Changeset 3186303
- Timestamp:
- 11/12/2024 08:21:07 AM (15 months ago)
- Location:
- razorpay-payment-button/trunk
- Files:
-
- 5 edited
-
includes/rzp-payment-buttons.php (modified) (1 diff)
-
includes/rzp-subscription-buttons.php (modified) (1 diff)
-
razorpay-payment-buttons.php (modified) (1 diff)
-
readme.txt (modified) (2 diffs)
-
templates/razorpay-button-view-templates.php (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
razorpay-payment-button/trunk/includes/rzp-payment-buttons.php
r2735435 r3186303 89 89 //All Buttons 90 90 $class = ($current === 'all' ? ' class="current"' :''); 91 $all_url = remove_query_arg('status');91 $all_url = esc_url(remove_query_arg('status')); 92 92 $views['all'] = "<a href='{$all_url }' {$class} >All</a>"; 93 93 94 94 //Recovered link 95 $foo_url = add_query_arg('status','active');95 $foo_url = esc_url(add_query_arg('status','active')); 96 96 $class = ($current === 'active' ? ' class="current"' :''); 97 97 $views['status'] = "<a href='{$foo_url}' {$class} >Enabled</a>"; 98 98 99 99 //Abandon 100 $bar_url = add_query_arg('status','inactive');100 $bar_url = esc_url(add_query_arg('status','inactive')); 101 101 $class = ($current === 'inactive' ? ' class="current"' :''); 102 102 $views['disabled'] = "<a href='{$bar_url}' {$class} >Disabled</a>"; -
razorpay-payment-button/trunk/includes/rzp-subscription-buttons.php
r2735435 r3186303 89 89 //All Buttons 90 90 $class = ($current === 'all' ? ' class="current"' :''); 91 $all_url = remove_query_arg('status');91 $all_url = esc_url(remove_query_arg('status')); 92 92 $views['all'] = "<a href='{$all_url }' {$class} >All</a>"; 93 93 94 94 //Recovered link 95 $foo_url = add_query_arg('status','active');95 $foo_url = esc_url(add_query_arg('status','active')); 96 96 $class = ($current === 'active' ? ' class="current"' :''); 97 97 $views['status'] = "<a href='{$foo_url}' {$class} >Enabled</a>"; 98 98 99 99 //Abandon 100 $bar_url = add_query_arg('status','inactive');100 $bar_url = esc_url(add_query_arg('status','inactive')); 101 101 $class = ($current === 'inactive' ? ' class="current"' :''); 102 102 $views['disabled'] = "<a href='{$bar_url}' {$class} >Disabled</a>"; -
razorpay-payment-button/trunk/razorpay-payment-buttons.php
r3148679 r3186303 5 5 * Plugin URI: https://github.com/razorpay/payment-button-wordpress-plugin 6 6 * Description: Add a Razorpay Payment Button (Donate Now, Buy Now, Support Now and more) to your website and start accepting payments via Credit/Debit cards, Netbanking, UPI, Wallets, Pay later etc. instantly. 7 * Version: 2.4. 67 * Version: 2.4.7 8 8 * Author: Razorpay 9 9 * Author URI: https://razorpay.com -
razorpay-payment-button/trunk/readme.txt
r3148679 r3186303 3 3 Tags: Payment gateway, Donate button, UPI/credit/debit card, Payment plugin, India, e-commerce, education. 4 4 Tested up to: 6.6 5 Stable tag: 2.4. 65 Stable tag: 2.4.7 6 6 License: GPLv2 or later 7 7 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 99 99 == Changelog == 100 100 101 = 2.4.7 = 102 * Added security enhancements 103 101 104 = 2.4.6 = 102 105 * Fixed naming conflict in razorpay section -
razorpay-payment-button/trunk/templates/razorpay-button-view-templates.php
r2744133 r3186303 27 27 wp_die("This page consist some request parameters to view response"); 28 28 } 29 $pagenum = $_REQUEST['paged'];30 $type = $_REQUEST['type'];29 $pagenum = sanitize_text_field($_REQUEST['paged']); // nosemgrep 30 $type = sanitize_text_field($_REQUEST['type']); // nosemgrep 31 31 if($type === 'payment') 32 32 { … … 47 47 <span class="dashicons rzp-dashicons dashicons-arrow-left-alt"></span> Button List 48 48 </a> 49 <span class="dashicons rzp-dashicons dashicons-arrow-right-alt2"></span>' .$button_detail['title'].'49 <span class="dashicons rzp-dashicons dashicons-arrow-right-alt2"></span>' . esc_html($button_detail['title']) . ' 50 50 </div> 51 51 <div class="container rzp-container"> 52 52 <div class="row panel-heading"> 53 <div class="text">' .$button_detail['title'].'</div>53 <div class="text">' . esc_html($button_detail['title']) . '</div> 54 54 </div> 55 55 <div class="row panel-body"> … … 57 57 <div class="row"> 58 58 <div class="col-sm-4 panel-label">Button ID</div> 59 <div class="col-sm-8 panel-value">' .$button_detail["id"].'</div>59 <div class="col-sm-8 panel-value">' . esc_html($button_detail["id"]) . '</div> 60 60 </div> 61 61 <div class="row"> 62 62 <div class="col-sm-4 panel-label">Button Status</div> 63 63 <div class="col-sm-8 panel-value"> 64 <span class="status-label">' .$button_detail['status'].'</span>65 <button onclick="'.$show.'" class="status-button">' .$button_detail['btn_pointer_status'].'</button>64 <span class="status-label">' . esc_html($button_detail['status']) . '</span> 65 <button onclick="'.$show.'" class="status-button">' . esc_html($button_detail['btn_pointer_status']) . '</button> 66 66 </div> 67 67 </div> 68 68 <div class="row"> 69 69 <div class="col-sm-4 panel-label">Total Quantity Sold</div> 70 <div class="col-sm-8 panel-value">' .$button_detail['total_item_sold'].'</div>70 <div class="col-sm-8 panel-value">' . htmlentities($button_detail['total_item_sold']) . '</div> 71 71 </div>'; 72 72 if($type === 'payment') … … 74 74 echo '<div class="row"> 75 75 <div class="col-sm-4 panel-label">Total revenue</div> 76 <div class="col-sm-8 panel-value"><span class="rzp-currency">₹ </span>' . $button_detail['total_revenue']. '</div>76 <div class="col-sm-8 panel-value"><span class="rzp-currency">₹ </span>' . esc_html($button_detail['total_revenue']) . '</div> 77 77 </div>'; 78 78 } 79 79 echo '<div class="row"> 80 80 <div class="col-sm-4 panel-label">Created on</div> 81 <div class="col-sm-8 panel-value">' .$button_detail['created_at'].'</div>81 <div class="col-sm-8 panel-value">' . esc_html($button_detail['created_at']) . '</div> 82 82 </div> 83 83 </div>'; … … 98 98 <div class="container"> 99 99 <div class="modal-header"> 100 <h3 class="modal-title">' .$button_detail["modal_title_content"].'</h3>100 <h3 class="modal-title">' . esc_html($button_detail["modal_title_content"]) . '</h3> 101 101 </div> 102 102 <div class="modal-body"> 103 103 <div class="text-semi-muted"> 104 <p>' .$button_detail["modal_body_content"].'</p>104 <p>' . esc_html($button_detail["modal_body_content"]) . '</p> 105 105 </div> 106 106 <div class="Modal__actions"> 107 107 <button type="button" onclick="'.$hide.'" class="btn btn-default">No, don`t!</button> 108 <button type="submit" onclick="'.$hide.'" name="btn_action" value="' .$button_detail['btn_pointer_status'].'" class="btn btn-primary">Yes, '.$button_detail['btn_pointer_status'].'</button>108 <button type="submit" onclick="'.$hide.'" name="btn_action" value="' . esc_html($button_detail['btn_pointer_status']) . '" class="btn btn-primary">Yes, ' . esc_html($button_detail['btn_pointer_status']) . '</button> 109 109 <input type="hidden" name="type" value="'.$type.'"> 110 <input type="hidden" name="btn_id" value="' .$button_detail['id'].'">110 <input type="hidden" name="btn_id" value="' . esc_html($button_detail['id']) . '"> 111 111 <input type="hidden" name="paged" value="'.$pagenum.'"> 112 112 <input type="hidden" name="action" value="rzp_btn_action"> … … 203 203 $html_content_item = $html_content_item.$content; 204 204 } 205 205 206 206 return array( 207 207 'id' => $button_detail['id'],
Note: See TracChangeset
for help on using the changeset viewer.