Changeset 3092528

Timestamp:

05/25/2024 04:58:25 PM (21 months ago)

Author:

Persianscript

Message:

v 7.1.5

Location:

persian-woocommerce

Files:

• tags/7.1.5/include/class-address.php (modified) (1 diff)
• tags/7.1.5/include/class-core.php (modified) (2 diffs)
• tags/7.1.5/include/class-gateways.php (modified) (1 diff)
• tags/7.1.5/include/class-notice.php (modified) (2 diffs)
• tags/7.1.5/include/class-tools.php (modified) (2 diffs)
• tags/7.1.5/include/class-translate.php (modified) (2 diffs)
• tags/7.1.5/include/gateways/class-zibal.php (modified) (1 diff)
• tags/7.1.5/include/lib (deleted)
• tags/7.1.5/include/tools/class-date.php (modified) (2 diffs)
• tags/7.1.5/include/tools/class-general.php (modified) (1 diff)
• tags/7.1.5/include/tools/class-price.php (modified) (1 diff)
• tags/7.1.5/include/view/html-admin-page-about.php (modified) (2 diffs)
• tags/7.1.5/include/view/html-admin-page-melipayamak.php (modified) (2 diffs)
• trunk/include/class-address.php (modified) (1 diff)
• trunk/include/class-core.php (modified) (2 diffs)
• trunk/include/class-gateways.php (modified) (1 diff)
• trunk/include/class-notice.php (modified) (2 diffs)
• trunk/include/class-tools.php (modified) (2 diffs)
• trunk/include/class-translate.php (modified) (2 diffs)
• trunk/include/gateways/class-zibal.php (modified) (1 diff)
• trunk/include/lib (deleted)
• trunk/include/tools/class-date.php (modified) (2 diffs)
• trunk/include/tools/class-general.php (modified) (1 diff)
• trunk/include/tools/class-price.php (modified) (1 diff)
• trunk/include/view/html-admin-page-about.php (modified) (2 diffs)
• trunk/include/view/html-admin-page-melipayamak.php (modified) (2 diffs)

persian-woocommerce/tags/7.1.5/include/class-address.php

@@ -352 +352 @@
 
                 $(document.body).on('change', '#<?php echo esc_attr( $type ); ?>_country', function () {
-                    var is_iran = $('#<?php echo esc_attr( $type ); ?>_country').val() == '<?php echo $this->country ?>' ? 'yes' : 'no';
+                    var is_iran = $('#<?php echo esc_attr( $type ); ?>_country').val() == '<?php echo esc_attr($this->country); ?>' ? 'yes' : 'no';
                     set_iran_cities_field('<?php echo esc_attr( $type ); ?>', is_iran);
                 });

persian-woocommerce/tags/7.1.5/include/class-core.php

@@ -66 +66 @@
                 'title'      => 'تاریخ شمسی',
                 'capability' => 'manage_options',
-                'slug'       => admin_url( 'admin.php?page=persian-wc-tools&tab=date' ),
+                'slug'       => esc_url( admin_url( 'admin.php?page=persian-wc-tools&tab=date' )),
                 'callback'   => '',
             ],
@@ -78 +78 @@
                 'title'      => 'سوپر ادمین',
                 'capability' => 'manage_options',
-                'slug'       => admin_url( 'admin.php?page=persian-wc-tools&tab=super_admin' ),
+                'slug'       => esc_url(admin_url( 'admin.php?page=persian-wc-tools&tab=super_admin' )),
                 'callback'   => '',
             ],

persian-woocommerce/tags/7.1.5/include/class-gateways.php

@@ -713 +713 @@
     }
 
-    protected function nusoap() {
-        if ( ! class_exists( 'nusoap_client' ) ) {
-            include_once( 'lib/nusoap.php' );
-        }
-    }
 
     /*

persian-woocommerce/tags/7.1.5/include/class-notice.php

@@ -51 +51 @@
 
                         $.ajax({
-                            url: "<?php echo admin_url( 'admin-ajax.php' ) ?>",
+                            url: "<?php echo esc_url(admin_url( 'admin-ajax.php' )) ?>",
                             type: 'post',
                             data: {
@@ -64 +64 @@
 
                 $.ajax({
-                    url: "<?php echo admin_url( 'admin-ajax.php' ) ?>",
+                    url: "<?php echo esc_url(admin_url( 'admin-ajax.php' )) ?>",
                     type: 'post',
                     data: {

persian-woocommerce/tags/7.1.5/include/class-tools.php

@@ -62 +62 @@
 
         if ( count( $html_sections ) ) {
-            printf( '<ul class="subsubsub">%s</ul><br>', implode( " | ", $html_sections ) );
+            printf( '<ul class="subsubsub">%s</ul><br>', esc_html(implode( " | ", $html_sections ) ));
         }
 
@@ -444 +444 @@
                 }
                 ?>
-            </select> <br/><a class="select_all button" href="#"><?php _e( 'Select all', 'woocommerce' ); ?></a> <a
-                    class="select_none button" href="#"><?php _e( 'Select none', 'woocommerce' ); ?></a>
+            </select> <br/><a class="select_all button" href="#">انتخاب همه</a> <a
+                    class="select_none button" href="#">هیچکدام</a>
         </td>
         </tr><?php

persian-woocommerce/tags/7.1.5/include/class-translate.php

@@ -136 +136 @@
         ?>
         <form action="" method="post" id="woocommerce_persian_translate">
-            <input type="hidden" name="s" value="<?php echo esc_attr( $_GET['s'] ?? null ); ?>"/>
+            <input type="hidden" name="s" value="<?php echo esc_attr( sanitize_text_field( $_GET['s'] ?? null ) ); ?>"/>
             <input type="hidden" name="action" value="pw_save_translates"/>
             <input type="hidden" name="security"
@@ -269 +269 @@
 
     public function __construct() {
-
         global $wpdb;
 
-        $search  = '';
+        $table   = $wpdb->prefix . 'woocommerce_ir';
         $perPage = 20;
         $db_page = ( $this->get_pagenum() - 1 ) * $perPage;
 
-        if ( isset( $_GET['s'] ) && ! empty( $_GET['s'] ) ) {
-            $s      = sanitize_text_field( $_GET['s'] );
-            $search = " WHERE text1 LIKE '%{$s}%' OR text2 LIKE '%{$s}%'";
-        }
-
-        $this->data = $wpdb->get_results( "SELECT * FROM `{$wpdb->prefix}woocommerce_ir`{$search} ORDER BY id DESC LIMIT $db_page, $perPage;", ARRAY_A );
+        $s = sanitize_text_field( trim( $_GET['s'] ?? '' ) );
+
+        $query       = $wpdb->prepare( "SELECT * FROM %i 
+                                 WHERE `text1` LIKE '%%%s%' OR `text2` LIKE '%%%s%'
+                             ORDER BY `id` DESC LIMIT %d, %d;", $table, $s, $s, $db_page, $perPage );
+        $total_query = $wpdb->prepare( "SELECT COUNT(*) FROM %i WHERE `text1` LIKE '%%%s%' OR `text2` LIKE '%%%s%';", $table, $s, $s );
+
+        $this->data = $wpdb->get_results( $query, ARRAY_A );
 
         $this->set_pagination_args( [
-            'total_items' => $wpdb->get_var( "SELECT COUNT(*) FROM `{$wpdb->prefix}woocommerce_ir`{$search};" ),
-            'per_page'    => $perPage,
+          'total_items' => $wpdb->get_var( $total_query ),
+          'per_page'    => $perPage,
         ] );
 

persian-woocommerce/tags/7.1.5/include/gateways/class-zibal.php

@@ -12 +12 @@
 add_action( 'after_plugin_row_zibal-payment-gateway-for-woocommerce/index.php', function ( $plugin_file, $plugin_data, $status ) {
     echo '<tr class="inactive"><td>&nbsp;</td><td colspan="2">
-            <div class="notice inline notice-warning notice-alt"><p>افزونه «<strong>درگاه پرداخت زیبال برای فروشگاه ساز ووکامرس</strong>» درون بسته ووکامرس فارسی وجود دارد و نیاز به فعال سازی نیست. به صفحه <a href="' . admin_url( 'admin.php?page=wc-settings&tab=checkout' ) . '">ووکامرس > پیکربندی > تسویه حساب</a> مراجعه کنید.</p></div>
+            <div class="notice inline notice-warning notice-alt"><p>افزونه «<strong>درگاه پرداخت زیبال برای فروشگاه ساز ووکامرس</strong>» درون بسته ووکامرس فارسی وجود دارد و نیاز به فعال سازی نیست. به صفحه <a href="' . esc_url(admin_url( 'admin.php?page=wc-settings&tab=checkout' )) . '">ووکامرس > پیکربندی > تسویه حساب</a> مراجعه کنید.</p></div>
             </td>
         </tr>';

persian-woocommerce/tags/7.1.5/include/tools/class-date.php

@@ -304 +304 @@
         foreach ( $dates as $year => $months ) {
 
-            printf( '<optgroup label="سال %s">', CalendarUtils::convertNumbers( $year ) );
+            printf( '<optgroup label="سال %s">', esc_attr(CalendarUtils::convertNumbers( $year) ));
 
             foreach ( $months as $month => $count ) {
@@ -417 +417 @@
         foreach ( $dates as $year => $months ) {
 
-            printf( '<optgroup label="سال %s">', CalendarUtils::convertNumbers( $year ) );
+            printf( '<optgroup label="سال %s">', esc_attr(CalendarUtils::convertNumbers( $year ) ));
 
             foreach ( $months as $month => $count ) {

persian-woocommerce/tags/7.1.5/include/tools/class-general.php

@@ -1 +1 @@
 <?php
-
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 class PW_Tools_General {
 

persian-woocommerce/tags/7.1.5/include/tools/class-price.php

@@ -76 +76 @@
             if ( WC()->cart->get_total( null ) < $minimum ) {
 
-                $message = sprintf( __( 'مبلغ سفارش شما %s می باشد، حداقل مبلغ جهت ثبت سفارش %s است.' ), wc_price( WC()->cart->get_total( null ) ), wc_price( $minimum ) );
+                $message = sprintf('مبلغ سفارش شما %s می باشد، حداقل مبلغ جهت ثبت سفارش %s است.', wc_price( WC()->cart->get_total( null ) ), wc_price( $minimum ) );
 
                 if ( is_cart() ) {

persian-woocommerce/tags/7.1.5/include/view/html-admin-page-about.php

@@ +1 @@
+<?php
+     if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly 
+     ?>
 <div class="wrap about-wrap persian-woocommerce">
     <h2>به دنیای ووکامرس فارسی خوش آمدید!</h2>
@@ -5 +8 @@
 
     <div class="wp-badge"
-         style="background-color:#d8bfd8 !important;background-image:url('<?php echo PW()->plugin_url( 'assets/images/about.png' ); ?>') !important;background-position: center center;background-size: 167px auto !important;"></div>
+         style="background-color:#d8bfd8 !important;background-image:url('<?php echo esc_url(PW()->plugin_url( 'assets/images/about.png' )); ?>') !important;background-position: center center;background-size: 167px auto !important;"></div>
 
     

persian-woocommerce/tags/7.1.5/include/view/html-admin-page-melipayamak.php

@@ -83 +83 @@
 
             <div class="text-center  mb-2">
-                <a href="<?php echo admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' ); ?>"
+                <a href="<?php echo esc_url(admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' )); ?>"
                    class="flex w-full items-center justify-center gap-2 bg-gray-button rounded-[3px] py-3 sm:px-5 px-3  hover:shadow-xl hover:-translate-y-0.5 a2:hover"
                    target="_blank">
@@ -256 +256 @@
 
             <div class="text-center  mb-2">
-                <a href="<?php echo admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' ); ?>"
+                <a href="<?php echo esc_url(admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' )); ?>"
                    class="flex w-full items-center justify-center gap-2 bg-gray-button rounded-[3px] py-3 sm:px-5 px-3  hover:shadow-xl hover:-translate-y-0.5 a2:hover"
                    target="_blank">

persian-woocommerce/trunk/include/class-address.php

@@ -352 +352 @@
 
                 $(document.body).on('change', '#<?php echo esc_attr( $type ); ?>_country', function () {
-                    var is_iran = $('#<?php echo esc_attr( $type ); ?>_country').val() == '<?php echo $this->country ?>' ? 'yes' : 'no';
+                    var is_iran = $('#<?php echo esc_attr( $type ); ?>_country').val() == '<?php echo esc_attr($this->country); ?>' ? 'yes' : 'no';
                     set_iran_cities_field('<?php echo esc_attr( $type ); ?>', is_iran);
                 });

persian-woocommerce/trunk/include/class-core.php

@@ -66 +66 @@
                 'title'      => 'تاریخ شمسی',
                 'capability' => 'manage_options',
-                'slug'       => admin_url( 'admin.php?page=persian-wc-tools&tab=date' ),
+                'slug'       => esc_url( admin_url( 'admin.php?page=persian-wc-tools&tab=date' )),
                 'callback'   => '',
             ],
@@ -78 +78 @@
                 'title'      => 'سوپر ادمین',
                 'capability' => 'manage_options',
-                'slug'       => admin_url( 'admin.php?page=persian-wc-tools&tab=super_admin' ),
+                'slug'       => esc_url(admin_url( 'admin.php?page=persian-wc-tools&tab=super_admin' )),
                 'callback'   => '',
             ],

persian-woocommerce/trunk/include/class-gateways.php

@@ -713 +713 @@
     }
 
-    protected function nusoap() {
-        if ( ! class_exists( 'nusoap_client' ) ) {
-            include_once( 'lib/nusoap.php' );
-        }
-    }
 
     /*

persian-woocommerce/trunk/include/class-notice.php

@@ -51 +51 @@
 
                         $.ajax({
-                            url: "<?php echo admin_url( 'admin-ajax.php' ) ?>",
+                            url: "<?php echo esc_url(admin_url( 'admin-ajax.php' )) ?>",
                             type: 'post',
                             data: {
@@ -64 +64 @@
 
                 $.ajax({
-                    url: "<?php echo admin_url( 'admin-ajax.php' ) ?>",
+                    url: "<?php echo esc_url(admin_url( 'admin-ajax.php' )) ?>",
                     type: 'post',
                     data: {

persian-woocommerce/trunk/include/class-tools.php

@@ -62 +62 @@
 
         if ( count( $html_sections ) ) {
-            printf( '<ul class="subsubsub">%s</ul><br>', implode( " | ", $html_sections ) );
+            printf( '<ul class="subsubsub">%s</ul><br>', esc_html(implode( " | ", $html_sections ) ));
         }
 
@@ -444 +444 @@
                 }
                 ?>
-            </select> <br/><a class="select_all button" href="#"><?php _e( 'Select all', 'woocommerce' ); ?></a> <a
-                    class="select_none button" href="#"><?php _e( 'Select none', 'woocommerce' ); ?></a>
+            </select> <br/><a class="select_all button" href="#">انتخاب همه</a> <a
+                    class="select_none button" href="#">هیچکدام</a>
         </td>
         </tr><?php

persian-woocommerce/trunk/include/class-translate.php

@@ -136 +136 @@
         ?>
         <form action="" method="post" id="woocommerce_persian_translate">
-            <input type="hidden" name="s" value="<?php echo esc_attr( $_GET['s'] ?? null ); ?>"/>
+            <input type="hidden" name="s" value="<?php echo esc_attr( sanitize_text_field( $_GET['s'] ?? null ) ); ?>"/>
             <input type="hidden" name="action" value="pw_save_translates"/>
             <input type="hidden" name="security"
@@ -269 +269 @@
 
     public function __construct() {
-
         global $wpdb;
 
-        $search  = '';
+        $table   = $wpdb->prefix . 'woocommerce_ir';
         $perPage = 20;
         $db_page = ( $this->get_pagenum() - 1 ) * $perPage;
 
-        if ( isset( $_GET['s'] ) && ! empty( $_GET['s'] ) ) {
-            $s      = sanitize_text_field( $_GET['s'] );
-            $search = " WHERE text1 LIKE '%{$s}%' OR text2 LIKE '%{$s}%'";
-        }
-
-        $this->data = $wpdb->get_results( "SELECT * FROM `{$wpdb->prefix}woocommerce_ir`{$search} ORDER BY id DESC LIMIT $db_page, $perPage;", ARRAY_A );
+        $s = sanitize_text_field( trim( $_GET['s'] ?? '' ) );
+
+        $query       = $wpdb->prepare( "SELECT * FROM %i 
+                                 WHERE `text1` LIKE '%%%s%' OR `text2` LIKE '%%%s%'
+                             ORDER BY `id` DESC LIMIT %d, %d;", $table, $s, $s, $db_page, $perPage );
+        $total_query = $wpdb->prepare( "SELECT COUNT(*) FROM %i WHERE `text1` LIKE '%%%s%' OR `text2` LIKE '%%%s%';", $table, $s, $s );
+
+        $this->data = $wpdb->get_results( $query, ARRAY_A );
 
         $this->set_pagination_args( [
-            'total_items' => $wpdb->get_var( "SELECT COUNT(*) FROM `{$wpdb->prefix}woocommerce_ir`{$search};" ),
-            'per_page'    => $perPage,
+          'total_items' => $wpdb->get_var( $total_query ),
+          'per_page'    => $perPage,
         ] );
 

persian-woocommerce/trunk/include/gateways/class-zibal.php

@@ -12 +12 @@
 add_action( 'after_plugin_row_zibal-payment-gateway-for-woocommerce/index.php', function ( $plugin_file, $plugin_data, $status ) {
     echo '<tr class="inactive"><td>&nbsp;</td><td colspan="2">
-            <div class="notice inline notice-warning notice-alt"><p>افزونه «<strong>درگاه پرداخت زیبال برای فروشگاه ساز ووکامرس</strong>» درون بسته ووکامرس فارسی وجود دارد و نیاز به فعال سازی نیست. به صفحه <a href="' . admin_url( 'admin.php?page=wc-settings&tab=checkout' ) . '">ووکامرس > پیکربندی > تسویه حساب</a> مراجعه کنید.</p></div>
+            <div class="notice inline notice-warning notice-alt"><p>افزونه «<strong>درگاه پرداخت زیبال برای فروشگاه ساز ووکامرس</strong>» درون بسته ووکامرس فارسی وجود دارد و نیاز به فعال سازی نیست. به صفحه <a href="' . esc_url(admin_url( 'admin.php?page=wc-settings&tab=checkout' )) . '">ووکامرس > پیکربندی > تسویه حساب</a> مراجعه کنید.</p></div>
             </td>
         </tr>';

persian-woocommerce/trunk/include/tools/class-date.php

@@ -304 +304 @@
         foreach ( $dates as $year => $months ) {
 
-            printf( '<optgroup label="سال %s">', CalendarUtils::convertNumbers( $year ) );
+            printf( '<optgroup label="سال %s">', esc_attr(CalendarUtils::convertNumbers( $year) ));
 
             foreach ( $months as $month => $count ) {
@@ -417 +417 @@
         foreach ( $dates as $year => $months ) {
 
-            printf( '<optgroup label="سال %s">', CalendarUtils::convertNumbers( $year ) );
+            printf( '<optgroup label="سال %s">', esc_attr(CalendarUtils::convertNumbers( $year ) ));
 
             foreach ( $months as $month => $count ) {

persian-woocommerce/trunk/include/tools/class-general.php

@@ -1 +1 @@
 <?php
-
+if ( ! defined( 'ABSPATH' ) ) {
+    exit;
+}
 class PW_Tools_General {
 

persian-woocommerce/trunk/include/tools/class-price.php

@@ -76 +76 @@
             if ( WC()->cart->get_total( null ) < $minimum ) {
 
-                $message = sprintf( __( 'مبلغ سفارش شما %s می باشد، حداقل مبلغ جهت ثبت سفارش %s است.' ), wc_price( WC()->cart->get_total( null ) ), wc_price( $minimum ) );
+                $message = sprintf('مبلغ سفارش شما %s می باشد، حداقل مبلغ جهت ثبت سفارش %s است.', wc_price( WC()->cart->get_total( null ) ), wc_price( $minimum ) );
 
                 if ( is_cart() ) {

persian-woocommerce/trunk/include/view/html-admin-page-about.php

@@ +1 @@
+<?php
+     if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly 
+     ?>
 <div class="wrap about-wrap persian-woocommerce">
     <h2>به دنیای ووکامرس فارسی خوش آمدید!</h2>
@@ -5 +8 @@
 
     <div class="wp-badge"
-         style="background-color:#d8bfd8 !important;background-image:url('<?php echo PW()->plugin_url( 'assets/images/about.png' ); ?>') !important;background-position: center center;background-size: 167px auto !important;"></div>
+         style="background-color:#d8bfd8 !important;background-image:url('<?php echo esc_url(PW()->plugin_url( 'assets/images/about.png' )); ?>') !important;background-position: center center;background-size: 167px auto !important;"></div>
 
     

persian-woocommerce/trunk/include/view/html-admin-page-melipayamak.php

@@ -83 +83 @@
 
             <div class="text-center  mb-2">
-                <a href="<?php echo admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' ); ?>"
+                <a href="<?php echo esc_url(admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' )); ?>"
                    class="flex w-full items-center justify-center gap-2 bg-gray-button rounded-[3px] py-3 sm:px-5 px-3  hover:shadow-xl hover:-translate-y-0.5 a2:hover"
                    target="_blank">
@@ -256 +256 @@
 
             <div class="text-center  mb-2">
-                <a href="<?php echo admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' ); ?>"
+                <a href="<?php echo esc_url(admin_url( 'plugin-install.php?tab=plugin-information&plugin=persian-woocommerce-sms' )); ?>"
                    class="flex w-full items-center justify-center gap-2 bg-gray-button rounded-[3px] py-3 sm:px-5 px-3  hover:shadow-xl hover:-translate-y-0.5 a2:hover"
                    target="_blank">