Changeset 3421962
- Timestamp:
- 12/17/2025 01:35:25 PM (3 months ago)
- Location:
- reset-customizer
- Files:
-
- 3 edited
- 8 copied
-
tags/1.1.6 (copied) (copied from reset-customizer/trunk)
-
tags/1.1.6/includes (copied) (copied from reset-customizer/trunk/includes)
-
tags/1.1.6/includes/class-rc-common.php (copied) (copied from reset-customizer/trunk/includes/class-rc-common.php) (30 diffs)
-
tags/1.1.6/includes/customize-controls.js (copied) (copied from reset-customizer/trunk/includes/customize-controls.js)
-
tags/1.1.6/js (copied) (copied from reset-customizer/trunk/js)
-
tags/1.1.6/js/customize-controls.js (copied) (copied from reset-customizer/trunk/js/customize-controls.js)
-
tags/1.1.6/readme.txt (copied) (copied from reset-customizer/trunk/readme.txt) (3 diffs)
-
tags/1.1.6/reset-customizer.php (copied) (copied from reset-customizer/trunk/reset-customizer.php) (10 diffs)
-
trunk/includes/class-rc-common.php (modified) (30 diffs)
-
trunk/readme.txt (modified) (3 diffs)
-
trunk/reset-customizer.php (modified) (10 diffs)
Legend:
- Unmodified
- Added
- Removed
-
reset-customizer/tags/1.1.6/includes/class-rc-common.php
r2986678 r3421962 1 1 <?php 2 2 /* 3 * Version: 1. 3.93 * Version: 1.4.4 4 4 */ 5 5 … … 43 43 public static function plugin_text_domain() { 44 44 45 return self::$plugin_text_domain;45 return 'reset-customizer'; 46 46 47 47 } … … 61 61 public static function support_url() { 62 62 63 return 'https://wordpress.org/support/plugin/' . self::$plugin_text_domain. '/';63 return 'https://wordpress.org/support/plugin/' . 'reset-customizer' . '/'; 64 64 65 65 } … … 67 67 public static function control_upgrade_text() { 68 68 69 $upgrade_text = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name)) . '">' . sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name) . '</a>'; 69 /* translators: name of the plugin */ 70 $upgrade_text = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name)) . '">' . sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name) . '</a>'; 70 71 71 72 if (!class_exists(self::$plugin_premium_class) || !get_option(self::$plugin_prefix . '_purchased')) { … … 73 74 if (!class_exists(self::$plugin_premium_class)) { 74 75 75 $upgrade_text .= sprintf(wp_kses(__(' or <a href="%s" title="Download Free Trial">trial it for 7 days</a>', self::$plugin_text_domain), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::premium_link())); 76 /* translators: link to the premium upgrade */ 77 $upgrade_text .= sprintf(wp_kses(__(' or <a href="%s" title="Download Free Trial">trial it for 7 days</a>', 'reset-customizer'), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::premium_link())); 76 78 77 79 } … … 85 87 public static function control_section_description() { 86 88 87 $default_description = sprintf(wp_kses(__('If you have any requests for new features, please <a href="%s" title="Support Forum">let us know in the support forum</a>.', self::$plugin_text_domain), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::support_url())); 89 /* translators: link to the plugin's support forum */ 90 $default_description = sprintf(wp_kses(__('If you have any requests for new features, please <a href="%s" title="Support Forum">let us know in the support forum</a>.', 'reset-customizer'), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::support_url())); 88 91 89 92 if (self::$plugin_premium_class) { … … 95 98 if (!class_exists(self::$plugin_premium_class)) { 96 99 97 $section_description = '<strong>' . __('For even more options', self::$plugin_text_domain) . '</strong>' . ' ' . $upgrade_text;100 $section_description = '<strong>' . __('For even more options', 'reset-customizer') . '</strong>' . ' ' . $upgrade_text; 98 101 99 102 } else { 100 103 101 $section_description = '<strong>' . __('To keep using premium options', self::$plugin_text_domain) . '</strong>' . ' ' . $upgrade_text;104 $section_description = '<strong>' . __('To keep using premium options', 'reset-customizer') . '</strong>' . ' ' . $upgrade_text; 102 105 103 106 } … … 119 122 $section_description .= ' ' . sprintf( 120 123 wp_kses( 124 /* translators: link to plugin install page */ 121 125 __( 122 126 '<strong>To reset this section of options to default settings</strong> without affecting other sections in the customizer, install <a href="%s" title="Reset Customizer">Reset Customizer</a>.', 123 self::$plugin_text_domain127 'reset-customizer' 124 128 ), 125 129 array('strong' => array(), 'a' => array('href' => array(), 'title' => array())) … … 145 149 public static function control_setting_upgrade_nag() { 146 150 147 $upgrade_nag = self::control_upgrade_text() . __(' to use this option.', self::$plugin_text_domain);151 $upgrade_nag = self::control_upgrade_text() . __(' to use this option.', 'reset-customizer'); 148 152 149 153 return $upgrade_nag; … … 234 238 235 239 $generated_css = sprintf('%s { %s: %s; }', $selector, $style, $prefix.$mod.$postfix); 236 echo $generated_css; 240 241 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 242 echo wp_strip_all_tags($generated_css); 237 243 238 244 } elseif ($mod) { 239 245 240 246 $generated_css = sprintf('%s { %s:%s; }', $selector, $style, $prefix.$value.$postfix); 241 echo $generated_css; 247 248 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 249 echo wp_strip_all_tags($generated_css); 242 250 243 251 } … … 249 257 if (self::$plugin_premium_class) { 250 258 251 return add_query_arg('url', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'], 'https://webd.uk/product/' . self::$plugin_text_domain . '-upgrade/'); 252 259 if (isset($_SERVER['HTTP_HOST'])) { 260 261 return add_query_arg('url', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . filter_var(wp_unslash($_SERVER['HTTP_HOST'], FILTER_SANITIZE_URL)), 'https://webd.uk/product/' . 'reset-customizer' . '-upgrade/'); 262 263 } else { 264 265 return 'https://webd.uk/product/' . 'reset-customizer' . '-upgrade/'; 266 267 } 253 268 254 269 } else { … … 276 291 $settings_links = array(); 277 292 278 $settings_links[] = '<a href="' . esc_url($settings_link) . '" title="' . esc_attr(__('Settings', self::$plugin_text_domain)) . '">' . __('Settings', self::$plugin_text_domain) . '</a>';293 $settings_links[] = '<a href="' . esc_url($settings_link) . '" title="' . esc_attr(__('Settings', 'reset-customizer')) . '">' . __('Settings', 'reset-customizer') . '</a>'; 279 294 280 295 if (!get_option(self::$plugin_prefix . '_purchased')) { … … 284 299 if (self::$plugin_upgrade) { 285 300 286 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s Premium', self::$plugin_text_domain), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', self::$plugin_text_domain) . '</a>'; 301 /* translators: name of the plugin */ 302 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s Premium', 'reset-customizer'), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', 'reset-customizer') . '</a>'; 287 303 288 304 } else { 289 305 290 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s', self::$plugin_text_domain), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', self::$plugin_text_domain) . '</a>'; 306 /* translators: name of the plugin */ 307 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s', 'reset-customizer'), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', 'reset-customizer') . '</a>'; 291 308 292 309 } … … 294 311 } else { 295 312 296 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr((self::$plugin_premium_class ? sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name) : sprintf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name))) . '" style="color: orange; font-weight: bold;">' . (self::$plugin_premium_class ? __('Upgrade', self::$plugin_text_domain) : __('Support Us', self::$plugin_text_domain)) . '</a>'; 313 /* translators: name of the plugin */ 314 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr((self::$plugin_premium_class ? sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name) : sprintf(__('Contribute to %s', 'reset-customizer'), self::$plugin_name))) . '" style="color: orange; font-weight: bold;">' . (self::$plugin_premium_class ? __('Upgrade', 'reset-customizer') : __('Support Us', 'reset-customizer')) . '</a>'; 297 315 298 316 } … … 300 318 if ($premium) { 301 319 302 $settings_links[] = '<a href="' . wp_nonce_url('?activate-' . self::$plugin_prefix . '=true', self::$plugin_prefix . '_activate') . '" id="' . self::$plugin_prefix . '_activate_upgrade" title="' . esc_attr(__('Activate Purchase', self::$plugin_text_domain)) . '" onclick="jQuery(this).append(' <img src="/wp-admin/images/loading.gif" style="float: none; width: auto; height: auto;" />'); setTimeout(function(){document.getElementById(\'' . self::$plugin_prefix . '_activate_upgrade\').removeAttribute(\'href\');},1); return true;">' . __('Activate Purchase', self::$plugin_text_domain) . '</a>'; 303 304 } elseif (self::$plugin_trial && !is_plugin_active(self::$plugin_text_domain . '-premium/' . self::$plugin_text_domain . '-premium.php')) { 305 306 $settings_links[] = '<a href="' . esc_url(self::premium_link()) . '" title="' . esc_attr(sprintf(__('Trial %s Premium', self::$plugin_text_domain), self::$plugin_name)) . ' for 7 days">' . __('Download Trial', self::$plugin_text_domain) . '</a>'; 320 $settings_links[] = '<a href="' . wp_nonce_url('?activate-' . self::$plugin_prefix . '=true', self::$plugin_prefix . '_activate') . '" id="' . self::$plugin_prefix . '_activate_upgrade" title="' . esc_attr(__('Activate Purchase', 'reset-customizer')) . '" onclick="jQuery(this).append(' <img src="/wp-admin/images/loading.gif" style="float: none; width: auto; height: auto;" />'); setTimeout(function(){document.getElementById(\'' . self::$plugin_prefix . '_activate_upgrade\').removeAttribute(\'href\');},1); return true;">' . __('Activate Purchase', 'reset-customizer') . '</a>'; 321 322 } elseif (self::$plugin_trial && !is_plugin_active('reset-customizer' . '-premium/' . 'reset-customizer' . '-premium.php')) { 323 324 /* translators: name of the plugin */ 325 $settings_links[] = '<a href="' . esc_url(self::premium_link()) . '" title="' . esc_attr(sprintf(__('Trial %s Premium', 'reset-customizer'), self::$plugin_name)) . ' for 7 days">' . __('Download Trial', 'reset-customizer') . '</a>'; 307 326 308 327 } … … 310 329 } elseif ($premium) { 311 330 312 $settings_links[] = '<strong style="color: green; display: inline;">' . __('Purchase Confirmed', self::$plugin_text_domain) . '</strong>';331 $settings_links[] = '<strong style="color: green; display: inline;">' . __('Purchase Confirmed', 'reset-customizer') . '</strong>'; 313 332 314 333 } … … 320 339 public static function plugin_row_meta($plugin_meta, $plugin_file, $plugin_data, $status) { 321 340 322 if ($plugin_file === self::$plugin_text_domain . '/' . self::$plugin_text_domain . '.php') { 323 324 $plugin_meta[] = '<a href="' . esc_url(self::support_url()) . '" title="' . __('Problems? We are here to help!', self::$plugin_text_domain) . '" style="color: orange; font-weight: bold;">' . __('Need help?', self::$plugin_text_domain) . '</a>'; 325 $plugin_meta[] = '<a href="https://wordpress.org/support/plugin/' . self::$plugin_text_domain . '/reviews/#new-post" title="' . esc_attr(sprintf(__('If you like %s, please leave a review!', self::$plugin_text_domain), self::$plugin_name)) . '">' . __('Review plugin', self::$plugin_text_domain) . '</a>'; 341 if ($plugin_file === 'reset-customizer' . '/' . 'reset-customizer' . '.php') { 342 343 $plugin_meta[] = '<a href="' . esc_url(self::support_url()) . '" title="' . __('Problems? We are here to help!', 'reset-customizer') . '" style="color: orange; font-weight: bold;">' . __('Need help?', 'reset-customizer') . '</a>'; 344 /* translators: name of the plugin */ 345 $plugin_meta[] = '<a href="https://wordpress.org/support/plugin/' . 'reset-customizer' . '/reviews/#new-post" title="' . esc_attr(sprintf(__('If you like %s, please leave a review!', 'reset-customizer'), self::$plugin_name)) . '">' . __('Review plugin', 'reset-customizer') . '</a>'; 326 346 327 347 } … … 353 373 if (self::$plugin_premium_class) { 354 374 355 if (get_option(self::$plugin_prefix . '_purchased') && !class_exists(self::$plugin_premium_class) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version()) { 356 357 ?> 358 359 <div class="notice notice-error is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 360 361 <p><strong><?php echo self::$plugin_name; ?></strong><br /> 362 <?php esc_html_e('In order to use the premium features, you need to install the premium version of the plugin ...', self::$plugin_text_domain); ?></p> 363 364 <p><a href="<?php echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Download %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Download %s Premium', self::$plugin_text_domain), self::$plugin_name); ?></a></p> 375 if ( 376 get_option(self::$plugin_prefix . '_purchased') && 377 !class_exists(self::$plugin_premium_class) && 378 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() 379 ) { 380 381 ?> 382 383 <div class="notice notice-error is-dismissible <?php echo esc_html(self::$plugin_prefix); ?>-notice"> 384 385 <p><strong><?php echo esc_html(self::$plugin_name); ?></strong><br /> 386 <?php esc_html_e('In order to use the premium features, you need to install the premium version of the plugin ...', 'reset-customizer'); ?></p> 387 388 <p><a href="<?php 389 /* translators: name of the plugin */ 390 echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Download %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" class="button-primary"><?php printf(esc_html(__('Download %s Premium', 'reset-customizer')), esc_html(self::$plugin_name)); ?></a></p> 365 391 366 392 </div> 367 393 368 394 <script type="text/javascript"> 369 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {395 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 370 396 jQuery.ajax({ 371 397 url: ajaxurl, 372 398 data: { 373 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',374 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'399 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 400 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 375 401 } 376 402 }); … … 380 406 <?php 381 407 382 } elseif (!class_exists(self::$plugin_premium_class) && time() > (strtotime('+1 hour', filectime(__DIR__))) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version()) { 383 384 ?> 385 386 <div class="notice notice-info is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 387 388 <p><strong><?php printf(__('Thank you for using %s plugin', self::$plugin_text_domain), self::$plugin_name); ?></strong><br /> 408 } elseif ( 409 !class_exists(self::$plugin_premium_class) && 410 time() > (strtotime('+1 hour', filectime(__DIR__))) && 411 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() 412 ) { 413 414 ?> 415 416 <div class="notice notice-info is-dismissible <?php echo esc_attr(self::$plugin_prefix); ?>-notice"> 417 418 <p style="font-size:15px;"><strong><?php 419 /* translators: name of the plugin */ 420 printf(esc_html(__('Thank you for using %s plugin', 'reset-customizer')), esc_html(self::$plugin_name)); ?></strong></p> 389 421 <?php 390 422 391 423 if (self::$plugin_trial == true) { 392 424 393 _e('Would you like to try even more features? Download your 7 day free trial now!', self::$plugin_text_domain); 425 ?> 426 427 <p><?php echo esc_html(__('Would you like to try even more features? Download your 7 day free trial now!', 'reset-customizer')); ?></p> 428 <?php 394 429 395 430 } else { 396 431 397 echo sprintf(__('Upgrade now to %s Premium to enable more options and features and contribute to the further development of this plugin.', self::$plugin_text_domain), self::$plugin_name); 432 ?> 433 434 <p> 435 <?php 436 /* translators: name of the plugin */ 437 echo esc_html(sprintf(__('Upgrade now to %s Premium to enable more options and features and contribute to the further development of this plugin.', 'reset-customizer'), self::$plugin_name)); ?> 438 </p> 439 <?php 398 440 399 441 } 400 442 401 ?> </p>402 403 <p><?php443 ?> 444 445 <p><?php 404 446 405 447 if (self::$plugin_trial == true) { … … 407 449 ?> 408 450 409 <a href="<?php echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Try %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Trial %s Premium for 7 days', self::$plugin_text_domain), self::$plugin_name); ?></a> 410 451 <a href="<?php echo esc_url(self::premium_link()); ?>" 452 title="<?php 453 /* translators: name of the plugin */ 454 echo esc_attr(sprintf(__('Try %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" 455 class="button-secondary"> 456 <?php echo esc_html(__('Try premium plugin free for 7 days', 'reset-customizer')); ?> 457 </a> 411 458 <?php 412 459 … … 414 461 415 462 ?> 416 <a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php echo esc_attr(sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name); ?></a></p> 463 464 <a href="<?php echo esc_url(self::upgrade_link()); ?>" 465 title="<?php 466 /* translators: name of the plugin */ 467 echo esc_attr(sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" 468 class="button-primary"> 469 <?php echo esc_html(__('Upgrade now to premium plugin', 'reset-customizer')); ?> 470 </a> 471 472 </p> 473 474 <hr style="margin:12px 0;"> 475 476 <p> 477 <strong>✨ Need help with your WordPress site?</strong> 478 🚀 Slow, want new features, or need a glow-up? 479 <a href="https://webd.uk/services/?utm_campaign=notice&utm_term=reset-customizer" class="button-secondary" style="margin-left:6px; vertical-align: middle;">Explore our services</a> 480 </p> 417 481 418 482 </div> 419 483 420 484 <script type="text/javascript"> 421 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {485 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 422 486 jQuery.ajax({ 423 487 url: ajaxurl, 424 488 data: { 425 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',426 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'489 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 490 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 427 491 } 428 492 }); … … 434 498 } 435 499 436 } elseif (time() > (strtotime('+1 hour', filectime(__DIR__))) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() && !get_option(self::$plugin_prefix . '_donated')) { 437 438 ?> 439 440 <div class="notice notice-info is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 441 <p><strong><?php printf(__('Thank you for using %s plugin', self::$plugin_text_domain), self::$plugin_name); ?></strong></p> 442 <?php 443 500 } elseif ( 501 time() > (strtotime('+1 hour', filectime(__DIR__))) && 502 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() && 503 !get_option(self::$plugin_prefix . '_donated') 504 ) { 505 506 ?> 507 508 <div class="notice notice-info is-dismissible <?php echo esc_attr(self::$plugin_prefix); ?>-notice"> 509 510 <p><strong><?php 511 /* translators: name of the plugin */ 512 printf(esc_html(__('Thank you for using %s plugin', 'reset-customizer')), esc_html(self::$plugin_name)); ?></strong></p> 513 <?php 514 515 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound 444 516 do_action(self::$plugin_prefix . '_admin_notice_donate'); 445 517 446 518 ?> 447 <p><?php esc_html_e('Funding plugins like this one with small financial contributions is essential to pay the developers to continue to do what they do. Please take a moment to give a small amount ...', self::$plugin_text_domain); ?></p> 448 <p><a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php echo esc_attr(sprintf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name); ?></a> <a href="#" id="<?php echo self::$plugin_prefix; ?>-already-paid" title="<?php echo esc_attr(__('Aleady Contributed!', self::$plugin_text_domain)); ?>" class="button-primary"><?php esc_html_e('Aleady Contributed!', self::$plugin_text_domain); ?></a></p> 519 520 <p><?php esc_html_e('Funding plugins like this one with small financial contributions is essential to pay the developers to continue to do what they do. Please take a moment to give a small amount ...', 'reset-customizer'); ?></p> 521 522 <p><a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php 523 /* translators: name of the plugin */ 524 echo esc_attr(sprintf(__('Contribute to %s', 'reset-customizer'), self::$plugin_name)); ?>" class="button-primary"><?php echo esc_html(__('Buy us a coffee ☕️', 'reset-customizer')); ?></a> <a href="#" id="<?php echo esc_attr(self::$plugin_prefix); ?>-already-paid" title="<?php echo esc_attr(__('Aleady Contributed!', 'reset-customizer')); ?>" class="button-secondary"><?php esc_html_e('Aleady Contributed!', 'reset-customizer'); ?></a></p> 525 526 <hr style="margin:12px 0;"> 527 528 <p> 529 <strong>✨ Need help with your WordPress site?</strong> 530 🚀 Slow, want new features, or need a glow-up? 531 <a href="https://webd.uk/services/?utm_campaign=notice&utm_term=reset-customizer" class="button-secondary" style="margin-left:6px; vertical-align: middle;">Explore our services</a> 532 </p> 533 449 534 </div> 450 535 451 536 <script type="text/javascript"> 452 jQuery(document).on('click', '#<?php echo self::$plugin_prefix; ?>-already-paid', function() {453 if (confirm(<?php echo json_encode(__('Have you really? Press "Cancel" if you forgot to 🙂', self::$plugin_text_domain)); ?>)) {454 alert(<?php echo json_encode(__('Thank you!', self::$plugin_text_domain)); ?>);455 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').fadeTo(100, 0, function() {456 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').slideUp(100, function() {457 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').remove()537 jQuery(document).on('click', '#<?php echo esc_attr(self::$plugin_prefix); ?>-already-paid', function() { 538 if (confirm(<?php echo json_encode(__('Have you really? Press "Cancel" if you forgot to 🙂', 'reset-customizer')); ?>)) { 539 alert(<?php echo json_encode(__('Thank you!', 'reset-customizer')); ?>); 540 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').fadeTo(100, 0, function() { 541 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').slideUp(100, function() { 542 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').remove() 458 543 }); 459 544 }); … … 461 546 url: ajaxurl, 462 547 data: { 463 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',548 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 464 549 donated: 'true', 465 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'550 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 466 551 } 467 552 }); 468 553 } else { 469 window.location.assign('<?php echo self::upgrade_link(); ?>');554 window.location.assign('<?php echo esc_url(self::upgrade_link()); ?>'); 470 555 } 471 556 }); 472 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {557 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 473 558 jQuery.ajax({ 474 559 url: ajaxurl, 475 560 data: { 476 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',477 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'561 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 562 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 478 563 } 479 564 }); … … 509 594 is_admin() && 510 595 $pagenow === 'customize.php' && 511 isset($_GET['theme']) && 512 !in_array($_GET['theme'], $themes, true) 596 isset($_GET['theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 597 !in_array($_GET['theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 513 598 ) && !( 514 599 !is_admin() && 515 600 $pagenow === 'index.php' && 516 isset($_GET['customize_theme']) && 517 isset($_GET['customize_changeset_uuid']) && 518 !in_array($_GET['customize_theme'], $themes, true) 601 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 602 isset($_GET['customize_changeset_uuid']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 603 !in_array($_GET['customize_theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 519 604 ) 520 605 ) { … … 530 615 is_admin() && 531 616 $pagenow === 'customize.php' && 532 isset($_GET['theme']) && 533 in_array($_GET['theme'], $themes, true) 617 isset($_GET['theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 618 in_array($_GET['theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 534 619 ) || ( 535 620 !is_admin() && 536 621 $pagenow === 'index.php' && 537 isset($_GET['customize_theme']) && 538 isset($_GET['customize_changeset_uuid']) && 539 in_array($_GET['customize_theme'], $themes, true) 622 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 623 isset($_GET['customize_changeset_uuid']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 624 in_array($_GET['customize_theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 540 625 )) 541 626 ) { … … 549 634 !is_admin() && 550 635 $pagenow === 'index.php' && 551 isset($_GET['customize_theme']) && 552 isset($_GET['customize_changeset_uuid']) 636 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 637 isset($_GET['customize_changeset_uuid']) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 553 638 554 639 ) { 555 640 556 $child = wp_get_theme( $_GET['customize_theme']);641 $child = wp_get_theme(sanitize_file_name(wp_unslash($_GET['customize_theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Recommended 557 642 558 643 if (isset($child->template) && in_array($child->template, $themes, true)) { … … 568 653 is_admin() && 569 654 ($pagenow === 'customize.php' || $pagenow === 'admin-ajax.php') && 570 isset($_GET['theme']) || (isset($_POST['customize_theme']) && isset($_POST['customize_changeset_uuid'])) 655 ( 656 isset($_GET['theme']) || // phpcs:ignore WordPress.Security.NonceVerification.Recommended 657 ( 658 isset($_POST['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Missing 659 isset($_POST['customize_changeset_uuid']) // phpcs:ignore WordPress.Security.NonceVerification.Missing 660 ) 661 ) 571 662 ) { 572 663 573 if (isset($_GET['theme'])) { 574 575 $child = wp_get_theme( $_GET['theme']);664 if (isset($_GET['theme'])) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended 665 666 $child = wp_get_theme(sanitize_file_name(wp_unslash($_GET['theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Recommended 576 667 577 668 } else { 578 669 579 $child = wp_get_theme( $_POST['customize_theme']);670 $child = wp_get_theme(sanitize_file_name(wp_unslash($_POST['customize_theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Missing 580 671 581 672 } … … 599 690 if (!function_exists('webd_customize_register')) { 600 691 692 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound 601 693 function webd_customize_register($wp_customize) { 602 694 603 695 if (!class_exists('webd_Customize_Control_Checkbox_Multiple')) { 604 696 697 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound 605 698 class webd_Customize_Control_Checkbox_Multiple extends WP_Customize_Control { 606 699 … … 622 715 623 716 ?> 624 <span class="description customize-control-description"><?php echo $this->description; ?></span>717 <span class="description customize-control-description"><?php echo esc_html($this->description); ?></span> 625 718 <?php 626 719 … … 647 740 ?> 648 741 </ul> 649 <input type="hidden" id="_customize-input-<?php echo $this->id; ?>" <?php $this->link(); ?> value="<?php echo esc_attr(implode(',', $multi_values)); ?>" />742 <input type="hidden" id="_customize-input-<?php echo esc_attr($this->id); ?>" <?php $this->link(); ?> value="<?php echo esc_attr(implode(',', $multi_values)); ?>" /> 650 743 <?php 651 744 -
reset-customizer/tags/1.1.6/readme.txt
r3412274 r3421962 6 6 Tested up to: 6.9 7 7 Requires PHP: 5.6 8 Stable tag: 1.1. 58 Stable tag: 1.1.6 9 9 License: GPLv2 or later 10 10 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 35 35 36 36 == Changelog == 37 38 = 1.1.6 = 39 * General housekeeping preparing for "Plugin Check" code review 37 40 38 41 = 1.1.5 = … … 87 90 == Upgrade Notice == 88 91 89 = 1.1. 5=90 * Minor security updates to translation strings92 = 1.1.6 = 93 * General housekeeping preparing for "Plugin Check" code review -
reset-customizer/tags/1.1.6/reset-customizer.php
r2986678 r3421962 2 2 /* 3 3 * Plugin Name: Reset Customizer 4 * Version: 1.1. 54 * Version: 1.1.6 5 5 * Plugin URI: https://webd.uk/support/ 6 6 * Description: Adds a reset button to each section in the customizer and easily backup / restore / migrate customizer settings 7 7 * Author: Webd Ltd 8 8 * Author URI: https://webd.uk 9 * License: GPLv2 or later 10 * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html 9 11 * Text Domain: reset-customizer 10 12 */ … … 22 24 class reset_customizer_class { 23 25 24 public static $version = '1.1. 5';26 public static $version = '1.1.6'; 25 27 26 28 function __construct() { … … 116 118 117 119 ?> 118 <tr class="theme-mods-<?php echo htmlentities($key); ?>">120 <tr class="theme-mods-<?php echo esc_attr(htmlentities($key)); ?>"> 119 121 <td class="plugin-title column-primary"> 120 <strong><?php echo htmlentities($key); ?></strong>122 <strong><?php echo esc_html(htmlentities($key)); ?></strong> 121 123 <?php 122 124 … … 158 160 var data = { 159 161 action: 'rc_download_theme_mods', 160 security: '<?php echo wp_create_nonce('download-theme-mods'); ?>',162 security: '<?php echo esc_attr(wp_create_nonce('download-theme-mods')); ?>', 161 163 theme: $(this).data('theme') 162 164 }; … … 198 200 }); 199 201 $('.rc-delete').click(function() { 200 var confirmText = '<?php esc_html_e('Are you sure you want to delete all the %s theme modifications?', 'reset-customizer'); ?>'; 202 var confirmText = '<?php 203 /* translators: current theme slug */ 204 esc_html_e('Are you sure you want to delete all the %s theme modifications?', 'reset-customizer'); ?>'; 201 205 if (confirm(confirmText.replace('%s', $(this).data('theme')))) { 202 206 var data = { 203 207 action: 'rc_delete_theme_mods', 204 security: '<?php echo wp_create_nonce('delete-theme-mods'); ?>',208 security: '<?php echo esc_attr(wp_create_nonce('delete-theme-mods')); ?>', 205 209 theme: $(this).data('theme') 206 210 }; … … 224 228 }); 225 229 $('#rc-json-file').change(function() { 226 var confirmText = '<?php esc_attr_e('Are you sure you want to upload %s to the active theme?', 'reset-customizer'); ?>'; 230 var confirmText = '<?php 231 /* translators: current theme slug */ 232 esc_attr_e('Are you sure you want to upload %s to the active theme?', 'reset-customizer'); ?>'; 227 233 if (confirm(confirmText.replace('%s', $('#rc-json-file').prop('files')[0].name))) { 228 234 var data = new FormData(); 229 235 data.append('action', 'rc_restore_theme_mods'); 230 data.append('security', '<?php echo wp_create_nonce('restore-theme-mods'); ?>');236 data.append('security', '<?php echo esc_attr(wp_create_nonce('restore-theme-mods')); ?>'); 231 237 data.append('file', $('#rc-json-file').prop('files')[0]); 232 238 $.ajax({ … … 294 300 ?> 295 301 296 <tr class="theme-mod-<?php echo htmlentities($key); ?>"> 297 <td class="check-column"><?php echo $i; ?>)</td> 298 <td class="plugin-title column-primary"><?php echo $key; ?> <span class="rc-delete-mod button button-small" data-mod="<?php echo esc_html($key); ?>"><?php esc_html_e('Delete', 'reset-customizer'); ?></span></td> 299 <td class="column-description"><?php echo esc_html(print_r($value, true)); ?></td> 302 <tr class="theme-mod-<?php echo esc_attr(htmlentities($key)); ?>"> 303 <td class="check-column"><?php echo esc_html($i); ?>)</td> 304 <td class="plugin-title column-primary"><?php echo esc_html($key); ?> <span class="rc-delete-mod button button-small" data-mod="<?php echo esc_html($key); ?>"><?php esc_html_e('Delete', 'reset-customizer'); ?></span></td> 305 <td class="column-description"><pre></pre><?php 306 // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_print_r 307 echo esc_html(print_r($value, true)); ?></pre></td> 300 308 </tr> 301 309 … … 317 325 }); 318 326 $('.rc-delete-mod').click(function() { 319 var confirmText = '<?php esc_attr_e('Are you sure you want to delete theme mod "%s"?', 'reset-customizer'); ?>'; 327 var confirmText = '<?php 328 /* translators: theme mod key */ 329 esc_attr_e('Are you sure you want to delete theme mod "%s"?', 'reset-customizer'); ?>'; 320 330 if (confirm(confirmText.replace('%s', $(this).data('mod')))) { 321 331 var data = { 322 332 action: 'rc_delete_theme_mod', 323 security: '<?php echo wp_create_nonce('delete-theme-mod'); ?>',333 security: '<?php echo esc_attr(wp_create_nonce('delete-theme-mod')); ?>', 324 334 mod: $(this).data('mod') 325 335 }; … … 429 439 if (isset($_FILES['file']['tmp_name']) && isset($_FILES['file']['type']) && $_FILES['file']['type'] == 'application/json' && current_user_can('manage_options')) { 430 440 431 $json_data = file_get_contents( $_FILES['file']['tmp_name']);441 $json_data = file_get_contents(sanitize_text_field($_FILES['file']['tmp_name'])); 432 442 $theme_mods = false; 433 443 … … 498 508 check_ajax_referer('get-control-defaults'); 499 509 500 if (current_user_can('manage_options') && isset($_POST['controls']) && is_array($_POST['controls']) && $_POST['controls']) { 510 $controls = array(); 511 512 if (isset($_POST['controls'])) { 513 514 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 515 $controls = wp_unslash($_POST['controls']); 516 517 } 518 519 if ( 520 current_user_can('manage_options') && 521 is_array($controls) && 522 $controls 523 ) { 501 524 502 525 global $wp_customize; 503 526 $control_defaults = array(); 504 527 505 foreach ($ _POST['controls']as $control) {528 foreach ($controls as $control) { 506 529 507 530 $control = sanitize_key($control); -
reset-customizer/trunk/includes/class-rc-common.php
r2986678 r3421962 1 1 <?php 2 2 /* 3 * Version: 1. 3.93 * Version: 1.4.4 4 4 */ 5 5 … … 43 43 public static function plugin_text_domain() { 44 44 45 return self::$plugin_text_domain;45 return 'reset-customizer'; 46 46 47 47 } … … 61 61 public static function support_url() { 62 62 63 return 'https://wordpress.org/support/plugin/' . self::$plugin_text_domain. '/';63 return 'https://wordpress.org/support/plugin/' . 'reset-customizer' . '/'; 64 64 65 65 } … … 67 67 public static function control_upgrade_text() { 68 68 69 $upgrade_text = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name)) . '">' . sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name) . '</a>'; 69 /* translators: name of the plugin */ 70 $upgrade_text = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name)) . '">' . sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name) . '</a>'; 70 71 71 72 if (!class_exists(self::$plugin_premium_class) || !get_option(self::$plugin_prefix . '_purchased')) { … … 73 74 if (!class_exists(self::$plugin_premium_class)) { 74 75 75 $upgrade_text .= sprintf(wp_kses(__(' or <a href="%s" title="Download Free Trial">trial it for 7 days</a>', self::$plugin_text_domain), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::premium_link())); 76 /* translators: link to the premium upgrade */ 77 $upgrade_text .= sprintf(wp_kses(__(' or <a href="%s" title="Download Free Trial">trial it for 7 days</a>', 'reset-customizer'), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::premium_link())); 76 78 77 79 } … … 85 87 public static function control_section_description() { 86 88 87 $default_description = sprintf(wp_kses(__('If you have any requests for new features, please <a href="%s" title="Support Forum">let us know in the support forum</a>.', self::$plugin_text_domain), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::support_url())); 89 /* translators: link to the plugin's support forum */ 90 $default_description = sprintf(wp_kses(__('If you have any requests for new features, please <a href="%s" title="Support Forum">let us know in the support forum</a>.', 'reset-customizer'), array('a' => array('href' => array(), 'title' => array()))), esc_url(self::support_url())); 88 91 89 92 if (self::$plugin_premium_class) { … … 95 98 if (!class_exists(self::$plugin_premium_class)) { 96 99 97 $section_description = '<strong>' . __('For even more options', self::$plugin_text_domain) . '</strong>' . ' ' . $upgrade_text;100 $section_description = '<strong>' . __('For even more options', 'reset-customizer') . '</strong>' . ' ' . $upgrade_text; 98 101 99 102 } else { 100 103 101 $section_description = '<strong>' . __('To keep using premium options', self::$plugin_text_domain) . '</strong>' . ' ' . $upgrade_text;104 $section_description = '<strong>' . __('To keep using premium options', 'reset-customizer') . '</strong>' . ' ' . $upgrade_text; 102 105 103 106 } … … 119 122 $section_description .= ' ' . sprintf( 120 123 wp_kses( 124 /* translators: link to plugin install page */ 121 125 __( 122 126 '<strong>To reset this section of options to default settings</strong> without affecting other sections in the customizer, install <a href="%s" title="Reset Customizer">Reset Customizer</a>.', 123 self::$plugin_text_domain127 'reset-customizer' 124 128 ), 125 129 array('strong' => array(), 'a' => array('href' => array(), 'title' => array())) … … 145 149 public static function control_setting_upgrade_nag() { 146 150 147 $upgrade_nag = self::control_upgrade_text() . __(' to use this option.', self::$plugin_text_domain);151 $upgrade_nag = self::control_upgrade_text() . __(' to use this option.', 'reset-customizer'); 148 152 149 153 return $upgrade_nag; … … 234 238 235 239 $generated_css = sprintf('%s { %s: %s; }', $selector, $style, $prefix.$mod.$postfix); 236 echo $generated_css; 240 241 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 242 echo wp_strip_all_tags($generated_css); 237 243 238 244 } elseif ($mod) { 239 245 240 246 $generated_css = sprintf('%s { %s:%s; }', $selector, $style, $prefix.$value.$postfix); 241 echo $generated_css; 247 248 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 249 echo wp_strip_all_tags($generated_css); 242 250 243 251 } … … 249 257 if (self::$plugin_premium_class) { 250 258 251 return add_query_arg('url', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'], 'https://webd.uk/product/' . self::$plugin_text_domain . '-upgrade/'); 252 259 if (isset($_SERVER['HTTP_HOST'])) { 260 261 return add_query_arg('url', (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . filter_var(wp_unslash($_SERVER['HTTP_HOST'], FILTER_SANITIZE_URL)), 'https://webd.uk/product/' . 'reset-customizer' . '-upgrade/'); 262 263 } else { 264 265 return 'https://webd.uk/product/' . 'reset-customizer' . '-upgrade/'; 266 267 } 253 268 254 269 } else { … … 276 291 $settings_links = array(); 277 292 278 $settings_links[] = '<a href="' . esc_url($settings_link) . '" title="' . esc_attr(__('Settings', self::$plugin_text_domain)) . '">' . __('Settings', self::$plugin_text_domain) . '</a>';293 $settings_links[] = '<a href="' . esc_url($settings_link) . '" title="' . esc_attr(__('Settings', 'reset-customizer')) . '">' . __('Settings', 'reset-customizer') . '</a>'; 279 294 280 295 if (!get_option(self::$plugin_prefix . '_purchased')) { … … 284 299 if (self::$plugin_upgrade) { 285 300 286 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s Premium', self::$plugin_text_domain), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', self::$plugin_text_domain) . '</a>'; 301 /* translators: name of the plugin */ 302 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s Premium', 'reset-customizer'), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', 'reset-customizer') . '</a>'; 287 303 288 304 } else { 289 305 290 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s', self::$plugin_text_domain), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', self::$plugin_text_domain) . '</a>'; 306 /* translators: name of the plugin */ 307 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr(sprintf(__('Buy %s', 'reset-customizer'), self::$plugin_name)) . '" style="color: orange; font-weight: bold;">' . __('Buy Now', 'reset-customizer') . '</a>'; 291 308 292 309 } … … 294 311 } else { 295 312 296 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr((self::$plugin_premium_class ? sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name) : sprintf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name))) . '" style="color: orange; font-weight: bold;">' . (self::$plugin_premium_class ? __('Upgrade', self::$plugin_text_domain) : __('Support Us', self::$plugin_text_domain)) . '</a>'; 313 /* translators: name of the plugin */ 314 $settings_links[] = '<a href="' . esc_url(self::upgrade_link()) . '" title="' . esc_attr((self::$plugin_premium_class ? sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name) : sprintf(__('Contribute to %s', 'reset-customizer'), self::$plugin_name))) . '" style="color: orange; font-weight: bold;">' . (self::$plugin_premium_class ? __('Upgrade', 'reset-customizer') : __('Support Us', 'reset-customizer')) . '</a>'; 297 315 298 316 } … … 300 318 if ($premium) { 301 319 302 $settings_links[] = '<a href="' . wp_nonce_url('?activate-' . self::$plugin_prefix . '=true', self::$plugin_prefix . '_activate') . '" id="' . self::$plugin_prefix . '_activate_upgrade" title="' . esc_attr(__('Activate Purchase', self::$plugin_text_domain)) . '" onclick="jQuery(this).append(' <img src="/wp-admin/images/loading.gif" style="float: none; width: auto; height: auto;" />'); setTimeout(function(){document.getElementById(\'' . self::$plugin_prefix . '_activate_upgrade\').removeAttribute(\'href\');},1); return true;">' . __('Activate Purchase', self::$plugin_text_domain) . '</a>'; 303 304 } elseif (self::$plugin_trial && !is_plugin_active(self::$plugin_text_domain . '-premium/' . self::$plugin_text_domain . '-premium.php')) { 305 306 $settings_links[] = '<a href="' . esc_url(self::premium_link()) . '" title="' . esc_attr(sprintf(__('Trial %s Premium', self::$plugin_text_domain), self::$plugin_name)) . ' for 7 days">' . __('Download Trial', self::$plugin_text_domain) . '</a>'; 320 $settings_links[] = '<a href="' . wp_nonce_url('?activate-' . self::$plugin_prefix . '=true', self::$plugin_prefix . '_activate') . '" id="' . self::$plugin_prefix . '_activate_upgrade" title="' . esc_attr(__('Activate Purchase', 'reset-customizer')) . '" onclick="jQuery(this).append(' <img src="/wp-admin/images/loading.gif" style="float: none; width: auto; height: auto;" />'); setTimeout(function(){document.getElementById(\'' . self::$plugin_prefix . '_activate_upgrade\').removeAttribute(\'href\');},1); return true;">' . __('Activate Purchase', 'reset-customizer') . '</a>'; 321 322 } elseif (self::$plugin_trial && !is_plugin_active('reset-customizer' . '-premium/' . 'reset-customizer' . '-premium.php')) { 323 324 /* translators: name of the plugin */ 325 $settings_links[] = '<a href="' . esc_url(self::premium_link()) . '" title="' . esc_attr(sprintf(__('Trial %s Premium', 'reset-customizer'), self::$plugin_name)) . ' for 7 days">' . __('Download Trial', 'reset-customizer') . '</a>'; 307 326 308 327 } … … 310 329 } elseif ($premium) { 311 330 312 $settings_links[] = '<strong style="color: green; display: inline;">' . __('Purchase Confirmed', self::$plugin_text_domain) . '</strong>';331 $settings_links[] = '<strong style="color: green; display: inline;">' . __('Purchase Confirmed', 'reset-customizer') . '</strong>'; 313 332 314 333 } … … 320 339 public static function plugin_row_meta($plugin_meta, $plugin_file, $plugin_data, $status) { 321 340 322 if ($plugin_file === self::$plugin_text_domain . '/' . self::$plugin_text_domain . '.php') { 323 324 $plugin_meta[] = '<a href="' . esc_url(self::support_url()) . '" title="' . __('Problems? We are here to help!', self::$plugin_text_domain) . '" style="color: orange; font-weight: bold;">' . __('Need help?', self::$plugin_text_domain) . '</a>'; 325 $plugin_meta[] = '<a href="https://wordpress.org/support/plugin/' . self::$plugin_text_domain . '/reviews/#new-post" title="' . esc_attr(sprintf(__('If you like %s, please leave a review!', self::$plugin_text_domain), self::$plugin_name)) . '">' . __('Review plugin', self::$plugin_text_domain) . '</a>'; 341 if ($plugin_file === 'reset-customizer' . '/' . 'reset-customizer' . '.php') { 342 343 $plugin_meta[] = '<a href="' . esc_url(self::support_url()) . '" title="' . __('Problems? We are here to help!', 'reset-customizer') . '" style="color: orange; font-weight: bold;">' . __('Need help?', 'reset-customizer') . '</a>'; 344 /* translators: name of the plugin */ 345 $plugin_meta[] = '<a href="https://wordpress.org/support/plugin/' . 'reset-customizer' . '/reviews/#new-post" title="' . esc_attr(sprintf(__('If you like %s, please leave a review!', 'reset-customizer'), self::$plugin_name)) . '">' . __('Review plugin', 'reset-customizer') . '</a>'; 326 346 327 347 } … … 353 373 if (self::$plugin_premium_class) { 354 374 355 if (get_option(self::$plugin_prefix . '_purchased') && !class_exists(self::$plugin_premium_class) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version()) { 356 357 ?> 358 359 <div class="notice notice-error is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 360 361 <p><strong><?php echo self::$plugin_name; ?></strong><br /> 362 <?php esc_html_e('In order to use the premium features, you need to install the premium version of the plugin ...', self::$plugin_text_domain); ?></p> 363 364 <p><a href="<?php echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Download %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Download %s Premium', self::$plugin_text_domain), self::$plugin_name); ?></a></p> 375 if ( 376 get_option(self::$plugin_prefix . '_purchased') && 377 !class_exists(self::$plugin_premium_class) && 378 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() 379 ) { 380 381 ?> 382 383 <div class="notice notice-error is-dismissible <?php echo esc_html(self::$plugin_prefix); ?>-notice"> 384 385 <p><strong><?php echo esc_html(self::$plugin_name); ?></strong><br /> 386 <?php esc_html_e('In order to use the premium features, you need to install the premium version of the plugin ...', 'reset-customizer'); ?></p> 387 388 <p><a href="<?php 389 /* translators: name of the plugin */ 390 echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Download %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" class="button-primary"><?php printf(esc_html(__('Download %s Premium', 'reset-customizer')), esc_html(self::$plugin_name)); ?></a></p> 365 391 366 392 </div> 367 393 368 394 <script type="text/javascript"> 369 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {395 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 370 396 jQuery.ajax({ 371 397 url: ajaxurl, 372 398 data: { 373 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',374 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'399 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 400 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 375 401 } 376 402 }); … … 380 406 <?php 381 407 382 } elseif (!class_exists(self::$plugin_premium_class) && time() > (strtotime('+1 hour', filectime(__DIR__))) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version()) { 383 384 ?> 385 386 <div class="notice notice-info is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 387 388 <p><strong><?php printf(__('Thank you for using %s plugin', self::$plugin_text_domain), self::$plugin_name); ?></strong><br /> 408 } elseif ( 409 !class_exists(self::$plugin_premium_class) && 410 time() > (strtotime('+1 hour', filectime(__DIR__))) && 411 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() 412 ) { 413 414 ?> 415 416 <div class="notice notice-info is-dismissible <?php echo esc_attr(self::$plugin_prefix); ?>-notice"> 417 418 <p style="font-size:15px;"><strong><?php 419 /* translators: name of the plugin */ 420 printf(esc_html(__('Thank you for using %s plugin', 'reset-customizer')), esc_html(self::$plugin_name)); ?></strong></p> 389 421 <?php 390 422 391 423 if (self::$plugin_trial == true) { 392 424 393 _e('Would you like to try even more features? Download your 7 day free trial now!', self::$plugin_text_domain); 425 ?> 426 427 <p><?php echo esc_html(__('Would you like to try even more features? Download your 7 day free trial now!', 'reset-customizer')); ?></p> 428 <?php 394 429 395 430 } else { 396 431 397 echo sprintf(__('Upgrade now to %s Premium to enable more options and features and contribute to the further development of this plugin.', self::$plugin_text_domain), self::$plugin_name); 432 ?> 433 434 <p> 435 <?php 436 /* translators: name of the plugin */ 437 echo esc_html(sprintf(__('Upgrade now to %s Premium to enable more options and features and contribute to the further development of this plugin.', 'reset-customizer'), self::$plugin_name)); ?> 438 </p> 439 <?php 398 440 399 441 } 400 442 401 ?> </p>402 403 <p><?php443 ?> 444 445 <p><?php 404 446 405 447 if (self::$plugin_trial == true) { … … 407 449 ?> 408 450 409 <a href="<?php echo esc_url(self::premium_link()); ?>" title="<?php echo esc_attr(sprintf(__('Try %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Trial %s Premium for 7 days', self::$plugin_text_domain), self::$plugin_name); ?></a> 410 451 <a href="<?php echo esc_url(self::premium_link()); ?>" 452 title="<?php 453 /* translators: name of the plugin */ 454 echo esc_attr(sprintf(__('Try %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" 455 class="button-secondary"> 456 <?php echo esc_html(__('Try premium plugin free for 7 days', 'reset-customizer')); ?> 457 </a> 411 458 <?php 412 459 … … 414 461 415 462 ?> 416 <a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php echo esc_attr(sprintf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Upgrade now to %s Premium', self::$plugin_text_domain), self::$plugin_name); ?></a></p> 463 464 <a href="<?php echo esc_url(self::upgrade_link()); ?>" 465 title="<?php 466 /* translators: name of the plugin */ 467 echo esc_attr(sprintf(__('Upgrade now to %s Premium', 'reset-customizer'), self::$plugin_name)); ?>" 468 class="button-primary"> 469 <?php echo esc_html(__('Upgrade now to premium plugin', 'reset-customizer')); ?> 470 </a> 471 472 </p> 473 474 <hr style="margin:12px 0;"> 475 476 <p> 477 <strong>✨ Need help with your WordPress site?</strong> 478 🚀 Slow, want new features, or need a glow-up? 479 <a href="https://webd.uk/services/?utm_campaign=notice&utm_term=reset-customizer" class="button-secondary" style="margin-left:6px; vertical-align: middle;">Explore our services</a> 480 </p> 417 481 418 482 </div> 419 483 420 484 <script type="text/javascript"> 421 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {485 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 422 486 jQuery.ajax({ 423 487 url: ajaxurl, 424 488 data: { 425 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',426 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'489 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 490 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 427 491 } 428 492 }); … … 434 498 } 435 499 436 } elseif (time() > (strtotime('+1 hour', filectime(__DIR__))) && get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() && !get_option(self::$plugin_prefix . '_donated')) { 437 438 ?> 439 440 <div class="notice notice-info is-dismissible <?php echo self::$plugin_prefix; ?>-notice"> 441 <p><strong><?php printf(__('Thank you for using %s plugin', self::$plugin_text_domain), self::$plugin_name); ?></strong></p> 442 <?php 443 500 } elseif ( 501 time() > (strtotime('+1 hour', filectime(__DIR__))) && 502 get_user_meta(get_current_user_id(), self::$plugin_prefix . '-notice-dismissed', true) != self::plugin_version() && 503 !get_option(self::$plugin_prefix . '_donated') 504 ) { 505 506 ?> 507 508 <div class="notice notice-info is-dismissible <?php echo esc_attr(self::$plugin_prefix); ?>-notice"> 509 510 <p><strong><?php 511 /* translators: name of the plugin */ 512 printf(esc_html(__('Thank you for using %s plugin', 'reset-customizer')), esc_html(self::$plugin_name)); ?></strong></p> 513 <?php 514 515 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.DynamicHooknameFound 444 516 do_action(self::$plugin_prefix . '_admin_notice_donate'); 445 517 446 518 ?> 447 <p><?php esc_html_e('Funding plugins like this one with small financial contributions is essential to pay the developers to continue to do what they do. Please take a moment to give a small amount ...', self::$plugin_text_domain); ?></p> 448 <p><a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php echo esc_attr(sprintf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name)); ?>" class="button-primary"><?php printf(__('Contribute to %s', self::$plugin_text_domain), self::$plugin_name); ?></a> <a href="#" id="<?php echo self::$plugin_prefix; ?>-already-paid" title="<?php echo esc_attr(__('Aleady Contributed!', self::$plugin_text_domain)); ?>" class="button-primary"><?php esc_html_e('Aleady Contributed!', self::$plugin_text_domain); ?></a></p> 519 520 <p><?php esc_html_e('Funding plugins like this one with small financial contributions is essential to pay the developers to continue to do what they do. Please take a moment to give a small amount ...', 'reset-customizer'); ?></p> 521 522 <p><a href="<?php echo esc_url(self::upgrade_link()); ?>" title="<?php 523 /* translators: name of the plugin */ 524 echo esc_attr(sprintf(__('Contribute to %s', 'reset-customizer'), self::$plugin_name)); ?>" class="button-primary"><?php echo esc_html(__('Buy us a coffee ☕️', 'reset-customizer')); ?></a> <a href="#" id="<?php echo esc_attr(self::$plugin_prefix); ?>-already-paid" title="<?php echo esc_attr(__('Aleady Contributed!', 'reset-customizer')); ?>" class="button-secondary"><?php esc_html_e('Aleady Contributed!', 'reset-customizer'); ?></a></p> 525 526 <hr style="margin:12px 0;"> 527 528 <p> 529 <strong>✨ Need help with your WordPress site?</strong> 530 🚀 Slow, want new features, or need a glow-up? 531 <a href="https://webd.uk/services/?utm_campaign=notice&utm_term=reset-customizer" class="button-secondary" style="margin-left:6px; vertical-align: middle;">Explore our services</a> 532 </p> 533 449 534 </div> 450 535 451 536 <script type="text/javascript"> 452 jQuery(document).on('click', '#<?php echo self::$plugin_prefix; ?>-already-paid', function() {453 if (confirm(<?php echo json_encode(__('Have you really? Press "Cancel" if you forgot to 🙂', self::$plugin_text_domain)); ?>)) {454 alert(<?php echo json_encode(__('Thank you!', self::$plugin_text_domain)); ?>);455 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').fadeTo(100, 0, function() {456 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').slideUp(100, function() {457 jQuery('.<?php echo self::$plugin_prefix; ?>-notice').remove()537 jQuery(document).on('click', '#<?php echo esc_attr(self::$plugin_prefix); ?>-already-paid', function() { 538 if (confirm(<?php echo json_encode(__('Have you really? Press "Cancel" if you forgot to 🙂', 'reset-customizer')); ?>)) { 539 alert(<?php echo json_encode(__('Thank you!', 'reset-customizer')); ?>); 540 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').fadeTo(100, 0, function() { 541 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').slideUp(100, function() { 542 jQuery('.<?php echo esc_attr(self::$plugin_prefix); ?>-notice').remove() 458 543 }); 459 544 }); … … 461 546 url: ajaxurl, 462 547 data: { 463 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',548 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 464 549 donated: 'true', 465 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'550 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 466 551 } 467 552 }); 468 553 } else { 469 window.location.assign('<?php echo self::upgrade_link(); ?>');554 window.location.assign('<?php echo esc_url(self::upgrade_link()); ?>'); 470 555 } 471 556 }); 472 jQuery(document).on('click', '.<?php echo self::$plugin_prefix; ?>-notice .notice-dismiss', function() {557 jQuery(document).on('click', '.<?php echo esc_attr(self::$plugin_prefix); ?>-notice .notice-dismiss', function() { 473 558 jQuery.ajax({ 474 559 url: ajaxurl, 475 560 data: { 476 action: 'dismiss_<?php echo self::$plugin_prefix; ?>_notice_handler',477 _ajax_nonce: '<?php echo wp_create_nonce(self::$plugin_prefix . '-ajax-nonce'); ?>'561 action: 'dismiss_<?php echo esc_attr(self::$plugin_prefix); ?>_notice_handler', 562 _ajax_nonce: '<?php echo esc_attr(wp_create_nonce(self::$plugin_prefix . '-ajax-nonce')); ?>' 478 563 } 479 564 }); … … 509 594 is_admin() && 510 595 $pagenow === 'customize.php' && 511 isset($_GET['theme']) && 512 !in_array($_GET['theme'], $themes, true) 596 isset($_GET['theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 597 !in_array($_GET['theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 513 598 ) && !( 514 599 !is_admin() && 515 600 $pagenow === 'index.php' && 516 isset($_GET['customize_theme']) && 517 isset($_GET['customize_changeset_uuid']) && 518 !in_array($_GET['customize_theme'], $themes, true) 601 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 602 isset($_GET['customize_changeset_uuid']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 603 !in_array($_GET['customize_theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 519 604 ) 520 605 ) { … … 530 615 is_admin() && 531 616 $pagenow === 'customize.php' && 532 isset($_GET['theme']) && 533 in_array($_GET['theme'], $themes, true) 617 isset($_GET['theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 618 in_array($_GET['theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 534 619 ) || ( 535 620 !is_admin() && 536 621 $pagenow === 'index.php' && 537 isset($_GET['customize_theme']) && 538 isset($_GET['customize_changeset_uuid']) && 539 in_array($_GET['customize_theme'], $themes, true) 622 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 623 isset($_GET['customize_changeset_uuid']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 624 in_array($_GET['customize_theme'], $themes, true) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 540 625 )) 541 626 ) { … … 549 634 !is_admin() && 550 635 $pagenow === 'index.php' && 551 isset($_GET['customize_theme']) && 552 isset($_GET['customize_changeset_uuid']) 636 isset($_GET['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Recommended 637 isset($_GET['customize_changeset_uuid']) // phpcs:ignore WordPress.Security.NonceVerification.Recommended 553 638 554 639 ) { 555 640 556 $child = wp_get_theme( $_GET['customize_theme']);641 $child = wp_get_theme(sanitize_file_name(wp_unslash($_GET['customize_theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Recommended 557 642 558 643 if (isset($child->template) && in_array($child->template, $themes, true)) { … … 568 653 is_admin() && 569 654 ($pagenow === 'customize.php' || $pagenow === 'admin-ajax.php') && 570 isset($_GET['theme']) || (isset($_POST['customize_theme']) && isset($_POST['customize_changeset_uuid'])) 655 ( 656 isset($_GET['theme']) || // phpcs:ignore WordPress.Security.NonceVerification.Recommended 657 ( 658 isset($_POST['customize_theme']) && // phpcs:ignore WordPress.Security.NonceVerification.Missing 659 isset($_POST['customize_changeset_uuid']) // phpcs:ignore WordPress.Security.NonceVerification.Missing 660 ) 661 ) 571 662 ) { 572 663 573 if (isset($_GET['theme'])) { 574 575 $child = wp_get_theme( $_GET['theme']);664 if (isset($_GET['theme'])) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended 665 666 $child = wp_get_theme(sanitize_file_name(wp_unslash($_GET['theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Recommended 576 667 577 668 } else { 578 669 579 $child = wp_get_theme( $_POST['customize_theme']);670 $child = wp_get_theme(sanitize_file_name(wp_unslash($_POST['customize_theme']))); // phpcs:ignore WordPress.Security.NonceVerification.Missing 580 671 581 672 } … … 599 690 if (!function_exists('webd_customize_register')) { 600 691 692 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound 601 693 function webd_customize_register($wp_customize) { 602 694 603 695 if (!class_exists('webd_Customize_Control_Checkbox_Multiple')) { 604 696 697 // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound 605 698 class webd_Customize_Control_Checkbox_Multiple extends WP_Customize_Control { 606 699 … … 622 715 623 716 ?> 624 <span class="description customize-control-description"><?php echo $this->description; ?></span>717 <span class="description customize-control-description"><?php echo esc_html($this->description); ?></span> 625 718 <?php 626 719 … … 647 740 ?> 648 741 </ul> 649 <input type="hidden" id="_customize-input-<?php echo $this->id; ?>" <?php $this->link(); ?> value="<?php echo esc_attr(implode(',', $multi_values)); ?>" />742 <input type="hidden" id="_customize-input-<?php echo esc_attr($this->id); ?>" <?php $this->link(); ?> value="<?php echo esc_attr(implode(',', $multi_values)); ?>" /> 650 743 <?php 651 744 -
reset-customizer/trunk/readme.txt
r3412274 r3421962 6 6 Tested up to: 6.9 7 7 Requires PHP: 5.6 8 Stable tag: 1.1. 58 Stable tag: 1.1.6 9 9 License: GPLv2 or later 10 10 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 35 35 36 36 == Changelog == 37 38 = 1.1.6 = 39 * General housekeeping preparing for "Plugin Check" code review 37 40 38 41 = 1.1.5 = … … 87 90 == Upgrade Notice == 88 91 89 = 1.1. 5=90 * Minor security updates to translation strings92 = 1.1.6 = 93 * General housekeeping preparing for "Plugin Check" code review -
reset-customizer/trunk/reset-customizer.php
r2986678 r3421962 2 2 /* 3 3 * Plugin Name: Reset Customizer 4 * Version: 1.1. 54 * Version: 1.1.6 5 5 * Plugin URI: https://webd.uk/support/ 6 6 * Description: Adds a reset button to each section in the customizer and easily backup / restore / migrate customizer settings 7 7 * Author: Webd Ltd 8 8 * Author URI: https://webd.uk 9 * License: GPLv2 or later 10 * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html 9 11 * Text Domain: reset-customizer 10 12 */ … … 22 24 class reset_customizer_class { 23 25 24 public static $version = '1.1. 5';26 public static $version = '1.1.6'; 25 27 26 28 function __construct() { … … 116 118 117 119 ?> 118 <tr class="theme-mods-<?php echo htmlentities($key); ?>">120 <tr class="theme-mods-<?php echo esc_attr(htmlentities($key)); ?>"> 119 121 <td class="plugin-title column-primary"> 120 <strong><?php echo htmlentities($key); ?></strong>122 <strong><?php echo esc_html(htmlentities($key)); ?></strong> 121 123 <?php 122 124 … … 158 160 var data = { 159 161 action: 'rc_download_theme_mods', 160 security: '<?php echo wp_create_nonce('download-theme-mods'); ?>',162 security: '<?php echo esc_attr(wp_create_nonce('download-theme-mods')); ?>', 161 163 theme: $(this).data('theme') 162 164 }; … … 198 200 }); 199 201 $('.rc-delete').click(function() { 200 var confirmText = '<?php esc_html_e('Are you sure you want to delete all the %s theme modifications?', 'reset-customizer'); ?>'; 202 var confirmText = '<?php 203 /* translators: current theme slug */ 204 esc_html_e('Are you sure you want to delete all the %s theme modifications?', 'reset-customizer'); ?>'; 201 205 if (confirm(confirmText.replace('%s', $(this).data('theme')))) { 202 206 var data = { 203 207 action: 'rc_delete_theme_mods', 204 security: '<?php echo wp_create_nonce('delete-theme-mods'); ?>',208 security: '<?php echo esc_attr(wp_create_nonce('delete-theme-mods')); ?>', 205 209 theme: $(this).data('theme') 206 210 }; … … 224 228 }); 225 229 $('#rc-json-file').change(function() { 226 var confirmText = '<?php esc_attr_e('Are you sure you want to upload %s to the active theme?', 'reset-customizer'); ?>'; 230 var confirmText = '<?php 231 /* translators: current theme slug */ 232 esc_attr_e('Are you sure you want to upload %s to the active theme?', 'reset-customizer'); ?>'; 227 233 if (confirm(confirmText.replace('%s', $('#rc-json-file').prop('files')[0].name))) { 228 234 var data = new FormData(); 229 235 data.append('action', 'rc_restore_theme_mods'); 230 data.append('security', '<?php echo wp_create_nonce('restore-theme-mods'); ?>');236 data.append('security', '<?php echo esc_attr(wp_create_nonce('restore-theme-mods')); ?>'); 231 237 data.append('file', $('#rc-json-file').prop('files')[0]); 232 238 $.ajax({ … … 294 300 ?> 295 301 296 <tr class="theme-mod-<?php echo htmlentities($key); ?>"> 297 <td class="check-column"><?php echo $i; ?>)</td> 298 <td class="plugin-title column-primary"><?php echo $key; ?> <span class="rc-delete-mod button button-small" data-mod="<?php echo esc_html($key); ?>"><?php esc_html_e('Delete', 'reset-customizer'); ?></span></td> 299 <td class="column-description"><?php echo esc_html(print_r($value, true)); ?></td> 302 <tr class="theme-mod-<?php echo esc_attr(htmlentities($key)); ?>"> 303 <td class="check-column"><?php echo esc_html($i); ?>)</td> 304 <td class="plugin-title column-primary"><?php echo esc_html($key); ?> <span class="rc-delete-mod button button-small" data-mod="<?php echo esc_html($key); ?>"><?php esc_html_e('Delete', 'reset-customizer'); ?></span></td> 305 <td class="column-description"><pre></pre><?php 306 // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_print_r 307 echo esc_html(print_r($value, true)); ?></pre></td> 300 308 </tr> 301 309 … … 317 325 }); 318 326 $('.rc-delete-mod').click(function() { 319 var confirmText = '<?php esc_attr_e('Are you sure you want to delete theme mod "%s"?', 'reset-customizer'); ?>'; 327 var confirmText = '<?php 328 /* translators: theme mod key */ 329 esc_attr_e('Are you sure you want to delete theme mod "%s"?', 'reset-customizer'); ?>'; 320 330 if (confirm(confirmText.replace('%s', $(this).data('mod')))) { 321 331 var data = { 322 332 action: 'rc_delete_theme_mod', 323 security: '<?php echo wp_create_nonce('delete-theme-mod'); ?>',333 security: '<?php echo esc_attr(wp_create_nonce('delete-theme-mod')); ?>', 324 334 mod: $(this).data('mod') 325 335 }; … … 429 439 if (isset($_FILES['file']['tmp_name']) && isset($_FILES['file']['type']) && $_FILES['file']['type'] == 'application/json' && current_user_can('manage_options')) { 430 440 431 $json_data = file_get_contents( $_FILES['file']['tmp_name']);441 $json_data = file_get_contents(sanitize_text_field($_FILES['file']['tmp_name'])); 432 442 $theme_mods = false; 433 443 … … 498 508 check_ajax_referer('get-control-defaults'); 499 509 500 if (current_user_can('manage_options') && isset($_POST['controls']) && is_array($_POST['controls']) && $_POST['controls']) { 510 $controls = array(); 511 512 if (isset($_POST['controls'])) { 513 514 // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 515 $controls = wp_unslash($_POST['controls']); 516 517 } 518 519 if ( 520 current_user_can('manage_options') && 521 is_array($controls) && 522 $controls 523 ) { 501 524 502 525 global $wp_customize; 503 526 $control_defaults = array(); 504 527 505 foreach ($ _POST['controls']as $control) {528 foreach ($controls as $control) { 506 529 507 530 $control = sanitize_key($control);
Note: See TracChangeset
for help on using the changeset viewer.