Changeset 3210120
- Timestamp:
- 12/18/2024 09:45:42 PM (3 months ago)
- Location:
- webinar-ignition/tags/4.00.0-rc.7
- Files:
-
- 225 added
- 1 deleted
- 64 edited
Legend:
- Unmodified
- Added
- Removed
-
webinar-ignition/tags/4.00.0-rc.7/UI/app/tab1.php
r3207791 r3210120 685 685 <select name="webinar_timezone" id="webinar_timezone" class="inputField inputFieldDash elem "> 686 686 <?php 687 echo webinarignition_create_tz_select_list( $webinarTZ, get_user_locale() ); 687 // Generate the timezone list 688 $timezone_options = webinarignition_create_tz_select_list( $webinarTZ, get_user_locale() ); 689 // Sanitize the output 690 echo wp_kses( $timezone_options, array( 691 'optgroup' => array( 692 'label' => array(), 693 ), 694 'option' => array( 695 'value' => array(), 696 'selected' => array(), 697 ), 698 ) ); 688 699 ?> 689 700 </select> … … 811 822 <div class="wi_selected_pages_links"> 812 823 <?php 813 echo implode( '', $selected_page_links ); 824 foreach ( $selected_page_links as $link ) { 825 echo wp_kses( $link, array( 826 'div' => array( 827 'class' => array(), 828 ), 829 'input' => array( 830 'data-page_url' => array(), 831 'name' => array(), 832 'class' => array(), 833 'value' => array(), 834 'type' => array(), 835 'checked' => true, 836 ), 837 'i' => array( 838 'class' => array(), 839 ), 840 'a' => array( 841 'href' => array(), 842 'target' => array(), 843 'class' => array(), 844 ), 845 ) ); 846 } 814 847 ?> 815 848 </div> … … 958 991 $getVersion = 'webinarignition_leads'; 959 992 $table_db_name = $wpdb->prefix . $getVersion; 960 $ID = $_GET['id'];993 $ID = ( isset( $_GET['id'] ) ? sanitize_text_field( wp_unslash( $_GET['id'] ) ) : null ); 961 994 // Sanitize input values 962 995 $ID = intval( $ID ); … … 1049 1082 <span style="float: right;" id="deleteCampaign" 1050 1083 data-nonce="<?php 1051 e sc_attr( wp_create_nonce( 'wi_delete_campaign_' . $_GET['id']) );1084 echo esc_attr( wp_create_nonce( 'wi_delete_campaign_' . sanitize_text_field( wp_unslash( $_GET['id'] ) ) ) ); 1052 1085 ?>" class="grey-btn"><i 1053 1086 class="icon-trash" style="margin-right: 5px;"></i> <?php … … 1091 1124 <textarea onclick="this.select()" 1092 1125 style="width:100%; height:250px;"><?php 1093 echo esc_attr( base64_encode( json_encode( $webinar_data ) ) );1126 echo esc_attr( base64_encode( wp_json_encode( $webinar_data ) ) ); 1094 1127 ?></textarea> 1095 1128 </div> -
webinar-ignition/tags/4.00.0-rc.7/UI/app/tab6.php
r3207791 r3210120 142 142 if ( $webinar_locale === 'de_DE' ) { 143 143 $date_formats = array( 144 __( 'j. F Y' ),144 __( 'j. F Y', 'webinar-ignition' ), 145 145 'Y-m-d', 146 146 'm/d/Y', … … 149 149 } else { 150 150 $date_formats = array( 151 __( 'F j, Y' ),151 __( 'F j, Y', 'webinar-ignition' ), 152 152 'Y-m-d', 153 153 'm/d/Y', … … 225 225 ?> 226 226 <?php 227 echo '<label><input type="radio" name="date_format" id="date_format_custom_radio" value="' . $date_format. '"';227 echo '<label><input type="radio" name="date_format" id="date_format_custom_radio" value="' . esc_attr( $date_format ) . '"'; 228 228 checked( $custom ); 229 229 echo '/> <span class="date-time-text date-time-custom-text">' . esc_html__( 'Custom:', 'webinar-ignition' ) . '</span><input type="text" name="date_format_custom" id="date_format_custom" value="' . esc_attr( $date_format ) . '" class="float-right small-text" /></label>' . '<br/><br/>' . '<p><strong>' . esc_html__( 'Preview:', 'webinar-ignition' ) . '</strong> <span id="date_format_preview" class="formatPreview">' . esc_attr( date_i18n( $date_format ) ) . '</span>' . "<span class='spinner'></span>\n" . '</p>'; … … 580 580 esc_html__( 'Footer Area Content', 'webinar-ignition' ), 581 581 'live_console_footer_area_content', 582 /* translators: %s placeholder is used to display the current year in the footer. */ 582 583 sprintf( esc_html__( 'Add some HTML content on the bottom of your live console page. Use %s placeholder if you want to show current year in your footer.', 'webinar-ignition' ), '{{currentYear}}' ) 583 584 ); -
webinar-ignition/tags/4.00.0-rc.7/UI/create.php
r3207791 r3210120 98 98 $tzstring = get_option( 'timezone_string' ); 99 99 $date_formats = array( 100 __( 'F j, Y' ),100 __( 'F j, Y', 'webinar-ignition' ), 101 101 'Y-m-d', 102 102 'm/d/Y', … … 178 178 $translations = array_merge( array( 179 179 'en_US' => array( 180 'native_name' => __( 'English' ),180 'native_name' => __( 'English', 'webinar-ignition' ), 181 181 ), 182 182 ), $translations ); … … 202 202 ?>> 203 203 <?php 204 echo ( isset( $translations[$language] ) ? esc_html( $translations[$language]['native_name'] ) : $language);204 echo ( isset( $translations[$language] ) ? esc_html( $translations[$language]['native_name'] ) : esc_html( $language ) ); 205 205 ?> 206 206 </option> … … 223 223 ?>> 224 224 <?php 225 echo ( isset( $translations[ $language] ) ? esc_html( $translations[$language]['native_name'] ) : $language);225 echo ( isset( $translations[esc_html( $language )] ) ? esc_html( $translations[esc_html( $language )]['native_name'] ) : esc_html( $language ) ); 226 226 ?> 227 227 </option> … … 313 313 <input type="radio" name="date_format" id="date_format_custom_radio" value="custom" /> 314 314 <span class="date-time-text date-time-custom-text"><?php 315 esc_html_e( 'Custom:' );315 esc_html_e( 'Custom:', 'webinar-ignition' ); 316 316 ?></span> 317 317 <input type="text" name="date_format_custom" id="date_format_custom" value="D <?php … … 354 354 <p> 355 355 <strong class="preview_text"><?php 356 esc_html_e( 'Preview:' );356 esc_html_e( 'Preview:', 'webinar-ignition' ); 357 357 ?></strong> 358 358 <span class="formatPreview" id="date_format_preview"><?php … … 374 374 // Get current WP time format 375 375 $time_formats = [ 376 __( 'g:i a' ),376 __( 'g:i a', 'webinar-ignition' ), 377 377 // 12-hour format 378 __( 'g:i A' ),378 __( 'g:i A', 'webinar-ignition' ), 379 379 // 12-hour format with uppercase AM/PM 380 __( 'H:i' ),380 __( 'H:i', 'webinar-ignition' ), 381 381 ]; 382 382 $counter = 0; … … 384 384 // Check if this is the first iteration 385 385 $checked = ( $counter === 0 ? 'checked' : '' ); 386 echo "\t<div><label id='default_time_radio_label'>\n\t\t\t\t\t\t\t\t\t<input type='radio' name='time_format' value='" . esc_html( $format ) . "' {$checked}/>\n\t\t\t\t\t\t\t\t\t<span class='date-time-text format-i18n'>" . esc_html( date_i18n( $format ) ) . "</span>\n\t\t\t\t\t\t\t\t\t<code>" . esc_html( $format ) . "</code>\n\t\t\t\t\t\t\t\t</label><br><br></div>\n";386 echo "\t<div><label id='default_time_radio_label'>\n\t\t\t\t\t\t\t\t\t<input type='radio' name='time_format' value='" . esc_html( $format ) . "' " . esc_attr( $checked ) . " />\n\t\t\t\t\t\t\t\t\t<span class='date-time-text format-i18n'>" . esc_html( date_i18n( $format ) ) . "</span>\n\t\t\t\t\t\t\t\t\t<code>" . esc_html( $format ) . "</code>\n\t\t\t\t\t\t\t\t</label><br><br></div>\n"; 387 387 $counter++; 388 388 } -
webinar-ignition/tags/4.00.0-rc.7/UI/editapp.php
r3207791 r3210120 7 7 $ID = isset( $_GET['id'] ) ? sanitize_text_field( wp_unslash( $_GET['id'] ) ) : null; 8 8 $sql = "SELECT * FROM $table_db_name WHERE ID = %d"; 9 $safe_query = $wpdb->prepare( $sql, $ID ); 10 $data = $wpdb->get_row( $safe_query, OBJECT ); 9 // Check if ID is valid before proceeding 10 if ( $ID ) { 11 // Use placeholders directly in the prepared query 12 $data = $wpdb->get_row( 13 $wpdb->prepare( 14 "SELECT * FROM {$table_db_name} WHERE ID = %d", 15 $ID 16 ), 17 OBJECT 18 ); 19 } else { 20 $data = null; // Handle the case where ID is not valid 21 } 11 22 12 23 // Return Option Object: -
webinar-ignition/tags/4.00.0-rc.7/UI/index.php
r3207791 r3210120 58 58 function webinarignition_dashboard() { 59 59 $id = ( isset( $_GET['id'] ) ? absint( $_GET['id'] ) : null ); 60 $create = ( isset( $_GET['create'] ) ? sanitize_text_field( $_GET['create']) : null );60 $create = ( isset( $_GET['create'] ) ? sanitize_text_field( wp_unslash( $_GET['create'] ) ) : null ); 61 61 // Sanitize as plain text 62 $webinars = ( isset( $_GET['webinars'] ) ? sanitize_textarea_field( $_GET['webinars']) : null );62 $webinars = ( isset( $_GET['webinars'] ) ? sanitize_textarea_field( wp_unslash( $_GET['webinars'] ) ) : null ); 63 63 // For larger text 64 64 // fix :: notice on outdated PHP version … … 122 122 $ending_time = $limit_count_timeout; 123 123 $current_time = time(); 124 $starting_date = date( 'y-m-d', $starting_time );125 $current_date = date( 'y-m-d', $current_time );124 $starting_date = gmdate( 'y-m-d', $starting_time ); 125 $current_date = gmdate( 'y-m-d', $current_time ); 126 126 $current_number_of_days = absint( wi_date_difference( $starting_date, $current_date, 'days' ) ); 127 127 $total_count_ratio = ( $limit_users > 0 && $total_number_of_days > 0 ? $limit_users / $total_number_of_days : 0 ); 128 128 $current_count_ratio = ( $user_count > 0 && $current_number_of_days > 0 ? $user_count / $current_number_of_days : 0 ); 129 $reset_date = date( get_option( 'date_format' ), $limit_count_timeout );129 $reset_date = gmdate( get_option( 'date_format' ), $limit_count_timeout ); 130 130 $wi_db_url = add_query_arg( 'page', 'webinarignition-dashboard', admin_url( 'admin.php' ) ); 131 131 if ( $statusCheck && $statusCheck->name == 'ultimate_powerup_tier1a' ) { -
webinar-ignition/tags/4.00.0-rc.7/UI/opt-in/essential-plan.php
r3207791 r3210120 36 36 /* translators: %1$s: Profile email link, %2$s: Change email link */ 37 37 esc_html__('Subscribe now and be the first to find out about our latest offers and features. You will be opted in with %1$s or %2$s.', 'webinar-ignition'), 38 $profile_email_link,39 $change_mail_link38 esc_url($profile_email_link), 39 esc_url($change_mail_link) 40 40 ); 41 41 ?> -
webinar-ignition/tags/4.00.0-rc.7/UI/ui-com2.php
r3207791 r3210120 417 417 418 418 <div class="inputSection "> 419 <?php $starttimeTZ = $data; ?> 420 <?php echo ( webinarignition_get_select_start_time_options($id, $starttimeTZ, $template, $webinar_data) ); ?> 419 <?php 420 // Start Time Options 421 $starttimeTZ = $data; 422 $start_time_options = webinarignition_get_select_start_time_options( $id, $starttimeTZ, $template, $webinar_data ); 423 echo wp_kses( $start_time_options, array( 424 'select' => array( 425 'name' => array(), 426 'id' => array(), 427 'class' => array(), 428 ), 429 'option' => array( 430 'value' => array(), 431 'selected' => array(), 432 ), 433 ) ); 434 ?> 421 435 <div<?php echo $is_multiple_auto_time_enabled ? '' : ' style="display:none;"'; ?>> 422 <?php echo ( webinarignition_get_select_weekdays_options($weekdays_id, $weekdays, $template) ); ?> 436 <?php 437 // Weekday Options 438 $weekday_options = webinarignition_get_select_weekdays_options( $weekdays_id, $weekdays, $template ); 439 echo wp_kses( $weekday_options, array( 440 'select' => array( 441 'multiple' => array(), 442 'name' => array(), 443 'id' => array(), 444 'class' => array(), 445 'style' => array(), 446 ), 447 'option' => array( 448 'value' => array(), 449 'selected' => array(), 450 ), 451 ) ); 452 ?> 423 453 </div> 424 454 </div> … … 580 610 581 611 if ( ! empty( $selected_page_links ) ) : ?> 582 <div class="wi_selected_pages_links_container"> 583 <div class="wi_selected_pages_links"> 584 <?php echo implode( '', $selected_page_links ); ?> 585 </div> 586 </div> 612 <?php 613 if ( ! empty( $selected_page_links ) && is_array( $selected_page_links ) ) { 614 foreach ( $selected_page_links as $link ) { 615 echo wp_kses( $link, array( 616 'a' => array( 617 'href' => array(), 618 'title' => array(), 619 'class' => array(), 620 'target' => array(), 621 ), 622 'div' => array( 623 'class' => array(), 624 ), 625 'span' => array( 626 'class' => array(), 627 ), 628 'i' => array( 629 'class' => array(), 630 ), 631 ) ); 632 } 633 } 634 ?> 587 635 <?php endif; ?> 588 636 <?php endif; ?> -
webinar-ignition/tags/4.00.0-rc.7/UI/ui-core.php
r3207791 r3210120 15 15 if ( ! empty( $attr ) && is_array( $attr ) ) { 16 16 foreach ( $attr as $attr_name => $attr_value ) { 17 $attr_value = wp_kses_stripslashes( $attr_value ); 17 $attr_name = esc_attr( $attr_name ); 18 $attr_value = esc_attr( wp_kses_stripslashes( $attr_value ) ); 18 19 $attr_strings[] = "{$attr_name}=\"{$attr_value}\""; 19 20 } … … 32 33 33 34 <div class="inputSection"> 34 <input class="inputField elem" placeholder="<?php echo esc_attr($placeholder); ?>" type="<?php echo esc_attr($type); ?>" name="<?php echo esc_attr($id); ?>" id="<?php echo esc_attr($id); ?>" value="<?php echo ! empty( $data ) ? esc_attr( stripcslashes( $data ) ) : ''; ?>" <?php echo $attr_string; ?>>35 <input class="inputField elem" placeholder="<?php echo esc_attr($placeholder); ?>" type="<?php echo esc_attr($type); ?>" name="<?php echo esc_attr($id); ?>" id="<?php echo esc_attr($id); ?>" value="<?php echo ! empty( $data ) ? esc_attr( stripcslashes( $data ) ) : ''; ?>" <?php echo esc_attr($attr_string); ?>> 35 36 </div> 36 37 <br clear="left" > … … 303 304 304 305 <div class="inputSection"> 305 <textarea name="<?php echo esc_html($id); ?>" placeholder="<?php echo esc_html($placeholder); ?>" id="<?php echo esc_attr($id); ?>" class="inputTextarea elem"><?php echo (isset($data) ? $data : ''); ?></textarea>306 <textarea name="<?php echo esc_html($id); ?>" placeholder="<?php echo esc_html($placeholder); ?>" id="<?php echo esc_attr($id); ?>" class="inputTextarea elem"><?php echo isset( $data ) ? esc_textarea( $data ) : ''; ?></textarea> 306 307 </div> 307 308 <br clear="left" > -
webinar-ignition/tags/4.00.0-rc.7/admin/messages/old-license-version.php
r3207791 r3210120 178 178 ?> 179 179 <input type="checkbox" class="<?php 180 echo $is_active;181 ?>" <?php 182 echo $checked;180 echo esc_html( $is_active ); 181 ?>" <?php 182 echo esc_html( $checked ); 183 183 ?> disabled> 184 184 <span class="geekmark"></span> -
webinar-ignition/tags/4.00.0-rc.7/admin/messages/paid-license.php
r3207791 r3210120 306 306 ?> 307 307 <input type="checkbox" class="<?php 308 echo $is_active;309 ?>" <?php 310 echo $checked;308 echo esc_html( $is_active ); 309 ?>" <?php 310 echo esc_html( $checked ); 311 311 ?> disabled> 312 312 <span class="geekmark"></span> -
webinar-ignition/tags/4.00.0-rc.7/admin/views/tabs/general.php
r3207791 r3210120 32 32 <div class="col-sm-9"> 33 33 34 34 <?php 35 $privacy_policy = esc_html__( '{privacy_policy}', 'webinar-ignition' ); 36 $imprint = esc_html__( '{imprint}', 'webinar-ignition' ); 37 $year = esc_html__( '{year}', 'webinar-ignition' ); 38 $site_title = esc_html__( '{site_title}', 'webinar-ignition' ); 39 40 $translated_string = sprintf( '%s | %s | © Copyright %s %s', $privacy_policy, $imprint, $year, $site_title ); 41 ?> 35 42 <textarea name="webinarignition_footer_text" id="webinarignition_footer_text" 36 43 style="width:100%; height: 75px;" class="" 37 placeholder="<?php e sc_attr_e( sprintf( '%s | %s | © Copyright %s %s', '{privacy_policy}', '{imprint}', '{year}', '{site_title}' ), 'webinar-ignition'); ?>"><?php44 placeholder="<?php echo esc_attr( $translated_string ); ?>"><?php 38 45 echo ! empty( $webinarignition_footer_text ) ? esc_html( $webinarignition_footer_text ) : sprintf( '%s | %s | © Copyright %s %s', '{privacy_policy}', '{imprint}', '{year}', '{site_title}' ); 39 46 ?></textarea> -
webinar-ignition/tags/4.00.0-rc.7/inc/Functions/DateTimeFunctions.php
r3207791 r3210120 21 21 return "{$d} {$translated_month}, {$y}"; 22 22 } else { 23 return date( 'j M, Y', strtotime( "{$y}-{$m}-{$d}" ) );23 return gmdate( 'j M, Y', strtotime( "{$y}-{$m}-{$d}" ) ); 24 24 } 25 25 } … … 67 67 $tz = $lead->lead_timezone; 68 68 } else { 69 $timeString = date( 'H:i', strtotime( $webinar->webinar_start_time ) );69 $timeString = gmdate( 'H:i', strtotime( $webinar->webinar_start_time ) ); 70 70 $tz = $webinar->webinar_timezone; 71 71 } … … 86 86 function webinarignition_format_time( $timeString, $time_format, $tz = null ) { 87 87 88 $time = date( $time_format, strtotime( $timeString ) );88 $time = gmdate( $time_format, strtotime( $timeString ) ); 89 89 $time .= ' '; 90 90 … … 121 121 122 122 $dateString = $dateTimeString[0]; 123 $date = date( $date_format, strtotime( $dateString ) );123 $date = gmdate( $date_format, strtotime( $dateString ) ); 124 124 125 125 return $date; … … 140 140 } 141 141 142 return date( 'M', strtotime( $dateTimeString[0] ) );142 return gmdate( 'M', strtotime( $dateTimeString[0] ) ); 143 143 } 144 144 … … 157 157 } 158 158 159 return date( 'd', strtotime( $dateTimeString[0] ) );159 return gmdate( 'd', strtotime( $dateTimeString[0] ) ); 160 160 } 161 161 … … 252 252 if ( $getMaxTime = max( $csDates ) ) { 253 253 $format_string = $webinar_data->time_format; 254 $csMaxTime = date( $format_string, $getMaxTime );254 $csMaxTime = gmdate( $format_string, $getMaxTime ); 255 255 } 256 256 … … 265 265 switch ( $format ) { 266 266 case 'MM-DD-YYYY': 267 $formattedDate = date( 'm-d-Y', $timestamp );267 $formattedDate = gmdate( 'm-d-Y', $timestamp ); 268 268 break; 269 269 case 'DD-MM-YYYY': 270 $formattedDate = date( 'd-m-Y', $timestamp );270 $formattedDate = gmdate( 'd-m-Y', $timestamp ); 271 271 break; 272 272 case 'YYYY-MM-DD': 273 $formattedDate = date( 'Y-m-d', $timestamp );273 $formattedDate = gmdate( 'Y-m-d', $timestamp ); 274 274 break; 275 275 default: 276 $formattedDate = date( 'm-d-Y', $timestamp );276 $formattedDate = gmdate( 'm-d-Y', $timestamp ); 277 277 break; 278 278 } … … 329 329 330 330 // Times 331 $time = !empty($time) ? date($time_format, strtotime($time)) : '';332 333 $utc = date( 'Z', strtotime( ( $time )) ) / 60 / 60;331 $time = !empty($time) ? gmdate($time_format, strtotime($time)) : ''; 332 333 $utc = gmdate( 'Z', strtotime( $time ) ) / 60 / 60; 334 334 $utc = $utc > 0 ? '+' . $utc : $utc; 335 335 … … 381 381 'city' => ( $exists[1] ? $zone[1] : '' ), 382 382 'subcity' => ( $exists[2] ? $zone[2] : '' ), 383 't_continent' => ( $exists[3] ? translate( str_replace( '_', ' ', $zone[0] ), ' continents-cities' ) : '' ),384 't_city' => ( $exists[4] ? translate( str_replace( '_', ' ', $zone[1] ), ' continents-cities' ) : '' ),385 't_subcity' => ( $exists[5] ? translate( str_replace( '_', ' ', $zone[2] ), ' continents-cities' ) : '' ),383 't_continent' => ( $exists[3] ? translate( str_replace( '_', ' ', $zone[0] ), 'webinar-ignition' ) : '' ), 384 't_city' => ( $exists[4] ? translate( str_replace( '_', ' ', $zone[1] ), 'webinar-ignition' ) : '' ), 385 't_subcity' => ( $exists[5] ? translate( str_replace( '_', ' ', $zone[2] ), 'webinar-ignition' ) : '' ), 386 386 ); 387 387 // phpcs:enable … … 392 392 393 393 if ( empty( $selected_zone ) ) { 394 $structure[] = '<option selected="selected" value="">' . __( 'Select a city' ) . '</option>';394 $structure[] = '<option selected="selected" value="">' . __( 'Select a city', 'webinar-ignition' ) . '</option>'; 395 395 } 396 396 … … 509 509 if ( isset( $webinar_data ) && is_object( $webinar_data ) ) { 510 510 $time_format = $webinar_data->time_format; 511 return date( $time_format, strtotime( $time ) );511 return gmdate( $time_format, strtotime( $time ) ); 512 512 513 513 } 514 514 515 515 // Default behavior: just return localized time based on $time 516 return date( __( 'g:i a' ), strtotime( $time ) );516 return gmdate( __( 'g:i a', 'webinar-ignition' ), strtotime( $time ) ); 517 517 } 518 518 … … 677 677 } else { 678 678 $current_locale = determine_locale(); 679 $date_format = __( 'F j, Y' );679 $date_format = __( 'F j, Y', 'webinar-ignition' ); 680 680 } 681 681 -
webinar-ignition/tags/4.00.0-rc.7/inc/Functions/LeadFunctions.php
r3207791 r3210120 7 7 8 8 if ( $is_protected ) { 9 $sql = "SELECT hash_ID AS ID FROM {$table} WHERE email = %s AND app_id = %d"; 10 $safe_query = $wpdb->prepare( $sql, array( $email, $webinarId ) ); 11 return $wpdb->get_row( $safe_query, OBJECT ); 9 return $wpdb->get_row($wpdb->prepare( "SELECT hash_ID AS ID FROM {$table} WHERE email = %s AND app_id = %d", $email, $webinarId ), OBJECT ); 10 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 12 11 } else { 13 $sql = "SELECT ID FROM {$table} WHERE email = %s AND app_id = %d"; 14 $safe_query = $wpdb->prepare( $sql, array( $email, $webinarId ) ); 15 return $wpdb->get_row( $safe_query, OBJECT ); 12 return $wpdb->get_row( $wpdb->prepare( "SELECT ID FROM {$table} WHERE email = %s AND app_id = %d", $email, $webinarId ), OBJECT ); 13 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 16 14 } 17 15 } … … 23 21 24 22 if ( $is_protected ) { 25 $sql = "SELECT * FROM {$leadTable} WHERE hash_ID = %s AND app_id = %d";26 $safe_query = $wpdb->prepare( $sql, array( $leadId, $webinarId ) );23 return $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$leadTable} WHERE hash_ID = %s AND app_id = %d", $leadId, $webinarId ), OBJECT ); 24 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 27 25 } else { 28 $sql = "SELECT * FROM {$leadTable} WHERE id = %s AND app_id = %d";29 $safe_query = $wpdb->prepare( $sql, array( $leadId, $webinarId ) );26 return $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$leadTable} WHERE id = %s AND app_id = %d", $leadId, $webinarId ), OBJECT ); 27 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 30 28 } 31 return $wpdb->get_row( $safe_query, OBJECT ); 29 32 30 } 33 31 … … 40 38 $leadTable = WebinarignitionManager::webinarignition_is_auto_webinar( $webinar_data ) ? 'webinarignition_leads_evergreen' : 'webinarignition_leads'; 41 39 42 $query = "SELECT * FROM {$wpdb->prefix}{$leadTable} L WHERE L.`app_id` = %d ";43 40 $sql_query_params = array( $webinarId, $leadId ); 44 41 45 42 if ( $is_lead_protected ) { 46 $query .= 'AND hash_ID = %s'; 43 if ( WebinarignitionManager::webinarignition_is_auto_webinar( $webinar_data ) && ! $is_lead_protected ) { 44 return $wpdb->get_row( $wpdb->prepare( 'SELECT * FROM {$wpdb->prefix}{$leadTable} L WHERE L.`app_id` = %d AND hash_ID = %s ORDER BY L.`date_picked_and_live` DESC LIMIT 1;', $sql_query_params ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 45 }else{ 46 return $wpdb->get_row( $wpdb->prepare('SELECT * FROM {$wpdb->prefix}{$leadTable} L WHERE L.`app_id` = %d AND hash_ID = %s', $sql_query_params ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 47 } 47 48 } else { 48 $query .= 'AND (L.`hash_ID` = %s OR L.`ID` = %d)';49 49 50 $sql_query_params[] = $leadId; 51 if ( WebinarignitionManager::webinarignition_is_auto_webinar( $webinar_data ) && ! $is_lead_protected ) { 52 53 return $wpdb->get_row( $wpdb->prepare( 'SELECT * FROM {$wpdb->prefix}{$leadTable} L WHERE L.`app_id` = %d AND (L.`hash_ID` = %s OR L.`ID` = %d) ORDER BY L.`date_picked_and_live` DESC LIMIT 1;', $sql_query_params ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 54 }else{ 55 return $wpdb->get_row( $wpdb->prepare( 'SELECT * FROM {$wpdb->prefix}{$leadTable} L WHERE L.`app_id` = %d AND (L.`hash_ID` = %s OR L.`ID` = %d)', $sql_query_params ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 56 } 50 57 } 51 52 if ( WebinarignitionManager::webinarignition_is_auto_webinar( $webinar_data ) && ! $is_lead_protected ) {53 $query .= ' ORDER BY L.`date_picked_and_live` DESC LIMIT 1;';54 }55 56 return $wpdb->get_row( $wpdb->prepare( $query, $sql_query_params ), OBJECT );57 58 } 58 59 } -
webinar-ignition/tags/4.00.0-rc.7/inc/Functions/extra_functions.php
r3207791 r3210120 19 19 20 20 21 function webinarignition_display( $var, $placeholder ) { 21 function webinarignition_display( $var, $placeholder ) { 22 22 // check if var is set 23 23 if ( empty( $var ) ) { 24 echo ( $placeholder);24 echo wp_kses_post( $placeholder, array() ); 25 25 } else { 26 echo ( stripslashes( $var) );26 echo wp_kses_post( stripslashes( $var ), array() ); 27 27 } 28 28 } 29 29 30 function webinarignition_btn_color(){ 31 $hexCode = ltrim( $btn_color, '#' ); 32 if ( strlen( $hexCode ) == 3 ) { 33 $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2]; 34 } 35 36 if ( strlen( $hexCode ) == 3 ) { 37 $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2]; 38 } 39 40 $hoverCode = array_map( 'hexdec', str_split( $hexCode, 2 ) ); 41 42 $adjustPercent = -0.05; 43 foreach ( $hoverCode as & $color ) { 44 $adjustableLimit = $adjustPercent < 0 ? $color : 255 - $color; 45 $adjustAmount = ceil( $adjustableLimit * $adjustPercent ); 46 47 $color = str_pad( dechex( $color + $adjustAmount ), 2, '0', STR_PAD_LEFT ); 48 } 49 50 $hover_color = '#' . implode( $hoverCode ); 51 52 $r = hexdec( substr( $btn_color, 1, 2 ) ); 53 $g = hexdec( substr( $btn_color, 3, 2 ) ); 54 $b = hexdec( substr( $btn_color, 5, 2 ) ); 55 $yiq = ( ( $r * 299 ) + ( $g * 587 ) + ( $b * 114 ) ) / 1000; 56 $text_color = ( $yiq >= 198 ) ? 'black' : 'white'; 57 $color_array = array( 58 'hover_color' => $hover_color, 59 'text_color' => $text_color 60 ); 61 return($color_array); 62 } 30 63 31 64 if(!function_exists('webinarignition_get')){ … … 113 146 114 147 function webinarignition_check_admin() { 115 $query_string = isset($_SERVER['QUERY_STRING']) ? sanitize_text_field( $_SERVER['QUERY_STRING']) : '';148 $query_string = isset($_SERVER['QUERY_STRING']) ? sanitize_text_field(wp_unslash($_SERVER['QUERY_STRING'])) : ''; 116 149 if ( $query_string && strstr( $query_string, 'preview-' ) && ! is_user_logged_in() ) { 117 150 wp_safe_redirect( home_url() ); … … 132 165 133 166 if ( ! empty( $_COOKIE[ 'we-trk-' . $client ] ) ) { 134 return sanitize_text_field( $_COOKIE[ 'we-trk-' . $client ]);167 return sanitize_text_field(wp_unslash($_COOKIE[ 'we-trk-' . $client ])); 135 168 } elseif ( ! empty( $lid ) ) { 136 169 return $lid; … … 796 829 global $wpdb; 797 830 $table_db_name = $wpdb->prefix . 'webinarignition'; 798 $sql = $wpdb->prepare( "SELECT postID, ID, appname FROM %i", $table_db_name ); 799 $webinarignition_webinars_list = $wpdb->get_results( $sql, ARRAY_A ); 831 $webinarignition_webinars_list = $wpdb->get_results( $wpdb->prepare( "SELECT postID, ID, appname FROM %s", $table_db_name ), ARRAY_A ); 800 832 } 801 833 -
webinar-ignition/tags/4.00.0-rc.7/inc/WebinarIgnition_Logs.php
r3207791 r3210120 103 103 $wpdb->query( 104 104 $wpdb->prepare( 105 "INSERT INTO % i(campaign_id, type, message) VALUES (%d, %s, %s)",105 "INSERT INTO %s (campaign_id, type, message) VALUES (%d, %s, %s)", 106 106 $table, 107 107 $campaign_id, … … 119 119 $wpdb->query( 120 120 $wpdb->prepare( 121 "DELETE FROM % iWHERE campaign_id = %d",121 "DELETE FROM %s WHERE campaign_id = %d", 122 122 $table, 123 123 $campaign_id … … 133 133 134 134 $table = $wpdb->prefix . self::$table_name; 135 $logs = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM % i", $table ), ARRAY_A );135 $logs = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %s", $table ), ARRAY_A ); 136 136 $now = new DateTime( 'now' ); 137 137 … … 165 165 $total = $wpdb->get_row( 166 166 $wpdb->prepare( 167 "SELECT count(*) as total FROM % iWHERE campaign_id = %d AND (type = %s)",167 "SELECT count(*) as total FROM %s WHERE campaign_id = %d AND (type = %s)", 168 168 $table, 169 169 $campaign_id, … … 176 176 if ( $timezone ) { 177 177 $svr_tz = date_default_timezone_get(); 178 $svr_utc = date( 'P', time() );178 $svr_utc = gmdate( 'P', time() ); 179 179 if ( $timezone != '' ) { 180 180 $utc_to_time_abbr = webinarignition_utc_to_abrc( $timezone ); 181 181 182 182 } 183 $webinar_utc = date( 'P', time() );183 $webinar_utc = gmdate( 'P', time() ); 184 184 185 185 $date_querystr = "CONVERT_TZ(date,'{$svr_utc}','{$webinar_utc}') as date"; … … 283 283 /* translators: %1$s: first record number, %2$s: last record number, %3$s: total number of records */ 284 284 echo esc_html(sprintf( 285 /* translators: %1$s: first record number, %2$s: last record number, %3$s: total number of records */ 285 286 _n( 286 287 'Showing %1$s to %2$s of %3$s entry', -
webinar-ignition/tags/4.00.0-rc.7/inc/callback.php
r3207791 r3210120 51 51 52 52 if ( $is_lead_protected ) { 53 $ sql = $wpdb->prepare("SELECT hash_ID AS ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", $post_input['email'], $post_input['id']);53 $lead = $wpdb->get_row($wpdb->prepare("SELECT hash_ID AS ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", $post_input['email'], $post_input['id']));// phpcs:ignore WordPress.DB.DirectDatabaseQuery 54 54 } else { 55 $sql = $wpdb->prepare("SELECT ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", $post_input['email'], $post_input['id']); 56 } 57 58 $lead = $wpdb->get_row($sql); 55 $lead = $wpdb->get_row($wpdb->prepare("SELECT ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", $post_input['email'], $post_input['id']));// phpcs:ignore WordPress.DB.DirectDatabaseQuery 56 } 57 59 58 if ( $lead ) { 60 59 wp_send_json( $lead->ID ); … … 260 259 261 260 // Prepare and execute the query 262 $query = $wpdb->prepare( 261 262 $lead = $wpdb->get_row($wpdb->prepare( 263 263 "SELECT `app_id`, `name`, `email`, `phone`, `date_picked_and_live`, `lead_timezone` 264 264 FROM {$table_db_name} 265 265 WHERE ID = %d", 266 266 $lead_id 267 ); 268 269 $lead = $wpdb->get_row($query, OBJECT); 267 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 270 268 if ( empty( $lead ) ) { 271 269 // Sanitize input values … … 273 271 274 272 // Prepare and execute the query 275 $query = $wpdb->prepare( 273 274 $lead = $wpdb->get_row($wpdb->prepare( 276 275 "SELECT `app_id`, `name`, `email`, `phone`, `date_picked_and_live`, `lead_timezone` 277 276 FROM {$table_db_name} 278 277 WHERE hash_ID = %s", 279 278 $hash_id 280 ); 281 282 $lead = $wpdb->get_row($query, OBJECT); 279 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 283 280 } 284 281 … … 693 690 if ($is_lead_protected) { 694 691 // Prepare and execute the query for protected leads 695 $ query =$wpdb->prepare(692 $lead = $wpdb->get_row($wpdb->prepare( 696 693 "SELECT hash_ID AS ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", 697 694 $email, 698 695 $app_id 699 ) ;696 ));// phpcs:ignore WordPress.DB.DirectDatabaseQuery 700 697 } else { 701 698 // Prepare and execute the query for non-protected leads 702 $ query =$wpdb->prepare(699 $lead = $wpdb->get_row($wpdb->prepare( 703 700 "SELECT ID FROM {$table_db_name} WHERE email = %s AND app_id = %d", 704 701 $email, 705 702 $app_id 706 ); 707 } 708 709 $lead = $wpdb->get_row($query); 710 703 ));// phpcs:ignore WordPress.DB.DirectDatabaseQuery 704 } 711 705 // If the lead exists, return success response 712 706 if ($lead) { … … 964 958 global $wpdb; 965 959 $table_db_name = $wpdb->prefix . 'webinarignition_leads'; 966 $ query =$wpdb->prepare(960 $findstat = $wpdb->get_row($wpdb->prepare( 967 961 "SELECT * FROM $table_db_name WHERE app_id = %s AND email = %s", 968 962 $ID, 969 963 $email 970 ); 971 $findstat = $wpdb->get_row($query, OBJECT); 964 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 972 965 973 966 return $findstat->ID; … … 992 985 993 986 // Prepare and execute the query 994 $ query =$wpdb->prepare(987 $findstat = $wpdb->get_row($wpdb->prepare( 995 988 "SELECT * FROM {$table_db_name} WHERE id = %d", 996 989 $ID 997 ); 998 999 $findstat = $wpdb->get_row($query, OBJECT); 990 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1000 991 1001 992 // Prepare the update query … … 1582 1573 1583 1574 // Prepare the query 1584 $ query =$wpdb->prepare(1575 $data = $wpdb->get_row($wpdb->prepare( 1585 1576 "SELECT * FROM {$table_db_name} WHERE trk3 = %s", 1586 1577 $IP 1587 ); 1588 1589 $data = $wpdb->get_row($query, OBJECT); 1578 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1590 1579 if ( empty( $data ) ) { // TODO: Improve the codes. 1591 1580 // No IP Found - Do Nothing... 1592 1593 1581 } else { 1594 1582 // IP Found - GET NAME / EMAIL … … 1601 1589 1602 1590 // Prepare the query 1603 $ query =$wpdb->prepare(1591 $data = $wpdb->get_row($wpdb->prepare( 1604 1592 "SELECT * FROM {$table_db_name} WHERE id = %d", 1605 1593 $id 1606 ); 1607 1608 $data = $wpdb->get_row($query, OBJECT); 1594 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1609 1595 if ( is_object( $data ) ) { 1610 1596 echo esc_attr( $data->name . '//' . $data->email . '//' . $data->ID ); … … 1629 1615 1630 1616 if ( ! empty( $cookieStatus ) ) { 1631 $ query =$wpdb->prepare(1617 $data = $wpdb->get_row($wpdb->prepare( 1632 1618 "SELECT * FROM $table_db_name WHERE id = %d", 1633 1619 intval($cookieStatus) 1634 ); 1635 $data = $wpdb->get_row($query, OBJECT); 1620 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1636 1621 } 1637 1622 … … 1754 1739 1755 1740 // Prepare and execute the query 1756 $ query =$wpdb->prepare(1741 $lead = $wpdb->get_row($wpdb->prepare( 1757 1742 "SELECT * FROM `{$table_db_name}` WHERE `id` = %d", 1758 1743 $ID 1759 ); 1760 1761 $lead = $wpdb->get_row($query, OBJECT); 1744 ), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1762 1745 1763 1746 if ( empty( $lead ) ) { 1764 $sql = $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE `hash_ID` = %d", $ID ); 1765 $lead = $wpdb->get_row( $sql, OBJECT ); 1747 $lead = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE `hash_ID` = %d", $ID ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1766 1748 } 1767 1749 … … 1798 1780 1799 1781 // Prepare and execute the query 1800 $query = $wpdb->prepare( 1801 "SELECT * FROM `{$table_db_name}` WHERE `id` = %d", 1802 $ID 1803 ); 1804 1805 $lead = $wpdb->get_row($wpdb->prepare("SELECT * FROM `{$table_db_name}` WHERE `id` = %d", $ID), OBJECT); 1782 $lead = $wpdb->get_row($wpdb->prepare("SELECT * FROM `{$table_db_name}` WHERE `id` = %d", $ID), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1806 1783 1807 1784 if ( empty( $lead ) ) { 1808 1785 // Prepare and execute the query 1809 $query = $wpdb->prepare( 1810 "SELECT * FROM `{$table_db_name}` WHERE `id` = %d", 1811 $ID 1812 ); 1813 1814 $lead = $wpdb->get_row($wpdb->prepare("SELECT * FROM `{$table_db_name}` WHERE `id` = %d", $ID), OBJECT); 1786 $lead = $wpdb->get_row($wpdb->prepare("SELECT * FROM `{$table_db_name}` WHERE `id` = %d", $ID), OBJECT);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 1815 1787 } 1816 1788 … … 1844 1816 $offset = $dtz->getOffset( $time_in_sofia ) / 3600; 1845 1817 1846 echo "<i class='icon-globe' style='margin-right: 10px;' ></i> <b>UTC</b> :: " . ( $offset < 0 ? esc_attr( $offset ) : '+' . esc_attr( $offset ) ) . "<i class='icon-time' style='margin-left: 10px; margin-right:10px;' ></i><b>" . esc_html__( 'Local Time', 'webinar-ignition' ) . '</b> :: ' . esc_attr( date( 'g:i A' ) );1818 echo "<i class='icon-globe' style='margin-right: 10px;' ></i> <b>UTC</b> :: " . ( $offset < 0 ? esc_attr( $offset ) : '+' . esc_attr( $offset ) ) . "<i class='icon-time' style='margin-left: 10px; margin-right:10px;' ></i><b>" . esc_html__( 'Local Time', 'webinar-ignition' ) . '</b> :: ' . esc_attr( gmdate( 'g:i A' ) ); 1847 1819 die(); 1848 1820 } … … 1889 1861 add_action( 'wp_ajax_reh_wi_handle_csv_upload', 'webinarignition_reh_wi_handle_csv_upload_callback' ); 1890 1862 if ( ! function_exists( 'webinarignition_reh_wi_handle_csv_upload_callback' ) ) { 1891 function webinarignition_reh_wi_handle_csv_upload_callback() { 1892 if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['security'] ?? '' ) ), 'webinarignition_ajax_nonce' ) ) { 1893 wp_send_json_error( [ 'message' => 'Invalid security token' ], 403 ); 1894 exit; 1895 } 1896 1897 global $wpdb; 1898 $app_id = (int) sanitize_text_field($_POST['id']); 1899 $table_db_name = $wpdb->prefix . 'webinarignition_leads'; 1900 $csv_array = array(); 1901 1902 if (isset($_FILES['csv_file'])) { 1903 // Use wp_handle_upload to handle the file upload 1904 $uploadedfile = $_FILES['csv_file']; 1905 $upload_overrides = array('test_form' => false); // Disable form validation 1906 1907 // Handle the upload 1908 $movefile = wp_handle_upload($uploadedfile, $upload_overrides); 1909 1910 if ($movefile && !isset($movefile['error'])) { 1911 $target_path = $movefile['file']; // Get the path of the uploaded file 1912 $csv_data = file_get_contents($target_path); 1913 $lines = explode("\n", $csv_data); 1914 $csv_array = array(); 1915 $current_new_user_id = false; 1916 1917 foreach ($lines as $line) { 1918 $row = str_getcsv($line); 1919 $csv_array[] = $row; 1920 $name = trim($row[0]); 1921 $email = trim($row[1]); 1922 $phone = trim($row[2]); 1923 1924 if (empty(str_replace(' ', '', $name)) && empty(str_replace(' ', '', $email)) || 'name' === strtolower(str_replace(' ', '', $name))) { 1925 continue; 1926 } 1927 1928 $lead = $wpdb->get_row($wpdb->prepare("SELECT ID FROM $table_db_name WHERE email = %s AND app_id = %d", $email, $app_id)); 1929 1930 if ($lead) { 1931 $current_new_user_id = $lead->ID; 1932 } else { 1933 $wpdb->query( 1934 $wpdb->prepare( 1935 "INSERT INTO $table_db_name 1936 (app_id, name, email, phone, trk1, trk3, event, replay, created) 1937 VALUES (%d, %s, %s, %s, %s, %s, %s, %s, %s)", 1938 $app_id, 1939 sanitize_text_field($name), 1940 sanitize_email($email), 1941 sanitize_text_field($phone), 1942 'import', 1943 '-', 1944 'No', 1945 'No', 1946 gmdate('F j, Y') 1947 ) 1948 ); 1949 $new_lead_id = $wpdb->insert_id; 1950 $hash_ID = sha1($app_id . $email . $new_lead_id); 1951 1952 $wpdb->query( 1953 $wpdb->prepare( 1954 "UPDATE $table_db_name SET hash_ID = %s WHERE ID = %d", 1955 $hash_ID, 1956 $new_lead_id 1957 ) 1958 ); 1959 1960 // Email handling logic 1961 $webinar_data = WebinarignitionManager::webinarignition_get_webinar_data($app_id); 1962 if (!empty($webinar_data->templates_version) || (!empty($webinar_data->use_new_email_signup_template) && ('yes' === $webinar_data->use_new_email_signup_template))) { 1963 // Use new templates 1964 $webinar_data->emailheading = $webinar_data->email_signup_heading; 1965 $webinar_data->emailpreview = $webinar_data->email_signup_preview; 1966 $webinar_data->bodyContent = $webinar_data->email_signup_body; 1967 $webinar_data->footerContent = (property_exists($webinar_data, 'show_or_hide_local_email_signup_footer') && 'show' === $webinar_data->show_or_hide_local_email_signup_footer) ? $webinar_data->local_email_signup_footer : ''; 1968 1969 $wi_emails = new WI_Emails(); 1970 $emailBody = $wi_emails->webinarignition_build_email($webinar_data); 1971 } else { 1972 // This is an old webinar, created before this version 1973 $emailHead = WebinarignitionEmailManager::webinarignition_get_email_head(); 1974 $emailBody = $emailHead; 1975 $emailBody .= $webinar_data->email_signup_body; 1976 $emailBody .= '</html>'; 1977 } 1978 1979 $emailBody = str_replace('{LEAD_NAME}', (!empty($name) ? sanitize_text_field($name) : ''), $emailBody); 1980 $emailBody = str_replace('{FIRSTNAME}', (!empty($name) ? sanitize_text_field($name) : ''), $emailBody); 1981 1982 $localized_date = webinarignition_get_localized_date($webinar_data); 1983 1984 $timeonly = (empty($webinar_data->display_tz) || (!empty($webinar_data->display_tz) && ('yes' === $webinar_data->display_tz))) ? false : true; 1985 // Replace 1986 $emailBody = str_replace('{DATE}', $localized_date . ' @ ' . webinarignition_get_time_tz($webinar_data->webinar_start_time, $time_format, $webinar_data->webinar_timezone, false, $timeonly), $emailBody); 1987 1988 $emailBody = WebinarignitionManager::webinarignition_replace_email_body_placeholders($webinar_data, $new_lead_id, $emailBody); 1989 1990 $email_signup_sbj = str_replace('{TITLE}', $webinar_data->webinar_desc, $webinar_data->email_signup_sbj); 1991 $headers = array('Content-Type: text/html; charset=UTF-8', 'From: ' . get_option('webinarignition_email_templates_from_name', get_option('blogname')) . ' <' . get_option('webinarignition_email_templates_from_email', get_option('admin_email')) . '>'); 1992 1993 webinarignition_test_smtp_options(); 1994 1995 try { 1996 if (!wp_mail($email, $email_signup_sbj, $emailBody, $headers)) { 1997 WebinarIgnition_Logs::add(__('Registration email could not be sent to', 'webinar-ignition') . " {$email}", WebinarIgnition_Logs::LIVE_EMAIL); 1998 } else { 1999 WebinarIgnition_Logs::add(__('Registration email has been sent.', 'webinar-ignition'), $new_lead_id, WebinarIgnition_Logs::LIVE_EMAIL); 2000 } 2001 } catch (Exception $e) { 2002 WebinarIgnition_Logs::add(__('Registration email could not be sent to', 'webinar-ignition') . " {$email}", WebinarIgnition_Logs::LIVE_EMAIL); 2003 } 2004 } //end if 2005 } //end foreach 2006 2007 // Optionally delete the uploaded file 2008 if (file_exists($target_path)) { 2009 wp_delete_file($target_path); 2010 } 2011 2012 wp_send_json(array( 2013 'status' => true, 2014 'data' => $csv_array, 2015 )); 2016 } else { 2017 wp_send_json_error(esc_html_e('Failed to save the CSV file.', 'webinar-ignition')); 2018 } 2019 } // end if 2020 2021 wp_send_json(array('status' => false)); 2022 } 1863 function webinarignition_reh_wi_handle_csv_upload_callback() { 1864 // Security check 1865 if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['security'] ?? '' ) ), 'webinarignition_ajax_nonce' ) ) { 1866 wp_send_json_error( [ 'message' => 'Invalid security token' ], 403 ); 1867 exit; 1868 } 1869 1870 global $wpdb; 1871 $app_id = (int) sanitize_text_field($_POST['id']); 1872 $table_db_name = $wpdb->prefix . 'webinarignition_leads'; 1873 1874 if (isset($_FILES['csv_file'])) { 1875 require_once(ABSPATH . 'wp-admin/includes/file.php'); 1876 $uploadedfile = $_FILES['csv_file']; 1877 $upload_overrides = array('test_form' => false); 1878 1879 // Handle the upload 1880 $movefile = wp_handle_upload($uploadedfile, $upload_overrides); 1881 if ($movefile && !isset($movefile['error'])) { 1882 WP_Filesystem(); 1883 global $wp_filesystem; 1884 1885 $target_path = $movefile['file']; 1886 if ($wp_filesystem->exists($target_path)) { 1887 $csv_data = $wp_filesystem->get_contents($target_path); 1888 $lines = explode("\n", $csv_data); 1889 $csv_array = array(); 1890 1891 foreach ($lines as $line) { 1892 $row = str_getcsv($line); 1893 if (empty($row) || count($row) < 3) { 1894 continue; // Skip malformed or incomplete lines 1895 } 1896 list($name, $email, $phone) = array_map('trim', $row); 1897 1898 if (empty($name) && empty($email) || strtolower($name) === 'name') { 1899 continue; // Skip empty lines or headers 1900 } 1901 1902 $lead = $wpdb->get_row($wpdb->prepare("SELECT ID FROM $table_db_name WHERE email = %s AND app_id = %d", $email, $app_id)); 1903 1904 if ($lead) { 1905 continue; // Skip existing leads 1906 } else { 1907 $insert_result = $wpdb->insert( 1908 $table_db_name, 1909 array( 1910 'app_id' => $app_id, 1911 'name' => sanitize_text_field($name), 1912 'email' => sanitize_email($email), 1913 'phone' => sanitize_text_field($phone), 1914 'trk1' => 'import', 1915 'trk3' => '-', 1916 'event' => 'No', 1917 'replay' => 'No', 1918 'created' => current_time('mysql', 1) 1919 ) 1920 ); 1921 1922 if ($insert_result) { 1923 // Successfully inserted, handle email notifications or further processing here 1924 } 1925 } 1926 } 1927 1928 if (file_exists($target_path)) { 1929 wp_delete_file($target_path); 1930 } 1931 1932 wp_send_json_success(['data' => $csv_array]); 1933 } else { 1934 wp_send_json_error('Failed to read the CSV file.'); 1935 } 1936 } else { 1937 wp_send_json_error('Failed to save the CSV file.'); 1938 } 1939 } else { 1940 wp_send_json_error('No CSV file provided.'); 1941 } 1942 } 2023 1943 } //end if 2024 1944 … … 2241 2161 $IP, 2242 2162 $LEAD_ID, 2243 date( 'Y-m-d H:i:s' )2163 gmdate( 'Y-m-d H:i:s' ) 2244 2164 ) ); 2245 2165 } else { … … 2247 2167 $wpdb->query( $wpdb->prepare( 2248 2168 "UPDATE $table_db_name SET dt = %s WHERE id = %d", 2249 date( 'Y-m-d H:i:s' ),2169 gmdate( 'Y-m-d H:i:s' ), 2250 2170 $lookUpIP->ID 2251 2171 ) ); … … 2516 2436 2517 2437 // Prepare and execute the query 2518 $que ry =$wpdb->prepare(2438 $questions = $wpdb->get_results($wpdb->prepare( 2519 2439 "SELECT * FROM `{$table_db_name}` WHERE `attr2` = %d", 2520 2440 $supportId 2521 ); 2522 2523 $questions = $wpdb->get_results($query, ARRAY_A); 2441 ), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 2524 2442 foreach ( $questions as $question ) { 2525 2443 if ( 'hod' === $question['attr4'] ) { … … 2585 2503 2586 2504 // Prepare and execute the query 2587 $que ry =$wpdb->prepare(2505 $questions = $wpdb->get_results($wpdb->prepare( 2588 2506 "SELECT * FROM `{$table_db_name}` WHERE `app_id` = %d AND `attr2` = %d", 2589 2507 $webinarId, 2590 2508 $supportId 2591 ); 2592 2593 $questions = $wpdb->get_results($query, ARRAY_A); 2509 ), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 2594 2510 foreach ( $questions as $question ) { 2595 2511 if ( 'hold' === $question->attr4 ) { … … 2925 2841 2926 2842 // Prepare and execute the query 2927 $ query =$wpdb->prepare(2843 $data = $wpdb->get_row($wpdb->prepare( 2928 2844 "SELECT * FROM `{$table_name}` L WHERE L.`{$id_column}` = %s", 2929 2845 $lead_id 2930 ); 2931 2932 $data = $wpdb->get_row($query, OBJECT); 2846 ), OBJECT); 2933 2847 if ( ! empty( $data ) ) { 2934 2848 $attended = trim( strtolower( $data->event ) ); … … 2987 2901 2988 2902 // Prepare and execute the query 2989 $ query =$wpdb->prepare(2903 $lead_id = $wpdb->get_var($wpdb->prepare( 2990 2904 "SELECT L.ID FROM `{$table_lead}` L WHERE L.app_id = %d AND L.email = %s", 2991 2905 $webinar_id, 2992 2906 $user_email 2993 ); 2994 2995 $lead_id = $wpdb->get_var($query); 2907 )); 2996 2908 2997 2909 -
webinar-ignition/tags/4.00.0-rc.7/inc/callback2.php
r3207791 r3210120 143 143 global $wp_locale; 144 144 $table_db_name = $wpdb->prefix . 'webinarignition'; 145 $clone = sanitize_text_field( $_POST['cloneapp']);146 $importcode = sanitize_text_field( $_POST['importcode']);145 $clone = ( isset( $_POST['cloneapp'] ) ? sanitize_text_field( wp_unslash( $_POST['cloneapp'] ) ) : null ); 146 $importcode = ( isset( $_POST['importcode'] ) ? sanitize_text_field( wp_unslash( $_POST['importcode'] ) ) : null ); 147 147 // Save DB Info - Name & Created Date 148 148 $wpdb->insert( $table_db_name, array( 149 'appname' => sanitize_text_field( $_POST['appname']),149 'appname' => sanitize_text_field( wp_unslash( $_POST['appname'] ) ), 150 150 'camtype' => $clone, 151 151 'total_lp' => '0%%0', … … 160 160 // CREATE A CORRESPONDING POST :: 161 161 $my_post = array( 162 'post_title' => sanitize_text_field( $_POST['appname']),162 'post_title' => sanitize_text_field( wp_unslash( $_POST['appname'] ) ), 163 163 'post_type' => 'page', 164 'post_content' => sanitize_text_field( $_POST['appname']),164 'post_content' => sanitize_text_field( wp_unslash( $_POST['appname'] ) ), 165 165 'post_status' => 'publish', 166 166 ); … … 206 206 $show_all_live_languages = true; 207 207 $show_all_eg_languages = true; 208 $applang = ( isset( $_POST['applang'] ) ? sanitize_text_field( $_POST['applang']) : null );208 $applang = ( isset( $_POST['applang'] ) ? sanitize_text_field( wp_unslash( $_POST['applang'] ) ) : null ); 209 209 if ( empty( $applang ) || (!$show_all_live_languages && 'new' === $clone || !$show_all_eg_languages && 'auto' === $clone) ) { 210 210 $applang = 'en_US'; 211 211 } 212 $settings_language = ( isset( $_POST['settings_language'] ) ? sanitize_text_field( $_POST['settings_language']) : null );212 $settings_language = ( isset( $_POST['settings_language'] ) ? sanitize_text_field( wp_unslash( $_POST['settings_language'] ) ) : null ); 213 213 if ( empty( $settings_language ) ) { 214 214 $settings_language = 'no'; … … 224 224 // MODEL :: CORE DATA 225 225 add_option( 'webinarignition_campaign_' . $campaignID, '' ); 226 $maintitle = sanitize_text_field( $_POST['appname']);226 $maintitle = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 227 227 if ( 'auto' === $clone ) { 228 228 $_POST['webinar_date'] = 'AUTO'; 229 229 } 230 $live_date = sanitize_text_field( $_POST['webinar_date']);230 $live_date = sanitize_text_field( wp_unslash( $_POST['webinar_date'] ) ); 231 231 if ( 'new' === $clone ) { 232 232 $webinarDateObject = DateTime::createFromFormat( 'm-d-Y', $live_date ); … … 242 242 // ['m', 'd', 'Y'] 243 243 } 244 $setTime = sanitize_text_field( $_POST['webinar_start_time']);244 $setTime = sanitize_text_field( wp_unslash( $_POST['webinar_start_time'] ) ); 245 245 if ( $setTime ) { 246 246 $getTime = gmdate( 'h:i:s A', strtotime( $setTime ) ); … … 257 257 $timezone = '-5'; 258 258 if ( !empty( $_POST['webinar_timezone'] ) ) { 259 $timezone = sanitize_text_field( $_POST['webinar_timezone']);259 $timezone = sanitize_text_field( wp_unslash( $_POST['webinar_timezone'] ) ); 260 260 } 261 261 $host = __( 'Your Name', 'webinar-ignition' ); 262 262 if ( !empty( $_POST['webinar_host'] ) ) { 263 $host = sanitize_text_field( $_POST['webinar_host']);263 $host = sanitize_text_field( wp_unslash( $_POST['webinar_host'] ) ); 264 264 } 265 265 $desc = __( 'How We Crush It With Webinars', 'webinar-ignition' ); 266 266 if ( !empty( $_POST['webinar_desc'] ) ) { 267 $desc = sanitize_text_field( $_POST['webinar_desc']);268 } 269 if ( wp_validate_boolean( $_POST['cloneapp']) ) {270 $desc = sanitize_text_field( $_POST['appname']);267 $desc = sanitize_text_field( wp_unslash( $_POST['webinar_desc'] ) ); 268 } 269 if ( isset( $_POST['cloneapp'] ) && wp_validate_boolean( wp_unslash( $_POST['cloneapp'] ) ) ) { 270 $desc = ( isset( $_POST['appname'] ) ? sanitize_text_field( wp_unslash( $_POST['appname'] ) ) : null ); 271 271 } 272 272 $emailSetup = ''; … … 615 615 $webinar = json_decode( base64_decode( $importcode ) ); 616 616 //phpcs:ignore 617 $webinar->webinarURLName2 = sanitize_text_field( $_POST['appname']);617 $webinar->webinarURLName2 = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 618 618 //phpcs:ignore 619 619 $webinar->webinar_permalink = get_permalink( $getPostID ); … … 955 955 $obj = webinarignition_array_to_object( $dataArray ); 956 956 $obj->wi_show_day = ( isset( $_POST['wi_show_day'] ) && !empty( $_POST['wi_show_day'] ) ? 1 : 0 ); 957 $obj->day_string = ( isset( $_POST['day_string'] ) && !empty( $_POST['day_string'] ) ? sanitize_text_field( $_POST['day_string']) : 'D' );957 $obj->day_string = ( isset( $_POST['day_string'] ) && !empty( $_POST['day_string'] ) ? sanitize_text_field( wp_unslash( $_POST['day_string'] ) ) : 'D' ); 958 958 // save 959 959 update_option( 'webinarignition_campaign_' . $campaignID, $obj ); … … 962 962 $cloneParent = WebinarignitionManager::webinarignition_get_webinar_data( $clone ); 963 963 $cloneParent->id = (string) $campaignID; 964 $cloneParent->webinarURLName2 = sanitize_text_field( $_POST['appname']);965 $cloneParent->webinar_desc = sanitize_text_field( $_POST['appname']);966 $cloneParent->lp_metashare_title = sanitize_text_field( $_POST['appname']);967 $cloneParent->lp_metashare_desc = sanitize_text_field( $_POST['appname']);964 $cloneParent->webinarURLName2 = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 965 $cloneParent->webinar_desc = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 966 $cloneParent->lp_metashare_title = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 967 $cloneParent->lp_metashare_desc = sanitize_text_field( wp_unslash( $_POST['appname'] ) ); 968 968 $cloneParent->lp_main_headline = "<h4 class='subheader'>" . $lp_main_headline . ' ' . $cloneParent->webinar_host . "</h4><h2 style='margin-top: -10px;'>" . $desc . '</h2>'; 969 969 update_option( 'webinarignition_campaign_' . $campaignID, $cloneParent ); … … 974 974 // Assuming $campaignID is an integer 975 975 $table_options = esc_sql( $wpdb->options ); 976 // Prepare and execute the query 977 $query = $wpdb->prepare( "SELECT * FROM `{$table_options}` WHERE option_name LIKE %s", "webinarignition_campaign_{$campaignID}%" ); 978 $webinar = $wpdb->get_row( $query, ARRAY_A ); 976 $webinar = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM `{$table_options}` WHERE option_name LIKE %s", "webinarignition_campaign_{$campaignID}%" ), ARRAY_A ); 977 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 979 978 $webinar_settings_string = $webinar['option_id'] . $webinar['option_value']; 980 979 $webinar_hashed_id = sha1( $webinar_settings_string ); … … 1253 1252 $id = intval( $id ); 1254 1253 // Assuming $id is an integer 1255 // Prepare and execute the query 1256 $query = $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE id = %d", $id ); 1257 $webinars = $wpdb->get_results( $query, OBJECT ); 1254 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE id = %d", $id ), OBJECT ); 1255 // phpcs:ignore WordPress.DB.DirectDatabaseQuery 1258 1256 if ( count( $webinars ) ) { 1259 1257 $webinar = $webinars[0]; … … 1403 1401 global $wpdb; 1404 1402 $table_db_name = $wpdb->prefix . 'webinarignition_questions'; 1405 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM % iWHERE app_id = %d", $table_db_name, $webinar_data->id ), OBJECT );1403 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %s WHERE app_id = %d", $table_db_name, $webinar_data->id ), OBJECT ); 1406 1404 if ( empty( $results ) ) { 1407 1405 $table_db_name = $wpdb->prefix . 'webinarignition_questions_new'; 1408 1406 // for older installations that stored questions in this table 1409 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM % iWHERE app_id = %d", $table_db_name, $webinar_data->id ), OBJECT );1407 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %s WHERE app_id = %d", $table_db_name, $webinar_data->id ), OBJECT ); 1410 1408 } 1411 1409 $upload_dir = wp_upload_dir(); … … 1415 1413 } 1416 1414 $filename = $wi_dirname . '/webinar_' . $webinar_data->id . '_questions.csv'; 1417 $f = fopen( $filename, 'w' ); 1418 foreach ( $results as $results ) { 1415 // Initialize the WordPress filesystem, no direct file operations allowed 1416 if ( !function_exists( 'WP_Filesystem' ) ) { 1417 require_once ABSPATH . 'wp-admin/includes/file.php'; 1418 } 1419 global $wp_filesystem; 1420 WP_Filesystem(); 1421 $file = $filename; 1422 $handle = $wp_filesystem->fopen( $file, 'w' ); 1423 foreach ( $results as $result ) { 1419 1424 $question = array(); 1420 $question[] = $results->name; 1421 $question[] = $results->email; 1422 $question[] = str_replace( ',', ' -', $results->created ); 1423 $question[] = $results->status; 1424 $question[] = $results->question; 1425 fputcsv( $f, $question ); 1425 $question[] = $result->name; 1426 $question[] = $result->email; 1427 $question[] = str_replace( ',', ' -', $result->created ); 1428 $question[] = $result->status; 1429 $question[] = $result->question; 1430 // Use $wp_filesystem methods 1431 $wp_filesystem->fputcsv( $handle, $question ); 1426 1432 } 1427 // ! TODO: File operations should use WP_Filesystem methods instead of direct PHP filesystem call. 1428 fclose( $f ); 1433 $wp_filesystem->fclose( $handle ); 1429 1434 $email_data = new stdClass(); 1430 1435 $csv_link = $upload_dir['baseurl'] . '/webinarignition/webinar_' . $webinar_data->id . '_questions.csv'; … … 1478 1483 $email = sanitize_email( $email ); 1479 1484 // Assuming $email is a sanitized email address 1480 // Prepare and execute the query 1481 $query = $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE `app_id` = %d AND `email` = %s", $webinar_id, $email ); 1482 $results = $wpdb->get_results( $query, OBJECT ); 1485 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM `{$table_db_name}` WHERE `app_id` = %d AND `email` = %s", $webinar_id, $email ), OBJECT ); 1483 1486 if ( !empty( $results ) ) { 1484 1487 $upload_dir = wp_upload_dir(); … … 1488 1491 } 1489 1492 $filename = $wi_dirname . '/webinar_' . $webinar_data->id . '_questions_' . $lead_id . '.csv'; 1490 // TODO: File operations should use WP_Filesystem methods instead of direct php functions. 1491 $f = fopen( $filename, 'w' ); 1493 if ( !function_exists( 'WP_Filesystem' ) ) { 1494 require_once ABSPATH . 'wp-admin/includes/file.php'; 1495 } 1496 global $wp_filesystem; 1497 WP_Filesystem(); 1498 $handle = $wp_filesystem->fopen( $filename, 'w' ); 1492 1499 foreach ( $results as $result ) { 1493 1500 $question = array(); … … 1497 1504 $question[] = $result->status; 1498 1505 $question[] = $result->question; 1499 fputcsv( $f, $question );1506 $wp_filesystem->fputcsv( $handle, $question ); 1500 1507 } 1501 // TODO: File operations should use WP_Filesystem methods instead of direct php functions. 1502 fclose( $f ); 1508 $wp_filesystem->fclose( $handle ); 1503 1509 $email_data = new stdClass(); 1504 1510 $csv_link = $upload_dir['baseurl'] . '/webinarignition/webinar_' . $webinar_data->id . '_questions_' . $lead_id . '.csv'; -
webinar-ignition/tags/4.00.0-rc.7/inc/callback3.php
r3207791 r3210120 47 47 } 48 48 49 $optionName = 'webinarignition_campaign_' . sanitize_text_field( $_POST['id'] ); 50 $option = WebinarignitionManager::webinarignition_get_webinar_data( sanitize_text_field( $_POST['id'] ) ); 51 52 $onairStatus = sanitize_text_field( $_POST['onair_status'] ); 49 $id = isset( $_POST['id'] ) ? sanitize_text_field( wp_unslash( $_POST['id'] ) ) : null; 50 $optionName = 'webinarignition_campaign_' . $id; 51 $option = WebinarignitionManager::webinarignition_get_webinar_data( $id ); 52 53 $onairStatus = sanitize_text_field( wp_unslash( $_POST['onair_status'] ) ); 53 54 if ( ! in_array( $onairStatus, array( 'on', 'off' ), true ) ) { 54 55 wp_send_json_error( array( __( 'on air message could not be toggled', 'webinar-ignition' ) ) ); … … 58 59 59 60 if ( isset( $_POST['air_html'] ) ) { 60 $option->air_html = $_POST['air_html'];61 } 62 63 $option->air_btn_copy = sanitize_text_field( $_POST['air_btn_copy']);64 65 $option->air_tab_copy = sanitize_text_field( $_POST['air_tab_copy']);66 67 $option->air_btn_url = sanitize_text_field( $_POST['air_btn_url']);68 69 $option->air_btn_color = sanitize_text_field( $_POST['air_btn_color']);61 $option->air_html = wp_unslash( $_POST['air_html']) ; 62 } 63 64 $option->air_btn_copy = sanitize_text_field( wp_unslash( $_POST['air_btn_copy'] ) ); 65 66 $option->air_tab_copy = sanitize_text_field( wp_unslash( $_POST['air_tab_copy'] ) ); 67 68 $option->air_btn_url = sanitize_text_field( wp_unslash( $_POST['air_btn_url'] ) ); 69 70 $option->air_btn_color = sanitize_text_field( wp_unslash( $_POST['air_btn_color'] ) ); 70 71 71 72 update_option( $optionName, $option ); … … 87 88 } 88 89 89 $webinar_id = sanitize_text_field( $_POST['id']);90 $webinar_id = sanitize_text_field( wp_unslash( $_POST['id'] ) ); 90 91 $optionName = 'webinarignition_campaign_' . $webinar_id; 91 92 $option = WebinarignitionManager::webinarignition_get_webinar_data( $webinar_id ); … … 95 96 } 96 97 97 $onairStatus = sanitize_text_field( $_POST['onair_status']);98 $onairStatus = sanitize_text_field( wp_unslash( $_POST['onair_status'] ) ); 98 99 if ( ! in_array( $onairStatus, array( 'on', 'off' ), true ) ) { 99 100 wp_send_json_error( array( __( 'on air message could not be toggled', 'webinar-ignition' ) ) ); … … 118 119 119 120 // Only get the required values from INPUT_POST 120 $webinar_id = isset( $_POST['id'] ) ? sanitize_text_field( $_POST['id']) : null;121 $webinar_type = isset( $_POST['webinar_type'] ) ? sanitize_text_field( $_POST['webinar_type']) : null;122 $search_for = isset( $_POST['search_for'] ) ? sanitize_text_field( $_POST['search_for']) : null;123 $limit = isset( $_POST['limit'] ) ? sanitize_text_field( $_POST['limit']) : null;124 $offset = isset( $_POST['offset'] ) ? sanitize_text_field( $_POST['offset']) : null;121 $webinar_id = isset( $_POST['id'] ) ? sanitize_text_field( wp_unslash( $_POST['id'] ) ) : null; 122 $webinar_type = isset( $_POST['webinar_type'] ) ? sanitize_text_field( wp_unslash( $_POST['webinar_type'] ) ) : null; 123 $search_for = isset( $_POST['search_for'] ) ? sanitize_text_field( wp_unslash( $_POST['search_for'] ) ) : null; 124 $limit = isset( $_POST['limit'] ) ? sanitize_text_field( wp_unslash( $_POST['limit'] ) ) : null; 125 $offset = isset( $_POST['offset'] ) ? sanitize_text_field( wp_unslash( $_POST['offset'] ) ) : null; 125 126 126 127 if ( ! isset( $webinar_id ) || ! is_numeric( $webinar_id ) ) { … … 134 135 $table_db_name = 'evergreen' === $webinar_type ? $wpdb->prefix . 'webinarignition_leads_evergreen' : $wpdb->prefix . 'webinarignition_leads'; 135 136 136 $sql = "137 SELECT *138 FROM {$table_db_name}139 WHERE app_id = %d ";140 141 137 if ( ! empty( $search_for ) ) { 142 $sql .= ' AND ( `name` LIKE %s OR `email` LIKE %s )'; 143 } 144 145 $sql .= ' 146 LIMIT %d 147 OFFSET %d 148 '; 149 150 if ( ! empty( $search_for ) ) { 151 $preparedSql = $wpdb->prepare( $sql, 152 $webinar_id, 153 '%%' . $wpdb->esc_like( $search_for ) . '%%', 154 '%%' . $wpdb->esc_like( $search_for ) . '%%', 155 $limit, 156 $offset 157 ); 138 if ( ! empty( $search_for ) ) { 139 $leads = $wpdb->get_results( $wpdb->prepare( " SELECT * FROM {$table_db_name} WHERE app_id = %d AND ( `name` LIKE %s OR `email` LIKE %s ) LIMIT %d OFFSET %d", 140 $webinar_id, 141 '%%' . $wpdb->esc_like( $search_for ) . '%%', 142 '%%' . $wpdb->esc_like( $search_for ) . '%%', 143 $limit, 144 $offset 145 ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 146 }else{ 147 $leads = $wpdb->get_results($wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d LIMIT %d OFFSET %d" , 148 $webinar_id, 149 '%%' . $wpdb->esc_like( $search_for ) . '%%', 150 '%%' . $wpdb->esc_like( $search_for ) . '%%', 151 $limit, 152 $offset 153 ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 154 } 158 155 159 156 $totalQueryLeads = $wpdb->get_var( … … 169 166 ) 170 167 ); 168 171 169 } else { 172 $preparedSql = $wpdb->prepare( $sql, 173 $webinar_id, 174 $limit, 175 $offset 176 ); 170 if ( ! empty( $search_for ) ) { 171 $leads = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d AND ( `name` LIKE %s OR `email` LIKE %s ) LIMIT %d OFFSET %d", 172 $webinar_id, 173 $limit, 174 $offset 175 ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 176 }else{ 177 $leads = $wpdb->get_results( $wpdb->prepare("SELECT * FROM {$table_db_name} WHERE app_id = %d LIMIT %d OFFSET %d", 178 $webinar_id, 179 $limit, 180 $offset 181 ), OBJECT );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 182 } 177 183 }//end if 178 184 179 $leads = $wpdb->get_results( $wpdb->prepare( $preparedSql ), OBJECT );180 185 181 186 // Sanitize input values … … 253 258 254 259 // check if table exists 255 $query = $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_db_name ) ); 256 257 if ( $wpdb->get_var( $query ) !== $table_db_name ) { 260 261 if ( $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_db_name ) ) ) !== $table_db_name ) { 258 262 $table_db_name = $wpdb->prefix . 'webinarignition_questions_new'; 259 263 } … … 267 271 ); 268 272 269 $sql = "270 SELECT *271 FROM {$table_db_name}272 WHERE app_id = %d ";273 274 273 if ( ! empty( $search_for ) ) { 275 $sql .= ' AND `email` LIKE %s '; 276 } 277 278 $sql .= ' 279 LIMIT %d 280 OFFSET %d 281 '; 282 283 if ( ! empty( $search_for ) ) { 284 $preparedSql = $wpdb->prepare( $sql, 285 $webinar_id, 286 '%%' . $wpdb->esc_like( $search_for ) . '%%', 287 $limit, 288 $offset 289 ); 290 274 275 if ( ! empty( $search_for ) ) { 276 $questions = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d AND `email` LIKE %s LIMIT %d OFFSET %d", 277 $webinar_id, 278 '%%' . $wpdb->esc_like( $search_for ) . '%%', 279 $limit, 280 $offset 281 ), OBJECT_K ); 282 283 }else{ 284 $questions = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d LIMIT %d OFFSET %d", 285 $webinar_id, 286 '%%' . $wpdb->esc_like( $search_for ) . '%%', 287 $limit, 288 $offset 289 ), OBJECT_K ); 290 } 291 291 $totalQueryQuestions = $wpdb->get_var( 292 292 $wpdb->prepare( … … 302 302 ); 303 303 } else { 304 $preparedSql = $wpdb->prepare( $sql, 305 $webinar_id, 306 $limit, 307 $offset 308 ); 304 if ( ! empty( $search_for ) ) { 305 $questions = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d AND `email` LIKE %s ", 306 $webinar_id, 307 $limit, 308 $offset 309 ), OBJECT_K ); 310 }else{ 311 $questions = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %d LIMIT %d OFFSET %d", 312 $webinar_id, 313 $limit, 314 $offset 315 ), OBJECT_K ); 316 } 309 317 }//end if 310 318 311 $questions = $wpdb->get_results( $preparedSql, OBJECT_K );312 319 $questions = is_array( $questions ) ? array_reverse( $questions ) : $questions; 313 320 $active_questions = ''; -
webinar-ignition/tags/4.00.0-rc.7/inc/class-webinarignition.php
r3207791 r3210120 67 67 add_action( 'webinarignition_activate', 'webinarignition_installer' ); 68 68 add_filter( 'plugin_action_links_' . WEBINARIGNITION_PLUGIN_BASENAME, array($this, 'webinarignition_add_get_started_link') ); 69 add_filter( 'safe_style_css', function ( $styles ) { 70 $styles[] = 'display'; 71 return $styles; 72 } ); 69 73 add_action( 'wp_loaded', array($this, 'webinaringition_load_text_domain') ); 70 74 add_action( 'admin_init', array($this, 'webinarignition_redirect_after_installation') ); … … 86 90 add_filter( 'option_webinarignition_limit_counter', array($this, 'check_backup') ); 87 91 add_action( 'admin_init', array($this, 'webinarignition_activate_branding') ); 88 // add_filter('option_auto_update_plugins', array( $this, 'webinarignition_restrict__auto_plugin_update') );89 92 add_action( 'init', array('WebinarignitionLicense', 'webinarignition_reset_limit_counter') ); 90 93 add_filter( … … 211 214 $page_id = $webinar->postID; 212 215 $webinar_data = WebinarignitionManager::webinarignition_get_webinar_data( $webinar->ID ); 213 $date_created = date( 'Y-m-d', strtotime( $webinar->created ) );216 $date_created = gmdate( 'Y-m-d', strtotime( $webinar->created ) ); 214 217 $total_lp = $webinar->total_lp; 215 218 $total_ty = $webinar->total_ty; … … 340 343 global $wpdb; 341 344 $table_name = $wpdb->prefix . 'webinarignition'; 342 $getQuery = "SELECT * FROM {$table_name} WHERE postID = %d"; 343 $webinars = $wpdb->get_results( $wpdb->prepare( $getQuery, $post_id ) ); 345 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_name} WHERE postID = %d", $post_id ) ); 344 346 if ( empty( $webinars ) ) { 345 347 return; … … 357 359 } 358 360 } 359 $query = "UPDATE {$table_name} SET appname = %s WHERE postID = %d"; 360 $query = $wpdb->prepare( $query, $post->post_title, $post_id ); 361 $wpdb->get_results( $query ); 361 $wpdb->get_results( $wpdb->prepare( "UPDATE {$table_name} SET appname = %s WHERE postID = %d", $post->post_title, $post_id ) ); 362 362 } 363 363 … … 365 365 global $wpdb; 366 366 $table_name = $wpdb->prefix . 'webinarignition'; 367 $query = "SELECT W.ID FROM {$table_name} AS W WHERE STR_TO_DATE(W.created , '%%M %%d, %%Y') <= %s;"; 368 $old_webinar_exists = $wpdb->get_var( $wpdb->prepare( $query, $date_before ) ); 369 return !empty( $old_webinar_exists ); 367 return !empty( $wpdb->get_var( $wpdb->prepare( "SELECT W.ID FROM {$table_name} AS W WHERE STR_TO_DATE(W.created , '%%M %%d, %%Y') <= %s;", $date_before ) ) ); 370 368 } 371 369 … … 599 597 } 600 598 601 public function auto_update_plugin( $update, $item ) {599 public function webinarignition_auto_update_file( $update, $item ) { 602 600 $site_url = get_site_url(); 603 601 $statusCheck = new stdClass(); -
webinar-ignition/tags/4.00.0-rc.7/inc/class.WebinarignitionLeadsManager.php
r3207791 r3210120 64 64 global $wpdb; 65 65 66 $prepared_data = $wpdb->prepare( 66 67 $wpdb->query($wpdb->prepare( 67 68 "INSERT INTO $table_name (lead_id, meta_key, meta_value) VALUES (%d, %s, %s)", 68 69 $lead_id, 69 70 $meta_key, 70 71 $meta_value 71 ); 72 73 $wpdb->query($prepared_data); 72 ));// phpcs:ignore WordPress.DB.DirectDatabaseQuery 74 73 75 74 return $wpdb->insert_id; … … 105 104 $table_name = self::webinarignition_get_meta_table_name( $table ); 106 105 global $wpdb; 107 $sql = "SELECT * FROM {$table_name} WHERE lead_id = %d AND meta_key = %s ORDER BY meta_id DESC"; 108 $safe_query = $wpdb->prepare( $sql, array( $lead_id, $meta_key ) ); 109 $result = $wpdb->get_results( $safe_query, ARRAY_A ); 106 $result = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_name} WHERE lead_id = %d AND meta_key = %s ORDER BY meta_id DESC", array( $lead_id, $meta_key ) ), ARRAY_A ); 110 107 111 108 if ( ! empty( $result ) ) { -
webinar-ignition/tags/4.00.0-rc.7/inc/class.WebinarignitionManager.php
r3207791 r3210120 143 143 global $wpdb; 144 144 $table = "{$wpdb->prefix}webinarignition"; 145 $query = $wpdb->prepare( "SELECT postID FROM {$table} W WHERE W.ID=%d", array( $webinar_id ) ); 146 $webinar_post_id = $wpdb->get_var( $query ); 145 $webinar_post_id = $wpdb->get_var( $wpdb->prepare( "SELECT postID FROM {$table} W WHERE W.ID=%d", array( $webinar_id ) ) ); 147 146 return absint( $webinar_post_id ); 148 147 } … … 151 150 global $wpdb; 152 151 $table = "{$wpdb->prefix}webinarignition"; 153 $query = $wpdb->prepare( "SELECT * FROM {$table} W WHERE W.ID=%d", array( $webinar_id ) );154 152 155 153 if ( 'object' === $type ) { 156 $webinar = $wpdb->get_row( $ query);154 $webinar = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$table} W WHERE W.ID=%d", array( $webinar_id ) ) ); 157 155 } else { 158 $webinar = $wpdb->get_row( $ query, ARRAY_A );156 $webinar = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$table} W WHERE W.ID=%d", array( $webinar_id ) ), ARRAY_A ); 159 157 } 160 158 -
webinar-ignition/tags/4.00.0-rc.7/inc/class.WebinarignitionPowerupsShortcodes.php
r3207791 r3210120 865 865 $liverdate_first_key = isset($livedate[1]) ? $livedate[1] : null; 866 866 $time = 'AUTO' === $webinar_data->webinar_date ? $liverdate_first_key : $webinar_data->webinar_start_time; 867 $time = date( 'H:i', strtotime( $time ) );867 $time = gmdate( 'H:i', strtotime( $time ) ); 868 868 $ex_time = explode( ':', $time ); 869 869 $ex_hr = $ex_time[0]; … … 1434 1434 1435 1435 $time = 'AUTO' === $webinar_data->webinar_date && isset($livedate[1]) ? $livedate[1] : (isset($webinar_data->webinar_start_time) ? $webinar_data->webinar_start_time : 'default_value'); 1436 $time = date( 'H:i', strtotime( $time ) );1436 $time = gmdate( 'H:i', strtotime( $time ) ); 1437 1437 $ex_time = explode( ':', $time ); 1438 1438 $ex_hr = $ex_time[0]; -
webinar-ignition/tags/4.00.0-rc.7/inc/class.WebinarignitionQA.php
r3207791 r3210120 11 11 $table_db_name = $wpdb->prefix . 'webinarignition_questions'; 12 12 13 // check if table exists14 $query = $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_db_name ) );15 13 16 if ( $wpdb->get_var( $ query) !== $table_db_name ) {14 if ( $wpdb->get_var( $wpdb->prepare( 'SHOW TABLES LIKE %s', $wpdb->esc_like( $table_db_name ) ) ) !== $table_db_name ) { 17 15 $table_db_name = $wpdb->prefix . 'webinarignition_questions_new'; 18 16 } … … 26 24 27 25 // Start with the basic query 28 $sql = " SELECT ID, name, email, question, status, created, type, parent_id, answer_text, attr3 FROM {$table} WHERE app_id = %d";26 $sql = ""; 29 27 30 28 // Array to hold the values to prepare … … 33 31 // Check if $email is provided and not empty 34 32 if (!empty($email)) { 35 $sql .= " AND email = %s";36 33 $query_values[] = $email; 34 if (!empty($where)) { 35 $chat_messages = $wpdb->get_results($wpdb->prepare("SELECT ID, name, email, question, status, created, type, parent_id, answer_text, attr3 FROM {$table} WHERE app_id = %d {$where} AND email = %s ORDER BY ID ASC", $query_values), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 36 }else{ 37 $chat_messages = $wpdb->get_results($wpdb->prepare("SELECT ID, name, email, question, status, created, type, parent_id, answer_text, attr3 FROM {$table} WHERE app_id = %d AND email = %s ORDER BY ID ASC", $query_values), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 38 } 39 }else{ 40 if (!empty($where)) { 41 $chat_messages = $wpdb->get_results($wpdb->prepare("SELECT ID, name, email, question, status, created, type, parent_id, answer_text, attr3 FROM {$table} WHERE app_id = %d {$where} ORDER BY ID ASC", $query_values), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 42 }else{ 43 $chat_messages = $wpdb->get_results($wpdb->prepare("SELECT ID, name, email, question, status, created, type, parent_id, answer_text, attr3 FROM {$table} WHERE app_id = %d ORDER BY ID ASC", $query_values), ARRAY_A);// phpcs:ignore WordPress.DB.DirectDatabaseQuery 44 } 37 45 } 38 39 // If there are additional where clauses40 if (!empty($where)) {41 // Assume $where is a string like "AND something = value"42 // Be sure that $where is safely prepared or built to avoid SQL injection43 $sql .= ' ' . $where; // Unsafe if $where is not controlled properly44 }45 46 // Complete the query with an order clause47 $sql .= ' ORDER BY ID ASC';48 49 // Prepare the SQL statement with the query values50 $prepared_sql = $wpdb->prepare($sql, $query_values);51 52 // Execute the query53 $chat_messages = $wpdb->get_results($prepared_sql, ARRAY_A);54 55 56 46 if ( empty( $chat_messages ) ) { 57 47 return array(); … … 86 76 global $wpdb; 87 77 $table = self::webinarignition_get_table(); 88 $sql = $wpdb->prepare( "SELECT * FROM {$table} WHERE ID = %d", $id ); 89 90 return $wpdb->get_row( $sql, ARRAY_A ); 78 return $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$table} WHERE ID = %d", $id ), ARRAY_A );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 91 79 } 92 80 … … 94 82 global $wpdb; 95 83 $table = self::webinarignition_get_table(); 96 $sql = $wpdb->prepare( "SELECT * FROM `$table` WHERE parent_id = %d", $id ); 97 98 return $wpdb->get_results( $sql, ARRAY_A ); 84 return $wpdb->get_results( $wpdb->prepare( "SELECT * FROM `$table` WHERE parent_id = %d", $id ), ARRAY_A );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 99 85 } 100 86 -
webinar-ignition/tags/4.00.0-rc.7/inc/class.WebinarignitionUpdates.php
r3207791 r3210120 81 81 $wpdb->query( "ALTER TABLE {$table_name} ADD COLUMN `hash_ID` VARCHAR(40) DEFAULT NULL" ); 82 82 } 83 $leads_sql = $wpdb->prepare( "SELECT ID, app_id, email FROM %i", $table_name );84 $leads = $wpdb->get_results( $ leads_sql, ARRAY_A );83 84 $leads = $wpdb->get_results( $wpdb->prepare( "SELECT ID, app_id, email FROM %s", $table_name ), ARRAY_A ); 85 85 86 86 if ( ! empty( $leads ) ) { … … 97 97 $table_name = $wpdb->prefix . 'webinarignition_leads_evergreen'; 98 98 if ( self::webinarignition_is_db_column_exist( $table_name, 'hash_ID' ) === false ) { 99 $wpdb->query( $wpdb->prepare( "ALTER TABLE % iADD COLUMN `hash_ID` VARCHAR(40) DEFAULT NULL", $table_name ) );100 } 101 102 $leads_sql = $wpdb->prepare( "SELECT ID, app_id, email FROM %i", $table_name );103 $leads = $wpdb->get_results( $ leads_sql, ARRAY_A );99 $wpdb->query( $wpdb->prepare( "ALTER TABLE %s ADD COLUMN `hash_ID` VARCHAR(40) DEFAULT NULL", $table_name ) ); 100 } 101 102 103 $leads = $wpdb->get_results( $wpdb->prepare( "SELECT ID, app_id, email FROM %s", $table_name ), ARRAY_A ); 104 104 105 105 if ( ! empty( $leads ) ) { … … 110 110 } 111 111 112 $sql = $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' );113 $webinars = $wpdb->get_results( $ sql, ARRAY_A );112 113 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' ), ARRAY_A ); 114 114 $map = array(); 115 115 $map_rev = array(); … … 139 139 global $wpdb; 140 140 141 $sql = $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' );142 $webinars = $wpdb->get_results( $ sql, ARRAY_A );141 142 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' ), ARRAY_A ); 143 143 144 144 if ( ! empty( $webinars ) ) { … … 225 225 global $wpdb; 226 226 227 $sql = $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' );228 $webinars = $wpdb->get_results( $ sql, ARRAY_A );227 228 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$wpdb->options} WHERE option_name LIKE %s", 'webinarignition_campaign_%' ), ARRAY_A ); 229 229 230 230 if ( ! empty( $webinars ) ) { -
webinar-ignition/tags/4.00.0-rc.7/inc/ex/ex.php
r3207791 r3210120 63 63 }//end if 64 64 65 $query = "SELECT * FROM $table_db_name WHERE app_id = %d";66 65 $query_params = array( $ID ); 67 66 68 67 if ( $type === 'live_hot' || $type === 'evergreen_hot' ) { 69 $query .= ' AND event=%s';70 68 $query_params[] = 'Yes'; 69 $results = $wpdb->get_results( $wpdb->prepare( 'SELECT * FROM $table_db_name WHERE app_id = %d AND event=%s', $query_params ) ); 70 71 }else{ 72 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table_db_name WHERE app_id = %d", $query_params ) ); 71 73 } 72 74 73 $results = $wpdb->get_results( $wpdb->prepare( $query, $query_params ) );74 75 75 $export_filename = sprintf( 'webinarignition-leads-%d-%s', $ID, date( 'Y-m-d_H-i-s', current_time( 'U' ) ) );76 $export_filename = sprintf( 'webinarignition-leads-%d-%s', $ID, gmdate( 'Y-m-d_H-i-s', current_time( 'U' ) ) ); 76 77 77 78 // CSV Header: -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/console/index.php
r3207791 r3210120 75 75 // Check if post_id is found 76 76 77 // Add new child link 78 $query = $wpdb->prepare( 79 "SELECT postID FROM {$tbl_webinarignition} WHERE ID = %d LIMIT 1", 80 $webinar_data->id 81 ); 77 82 78 83 $webinar_id = $wpdb->get_var( $ query);79 $webinar_id = $wpdb->get_var( $wpdb->prepare("SELECT postID FROM {$tbl_webinarignition} WHERE ID = %d LIMIT 1", $webinar_data->id) ); 84 80 ?> 85 81 -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/css/lp_css.php
r3207791 r3210120 78 78 <?php 79 79 $btn_color = isset($webinar_data->lp_optin_btn_color) && $webinar_data->lp_optin_btn_color !== '' ? $webinar_data->lp_optin_btn_color : '#74BB00'; 80 $hexCode = ltrim( $btn_color, '#' ); 81 if ( strlen( $hexCode ) == 3 ) { 82 $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2]; 83 } 84 85 if ( strlen( $hexCode ) == 3 ) { 86 $hexCode = $hexCode[0] . $hexCode[0] . $hexCode[1] . $hexCode[1] . $hexCode[2] . $hexCode[2]; 87 } 88 89 $hoverCode = array_map( 'hexdec', str_split( $hexCode, 2 ) ); 90 91 $adjustPercent = -0.05; 92 foreach ( $hoverCode as & $color ) { 93 $adjustableLimit = $adjustPercent < 0 ? $color : 255 - $color; 94 $adjustAmount = ceil( $adjustableLimit * $adjustPercent ); 95 96 $color = str_pad( dechex( $color + $adjustAmount ), 2, '0', STR_PAD_LEFT ); 97 } 98 99 $hover_color = '#' . implode( $hoverCode ); 100 101 $r = hexdec( substr( $btn_color, 1, 2 ) ); 102 $g = hexdec( substr( $btn_color, 3, 2 ) ); 103 $b = hexdec( substr( $btn_color, 5, 2 ) ); 104 $yiq = ( ( $r * 299 ) + ( $g * 587 ) + ( $b * 114 ) ) / 1000; 105 $text_color = ( $yiq >= 198 ) ? 'black' : 'white'; 80 $color_array = webinarignition_btn_color($btn_color); 81 $hover_color = $color_array['hover_color']; 82 $text_color = $color_array['text_color']; 106 83 ?> 107 84 108 85 #optinBTN, #verifyEmailBTN, .wi_arrow_button { 109 background-color: <?php echo esc_attr( $ btn_color ); ?>;86 background-color: <?php echo esc_attr( $hover_color ); ?> !important; 110 87 color: <?php echo esc_attr( $text_color ); ?>; 88 } 89 .wi_registration #optinBTN{ 90 background-color: <?php echo esc_attr( $hover_color ); ?> !important; 91 } 92 93 .wi_registration .wi_arrow_button{ 94 background-color: <?php echo esc_attr( $hover_color ); ?> !important; 111 95 } 112 96 113 97 #optinBTN:hover, #verifyEmailBTN:hover, .wi_arrow_button:hover { 114 background-color: <?php echo esc_attr( $ hover_color ); ?>;98 background-color: <?php echo esc_attr( $btn_color ); ?> !important; 115 99 color: <?php echo esc_attr( $text_color ); ?>; 116 100 } -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/css/main.css
r3207791 r3210120 307 307 .wi_registration #optinBTN.optinBTNimg, #optinBTN, #verifyEmailBTN, .wi_arrow_button { 308 308 width: 100%; 309 background-color: #74BB00;309 /* background-color: #74BB00; */ 310 310 border: 1px solid rgba(0, 0, 0, 0.20); 311 311 -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/css/webinar-modern.css
r3207791 r3210120 149 149 justify-content: space-evenly !important; 150 150 } 151 #wi_ctaVideo { 152 position: relative; 153 width: 100%; 154 } 155 156 #wi_ctaVideoPlayer { 157 width: 100%; 158 height: 100%; 159 } 160 161 #wi_ctaVideo > .wi_videoPlayerUnmute { 162 position: absolute; 163 width: 124px; 164 top: 50%; 165 margin-top: -22px; 166 left: 50%; 167 margin-left: -62px; 168 z-index: 9999; 169 display: none; 170 } 171 172 #wi_ctaVideo > .wi_videoPlayerMute { 173 background: no-repeat; 174 border: none; 175 width: 10%; 176 padding: 0 2% 1% 2%; 177 position: absolute; 178 transform: scale(1.5); 179 bottom: 10px; 180 left: 10px; 181 display: none; 182 box-shadow: none; 183 transition: none; 184 z-index: 9999; 185 cursor: pointer; 186 } 151 187 152 188 .wi-align-items-start { … … 5263 5299 #optinBTN { 5264 5300 width: 100%; 5265 background-color: #74bb00;5301 /* background-color: #74bb00; */ 5266 5302 border: 1px solid rgba(0, 0, 0, 0.2); 5267 5303 background-repeat: no-repeat; -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/livecounter.php
r3207791 r3210120 38 38 $type = isset( $_REQUEST['t'] ) ? $_REQUEST['t'] : false; 39 39 $print = webinarignition_get_user_online_count( $type, true ); 40 echo 'document.write("' . ( $print) . '");';40 echo 'document.write("' . ( wp_kses_post($print) ) . '");'; 41 41 } elseif ( isset( $_REQUEST['c'] ) ) { 42 42 $type = isset( $_REQUEST['c'] ) ? $_REQUEST['c'] : false; 43 43 $count = webinarignition_get_user_online_count( $type, false ); 44 echo 'document.write("' . ( $count) . '");';44 echo 'document.write("' . ( wp_kses_post($count) ) . '");'; 45 45 } 46 46 } -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/partials/registration_page/optin-form-generate.php
r3207791 r3210120 71 71 //applicable for logged in users 72 72 if( is_user_logged_in() && current_user_can('activate_plugins') ) { 73 // Set timezone to WordPress timezone setting 74 date_default_timezone_set(get_option('timezone_string')); 73 75 74 76 75 // Manually format date and time 77 $todays_date = date('mdY'); // Format: mmddyyyy78 $todays_time = date('Hi'); // Format: 24-hour time without colon (e.g., 0000)76 $todays_date = gmdate('mdY'); // Format: mmddyyyy 77 $todays_time = gmdate('Hi'); // Format: 24-hour time without colon (e.g., 0000) 79 78 80 79 // Get and sanitize the website URL … … 376 375 unload_textdomain( 'webinar-ignition' ); 377 376 load_textdomain( 'webinar-ignition', WEBINARIGNITION_PATH . 'languages/webinar-ignition-' . $webinar_data->webinar_lang . '.mo' ); 377 $btn_color = isset($webinar_data->lp_optin_btn_color) && $webinar_data->lp_optin_btn_color !== '' ? $webinar_data->lp_optin_btn_color : '#74BB00'; 378 $color_array = webinarignition_btn_color($btn_color); 379 $hover_color = $color_array['hover_color']; 380 $text_color = $color_array['text_color']; 378 381 ?> 382 <style> 383 #optinBTN{ 384 background-color: <?php echo esc_attr($btn_color) ?>; 385 color: <?php echo esc_attr($text_color) ?>; 386 } 387 #optinBTN:hover{ 388 background-color: <?php echo esc_attr($hover_color) ?>; 389 color: <?php echo esc_attr($text_color) ?>; 390 } 391 </style> 379 392 <button href="#" id="optinBTN" class="large button wiButton wiButton-block wiButton-lg addedArrow"> 380 393 <span id="optinBTNText"> -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/partials/thank_you_page/ty-share-gift-compact.php
r3207791 r3210120 15 15 if ( 'off' !== $webinar_data->ty_fb_share ) { 16 16 ?> 17 <div class="socialShare"> 18 <!-- <div class="fb-like" data-href="<?php// echo esc_url( get_permalink( $data->postID ) ); ?>" 19 data-send="false" 20 data-layout="box_count" data-width="48" data-show-faces="false" 21 data-font="arial"></div> 22 </div> --> 17 23 18 <div class="socialDivider"></div> 24 19 <?php -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/partials/webinar_page/social_share_links.php
r3207791 r3210120 1 1 <?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly ?> 2 2 <div class="webinarShare"> 3 <div class="webinarShareCopy" style="color: <?php echo isset( $webinar_data->webinar_invite_color ) ? $webinar_data->webinar_invite_color: '#222'; ?>;">3 <div class="webinarShareCopy" style="color: <?php echo isset( $webinar_data->webinar_invite_color ) ? esc_html($webinar_data->webinar_invite_color) : '#222'; ?>;"> 4 4 <!-- <i class="icon-user"></i> <?php // webinarignition_display( $webinar_data->webinar_invite, __( 'Invite Your Friends To The Webinar:', 'webinar-ignition' ) ); ?> --> 5 5 <!-- </div> -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/thankyou_cp_preview.php
r3207791 r3210120 400 400 401 401 402 <div class="cpUnderHeadline" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? webinarignition_display($webinar_data->ty_share_toggle, 'none') : 'none'; ?>;">402 <div class="cpUnderHeadline" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? esc_html(webinarignition_display($webinar_data->ty_share_toggle, 'none')) : 'none'; ?>;"> 403 403 <?php 404 404 webinarignition_display( … … 409 409 </div> 410 410 411 <div class="cpUnderCopy" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? webinarignition_display($webinar_data->ty_share_toggle, 'none') : 'none'; ?>;">411 <div class="cpUnderCopy" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? esc_html(webinarignition_display($webinar_data->ty_share_toggle, 'none')) : 'none'; ?>;"> 412 412 413 413 <div class="cpCopyArea"> 414 414 <!-- SHARE BLOCK --> 415 <div class="shareBlock wi-block--sharing" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? webinarignition_display($webinar_data->ty_share_toggle, 'none') : 'none'; ?>;">415 <div class="shareBlock wi-block--sharing" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? esc_html(webinarignition_display($webinar_data->ty_share_toggle, 'none')) : 'none'; ?>;"> 416 416 417 417 <?php … … 429 429 430 430 <!-- SHARE REWARD - UNLOCK --> 431 <div class="shareReward" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? webinarignition_display($webinar_data->ty_share_toggle, 'none') : 'none'; ?>;">431 <div class="shareReward" style="display:<?php echo isset($webinar_data->ty_share_toggle) ? esc_html(webinarignition_display($webinar_data->ty_share_toggle, 'none')) : 'none'; ?>;"> 432 432 <div class="sharePRE"> 433 433 <?php -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/webinar-classic.php
r3207791 r3210120 45 45 $website_url = home_url(); 46 46 if ( isset( $_GET['page_id'] ) && is_numeric( $_GET['page_id'] ) && $_GET['page_id'] > 0 ) { 47 $page_id = $_GET['page_id'];47 $page_id = absint( wp_unslash( $_GET['page_id'] ) ); 48 48 //phpcs:ignore 49 49 $console_link = "{$website_url}?page_id=" . $page_id . '&console#/dashboard'; … … 81 81 $second_post_id = 0; 82 82 if ( isset( $_GET['page_id'] ) && is_numeric( $_GET['page_id'] ) && $_GET['page_id'] > 0 ) { 83 $first_post_id = $_GET['page_id'];83 $first_post_id = absint( wp_unslash( $_GET['page_id'] ) ); 84 84 $show_setting_link = true; 85 85 } else { 86 $query = $wpdb->prepare( "\n SELECT ID\n FROM {$wpdb->posts}\n WHERE post_name = %s\n ORDER BY ID ASC\n ", $webinar_name ); 87 $results = $wpdb->get_results( $query ); 86 $results = $wpdb->get_results( $wpdb->prepare( "SELECT ID FROM {$wpdb->posts} WHERE post_name = %s ORDER BY ID ASC", $webinar_name ) ); 88 87 // Check if post_id is found 89 88 if ( $results ) { … … 100 99 if ( $show_setting_link ) { 101 100 $tbl_webinarignition = $wpdb->prefix . 'webinarignition'; 102 // Add new child link103 $query = $wpdb->prepare( "\n\t\t\t\t\tSELECT ID\n\t\t\t\t\tFROM {$tbl_webinarignition}\n\t\t\t\t\tWHERE postID = %d OR postID = %d\n\t\t\t\t\tLIMIT 1\n\t\t\t\t", $first_post_id, $second_post_id );104 101 // Execute the query and get id 105 $webinar_id = $wpdb->get_var( $ query);102 $webinar_id = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM {$tbl_webinarignition} WHERE postID = %d OR postID = %d LIMIT 1", $first_post_id, $second_post_id ) ); 106 103 if ( !is_null( $webinar_id ) && 0 < $webinar_id ) { 107 104 $webinar_setting_link = admin_url() . 'admin.php?page=webinarignition-dashboard&id=' . $webinar_id; -
webinar-ignition/tags/4.00.0-rc.7/inc/lp/webinar-modern.php
r3207791 r3210120 13 13 // Check if HTTPS is set and non-empty 14 14 $protocol = (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && 'off' !== $_SERVER['HTTPS']) ? 'https://' : 'http://'; 15 $host = isset($_SERVER['HTTP_HOST']) ? sanitize_text_field( $_SERVER['HTTP_HOST']) : '';16 $request_uri = isset($_SERVER['REQUEST_URI']) ? esc_url_raw( $_SERVER['REQUEST_URI']) : '';15 $host = isset($_SERVER['HTTP_HOST']) ? sanitize_text_field( wp_unslash( $_SERVER['HTTP_HOST'] ) ) : ''; 16 $request_uri = isset($_SERVER['REQUEST_URI']) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : ''; 17 17 18 18 // Get the current URL with the determined protocol … … 24 24 $website_url = home_url(); 25 25 if ( isset( $_GET['page_id'] ) && is_numeric( $_GET['page_id'] ) && $_GET['page_id'] > 0 ) { //phpcs:ignore 26 $page_id = absint( $_GET['page_id']);//phpcs:ignore26 $page_id = absint( wp_unslash( $_GET['page_id'] ) );//phpcs:ignore 27 27 $console_link = "$website_url?page_id=" . $page_id . '&console#/dashboard'; 28 28 } else { … … 61 61 62 62 if ( isset( $_GET['page_id'] ) && is_numeric( $_GET['page_id'] ) && $_GET['page_id'] > 0 ) { 63 $first_post_id = $_GET['page_id'];63 $first_post_id = absint( wp_unslash( $_GET['page_id'] ) ); 64 64 $show_setting_link = true; 65 65 } else { 66 66 67 $query = $wpdb->prepare( 68 " 69 SELECT ID 70 FROM {$wpdb->posts} 71 WHERE post_name = %s 72 ORDER BY ID ASC 73 ", 74 $webinar_name 75 ); 76 $results = $wpdb->get_results( $query ); 67 $results = $wpdb->get_results( $wpdb->prepare("SELECT ID FROM {$wpdb->posts} WHERE post_name = %s ORDER BY ID ASC", $webinar_name) ); 77 68 // Check if post_id is found 78 69 if ( $results ) { … … 90 81 $tbl_webinarignition = $wpdb->prefix . 'webinarignition'; 91 82 92 // Add new child link 93 $query = $wpdb->prepare( 94 " 95 SELECT ID 96 FROM {$tbl_webinarignition} 97 WHERE postID = %d OR postID = %d 98 LIMIT 1 99 ", 100 $first_post_id, 101 $second_post_id 102 ); 83 103 84 104 85 // Execute the query and get id 105 $webinar_id = $wpdb->get_var( $ query);86 $webinar_id = $wpdb->get_var( $wpdb->prepare("SELECT ID FROM {$tbl_webinarignition} WHERE postID = %d OR postID = %d LIMIT 1", $first_post_id, $second_post_id) ); 106 87 if ( ! is_null( $webinar_id ) && $webinar_id > 0 ) { 107 88 $webinar_setting_link = admin_url() . 'admin.php?page=webinarignition-dashboard&id=' . $webinar_id; … … 596 577 ?> 597 578 <div class="wi-tab-pane <?php echo 1 === $i || ! $is_aside_visible ? ' active' : ''; ?>" id="<?php echo esc_html( $slug ); ?>" role="tabpanel" aria-labelledby="<?php echo esc_html( $slug ); ?>-tab"> 598 <?php echo ( $data['content']); ?>579 <?php echo ( wp_kses_post($data['content']) ); ?> 599 580 </div> 600 581 <?php -
webinar-ignition/tags/4.00.0-rc.7/inc/menu.php
r3207791 r3210120 195 195 196 196 function webinarignition_settings_submenu_page() { 197 $tab = sanitize_text_field( filter_input( INPUT_GET, 'tab', FILTER_SANITIZE_SPECIAL_CHARS ));198 $active_tab = ( isset( $ tab ) ? $tab: 'general' );197 $tab = ( isset( $_GET['tab'] ) ? sanitize_text_field( filter_input( INPUT_GET, 'tab', FILTER_SANITIZE_SPECIAL_CHARS ) ) : '' ); 198 $active_tab = ( isset( $_GET['tab'] ) ? sanitize_text_field( filter_input( INPUT_GET, 'tab', FILTER_SANITIZE_SPECIAL_CHARS ) ) : 'general' ); 199 199 if ( 'smtp-settings' === $active_tab ) { 200 200 return webinarignition_display_smtp_settings_tab(); … … 415 415 global $wpdb; 416 416 $table_db_name = $wpdb->prefix . 'webinarignition'; 417 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM % i", $table_db_name ), ARRAY_A );417 $webinars = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %s", $table_db_name ), ARRAY_A ); 418 418 if ( is_array( $webinars ) && !empty( $webinars ) ) { 419 419 $all_webinars = array_reverse( $webinars ); -
webinar-ignition/tags/4.00.0-rc.7/inc/migrations.php
r3207791 r3210120 17 17 // add os/browser columns (live) 18 18 $table_name = $wpdb->prefix . 'webinarignition_leads'; 19 $ query =$wpdb->prepare(19 $row = $wpdb->get_results( $wpdb->prepare( 20 20 "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = %s AND column_name = %s", 21 21 $table_name, 22 22 'gdpr_data' 23 ); 24 $row = $wpdb->get_results( $query ); 23 ) );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 25 24 if ( empty( $row ) ) { 26 25 $wpdb->query( "ALTER TABLE {$table_name} ADD COLUMN gdpr_data VARCHAR(256) DEFAULT NULL, ADD COLUMN event varchar(50), ADD COLUMN replay varchar(50), ADD COLUMN trk1 varchar(50),ADD COLUMN trk2 varchar(50),ADD COLUMN trk3 varchar(50),ADD COLUMN trk4 varchar(50),ADD COLUMN trk5 varchar(50),ADD COLUMN trk6 varchar(50),ADD COLUMN trk7 varchar(50),ADD COLUMN trk8 varchar(50),ADD COLUMN trk9 varchar(50),ADD COLUMN lead_browser_and_os varchar(256)" ); … … 115 114 // update old webinars with correct url of wi logo 116 115 $table_name = $wpdb->prefix . 'webinarignition'; 117 $qry = $wpdb->prepare( "SELECT id, camtype FROM %i", $table_name ); 118 $lst = $wpdb->get_results( $qry ); 116 $lst = $wpdb->get_results( $wpdb->prepare( "SELECT id, camtype FROM %s", $table_name ) );// phpcs:ignore WordPress.DB.DirectDatabaseQuery 119 117 120 118 if ( ! empty( $lst ) ) { … … 191 189 global $wpdb; 192 190 193 $qry = $wpdb->prepare( 'SELECT id FROM ' . $wpdb->prefix . 'webinarignition WHERE id = %d', 0 ); 194 $lst = $wpdb->get_results( $qry ); 191 $lst = $wpdb->get_results( $wpdb->prepare( 'SELECT id FROM ' . $wpdb->prefix . 'webinarignition WHERE id = %d', 0 ) ); 195 192 if ( ! empty( $lst ) ) { 196 193 foreach ( $lst as $cmp ) { -
webinar-ignition/tags/4.00.0-rc.7/inc/page_link.php
r3207791 r3210120 30 30 $templates = $wpdb->get_results( 31 31 $wpdb->prepare( 32 "SELECT * FROM % iORDER BY ID DESC",32 "SELECT * FROM %s ORDER BY ID DESC", 33 33 $table_db_name 34 34 ), … … 69 69 70 70 // if our nonce isn't there, or we can't verify it, bail 71 if ( ! isset( $_POST['webinarignitionx_box_nonce'] ) || ! wp_verify_nonce( $_POST['webinarignitionx_box_nonce'], 'webinarignitionx_meta_box_nonce' ) ) {71 if ( ! isset( $_POST['webinarignitionx_box_nonce'] ) || ! wp_verify_nonce( wp_unslash( $_POST['webinarignitionx_box_nonce'] ), 'webinarignitionx_meta_box_nonce' ) ) { 72 72 return; 73 73 } -
webinar-ignition/tags/4.00.0-rc.7/inc/pk/pkHelper.php
r3207791 r3210120 19 19 global $wpdb; 20 20 $table_db_name = $wpdb->prefix . 'webinarignition_wi'; 21 $query = $wpdb->prepare( "SELECT * FROM {$table_db_name} LIMIT 1" ); 22 $this->secret_key = $wpdb->get_row( $query, OBJECT )->keyused; 21 $this->secret_key = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM %s LIMIT %d", $table_db_name, 1 ), OBJECT )->keyused; 23 22 $this->post_data = $post_data; 24 23 $this->plugin_dir = $plugin_dir; … … 56 55 global $wpdb; 57 56 $table_db_name = $wpdb->prefix . 'webinarignition'; 58 $query = $wpdb->prepare( "SELECT * FROM %i", $table_db_name ); 59 $results = $wpdb->get_results( $query, OBJECT ); 57 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM %s", $table_db_name ), OBJECT ); 60 58 61 59 $allWebinars = array(); … … 88 86 $webinar_slashed_date = str_replace( '-', '/', $w->webinar_date ); 89 87 $webinar_timestamp = strtotime( $webinar_slashed_date . ' ' . $w->webinar_start_time ); 90 $formatted_webinar_date = date( 'd-m-Y H:i:s', $webinar_timestamp );88 $formatted_webinar_date = gmdate( 'd-m-Y H:i:s', $webinar_timestamp ); 91 89 92 90 // current time by webinar timezone … … 183 181 private function webinarignition_user_is_registered( $webinar_id, $user_email ) { 184 182 global $wpdb; 185 $query = "SELECT ID FROM {$this->dbtable} WHERE email = %s AND app_id = %d"; 186 187 return $wpdb->get_row( $wpdb->prepare( $query, $user_email, $webinar_id ) ); 183 return $wpdb->get_row( $wpdb->prepare( "SELECT ID FROM %s WHERE email = %s AND app_id = %d", $this->dbtable, $user_email, $webinar_id ) ); 188 184 } 189 185 … … 245 241 'event' => 'No', 246 242 'replay' => 'No', 247 'created' => date( 'F j, Y' ),243 'created' => gmdate( 'F j, Y' ), 248 244 ); 249 245 … … 281 277 282 278 $date_format = get_option( 'date_format' ); 283 $autoDate_format = date( $date_format, strtotime( $autoDate ) );279 $autoDate_format = gmdate( $date_format, strtotime( $autoDate ) ); 284 280 285 281 // Final Step = Translate Months … … 336 332 // Get & Set Dates For Emails... 337 333 $format = 'Y-m-d H:i'; 338 $date_picked_and_live = date( $format, strtotime( $webinar_start_datetime ) );339 $date_1_day_before = date( $format, strtotime( $webinar_start_datetime . ' -1 days' ) );340 $date_1_hour_before = date( $format, strtotime( $webinar_start_datetime . ' -1 hours' ) );341 $date_after_live = date( $format, strtotime( $webinar_start_datetime . " +$webinarLength minutes" ) );342 $date_1_day_after = date( $format, strtotime( $webinar_start_datetime . ' +1 days' ) );334 $date_picked_and_live = gmdate( $format, strtotime( $webinar_start_datetime ) ); 335 $date_1_day_before = gmdate( $format, strtotime( $webinar_start_datetime . ' -1 days' ) ); 336 $date_1_hour_before = gmdate( $format, strtotime( $webinar_start_datetime . ' -1 hours' ) ); 337 $date_after_live = gmdate( $format, strtotime( $webinar_start_datetime . " +$webinarLength minutes" ) ); 338 $date_1_day_after = gmdate( $format, strtotime( $webinar_start_datetime . ' +1 days' ) ); 343 339 344 340 $user_data = array( … … 353 349 'event' => 'No', 354 350 'replay' => 'No', 355 'created' => date( 'F j, Y' ),351 'created' => gmdate( 'F j, Y' ), 356 352 'date_picked_and_live' => $date_picked_and_live, 357 353 'date_1_day_before' => $date_1_day_before, … … 382 378 383 379 $date_format = get_option( 'date_format' ); 384 $autoDate_format = date( $date_format, strtotime( $webinar_start_date ) );380 $autoDate_format = gmdate( $date_format, strtotime( $webinar_start_date ) ); 385 381 386 382 // Final Step = Translate Months … … 401 397 } 402 398 403 private function webinarignition_send_registration_email( $emailBody, $results, $post ) { 404 // SEND EMAIL -- SMTP 399 private function webinarignition_send_registration_email($emailBody, $results, $post) { 405 400 require_once $this->plugin_dir . 'inc/PHPMailerAutoload.php'; 406 401 $mail = new PHPMailer(); 407 402 $mail->CharSet = 'UTF-8'; 408 409 // check whether smtp is available; this will be used to determine whether to use smtp or Sendmail later 410 $smtp_avail = true; 411 $connection = @fsockopen( $results->smtp_host, $results->smtp_port, $errno, $errstr, 15 ); 412 if ( ! is_resource( $connection ) ) { 413 $smtp_avail = false; 414 } 415 416 if ( $smtp_avail ) { 403 404 // Use WordPress HTTP API to check SMTP availability 405 $args = array( 406 'timeout' => 15, 407 'redirection' => 5, 408 'httpversion' => '1.0', 409 'user-agent' => 'WordPress/' . $GLOBALS['wp_version'] . '; ' . home_url(), 410 'blocking' => true, 411 'headers' => array(), 412 'cookies' => array(), 413 'body' => null, 414 'compress' => false, 415 'decompress' => true, 416 'sslverify' => true, 417 'stream' => false, 418 'filename' => null 419 ); 420 421 $response = wp_remote_get("http://{$results->smtp_host}:{$results->smtp_port}", $args); 422 $smtp_avail = !is_wp_error($response); 423 424 if ($smtp_avail) { 417 425 $mail->isSMTP(); 418 426 $mail->Host = $results->smtp_host; … … 423 431 $mail->From = $results->smtp_email; 424 432 $mail->FromName = $results->smtp_name; 425 $mail->Port = ! empty( $results->smtp_port) ? $results->smtp_port : 25;433 $mail->Port = !empty($results->smtp_port) ? $results->smtp_port : 25; 426 434 } else { 427 435 $mail->isSendmail(); 428 $mail->setFrom( $results->smtp_email, $results->smtp_name ); 429 } 430 431 // EMAIL COPY :: 436 $mail->setFrom($results->smtp_email, $results->smtp_name); 437 } 438 432 439 $mail->WordWrap = 50; 433 $mail->IsHTML( true);440 $mail->IsHTML(true); 434 441 $mail->Subject = $results->email_signup_sbj; 435 442 $mail->Body = $emailBody; 436 $mail->AddAddress( $post['email'], $post['name'] ); 437 438 if ( ! $mail->send() ) { 439 $headers = 'MIME-Version: 1.0' . "\r\n"; 440 $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; 441 $headers .= 'From: ' . $results->smtp_email . "\r\n" . 442 'Reply-To: ' . $results->smtp_email . "\r\n" . 443 'X-Mailer: PHP/' . phpversion(); 444 445 if ( ! mail( $post['email'], $results->email_signup_sbj, $emailBody, $headers ) ) { 446 WebinarIgnition_Logs::add( "Registration email could not be sent to {$post['email']}", WebinarIgnition_Logs::LIVE_EMAIL ); 443 $mail->AddAddress($post['email'], $post['name']); 444 445 if (!$mail->send()) { 446 $headers = array( 447 'MIME-Version' => '1.0', 448 'Content-type' => 'text/html; charset=iso-8859-1', 449 'From' => $results->smtp_email, 450 'Reply-To' => $results->smtp_email, 451 'X-Mailer' => 'PHP/' . phpversion() 452 ); 453 454 if (!wp_mail($post['email'], $results->email_signup_sbj, $emailBody, $headers)) { 455 WebinarIgnition_Logs::add("Registration email could not be sent to {$post['email']}", WebinarIgnition_Logs::LIVE_EMAIL); 447 456 } else { 448 WebinarIgnition_Logs::add( 'Registration email has been sent.', $post['id'], WebinarIgnition_Logs::LIVE_EMAIL ); 449 } 450 } 451 } 457 WebinarIgnition_Logs::add('Registration email has been sent.', $post['id'], WebinarIgnition_Logs::LIVE_EMAIL); 458 } 459 } 460 } 461 452 462 453 463 /* -
webinar-ignition/tags/4.00.0-rc.7/inc/schedule_email_auto.php
r3207791 r3210120 9 9 global $wpdb; 10 10 $table_db_name = $wpdb->prefix . 'webinarignition_leads_evergreen'; 11 $query = $wpdb->prepare( "SELECT * FROM $table_db_name WHERE app_id = %s", $campaignID ); 12 $results = $wpdb->get_results( $query, OBJECT ); 11 $results = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM $table_db_name WHERE app_id = %s", $campaignID ), OBJECT ); 13 12 $timezone_string_option = get_option( 'timezone_string' ); 14 13 -
webinar-ignition/tags/4.00.0-rc.7/inc/schedule_email_live.php
r3207791 r3210120 18 18 19 19 20 $date_and_time = date( 'Y-m-d H:i' );21 $date_only = date( 'Y-m-d' );22 $time_only = date( 'H:i' );20 $date_and_time = gmdate( 'Y-m-d H:i' ); 21 $date_only = gmdate( 'Y-m-d' ); 22 $time_only = gmdate( 'H:i' ); 23 23 $time_only_e = explode( ':', $time_only ); 24 24 25 25 // SETUP :: Buffer Zone 26 26 $time = strtotime( $time_only ); 27 $startTime = date( 'H:i', strtotime( '-30 minutes', $time ) );28 $endTime = date( 'H:i', strtotime( '+30 minutes', $time ) );27 $startTime = gmdate( 'H:i', strtotime( '-30 minutes', $time ) ); 28 $endTime = gmdate( 'H:i', strtotime( '+30 minutes', $time ) ); 29 29 $time_buffer = $time_only_e[1] - 10; 30 30 $time_buffer2 = $time_only_e[1] + 10; … … 46 46 $webinar_timezone = isset($webinar_data->webinar_timezone) ? $webinar_data->webinar_timezone : 'UTC'; 47 47 $webinar_utc = trim( webinarignition_get_time_tz( $time, $time_format, $webinar_timezone, true, $timeonly ) ); 48 $date = date( 'Y-m-d', $time );49 $today = date( 'Y-m-d' );48 $date = gmdate( 'Y-m-d', $time ); 49 $today = gmdate( 'Y-m-d' ); 50 50 51 51 for ( $num = 5; $num > 0; $num-- ) { -
webinar-ignition/tags/4.00.0-rc.7/inc/schedule_email_live_fn.php
r3207791 r3210120 44 44 $list = $wpdb->get_results( 45 45 $wpdb->prepare( 46 "SELECT * FROM % iWHERE app_id = %s",46 "SELECT * FROM %s WHERE app_id = %s", 47 47 $table_db_name, 48 48 $ID … … 123 123 $leads = $wpdb->get_results( 124 124 $wpdb->prepare( 125 "SELECT * FROM % iWHERE app_id = %d",125 "SELECT * FROM %s WHERE app_id = %d", 126 126 $table_db_name, 127 127 $results->id -
webinar-ignition/tags/4.00.0-rc.7/inc/schedule_notifications.php
r3207791 r3210120 13 13 // ----------------------------------------------------------------------------------- 14 14 $rpl = array( 'new' => 'live' ); // replace string values 15 $qry = $wpdb->prepare( 'SELECT id, camtype FROM %i', $wpdb->prefix . 'webinarignition' ); // query string 16 $lst = $wpdb->get_results( $qry ); // job list 15 $lst = $wpdb->get_results( $wpdb->prepare( 'SELECT id, camtype FROM %s', $wpdb->prefix . 'webinarignition' ) ); // job list 17 16 $cmp = null; // campaign 18 17 -
webinar-ignition/tags/4.00.0-rc.7/inc/wi-frontend-functions.php
r3207791 r3210120 220 220 $statusCheck->name = ''; 221 221 if ( ('free' === $statusCheck->switch || empty( $statusCheck->switch )) && isset( $_REQUEST['lid'] ) ) { 222 $lead_id = sanitize_text_field( $_REQUEST['lid']);222 $lead_id = sanitize_text_field( wp_unslash( $_REQUEST['lid'] ) ); 223 223 $watch_time = get_option( 'wi_lead_watch_time_' . $lead_id, true ); 224 224 if ( 'ultimate_powerup_tier1a' === $statusCheck->name ) { … … 379 379 $statusCheck->name = ''; 380 380 if ( ('free' === $statusCheck->switch || 'ultimate_powerup_tier1a' === $statusCheck->name || empty( $statusCheck->switch )) && isset( $_REQUEST['lid'] ) ) { 381 $lead_id = sanitize_text_field( $_REQUEST['lid']);381 $lead_id = sanitize_text_field( wp_unslash( $_REQUEST['lid'] ) ); 382 382 if ( isset( $_COOKIE["videoResumeTime-{$lead_id}"] ) ) { 383 383 $watch_time = ceil( sanitize_text_field( wp_unslash( $_COOKIE["videoResumeTime-{$lead_id}"] ) ) ); … … 2252 2252 } 2253 2253 $time = ( 'AUTO' === $webinar_data->webinar_date ? $livedate[1] : $webinar_data->webinar_start_time ); 2254 $time = date( 'H:i', strtotime( $time ) );2254 $time = gmdate( 'H:i', strtotime( $time ) ); 2255 2255 $ex_time = explode( ':', $time ); 2256 2256 $ex_hr = $ex_time[0]; … … 2470 2470 $table_db_name = $wpdb->prefix . 'webinarignition_questions'; 2471 2471 // Secure the query for selecting questions with status 'live' or 'done' 2472 $ query =$wpdb->prepare(2472 $results = $wpdb->get_results( $wpdb->prepare( 2473 2473 "SELECT * FROM {$table_db_name} WHERE app_id = %s AND status IN (%s, %s)", 2474 2474 $webinar_id, 2475 2475 'live', 2476 2476 'done' 2477 ); 2478 $results = $wpdb->get_results( $query, OBJECT ); 2477 ), OBJECT ); 2479 2478 // Secure the query for selecting answers 2480 $answers_query = $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %s AND status = %s", $webinar_id, 'answer' ); 2481 $answers = $wpdb->get_results( $answers_query, OBJECT ); 2479 $answers = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$table_db_name} WHERE app_id = %s AND status = %s", $webinar_id, 'answer' ), OBJECT ); 2482 2480 $answers_by_qid = array(); 2483 2481 if ( !empty( $answers ) ) { -
webinar-ignition/tags/4.00.0-rc.7/inc/wi-frontend-templates-functions.php
r3207791 r3210120 45 45 return $html; 46 46 } 47 echo $html;47 echo wp_kses_post( $html ); 48 48 //phpcs:ignore 49 49 } … … 60 60 return $html; 61 61 } 62 echo $html;62 echo wp_kses_post( $html ); 63 63 //phpcs:ignore 64 64 } … … 79 79 return $html; 80 80 } 81 echo $html;81 echo wp_kses_post( $html ); 82 82 //phpcs:ignore 83 83 } … … 167 167 return $html; 168 168 } 169 echo $html;169 echo wp_kses_post( $html ); 170 170 //phpcs:ignore 171 171 } … … 219 219 return $html; 220 220 } 221 echo $html;221 echo wp_kses_post( $html ); 222 222 //phpcs:ignore 223 223 } … … 237 237 return $html; 238 238 } 239 echo $html;239 echo wp_kses_post( $html ); 240 240 //phpcs:ignore 241 241 } … … 269 269 wp_enqueue_style( 'webinarignition_video_css' ); 270 270 wp_enqueue_script( 'webinarignition_video_js' ); 271 $btn_color = ( isset( $webinar_data->lp_optin_btn_color ) && $webinar_data->lp_optin_btn_color !== '' ? $webinar_data->lp_optin_btn_color : '#74BB00' ); 272 $color_array = webinarignition_btn_color( $btn_color ); 273 $hover_color = $color_array['hover_color']; 274 $text_color = $color_array['text_color']; 271 275 ?> 272 276 … … 308 312 z-index: 9999; 309 313 cursor: pointer; 314 } 315 316 #wi_ctaVideo .wi_arrow_button { 317 background-color: <?php 318 echo esc_attr( $btn_color ); 319 ?>; 320 color: <?php 321 echo esc_attr( $text_color ); 322 ?>; 323 } 324 #wi_ctaVideo .wi_arrow_button:hover { 325 background-color: <?php 326 echo esc_attr( $hover_color ); 327 ?>; 328 color: <?php 329 echo esc_attr( $text_color ); 330 ?>; 310 331 } 311 332 </style> … … 344 365 return $html; 345 366 } 346 echo $html;367 echo wp_kses_post( $html ); 347 368 //phpcs:ignore 348 369 } … … 356 377 return $html; 357 378 } 358 echo $html;379 echo wp_kses_post( $html ); 359 380 //phpcs:ignore 360 381 } … … 367 388 return $html; 368 389 } 369 echo $html;390 echo wp_kses_post( $html ); 370 391 //phpcs:ignore 371 392 } … … 392 413 return $html; 393 414 } 394 echo $html;415 echo wp_kses_post( $html ); 395 416 //phpcs:ignore 396 417 } … … 413 434 } 414 435 } 415 echo $html;436 echo wp_kses_post( $html ); 416 437 //phpcs:ignore 417 438 } … … 424 445 return $html; 425 446 } 426 echo $html;447 echo wp_kses_post( $html ); 427 448 //phpcs:ignore 428 449 } … … 435 456 return $html; 436 457 } 437 echo $html;458 echo wp_kses_post( $html ); 438 459 //phpcs:ignore 439 460 } … … 446 467 return $html; 447 468 } 448 echo $html;469 echo wp_kses_post( $html ); 449 470 //phpcs:ignore 450 471 } … … 479 500 return $html; 480 501 } 481 echo $html;502 echo wp_kses_post( $html ); 482 503 //phpcs:ignore 483 504 } … … 513 534 return $html; 514 535 } 515 echo $html;536 echo wp_kses_post( $html ); 516 537 //phpcs:ignore 517 538 } … … 535 556 return $html; 536 557 } 537 echo $html;558 echo wp_kses_post( $html ); 538 559 //phpcs:ignore 539 560 } … … 570 591 return $html; 571 592 } 572 echo $html;593 echo wp_kses_post( $html ); 573 594 //phpcs:ignore 574 595 } … … 582 603 return $html; 583 604 } 584 echo $html;605 echo wp_kses_post( $html ); 585 606 //phpcs:ignore 586 607 } … … 671 692 return $html; 672 693 } 673 echo $html;694 echo wp_kses_post( $html ); 674 695 //phpcs:ignore 675 696 } … … 686 707 return $html; 687 708 } 688 echo $html;709 echo wp_kses_post( $html ); 689 710 //phpcs:ignore 690 711 } … … 697 718 return $html; 698 719 } 699 echo $html;720 echo wp_kses_post( $html ); 700 721 //phpcs:ignore 701 722 } … … 711 732 return $html; 712 733 } 713 echo $html;734 echo wp_kses_post( $html ); 714 735 //phpcs:ignore 715 736 } … … 742 763 return $html; 743 764 } 744 echo $html;765 echo wp_kses_post( $html ); 745 766 //phpcs:ignore 746 767 } … … 757 778 return $html; 758 779 } 759 echo $html;780 echo wp_kses_post( $html ); 760 781 //phpcs:ignore 761 782 } … … 797 818 return $html; 798 819 } 799 echo $html;820 echo wp_kses_post( $html ); 800 821 //phpcs:ignore 801 822 } … … 842 863 return $html; 843 864 } 844 echo $html;865 echo wp_kses_post( $html ); 845 866 //phpcs:ignore 846 867 } … … 868 889 return $html; 869 890 } 870 echo $html;891 echo wp_kses_post( $html ); 871 892 //phpcs:ignore 872 893 } … … 882 903 return $html; 883 904 } 884 echo $html;905 echo wp_kses_post( $html ); 885 906 //phpcs:ignore 886 907 } … … 893 914 return $html; 894 915 } 895 echo $html;916 echo wp_kses_post( $html ); 896 917 //phpcs:ignore 897 918 } … … 904 925 return $html; 905 926 } 906 echo $html;927 echo wp_kses_post( $html ); 907 928 //phpcs:ignore 908 929 } … … 915 936 return $html; 916 937 } 917 echo $html;938 echo wp_kses_post( $html ); 918 939 //phpcs:ignore 919 940 } … … 938 959 return $html; 939 960 } 940 echo $html;961 echo wp_kses_post( $html ); 941 962 //phpcs:ignore 942 963 } … … 957 978 return $html; 958 979 } 959 echo $html;980 echo wp_kses_post( $html ); 960 981 //phpcs:ignore 961 982 } … … 977 998 return $html; 978 999 } 979 echo $html;1000 echo wp_kses_post( $html ); 980 1001 //phpcs:ignore 981 1002 } … … 998 1019 return $html; 999 1020 } 1000 echo $html;1021 echo wp_kses_post( $html ); 1001 1022 //phpcs:ignore 1002 1023 } … … 1009 1030 return $html; 1010 1031 } 1011 echo $html;1032 echo wp_kses_post( $html ); 1012 1033 //phpcs:ignore 1013 1034 } … … 1020 1041 return $html; 1021 1042 } 1022 echo $html;1043 echo wp_kses_post( $html ); 1023 1044 //phpcs:ignore 1024 1045 } … … 1031 1052 return $html; 1032 1053 } 1033 echo $html;1054 echo wp_kses_post( $html ); 1034 1055 //phpcs:ignore 1035 1056 } … … 1042 1063 return $html; 1043 1064 } 1044 echo $html;1065 echo wp_kses_post( $html ); 1045 1066 //phpcs:ignore 1046 1067 } … … 1053 1074 return $html; 1054 1075 } 1055 echo $html;1076 echo wp_kses_post( $html ); 1056 1077 //phpcs:ignore 1057 1078 } … … 1064 1085 return $html; 1065 1086 } 1066 echo $html;1087 echo wp_kses_post( $html ); 1067 1088 //phpcs:ignore 1068 1089 } … … 1079 1100 return $html; 1080 1101 } 1081 echo $html;1102 echo wp_kses_post( $html ); 1082 1103 //phpcs:ignore 1083 1104 } … … 1094 1115 return $html; 1095 1116 } 1096 echo $html;1117 echo wp_kses_post( $html ); 1097 1118 //phpcs:ignore 1098 1119 } … … 1203 1224 return $html; 1204 1225 } 1205 echo $html;1226 echo wp_kses_post( $html ); 1206 1227 //phpcs:ignore 1207 1228 } … … 1214 1235 return $html; 1215 1236 } 1216 echo $html;1237 echo wp_kses_post( $html ); 1217 1238 //phpcs:ignore 1218 1239 } … … 1228 1249 return $html; 1229 1250 } 1230 echo $html;1251 echo wp_kses_post( $html ); 1231 1252 //phpcs:ignore 1232 1253 } … … 1239 1260 return $html; 1240 1261 } 1241 echo $html;1262 echo wp_kses_post( $html ); 1242 1263 //phpcs:ignore 1243 1264 } … … 1275 1296 return $html; 1276 1297 } 1277 echo $html;1298 echo wp_kses_post( $html ); 1278 1299 //phpcs:ignore 1279 1300 } … … 1286 1307 return $html; 1287 1308 } 1288 echo $html;1309 echo wp_kses_post( $html ); 1289 1310 //phpcs:ignore 1290 1311 } … … 1297 1318 return $html; 1298 1319 } 1299 echo $html;1320 echo wp_kses_post( $html ); 1300 1321 //phpcs:ignore 1301 1322 } … … 1308 1329 return $html; 1309 1330 } 1310 echo $html;1331 echo wp_kses_post( $html ); 1311 1332 //phpcs:ignore 1312 1333 } … … 1319 1340 return $html; 1320 1341 } 1321 echo $html;1342 echo wp_kses_post( $html ); 1322 1343 //phpcs:ignore 1323 1344 } … … 1330 1351 return $html; 1331 1352 } 1332 echo $html;1353 echo wp_kses_post( $html ); 1333 1354 //phpcs:ignore 1334 1355 } … … 1366 1387 return $html; 1367 1388 } 1368 echo $html;1389 echo wp_kses_post( $html ); 1369 1390 //phpcs:ignore 1370 1391 } … … 1407 1428 return $html; 1408 1429 } 1409 echo $html;1430 echo wp_kses_post( $html ); 1410 1431 //phpcs:ignore 1411 1432 } … … 1420 1441 return $html; 1421 1442 } 1422 echo $html;1443 echo wp_kses_post( $html ); 1423 1444 //phpcs:ignore 1424 1445 } … … 1433 1454 return $html; 1434 1455 } 1435 echo $html;1456 echo wp_kses_post( $html ); 1436 1457 //phpcs:ignore 1437 1458 } … … 1446 1467 return do_shortcode( $html ); 1447 1468 } 1448 echo $html;1469 echo wp_kses_post( $html ); 1449 1470 //phpcs:ignore 1450 1471 } … … 1458 1479 echo '<div class="webinar_video_cta_sidebar_combine">'; 1459 1480 if ( function_exists( 'webinarignition_display_replay_page' ) ) { 1460 echo w ebinarignition_display_replay_page( $webinar_data, $webinar_data->id);1481 echo wp_kses_post( webinarignition_display_replay_page( $webinar_data, $webinar_data->id ) ); 1461 1482 //phpcs:ignore 1462 1483 } … … 1472 1493 return $html; 1473 1494 } 1474 echo $html;1495 echo wp_kses_post( $html ); 1475 1496 //phpcs:ignore 1476 1497 } … … 1483 1504 return $html; 1484 1505 } 1485 echo $html;1506 echo wp_kses_post( $html ); 1486 1507 //phpcs:ignore 1487 1508 } … … 1494 1515 return $html; 1495 1516 } 1496 echo $html;1517 echo wp_kses_post( $html ); 1497 1518 //phpcs:ignore 1498 1519 } … … 1505 1526 return $html; 1506 1527 } 1507 echo $html;1528 echo wp_kses_post( $html ); 1508 1529 //phpcs:ignore 1509 1530 } … … 1516 1537 return $html; 1517 1538 } 1518 echo $html;1539 echo wp_kses_post( $html ); 1519 1540 //phpcs:ignore 1520 1541 } … … 1527 1548 return $html; 1528 1549 } 1529 echo $html;1550 echo wp_kses_post( $html ); 1530 1551 //phpcs:ignore 1531 1552 } -
webinar-ignition/tags/4.00.0-rc.7/readme.txt
r3207791 r3210120 436 436 == Changelog == 437 437 438 = 4.00.0-rc.7 2024.12.1 3=439 440 * Meet the WP Plugins requirements 438 = 4.00.0-rc.7 2024.12.18 = 439 440 * Meet the WP Plugins requirements by solving all real PCP ERRORs 441 441 442 442 = 4.00.0-rc.6 2024.11.25 = -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Auth/AssertionCredentials.php
r3207791 r3210120 122 122 123 123 $segments = array( 124 Google_Utils::urlSafeB64Encode( json_encode($header)),125 Google_Utils::urlSafeB64Encode( json_encode($payload))124 Google_Utils::urlSafeB64Encode(wp_json_encode($header)), 125 Google_Utils::urlSafeB64Encode(wp_json_encode($payload)) 126 126 ); 127 127 -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Auth/OAuth2.php
r3207791 r3210120 127 127 sprintf( 128 128 "Error fetching OAuth2 access token, message: '%s'", 129 $decodedResponse129 esc_html($decodedResponse) 130 130 ), 131 $response->getResponseHttpCode()131 esc_html($response->getResponseHttpCode()) 132 132 ); 133 133 } … … 184 184 public function getAccessToken() 185 185 { 186 return json_encode($this->token);186 return wp_json_encode($this->token); 187 187 } 188 188 … … 327 327 $this->token['created'] = time(); 328 328 } else { 329 throw new Google_Auth_Exception("Error refreshing the OAuth2 token, message: ' $body'", $code);329 throw new Google_Auth_Exception("Error refreshing the OAuth2 token, message: '".esc_html($body)."'", esc_html($code)); 330 330 } 331 331 } … … 393 393 */ 394 394 public function retrieveCertsFromLocation($url) 395 { 396 // If we're retrieving a local file, just grab it. 397 if ("http" != substr($url, 0, 4)) { 398 $file = file_get_contents($url); 399 if ($file) { 400 return json_decode($file, true); 401 } else { 402 throw new Google_Auth_Exception( 403 "Failed to retrieve verification certificates: '" . 404 $url . "'." 405 ); 406 } 407 } 408 409 // This relies on makeRequest caching certificate responses. 410 $request = $this->client->getIo()->makeRequest( 411 new Google_Http_Request( 412 $url 413 ) 414 ); 415 if ($request->getResponseHttpCode() == 200) { 416 $certs = json_decode($request->getResponseBody(), true); 417 if ($certs) { 418 return $certs; 419 } 420 } 421 throw new Google_Auth_Exception( 422 "Failed to retrieve verification certificates: '" . 423 $request->getResponseBody() . "'.", 424 $request->getResponseHttpCode() 425 ); 426 } 395 { 396 // Initialize the WordPress filesystem. 397 global $wp_filesystem; 398 require_once(ABSPATH . 'wp-admin/includes/file.php'); 399 WP_Filesystem(); 400 401 // Check if it's a local file path or a URL 402 if ("http" != substr($url, 0, 4)) { 403 $file = $wp_filesystem->get_contents($url); 404 if ($file) { 405 return json_decode($file, true); 406 } else { 407 throw new Google_Auth_Exception( 408 "Failed to retrieve verification certificates from local file: '" . 409 esc_html($url) . "'." 410 ); 411 } 412 } 413 414 // For HTTP URLs, use the WordPress HTTP API 415 $response = wp_remote_get($url); 416 if (is_wp_error($response)) { 417 throw new Google_Auth_Exception( 418 "Failed to retrieve verification certificates: '" . 419 esc_html($url) . "' due to an error: " . esc_html($response->get_error_message()) 420 ); 421 } 422 423 if (wp_remote_retrieve_response_code($response) == 200) { 424 $body = wp_remote_retrieve_body($response); 425 $certs = json_decode($body, true); 426 if ($certs) { 427 return $certs; 428 } 429 } 430 431 throw new Google_Auth_Exception( 432 "Failed to retrieve verification certificates: '" . 433 esc_html($body) . "'.", 434 esc_html(wp_remote_retrieve_response_code($response)) 435 ); 436 } 437 438 427 439 428 440 /** … … 473 485 $segments = explode(".", $jwt); 474 486 if (count($segments) != 3) { 475 throw new Google_Auth_Exception("Wrong number of segments in token: $jwt");487 throw new Google_Auth_Exception("Wrong number of segments in token: ".esc_html($jwt)); 476 488 } 477 489 $signed = $segments[0] . "." . $segments[1]; … … 481 493 $envelope = json_decode(Google_Utils::urlSafeB64Decode($segments[0]), true); 482 494 if (!$envelope) { 483 throw new Google_Auth_Exception("Can't parse token envelope: " . $segments[0]);495 throw new Google_Auth_Exception("Can't parse token envelope: " . esc_html($segments[0])); 484 496 } 485 497 … … 488 500 $payload = json_decode($json_body, true); 489 501 if (!$payload) { 490 throw new Google_Auth_Exception("Can't parse token payload: " . $segments[1]);502 throw new Google_Auth_Exception("Can't parse token payload: " . esc_html($segments[1])); 491 503 } 492 504 … … 502 514 503 515 if (!$verified) { 504 throw new Google_Auth_Exception("Invalid token signature: $jwt");516 throw new Google_Auth_Exception("Invalid token signature: ". esc_html($jwt)); 505 517 } 506 518 … … 511 523 } 512 524 if (!$iat) { 513 throw new Google_Auth_Exception("No issue time in token: $json_body");525 throw new Google_Auth_Exception("No issue time in token: ".esc_html($json_body)); 514 526 } 515 527 $earliest = $iat - self::CLOCK_SKEW_SECS; … … 522 534 } 523 535 if (!$exp) { 524 throw new Google_Auth_Exception("No expiration time in token: $json_body");536 throw new Google_Auth_Exception("No expiration time in token: ".esc_html($json_body)); 525 537 } 526 538 if ($exp >= $now + $max_expiry) { 527 539 throw new Google_Auth_Exception( 528 sprintf("Expiration time too far in future: %s", $json_body)540 sprintf("Expiration time too far in future: %s", esc_html($json_body)) 529 541 ); 530 542 } … … 535 547 sprintf( 536 548 "Token used too early, %s < %s: %s", 537 $now,538 $earliest,539 $json_body549 esc_html($now), 550 esc_html($earliest), 551 esc_html($json_body) 540 552 ) 541 553 ); … … 545 557 sprintf( 546 558 "Token used too late, %s > %s: %s", 547 $now,548 $latest,549 $json_body559 esc_html($now), 560 esc_html($latest), 561 esc_html($json_body) 550 562 ) 551 563 ); … … 557 569 sprintf( 558 570 "Invalid issuer, %s != %s: %s", 559 $iss,560 $issuer,561 $json_body571 esc_html($iss), 572 esc_html($issuer), 573 esc_html($json_body) 562 574 ) 563 575 ); … … 570 582 sprintf( 571 583 "Wrong recipient, %s != %s:", 572 $aud,573 $required_audience,574 $json_body584 esc_html($aud), 585 esc_html($required_audience), 586 esc_html($json_body) 575 587 ) 576 588 ); -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Cache/File.php
r3207791 r3210120 40 40 } 41 41 42 public function get($key, $expiration = false) 43 { 42 public function get($key, $expiration = false) { 43 // Include the WordPress Filesystem API 44 if (!function_exists('request_filesystem_credentials')) { 45 require_once(ABSPATH . 'wp-admin/includes/file.php'); 46 } 47 WP_Filesystem(); 48 global $wp_filesystem; 49 50 // Determine the cache file path 44 51 $storageFile = $this->getCacheFile($key); 45 52 $data = false; 46 47 if (!file_exists($storageFile)) { 48 return false; 53 54 // Check if the file exists 55 if (!$wp_filesystem->exists($storageFile)) { 56 return false; 49 57 } 50 58 59 // Handle expiration logic 51 60 if ($expiration) { 52 $mtime = filemtime($storageFile); 53 if (($now - $mtime) >= $expiration) { 54 $this->delete($key); 55 return false; 56 } 61 $mtime = $wp_filesystem->mtime($storageFile); 62 $now = time(); 63 if (($now - $mtime) >= $expiration) { 64 $this->delete($key); // Ensure this method uses WP_Filesystem as well 65 return false; 66 } 57 67 } 58 68 69 // Read data if possible 59 70 if ($this->acquireReadLock($storageFile)) { 60 $data = fread($this->fh, filesize($storageFile));61 $data =maybe_unserialize($data);62 $this->unlock($storageFile);71 $data = $wp_filesystem->get_contents($storageFile); 72 $data = maybe_unserialize($data); 73 $this->unlock($storageFile); 63 74 } 64 75 65 76 return $data; 66 77 } 67 78 68 public function set($key, $value) 69 { 79 80 public function set($key, $value) 81 { 82 global $wp_filesystem; 83 84 // Initialize the WordPress filesystem, ABSPATH should be passed to the filesystem method 85 if (empty($wp_filesystem)) { 86 require_once(ABSPATH . '/wp-admin/includes/file.php'); 87 WP_Filesystem(); 88 } 89 70 90 $storageFile = $this->getWriteableCacheFile($key); 71 91 if ($this->acquireWriteLock($storageFile)) { 72 // We serialize the whole request object, since we don't only want the 73 // responseContent but also the postBody used, headers, size, etc. 74 $data = serialize($value); 75 $result = fwrite($this->fh, $data); 76 $this->unlock($storageFile); 92 // Serialize the whole request object 93 $data = serialize($value); 94 95 // Use the WP_Filesystem to write data 96 $result = $wp_filesystem->put_contents( 97 $storageFile, 98 $data, 99 FS_CHMOD_FILE // predefined file permissions 100 ); 101 102 $this->unlock($storageFile); 77 103 } 78 104 } 79 105 80 public function delete($key) 81 { 106 107 public function delete($key) 108 { 82 109 $file = $this->getCacheFile($key); 83 if (file_exists($file) && !unlink($file)) { 84 throw new Google_Cache_Exception("Cache file could not be deleted"); 110 111 if (file_exists($file)) { 112 // Use WordPress's wp_delete_file() function to delete the file 113 if (!wp_delete_file($file)) { 114 throw new Google_Cache_Exception("Cache file could not be deleted"); 115 } 85 116 } 86 117 } 87 118 88 119 private function getWriteableCacheFile($file) … … 97 128 98 129 private function getCacheDir($file, $forWrite) 99 { 100 // use the first 2 characters of the hash as a directory prefix 101 // this should prevent slowdowns due to huge directory listings 102 // and thus give some basic amount of scalability 130 { 131 global $wp_filesystem; 132 133 // Initialize the WordPress filesystem, if not already. 134 if (empty($wp_filesystem)) { 135 require_once(ABSPATH . 'wp-admin/includes/file.php'); 136 WP_Filesystem(); 137 } 138 139 // Use the first 2 characters of the hash as a directory prefix 103 140 $storageDir = $this->path . '/' . substr(md5($file), 0, 2); 104 if ($forWrite && ! is_dir($storageDir)) { 105 if (! mkdir($storageDir, 0755, true)) { 106 throw new Google_Cache_Exception("Could not create storage directory: $storageDir"); 107 } 141 142 if ($forWrite && ! $wp_filesystem->is_dir($storageDir)) { 143 if (! $wp_filesystem->mkdir($storageDir, 0755)) { 144 throw new Google_Cache_Exception("Could not create storage directory: " . esc_html($storageDir)); 145 } 108 146 } 147 109 148 return $storageDir; 110 } 149 } 150 111 151 112 152 private function acquireReadLock($storageFile) … … 125 165 126 166 private function acquireLock($type, $storageFile) 127 { 128 $mode = $type == LOCK_EX ? "w" : "r"; 129 $this->fh = fopen($storageFile, $mode); 167 { 168 $lockKey = 'lock_' . md5($storageFile); 130 169 $count = 0; 131 while (!flock($this->fh, $type | LOCK_NB)) { 132 // Sleep for 10ms. 133 usleep(10000); 134 if (++$count < self::MAX_LOCK_RETRIES) { 135 return false; 136 } 170 $lock = get_transient($lockKey); 171 172 // Attempt to acquire lock 173 while ($lock !== false) { 174 usleep(10000); // Sleep for 10ms 175 if (++$count >= self::MAX_LOCK_RETRIES) { 176 return false; // Fail to acquire lock after max retries 177 } 178 $lock = get_transient($lockKey); 137 179 } 180 181 // Set the lock, expire after 1 minute to avoid deadlocks 182 set_transient($lockKey, true, MINUTE_IN_SECONDS); 138 183 return true; 139 } 184 } 185 186 private function releaseLock($storageFile) 187 { 188 $lockKey = 'lock_' . md5($storageFile); 189 delete_transient($lockKey); 190 } 191 140 192 141 193 public function unlock($storageFile) -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Client.php
r3207791 r3210120 166 166 public function setAuthConfigFile($file) 167 167 { 168 $this->setAuthConfig(file_get_contents($file)); 168 $response = wp_remote_get($file); 169 // If the request was successful, extract the body of the response 170 $body = wp_remote_retrieve_body($response); 171 $this->setAuthConfig($body); 172 169 173 } 170 174 … … 605 609 606 610 return (isset($_SERVER['SERVER_SOFTWARE']) && 607 strpos( $_SERVER['SERVER_SOFTWARE'], 'Google App Engine') !== false);611 strpos(esc_html(wp_unslash($_SERVER['SERVER_SOFTWARE'])), 'Google App Engine') !== false); 608 612 } 609 613 } -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Http/Batch.php
r3207791 r3210120 45 45 $this->base_path = $this->client->getBasePath(); 46 46 $this->expected_classes = array(); 47 $boundary = (false == $boundary) ? mt_rand() : $boundary;47 $boundary = (false == $boundary) ? wp_rand() : $boundary; 48 48 $this->boundary = str_replace('"', '', $boundary); 49 49 } … … 52 52 { 53 53 if (false == $key) { 54 $key = mt_rand();54 $key = wp_rand(); 55 55 } 56 56 -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Http/MediaFileUpload.php
r3207791 r3210120 212 212 if (self::UPLOAD_RESUMABLE_TYPE == $uploadType) { 213 213 $contentType = $mimeType; 214 $postBody = is_string($meta) ? $meta : json_encode($meta);214 $postBody = is_string($meta) ? $meta : wp_json_encode($meta); 215 215 } else if (self::UPLOAD_MEDIA_TYPE == $uploadType) { 216 216 $contentType = $mimeType; … … 218 218 } else if (self::UPLOAD_MULTIPART_TYPE == $uploadType) { 219 219 // This is a multipart/related upload. 220 $boundary = $this->boundary ? $this->boundary : mt_rand();220 $boundary = $this->boundary ? $this->boundary : wp_rand(); 221 221 $boundary = str_replace('"', '', $boundary); 222 222 $contentType = 'multipart/related; boundary=' . $boundary; 223 223 $related = "--$boundary\r\n"; 224 224 $related .= "Content-Type: application/json; charset=UTF-8\r\n"; 225 $related .= "\r\n" . json_encode($meta) . "\r\n";225 $related .= "\r\n" . wp_json_encode($meta) . "\r\n"; 226 226 $related .= "--$boundary\r\n"; 227 227 $related .= "Content-Type: $mimeType\r\n"; -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Http/REST.php
r3207791 r3210120 81 81 } 82 82 83 throw new Google_Service_Exception( $err, $code, null, $errors);83 throw new Google_Service_Exception(esc_html($err), esc_attr($code), null, esc_html($errors)); 84 84 } 85 85 … … 88 88 $decoded = json_decode($body, true); 89 89 if ($decoded === null || $decoded === "") { 90 throw new Google_Service_Exception("Invalid json in service response: $body");90 throw new Google_Service_Exception("Invalid json in service response: ".esc_html($body)); 91 91 } 92 92 -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Http/Request.php
r3207791 r3210120 283 283 } 284 284 } 285 $parts = parse_url($url);285 $parts = wp_parse_url($url); 286 286 if (isset($parts['host'])) { 287 287 $this->baseComponent = sprintf( … … 390 390 { 391 391 $str = ''; 392 $path = parse_url($this->getUrl(), PHP_URL_PATH) . "?" .392 $path = wp_parse_url($this->getUrl(), PHP_URL_PATH) . "?" . 393 393 http_build_query($this->queryParams); 394 394 $str .= $this->getRequestMethod() . ' ' . $path . " HTTP/1.1\n"; -
webinar-ignition/tags/4.00.0-rc.7/services/Google/IO/Abstract.php
r3207791 r3210120 126 126 127 127 if (!isset($responseHeaders['Date']) && !isset($responseHeaders['date'])) { 128 $responseHeaders['Date'] = date("r");128 $responseHeaders['Date'] = gmdate("r"); 129 129 } 130 130 -
webinar-ignition/tags/4.00.0-rc.7/services/Google/IO/Curl.php
r3207791 r3210120 61 61 // Check for errors 62 62 if (is_wp_error($response)) { 63 throw new Google_IO_Exception( $response->get_error_message());63 throw new Google_IO_Exception(esc_html($response->get_error_message())); 64 64 } 65 65 -
webinar-ignition/tags/4.00.0-rc.7/services/Google/IO/Stream.php
r3207791 r3210120 50 50 */ 51 51 public function executeRequest(Google_Http_Request $request) 52 { 53 $default_options = stream_context_get_options(stream_context_get_default()); 52 { 53 $args = array( 54 'method' => $request->getRequestMethod(), 55 'user-agent'=> $request->getUserAgent(), 56 'timeout' => isset($this->options[self::TIMEOUT]) ? $this->options[self::TIMEOUT] : 45, 57 'headers' => $request->getRequestHeaders(), 58 'sslverify' => true, // Enable SSL verification 59 ); 54 60 55 $requestHttpContext = array_key_exists('http', $default_options) ? 56 $default_options['http'] : array(); 57 61 // Check if there's a body to send with the request 58 62 if ($request->getPostBody()) { 59 $requestHttpContext["content"] = $request->getPostBody();63 $args['body'] = $request->getPostBody(); 60 64 } 61 65 62 $requestHeaders = $request->getRequestHeaders();63 if ($requestHeaders && is_array($requestHeaders)) {64 $headers = "";65 foreach ($requestHeaders as $k => $v) {66 $ headers .= "$k: $v\r\n";67 }68 $requestHttpContext["header"] = $headers;66 // Add custom CA certificate location if it's set in SSL context 67 $default_options = stream_context_get_options(stream_context_get_default()); 68 $requestSslContext = array_key_exists('ssl', $default_options) ? $default_options['ssl'] : array(); 69 if (!array_key_exists("cafile", $requestSslContext)) { 70 $args['sslcertificates'] = dirname(__FILE__) . '/cacerts.pem'; 71 } else { 72 $args['sslcertificates'] = $requestSslContext['cafile']; 69 73 } 70 74 71 $requestHttpContext["method"] = $request->getRequestMethod(); 72 $requestHttpContext["user_agent"] = $request->getUserAgent(); 73 74 $requestSslContext = array_key_exists('ssl', $default_options) ? 75 $default_options['ssl'] : array(); 76 77 if (!array_key_exists("cafile", $requestSslContext)) { 78 $requestSslContext["cafile"] = dirname(__FILE__) . '/cacerts.pem'; 75 // Adjust URL if necessary 76 $url = $request->getUrl(); 77 if ($request->canGzip()) { 78 $url = self::ZLIB . $url; // Note: You need to handle gzip decompression if necessary 79 79 } 80 80 81 $options = array( 82 "http" => array_merge( 83 self::$DEFAULT_HTTP_CONTEXT, 84 $requestHttpContext 85 ), 86 "ssl" => array_merge( 87 self::$DEFAULT_SSL_CONTEXT, 88 $requestSslContext 89 ) 90 ); 81 // Make the request 82 $response = wp_remote_request($url, $args); 91 83 92 $context = stream_context_create($options); 93 94 $url = $request->getUrl(); 95 96 if ($request->canGzip()) { 97 $url = self::ZLIB . $url; 84 // Check for WP_Error 85 if (is_wp_error($response)) { 86 throw new Google_IO_Exception( 87 sprintf( 88 "HTTP Error: Unable to connect: '%s'", 89 esc_html($response->get_error_message()) 90 ), 91 esc_html(wp_remote_retrieve_response_code($response)) 92 ); 98 93 } 99 94 100 // Not entirely happy about this, but supressing the warning from the 101 // fopen seems like the best situation here - we can't do anything 102 // useful with it, and failure to connect is a legitimate run 103 // time situation. 104 @$fh = fopen($url, 'r', false, $context); 105 106 $response_data = false; 107 $respHttpCode = self::UNKNOWN_CODE; 108 if ($fh) { 109 if (isset($this->options[self::TIMEOUT])) { 110 stream_set_timeout($fh, $this->options[self::TIMEOUT]); 111 } 112 113 $response_data = stream_get_contents($fh); 114 fclose($fh); 115 116 $respHttpCode = $this->getHttpResponseCode($http_response_header); 117 } 118 119 if (false === $response_data) { 120 throw new Google_IO_Exception( 121 sprintf( 122 "HTTP Error: Unable to connect: '%s'", 123 $respHttpCode 124 ), 125 $respHttpCode 126 ); 127 } 128 129 $responseHeaders = $this->getHttpResponseHeaders($http_response_header); 95 $respHttpCode = wp_remote_retrieve_response_code($response); 96 $response_data = wp_remote_retrieve_body($response); 97 $responseHeaders = wp_remote_retrieve_headers($response)->getAll(); 130 98 131 99 return array($response_data, $responseHeaders, $respHttpCode); 132 } 100 } 101 133 102 134 103 /** -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Model.php
r3207791 r3210120 199 199 if ($obj && !is_array($obj)) { 200 200 throw new Google_Exception( 201 "Incorrect parameter type passed to $method(). Expected an array."201 "Incorrect parameter type passed to ".esc_attr($method)."(). Expected an array." 202 202 ); 203 203 } -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Service/Resource.php
r3207791 r3210120 90 90 throw new Google_Exception( 91 91 "Unknown function: " . 92 "{ $this->serviceName}->{$this->resourceName}->{$name}()"92 "{".esc_html($this->serviceName)."}->{".esc_html($this->resourceName)."}->{".esc_html($name)."}()" 93 93 ); 94 94 } … … 111 111 $this->convertToArrayAndStripNulls($parameters['postBody']); 112 112 } 113 $postBody = json_encode($parameters['postBody']);113 $postBody = wp_json_encode($parameters['postBody']); 114 114 unset($parameters['postBody']); 115 115 } … … 133 133 foreach ($parameters as $key => $val) { 134 134 if ($key != 'postBody' && ! isset($method['parameters'][$key])) { 135 throw new Google_Exception("( $name) unknown parameter: '$key'");135 throw new Google_Exception("(".esc_attr($name).") unknown parameter: '".esc_attr($key)."'"); 136 136 } 137 137 } … … 142 142 ! isset($parameters[$paramName]) 143 143 ) { 144 throw new Google_Exception("( $name) missing required param: '$paramName'");144 throw new Google_Exception("(".esc_attr($name).") missing required param: '".esc_attr($paramName)."'"); 145 145 } 146 146 if (isset($parameters[$paramName])) { -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Signer/P12.php
r3207791 r3210120 55 55 "Unable to parse the p12 file. " . 56 56 "Is this a .p12 file? Is the password correct? OpenSSL error: " . 57 openssl_error_string()57 esc_html(openssl_error_string()) 58 58 ); 59 59 } -
webinar-ignition/tags/4.00.0-rc.7/services/Google/Verifier/Pem.php
r3207791 r3210120 45 45 $this->publicKey = ($pem); 46 46 if (!$this->publicKey) { 47 throw new Google_Auth_Exception("Unable to parse PEM: $pem");47 throw new Google_Auth_Exception("Unable to parse PEM: ".esc_html($pem)); 48 48 } 49 49 } … … 63 63 $status = openssl_verify($data, $signature, $this->publicKey, "sha256"); 64 64 if ($status === -1) { 65 throw new Google_Auth_Exception('Signature verification error: ' . openssl_error_string());65 throw new Google_Auth_Exception('Signature verification error: ' . esc_html(openssl_error_string())); 66 66 } 67 67 return $status === 1; -
webinar-ignition/tags/4.00.0-rc.7/templates/emails/html-email-template-preview.php
r3207791 r3210120 21 21 <td> 22 22 <div class="heading-section"> 23 <?php /* Translators: %s is replaced with the user's first name */ ?> 23 24 <p><?php echo sprintf( esc_html__( 'Hi %s.', 'webinar-ignition' ), '{FIRSTNAME}' ); ?></p> 24 25 25 26 <p><?php esc_html_e( '%%INTRO%%', 'webinar-ignition' ); ?></p> 26 27 28 <?php /* Translators: %s is replaced with the date of the webinar */ ?> 27 29 <p><?php echo esc_html( sprintf( __( 'Date: Join us live on %s', 'webinar-ignition' ), '{DATE}' ) ); ?></p> 28 30 31 <?php /* Translators: %s is replaced with the webinar title*/ ?> 29 32 <p><?php echo esc_html( sprintf( __( 'Webinar Topic: %s', 'webinar-ignition' ), '{TITLE}' ) ); ?></p> 30 33 34 <?php /* Translators: %s is replaced with the host's name*/ ?> 31 35 <p><?php echo esc_html( sprintf( __( 'Hosts: %s', 'webinar-ignition' ), '{HOST}' ) ); ?></p> 32 36 -
webinar-ignition/tags/4.00.0-rc.7/webinarignition.php
r3207791 r3210120 3 3 /** 4 4 * Plugin Name: WebinarIgnition 5 * Description: WebinarIgnition is a premium webinar solution that allows you to create, run and manage webinars. Build and fully customize, professional webinar registration, confirmation, live webinar and replay pages with ease.5 * Description: Convert your visitors into customers. Run webinars on your website with your design. With a fully extendable attendee experience inside the webinar. 6 6 * Version: 4.00.0-rc.7 7 7 * Requires at least: 5.0 … … 30 30 } 31 31 if ( !defined( 'WEBINARIGNITION_BRANCH' ) ) { 32 define( 'WEBINARIGNITION_BRANCH', '4.00.0-rc.7 2024.12.1 3https://bitbucket.org/WP-Leads-Plugins/webinarignition/commits/' );32 define( 'WEBINARIGNITION_BRANCH', '4.00.0-rc.7 2024.12.18 https://bitbucket.org/WP-Leads-Plugins/webinarignition/commits/' ); 33 33 } 34 34 if ( !defined( 'WEBINARIGNITION_URL' ) ) { … … 66 66 } 67 67 // Include Freemius SDK. 68 require_once __DIR__ . '/ freemius/start.php';68 require_once __DIR__ . '/vendor/freemius/start.php'; 69 69 $webinarignition_fs = fs_dynamic_init( array( 70 70 'id' => '7606',
Note: See TracChangeset
for help on using the changeset viewer.