Changeset 3426891
- Timestamp:
- 12/24/2025 01:50:12 PM (3 months ago)
- Location:
- surveyjs/trunk
- Files:
-
- 8 edited
-
ajax_handlers/insert_survey.php (modified) (1 diff)
-
initializer.php (modified) (8 diffs)
-
readme.txt (modified) (2 diffs)
-
surveyjs.php (modified) (1 diff)
-
views/editor.php (modified) (8 diffs)
-
views/mysurveys.php (modified) (5 diffs)
-
views/results.php (modified) (4 diffs)
-
views/settings.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
surveyjs/trunk/ajax_handlers/insert_survey.php
r3403869 r3426891 28 28 foreach ($client->getSurveys() as $surveyDefinition) { 29 29 ?> 30 <option value="<?php echo sanitize_text_field($surveyDefinition->id) ?>"><?php echo sanitize_text_field($surveyDefinition->name) ?></option>30 <option value="<?php echo esc_attr($surveyDefinition->id) ?>"><?php echo esc_html($surveyDefinition->name) ?></option> 31 31 <?php 32 32 } -
surveyjs/trunk/initializer.php
r3426187 r3426891 142 142 // __CLASS__, 'wps_mysurveys_page' 143 143 // )); 144 add_submenu_page( 'surveyjs-main-menu', __( 'Settings', 'surveyjs-main-menu' ), __( 'Settings', 'surveyjs-main-menu' ), 'manage_options', 'surveyjs-settings', array( 'SurveyJS_SettingsPage', 'surveyjs_render_settings' ) );144 add_submenu_page( 'surveyjs-main-menu', esc_html__( 'Settings', 'surveyjs' ), esc_html__( 'Settings', 'surveyjs' ), 'manage_options', 'surveyjs-settings', array( 'SurveyJS_SettingsPage', 'surveyjs_render_settings' ) ); 145 145 add_submenu_page('', '', '', 'manage_options', 'surveyjs_editor', array('SurveyJS_Editor', 'render')); 146 146 add_submenu_page('', '', '', 'manage_options', 'surveyjs_results', array('SurveyJS_Results', 'render')); … … 154 154 $url = wp_nonce_url($url, 'surveyjs-insert-survey', '_wpnonce'); 155 155 ?> 156 <a onclick="tb_click.call(this); return false;" href="<?php echo esc_url($url); ?>" class="button" title="<?php _e('Insert Survey', SurveyJS_SurveyJS::$prefix); ?>">157 <?php _e('Add Survey', SurveyJS_SurveyJS::$prefix); ?>156 <a onclick="tb_click.call(this); return false;" href="<?php echo esc_url($url); ?>" class="button" title="<?php esc_attr_e('Insert Survey', 'surveyjs'); ?>"> 157 <?php esc_html_e('Add Survey', 'surveyjs'); ?> 158 158 </a> 159 159 <?php … … 175 175 ?> 176 176 <div class="wp-sjs-plugin" id="surveyContainer-<?php echo esc_attr($id) ?>"> 177 <div id="surveyElement-<?php echo $id?>">Survey is loading...</div>178 <div id="surveyResult-<?php echo $id?>"></div>177 <div id="surveyElement-<?php echo esc_attr($id) ?>">Survey is loading...</div> 178 <div id="surveyResult-<?php echo esc_attr($id) ?>"></div> 179 179 </div> 180 180 <script> … … 182 182 url: "<?php echo esc_url($getSurveyJsonUri) ?>", 183 183 type: "POST", 184 data: { Id: <?php echo $id ?>, _wpnonce: '<?php echo $getSurveyJsonNonce; ?>' },184 data: { Id: <?php echo intval($id); ?>, _wpnonce: '<?php echo esc_js( $getSurveyJsonNonce ); ?>' }, 185 185 success: function (data) { 186 186 var json = {} … … 195 195 } 196 196 jQuery(document).ready(()=>{ 197 initSurvey<?php echo $id?>(json, theme);197 initSurvey<?php echo intval($id); ?>(json, theme); 198 198 }); 199 199 } 200 200 }); 201 201 202 function initSurvey<?php echo $id?>(json, theme) {203 const survey<?php echo $id?> = new Survey.Model(json);202 function initSurvey<?php echo intval($id); ?>(json, theme) { 203 const survey<?php echo intval($id); ?> = new Survey.Model(json); 204 204 if (!!theme) { 205 survey<?php echo $id?>.applyTheme(theme);205 survey<?php echo intval($id); ?>.applyTheme(theme); 206 206 } 207 window.survey<?php echo $id ?> = survey<?php echo $id?>;208 survey<?php echo $id?>207 window.survey<?php echo intval($id); ?> = survey<?php echo intval($id); ?>; 208 survey<?php echo intval($id); ?> 209 209 .onComplete 210 210 .add(function (sender, options) { … … 213 213 url: "<?php echo esc_url($saveResultUri) ?>", 214 214 type: "POST", 215 data: { SurveyId: '<?php echo $id ?>', Json : JSON.stringify(sender.data), _wpnonce: '<?php echo $saveResultNonce; ?>' },215 data: { SurveyId: '<?php echo intval($id); ?>', Json : JSON.stringify(sender.data), _wpnonce: '<?php echo esc_js( $saveResultNonce ); ?>' }, 216 216 success: function (data) {options.showSaveSuccess();}, 217 217 error: function (xhr) {options.showSaveError(xhr.responseText);} 218 218 }); 219 219 //document 220 // .querySelector("#surveyResult-<?php echo $id?>")220 // .querySelector("#surveyResult-<?php echo intval($id); ?>") 221 221 // .innerHTML = "result: " + JSON.stringify(sender.data); 222 222 }); 223 223 224 survey<?php echo $id?>.onUploadFiles.add((_, options) => {224 survey<?php echo intval($id); ?>.onUploadFiles.add((_, options) => { 225 225 const formData = new FormData(); 226 226 options.files.forEach((file) => { 227 227 formData.append(file.name, file); 228 228 }); 229 formData.append("_wpnonce", "<?php echo $uploadFilesNonce; ?>");229 formData.append("_wpnonce", "<?php echo esc_js( $uploadFilesNonce ); ?>"); 230 230 231 231 fetch("<?php echo esc_url($uploadFileUri) ?>", { … … 260 260 } 261 261 262 survey<?php echo $id?>.onClearFiles.add((_, options) => {262 survey<?php echo intval($id); ?>.onClearFiles.add((_, options) => { 263 263 if (!options.value || options.value.length === 0) { 264 264 options.callback("success"); … … 283 283 }); 284 284 285 jQuery("#surveyElement-<?php echo $id ?>").Survey({model: survey<?php echo $id?>/*, css: customCss*/});285 jQuery("#surveyElement-<?php echo esc_attr($id) ?>").Survey({model: survey<?php echo intval($id); ?>/*, css: customCss*/}); 286 286 } 287 287 </script> -
surveyjs/trunk/readme.txt
r3426296 r3426891 1 1 === SurveyJS: Drag & Drop Form Builder === 2 2 Contributors: DevSoft Baltic 3 Tags: survey, quiz, form builder, survey creator, survey maker , quiz creator3 Tags: survey, quiz, form builder, survey creator, survey maker 4 4 Requires at least: 6.4 5 5 Tested up to: 6.9 6 Stable tag: trunk6 Stable tag: 2.5.2 7 7 Requires PHP: 8.2 8 License: GPLv2 or later9 License URI: https://www.gnu.org/licenses/gpl-2.0.html10 8 11 9 == Description == … … 82 80 83 81 84 = v2. 4.1=82 = v2.5.2 = 85 83 86 84 == Support == -
surveyjs/trunk/surveyjs.php
r3426187 r3426891 4 4 Plugin URI: https://wordpress.org/plugins/surveyjs 5 5 Description: Easy to use, drag & drop Survey Builder with myriad options. 6 Version: 2. 4.16 Version: 2.5.2 7 7 Author: Devsoft Baltic OÜ 8 8 Author URI: http://devsoftbaltic.com/ 9 License: "SEE LICENSE IN LICENSE" 10 License URI: "https://github.com/surveyjs/surveyjs-wordpress/tree/master?tab=License-1-ov-file" 9 11 */ 10 12 ?> -
surveyjs/trunk/views/editor.php
r3426187 r3426891 21 21 $renameSurveyNonce = wp_create_nonce('surveyjs-rename-survey'); 22 22 $uploadFileNonce = wp_create_nonce('surveyjs-upload-file'); 23 $lk = sanitize_text_field(SurveyJS_SettingsPage::get_license_key());23 $lk = SurveyJS_SettingsPage::get_license_key(); 24 24 ?> 25 25 <style> … … 34 34 </style> 35 35 <script> 36 var surveyName = "<?php echo sanitize_text_field($_GET['name'])?>";36 var surveyName = "<?php echo esc_js( sanitize_text_field($_GET['name']) ); ?>"; 37 37 function setSurveyName(name) { 38 38 var $titleTitle = jQuery("#sjs_editor_title_show"); … … 64 64 url: "<?php echo esc_url($renameSurveyUri) ?>", 65 65 type: "POST", 66 data: { Id: '<?php echo $surveyId ?>', Name: surveyName, _wpnonce: '<?php echo $renameSurveyNonce; ?>' },66 data: { Id: '<?php echo intval($surveyId); ?>', Name: surveyName, _wpnonce: '<?php echo esc_js($renameSurveyNonce); ?>' }, 67 67 success: function (data) { 68 68 // if(data.isSuccess) { … … 78 78 </div> 79 79 </div> 80 <h2 style="display:inline-block;"><?php _e( 'Survey: ', 'sjs' ); ?></h2>80 <h2 style="display:inline-block;"><?php esc_html_e( 'Survey: ', 'surveyjs' ); ?></h2> 81 81 <h3 style="display:inline-block; margin: 0;"> 82 82 <span id="sjs_editor_title_edit" style="display: none;"> … … 95 95 <script type="text/babel"> 96 96 function SurveyCreatorRenderComponent() { 97 var lk = '<?php echo $lk?>';97 var lk = '<?php echo esc_js( $lk ); ?>'; 98 98 Survey.slk(lk); 99 99 var editorOptions = { showThemeTab: true, showLogicTab: true, showTranslationTab: true, showEmbededSurveyTab: false, showOptions: true, generateValidJSON : false }; … … 107 107 url: "<?php echo esc_url($saveSurveyUri) ?>", 108 108 type: "POST", 109 data: { Id: '<?php echo $surveyId ?>', Json: json, Theme: theme, _wpnonce: '<?php echo $saveSurveyNonce; ?>' },109 data: { Id: '<?php echo intval($surveyId); ?>', Json: json, Theme: theme, _wpnonce: '<?php echo esc_js($saveSurveyNonce); ?>' }, 110 110 success: function (data) { 111 111 // if(data.isSuccess) { … … 121 121 url: "<?php echo esc_url($saveSurveyUri) ?>", 122 122 type: "POST", 123 data: { Id: '<?php echo $surveyId ?>', Json: json, Theme: theme, _wpnonce: '<?php echo $saveSurveyNonce; ?>' },123 data: { Id: '<?php echo intval($surveyId); ?>', Json: json, Theme: theme, _wpnonce: '<?php echo esc_js($saveSurveyNonce); ?>' }, 124 124 success: function (data) { 125 125 // if(data.isSuccess) { … … 134 134 formData.append("file", file); 135 135 }); 136 formData.append("_wpnonce", "<?php echo $uploadFileNonce; ?>");136 formData.append("_wpnonce", "<?php echo esc_js($uploadFileNonce); ?>"); 137 137 jQuery.ajax({ 138 138 url: "<?php echo esc_url($uploadFileUri) ?>", -
surveyjs/trunk/views/mysurveys.php
r3403869 r3426891 22 22 url: "<?php echo esc_url($addSurveyUri) ?>", 23 23 type: "POST", 24 data: { Name: "New Survey", _wpnonce: '<?php echo $addSurveyNonce; ?>' },24 data: { Name: "New Survey", _wpnonce: '<?php echo esc_js($addSurveyNonce); ?>' }, 25 25 success: function (data) { 26 26 window.location = "<?php echo esc_url($editSurveyUri) ?>&id=" + data.Id + "&name=New Survey"; … … 34 34 url: "<?php echo esc_url($deleteSurveyUri) ?>", 35 35 type: "POST", 36 data: { Id: id, _wpnonce: '<?php echo $deleteSurveyNonce; ?>' },36 data: { Id: id, _wpnonce: '<?php echo esc_js($deleteSurveyNonce); ?>' }, 37 37 success: function (data) { 38 38 window.location = ""; … … 44 44 url: "<?php echo esc_url($cloneSurveyUri) ?>", 45 45 type: "POST", 46 data: { SurveyParentId: id, _wpnonce: '<?php echo $cloneSurveyNonce; ?>' },46 data: { SurveyParentId: id, _wpnonce: '<?php echo esc_js($cloneSurveyNonce); ?>' }, 47 47 success: function (data) { 48 48 window.location = ""; … … 56 56 <div class="sv_container"> 57 57 <div class="sv_header"> 58 <h3><?php _e( 'SurveyJS Wordpress plugin', 'sjs' ); ?></h2></h3>58 <h3><?php esc_html_e( 'SurveyJS Wordpress plugin', 'surveyjs' ); ?></h3> 59 59 <p>Below you can see the list of available surveys you can edit, run and see the results</p> 60 60 </div> … … 78 78 ?> 79 79 <tr> 80 <td><?php echo sanitize_text_field($surveyDefinition->name) ?></td>80 <td><?php echo esc_html($surveyDefinition->name) ?></td> 81 81 <td> 82 82 <!-- <a class="sv_button_link" href="<?php echo sanitize_key($surveyDefinition->id) ?>">Run</a> --> -
surveyjs/trunk/views/results.php
r3426187 r3426891 34 34 <div class="sv_container"> 35 35 <div class="sv_header"> 36 <h3 class="results-header"><?php echo $surveyName; ?> survey results</h3>36 <h3 class="results-header"><?php echo esc_html($surveyName); ?> survey results</h3> 37 37 </div> 38 38 <div class="sv_body"> … … 46 46 <script> 47 47 var $ = jQuery; 48 var surveyJson = "<?php echo $surveyJson; ?>";48 var surveyJson = '<?php echo htmlspecialchars_decode($surveyJson); ?>'; 49 49 var survey = new Survey.Model(JSON.parse(surveyJson)); 50 50 … … 104 104 105 105 <?php 106 echo 'var results = ', json_encode($surveyResults), ';';106 echo 'var results = ', wp_json_encode($surveyResults), ';'; 107 107 ?> 108 108 … … 138 138 url: "<?php echo esc_url($deleteResultUri) ?>", 139 139 type: "POST", 140 data: { ResultId: data.resultId, _wpnonce: '<?php echo $deleteResultNonce; ?>' },140 data: { ResultId: data.resultId, _wpnonce: '<?php echo esc_js($deleteResultNonce); ?>' }, 141 141 success: function (data) { 142 142 row.remove(); -
surveyjs/trunk/views/settings.php
r3426187 r3426891 15 15 $settings = (array) get_option( 'surveyjs-settings' ); 16 16 if ( isset( $settings['license_key'] ) ) { 17 return esc_js( $settings['license_key'] );17 return $settings['license_key']; 18 18 } 19 19 return ""; … … 21 21 22 22 public function init() { 23 register_setting( 'surveyjs-settings-group', 'surveyjs-settings' ); 23 register_setting( 'surveyjs-settings-group', 'surveyjs-settings', array( 24 'type' => 'array', 25 'sanitize_callback' => array( $this, 'sanitize_settings' ), 26 ) ); 24 27 25 add_settings_section( 'sjs-license-key-section', __( 'Set License Key', 'sjs' ), array($this, 'sjs_license_key_section'), 'surveyjs-settings-page' );26 add_settings_field( 'license_key', __( 'License Key', 'sjs' ), array($this, 'set_license_key_render'), 'surveyjs-settings-page', 'sjs-license-key-section' );28 add_settings_section( 'sjs-license-key-section', esc_html__( 'Set License Key', 'surveyjs' ), array($this, 'sjs_license_key_section'), 'surveyjs-settings-page' ); 29 add_settings_field( 'license_key', esc_html__( 'License Key', 'surveyjs' ), array($this, 'set_license_key_render'), 'surveyjs-settings-page', 'sjs-license-key-section' ); 27 30 } 28 31 32 public function sanitize_settings( $input ) { 33 $sanitized = array(); 34 if ( isset( $input['license_key'] ) ) { 35 $sanitized['license_key'] = sanitize_text_field( $input['license_key'] ); 36 } 37 return $sanitized; 38 } 39 29 40 public function sjs_license_key_section() { 30 _e( 'setting your license key', 'sjs' );41 esc_html_e( 'setting your license key', 'surveyjs' ); 31 42 if ( isset( $_GET["settings-updated"] ) && sanitize_text_field($_GET["settings-updated"]) ) { 32 43 flush_rewrite_rules( true ); 33 echo "<div style='color: #179d82;'>" . __( 'Successfully updated!', 'sjs' ) . "</div>";44 echo "<div style='color: #179d82;'>" . esc_html__( 'Successfully updated!', 'surveyjs' ) . "</div>"; 34 45 } 35 46 } … … 45 56 if ($license_key ) 46 57 { 47 echo "<input type='text' placeholder='put the license key here...' name='surveyjs-settings[license_key]' id='surveyjs-settings[license_key]' value=' $license_key' style='width: 350px;'/>";58 echo "<input type='text' placeholder='put the license key here...' name='surveyjs-settings[license_key]' id='surveyjs-settings[license_key]' value='" . esc_attr( $license_key ) . "' style='width: 350px;'/>"; 48 59 } else { 49 60 echo "<input type='text' placeholder='put the license key here...' name='surveyjs-settings[license_key]' id='surveyjs-settings[license_key]' style='width: 350px;'/>"; … … 54 65 ?> 55 66 <div class="wrap"> 56 <h2><?php _e( 'SurveyJS Settings', 'sjs' ); ?></h2>67 <h2><?php esc_html_e( 'SurveyJS Settings', 'surveyjs' ); ?></h2> 57 68 <form action="options.php" method="POST"> 58 69 <?php settings_fields( 'surveyjs-settings-group' ); ?>
Note: See TracChangeset
for help on using the changeset viewer.