Changeset 777917
- Timestamp:
- 09/24/2013 07:04:36 PM (12 years ago)
- Location:
- pagely-reseller-management/trunk
- Files:
-
- 2 edited
-
partner-api.php (modified) (10 diffs)
-
readme.txt (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
pagely-reseller-management/trunk/partner-api.php
r732491 r777917 4 4 Plugin URI: https://docs-api.pagely.com/reseller-plugin/ 5 5 Description: For Pagely Resellers 6 Version: 3.1. 56 Version: 3.1.6 7 7 Author: joshua.strebel 8 Author URI: https://page .ly8 Author URI: https://pagely.com 9 9 10 10 */ … … 78 78 class PagelyApi { 79 79 80 var $ver ='p3.1. 4';80 var $ver ='p3.1.6'; 81 81 var $pagely_api_sec = ''; 82 82 var $bypass_pagely_varnish = true; // if running on page.ly, need to bypass varnish 83 83 var $live_endpoint = 'https://api.pagely.com/v1'; 84 //var $sandbox_endpoint = 'https://sandbox-api.pagely.com/v1';85 var $sandbox_endpoint = 'http://api.hcs/v1';84 var $sandbox_endpoint = 'https://sandbox-api.pagely.com/v1'; 85 //var $sandbox_endpoint = 'http://api.hcs/v1'; 86 86 var $api_endpoint = ''; 87 87 static $pp_portal_url = 'https://atomic.pagely.com/'; … … 339 339 // lets check for a post action from the plans page 340 340 341 342 341 343 if (isset($_POST['pagely_order']['plan'])) { 342 344 // plan preselected … … 490 492 if (! $item ) { 491 493 //look for post 492 $item = $_POST['item']; 494 $item = htmlentities( $_POST['item'] ); 495 493 496 } 494 497 // make sure we have an array … … 538 541 public function _delitem_cart($item_id = false) { 539 542 if (!$item_id && $_POST['item_id']) { 540 $item_id = $_POST['item_id'];543 $item_id = htmlentities( $_POST['item_id'] ); 541 544 } 542 545 // get the cart … … 682 685 header( "Content-Type: application/json" ); 683 686 684 $field = $_POST['field'];687 $field = htmlentities($_POST['field']); 685 688 // check to see if the submitted nonce matches with the generated nonce we created earlier 686 689 … … 728 731 $form = $_POST['pagely_order']; 729 732 foreach ($form as $k => $v) { 730 $form[$k] = trim( $v);733 $form[$k] = trim( htmlentities( strip_tags($v) ) ); 731 734 } 732 735 … … 762 765 $form = $this->_get_pp_session('acc_form_post'); 763 766 foreach ($form as $k => $v) { 764 $form[$k] = trim( $v);767 $form[$k] = trim( htmlentities( strip_tags($v) ) ); 765 768 } 766 769 // lets add their plan choice to the session … … 964 967 $form = $_POST['pagely_order']; 965 968 foreach ($form as $k => $v) { 966 $form[$k] = strip_tags(trim($v));969 $form[$k] = trim( htmlentities( strip_tags($v) ) ); 967 970 } 968 971 … … 1241 1244 if (is_array($v)) { 1242 1245 foreach ($v as $kk => $vv) { 1243 $v[$kk] = strip_tags( trim($vv) );1246 $v[$kk] = trim( htmlentities( strip_tags($vv) ) ); 1244 1247 } 1245 1248 } else { 1246 $form[$k] = strip_tags( trim($v) );1249 $form[$k] = trim( htmlentities( strip_tags($v) ) ); 1247 1250 } 1248 1251 } 1249 1252 // array of products to be added to cart 1250 1253 $items = $form; 1254 1251 1255 1252 1256 -
pagely-reseller-management/trunk/readme.txt
r732491 r777917 20 20 Read [the documentation here](https://docs-api.pagely.com/reseller-plugin/). 21 21 == Changelog == 22 = 3.1.6 = 23 Security related changes 22 24 = 3.1.5 = 23 25 new options page class, and options
Note: See TracChangeset
for help on using the changeset viewer.