Version Description
- Escaped $_GET variables for additional security measures
Download this release
Release Info
| Developer | metaphorcreations |
| Plugin |  Ditty News Ticker |
| Version | 2.1.23 |
| Comparing to | |
| See all releases | |
Code changes from version 2.1.22 to 2.1.23
- ditty-news-ticker.php +2 -2
- includes/admin/edit-columns.php +4 -4
- includes/functions.php +2 -2
- includes/settings.php +2 -2
- readme.txt +4 -1
- templates/pagination.php +1 -1
ditty-news-ticker.php
CHANGED
|
@@ -5,7 +5,7 @@ Plugin URI: http://dittynewsticker.com/
|
|
| 5 |
Description: Ditty News Ticker is a multi-functional data display plugin
|
| 6 |
Text Domain: ditty-news-ticker
|
| 7 |
Domain Path: languages
|
| 8 |
-
Version: 2.1.
|
| 9 |
Author: Metaphor Creations
|
| 10 |
Author URI: http://www.metaphorcreations.com
|
| 11 |
Contributors: metaphorcreations
|
|
@@ -31,7 +31,7 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
-
define( 'MTPHR_DNT_VERSION', '2.1.
|
| 35 |
define( 'MTPHR_DNT_DIR', trailingslashit(plugin_dir_path( __FILE__ )) );
|
| 36 |
define( 'MTPHR_DNT_FILE', trailingslashit( __FILE__ ) );
|
| 37 |
define( 'MTPHR_DNT_STORE_URL', 'https://www.metaphorcreations.com' );
|
| 5 |
Description: Ditty News Ticker is a multi-functional data display plugin
|
| 6 |
Text Domain: ditty-news-ticker
|
| 7 |
Domain Path: languages
|
| 8 |
+
Version: 2.1.23
|
| 9 |
Author: Metaphor Creations
|
| 10 |
Author URI: http://www.metaphorcreations.com
|
| 11 |
Contributors: metaphorcreations
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
+
define( 'MTPHR_DNT_VERSION', '2.1.23' );
|
| 35 |
define( 'MTPHR_DNT_DIR', trailingslashit(plugin_dir_path( __FILE__ )) );
|
| 36 |
define( 'MTPHR_DNT_FILE', trailingslashit( __FILE__ ) );
|
| 37 |
define( 'MTPHR_DNT_STORE_URL', 'https://www.metaphorcreations.com' );
|
includes/admin/edit-columns.php
CHANGED
|
@@ -128,8 +128,8 @@ function mtphr_dnt_edit_screen_filters() {
|
|
| 128 |
global $typenow;
|
| 129 |
|
| 130 |
if( $typenow == 'ditty_news_ticker' ) {
|
| 131 |
-
$dnt_type = isset($_GET['dnt_type']) ? $_GET['dnt_type'] : '';
|
| 132 |
-
$dnt_mode = isset($_GET['dnt_mode']) ? $_GET['dnt_mode'] : '';
|
| 133 |
|
| 134 |
$types = mtphr_dnt_types_array();
|
| 135 |
$modes = mtphr_dnt_modes_array();
|
|
@@ -173,14 +173,14 @@ function mtphr_dnt_parse_query( $query ) {
|
|
| 173 |
if( isset($_GET['dnt_type']) && $_GET['dnt_type'] != '' ) {
|
| 174 |
$meta_query[] = array(
|
| 175 |
'key' => '_mtphr_dnt_type',
|
| 176 |
-
'value' => $_GET['dnt_type'],
|
| 177 |
);
|
| 178 |
}
|
| 179 |
|
| 180 |
if( isset($_GET['dnt_mode']) && $_GET['dnt_mode'] != '' ) {
|
| 181 |
$meta_query[] = array(
|
| 182 |
'key' => '_mtphr_dnt_mode',
|
| 183 |
-
'value' => $_GET['dnt_mode'],
|
| 184 |
);
|
| 185 |
}
|
| 186 |
|
| 128 |
global $typenow;
|
| 129 |
|
| 130 |
if( $typenow == 'ditty_news_ticker' ) {
|
| 131 |
+
$dnt_type = isset($_GET['dnt_type']) ? esc_html($_GET['dnt_type']) : '';
|
| 132 |
+
$dnt_mode = isset($_GET['dnt_mode']) ? esc_html($_GET['dnt_mode']) : '';
|
| 133 |
|
| 134 |
$types = mtphr_dnt_types_array();
|
| 135 |
$modes = mtphr_dnt_modes_array();
|
| 173 |
if( isset($_GET['dnt_type']) && $_GET['dnt_type'] != '' ) {
|
| 174 |
$meta_query[] = array(
|
| 175 |
'key' => '_mtphr_dnt_type',
|
| 176 |
+
'value' => esc_html($_GET['dnt_type']),
|
| 177 |
);
|
| 178 |
}
|
| 179 |
|
| 180 |
if( isset($_GET['dnt_mode']) && $_GET['dnt_mode'] != '' ) {
|
| 181 |
$meta_query[] = array(
|
| 182 |
'key' => '_mtphr_dnt_mode',
|
| 183 |
+
'value' => esc_html($_GET['dnt_mode']),
|
| 184 |
);
|
| 185 |
}
|
| 186 |
|
includes/functions.php
CHANGED
|
@@ -80,7 +80,7 @@ function get_mtphr_dnt_ticker( $id='', $class='', $atts=false ) {
|
|
| 80 |
/**
|
| 81 |
* Render the ticker
|
| 82 |
*
|
| 83 |
-
* @since 2.1.
|
| 84 |
*/
|
| 85 |
function render_mtphr_dnt_ticker( $id='', $class='', $meta_data=false ) {
|
| 86 |
|
|
@@ -173,7 +173,7 @@ function render_mtphr_dnt_ticker( $id='', $class='', $meta_data=false ) {
|
|
| 173 |
|
| 174 |
// Grab the paged ticks
|
| 175 |
if( $_mtphr_dnt_mode == 'list' && (isset($_mtphr_dnt_list_tick_paging) && $_mtphr_dnt_list_tick_paging) ) {
|
| 176 |
-
$page = isset( $_GET['tickpage'] ) ? $_GET['tickpage'] : 1;
|
| 177 |
$offset = ($page-1) * $_mtphr_dnt_list_tick_count;
|
| 178 |
$dnt_ticks = array_slice( $dnt_ticks, $offset, $_mtphr_dnt_list_tick_count );
|
| 179 |
}
|
| 80 |
/**
|
| 81 |
* Render the ticker
|
| 82 |
*
|
| 83 |
+
* @since 2.1.23
|
| 84 |
*/
|
| 85 |
function render_mtphr_dnt_ticker( $id='', $class='', $meta_data=false ) {
|
| 86 |
|
| 173 |
|
| 174 |
// Grab the paged ticks
|
| 175 |
if( $_mtphr_dnt_mode == 'list' && (isset($_mtphr_dnt_list_tick_paging) && $_mtphr_dnt_list_tick_paging) ) {
|
| 176 |
+
$page = isset( $_GET['tickpage'] ) ? esc_html($_GET['tickpage']) : 1;
|
| 177 |
$offset = ($page-1) * $_mtphr_dnt_list_tick_count;
|
| 178 |
$dnt_ticks = array_slice( $dnt_ticks, $offset, $_mtphr_dnt_list_tick_count );
|
| 179 |
}
|
includes/settings.php
CHANGED
|
@@ -32,7 +32,7 @@ function mtphr_dnt_general_settings_callback() {
|
|
| 32 |
|
| 33 |
|
| 34 |
/* --------------------------------------------------------- */
|
| 35 |
-
/* !Render the settings page with tabs - 1.
|
| 36 |
/* --------------------------------------------------------- */
|
| 37 |
|
| 38 |
function mtphr_dnt_settings_display( $active_tab = null ) {
|
|
@@ -46,7 +46,7 @@ function mtphr_dnt_settings_display( $active_tab = null ) {
|
|
| 46 |
|
| 47 |
<?php
|
| 48 |
$tabs = mtphr_dnt_settings_tabs();
|
| 49 |
-
$active_tab = isset( $_GET['tab'] ) ? $_GET['tab'] : 'general';
|
| 50 |
?>
|
| 51 |
|
| 52 |
<ul style="margin-bottom:20px;" class="subsubsub">
|
| 32 |
|
| 33 |
|
| 34 |
/* --------------------------------------------------------- */
|
| 35 |
+
/* !Render the settings page with tabs - 2.1.23 */
|
| 36 |
/* --------------------------------------------------------- */
|
| 37 |
|
| 38 |
function mtphr_dnt_settings_display( $active_tab = null ) {
|
| 46 |
|
| 47 |
<?php
|
| 48 |
$tabs = mtphr_dnt_settings_tabs();
|
| 49 |
+
$active_tab = isset( $_GET['tab'] ) ? esc_html($_GET['tab']) : 'general';
|
| 50 |
?>
|
| 51 |
|
| 52 |
<ul style="margin-bottom:20px;" class="subsubsub">
|
readme.txt
CHANGED
|
@@ -72,6 +72,9 @@ The most common cause for an unresponsive ticker (when using scroll or rotate mo
|
|
| 72 |
|
| 73 |
== Changelog ==
|
| 74 |
|
|
|
|
|
|
|
|
|
|
| 75 |
= 2.1.22 =
|
| 76 |
* Modified how scripts are enqueued
|
| 77 |
|
|
@@ -473,4 +476,4 @@ The most common cause for an unresponsive ticker (when using scroll or rotate mo
|
|
| 473 |
|
| 474 |
== Upgrade Notice ==
|
| 475 |
|
| 476 |
-
|
| 72 |
|
| 73 |
== Changelog ==
|
| 74 |
|
| 75 |
+
= 2.1.23 =
|
| 76 |
+
* Escaped $_GET variables for additional security measures
|
| 77 |
+
|
| 78 |
= 2.1.22 =
|
| 79 |
* Modified how scripts are enqueued
|
| 80 |
|
| 476 |
|
| 477 |
== Upgrade Notice ==
|
| 478 |
|
| 479 |
+
Escaped $_GET variables for additional security measures
|
templates/pagination.php
CHANGED
|
@@ -8,7 +8,7 @@ if( $_mtphr_dnt_mode == 'list' && isset($_mtphr_dnt_list_tick_paging) && $_mtphr
|
|
| 8 |
|
| 9 |
$spacing = 'margin-top:'.intval($_mtphr_dnt_list_tick_spacing).'px;';
|
| 10 |
$total_pages = ceil( $_mtphr_dnt_total_ticks/$_mtphr_dnt_list_tick_count );
|
| 11 |
-
$current_page = isset( $_GET['tickpage'] ) ? $_GET['tickpage'] : 1;
|
| 12 |
|
| 13 |
$big = 999999999;
|
| 14 |
$args = array(
|
| 8 |
|
| 9 |
$spacing = 'margin-top:'.intval($_mtphr_dnt_list_tick_spacing).'px;';
|
| 10 |
$total_pages = ceil( $_mtphr_dnt_total_ticks/$_mtphr_dnt_list_tick_count );
|
| 11 |
+
$current_page = isset( $_GET['tickpage'] ) ? esc_html($_GET['tickpage']) : 1;
|
| 12 |
|
| 13 |
$big = 999999999;
|
| 14 |
$args = array(
|
