Changeset 3436352
- Timestamp:
- 01/10/2026 12:25:28 AM (3 months ago)
- Location:
- mail-picker/trunk
- Files:
-
- 10 edited
-
includes/classes/class-mailpicker-subscribers.php (modified) (1 diff)
-
includes/classes/class-manage-subscriber.php (modified) (4 diffs)
-
includes/classes/class-post-meta.php (modified) (1 diff)
-
includes/functions.php (modified) (1 diff)
-
includes/mail-picker-rest-end-points.php (modified) (2 diffs)
-
includes/menu/mail_templates.php (modified) (1 diff)
-
includes/menu/settings.php (modified) (1 diff)
-
mail-picker.php (modified) (1 diff)
-
readme.txt (modified) (3 diffs)
-
templates/mail-picker-form/mail-picker-form.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
mail-picker/trunk/includes/classes/class-mailpicker-subscribers.php
r3432070 r3436352 421 421 { 422 422 423 if (preg_match('/mail-track-open/', wp_unslash($_SERVER['REQUEST_URI']))) {424 425 $parts = isset($_SERVER['REQUEST_URI']) ? basename(esc_url_raw( wp_unslash($_SERVER['REQUEST_URI']))) : '';423 if (preg_match('/mail-track-open/', sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])))) { 424 425 $parts = isset($_SERVER['REQUEST_URI']) ? basename(esc_url_raw(sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])))) : ''; 426 426 427 427 -
mail-picker/trunk/includes/classes/class-manage-subscriber.php
r3432070 r3436352 268 268 269 269 270 echo json_encode($response);270 echo wp_json_encode($response, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); 271 271 exit(0); 272 272 } … … 350 350 351 351 352 echo json_encode($response);352 echo wp_json_encode($response, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); 353 353 exit(0); 354 354 } … … 424 424 425 425 426 echo json_encode($response);426 echo wp_json_encode($response, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); 427 427 exit(0); 428 428 } … … 494 494 495 495 496 echo json_encode($response);496 echo wp_json_encode($response, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); 497 497 exit(0); 498 498 } -
mail-picker/trunk/includes/classes/class-post-meta.php
r3432070 r3436352 782 782 <script> 783 783 jQuery(document).ready(function($){ 784 layout_elements_option = <?php echo json_encode($layout_elements_option); ?>;784 layout_elements_option = <?php echo wp_json_encode($layout_elements_option, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); ?>; 785 785 786 786 $(document).on('click','.layout-tags .element_index',function(){ -
mail-picker/trunk/includes/functions.php
r3432070 r3436352 86 86 87 87 88 89 90 echo json_encode($response); 88 echo wp_json_encode($response, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); 91 89 92 90 die(); -
mail-picker/trunk/includes/mail-picker-rest-end-points.php
r3432070 r3436352 132 132 { 133 133 134 if (isset($_SERVER['REQUEST_URI']) && preg_match('/mail-track-open/', wp_unslash($_SERVER['REQUEST_URI']) )) {135 136 $parts = isset($_SERVER['REQUEST_URI']) ? basename(esc_url_raw( wp_unslash($_SERVER['REQUEST_URI']))) : '';134 if (isset($_SERVER['REQUEST_URI']) && preg_match('/mail-track-open/', sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])) )) { 135 136 $parts = isset($_SERVER['REQUEST_URI']) ? basename(esc_url_raw(sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'])))) : ''; 137 137 $parts = explode('-', $parts); 138 138 … … 502 502 503 503 504 //echo json_encode($response);504 //echo wp_json_encode($response); 505 505 506 506 die(wp_json_encode($response)); -
mail-picker/trunk/includes/menu/mail_templates.php
r3432070 r3436352 24 24 <div class="wp-filter"> 25 25 <ul class="filter-links"> 26 <li class=""><a href="<?php echo esc_url _raw(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=latest" class="<?php if($tabs == 'latest') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Latest', 'mail-picker'); ?></a> </li>27 <li class=""><a href="<?php echo esc_url _raw(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=free" class="<?php if($tabs == 'free') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Free', 'mail-picker'); ?></a> </li>28 <li class=""><a href="<?php echo esc_url _raw(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=pro" class="<?php if($tabs == 'pro') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Premium', 'mail-picker'); ?></a> </li>26 <li class=""><a href="<?php echo esc_url(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=latest" class="<?php if($tabs == 'latest') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Latest', 'mail-picker'); ?></a> </li> 27 <li class=""><a href="<?php echo esc_url(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=free" class="<?php if($tabs == 'free') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Free', 'mail-picker'); ?></a> </li> 28 <li class=""><a href="<?php echo esc_url(isset($_SERVER['REQUEST_URI']) ? wp_unslash($_SERVER['REQUEST_URI']) : ''); ?>&tabs=pro" class="<?php if($tabs == 'pro') echo 'current'; ?>" aria-current="page"><?php echo esc_html__('Premium', 'mail-picker'); ?></a> </li> 29 29 </ul> 30 30 <form class="block-search-form"> -
mail-picker/trunk/includes/menu/settings.php
r3432070 r3436352 91 91 <div class="wrap"> 92 92 <div id="icon-tools" class="icon32"><br></div><h2><?php echo esc_html__('Mail Picker Settings', 'mail-picker')?></h2> 93 <form method="post" action="<?php echo esc_url _raw(str_replace( '%7E', '~', isset($_SERVER['REQUEST_URI']) ? esc_url_raw(wp_unslash($_SERVER['REQUEST_URI'])) : '')); ?>">93 <form method="post" action="<?php echo esc_url(str_replace( '%7E', '~', isset($_SERVER['REQUEST_URI']) ? esc_url_raw(wp_unslash($_SERVER['REQUEST_URI'])) : '')); ?>"> 94 94 <input type="hidden" name="mail_picker_hidden" value="Y"> 95 95 <input type="hidden" name="tab" value="<?php echo esc_attr($current_tab); ?>"> -
mail-picker/trunk/mail-picker.php
r3432072 r3436352 1 1 <?php 2 2 /* 3 Plugin Name: Mail Picker3 Plugin Name: PickPlugins Mail Picker — Email Marketing & Newsletters 4 4 Plugin URI: http://pickplugins.com/item/mail-picker 5 5 Description: Send newsletter and build email subscriber. 6 Version: 1.0.1 66 Version: 1.0.17 7 7 Text Domain: mail-picker 8 8 Author: PickPlugins -
mail-picker/trunk/readme.txt
r3432070 r3436352 1 === Newsletter, Email Marketing, Email Subscriber - Mail Picker===1 === PickPlugins Mail Picker — Email Marketing & Newsletters === 2 2 Contributors: PickPlugins 3 3 Donate link: http://pickplugins.com … … 5 5 Requires at least: 4.1 6 6 Tested up to: 6.9 7 Stable tag: 1.0.1 67 Stable tag: 1.0.17 8 8 License: GPLv2 or later 9 9 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 113 113 == Changelog == 114 114 115 = 1.0.17 = 116 * 2026-01-10 fix - Fixed sanitizing & escaping issue. 117 115 118 = 1.0.16 = 116 119 * 2026-01-04 fix - Fixed sanitizing & escaping issue. -
mail-picker/trunk/templates/mail-picker-form/mail-picker-form.php
r3432070 r3436352 35 35 } 36 36 37 if (! isset($_POST['mail_picker_nonce']) || ! wp_verify_nonce( wp_unslash($_POST['mail_picker_nonce']), 'mail_picker_nonce')) {37 if (! isset($_POST['mail_picker_nonce']) || ! wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['mail_picker_nonce'])), 'mail_picker_nonce')) { 38 38 39 39 $error->add('_wpnonce', __('ERROR: security test failed.', 'mail-picker')); … … 302 302 <script> 303 303 jQuery(document).ready(function($) { 304 window.location.href = '<?php echo esc_url _raw($redirect_link); ?>';304 window.location.href = '<?php echo esc_url($redirect_link); ?>'; 305 305 }) 306 306 </script>
Note: See TracChangeset
for help on using the changeset viewer.