { font-weight:bold}?</style>';
+        //CSS for ddSlick
+        ddslickCSS = '<style id="css-ddslick" type="text/css">' +
+            '.dd-select{ border-radius:2px; border:solid 1px #ccc; position:relative; cursor:pointer;}' +
+            '.dd-desc { color:#aaa; display:block; overflow: hidden; font-weight:normal; line-height: 1.4em; }' +
+            '.dd-selected{ overflow:hidden; display:block; padding:10px; font-weight:bold;}' +
+            '.dd-pointer{ width:0; height:0; position:absolute; right:10px; top:50%; margin-top:-3px;}' +
+            '.dd-pointer-down{ border:solid 5px transparent; border-top:solid 5px #000; }' +
+            '.dd-pointer-up{border:solid 5px transparent !important; border-bottom:solid 5px #000 !important; margin-top:-8px;}' +
+            '.dd-options{ border:solid 1px #ccc; border-top:none; list-style:none; box-shadow:0px 1px 5px #ddd; display:none; position:absolute; z-index:2000; margin:0; padding:0;background:#fff; overflow:auto;}' +
+            '.dd-option, .dd-title{ padding:5px; display:block; border-bottom:solid 1px #ddd; overflow:hidden; text-decoration:none; color:#333; cursor:pointer;-webkit-transition: all 0.25s ease-in-out; -moz-transition: all 0.25s ease-in-out;-o-transition: all 0.25s ease-in-out;-ms-transition: all 0.25s ease-in-out; }' +
+            '.dd-option { padding-left:25px; padding-top: 0px; padding-bottom: 2px;} .dd-options > li:last-child > .dd-option{ border-bottom:none;}' +
+            '.dd-option:hover{ background:#f3f3f3; color:#000;}' +
+            '.dd-selected-description-truncated { text-overflow: ellipsis; white-space:nowrap; }' +
+            '.dd-option-selected { background:#f6f6f6; }' +
+            '.dd-option-image, .dd-selected-image { vertical-align:middle; margin-right:5px; max-width:64px;}' +
+            '.dd-image-right { float:right; margin-right:15px; margin-left:5px;}' +
+            '.dd-container{ position:relative;}? .dd-selected-text { font-weight:bold}?</style>';
 
     //CSS styles are only added once.

social-networks-auto-poster-facebook-twitter-g/trunk/readme.txt

@@ -5 +5 @@
 Tags: automation, autopost, auto-post, auto post, socialnetworks, socialnetwork, social networks, social network, Flipboard, google,  Flickr, twitter, pinterest, google my business, 500px, tumblr, blogger, blogspot, linkedin, reddit, reddit.com, plugin, links, Post, posts, api, automatic, seo, scoop.it, integration, bookmark, bookmarks, admin, images, image, social, sharing, share, repost, re-post, wordpress.com, Diigo, vBulletin, Plurk, forums, vKontakte, open graph, LiveJournal, SETT, YouTube, Telegram, xing, medium, yo, Weibo, mailchimp, line, Odnoklassniki, ok.ru
 Requires at least: 3.4
-Tested up to: 6.0.0
-Stable tag: 4.3.26
+Tested up to: 6.0.1
+Stable tag: 4.3.27
 License: GPLv2 or later
 
@@ -183 +183 @@
 == Changelog ==
 
+= 4.3.27 [07/15/2022] =
+
+* New/Improvement - [Twitter] - Update to the latest API compatibility.
+* New/Improvement - [LJ] - Update to the latest API compatibility.
+* Removed [Google+/Google Currents]
+* Bug Fix - Many security compliance changes/fixes
+* Bug Fix - PHP 8 Compatibility Improvements. 
+* Bug Fix - Fix for 'Uncaught TypeError: date(): Argument #2 ($timestamp) must be of type int, string given' error
+* Improvement - A lot of code cleanup/improvements. 
+
+
 = 4.3.26 [06/27/2022] =
 
 * New - Support for Wordpress 6.0
 * Bug Fix - Possible security vulnerability [WP-2022-05-31]
-
 
 = 4.3.25 [12/29/2021] =