Changeset 3101275
- Timestamp:
- 06/11/2024 02:57:31 PM (21 months ago)
- Location:
- constellation-client-portal
- Files:
-
- 131 added
- 1 deleted
- 6 edited
-
tags/1.8.6 (deleted)
-
tags/1.8.8 (added)
-
tags/1.8.8/LICENSE.txt (added)
-
tags/1.8.8/README.txt (added)
-
tags/1.8.8/admin (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-admin.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-client-pages.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-company.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-core-authorization.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-core-file-checks.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-file.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-invoice.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-settings.php (added)
-
tags/1.8.8/admin/class-ars-constellation-client-portal-users.php (added)
-
tags/1.8.8/admin/css (added)
-
tags/1.8.8/admin/css/ars-constellation-client-portal-admin.css (added)
-
tags/1.8.8/admin/css/jquery-ui (added)
-
tags/1.8.8/admin/css/jquery-ui/1.11.1 (added)
-
tags/1.8.8/admin/css/jquery-ui/1.11.1/themes (added)
-
tags/1.8.8/admin/css/jquery-ui/1.11.1/themes/cupertino (added)
-
tags/1.8.8/admin/css/jquery-ui/1.11.1/themes/cupertino/jquery-ui.css (added)
-
tags/1.8.8/admin/css/select2.min.css (added)
-
tags/1.8.8/admin/index.php (added)
-
tags/1.8.8/admin/js (added)
-
tags/1.8.8/admin/js/ars-constellation-client-portal-admin.js (added)
-
tags/1.8.8/admin/js/i18n (added)
-
tags/1.8.8/admin/js/i18n/af.js (added)
-
tags/1.8.8/admin/js/i18n/ar.js (added)
-
tags/1.8.8/admin/js/i18n/az.js (added)
-
tags/1.8.8/admin/js/i18n/bg.js (added)
-
tags/1.8.8/admin/js/i18n/bs.js (added)
-
tags/1.8.8/admin/js/i18n/ca.js (added)
-
tags/1.8.8/admin/js/i18n/cs.js (added)
-
tags/1.8.8/admin/js/i18n/da.js (added)
-
tags/1.8.8/admin/js/i18n/de.js (added)
-
tags/1.8.8/admin/js/i18n/dsb.js (added)
-
tags/1.8.8/admin/js/i18n/el.js (added)
-
tags/1.8.8/admin/js/i18n/en.js (added)
-
tags/1.8.8/admin/js/i18n/es.js (added)
-
tags/1.8.8/admin/js/i18n/et.js (added)
-
tags/1.8.8/admin/js/i18n/eu.js (added)
-
tags/1.8.8/admin/js/i18n/fa.js (added)
-
tags/1.8.8/admin/js/i18n/fi.js (added)
-
tags/1.8.8/admin/js/i18n/fr.js (added)
-
tags/1.8.8/admin/js/i18n/gl.js (added)
-
tags/1.8.8/admin/js/i18n/he.js (added)
-
tags/1.8.8/admin/js/i18n/hi.js (added)
-
tags/1.8.8/admin/js/i18n/hr.js (added)
-
tags/1.8.8/admin/js/i18n/hsb.js (added)
-
tags/1.8.8/admin/js/i18n/hu.js (added)
-
tags/1.8.8/admin/js/i18n/hy.js (added)
-
tags/1.8.8/admin/js/i18n/id.js (added)
-
tags/1.8.8/admin/js/i18n/is.js (added)
-
tags/1.8.8/admin/js/i18n/it.js (added)
-
tags/1.8.8/admin/js/i18n/ja.js (added)
-
tags/1.8.8/admin/js/i18n/km.js (added)
-
tags/1.8.8/admin/js/i18n/ko.js (added)
-
tags/1.8.8/admin/js/i18n/lt.js (added)
-
tags/1.8.8/admin/js/i18n/lv.js (added)
-
tags/1.8.8/admin/js/i18n/mk.js (added)
-
tags/1.8.8/admin/js/i18n/ms.js (added)
-
tags/1.8.8/admin/js/i18n/nb.js (added)
-
tags/1.8.8/admin/js/i18n/nl.js (added)
-
tags/1.8.8/admin/js/i18n/pl.js (added)
-
tags/1.8.8/admin/js/i18n/ps.js (added)
-
tags/1.8.8/admin/js/i18n/pt-BR.js (added)
-
tags/1.8.8/admin/js/i18n/pt.js (added)
-
tags/1.8.8/admin/js/i18n/ro.js (added)
-
tags/1.8.8/admin/js/i18n/ru.js (added)
-
tags/1.8.8/admin/js/i18n/sk.js (added)
-
tags/1.8.8/admin/js/i18n/sl.js (added)
-
tags/1.8.8/admin/js/i18n/sr-Cyrl.js (added)
-
tags/1.8.8/admin/js/i18n/sr.js (added)
-
tags/1.8.8/admin/js/i18n/sv.js (added)
-
tags/1.8.8/admin/js/i18n/th.js (added)
-
tags/1.8.8/admin/js/i18n/tr.js (added)
-
tags/1.8.8/admin/js/i18n/uk.js (added)
-
tags/1.8.8/admin/js/i18n/vi.js (added)
-
tags/1.8.8/admin/js/i18n/zh-CN.js (added)
-
tags/1.8.8/admin/js/i18n/zh-TW.js (added)
-
tags/1.8.8/admin/js/select2.full.min.js (added)
-
tags/1.8.8/admin/js/select2.min.js (added)
-
tags/1.8.8/ars-constellation-client-portal.php (added)
-
tags/1.8.8/assets (added)
-
tags/1.8.8/assets/css (added)
-
tags/1.8.8/assets/css/font-awesome (added)
-
tags/1.8.8/assets/css/font-awesome/css (added)
-
tags/1.8.8/assets/css/font-awesome/css/all.css (added)
-
tags/1.8.8/assets/css/font-awesome/css/all.min.css (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-brands-400.eot (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-brands-400.svg (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-brands-400.ttf (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-brands-400.woff (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-brands-400.woff2 (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-regular-400.eot (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-regular-400.svg (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-regular-400.ttf (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-regular-400.woff (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-regular-400.woff2 (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-solid-900.eot (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-solid-900.svg (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-solid-900.ttf (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-solid-900.woff (added)
-
tags/1.8.8/assets/css/font-awesome/webfonts/fa-solid-900.woff2 (added)
-
tags/1.8.8/assets/img (added)
-
tags/1.8.8/assets/img/accp-full-logo.png (added)
-
tags/1.8.8/includes (added)
-
tags/1.8.8/includes/ars-constellation-client-portal-install-uninstall.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal-activator.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal-deactivator.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal-i18n.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal-loader.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal-utility-functions.php (added)
-
tags/1.8.8/includes/class-ars-constellation-client-portal.php (added)
-
tags/1.8.8/includes/index.php (added)
-
tags/1.8.8/index.php (added)
-
tags/1.8.8/languages (added)
-
tags/1.8.8/languages/ars-constellation-client-portal.pot (added)
-
tags/1.8.8/public (added)
-
tags/1.8.8/public/assets (added)
-
tags/1.8.8/public/assets/index.php (added)
-
tags/1.8.8/public/class-ars-constellation-client-portal-public.php (added)
-
tags/1.8.8/public/css (added)
-
tags/1.8.8/public/css/ars-constellation-client-portal-list-shortcode-styles.css (added)
-
tags/1.8.8/public/css/ars-constellation-client-portal-public.css (added)
-
tags/1.8.8/public/index.php (added)
-
tags/1.8.8/public/js (added)
-
tags/1.8.8/public/js/ars-constellation-client-portal-public.js (added)
-
tags/1.8.8/public/shortcodes (added)
-
tags/1.8.8/public/shortcodes/class-ars-constellation-client-portal-list-shortcodes.php (added)
-
tags/1.8.8/uninstall.php (added)
-
trunk/README.txt (modified) (2 diffs)
-
trunk/admin/class-ars-constellation-client-portal-settings.php (modified) (8 diffs)
-
trunk/admin/class-ars-constellation-client-portal-users.php (modified) (6 diffs)
-
trunk/ars-constellation-client-portal.php (modified) (2 diffs)
-
trunk/public/class-ars-constellation-client-portal-public.php (modified) (1 diff)
-
trunk/public/shortcodes/class-ars-constellation-client-portal-list-shortcodes.php (modified) (16 diffs)
Legend:
- Unmodified
- Added
- Removed
-
constellation-client-portal/trunk/README.txt
r3096852 r3101275 3 3 Contributors: arstudios 4 4 Tags: client portal, private files, private pages, private posts, customer portal, business portal, invoicing, business managemenet, client management 5 Requires at least: 5.0.05 Requires at least: 6.0.0 6 6 Tested up to: 6.5 7 Stable tag: 1.8. 77 Stable tag: 1.8.8 8 8 Requires PHP: 7.4 9 9 License: GPLv3 or later … … 206 206 207 207 == Changelog == 208 209 = 1.8.8 (Pro) - 2024-6-11 = 210 * Update: Updated the settings title function to properly display saved custom list titles. 211 * Fix: Fixed issue preventing some list settings from being saved correctly. 212 * Update: Updated the admin add new list button class param name. 213 * Update: Code formatting updates. 214 * Update: Updated the ars-constellation-client-portal-list-shortcode-styles-pro.css enqueue method to ensure that the proper version number is added. 215 * Update: Removed unneeded $content param from the company menu shortcode function. 216 * Update: Updated the accp-pro-public-style.css enqueue method to ensure that the proper version number is added. 217 218 = 1.8.8 (Core) - 2024-6-11 = 219 * Update: Cleared shortcode notice that surfaced in cases where “url” was not present in the attached file array. 220 * Update: Code formatting updates. 221 * Update: Added nonce field and check to user edit fields. 222 * Update: Converted is_writable check on the Site Info settings page to WP_Filesystem method. 223 * Update: Updated the get settings page title sanitization. 224 * Update: Added nonce verification to the allowed file type settings. 208 225 209 226 = 1.8.7 (Pro) - 2024-6-3 = -
constellation-client-portal/trunk/admin/class-ars-constellation-client-portal-settings.php
r3088740 r3101275 177 177 $html .= '<form action="' . esc_attr( $action_destination ) . '" method="post" enctype="multipart/form-data">'; 178 178 179 /** 180 * Output the settings form nonce field. 181 */ 182 $html .= $this->get_settings_form_nonce_field_html(); 183 179 184 if ( $instatiate_wp_settings && ! empty( $instatiate_wp_settings ) ) { 180 185 … … 210 215 211 216 $html .= '</div>'; 217 218 return $html; 219 } 220 221 222 /** 223 * Get the settings nonce name. 224 */ 225 public function get_settings_form_nonce_name() { 226 227 return 'accp_settings_form_nonce'; 228 } 229 230 231 /** 232 * Get the settings nonce field name. 233 */ 234 public function get_settings_form_nonce_field_name() { 235 236 return 'accp_settings_form_nonce'; 237 } 238 239 240 /** 241 * Get the settings nonce field html. 242 */ 243 public function get_settings_form_nonce_field_html() { 244 245 $nonce_name = $this->get_settings_form_nonce_name(); 246 $nonce_field_name = $this->get_settings_form_nonce_field_name(); 247 $nonce = wp_create_nonce( $nonce_name ); 248 249 $html = ''; 250 251 $html .= '<input type="hidden" name="' . esc_attr( $nonce_field_name ) . '" value="' . esc_attr( $nonce ) . '">'; 212 252 213 253 return $html; … … 284 324 */ 285 325 global $title; 286 287 if ( $title && ! empty( $title ) ) {288 return $title;289 }290 326 291 327 $is_pro = $this->utilities->is_pro_plugin( $this->plugin_name ); … … 300 336 * Check for the "title" url param. 301 337 */ 302 if ( ! isset( $_GET['title'] ) ) { 338 $url_title_raw = filter_input( INPUT_GET, 'title' ); 339 340 if ( ! isset( $url_title_raw ) ) { 303 341 return $page_title; 304 342 } 305 343 306 $url_title = str_replace( '_', ' ', sanitize_text_field( wp_unslash( $ _GET['title']) ) ?? '' );344 $url_title = str_replace( '_', ' ', sanitize_text_field( wp_unslash( $url_title_raw ) ) ?? '' ); 307 345 308 346 if ( ! $url_title || empty( $url_title ) ) { … … 311 349 312 350 $page_title = $url_title; 351 352 if ( $title && ! empty( $title ) && ! $page_title ) { 353 return $title; 354 } 313 355 314 356 return $page_title; … … 846 888 public function get_core_conent_for_site_info_settings_page() { 847 889 890 /** 891 * Instantiate WP_Filesystem. 892 */ 893 global $wp_filesystem; 894 895 WP_Filesystem(); 896 848 897 $accp_file_path = $this->utilities->accp_get_clientfiles_path(); 849 $dir_is_writable = is_writable( $accp_file_path );898 $dir_is_writable = $wp_filesystem->is_writable( $accp_file_path ); 850 899 $thumbnails = get_intermediate_image_sizes(); 851 900 … … 1080 1129 $html .= '<li>'; 1081 1130 1082 /** 1083 * Update the $_POST data. 1084 */ 1085 $option_name = $mime_checkbox['option_name']; 1086 $option_value = $mime_checkbox['value']; 1087 $option_label = $mime_checkbox['label']; 1088 $checked = get_option( $option_name ) && get_option( $option_name ) === $option_value ? 'checked' : ''; 1089 1090 if ( isset( $_POST['submit'] ) ) { 1091 1092 if ( isset( $_POST[ $option_name ] ) ) { 1093 1094 update_option( $option_name, sanitize_text_field( wp_unslash( $_POST[ $option_name ] ) ) ); 1095 1096 } else { 1097 1098 delete_option( $option_name ); 1099 1131 /** 1132 * Update the $_POST data. 1133 */ 1134 $option_name = $mime_checkbox['option_name']; 1135 $option_value = $mime_checkbox['value']; 1136 $option_label = $mime_checkbox['label']; 1137 $checked = get_option( $option_name ) && get_option( $option_name ) === $option_value ? 'checked' : ''; 1138 1139 /** 1140 * Verify settings form nonce. 1141 */ 1142 $nonce_name = $this->get_settings_form_nonce_name(); 1143 $nonce_field_name = $this->get_settings_form_nonce_field_name(); 1144 1145 if ( isset( $_POST[ $nonce_field_name ] ) ) { 1146 1147 $nonce = sanitize_text_field( wp_unslash( $_POST[ $nonce_field_name ] ) ); 1148 1149 if ( wp_verify_nonce( $nonce, $nonce_name ) ) { 1150 1151 if ( isset( $_POST[ $option_name ] ) ) { 1152 1153 update_option( $option_name, sanitize_text_field( wp_unslash( $_POST[ $option_name ] ) ) ); 1154 1155 } else { 1156 1157 delete_option( $option_name ); 1158 1159 } 1100 1160 } 1101 1161 } 1102 1162 1103 /**1104 * Note: the 'name' attribute for the input needs to be the same as the WP option name1105 * as this is used in the ajax function below to clear option data when the box is unchecked.1106 */1107 1108 $html .= '<input class="accp_mime_checkbox" data-nonce="' . esc_attr( $delete_mime_nonce ) . '" type="checkbox" name="' . esc_attr( $option_name ) . '" value="' . esc_attr( $option_value ) . '" ' . $checked . '>';1109 1110 $html .= esc_html( $option_label );1111 1112 $html .= '</li>';1163 /** 1164 * Note: the 'name' attribute for the input needs to be the same as the WP option name 1165 * as this is used in the ajax function below to clear option data when the box is unchecked. 1166 */ 1167 1168 $html .= '<input class="accp_mime_checkbox" data-nonce="' . esc_attr( $delete_mime_nonce ) . '" type="checkbox" name="' . esc_attr( $option_name ) . '" value="' . esc_attr( $option_value ) . '" ' . $checked . '>'; 1169 1170 $html .= esc_html( $option_label ); 1171 1172 $html .= '</li>'; 1113 1173 1114 1174 } … … 1421 1481 if ( isset( $_POST['accp_notices_and_errors'] ) ) { 1422 1482 1423 if ( is_array( $_POST['accp_notices_and_errors'] ) ) { 1424 1425 $message = array_key_exists( 'message', $_POST['accp_notices_and_errors'] ) ? $_POST['accp_notices_and_errors']['message'] : ''; 1426 $notice_type = array_key_exists( 'notice-type', $_POST['accp_notices_and_errors'] ) ? $_POST['accp_notices_and_errors']['notice-type'] : ''; 1427 1428 } else { 1429 1430 $message = wp_kses_post( wp_unslash( $_POST['accp_notices_and_errors'] ) ); 1431 $notice_type = 'notice-error'; 1432 1483 $nonce_name = $this->get_settings_form_nonce_name(); 1484 $nonce_field_name = $this->get_settings_form_nonce_field_name(); 1485 1486 if ( isset( $_POST[ $nonce_field_name ] ) ) { 1487 1488 $nonce = sanitize_text_field( wp_unslash( $_POST[ $nonce_field_name ] ) ); 1489 1490 if ( wp_verify_nonce( $nonce, $nonce_name ) ) { 1491 1492 if ( is_array( $_POST['accp_notices_and_errors'] ) ) { 1493 1494 $message = array_key_exists( 'message', $_POST['accp_notices_and_errors'] ) ? sanitize_text_field( wp_unslash( $_POST['accp_notices_and_errors']['message'] ) ) : ''; 1495 $notice_type = array_key_exists( 'notice-type', $_POST['accp_notices_and_errors'] ) ? sanitize_text_field( wp_unslash( $_POST['accp_notices_and_errors']['notice-type'] ) ) : ''; 1496 1497 } else { 1498 1499 $message = wp_kses_post( wp_unslash( $_POST['accp_notices_and_errors'] ) ); 1500 $notice_type = 'notice-error'; 1501 1502 } 1503 1504 $html .= '<div class="inline accp-admin-notice notice ' . esc_attr( $notice_type ) . '">'; 1505 1506 $html .= '<p>' . esc_html( $message ) . '</p>'; 1507 1508 $html .= '</div>'; 1509 1510 return $html; 1511 1512 } 1433 1513 } 1434 1435 $html .= '<div class="inline accp-admin-notice notice ' . esc_attr( $notice_type ) . '">';1436 1437 $html .= '<p>' . esc_html( $message ) . '</p>';1438 1439 $html .= '</div>';1440 1441 return $html;1442 1443 1514 } 1444 1515 -
constellation-client-portal/trunk/admin/class-ars-constellation-client-portal-users.php
r3088740 r3101275 120 120 121 121 /** 122 * User edit nonce field. 123 */ 124 $html .= $this->get_user_edit_nonce_field_html(); 125 126 /** 122 127 * Primary Company section. 123 128 */ … … 162 167 163 168 /** 169 * Get the user edit nonce name. 170 */ 171 public function get_user_edit_nonce_name() { 172 173 return 'accp_user_edit_nonce'; 174 } 175 176 177 /** 178 * Get the user edit nonce field name. 179 */ 180 public function get_user_edit_nonce_field_name() { 181 182 return 'accp_user_edit_nonce_field'; 183 } 184 185 186 /** 187 * Get the user edit nonce field html. 188 */ 189 public function get_user_edit_nonce_field_html() { 190 191 $nonce_name = $this->get_user_edit_nonce_name(); 192 $nonce_field_name = $this->get_user_edit_nonce_field_name(); 193 $nonce = wp_create_nonce( $nonce_name ); 194 195 $html = ''; 196 197 $html .= '<input type="hidden" name="' . esc_attr( $nonce_field_name ) . '" value="' . esc_attr( $nonce ) . '" >'; 198 199 return $html; 200 } 201 202 203 /** 164 204 * Get the user profile primary company section html. 165 205 * … … 345 385 } 346 386 387 $saved_companies = array_map( 'intval', $saved_companies ); 388 347 389 $html = ''; 348 390 … … 379 421 foreach ( $company_list as $company ) { 380 422 381 $company_id = $company->ID;423 $company_id = (int) $company->ID; 382 424 $company_name = $company->post_title; 383 $selected = in_array( $company_id, $saved_companies ) ? 'selected' : '';425 $selected = in_array( $company_id, $saved_companies, true ) ? 'selected' : ''; 384 426 $post_status_class = ''; 385 427 … … 480 522 } 481 523 482 /** 483 * Assigned Company 484 */ 485 if ( isset( $_POST['client_company'] ) ) { 486 487 $company_id = filter_var( wp_unslash( $_POST['client_company'] ), FILTER_SANITIZE_NUMBER_INT ); 488 update_user_meta( $user_id, 'client_company', $company_id ); 489 490 } 491 492 /** 493 * User Client Status 494 */ 495 if ( isset( $_POST['client_status'] ) ) { 496 497 $client_status = sanitize_text_field( wp_unslash( $_POST['client_status'] ) ); 498 update_user_meta( $user_id, 'client_status', $client_status ); 499 500 } 501 502 /** 503 * Additional Companies 504 */ 505 if ( ! empty( $_POST['client_additional_company'] ) ) { 506 507 $sanitized_company_array = array(); 508 509 foreach ( $_POST['client_additional_company'] as $additional_company_id ) { 510 511 $sanitized_company_array[] = $this->accp_utility_functions->accp_sanitize_integers( $additional_company_id ); 512 513 } 514 515 update_user_meta( $user_id, 'client_additional_company', $sanitized_company_array ); 516 517 } else { 518 519 delete_user_meta( $user_id, 'client_additional_company' ); 520 524 $nonce_name = $this->get_user_edit_nonce_name(); 525 $nonce_field_name = $this->get_user_edit_nonce_field_name(); 526 527 if ( isset( $_POST[ $nonce_field_name ] ) ) { 528 529 $nonce = sanitize_text_field( wp_unslash( $_POST[ $nonce_field_name ] ) ); 530 531 if ( wp_verify_nonce( $nonce, $nonce_name ) ) { 532 533 /** 534 * Assigned Company 535 */ 536 if ( isset( $_POST['client_company'] ) ) { 537 538 $company_id = filter_var( wp_unslash( $_POST['client_company'] ), FILTER_SANITIZE_NUMBER_INT ); 539 update_user_meta( $user_id, 'client_company', $company_id ); 540 541 } 542 543 /** 544 * User Client Status 545 */ 546 if ( isset( $_POST['client_status'] ) ) { 547 548 $client_status = sanitize_text_field( wp_unslash( $_POST['client_status'] ) ); 549 update_user_meta( $user_id, 'client_status', $client_status ); 550 551 } 552 553 /** 554 * Additional Companies 555 */ 556 if ( ! empty( $_POST['client_additional_company'] ) ) { 557 558 $sanitized_company_array = array_map( 'intval', $_POST['client_additional_company'] ); 559 560 if ( $sanitized_company_array && ! empty( $sanitized_company_array ) ) { 561 562 update_user_meta( $user_id, 'client_additional_company', $sanitized_company_array ); 563 564 } 565 } else { 566 567 delete_user_meta( $user_id, 'client_additional_company' ); 568 569 } 570 } 521 571 } 522 572 } … … 631 681 } 632 682 633 if ( ! in_array( $company_id, $saved_companies ) ) { 683 $saved_companies = array_map( 'intval', $saved_companies ); 684 685 if ( ! in_array( (int) $company_id, $saved_companies, true ) ) { 634 686 return false; 635 687 } -
constellation-client-portal/trunk/ars-constellation-client-portal.php
r3096852 r3101275 7 7 * Plugin URI: https://adrianrodriguezstudios.com/constellation-client-portal/ 8 8 * Description: Create private pages for each of your clients, post private files, and protect your client files from unauthorized users and search engines. <strong>Important:</strong> All Site-level File Protection features will cease to function if the plugin is disabled or uninstalled. 9 * Version: 1.8. 79 * Version: 1.8.8 10 10 * Author: ARS 11 11 * Author URI: https://adrianrodriguezstudios.com … … 57 57 */ 58 58 define('ACCP_PLUGIN_NAME', 'ARS_CONSTELLATION_CLIENT_PORTAL'); 59 define('ACCP_PLUGIN_VERSION', '1.8. 7'); // Change the version in the header as well.59 define('ACCP_PLUGIN_VERSION', '1.8.8'); // Change the version in the header as well. 60 60 define( ACCP_PLUGIN_NAME, ACCP_PLUGIN_VERSION ); 61 61 define( 'ACCP_PLUGIN_FILE_NAME', __FILE__ ); -
constellation-client-portal/trunk/public/class-ars-constellation-client-portal-public.php
r3088740 r3101275 83 83 * Shortcode: [accp_my_company_page] 84 84 * 85 * @param array $atts - array of atts passed in via the shortcode. 86 * @param string $content - The shortcode content. 85 * @param array $atts - array of atts passed in via the shortcode. 87 86 * 88 87 * @return string $html - shortcode result. 89 88 */ 90 public function accp_client_home_link( $atts , $content = null) {89 public function accp_client_home_link( $atts ) { 91 90 92 91 /** -
constellation-client-portal/trunk/public/shortcodes/class-ars-constellation-client-portal-list-shortcodes.php
r3088740 r3101275 106 106 * attributes from saved shortcode options. 107 107 * 108 * @param array $atts - array of atts passed in via the shortcode. 109 * @param string $content - The shortcode content. 108 * @param array $atts - array of atts passed in via the shortcode. 110 109 * 111 110 * @return string $html - the shortcode result. 112 111 */ 113 public function get_client_files_shortcode( $atts , $content = null) {112 public function get_client_files_shortcode( $atts ) { 114 113 115 114 /** … … 144 143 * attributes from saved shortcode options. 145 144 * 146 * @param array $atts - array of atts passed in via the shortcode. 147 * @param string $content - The shortcode content. 145 * @param array $atts - array of atts passed in via the shortcode. 148 146 * 149 147 * @return string $html - the shortcode result. 150 148 */ 151 public function get_client_invoices_shortcode( $atts , $content = null) {149 public function get_client_invoices_shortcode( $atts ) { 152 150 153 151 /** … … 199 197 $is_pro = $this->utilities->is_pro_plugin( $this->plugin_name ); 200 198 199 /** 200 * Post a shortcode nonce. 201 */ 202 $this->post_shortcode_nonce(); 203 201 204 global $post; 202 205 203 $post_id = get_the_ID(); 204 $user_id = get_current_user_id(); 205 $list_instance = filter_var( $this->generate_list_instance_id(), FILTER_SANITIZE_NUMBER_INT ); 206 $paged_param = 'paged' . $list_instance; 207 $paged = isset( $_GET[ $paged_param ] ) ? (int) $_GET[ $paged_param ] : 1; 206 $post_id = get_the_ID(); 207 $user_id = get_current_user_id(); 208 $list_instance = filter_var( $this->generate_list_instance_id(), FILTER_SANITIZE_NUMBER_INT ); 209 $paged_param = 'paged' . $list_instance; 210 211 /** 212 * Set the paged value. 213 */ 214 $paged = 1; 215 216 if ( isset( $_POST['accp_shortcode_nonce'] ) ) { 217 218 $nonce = sanitize_text_field( wp_unslash( $_POST['accp_shortcode_nonce'] ) ); 219 220 if ( wp_verify_nonce( $nonce, 'accp_shortcode_nonce' ) ) { 221 $paged = isset( $_GET[ $paged_param ] ) ? (int) $_GET[ $paged_param ] : 1; 222 } 223 } 224 208 225 $authorized_company_id = $this->get_client_page_authorized_company_id_by_user_id( $user_id, $post_id ); 209 226 $allowed_html = $this->get_shortcode_allowed_html_for_wp_kses(); … … 604 621 * @param array $atts - array of atts passed in via the shortcode. 605 622 * @param string $shortcode_id - The pro shortcode ID (if any). 606 */ 607 public function get_file_or_invoice_status_var( $atts, $shortcode_id = '' ) { 623 * 624 * DEV Note: The $shortcode_id param is required by the pro plugin. 625 * Ignore PHPCS warnings of it being an unused param. 626 */ 627 public function get_file_or_invoice_status_var( $atts, $shortcode_id = '' ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter 608 628 609 629 $file_status = array(); … … 630 650 * @param array $atts - array of atts passed in via the shortcode. 631 651 * @param string $shortcode_id - The pro shortcode ID (if any). 632 */ 633 public function get_invoice_status_var( $atts, $shortcode_id = '' ) { 652 * 653 * DEV Note: The $shortcode_id param is required by the pro plugin. 654 * Ignore PHPCS warnings of it being an unused param. 655 */ 656 public function get_invoice_status_var( $atts, $shortcode_id = '' ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter 634 657 635 658 $invoice_status = array(); … … 653 676 * 654 677 * @return array $categories - array of category ID's. 655 */ 656 public function get_categories_var( $atts, $taxonomy, $shortcode_id = '' ) { 678 * 679 * DEV Note: The $shortcode_id param is required by the pro plugin. 680 * Ignore PHPCS warnings of it being an unused param. 681 */ 682 public function get_categories_var( $atts, $taxonomy, $shortcode_id = '' ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter 657 683 658 684 $categories = array(); … … 720 746 */ 721 747 public function generate_list_instance_id() { 748 749 $nonce_name = 'accp_shortcode_nonce'; 750 751 if ( ! isset( $_POST[ $nonce_name ] ) ) { 752 return; 753 } 754 755 $nonce = sanitize_text_field( wp_unslash( $_POST[ $nonce_name ] ) ); 756 757 if ( ! wp_verify_nonce( $nonce, $nonce_name ) ) { 758 return; 759 } 722 760 723 761 /** … … 750 788 751 789 /** 790 * Post a shortcode nonce. 791 */ 792 public function post_shortcode_nonce() { 793 794 $nonce_name = 'accp_shortcode_nonce'; 795 $nonce = wp_create_nonce( $nonce_name ); 796 797 $_POST[ $nonce_name ] = $nonce; 798 } 799 800 801 /** 752 802 * Get the authorized company ID for a given user. 753 803 * … … 775 825 * Get additonal companies assigned to the user (if any). 776 826 */ 777 $additional_assigned_companies = get_user_meta( $user_id, 'client_additional_company', true ); 827 $additional_assigned_companies = get_user_meta( $user_id, 'client_additional_company', true ) ? get_user_meta( $user_id, 'client_additional_company', true ) : array(); 828 829 if ( $additional_assigned_companies && ! empty( $additional_assigned_companies ) ) { 830 831 $additional_assigned_companies = array_map( 'intval', $additional_assigned_companies ); 832 } 778 833 779 834 /** … … 832 887 * this is not a global page. 833 888 */ 834 $page_company_id = get_post_meta( $post_id, 'accp_user', true ) ;835 836 if ( ! $page_company_id ) {889 $page_company_id = get_post_meta( $post_id, 'accp_user', true ) ? (int) get_post_meta( $post_id, 'accp_user', true ) : ''; 890 891 if ( ! $page_company_id || empty( $page_company_id ) ) { 837 892 return false; 838 893 } 839 894 840 if ( $additional_assigned_companies && ! empty( $additional_assigned_companies ) && in_array( $page_company_id, $additional_assigned_companies ) ) {895 if ( $additional_assigned_companies && ! empty( $additional_assigned_companies ) && in_array( $page_company_id, $additional_assigned_companies, true ) ) { 841 896 842 897 $additional_company_id = $page_company_id; … … 1698 1753 * File View and Download 1699 1754 */ 1700 $html .= $this->get_list_item_download_section_html( $post_id, $user_id, $attached_file , $atts);1755 $html .= $this->get_list_item_download_section_html( $post_id, $user_id, $attached_file ); 1701 1756 1702 1757 /** … … 2107 2162 * Get the list item file view and download section html. 2108 2163 * 2109 * @param int $post_id - The ID of the post in the loop. 2110 * @param int $user_id - The ID of the current user. 2111 * @param array $attached_file - The file attached to the loop item post (if any). 2112 * @param string $atts - The shortcode atts. 2164 * @param int $post_id - The ID of the post in the loop. 2165 * @param int $user_id - The ID of the current user. 2166 * @param array $attached_file - The file attached to the loop item post (if any). 2113 2167 * 2114 2168 * @return string $html - The section html. 2115 2169 */ 2116 public function get_list_item_download_section_html( $post_id, $user_id, $attached_file , $atts) {2170 public function get_list_item_download_section_html( $post_id, $user_id, $attached_file ) { 2117 2171 2118 2172 if ( ! is_user_logged_in() || is_admin() ) { … … 2120 2174 } 2121 2175 2122 if ( ! $post_id || ! $user_id || ! $attached_file || empty( $attached_file ) ) {2176 if ( ! $post_id || ! $user_id || ! $attached_file || empty( $attached_file ) || ! is_array( $attached_file ) ) { 2123 2177 return; 2124 2178 } … … 2164 2218 $html .= '<div class="accp-view-dl-link-container">'; 2165 2219 2166 $html .= '<a href="' . esc_url( $attached_file['url'] ) . '" class="view-print accp-file-view-print" target="_blank">View and Print</a>'; 2220 if ( isset( $attached_file['url'] ) ) { 2221 2222 $html .= '<a href="' . esc_url( $attached_file['url'] ) . '" class="view-print accp-file-view-print" target="_blank">View and Print</a>'; 2223 2224 } 2167 2225 2168 2226 $html .= '<span class="accp-view-download-separator"> | </span>'; … … 2325 2383 $message = 'The "id" shortcode parameter is reserved for Constellation pro shortcodes. To add a CSS container ID use the "css_id" shortcode parameter.'; 2326 2384 2327 trigger_error( esc_html( $message ), E_USER_WARNING ); 2385 /** 2386 * DEV Note: This warning is useful for site admins to 2387 * prompt them to change instances of the legacy core 2388 * shortcode "id" param that is now a reserved pro 2389 * shortcode parameter (and should not be used in 2390 * the core plugin). 2391 */ 2392 trigger_error( esc_html( $message ), E_USER_WARNING ); // phpcs:ignore. 2328 2393 2329 2394 } … … 2338 2403 $handle = $this->get_style_handle(); 2339 2404 2340 wp_enqueue_style( $handle, plugin_dir_url( __DIR__ ) . '/css/ars-constellation-client-portal-list-shortcode-styles.css', false);2405 wp_enqueue_style( $handle, plugin_dir_url( __DIR__ ) . '/css/ars-constellation-client-portal-list-shortcode-styles.css', $this->version, 'all' ); 2341 2406 } 2342 2407
Note: See TracChangeset
for help on using the changeset viewer.