Download Monitor - Version 4.4.7

Version Description

29.10.2021 = Fixed: Sanitization & Escaping

Release Info

Developer	giucu91
Plugin	Download Monitor
Version	4.4.7
Comparing to
See all releases

Code changes from version 4.4.6 to 4.4.7

Files changed (93) hide show

assets/views/meta-box/product-information.php +4 -25
assets/views/meta-box/version.php +27 -27
assets/views/notice-lu-upgrade.php +5 -5
assets/views/order/page-order-details.php +25 -25
assets/views/order/page-order-overview.php +1 -1
download-monitor.php +2 -22
includes/admin/class-dlm-upsells.php +191 -48
includes/admin/uninstall/class-dlm-uninstall.php +3 -2
includes/php-too-low.php +23 -18
includes/tracking/class-download-monitor-usage-tracker.php +13 -14
readme.txt +5 -2
src/Admin/Admin.php +4 -2
src/Admin/CustomActions.php +9 -10
src/Admin/CustomColumns.php +11 -11
src/Admin/CustomLabels.php +1 -1
src/Admin/Dashboard.php +5 -5
src/Admin/Extensions.php +8 -8
src/Admin/MediaBrowser.php +6 -6
src/Admin/MediaInsert.php +38 -41
src/Admin/Reports/Ajax.php +5 -5
src/Admin/Reports/Page.php +15 -15
src/Admin/Settings/Fields/ActionButton.php +1 -1
src/Admin/Settings/Fields/Checkbox.php +1 -1
src/Admin/Settings/Fields/Desc.php +1 -1
src/Admin/Settings/Fields/LazySelect.php +1 -1
src/Admin/Settings/Page.php +30 -25
src/Admin/WritePanels.php +60 -66
src/Ajax/CreatePage.php +1 -1
src/Ajax/GetVersions.php +5 -0
src/Ajax/Manager.php +1 -1
src/AjaxHandler.php +40 -30
src/CookieManager.php +1 -1
src/Dependencies/PayPal/Rest/ApiContext.php +1 -1
src/Dependencies/Pimple/Container.php +1 -1
src/Dependencies/Pimple/Tests/PimpleTest.php +1 -1
src/Download/Download.php +11 -11
src/DownloadHandler.php +19 -13
src/DownloadPreview/Preview.php +4 -4
src/LegacyUpgrader/Ajax.php +8 -0
src/LegacyUpgrader/Page.php +4 -4
src/Logs/LogExportCSV.php +3 -3
src/Logs/LogPage.php +8 -5
src/Logs/LoggingListTable.php +34 -24
src/Product/Product.php +8 -3
src/Shop/Access/Manager.php +1 -1
src/Shop/Admin/DownloadOption.php +18 -3
src/Shop/Admin/Fields/GatewayOverview.php +3 -3
src/Shop/Admin/OrderTable.php +24 -24
src/Shop/Admin/Pages/Orders.php +1 -1
src/Shop/Admin/ProductTableColumns.php +2 -2
src/Shop/Admin/WritePanels.php +8 -3
src/Shop/Ajax/AdminChangeOrderStatus.php +6 -2
src/Shop/Ajax/Manager.php +1 -1
src/Shop/Ajax/PlaceOrder.php +14 -14
src/Shop/Checkout/Field.php +1 -1
src/Shop/Checkout/PaymentGateway/PayPal/ExecutePaymentListener.php +10 -3
src/Shop/Product/Product.php +15 -0
src/Shop/Session/Cookie.php +1 -1
src/Shop/Session/Factory.php +3 -2
src/Shop/Shortcode/Checkout.php +2 -2
src/Shortcodes.php +6 -6
src/Util/Onboarding.php +32 -32
src/Utils.php +3 -2
src/Widgets/Downloads.php +24 -33
templates/content-download-box.php +4 -4
templates/content-download-button.php +2 -2
templates/content-download-filename.php +4 -4
templates/content-download-no-version.php +2 -2
templates/content-download-title.php +3 -3
templates/content-download-version-list.php +3 -3
templates/content-download.php +3 -3
templates/no-access.php +1 -1
templates/pagination.php +18 -12
templates/shop/button/add-to-cart-box.php +6 -6
templates/shop/button/add-to-cart.php +3 -3
templates/shop/cart.php +7 -7
templates/shop/cart/empty.php +1 -1
templates/shop/cart/item.php +8 -8
templates/shop/cart/totals.php +4 -4
templates/shop/checkout.php +3 -3
templates/shop/checkout/empty.php +1 -1
templates/shop/checkout/error.php +4 -4
templates/shop/checkout/no-access.php +1 -1
templates/shop/checkout/order-complete.php +15 -15
templates/shop/checkout/order-review-item.php +2 -2
templates/shop/checkout/order-review.php +6 -6
templates/shop/checkout/payment-gateway.php +4 -4
templates/shop/checkout/submit-button.php +1 -1
templates/shop/content-single-product.php +1 -1
templates/shop/email/elements/downloads-table-plain.php +2 -2
templates/shop/email/elements/downloads-table.php +6 -6
templates/shop/email/elements/order-table-plain.php +1 -1
templates/shop/email/elements/order-table.php +2 -2

assets/views/meta-box/product-information.php CHANGED Viewed

	@@ -3,19 +3,19 @@
3	<?php do_action( 'dlm_mb_product_information_start', $product->get_id(), $product ); ?>
4
5	<p class="dlm_shop_field_row">
6	- <label class="dlm_shop_field_label"><?php printf( __( 'Price (%s)', 'download-monitor' ), \Never5\DownloadMonitor\Shop\Services\Services::get()->service( 'currency' )->get_currency_symbol() ); ?></label>
7	<span class="dlm_shop_field_input">
8	- <input type="text" name="_dlm_price" value="<?php echo $price; ?>" class="dlm_shop_input" >
9	</span>
10	</p>
11
12	<p class="dlm_shop_field_row">
13	- <label class="dlm_shop_field_label"><?php printf( __( 'Downloads', 'download-monitor' ), \Never5\DownloadMonitor\Shop\Services\Services::get()->service( 'currency' )->get_currency_symbol() ); ?></label>
14	<span class="dlm_shop_field_input">
15
16	<select id="dlm_downloads" name="_dlm_downloads[]"
17	multiple="true"
18	- data-placeholder="<?php _e( 'Select Downloads…', 'download-monitor' ); ?>"
19	class="dlm-select-ext dlm_shop_input">
20	<?php if ( ! empty( $downloads ) ) : ?>
21	<?php foreach ( $downloads as $download ) : ?>
	@@ -27,27 +27,6 @@
27	</span>
28	</p>
29
30	- <?php /*
31	- <p>
32	- <label><?php _e( 'Taxable', 'download-monitor' ); ?></label>
33	- <input type="checkbox" name="_dlm_taxable" value="1" <?php checked( true, $taxable ); ?>/>
34	- </p>
35	-
36	- <p>
37	- <label><?php _e( 'Tax Class', 'download-monitor' ); ?></label>
38	- <select name="_dlm_tax_class">
39	- <?php
40	- $classes = \Never5\DownloadMonitor\Shop\Services\Services::get()->service( 'tax_class_manager' )->get_tax_rates();
41	- if ( count( $classes ) > 0 ) {
42	- foreach ( $classes as $class ) {
43	- echo "<option value='" . $class . "'" . selected( $tax_class, $class ) . ">" . $class . " " . __( 'rate', 'download-monitor' ) . "</option>";
44	- }
45	- }
46	- ?>
47	- </select>
48	- </p>
49	- */ ?>
50	-
51	<?php do_action( 'dlm_mb_product_information_end', $product->get_id(), $product ); ?>
52
53	</div>


3	<?php do_action( 'dlm_mb_product_information_start', $product->get_id(), $product ); ?>
4
5	<p class="dlm_shop_field_row">
6	+ <label class="dlm_shop_field_label"><?php printf( esc_html__( 'Price (%s)', 'download-monitor' ), \Never5\DownloadMonitor\Shop\Services\Services::get()->service( 'currency' )->get_currency_symbol() ); ?></label>
7	<span class="dlm_shop_field_input">
8	+ <input type="text" name="_dlm_price" value="<?php echo esc_attr( $price ); ?>" class="dlm_shop_input" >
9	</span>
10	</p>
11
12	<p class="dlm_shop_field_row">
13	+ <label class="dlm_shop_field_label"><?php printf( esc_html__( 'Downloads', 'download-monitor' ), \Never5\DownloadMonitor\Shop\Services\Services::get()->service( 'currency' )->get_currency_symbol() ); ?></label>
14	<span class="dlm_shop_field_input">
15
16	<select id="dlm_downloads" name="_dlm_downloads[]"
17	multiple="true"
18	+ data-placeholder="<?php echo esc_attr__( 'Select Downloads…', 'download-monitor' ); ?>"
19	class="dlm-select-ext dlm_shop_input">
20	<?php if ( ! empty( $downloads ) ) : ?>
21	<?php foreach ( $downloads as $download ) : ?>

27	</span>
28	</p>
29





















30	<?php do_action( 'dlm_mb_product_information_end', $product->get_id(), $product ); ?>
31
32	</div>

assets/views/meta-box/version.php CHANGED Viewed

	@@ -3,14 +3,14 @@ if ( ! defined( 'ABSPATH' ) ) {
3	exit;
4	} // Exit if accessed directly
5	?>
6	- <div class="dlm-metabox closed downloadable_file" data-file="<?php echo $file_id; ?>">
7	<h3>
8	- <button type="button" class="remove_file button"><?php _e( 'Remove', 'download-monitor' ); ?></button>
9	- <div class="handlediv" title="<?php _e( 'Click to toggle', 'download-monitor' ); ?>"></div>
10	- <strong>#<?php echo $file_id; ?> — <?php echo sprintf( __( 'Version <span class="version">%s</span> (%s)', 'download-monitor' ), ( $file_version ) ? $file_version : __( 'n/a', 'download-monitor' ), date_i18n( get_option( 'date_format' ), $file_post_date->format( 'U' ) ) ); ?> — <?php echo sprintf( _n( 'Downloaded %s time', 'Downloaded %s times', $file_download_count, 'download-monitor' ), $file_download_count ); ?></strong>
11	- <input type="hidden" name="downloadable_file_id[<?php echo $version_increment; ?>]" value="<?php echo $file_id; ?>"/>
12	- <input type="hidden" class="file_menu_order" name="downloadable_file_menu_order[<?php echo $version_increment; ?>]"
13	- value="<?php echo $version_increment; ?>"/>
14	</h3>
15	<table cellpadding="0" cellspacing="0" class="dlm-metabox-content">
16	<tbody>
	@@ -19,17 +19,17 @@ if ( ! defined( 'ABSPATH' ) ) {
19
20	<tr>
21	<td width="1%">
22	- <label><?php _e( 'Version', 'download-monitor' ); ?>:</label>
23	- <input type="text" class="short" name="downloadable_file_version[<?php echo $version_increment; ?>]"
24	- placeholder="<?php _e( 'n/a', 'download-monitor' ); ?>" value="<?php echo $file_version; ?>"/>
25	</td>
26	<td rowspan="3">
27
28	- <label><?php _e( 'File asdURL(s); note: only enter multiple URLs in here if you want to use file mirrors', 'download-monitor' ); ?></label>
29
30	- <textarea name="downloadable_file_urls[<?php echo $version_increment; ?>]" wrap="off" class="downloadable_file_urls"
31	cols="5" rows="5"
32	- placeholder="<?php _e( 'Enter one file path/URL per line - multiple files will be used as mirrors (chosen at random).', 'download-monitor' ); ?>"><?php echo esc_textarea( implode( "\n", $file_urls ) ); ?></textarea>
33
34	<p>
35	<?php
	@@ -62,23 +62,23 @@ if ( ! defined( 'ABSPATH' ) ) {
62	</tr>
63	<tr>
64	<td>
65	- <label><?php _e( 'Download count', 'download-monitor' ); ?>:</label>
66	- <input type="text" class="short" name="downloadable_file_download_count[<?php echo $version_increment; ?>]"
67	- placeholder="<?php echo $file_download_count; ?>"/>
68	</td>
69	</tr>
70	<tr>
71	<td>
72	- <label><?php _e( 'File Date', 'download-monitor' ); ?>:</label>
73	- <input type="text" class="date-picker-field" name="downloadable_file_date[<?php echo $version_increment; ?>]"
74	- maxlength="10" value="<?php echo $file_post_date->format('Y-m-d'); ?>"/> @ <input
75	- type="text" class="hour" placeholder="<?php _e( 'h', 'download-monitor' ) ?>"
76	- name="downloadable_file_date_hour[<?php echo $version_increment; ?>]" maxlength="2" size="2"
77	- value="<?php echo $file_post_date->format('H'); ?>"/>:<input type="text" class="minute"
78	- placeholder="<?php _e( 'm', 'download-monitor' ) ?>"
79	- name="downloadable_file_date_minute[<?php echo $version_increment; ?>]"
80	maxlength="2" size="2"
81	- value="<?php echo $file_post_date->format('i'); ?>"/>
82	</td>
83	</tr>
84
	@@ -104,8 +104,8 @@ if ( ! defined( 'ABSPATH' ) ) {
104	}
105	?>
106	<td>
107	- <label><?php echo strtoupper( $hash ); ?> Hash</label>
108	- <input type="text" readonly="readonly" value="<?php echo $value; ?>"/>
109	</td>
110	<?php } ?>
111	</tr>


3	exit;
4	} // Exit if accessed directly
5	?>
6	+ <div class="dlm-metabox closed downloadable_file" data-file="<?php echo esc_html( $file_id ); ?>">
7	<h3>
8	+ <button type="button" class="remove_file button"><?php echo esc_html__( 'Remove', 'download-monitor' ); ?></button>
9	+ <div class="handlediv" title="<?php echo esc_attr__( 'Click to toggle', 'download-monitor' ); ?>"></div>
10	+ <strong>#<?php echo esc_html( $file_id ); ?> — <?php echo sprintf( wp_kses_post( __( 'Version <span class="version">%s</span> (%s)', 'download-monitor' ) ), ( $file_version ) ? esc_html( $file_version ) : esc_html__( 'n/a', 'download-monitor' ), esc_html( date_i18n( get_option( 'date_format' ) ), $file_post_date->format( 'U' ) ) ); ?> — <?php echo sprintf( _n( 'Downloaded %s time', 'Downloaded %s times', $file_download_count, 'download-monitor' ), esc_html( $file_download_count ) ); ?></strong>
11	+ <input type="hidden" name="downloadable_file_id[<?php echo esc_attr( $version_increment ); ?>]" value="<?php echo esc_attr( $file_id ); ?>"/>
12	+ <input type="hidden" class="file_menu_order" name="downloadable_file_menu_order[<?php echo esc_attr( $version_increment ); ?>]"
13	+ value="<?php echo esc_attr( $version_increment ); ?>"/>
14	</h3>
15	<table cellpadding="0" cellspacing="0" class="dlm-metabox-content">
16	<tbody>

19
20	<tr>
21	<td width="1%">
22	+ <label><?php echo esc_html__( 'Version', 'download-monitor' ); ?>:</label>
23	+ <input type="text" class="short" name="downloadable_file_version[<?php echo esc_attr( $version_increment ); ?>]"
24	+ placeholder="<?php echo esc_attr__( 'n/a', 'download-monitor' ); ?>" value="<?php echo esc_attr( $file_version ); ?>"/>
25	</td>
26	<td rowspan="3">
27
28	+ <label><?php echo esc_html__( 'File asdURL(s); note: only enter multiple URLs in here if you want to use file mirrors', 'download-monitor' ); ?></label>
29
30	+ <textarea name="downloadable_file_urls[<?php echo esc_attr( $version_increment ); ?>]" wrap="off" class="downloadable_file_urls"
31	cols="5" rows="5"
32	+ placeholder="<?php echo esc_attr__( 'Enter one file path/URL per line - multiple files will be used as mirrors (chosen at random).', 'download-monitor' ); ?>"><?php echo esc_textarea( implode( "\n", $file_urls ) ); ?></textarea>
33
34	<p>
35	<?php

62	</tr>
63	<tr>
64	<td>
65	+ <label><?php echo esc_html__( 'Download count', 'download-monitor' ); ?>:</label>
66	+ <input type="text" class="short" name="downloadable_file_download_count[<?php echo esc_attr( $version_increment ); ?>]"
67	+ placeholder="<?php echo esc_attr( $file_download_count ); ?>"/>
68	</td>
69	</tr>
70	<tr>
71	<td>
72	+ <label><?php echo esc_html__( 'File Date', 'download-monitor' ); ?>:</label>
73	+ <input type="text" class="date-picker-field" name="downloadable_file_date[<?php echo esc_attr( $version_increment ); ?>]"
74	+ maxlength="10" value="<?php echo esc_attr( $file_post_date->format('Y-m-d') ); ?>"/> @ <input
75	+ type="text" class="hour" placeholder="<?php echo esc_html__( 'h', 'download-monitor' ) ?>"
76	+ name="downloadable_file_date_hour[<?php echo esc_attr( $version_increment ); ?>]" maxlength="2" size="2"
77	+ value="<?php echo esc_attr( $file_post_date->format( 'H' ) ); ?>"/>:<input type="text" class="minute"
78	+ placeholder="<?php echo esc_attr__( 'm', 'download-monitor' ) ?>"
79	+ name="downloadable_file_date_minute[<?php echo esc_attr( $version_increment ); ?>]"
80	maxlength="2" size="2"
81	+ value="<?php echo esc_attr( $file_post_date->format('i') ); ?>"/>
82	</td>
83	</tr>
84

104	}
105	?>
106	<td>
107	+ <label><?php echo esc_html( strtoupper( $hash ) ); ?> Hash</label>
108	+ <input type="text" readonly="readonly" value="<?php echo esc_attr( $value ); ?>"/>
109	</td>
110	<?php } ?>
111	</tr>

assets/views/notice-lu-upgrade.php CHANGED Viewed

	@@ -4,9 +4,9 @@ if ( ! defined( 'ABSPATH' ) ) {
4	} // Exit if accessed directly
5	?>
6	<div class="dlm-lu-upgrade-notice">
7	- <h3><?php _e('It looks like you upgraded to the latest version of Download Monitor from a legacy version (3.x)', 'download-monitor' ); ?></h3>
8	- <p><?php printf( __( "Currently your downloads don't work like they should, we need to %s before they'll work again.", 'download-monitor' ), sprintf( '<strong>%s</strong>', __( 'upgrade your downloads', 'download-monitor' ) ) ); ?></p>
9	- <p><?php printf( __( "We've created an upgrading tool that will do all the work for you. You can read more about this tool on %sour website (click here)%s or start the upgrade now.", 'download-monitor'), '<a href="https://www.download-monitor.com/kb/legacy-upgrade?utm_source=plugin&utm_medium=dlm-lu-upgrade-notice&utm_campaign=dlm-lu-more-information" target="_blank">', '</a>' ); ?></p>
10	- <a href="<?php echo admin_url( 'options.php?page=dlm_legacy_upgrade' ); ?>" class="button"><?php _e( 'Take me to the Upgrade Tool', 'download-monitor' ); ?></a>
11	- <a href="<?php echo admin_url( 'edit.php?post_type=dlm_download&dlm_lu_hide_notice=1' ); ?>" class="dlm-lu-upgrade-notice-hide"><?php _e( 'hide notice', 'download-monitor' ); ?></a>
12	</div>


4	} // Exit if accessed directly
5	?>
6	<div class="dlm-lu-upgrade-notice">
7	+ <h3><?php echo esc_html__('It looks like you upgraded to the latest version of Download Monitor from a legacy version (3.x)', 'download-monitor' ); ?></h3>
8	+ <p><?php printf( esc_html__( "Currently your downloads don't work like they should, we need to %s before they'll work again.", 'download-monitor' ), sprintf( '<strong>%s</strong>', esc_html__( 'upgrade your downloads', 'download-monitor' ) ) ); ?></p>
9	+ <p><?php printf( esc_html__( "We've created an upgrading tool that will do all the work for you. You can read more about this tool on %sour website (click here)%s or start the upgrade now.", 'download-monitor'), '<a href="https://www.download-monitor.com/kb/legacy-upgrade?utm_source=plugin&utm_medium=dlm-lu-upgrade-notice&utm_campaign=dlm-lu-more-information" target="_blank">', '</a>' ); ?></p>
10	+ <a href="<?php echo esc_url( admin_url( 'options.php?page=dlm_legacy_upgrade' ) ); ?>" class="button"><?php echo esc_html__( 'Take me to the Upgrade Tool', 'download-monitor' ); ?></a>
11	+ <a href="<?php echo esc_url( admin_url( 'edit.php?post_type=dlm_download&dlm_lu_hide_notice=1' ) ); ?>" class="dlm-lu-upgrade-notice-hide"><?php echo esc_html__( 'hide notice', 'download-monitor' ); ?></a>
12	</div>

assets/views/order/page-order-details.php CHANGED Viewed

	@@ -11,21 +11,21 @@ $items = $order->get_items();
11	?>
12	<div class="wrap dlm-order-details">
13
14	- <h1><?php printf( __( 'Order Details #%s', 'download-monitor' ), $order->get_id() ); ?></h1>
15
16	<div class="dlm-order-details-main">
17
18	<div class="dlm-order-details-block dlm-order-details-order-items">
19	- <h2 class="dlm-order-details-block-title"><span><?php _e( 'Order Items', 'download-monitor' ); ?></span>
20	</h2>
21	<div class="dlm-order-details-block-inside">
22	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-data-table">
23	<thead>
24	<tr>
25	- <th><?php _e( "Product", 'download-monitor' ); ?></th>
26	- <th><?php _e( "Price", 'download-monitor' ); ?></th>
27	- <th><?php _e( "QTY", 'download-monitor' ); ?></th>
28	- <th class="dlm-order-details-order-items-item-total"><?php _e( "Total", 'download-monitor' ); ?></th>
29	</tr>
30	</thead>
31	<tbody>
	@@ -44,8 +44,8 @@ $items = $order->get_items();
44	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-overview">
45	<tbody>
46	<tr>
47	- <th><?php _e( "Total", 'download-monitor' ); ?>:</th>
48	- <td><?php echo dlm_format_money( $order->get_total(), array( 'currency' => $order->get_currency() ) ); ?></td>
49	</tr>
50	</tbody>
51	</table>
	@@ -54,7 +54,7 @@ $items = $order->get_items();
54
55	<div class="dlm-order-details-block">
56	<h2 class="dlm-order-details-block-title">
57	- <span><?php _e( 'Transactions', 'download-monitor' ); ?></span>
58	</h2>
59	<div class="dlm-order-details-block-inside">
60	<?php
	@@ -64,12 +64,12 @@ $items = $order->get_items();
64	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-data-table">
65	<thead>
66	<tr>
67	- <th><?php _e( "ID", 'download-monitor' ); ?></th>
68	- <th><?php _e( "Date", 'download-monitor' ); ?></th>
69	- <th><?php _e( "Status", 'download-monitor' ); ?></th>
70	- <th><?php _e( "Amount", 'download-monitor' ); ?></th>
71	- <th><?php _e( "Processor", 'download-monitor' ); ?></th>
72	- <th class="dlm-order-transaction-processor-id"><?php _e( "Processor ID", 'download-monitor' ); ?></th>
73	</tr>
74	</thead>
75	<tbody>
	@@ -102,7 +102,7 @@ $items = $order->get_items();
102	</table>
103	<?php
104	else: ?>
105	- <p><?php _e( "No transactions found", 'download-monitor' ); ?></p>
106	<?php endif; ?>
107	</div>
108	</div>
	@@ -112,11 +112,11 @@ $items = $order->get_items();
112	<div class="dlm-order-details-side">
113
114	<div class="dlm-order-details-block dlm-order-details-customer">
115	- <h2 class="dlm-order-details-block-title"><span><?php _e( 'Customer', 'download-monitor' ); ?></span></h2>
116	<div class="dlm-order-details-block-inside">
117	<?php
118	if ( ! empty( $customer['email'] ) ) {
119	- echo "<img src='https://www.gravatar.com/avatar/" . md5( $customer['email'] ) . "?s=95&d=mp' alt='" . esc_attr( $customer['name'] ) . "' class='dlm-order-details-customer-image' />";
120	}
121	?>
122	<ul>
	@@ -138,36 +138,36 @@ $items = $order->get_items();
138	</div>
139
140	<div class="dlm-order-details-block">
141	- <h2 class="dlm-order-details-block-title"><span><?php _e( 'Order Details', 'download-monitor' ); ?></span>
142	</h2>
143	<div class="dlm-order-details-block-inside">
144	<ul>
145	<li>
146	- <label><?php _e( "Order Status", 'download-monitor' ); ?>:</label>
147	<select name="dlm_new_order_status" class="dlm-order-details-current-state"
148	id="dlm-order-details-current-state">
149	<?php
150	if ( ! empty( $statuses ) ) :
151	foreach ( $statuses as $status ):
152	- echo "<option value='" . $status->get_key() . "' " . selected( $status->get_key(), $order->get_status()->get_key(), false ) . ">" . $status->get_label() . "</option>" . PHP_EOL;
153	endforeach;
154	endif;
155	?>
156	</select>
157	<button class="button button-primary button-large"
158	- id="dlm-order-details-button-change-state"><?php _e( "Change", 'download-montior' ); ?></button>
159	</li>
160	<li>
161	- <label><?php _e( "Date created", 'download-monitor' ); ?>:</label>
162	<p><?php echo esc_html( date_i18n( get_option( 'date_format' ), $order->get_date_created()->format( 'U' ) ) . " " . $order->get_date_created()->format( 'H:i:s' ) ); ?></p>
163	</li>
164	<li>
165	- <label><?php _e( "IP Address", 'download-monitor' ); ?>:</label>
166	<p><?php echo esc_html( $order->get_customer()->get_ip_address() ); ?></p>
167	</li>
168	<?php if ( ! empty( $processors ) ) : ?>
169	<li>
170	- <label><?php _e( "Payment Method", 'download-monitor' ); ?>:</label>
171	<p><?php echo esc_html( $processors[ count( $processors ) - 1 ] ); ?></p>
172	</li>
173	<?php endif; ?>


11	?>
12	<div class="wrap dlm-order-details">
13
14	+ <h1><?php printf( esc_html__( 'Order Details #%s', 'download-monitor' ), esc_html( $order->get_id() ) ); ?></h1>
15
16	<div class="dlm-order-details-main">
17
18	<div class="dlm-order-details-block dlm-order-details-order-items">
19	+ <h2 class="dlm-order-details-block-title"><span><?php echo esc_html__( 'Order Items', 'download-monitor' ); ?></span>
20	</h2>
21	<div class="dlm-order-details-block-inside">
22	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-data-table">
23	<thead>
24	<tr>
25	+ <th><?php echo esc_html__( "Product", 'download-monitor' ); ?></th>
26	+ <th><?php echo esc_html__( "Price", 'download-monitor' ); ?></th>
27	+ <th><?php echo esc_html__( "QTY", 'download-monitor' ); ?></th>
28	+ <th class="dlm-order-details-order-items-item-total"><?php echo esc_html__( "Total", 'download-monitor' ); ?></th>
29	</tr>
30	</thead>
31	<tbody>

44	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-overview">
45	<tbody>
46	<tr>
47	+ <th><?php echo esc_html__( "Total", 'download-monitor' ); ?>:</th>
48	+ <td><?php echo esc_html( dlm_format_money( $order->get_total() ), array( 'currency' => $order->get_currency() ) ); ?></td>
49	</tr>
50	</tbody>
51	</table>

54
55	<div class="dlm-order-details-block">
56	<h2 class="dlm-order-details-block-title">
57	+ <span><?php echo esc_html__( 'Transactions', 'download-monitor' ); ?></span>
58	</h2>
59	<div class="dlm-order-details-block-inside">
60	<?php

64	<table cellspacing="0" cellpadding="0" border="0" class="dlm-order-details-data-table">
65	<thead>
66	<tr>
67	+ <th><?php echo esc_html__( "ID", 'download-monitor' ); ?></th>
68	+ <th><?php echo esc_html__( "Date", 'download-monitor' ); ?></th>
69	+ <th><?php echo esc_html__( "Status", 'download-monitor' ); ?></th>
70	+ <th><?php echo esc_html__( "Amount", 'download-monitor' ); ?></th>
71	+ <th><?php echo esc_html__( "Processor", 'download-monitor' ); ?></th>
72	+ <th class="dlm-order-transaction-processor-id"><?php echo esc_html__( "Processor ID", 'download-monitor' ); ?></th>
73	</tr>
74	</thead>
75	<tbody>

102	</table>
103	<?php
104	else: ?>
105	+ <p><?php echo esc_html__( "No transactions found", 'download-monitor' ); ?></p>
106	<?php endif; ?>
107	</div>
108	</div>

112	<div class="dlm-order-details-side">
113
114	<div class="dlm-order-details-block dlm-order-details-customer">
115	+ <h2 class="dlm-order-details-block-title"><span><?php echo esc_html__( 'Customer', 'download-monitor' ); ?></span></h2>
116	<div class="dlm-order-details-block-inside">
117	<?php
118	if ( ! empty( $customer['email'] ) ) {
119	+ echo "<img src='https://www.gravatar.com/avatar/" . esc_attr( md5( $customer['email'] ) ) . "?s=95&d=mp' alt='" . esc_attr( $customer['name'] ) . "' class='dlm-order-details-customer-image' />";
120	}
121	?>
122	<ul>

138	</div>
139
140	<div class="dlm-order-details-block">
141	+ <h2 class="dlm-order-details-block-title"><span><?php echo esc_html__( 'Order Details', 'download-monitor' ); ?></span>
142	</h2>
143	<div class="dlm-order-details-block-inside">
144	<ul>
145	<li>
146	+ <label><?php echo esc_html__( "Order Status", 'download-monitor' ); ?>:</label>
147	<select name="dlm_new_order_status" class="dlm-order-details-current-state"
148	id="dlm-order-details-current-state">
149	<?php
150	if ( ! empty( $statuses ) ) :
151	foreach ( $statuses as $status ):
152	+ echo "<option value='" . esc_attr( $status->get_key() ) . "' " . selected( $status->get_key(), $order->get_status()->get_key(), false ) . ">" . esc_html( $status->get_label() ) . "</option>" . PHP_EOL;
153	endforeach;
154	endif;
155	?>
156	</select>
157	<button class="button button-primary button-large"
158	+ id="dlm-order-details-button-change-state"><?php echo esc_html__( "Change", 'download-montior' ); ?></button>
159	</li>
160	<li>
161	+ <label><?php echo esc_html__( "Date created", 'download-monitor' ); ?>:</label>
162	<p><?php echo esc_html( date_i18n( get_option( 'date_format' ), $order->get_date_created()->format( 'U' ) ) . " " . $order->get_date_created()->format( 'H:i:s' ) ); ?></p>
163	</li>
164	<li>
165	+ <label><?php echo esc_html__( "IP Address", 'download-monitor' ); ?>:</label>
166	<p><?php echo esc_html( $order->get_customer()->get_ip_address() ); ?></p>
167	</li>
168	<?php if ( ! empty( $processors ) ) : ?>
169	<li>
170	+ <label><?php echo esc_html__( "Payment Method", 'download-monitor' ); ?>:</label>
171	<p><?php echo esc_html( $processors[ count( $processors ) - 1 ] ); ?></p>
172	</li>
173	<?php endif; ?>

assets/views/order/page-order-overview.php CHANGED Viewed

	@@ -12,7 +12,7 @@ if ( ! defined( 'ABSPATH' ) ) {
12
13	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
14
15	- <h1><?php _e( 'Orders', 'download-monitor' ); ?></h1>
16
17	<form method="post">
18	<?php $table->display() ?>


12
13	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
14
15	+ <h1><?php echo esc_html__( 'Orders', 'download-monitor' ); ?></h1>
16
17	<form method="post">
18	<?php $table->display() ?>

download-monitor.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Download Monitor
4	Plugin URI: https://www.download-monitor.com
5	Description: A full solution for managing and selling downloadable files, monitoring downloads and outputting download links and file information on your WordPress powered site.
6	- Version: 4.4.6
7	Author: WPChill
8	Author URI: https://wpchill.com
9	Requires at least: 5.4
	@@ -33,7 +33,7 @@ if ( ! defined( 'ABSPATH' ) ) {
33	} // Exit if accessed directly
34
35	// Define DLM Version
36	- define( 'DLM_VERSION', '4.4.6' );
37
38	// Define DLM FILE
39	define( 'DLM_PLUGIN_FILE', __FILE__ );
	@@ -65,23 +65,3 @@ if( ! function_exists( 'download_monitor_start_plugin_tracking' ) ) {
65	}
66	download_monitor_start_plugin_tracking();
67	}
68	-
69	- ini_set("xdebug.var_display_max_depth", -1);
70	- ini_set("xdebug.var_display_max_children", -1);
71	- ini_set("xdebug.var_display_max_data", -1);
72	-
73	- $active_plugins = get_option( 'active_plugins', array() );
74	- $licenses = array();
75	- if ( ! empty( $active_plugins ) ) {
76	- foreach ( $active_plugins as $plugin => $value ) {
77	- if ( 0 === strpos( $value, 'dlm' ) ) {
78	- $new_val = explode( '/', $value );
79	- $licenses[ $new_val[0] ] = get_option( $new_val[0] . '-license' );
80	- unset( $licenses[ $new_val[0] ][1] );
81	- $licenses[ $new_val[0] ] = serialize( $licenses[ $new_val[0] ] );
82	- }
83	- }
84	- }
85	-
86	- // var_dump( $licenses );
87	- // die();


3	Plugin Name: Download Monitor
4	Plugin URI: https://www.download-monitor.com
5	Description: A full solution for managing and selling downloadable files, monitoring downloads and outputting download links and file information on your WordPress powered site.
6	+ Version: 4.4.7
7	Author: WPChill
8	Author URI: https://wpchill.com
9	Requires at least: 5.4

33	} // Exit if accessed directly
34
35	// Define DLM Version
36	+ define( 'DLM_VERSION', '4.4.7' );
37
38	// Define DLM FILE
39	define( 'DLM_PLUGIN_FILE', __FILE__ );

65	}
66	download_monitor_start_plugin_tracking();
67	}

includes/admin/class-dlm-upsells.php CHANGED Viewed

	@@ -106,49 +106,48 @@ class DLM_Upsells {
106	*/
107	public function generate_upsell_box( $title, $description, $tab, $extension, $features = array(), $utm_source = null ) {
108
109	- ~~$upsell_box~~ = '<div class="wpchill-upsell">';
110
111	if ( ! empty( $title ) ) {
112	- ~~$upsell_box~~ .= '<h2>' . esc_html( $title ) . '</h2>';
113	}
114
115	if ( ! empty( $features ) ) {
116
117	- ~~$upsell_box~~ .= '<ul class="wpchill-upsell-features">';
118
119	foreach ( $features as $feature ) {
120
121	- ~~$upsell_box~~ .= '<li>';
122	if ( isset( $feature['tooltip'] ) && '' != $feature['tooltip'] ) {
123	- ~~$upsell_box~~ .= '<div class="wpchill-tooltip"><span>[?]</span>';
124	- ~~$upsell_box~~ .= '<div class="wpchill-tooltip-content">' . esc_html( $feature['tooltip'] ) . '</div>';
125	- ~~$upsell_box~~ .= '</div>';
126	- ~~$upsell_box~~ .= "<p>" . esc_html( $feature['feature'] ) . "</p>";
127	} else {
128	- ~~$upsell_box~~ .= '<span class="wpchill-check dashicons dashicons-yes"></span>' . esc_html( $feature['feature'] );
129	}
130
131	- ~~$upsell_box~~ .= '</li>';
132
133	}
134	- ~~$upsell_box~~ .= '</ul>';
135	}
136
137	if ( ! $utm_source ) {
138	$utm_source = 'settings_panel';
139	}
140
141	- ~~$upsell_box~~ .= '<p class="wpchill-upsell-description">' . esc_html( $description ) . '</p>';
142	- ~~$upsell_box~~ .= '<p>';
143
144	- $buttons = '<a target="_blank" href="https://download-monitor.com/extensions/' . $extension . '/?utm_source=' . $utm_source . '&utm_medium=upsell&utm_campaign=w.org&utm_content=' . $tab . '" class="button-primary button">' . esc_html__( 'Get Extension!', 'download-monitor' ) . '</a>';
145
146	- ~~$upsell_box~~ .= apply_filters( 'dlm_upsell_buttons', $buttons, $tab );
147
148	- ~~$upsell_box~~ .= '</p>';
149	- ~~$upsell_box~~ .= '</div>';
150
151	- return $upsell_box;
152	}
153
154	/**
	@@ -353,12 +352,22 @@ class DLM_Upsells {
353
354	if ( ! $this->check_extension( 'dlm-download-duplicator' ) ) {
355
356	- ~~echo~~ $this->generate_upsell_box( ~~'Duplicate your downloads', 'You’re one click away from duplicating downloads, including their data, versions, and files.', 'general', 'download-duplicator' );~~





357	}
358
359	if ( ! $this->check_extension( 'dlm-email-notification' ) ) {
360
361	- ~~echo~~ $this->generate_upsell_box( ~~'Email notifications', 'Create an email alert to be notified each time one of your files has been downloaded.', 'general', 'email-notification' );~~





362	}
363
364	}
	@@ -373,32 +382,62 @@ class DLM_Upsells {
373
374	if ( ! $this->check_extension( 'dlm-advanced-access-manager' ) ) {
375
376	- ~~echo~~ $this->generate_upsell_box( ~~'Advanced access manager', 'Limit access to your downloads by setting advanced access rules and restrictions with this extension.', 'access', 'advanced-access-manager' );~~





377	}
378
379	if ( ! $this->check_extension( 'dlm-twitter-lock' ) ) {
380
381	- ~~echo~~ $this->generate_upsell_box( ~~'Twitter lock', 'Allow your users to tweet a pre-defined text before accessing a download.', 'access', 'twitter-lock' );~~





382	}
383
384	if ( ! $this->check_extension( 'dlm-email-lock' ) ) {
385
386	- ~~echo~~ $this->generate_upsell_box( ~~'Email lock', 'Require your users’ email addresses to send newsletters and create a list of your customers.', 'access', 'email-lock' );~~





387	}
388
389	if ( ! $this->check_extension( 'dlm-gravity-forms' ) ) {
390
391	- ~~echo~~ $this->generate_upsell_box( ~~'Gravity forms extension', 'Ask users to fill in a form created on Gravity Forms before they start downloading your files.', 'access', 'gravity-forms' );~~





392	}
393
394	if ( ! $this->check_extension( 'dlm-ninja-forms' ) ) {
395
396	- ~~echo~~ $this->generate_upsell_box( ~~'Ninja forms extension', 'Use the Ninja Forms extension to add forms easily to your download files.', 'access', 'ninja-forms' );~~





397	}
398
399	if ( ! $this->check_extension( 'dlm-mailchimp-lock' ) ) {
400
401	- ~~echo~~ $this->generate_upsell_box( ~~'Mailchimp extension', 'Create a MailChimp list and ask users to subscribe to it before accessing a downloadable file.', 'access', 'mailchimp-lock' );~~





402	}
403
404	}
	@@ -413,7 +452,12 @@ class DLM_Upsells {
413
414	if ( ! $this->check_extension( 'dlm-captcha' ) ) {
415
416	- ~~echo~~ $this->generate_upsell_box( ~~'Captcha', 'Stop bots from spamming your downloads and ask users to complete Google reCAPTCHA.', 'logging', 'captcha' );~~





417	}
418
419	}
	@@ -428,7 +472,12 @@ class DLM_Upsells {
428
429	if ( ! $this->check_extension( 'dlm-terms-and-conditions' ) ) {
430
431	- ~~echo~~ $this->generate_upsell_box( ~~'Terms and conditions', 'Require your users to accept your terms and conditions before they can download your files.', 'terns_and_conditions', 'terms-and-conditions' );~~





432	}
433
434	}
	@@ -443,7 +492,12 @@ class DLM_Upsells {
443
444	if ( ! $this->check_extension( 'dlm-email-notification' ) ) {
445
446	- ~~echo~~ $this->generate_upsell_box( ~~'Email notifications', 'The Email Notification extension for Download Monitor sends you an email whenever one of your files is downloaded', 'email_notifications', 'email-notifications' );~~





447	}
448
449	}
	@@ -458,12 +512,22 @@ class DLM_Upsells {
458
459	if ( ! $this->check_extension( 'dlm-terms-conditions' ) ) {
460
461	- ~~echo~~ $this->generate_upsell_box( ~~'Terms & Conditions', 'Easily require your visitors to agree to your terms and conditions before downloading files.', 'pages', 'terms-conditions' );~~





462	}
463
464	if ( ! $this->check_extension( 'dlm-page-addon' ) ) {
465
466	- ~~echo~~ $this->generate_upsell_box( ~~'Page Addon', 'List all downloads, categories, tags, and showcase info pages of each resource with a self-contained [download_page] shortcode!', 'pages', 'page-addon' );~~





467	}
468
469	}
	@@ -478,7 +542,12 @@ class DLM_Upsells {
478
479	if ( ! $this->check_extension( 'dlm-buttons' ) ) {
480
481	- ~~echo~~ $this->generate_upsell_box( 'Buttons', 'The Buttons extension allows you to customize your download buttons as you please in order to improve the user experience. Create stunning buttons without needing any coding skills!', 'cpt', 'buttons' );





482	}
483
484	}
	@@ -493,13 +562,22 @@ class DLM_Upsells {
493
494	if ( ! $this->check_extension( 'dlm-csv-impoter' ) ) {
495
496	- ~~echo~~ $this->generate_upsell_box( ~~'Importer', 'Easily import your downloads, including their categories, tags, and files.~~
497	- ', '~~endpoint~~', '~~csv~~-~~impoter~~' );




498	}
499
500	if ( ! $this->check_extension( 'dlm-csv-exporter' ) ) {
501
502	- ~~echo~~ $this->generate_upsell_box( ~~'Exporter', 'With a single click, you can quickly export your downloads and their tags, categories, and file versions to a CSV file.', 'endpoint', 'csv-exporter' );~~





503	}
504
505	}
	@@ -513,7 +591,12 @@ class DLM_Upsells {
513
514	if ( ! $this->check_extension( 'dlm-downloading-page' ) ) {
515
516	- ~~echo~~ $this->generate_upsell_box( ~~'', esc_html__( 'Customize the downloading page by adding banners, ads, and anything you like.', 'download-monitor' ), 'downloading_page', 'downloading-page' );~~





517	}
518
519	}
	@@ -527,17 +610,32 @@ class DLM_Upsells {
527
528	if ( ! $this->check_extension( 'dlm-ninja-forms' ) ) {
529
530	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Ninja Forms extension', 'download-monitor' ), esc_html__( 'The Ninja Forms extension for Download Monitor allows you to require users to fill in a Ninja Forms form before they gain access to a download.', 'download-monitor' ), 'ninja_forms', 'ninja-forms' );





531	}
532
533	if ( ! $this->check_extension( 'dlm-email-lock' ) ) {
534
535	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Email lock extension', 'download-monitor' ), esc_html__( 'The Email Lock extension for Download Monitor allows you to require users to fill in their email address before they gain access to a download.', 'download-monitor' ), 'email_lock', 'email-lock' );





536	}
537
538	if ( ! $this->check_extension( 'dlm-gravity-forms' ) ) {
539
540	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Gravity Forms extension', 'download-monitor' ), esc_html__( 'The Gravity Forms extension for Download Monitor allows you to require users to fill out a Gravity Forms form before they gain access to a download.', 'download-monitor' ), 'gravity_forms', 'gravity-forms' );





541	}
542
543	}
	@@ -551,15 +649,24 @@ class DLM_Upsells {
551
552	if ( ! $this->check_extension( 'dlm-amazon-s3' ) ) {
553
554	- ~~echo~~ $this->generate_upsell_box( ~~esc_html__( 'Amazon S3', 'download-monitor' ), esc_html__( 'Link to files hosted on Amazon s3 so that you can serve secure, expiring download links.', 'download-monitor' ), 'amazon_s3', 'amazon-s3' );~~





555	}
556
557	if ( ! $this->check_extension( 'dlm-google-drive' ) ) {
558
559	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Google Drive', 'download-monitor' ), esc_html__( 'With this extension, you can integrate your files from Google Drive into Download Monitor.', 'download-monitor' ), 'google_drive', 'google-drive' );





560	}
561
562	-
563	}
564
565
	@@ -572,12 +679,22 @@ class DLM_Upsells {
572
573	if ( ! $this->check_extension( 'dlm-page-addon' ) ) {
574
575	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Page addon extension', 'download-monitor' ), esc_html__( 'Add a self contained [download_page] shortcode to your site to list downloads, categories, tags, and show info pages about each of your resources.', 'download-monitor' ), 'page_addon', 'page-addon' );





576	}
577
578	if ( ! $this->check_extension( 'dlm-downloading-page' ) ) {
579
580	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Downloading page extension', 'download-monitor' ), esc_html__( 'The Downloading Page extension for Download Monitor forces your downloads to be served from a separate page.', 'download-monitor' ), 'downloading_page', 'downloading-page' );





581	}
582
583
	@@ -592,7 +709,12 @@ class DLM_Upsells {
592
593	if ( ! $this->check_extension( 'dlm=captcha' ) ) {
594
595	- ~~echo~~ $this->generate_upsell_box( esc_html__( 'Captcha extension', 'download-monitor' ), esc_html__( 'The Captcha extension for Download Monitor allows you to require users to complete a Google reCAPTCHA before they gain access to a download.', 'download-monitor' ), 'captcha', 'captcha' );





596	}
597
598
	@@ -612,12 +734,28 @@ class DLM_Upsells {
612
613	if ( ! $this->check_extension( 'dlm-amazon-s3' ) ) {
614
615	- echo '<div class="upsells-column"><span class="dashicons dashicons-amazon"></span~~><h3~~>' . esc_html__( 'Amazon S3', 'download-monitor' ) . '</h3>' . $this->generate_upsell_box( '', esc_html__( 'Use Amazon S3 links for Download Monitor files to run secure, expiring download links.', 'download-monitor' ), 'amazon_s3', 'amazon-s3' ) . '</div>';








616	}
617
618	if ( ! $this->check_extension( 'dlm-google-drive' ) ) {
619
620	- echo '<div class="upsells-column"><span class="dashicons dashicons-google"></span~~><h3~~>' . esc_html__( 'Google Drive', 'download-monitor' ) . '</h3>' . $this->generate_upsell_box( '', esc_html__( 'With this extension, you can integrate your files from Google Drive into Download Monitor.', 'download-monitor' ), 'google_drive', 'google-drive' ) . '</div>';








621	}
622
623	echo '</div>';
	@@ -633,7 +771,12 @@ class DLM_Upsells {
633
634	if ( ! $this->check_extension( 'dlm-captcha' ) ) {
635
636	- ~~echo~~ $this->generate_upsell_box( ~~'Captcha', 'Stop bots from spamming your downloads and ask users to complete Google reCAPTCHA.', 'logging', 'captcha' );~~





637	}
638
639	}


106	*/
107	public function generate_upsell_box( $title, $description, $tab, $extension, $features = array(), $utm_source = null ) {
108
109	+ echo '<div class="wpchill-upsell">';
110
111	if ( ! empty( $title ) ) {
112	+ echo '<h2>' . esc_html( $title ) . '</h2>';
113	}
114
115	if ( ! empty( $features ) ) {
116
117	+ echo '<ul class="wpchill-upsell-features">';
118
119	foreach ( $features as $feature ) {
120
121	+ echo '<li>';
122	if ( isset( $feature['tooltip'] ) && '' != $feature['tooltip'] ) {
123	+ echo '<div class="wpchill-tooltip"><span>[?]</span>';
124	+ echo '<div class="wpchill-tooltip-content">' . esc_html( $feature['tooltip'] ) . '</div>';
125	+ echo '</div>';
126	+ echo "<p>" . esc_html( $feature['feature'] ) . "</p>";
127	} else {
128	+ echo '<span class="wpchill-check dashicons dashicons-yes"></span>' . esc_html( $feature['feature'] );
129	}
130
131	+ echo '</li>';
132
133	}
134	+ echo '</ul>';
135	}
136
137	if ( ! $utm_source ) {
138	$utm_source = 'settings_panel';
139	}
140
141	+ echo '<p class="wpchill-upsell-description">' . esc_html( $description ) . '</p>';
142	+ echo '<p>';
143
144	+ $buttons = '<a target="_blank" href="https://download-monitor.com/extensions/' . esc_attr( $extension ) . '/?utm_source=' . esc_attr( $utm_source ) . '&utm_medium=upsell&utm_campaign=w.org&utm_content=' . esc_attr( $tab ) . '" class="button-primary button">' . esc_html__( 'Get Extension!', 'download-monitor' ) . '</a>';
145
146	+ echo wp_kses_post( apply_filters( 'dlm_upsell_buttons', $buttons, $tab ) );
147
148	+ echo '</p>';
149	+ echo '</div>';
150

151	}
152
153	/**

352
353	if ( ! $this->check_extension( 'dlm-download-duplicator' ) ) {
354
355	+ $this->generate_upsell_box(
356	+ __( 'Duplicate your downloads', 'download-monitor' ),
357	+ __( 'You’re one click away from duplicating downloads, including their data, versions, and files.', 'download-monitor' ),
358	+ 'general',
359	+ 'download-duplicator'
360	+ );
361	}
362
363	if ( ! $this->check_extension( 'dlm-email-notification' ) ) {
364
365	+ $this->generate_upsell_box(
366	+ __( 'Email notifications', 'download-monitor' ),
367	+ __( 'Create an email alert to be notified each time one of your files has been downloaded.', 'download-monitor' ),
368	+ 'general',
369	+ 'email-notification'
370	+ );
371	}
372
373	}

382
383	if ( ! $this->check_extension( 'dlm-advanced-access-manager' ) ) {
384
385	+ $this->generate_upsell_box(
386	+ __( 'Advanced access manager', 'download-monitor' ),
387	+ __( 'Limit access to your downloads by setting advanced access rules and restrictions with this extension.', 'download-monitor' ),
388	+ 'access',
389	+ 'advanced-access-manager'
390	+ );
391	}
392
393	if ( ! $this->check_extension( 'dlm-twitter-lock' ) ) {
394
395	+ $this->generate_upsell_box(
396	+ __( 'Twitter lock', 'download-monitor' ),
397	+ __( 'Allow your users to tweet a pre-defined text before accessing a download.', 'download-monitor' ),
398	+ 'access',
399	+ 'twitter-lock'
400	+ );
401	}
402
403	if ( ! $this->check_extension( 'dlm-email-lock' ) ) {
404
405	+ $this->generate_upsell_box(
406	+ __( 'Email lock', 'download-monitor' ),
407	+ __( 'Require your users’ email addresses to send newsletters and create a list of your customers.', 'download-monitor' ),
408	+ 'access',
409	+ 'email-lock'
410	+ );
411	}
412
413	if ( ! $this->check_extension( 'dlm-gravity-forms' ) ) {
414
415	+ $this->generate_upsell_box(
416	+ __( 'Gravity forms extension', 'download-monitor' ),
417	+ __( 'Ask users to fill in a form created on Gravity Forms before they start downloading your files.', 'download-monitor' ),
418	+ 'access',
419	+ 'gravity-forms'
420	+ );
421	}
422
423	if ( ! $this->check_extension( 'dlm-ninja-forms' ) ) {
424
425	+ $this->generate_upsell_box(
426	+ __( 'Ninja forms extension', 'download-monitor' ),
427	+ __( 'Use the Ninja Forms extension to add forms easily to your download files.', 'download-monitor' ),
428	+ 'access',
429	+ 'ninja-forms'
430	+ );
431	}
432
433	if ( ! $this->check_extension( 'dlm-mailchimp-lock' ) ) {
434
435	+ $this->generate_upsell_box(
436	+ __( 'Mailchimp extension', 'download-monitor' ),
437	+ __( 'Create a MailChimp list and ask users to subscribe to it before accessing a downloadable file.', 'download-monitor' ),
438	+ 'access',
439	+ 'mailchimp-lock'
440	+ );
441	}
442
443	}

452
453	if ( ! $this->check_extension( 'dlm-captcha' ) ) {
454
455	+ $this->generate_upsell_box(
456	+ __( 'Captcha', 'download-monitor' ),
457	+ __( 'Stop bots from spamming your downloads and ask users to complete Google reCAPTCHA.', 'download-monitor' ),
458	+ 'logging',
459	+ 'captcha'
460	+ );
461	}
462
463	}

472
473	if ( ! $this->check_extension( 'dlm-terms-and-conditions' ) ) {
474
475	+ $this->generate_upsell_box(
476	+ __( 'Terms and conditions', 'download-monitor' ),
477	+ __( 'Require your users to accept your terms and conditions before they can download your files.', 'download-monitor' ),
478	+ 'terns_and_conditions',
479	+ 'terms-and-conditions'
480	+ );
481	}
482
483	}

492
493	if ( ! $this->check_extension( 'dlm-email-notification' ) ) {
494
495	+ $this->generate_upsell_box(
496	+ __( 'Email notifications', 'download-monitor' ),
497	+ __( 'The Email Notification extension for Download Monitor sends you an email whenever one of your files is downloaded', 'download-monitor' ),
498	+ 'email_notifications',
499	+ 'email-notifications'
500	+ );
501	}
502
503	}

512
513	if ( ! $this->check_extension( 'dlm-terms-conditions' ) ) {
514
515	+ $this->generate_upsell_box(
516	+ __( 'Terms & Conditions', 'download-monitor' ),
517	+ __( 'Easily require your visitors to agree to your terms and conditions before downloading files.', 'download-monitor' ),
518	+ 'pages',
519	+ 'terms-conditions'
520	+ );
521	}
522
523	if ( ! $this->check_extension( 'dlm-page-addon' ) ) {
524
525	+ $this->generate_upsell_box(
526	+ __( 'Page Addon', 'download-monitor' ),
527	+ __( 'List all downloads, categories, tags, and showcase info pages of each resource with a self-contained [download_page] shortcode!', 'download-monitor' ),
528	+ 'pages',
529	+ 'page-addon'
530	+ );
531	}
532
533	}

542
543	if ( ! $this->check_extension( 'dlm-buttons' ) ) {
544
545	+ $this->generate_upsell_box(
546	+ __( 'Buttons', 'download-monitor' ),
547	+ __( 'The Buttons extension allows you to customize your download buttons as you please in order to improve the user experience. Create stunning buttons without needing any coding skills!', 'download-monitor' ),
548	+ 'cpt',
549	+ 'buttons'
550	+ );
551	}
552
553	}

562
563	if ( ! $this->check_extension( 'dlm-csv-impoter' ) ) {
564
565	+ $this->generate_upsell_box(
566	+ __( 'Importer', 'download-monitor' ),
567	+ __( 'Easily import your downloads, including their categories, tags, and files.', 'download-monitor' ),
568	+ 'endpoint',
569	+ 'csv-impoter'
570	+ );
571	}
572
573	if ( ! $this->check_extension( 'dlm-csv-exporter' ) ) {
574
575	+ $this->generate_upsell_box(
576	+ __( 'Exporter', 'download-monitor' ),
577	+ __( 'With a single click, you can quickly export your downloads and their tags, categories, and file versions to a CSV file.', 'download-monitor' ),
578	+ 'endpoint',
579	+ 'csv-exporter'
580	+ );
581	}
582
583	}

591
592	if ( ! $this->check_extension( 'dlm-downloading-page' ) ) {
593
594	+ $this->generate_upsell_box(
595	+ '',
596	+ __( 'Customize the downloading page by adding banners, ads, and anything you like.', 'download-monitor' ),
597	+ 'downloading_page',
598	+ 'downloading-page'
599	+ );
600	}
601
602	}

610
611	if ( ! $this->check_extension( 'dlm-ninja-forms' ) ) {
612
613	+ $this->generate_upsell_box(
614	+ __( 'Ninja Forms extension', 'download-monitor' ),
615	+ __( 'The Ninja Forms extension for Download Monitor allows you to require users to fill in a Ninja Forms form before they gain access to a download.','download-monitor' ),
616	+ 'ninja_forms',
617	+ 'ninja-forms'
618	+ );
619	}
620
621	if ( ! $this->check_extension( 'dlm-email-lock' ) ) {
622
623	+ $this->generate_upsell_box(
624	+ __( 'Email lock extension', 'download-monitor' ),
625	+ __( 'The Email Lock extension for Download Monitor allows you to require users to fill in their email address before they gain access to a download.', 'download-monitor' ),
626	+ 'email_lock',
627	+ 'email-lock'
628	+ );
629	}
630
631	if ( ! $this->check_extension( 'dlm-gravity-forms' ) ) {
632
633	+ $this->generate_upsell_box(
634	+ __( 'Gravity Forms extension', 'download-monitor' ),
635	+ __( 'The Gravity Forms extension for Download Monitor allows you to require users to fill out a Gravity Forms form before they gain access to a download.', 'download-monitor' ),
636	+ 'gravity_forms',
637	+ 'gravity-forms'
638	+ );
639	}
640
641	}

649
650	if ( ! $this->check_extension( 'dlm-amazon-s3' ) ) {
651
652	+ $this->generate_upsell_box(
653	+ __( 'Amazon S3', 'download-monitor' ),
654	+ __( 'Link to files hosted on Amazon s3 so that you can serve secure, expiring download links.', 'download-monitor' ),
655	+ 'amazon_s3',
656	+ 'amazon-s3'
657	+ );
658	}
659
660	if ( ! $this->check_extension( 'dlm-google-drive' ) ) {
661
662	+ $this->generate_upsell_box(
663	+ __( 'Google Drive', 'download-monitor' ),
664	+ __( 'With this extension, you can integrate your files from Google Drive into Download Monitor.', 'download-monitor' ),
665	+ 'google_drive',
666	+ 'google-drive'
667	+ );
668	}
669

670	}
671
672

679
680	if ( ! $this->check_extension( 'dlm-page-addon' ) ) {
681
682	+ $this->generate_upsell_box(
683	+ __( 'Page addon extension', 'download-monitor' ),
684	+ __( 'Add a self contained [download_page] shortcode to your site to list downloads, categories, tags, and show info pages about each of your resources.', 'download-monitor' ),
685	+ 'page_addon',
686	+ 'page-addon'
687	+ );
688	}
689
690	if ( ! $this->check_extension( 'dlm-downloading-page' ) ) {
691
692	+ $this->generate_upsell_box(
693	+ __( 'Downloading page extension', 'download-monitor' ),
694	+ __( 'The Downloading Page extension for Download Monitor forces your downloads to be served from a separate page.', 'download-monitor' ),
695	+ 'downloading_page',
696	+ 'downloading-page'
697	+ );
698	}
699
700

709
710	if ( ! $this->check_extension( 'dlm=captcha' ) ) {
711
712	+ $this->generate_upsell_box(
713	+ __( 'Captcha extension', 'download-monitor' ),
714	+ __( 'The Captcha extension for Download Monitor allows you to require users to complete a Google reCAPTCHA before they gain access to a download.', 'download-monitor' ),
715	+ 'captcha',
716	+ 'captcha'
717	+ );
718	}
719
720

734
735	if ( ! $this->check_extension( 'dlm-amazon-s3' ) ) {
736
737	+ echo '<div class="upsells-column"><span class="dashicons dashicons-amazon"></span>';
738	+ echo '<h3>' . esc_html__( 'Amazon S3', 'download-monitor' ) . '</h3>';
739	+ $this->generate_upsell_box(
740	+ '',
741	+ __( 'Use Amazon S3 links for Download Monitor files to run secure, expiring download links.', 'download-monitor' ),
742	+ 'amazon_s3',
743	+ 'amazon-s3'
744	+ );
745	+ echo '</div>';
746	}
747
748	if ( ! $this->check_extension( 'dlm-google-drive' ) ) {
749
750	+ echo '<div class="upsells-column"><span class="dashicons dashicons-google"></span>';
751	+ echo '<h3>' . esc_html__( 'Google Drive', 'download-monitor' ) . '</h3>';
752	+ $this->generate_upsell_box(
753	+ '',
754	+ __( 'With this extension, you can integrate your files from Google Drive into Download Monitor.', 'download-monitor' ),
755	+ 'google_drive',
756	+ 'google-drive'
757	+ );
758	+ echo '</div>';
759	}
760
761	echo '</div>';

771
772	if ( ! $this->check_extension( 'dlm-captcha' ) ) {
773
774	+ $this->generate_upsell_box(
775	+ __( 'Captcha', 'download-monitor' ),
776	+ __( 'Stop bots from spamming your downloads and ask users to complete Google reCAPTCHA.', 'download-monitor' ),
777	+ 'logging',
778	+ 'captcha'
779	+ );
780	}
781
782	}

includes/admin/uninstall/class-dlm-uninstall.php CHANGED Viewed

	@@ -103,7 +103,7 @@ class DLM_Uninstall {
103	$after_input = '</strong>';
104	}
105
106	- echo ' <p><input type="checkbox" name="' . esc_attr( $key ) . ' " id="' . esc_attr( $key ) . '" value="' . esc_attr( $key ) . '"> <label for="' . esc_attr( $key ) . '">' . $before_input . esc_attr( $option['label'] ) . $after_input . '</label><p class="description">' . esc_html( $option['description'] ) . '</p><br>';
107	}
108	?>
109	</div><!-- .dlm-uninstall-options -->
	@@ -169,7 +169,8 @@ class DLM_Uninstall {
169	global $wpdb;
170	check_ajax_referer( 'dlm_uninstall_plugin', 'security' );
171
172	- ~~$uninstall_option~~ = ~~isset( $_POST[~~'~~options']~~ ) ? ~~$_POST['options'] : false;~~

173
174	// Delete options
175	if ( '1' == $uninstall_option['delete_options'] ) {


103	$after_input = '</strong>';
104	}
105
106	+ echo ' <p><input type="checkbox" name="' . esc_attr( $key ) . ' " id="' . esc_attr( $key ) . '" value="' . esc_attr( $key ) . '"> <label for="' . esc_attr( $key ) . '">' . wp_kses_post( $before_input ) . esc_attr( $option['label'] ) . wp_kses_post( $after_input ) . '</label><p class="description">' . esc_html( $option['description'] ) . '</p><br>';
107	}
108	?>
109	</div><!-- .dlm-uninstall-options -->

169	global $wpdb;
170	check_ajax_referer( 'dlm_uninstall_plugin', 'security' );
171
172	+ // we can't unslash an array
173	+ $uninstall_option = isset( $_POST['options'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['options'] ) ) : false;
174
175	// Delete options
176	if ( '1' == $uninstall_option['delete_options'] ) {

includes/php-too-low.php CHANGED Viewed

@@ -6,33 +6,38 @@ if ( ! defined( 'ABSPATH' ) ) {
             function dlm_admin_notice_php_version() {
             	$version_parts     = explode( '.', phpversion() );
-            -
            	$user_version_nice = "";
             	if ( ! empty( $version_parts[0] ) ) {
             		$user_version_nice .= $version_parts[0];
+            	}
             	if ( ! empty( $version_parts[1] ) ) {
-            -
            		$user_version_nice .= "." . $version_parts[1];
+            	}
-            -
             	?>
-            -
                <div class="notice notice-error is-dismissible">
-            -
                    <h3><?php _e( 'PHP Version too low!', 'download-monitor' ); ?></h3>
-            -
                    <p><?php
             			printf(
-            -
            				__( "Download Monitor can't be loaded because it needs at least %s but the server that is hosting your WordPress website is running %s", 'download-monitor' ),
-            -
            				'<strong>' . sprintf( __( 'PHP Version %s', 'download-monitor' ), '5.3' ) . '</strong>',
-            -
            				'<strong>' . sprintf( __( 'PHP Version %s', 'download-monitor' ), $user_version_nice ) . '</strong>'
-            -
            			); ?></p>
-            -
                    <p><?php printf(
-            -
            				__( "You can learn more about why it's important that you update and get tips on how to update by %s", 'download-monitor' ),
-            -
            				'<a href="https://www.download-monitor.com/kb/minimum-required-php-version/" target="_blank">' . __( 'clicking this link', 'download-monitor' ) . '</a>'
             			);
-            -
            			?></p>
-            -
                    <p><?php _e( "After you've upgraded your PHP version, Download Monitor will automatically load and work.", 'download-monitor' ); ?></p>
-            -
                    <p></p>
-            -
                </div>
             	<?php
+            }
-            -
            add_action( 'admin_notices', 'dlm_admin_notice_php_version' );


6	function dlm_admin_notice_php_version() {
7
8	$version_parts = explode( '.', phpversion() );
9	+ $user_version_nice = '';
10	if ( ! empty( $version_parts[0] ) ) {
11	$user_version_nice .= $version_parts[0];
12	}
13	if ( ! empty( $version_parts[1] ) ) {
14	+ $user_version_nice .= '.' . $version_parts[1];
15	}
16

17	?>
18	+ <div class="notice notice-error is-dismissible">
19	+ <h3><?php echo esc_html__( 'PHP Version too low!', 'download-monitor' ); ?></h3>
20	+ <p>
21	+ <?php
22	printf(
23	+ esc_html_e( "Download Monitor can't be loaded because it needs at least %1\$s but the server that is hosting your WordPress website is running %2\$s", 'download-monitor' ),
24	+ '<strong>' . sprintf( esc_html_e( 'PHP Version %s', 'download-monitor' ), '5.3' ) . '</strong>',
25	+ '<strong>' . sprintf( esc_html_e( 'PHP Version %s', 'download-monitor' ), esc_html( $user_version_nice ) ) . '</strong>'




26	);
27	+ ?>
28	+ </p>
29	+ <p>
30	+ <?php
31	+ printf(
32	+ esc_html_e( "You can learn more about why it's important that you update and get tips on how to update by %s", 'download-monitor' ),
33	+ '<a href="https://www.download-monitor.com/kb/minimum-required-php-version/" target="_blank">' . esc_html_e( 'clicking this link', 'download-monitor' ) . '</a>'
34	+ );
35	+ ?>
36	+ </p>
37	+ <p><?php echo esc_html__( "After you've upgraded your PHP version, Download Monitor will automatically load and work.", 'download-monitor' ); ?></p>
38	+ <p></p>
39	+ </div>
40	<?php
41	}
42
43	+ add_action( 'admin_notices', 'dlm_admin_notice_php_version' );

includes/tracking/class-download-monitor-usage-tracker.php CHANGED Viewed

	@@ -294,9 +294,6 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
294	'user-agent' => 'PUT/1.0.0; ' . home_url(),
295	)
296	);
297	- ini_set( 'xdebug.var_display_max_depth', '100' );
298	- ini_set( 'xdebug.var_display_max_children', '25006' );
299	- ini_set( 'xdebug.var_display_max_data', '102004' );
300
301	$this->set_track_time();
302
	@@ -337,7 +334,7 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
337	}
338	$body['marketing_method'] = $this->marketing;
339
340	- $body['server'] = isset( $_SERVER['SERVER_SOFTWARE'] ) ? $_SERVER['SERVER_SOFTWARE'] : '';
341
342	// Extra PHP fields.
343	$body['memory_limit'] = ini_get( 'memory_limit' );
	@@ -805,7 +802,7 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
805	// Check for plugin args.
806	if ( isset( $_GET['plugin'] ) && $this->plugin_name === $_GET['plugin'] && isset( $_GET['plugin_action'] ) ) {
807
808	- $action = sanitize_text_field( $_GET['plugin_action'] );
809	if ( $action === 'yes' ) {
810	$this->set_is_tracking_allowed( true, $this->plugin_name );
811	// Run this straightaway.
	@@ -894,8 +891,8 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
894	<p><?php echo '<strong>' . esc_html( $plugin_name ) . '</strong>'; ?></p>
895	<p><?php echo esc_html( $notice_text ); ?></p>
896	<p>
897	- <a href="<?php echo esc_url( $url_yes ); ?>" class="button-secondary"><?php _e( 'Allow', 'download-monitor' ); ?></a>
898	- <a href="<?php echo esc_url( $url_no ); ?>" class="button-secondary"><?php _e( 'Do Not Allow', 'download-monitor' ); ?></a>
899	</p>
900	</div>
901	<?php
	@@ -913,7 +910,7 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
913	// Check if user has opted in to marketing.
914	if ( isset( $_GET['marketing_optin'] ) ) {
915	// Set marketing optin.
916	- $this->set_can_collect_email( sanitize_text_field( $_GET['marketing_optin'] ), $this->plugin_name );
917	// Do tracking.
918	$this->do_tracking();
919	} elseif ( isset( $_GET['marketing'] ) && $_GET['marketing'] == 'yes' ) {
	@@ -946,8 +943,8 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
946	<p><?php echo '<strong>' . esc_html( $plugin_name ) . '</strong>'; ?></p>
947	<p><?php echo esc_html( $marketing_text ); ?></p>
948	<p>
949	- <a href="<?php echo esc_url( $url_yes ); ?>" data-putnotice="yes" class="button-secondary"><?php _e( 'Yes Please', 'download-monitor' ); ?></a>
950	- <a href="<?php echo esc_url( $url_no ); ?>" data-putnotice="no" class="button-secondary"><?php _e( 'No Thank You', 'download-monitor' ); ?></a>
951	</p>
952	</div>
953	<?php
	@@ -1110,7 +1107,7 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
1110	// We'll send the user to this deactivation link when they've completed or dismissed the form.
1111	$( 'body' ).toggleClass( '<?php echo esc_attr($this->plugin_name); ?>-put-form-active' );
1112	$( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).fadeIn();
1113	- $( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).html( '<?php echo $html; ?>' + '<div class="<?php echo esc_attr($this->plugin_name); ?>-put-goodbye-form-footer"><p><a id="<?php echo esc_attr($this->plugin_name); ?>-put-submit-form" class="button primary" href="#"><?php _e( 'Submit and Deactivate', 'download-monitor' ); ?></a> <a class="secondary button" href="' + url + '"><?php _e( 'Just Deactivate', 'download-monitor' ); ?></a></p></div>' );
1114	} );
1115
1116	$( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).on( "click", "#<?php echo esc_attr( $this->plugin_name ); ?>-put-submit-form", function ( e ) {
	@@ -1132,7 +1129,7 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
1132	'action' : '<?php echo esc_attr($this->plugin_name); ?>_goodbye_form',
1133	'values' : values,
1134	'details' : details,
1135	- 'security': "<?php echo wp_create_nonce( 'wisdom_goodbye_form' ); ?>",
1136	'dataType': "json"
1137	}
1138
	@@ -1170,12 +1167,14 @@ if ( ! class_exists( 'Download_Monitor_Usage_Tracker' ) ) {
1170	check_ajax_referer( 'wisdom_goodbye_form', 'security' );
1171
1172	if ( isset( $_POST['values'] ) ) {
1173	- $values = ~~json_encode(~~ wp_unslash( $_POST['values'] ) );


1174	update_option( 'wisdom_deactivation_reason_' . $this->plugin_name, $values );
1175	}
1176
1177	if ( isset( $_POST['details'] ) ) {
1178	- $details = sanitize_text_field( $_POST['details'] );
1179	update_option( 'wisdom_deactivation_details_' . $this->plugin_name, $details );
1180	}
1181


294	'user-agent' => 'PUT/1.0.0; ' . home_url(),
295	)
296	);



297
298	$this->set_track_time();
299

334	}
335	$body['marketing_method'] = $this->marketing;
336
337	+ $body['server'] = isset( $_SERVER['SERVER_SOFTWARE'] ) ? sanitize_text_field( wp_unslash($_SERVER['SERVER_SOFTWARE']) ) : '';
338
339	// Extra PHP fields.
340	$body['memory_limit'] = ini_get( 'memory_limit' );

802	// Check for plugin args.
803	if ( isset( $_GET['plugin'] ) && $this->plugin_name === $_GET['plugin'] && isset( $_GET['plugin_action'] ) ) {
804
805	+ $action = sanitize_text_field( wp_unslash($_GET['plugin_action']) );
806	if ( $action === 'yes' ) {
807	$this->set_is_tracking_allowed( true, $this->plugin_name );
808	// Run this straightaway.

891	<p><?php echo '<strong>' . esc_html( $plugin_name ) . '</strong>'; ?></p>
892	<p><?php echo esc_html( $notice_text ); ?></p>
893	<p>
894	+ <a href="<?php echo esc_url( $url_yes ); ?>" class="button-secondary"><?php echo esc_html__( 'Allow', 'download-monitor' ); ?></a>
895	+ <a href="<?php echo esc_url( $url_no ); ?>" class="button-secondary"><?php echo esc_html__( 'Do Not Allow', 'download-monitor' ); ?></a>
896	</p>
897	</div>
898	<?php

910	// Check if user has opted in to marketing.
911	if ( isset( $_GET['marketing_optin'] ) ) {
912	// Set marketing optin.
913	+ $this->set_can_collect_email( sanitize_text_field( wp_unslash($_GET['marketing_optin']) ), $this->plugin_name );
914	// Do tracking.
915	$this->do_tracking();
916	} elseif ( isset( $_GET['marketing'] ) && $_GET['marketing'] == 'yes' ) {

943	<p><?php echo '<strong>' . esc_html( $plugin_name ) . '</strong>'; ?></p>
944	<p><?php echo esc_html( $marketing_text ); ?></p>
945	<p>
946	+ <a href="<?php echo esc_url( $url_yes ); ?>" data-putnotice="yes" class="button-secondary"><?php echo esc_html__( 'Yes Please', 'download-monitor' ); ?></a>
947	+ <a href="<?php echo esc_url( $url_no ); ?>" data-putnotice="no" class="button-secondary"><?php echo esc_html__( 'No Thank You', 'download-monitor' ); ?></a>
948	</p>
949	</div>
950	<?php

1107	// We'll send the user to this deactivation link when they've completed or dismissed the form.
1108	$( 'body' ).toggleClass( '<?php echo esc_attr($this->plugin_name); ?>-put-form-active' );
1109	$( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).fadeIn();
1110	+ $( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).html( '<?php echo wp_kses_post( $html ); ?>' + '<div class="<?php echo esc_attr($this->plugin_name); ?>-put-goodbye-form-footer"><p><a id="<?php echo esc_attr($this->plugin_name); ?>-put-submit-form" class="button primary" href="#"><?php echo esc_html__( 'Submit and Deactivate', 'download-monitor' ); ?></a> <a class="secondary button" href="' + url + '"><?php echo esc_html__( 'Just Deactivate', 'download-monitor' ); ?></a></p></div>' );
1111	} );
1112
1113	$( "#<?php echo esc_attr( $this->plugin_name ); ?>-put-goodbye-form" ).on( "click", "#<?php echo esc_attr( $this->plugin_name ); ?>-put-submit-form", function ( e ) {

1129	'action' : '<?php echo esc_attr($this->plugin_name); ?>_goodbye_form',
1130	'values' : values,
1131	'details' : details,
1132	+ 'security': "<?php echo esc_js(wp_create_nonce( 'wisdom_goodbye_form' )); ?>",
1133	'dataType': "json"
1134	}
1135

1167	check_ajax_referer( 'wisdom_goodbye_form', 'security' );
1168
1169	if ( isset( $_POST['values'] ) ) {
1170	+ $values = wp_unslash( $_POST['values'] );
1171	+ $values = array_map( 'sanitize_text_field', $values );
1172	+ $values = json_encode( $values );
1173	update_option( 'wisdom_deactivation_reason_' . $this->plugin_name, $values );
1174	}
1175
1176	if ( isset( $_POST['details'] ) ) {
1177	+ $details = sanitize_text_field( wp_unslash($_POST['details']) );
1178	update_option( 'wisdom_deactivation_details_' . $this->plugin_name, $details );
1179	}
1180

readme.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Download Monitor ===
2	Contributors: wpchill, silkalns, barrykooij, mikejolley
3	- Tags: download, ~~downloads~~, ~~monitor,~~ ~~hits~~, ~~download~~ ~~monitor~~, ~~tracking,~~ ~~admin~~, ~~count~~, ~~files,~~ ~~versions,~~ ~~logging~~, ~~digital~~, ~~documents,~~ download ~~category~~, ~~download~~ ~~manager~~, download ~~template~~, ~~downloadmanager, file manager, file tree, grid, hits, ip-address, manager, media, monitor,~~ password, protect downloads, tracker, sell, shop, ecommerce, paypal
4	Requires at least: 5.4
5	Tested up to: 5.8
6	- Stable tag: 4.4.6
7	License: GPLv3
8	Text Domain: -
9	Requires PHP: 5.6
	@@ -117,6 +117,9 @@ More documentation can be found in our [Knowledge Base](https://www.download-mon
117
118	== Changelog ==
119



120	= 4.4.6 - 20.10.2021 =
121	Fixed: Checking for modifications to the upload folder
122


1	=== Download Monitor ===
2	Contributors: wpchill, silkalns, barrykooij, mikejolley
3	+ Tags: download manager, document management, file manager, digital store, ecommerce, document management plugin, download monitor, download counter, password protection, download protection, password, protect downloads, tracker, sell, shop, ecommerce, paypal
4	Requires at least: 5.4
5	Tested up to: 5.8
6	+ Stable tag: 4.4.7
7	License: GPLv3
8	Text Domain: -
9	Requires PHP: 5.6

117
118	== Changelog ==
119
120	+ = 4.4.7 - 29.10.2021 =
121	+ Fixed: Sanitization & Escaping
122	+
123	= 4.4.6 - 20.10.2021 =
124	Fixed: Checking for modifications to the upload folder
125

src/Admin/Admin.php CHANGED Viewed

	@@ -110,7 +110,9 @@ class DLM_Admin {
110	*/
111	public function upload_dir( $pathdata ) {
112
113	- if ( ~~isset( $_POST[~~'~~type']~~ ) && ~~'dlm_download'~~ ~~===~~ ~~$_POST['type']~~ ) {


114	if ( empty( $pathdata['subdir'] ) ) {
115	$pathdata['path'] = $pathdata['path'] . '/dlm_uploads';
116	$pathdata['url'] = $pathdata['url'] . '/dlm_uploads';
	@@ -215,7 +217,7 @@ class DLM_Admin {
215	$enqueue = true;
216	}
217
218	- if ( ~~$hook ==~~ 'edit-tags.php' && ~~strstr~~( $_GET['taxonomy'], '~~dlm_download~~' ) ) {
219	$enqueue = true;
220	}
221


110	*/
111	public function upload_dir( $pathdata ) {
112
113	+ // We don't process form we just modify the upload path for our custom post type.
114	+ // phpcs:ignore
115	+ if ( isset( $_POST['type'] ) && 'dlm_download' === $_POST['type'] ) {
116	if ( empty( $pathdata['subdir'] ) ) {
117	$pathdata['path'] = $pathdata['path'] . '/dlm_uploads';
118	$pathdata['url'] = $pathdata['url'] . '/dlm_uploads';

217	$enqueue = true;
218	}
219
220	+ if ( 'edit-tags.php' == $hook && isset( $_GET['taxonomy'] ) && in_array( $_GET['taxonomy'], array( 'dlm_download_category', 'dlm_download_tag' ) ) ) {
221	$enqueue = true;
222	}
223

src/Admin/CustomActions.php CHANGED Viewed

	@@ -57,12 +57,13 @@ class DLM_Custom_Actions {
57	return;
58	}
59

60	$output = "<select name='dlm_download_category' id='dropdown_dlm_download_category'>";
61	- $output .= '<option value="" ' . selected( ~~isset(~~ $~~_GET['~~dlm_download_category~~'] ) ? $_GET['dlm_download_category'] : ''~~, '', false ) . '>' . __( 'Select a category', 'download-monitor' ) . '</option>';
62	$output .= $this->walk_category_dropdown_tree( $terms, 0, $r );
63	$output .= "</select>";
64
65	- echo $output;
66	}
67
68	/**
	@@ -204,14 +205,10 @@ class DLM_Custom_Actions {
204	?>
205	<fieldset class="inline-edit-col-right inline-edit-col-dlm">
206	<div class="inline-edit-col inline-edit-col-dlm-inner">
207	- <span class="title"><?php _e( 'Download Monitor Data', 'download-monitor' ); ?></span><br/>
208	- <label for="_featured"><input type="checkbox" name="_featured" id="_featured"
209	- value="1"/><?php _e( '~~Featured~~ ~~download~~', 'download-monitor' ); ?></label>
210	- <label for="~~_members_only~~"><input type="checkbox" name="~~_members_only~~" id="~~_members_only~~"
211	- value="1"/><?php _e( 'Members only', 'download-monitor' ); ?></label>
212	- <label for="_redirect_only"><input type="checkbox" name="_redirect_only" id="_redirect_only"
213	- value="1"/><?php _e( 'Redirect to file', 'download-monitor' ); ?>
214	- </label>
215	</div>
216	</fieldset>
217	<?php
	@@ -251,6 +248,7 @@ class DLM_Custom_Actions {
251	if ( isset( $_REQUEST['dlm_bulk_edit_nonce'] ) ) {
252
253	// check nonce

254	if ( ! wp_verify_nonce( $_REQUEST['dlm_bulk_edit_nonce'], 'dlm_bulk_edit_nonce' ) ) {
255	return $post_id;
256	}
	@@ -276,6 +274,7 @@ class DLM_Custom_Actions {
276	if ( isset( $_REQUEST['dlm_quick_edit_nonce'] ) ) {
277
278	// check nonce

279	if ( ! wp_verify_nonce( $_REQUEST['dlm_quick_edit_nonce'], 'dlm_quick_edit_nonce' ) ) {
280	return $post_id;
281	}


57	return;
58	}
59
60	+ $dlm_download_category = isset( $_GET['dlm_download_category'] ) ? sanitize_text_field( wp_unslash( $_GET['dlm_download_category'] ) ) : '';
61	$output = "<select name='dlm_download_category' id='dropdown_dlm_download_category'>";
62	+ $output .= '<option value="" ' . selected( $dlm_download_category, '', false ) . '>' . __( 'Select a category', 'download-monitor' ) . '</option>';
63	$output .= $this->walk_category_dropdown_tree( $terms, 0, $r );
64	$output .= "</select>";
65
66	+ echo wp_kses_post( $output );
67	}
68
69	/**

205	?>
206	<fieldset class="inline-edit-col-right inline-edit-col-dlm">
207	<div class="inline-edit-col inline-edit-col-dlm-inner">
208	+ <span class="title"><?php echo esc_html__( 'Download Monitor Data', 'download-monitor' ); ?></span><br/>
209	+ <label for="_featured"><input type="checkbox" name="_featured" id="_featured" value="1"/><?php echo esc_html__( 'Featured download', 'download-monitor' ); ?></label>
210	+ <label for="_members_only"><input type="checkbox" name="_members_only" id="_members_only" value="1"/><?php echo esc_html__( 'Members only', 'download-monitor' ); ?></label>
211	+ <label for="_redirect_only"><input type="checkbox" name="_redirect_only" id="_redirect_only" value="1"/><?php echo esc_html__( 'Redirect to file', 'download-monitor' ); ?></label>




212	</div>
213	</fieldset>
214	<?php

248	if ( isset( $_REQUEST['dlm_bulk_edit_nonce'] ) ) {
249
250	// check nonce
251	+ // phpcs:ignore
252	if ( ! wp_verify_nonce( $_REQUEST['dlm_bulk_edit_nonce'], 'dlm_bulk_edit_nonce' ) ) {
253	return $post_id;
254	}

274	if ( isset( $_REQUEST['dlm_quick_edit_nonce'] ) ) {
275
276	// check nonce
277	+ // phpcs:ignore
278	if ( ! wp_verify_nonce( $_REQUEST['dlm_quick_edit_nonce'], 'dlm_quick_edit_nonce' ) ) {
279	return $post_id;
280	}

src/Admin/CustomColumns.php CHANGED Viewed

	@@ -66,51 +66,51 @@ class DLM_Custom_Columns {
66
67	switch ( $column ) {
68	case "thumb" :
69	- echo $download->get_image();
70	break;
71	case "download_id" :
72	- echo $post->ID;
73	break;
74	case "download_cat" :
75	if ( ! $terms = get_the_term_list( $post->ID, 'dlm_download_category', '', ', ', '' ) ) {
76	echo '<span class="na">–</span>';
77	} else {
78	- echo $terms;
79	}
80	break;
81	case "download_tag" :
82	if ( ! $terms = get_the_term_list( $post->ID, 'dlm_download_tag', '', ', ', '' ) ) {
83	echo '<span class="na">–</span>';
84	} else {
85	- echo $terms;
86	}
87	break;
88	case "featured" :
89	if ( $download->is_featured() ) {
90	- echo '<span class="yes">' . __( 'Yes', 'download-monitor' ) . '</span>';
91	} else {
92	echo '<span class="na">–</span>';
93	}
94	break;
95	case "members_only" :
96	if ( $download->is_members_only() ) {
97	- echo '<span class="yes">' . __( 'Yes', 'download-monitor' ) . '</span>';
98	} else {
99	echo '<span class="na">–</span>';
100	}
101	break;
102	case "redirect_only" :
103	if ( $download->is_redirect_only() ) {
104	- echo '<span class="yes">' . __( 'Yes', 'download-monitor' ) . '</span>';
105	} else {
106	echo '<span class="na">–</span>';
107	}
108	break;
109	case "file" :
110	if ( $file ) {
111	- echo '<a href="' . $download->get_the_download_link() . '"><code>' . $file->get_filename();
112	if ( $size = $download->get_version()->get_filesize_formatted() ) {
113	- echo ' – ' . $size;
114	}
115	echo '</code></a>';
116	} else {
	@@ -119,7 +119,7 @@ class DLM_Custom_Columns {
119	break;
120	case "version" :
121	if ( $file && $file->get_version() ) {
122	- echo $file->get_version();
123	} else {
124	echo '<span class="na">–</span>';
125	}
	@@ -129,7 +129,7 @@ class DLM_Custom_Columns {
129	break;
130	case "featured" :
131	if ( $download->is_featured() ) {
132	- echo '<img src="' . download_monitor()->get_plugin_url() . '/assets/images/on.png" alt="yes" />';
133	} else {
134	echo '<span class="na">–</span>';
135	}


66
67	switch ( $column ) {
68	case "thumb" :
69	+ echo wp_kses_post( $download->get_image() );
70	break;
71	case "download_id" :
72	+ echo esc_html( $post->ID );
73	break;
74	case "download_cat" :
75	if ( ! $terms = get_the_term_list( $post->ID, 'dlm_download_category', '', ', ', '' ) ) {
76	echo '<span class="na">–</span>';
77	} else {
78	+ echo esc_html( $terms );
79	}
80	break;
81	case "download_tag" :
82	if ( ! $terms = get_the_term_list( $post->ID, 'dlm_download_tag', '', ', ', '' ) ) {
83	echo '<span class="na">–</span>';
84	} else {
85	+ echo esc_html( $terms );
86	}
87	break;
88	case "featured" :
89	if ( $download->is_featured() ) {
90	+ echo '<span class="yes">' . esc_html__( 'Yes', 'download-monitor' ) . '</span>';
91	} else {
92	echo '<span class="na">–</span>';
93	}
94	break;
95	case "members_only" :
96	if ( $download->is_members_only() ) {
97	+ echo '<span class="yes">' . esc_html__( 'Yes', 'download-monitor' ) . '</span>';
98	} else {
99	echo '<span class="na">–</span>';
100	}
101	break;
102	case "redirect_only" :
103	if ( $download->is_redirect_only() ) {
104	+ echo '<span class="yes">' . esc_html__( 'Yes', 'download-monitor' ) . '</span>';
105	} else {
106	echo '<span class="na">–</span>';
107	}
108	break;
109	case "file" :
110	if ( $file ) {
111	+ echo '<a href="' . esc_url( $download->get_the_download_link() ) . '"><code>' . esc_html( $file->get_filename() );
112	if ( $size = $download->get_version()->get_filesize_formatted() ) {
113	+ echo ' – ' . esc_html( $size );
114	}
115	echo '</code></a>';
116	} else {

119	break;
120	case "version" :
121	if ( $file && $file->get_version() ) {
122	+ echo esc_html( $file->get_version() );
123	} else {
124	echo '<span class="na">–</span>';
125	}

129	break;
130	case "featured" :
131	if ( $download->is_featured() ) {
132	+ echo '<img src="' . esc_url( download_monitor()->get_plugin_url() ) . '/assets/images/on.png" alt="yes" />';
133	} else {
134	echo '<span class="na">–</span>';
135	}

src/Admin/CustomLabels.php CHANGED Viewed

	@@ -45,7 +45,7 @@ class DLM_Custom_Labels {
45	2 => __( 'Custom field updated.', 'download-monitor' ),
46	3 => __( 'Custom field deleted.', 'download-monitor' ),
47	4 => __( 'Download updated.', 'download-monitor' ),
48	- 5 => isset( $_GET['revision'] ) ? sprintf( __( 'Download restored to revision from %s', 'download-monitor' ), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
49	6 => __( 'Download published.', 'download-monitor' ),
50	7 => __( 'Download saved.', 'download-monitor' ),
51	8 => __( 'Download submitted.', 'download-monitor' ),


45	2 => __( 'Custom field updated.', 'download-monitor' ),
46	3 => __( 'Custom field deleted.', 'download-monitor' ),
47	4 => __( 'Download updated.', 'download-monitor' ),
48	+ 5 => isset( $_GET['revision'] ) ? sprintf( esc_html__( 'Download restored to revision from %s', 'download-monitor' ), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
49	6 => __( 'Download published.', 'download-monitor' ),
50	7 => __( 'Download saved.', 'download-monitor' ),
51	8 => __( 'Download submitted.', 'download-monitor' ),

src/Admin/Dashboard.php CHANGED Viewed

	@@ -57,7 +57,7 @@ class DLM_Admin_Dashboard {
57	$downloads = download_monitor()->service( 'download_repository' )->retrieve( $filters, 10 );
58
59	if ( empty( $downloads ) ) {
60	- echo '<p>' . __( 'There are no stats available yet!', 'download-monitor' ) . '</p>';
61
62	return;
63	}
	@@ -70,8 +70,8 @@ class DLM_Admin_Dashboard {
70	<table class="download_chart" cellpadding="0" cellspacing="0">
71	<thead>
72	<tr>
73	- <th scope="col"><?php _e( 'Download', "download_monitor" ); ?></th>
74	- <th scope="col"><?php _e( 'Download count', "download_monitor" ); ?></th>
75	</tr>
76	</thead>
77	<tbody>
	@@ -83,8 +83,8 @@ class DLM_Admin_Dashboard {
83	$width = ( $download->get_download_count() / $max_count ) * 80;
84
85	echo '<tr>
86	- <th scope="row" style="width:25%;"><a href="' . admin_url( 'post.php?post=' . $download->get_id() . '&action=edit' ) . '">' . $download->get_title() . '</a></th>
87	- <td><span class="bar" style="width:' . $width . '%;"></span>' . number_format( $download->get_download_count(), 0, '.', ',' ) . '</td>
88	</tr>';
89	}
90	}


57	$downloads = download_monitor()->service( 'download_repository' )->retrieve( $filters, 10 );
58
59	if ( empty( $downloads ) ) {
60	+ echo '<p>' . esc_html__( 'There are no stats available yet!', 'download-monitor' ) . '</p>';
61
62	return;
63	}

70	<table class="download_chart" cellpadding="0" cellspacing="0">
71	<thead>
72	<tr>
73	+ <th scope="col"><?php echo esc_html__( 'Download', "download_monitor" ); ?></th>
74	+ <th scope="col"><?php echo esc_html__( 'Download count', "download_monitor" ); ?></th>
75	</tr>
76	</thead>
77	<tbody>

83	$width = ( $download->get_download_count() / $max_count ) * 80;
84
85	echo '<tr>
86	+ <th scope="row" style="width:25%;"><a href="' . esc_url( admin_url( 'post.php?post=' . $download->get_id() . '&action=edit' ) ) . '">' . esc_html( $download->get_title() ) . '</a></th>
87	+ <td><span class="bar" style="width:' . esc_attr( $width ) . '%;"></span>' . number_format( $download->get_download_count(), 0, '.', ',' ) . '</td>
88	</tr>';
89	}
90	}

src/Admin/Extensions.php CHANGED Viewed

	@@ -243,8 +243,8 @@ class DLM_Admin_Extensions {
243	<div class="wrap dlm_extensions_wrap">
244	<div class="icon32 icon32-posts-dlm_download" id="icon-edit"><br/></div>
245	<h1>
246	- <?php _e( 'Download Monitor Extensions', 'download-monitor' ); ?>
247	- <a href="<?php echo add_query_arg( 'dlm-force-recheck', '1', admin_url( 'edit.php?post_type=dlm_download&page=dlm-extensions' ) ); ?>"
248	class="button dlm-reload-button">
249	<?php esc_html_e( 'Reload Extensions', 'download-monitor' ); ?>
250	</a>
	@@ -260,12 +260,12 @@ class DLM_Admin_Extensions {
260
261	// Extensions
262
263	- echo '<p>' . sprintf( __( 'Extend Download Monitor with its powerful free and paid extensions. %sClick here to browse all extensions%s', 'download-monitor' ), '<a href="https://www.download-monitor.com/extensions/?utm_source=plugin&utm_medium=link&utm_campaign=extensions-top" target="_blank">', '</a>' ) . '</p>';
264
265	$active_tab = 'dlm-extensions';
266
267	if ( isset( $_GET['page'] ) && isset( $tabs[ $_GET['page'] ] ) ) {
268	- $active_tab = $_GET['page'];
269	}
270
271	?>
	@@ -343,8 +343,8 @@ class DLM_Admin_Extensions {
343	<div class="wrap dlm_extensions_wrap">
344	<div class="icon32 icon32-posts-dlm_download" id="icon-edit"><br/></div>
345	<h1>
346	- <?php _e( 'Download Monitor Installed Extensions', 'download-monitor' ); ?>
347	- <a href="<?php echo add_query_arg( 'dlm-force-recheck', '1', admin_url( 'edit.php?post_type=dlm_download&page=dlm-extensions' ) ); ?>"
348	class="button dlm-reload-button">
349	<?php esc_html_e( 'Reload Extensions', 'download-monitor' ); ?>
350	</a>
	@@ -354,7 +354,7 @@ class DLM_Admin_Extensions {
354	$active_tab = 'dlm-installed-extensions';
355
356	if ( isset( $_GET['page'] ) && isset( $this->tabs[ $_GET['page'] ] ) ) {
357	- $active_tab = $_GET['page'];
358	}
359
360	echo '<h2 class="nav-tab-wrapper">';
	@@ -382,7 +382,7 @@ class DLM_Admin_Extensions {
382
383	echo '<div class="extension_license">';
384	echo '<p class="license-status' . ( ( $license->is_active() ) ? ' active' : '' ) . '">' . esc_html( strtoupper( $license->get_status() ) ) . '</p>';
385	- echo '<input type="hidden" id="dlm-ajax-nonce" value="' . wp_create_nonce( 'dlm-ajax-nonce' ) . '" />';
386	echo '<input type="hidden" id="status" value="' . esc_attr( $license->get_status() ) . '" />';
387	echo '<input type="hidden" id="product_id" value="' . esc_attr( $extension->product_id ) . '" />';
388	echo '<input type="text" name="key" id="key" value="' . esc_attr( $license->get_key() ) . '" placeholder="License Key"' . ( ( $license->is_active() ) ? ' disabled="disabled"' : '' ) . ' />';


243	<div class="wrap dlm_extensions_wrap">
244	<div class="icon32 icon32-posts-dlm_download" id="icon-edit"><br/></div>
245	<h1>
246	+ <?php echo esc_html__( 'Download Monitor Extensions', 'download-monitor' ); ?>
247	+ <a href="<?php echo esc_url( add_query_arg( 'dlm-force-recheck', '1', admin_url( 'edit.php?post_type=dlm_download&page=dlm-extensions' ) ) ); ?>"
248	class="button dlm-reload-button">
249	<?php esc_html_e( 'Reload Extensions', 'download-monitor' ); ?>
250	</a>

260
261	// Extensions
262
263	+ echo '<p>' . sprintf( esc_html__( 'Extend Download Monitor with its powerful free and paid extensions. %sClick here to browse all extensions%s', 'download-monitor' ), '<a href="https://www.download-monitor.com/extensions/?utm_source=plugin&utm_medium=link&utm_campaign=extensions-top" target="_blank">', '</a>' ) . '</p>';
264
265	$active_tab = 'dlm-extensions';
266
267	if ( isset( $_GET['page'] ) && isset( $tabs[ $_GET['page'] ] ) ) {
268	+ $active_tab = sanitize_text_field( wp_unslash( $_GET['page'] ) );
269	}
270
271	?>

343	<div class="wrap dlm_extensions_wrap">
344	<div class="icon32 icon32-posts-dlm_download" id="icon-edit"><br/></div>
345	<h1>
346	+ <?php esc_html_e( 'Download Monitor Installed Extensions', 'download-monitor' ); ?>
347	+ <a href="<?php echo esc_url( add_query_arg( 'dlm-force-recheck', '1', admin_url( 'edit.php?post_type=dlm_download&page=dlm-extensions' ) ) ); ?>"
348	class="button dlm-reload-button">
349	<?php esc_html_e( 'Reload Extensions', 'download-monitor' ); ?>
350	</a>

354	$active_tab = 'dlm-installed-extensions';
355
356	if ( isset( $_GET['page'] ) && isset( $this->tabs[ $_GET['page'] ] ) ) {
357	+ $active_tab = sanitize_text_field( wp_unslash( $_GET['page'] ) );
358	}
359
360	echo '<h2 class="nav-tab-wrapper">';

382
383	echo '<div class="extension_license">';
384	echo '<p class="license-status' . ( ( $license->is_active() ) ? ' active' : '' ) . '">' . esc_html( strtoupper( $license->get_status() ) ) . '</p>';
385	+ echo '<input type="hidden" id="dlm-ajax-nonce" value="' . esc_attr( wp_create_nonce( 'dlm-ajax-nonce' ) ) . '" />';
386	echo '<input type="hidden" id="status" value="' . esc_attr( $license->get_status() ) . '" />';
387	echo '<input type="hidden" id="product_id" value="' . esc_attr( $extension->product_id ) . '" />';
388	echo '<input type="text" name="key" id="key" value="' . esc_attr( $license->get_key() ) . '" placeholder="License Key"' . ( ( $license->is_active() ) ? ' disabled="disabled"' : '' ) . ' />';

src/Admin/MediaBrowser.php CHANGED Viewed

	@@ -31,7 +31,7 @@ class DLM_Admin_Media_Browser {
31	// Files
32	$files = $file_manager->list_files( ABSPATH, 1 );
33
34	- echo '<!DOCTYPE html><html lang="en"><head><title>' . __( 'Browse for a file', 'download-monitor' ) . '</title>';
35
36	wp_enqueue_style( 'download_monitor_admin_css', download_monitor()->get_plugin_url() . '/assets/css/admin.css', array( 'dashicons' ) );
37	do_action( 'admin_print_styles' );
	@@ -48,7 +48,7 @@ class DLM_Admin_Media_Browser {
48
49	if ( $found_file['type'] == 'folder' ) {
50
51	- echo '<li><a href="#" class="folder" data-path="' . trailingslashit( $file['dirname'] ) . $file['basename'] . '">' . $file['basename'] . '</a></li>';
52
53	} else {
54
	@@ -62,7 +62,7 @@ class DLM_Admin_Media_Browser {
62	continue;
63	} // Ignored file types
64
65	- echo '<li><a href="#" class="file filetype-' . sanitize_title( $extension ) . '" data-path="' . trailingslashit( $file['dirname'] ) . $file['basename'] . '">' . $file['basename'] . '</a></li>';
66
67	}
68
	@@ -95,17 +95,17 @@ class DLM_Admin_Media_Browser {
95	var data = {
96	action: 'download_monitor_list_files',
97	path: jQuery( this ).attr( 'data-path' ),
98	- security: '<?php echo wp_create_nonce("list-files"); ?>'
99	};
100
101	- jQuery.post( '<?php echo admin_url('admin-ajax.php'); ?>', data, function ( response ) {
102
103	$link.addClass( 'folder_open' );
104
105	if ( response ) {
106	$parent.find( '.load_tree' ).html( response );
107	} else {
108	- $parent.find( '.load_tree' ).html( '<li class="nofiles"><?php _e('No files found', 'download-monitor'); ?></li>' );
109	}
110	$parent.find( '.load_tree' ).removeClass( 'load_tree loading' );
111


31	// Files
32	$files = $file_manager->list_files( ABSPATH, 1 );
33
34	+ echo '<!DOCTYPE html><html lang="en"><head><title>' . esc_html__( 'Browse for a file', 'download-monitor' ) . '</title>';
35
36	wp_enqueue_style( 'download_monitor_admin_css', download_monitor()->get_plugin_url() . '/assets/css/admin.css', array( 'dashicons' ) );
37	do_action( 'admin_print_styles' );

48
49	if ( $found_file['type'] == 'folder' ) {
50
51	+ echo '<li><a href="#" class="folder" data-path="' . esc_attr( trailingslashit( $file['dirname'] ) ) . esc_attr( $file['basename'] ) . '">' . esc_html( $file['basename'] ) . '</a></li>';
52
53	} else {
54

62	continue;
63	} // Ignored file types
64
65	+ echo '<li><a href="#" class="file filetype-' . esc_attr( sanitize_title( $extension ) ) . '" data-path="' . esc_attr( trailingslashit( $file['dirname'] ) ) . esc_attr( $file['basename'] ) . '">' . esc_html( $file['basename'] ) . '</a></li>';
66
67	}
68

95	var data = {
96	action: 'download_monitor_list_files',
97	path: jQuery( this ).attr( 'data-path' ),
98	+ security: '<?php echo esc_js(wp_create_nonce("list-files")); ?>'
99	};
100
101	+ jQuery.post( '<?php echo esc_url( admin_url('admin-ajax.php') ); ?>', data, function ( response ) {
102
103	$link.addClass( 'folder_open' );
104
105	if ( response ) {
106	$parent.find( '.load_tree' ).html( response );
107	} else {
108	+ $parent.find( '.load_tree' ).html( '<li class="nofiles"><?php echo esc_html__('No files found', 'download-monitor'); ?></li>' );
109	}
110	$parent.find( '.load_tree' ).removeClass( 'load_tree loading' );
111

src/Admin/MediaInsert.php CHANGED Viewed

	@@ -33,7 +33,7 @@ class DLM_Admin_Media_Insert {
33	return;
34	}
35
36	- echo '<a href="#" class="button insert-download dlm_insert_download" data-editor="' . esc_attr( $editor_id ) . '" title="' . esc_attr__( 'Insert Download', 'download-monitor' ) . '">' . __( 'Insert Download', 'download-monitor' ) . '</a>';
37	}
38
39	/**
	@@ -52,7 +52,7 @@ class DLM_Admin_Media_Insert {
52	wp_enqueue_style( 'colors' );
53	wp_enqueue_script( 'plupload-all' );
54
55	- echo '<!DOCTYPE html><html lang="en"><head><title>' . __( 'Insert Download', 'download-monitor' ) . '</title><meta charset="utf-8" />';
56
57	do_action( 'admin_print_styles' );
58	do_action( 'admin_print_scripts' );
	@@ -63,8 +63,8 @@ class DLM_Admin_Media_Insert {
63	?>
64	<h2 class="nav-tab-wrapper">
65	<a href="#insert-shortcode"
66	- class="nav-tab nav-tab-active"><?php _e( 'Insert Shortcode', 'download-monitor' ); ?></a><a
67	- href="#quick-add" class="nav-tab"><?php _e( 'Quick-add download', 'download-monitor' ); ?></a>
68	</h2>
69	<?php
70
	@@ -72,11 +72,12 @@ class DLM_Admin_Media_Insert {
72	/**
73	* TODO: Use new repository here
74	*/
75	- if ~~( ! empty( $_POST['download_url'] ) && ! empty( $_POST['download_title'] ) && wp_verify_nonce( $_POST['quick-add-nonce'], 'quick-add' ) ) {~~

76
77	- $url = ~~stripslashes~~( $_POST['download_url'] );
78	- $title = sanitize_text_field( ~~stripslashes~~( $_POST['download_title'] ) );
79	- $version = sanitize_text_field( ~~stripslashes~~( $_POST['download_version'] ) );
80
81	try {
82
	@@ -132,14 +133,14 @@ class DLM_Admin_Media_Insert {
132	update_post_meta( $file_id, '_crc32', $hashes['crc32b'] );
133
134	// Success message
135	- echo '<div class="updated"><p>' . __( 'Download successfully created.', 'download-monitor' ) . '</p></div>';
136
137	} else {
138	- throw new Exception( __( 'Error: Download was not created.', 'download-monitor' ) );
139	}
140
141	} catch ( Exception $e ) {
142	- echo '<div class="error"><p>' . $e->getMessage() . "</p></div>";
143	}
144
145	}
	@@ -148,7 +149,7 @@ class DLM_Admin_Media_Insert {
148	<form id="insert-shortcode" method="post">
149
150	<?php
151	- $search_query = ( ! empty( $_POST['dlm_search'] ) ? $_POST['dlm_search'] : '' );
152	$limit = 10;
153	$page = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 1;
154	$filters = array( 'post_status' => 'publish' );
	@@ -159,24 +160,24 @@ class DLM_Admin_Media_Insert {
159	$downloads = download_monitor()->service( 'download_repository' )->retrieve( $filters, $limit, ( ( $page - 1 ) * $limit ) );
160	?>
161	<fieldset>
162	- <legend><?php _e( 'Search download', 'download-monitor' ); ?>:</legend>
163	<label>
164	- <input type="text" name="dlm_search" value='<?php echo str_replace( "'", "", stripslashes( ( $search_query ) ) ); ?>'/>
165	<input type="submit" name="dlm_search_submit" value="Search" class="button button-primary" />
166	</label>
167	</fieldset>
168
169	<fieldset>
170	- <legend><?php _e( 'Choose a download', 'download-monitor' ); ?>:</legend>
171	<?php
172
173	foreach ( $downloads as $download ) {
174	- echo '<label><input name="download_id" class="radio" type="radio" value="' . absint( $download->get_id() ) . '" /> #' . $download->get_id() . ' – ' . $download->get_title() . ' – ' . $download->get_version()->get_filename() . '</label>';
175	}
176
177	if ( $d_num_rows > $limit ) {
178
179	- echo paginate_links( apply_filters( 'download_monitor_pagination_args', array(
180	'base' => str_replace( 999999999, '%#%', get_pagenum_link( 999999999, false ) ),
181	'format' => '',
182	'current' => $page,
	@@ -186,23 +187,23 @@ class DLM_Admin_Media_Insert {
186	'type' => 'list',
187	'end_size' => 3,
188	'mid_size' => 3
189	- ) ) );
190	}
191	?>
192	</fieldset>
193
194	<p>
195	- <label for="template_name"><?php _e( 'Template', 'download-monitor' ); ?>:</label>
196	<input type="text" id="template_name" value="" class="input"
197	- placeholder="<?php _e( 'Template Name', 'download-monitor' ); ?>"/>
198	<span class="description">
199	- <?php _e( 'Leaving this blank will use the default <code>content-download.php</code> template file. If you enter, for example, <code>image</code>, the <code>content-download-image.php</code> template will be used instead.', 'download-monitor' ); ?>
200	</span>
201	</p>
202
203	<p>
204	<input type="button" class="button insert_download button-primary button-large"
205	- value="<?php _e( 'Insert Shortcode', 'download-monitor' ); ?>"/>
206	</p>
207
208	</form>
	@@ -213,40 +214,36 @@ class DLM_Admin_Media_Insert {
213	<div id="plupload-upload-ui" class="hide-if-no-js">
214	<div id="drag-drop-area" style="height:240px">
215	<div class="drag-drop-inside">
216	- <p class="drag-drop-info"><?php _e( 'Drop file here', 'download-monitor' ); ?></p>
217
218	- <p><?php echo _x( 'or', 'Drop file here or select file', 'download-monitor' ); ?></p>
219
220	- <p class="drag-drop-buttons"~~><input id="plupload-browse-button" type="button"~~
221	- value="<?php esc_attr_e( 'Select File', 'download-monitor' ); ?>"
222	- ~~class="button"/></~~p>
223	</div>
224	</div>
225	- <p><a href="#" class="add_manually"><?php _e( 'Enter URL manually', 'download-monitor' ); ?> →</a>
226	</p>
227	</div>
228	<div id="quick-add-details" style="display:none">
229	<p>
230	- <label for="download_url"><?php _e( 'Download URL', 'download-monitor' ); ?>:</label>
231	- <input type="text" name="download_url" id="download_url" value="" class="download_url input"
232	- placeholder="<?php _e( 'Required URL', 'download-monitor' ); ?>"/>
233	</p>
234
235	<p>
236	- <label for="download_title"><?php _e( 'Download Title', 'download-monitor' ); ?>:</label>
237	- <input type="text" name="download_title" id="download_title" value="" class="download_title input"
238	- placeholder="<?php _e( 'Required title', 'download-monitor' ); ?>"/>
239	</p>
240
241	<p>
242	- <label for="download_version"><?php _e( 'Version', 'download-monitor' ); ?>:</label>
243	- <input type="text" name="download_version" id="download_version" value="" class="input"
244	- placeholder="<?php _e( 'Optional version number', 'download-monitor' ); ?>"/>
245	</p>
246
247	<p>
248	- <input type="submit" class="button button-primary button-large"
249	- value="<?php _e( 'Save Download', 'download-monitor' ); ?>"/>
250	<?php wp_nonce_field( 'quick-add', 'quick-add-nonce' ) ?>
251	</p>
252	</div>
	@@ -319,7 +316,7 @@ class DLM_Admin_Media_Insert {
319	?>
320
321	// create the uploader and pass the config from above
322	- var uploader = new plupload.Uploader( <?php echo json_encode( $plupload_init ); ?> );
323
324	// checks if browser supports drag and drop upload, makes some css adjustments if necessary
325	uploader.bind( 'Init', function ( up ) {
	@@ -352,7 +349,7 @@ class DLM_Admin_Media_Insert {
352	if ( max > hundredmb && file.size > hundredmb && up.runtime != 'html5' ) {
353	// file size error?
354	} else {
355	- jQuery( '.drag-drop-inside' ).html( '<p><?php _e( 'Please wait...', 'download-monitor' ); ?></p>' );
356	}
357	} );
358


33	return;
34	}
35
36	+ echo '<a href="#" class="button insert-download dlm_insert_download" data-editor="' . esc_attr( $editor_id ) . '" title="' . esc_attr__( 'Insert Download', 'download-monitor' ) . '">' . esc_html__( 'Insert Download', 'download-monitor' ) . '</a>';
37	}
38
39	/**

52	wp_enqueue_style( 'colors' );
53	wp_enqueue_script( 'plupload-all' );
54
55	+ echo '<!DOCTYPE html><html lang="en"><head><title>' . esc_html__( 'Insert Download', 'download-monitor' ) . '</title><meta charset="utf-8" />';
56
57	do_action( 'admin_print_styles' );
58	do_action( 'admin_print_scripts' );

63	?>
64	<h2 class="nav-tab-wrapper">
65	<a href="#insert-shortcode"
66	+ class="nav-tab nav-tab-active"><?php echo esc_html__( 'Insert Shortcode', 'download-monitor' ); ?></a><a
67	+ href="#quick-add" class="nav-tab"><?php echo esc_html__( 'Quick-add download', 'download-monitor' ); ?></a>
68	</h2>
69	<?php
70

72	/**
73	* TODO: Use new repository here
74	*/
75	+ // phpcs:ignore
76	+ if ( ! empty( $_POST['download_url'] ) && ! empty( $_POST['download_title'] ) && isset( $_POST['quick-add-nonce'] ) && wp_verify_nonce( $_POST['quick-add-nonce'], 'quick-add' ) ) {
77
78	+ $url = esc_url_raw( wp_unslash( $_POST['download_url'] ) );
79	+ $title = sanitize_text_field( wp_unslash( $_POST['download_title'] ) );
80	+ $version = isset( $_POST['download_version'] ) ? sanitize_text_field( wp_unslash( $_POST['download_version'] ) ) : '';
81
82	try {
83

133	update_post_meta( $file_id, '_crc32', $hashes['crc32b'] );
134
135	// Success message
136	+ echo '<div class="updated"><p>' . esc_html__( 'Download successfully created.', 'download-monitor' ) . '</p></div>';
137
138	} else {
139	+ throw new Exception( esc_html__( 'Error: Download was not created.', 'download-monitor' ) );
140	}
141
142	} catch ( Exception $e ) {
143	+ echo '<div class="error"><p>' . esc_html( $e->getMessage() ) . "</p></div>";
144	}
145
146	}

149	<form id="insert-shortcode" method="post">
150
151	<?php
152	+ $search_query = ( ! empty( $_POST['dlm_search'] ) ? sanitize_text_field( wp_unslash( $_POST['dlm_search'] ) ) : '' );
153	$limit = 10;
154	$page = isset( $_GET['paged'] ) ? absint( $_GET['paged'] ) : 1;
155	$filters = array( 'post_status' => 'publish' );

160	$downloads = download_monitor()->service( 'download_repository' )->retrieve( $filters, $limit, ( ( $page - 1 ) * $limit ) );
161	?>
162	<fieldset>
163	+ <legend><?php echo esc_html__( 'Search download', 'download-monitor' ); ?>:</legend>
164	<label>
165	+ <input type="text" name="dlm_search" value='<?php echo esc_html( str_replace( "'", "", stripslashes( ( $search_query ) ) ) ); ?>'/>
166	<input type="submit" name="dlm_search_submit" value="Search" class="button button-primary" />
167	</label>
168	</fieldset>
169
170	<fieldset>
171	+ <legend><?php echo esc_html__( 'Choose a download', 'download-monitor' ); ?>:</legend>
172	<?php
173
174	foreach ( $downloads as $download ) {
175	+ echo '<label><input name="download_id" class="radio" type="radio" value="' . esc_attr( absint( $download->get_id() ) ) . '" /> #' . esc_html( $download->get_id() ) . ' – ' . esc_html( $download->get_title() ) . ' – ' . esc_html( $download->get_version()->get_filename() ) . '</label>';
176	}
177
178	if ( $d_num_rows > $limit ) {
179
180	+ echo wp_kses_post( paginate_links( apply_filters( 'download_monitor_pagination_args', array(
181	'base' => str_replace( 999999999, '%#%', get_pagenum_link( 999999999, false ) ),
182	'format' => '',
183	'current' => $page,

187	'type' => 'list',
188	'end_size' => 3,
189	'mid_size' => 3
190	+ ) ) ) );
191	}
192	?>
193	</fieldset>
194
195	<p>
196	+ <label for="template_name"><?php echo esc_html__( 'Template', 'download-monitor' ); ?>:</label>
197	<input type="text" id="template_name" value="" class="input"
198	+ placeholder="<?php echo esc_html__( 'Template Name', 'download-monitor' ); ?>"/>
199	<span class="description">
200	+ <?php wp_kses( esc_html__( 'Leaving this blank will use the default <code>content-download.php</code> template file. If you enter, for example, <code>image</code>, the <code>content-download-image.php</code> template will be used instead.', 'download-monitor' ) ); ?>
201	</span>
202	</p>
203
204	<p>
205	<input type="button" class="button insert_download button-primary button-large"
206	+ value="<?php echo esc_html__( 'Insert Shortcode', 'download-monitor' ); ?>"/>
207	</p>
208
209	</form>

214	<div id="plupload-upload-ui" class="hide-if-no-js">
215	<div id="drag-drop-area" style="height:240px">
216	<div class="drag-drop-inside">
217	+ <p class="drag-drop-info"><?php echo esc_html__( 'Drop file here', 'download-monitor' ); ?></p>
218
219	+ <p><?php echo esc_html_x( 'or', 'Drop file here or select file', 'download-monitor' ); ?></p>
220
221	+ <p class="drag-drop-buttons">
222	+ <input id="plupload-browse-button" type="button" value="<?php esc_attr_e( 'Select File', 'download-monitor' ); ?>" class="button"/>
223	+ </p>
224	</div>
225	</div>
226	+ <p><a href="#" class="add_manually"><?php echo esc_html__( 'Enter URL manually', 'download-monitor' ); ?> →</a>
227	</p>
228	</div>
229	<div id="quick-add-details" style="display:none">
230	<p>
231	+ <label for="download_url"><?php echo esc_html__( 'Download URL', 'download-monitor' ); ?>:</label>
232	+ <input type="text" name="download_url" id="download_url" value="" class="download_url input" placeholder="<?php echo esc_html__( 'Required URL', 'download-monitor' ); ?>"/>

233	</p>
234
235	<p>
236	+ <label for="download_title"><?php echo esc_html__( 'Download Title', 'download-monitor' ); ?>:</label>
237	+ <input type="text" name="download_title" id="download_title" value="" class="download_title input" placeholder="<?php echo esc_attr__( 'Required title', 'download-monitor' ); ?>"/>

238	</p>
239
240	<p>
241	+ <label for="download_version"><?php echo esc_html__( 'Version', 'download-monitor' ); ?>:</label>
242	+ <input type="text" name="download_version" id="download_version" value="" class="input" placeholder="<?php echo esc_attr__( 'Optional version number', 'download-monitor' ); ?>"/>

243	</p>
244
245	<p>
246	+ <input type="submit" class="button button-primary button-large" value="<?php echo esc_attr__( 'Save Download', 'download-monitor' ); ?>"/>

247	<?php wp_nonce_field( 'quick-add', 'quick-add-nonce' ) ?>
248	</p>
249	</div>

316	?>
317
318	// create the uploader and pass the config from above
319	+ var uploader = new plupload.Uploader( <?php echo esc_js(json_encode( $plupload_init )); ?> );
320
321	// checks if browser supports drag and drop upload, makes some css adjustments if necessary
322	uploader.bind( 'Init', function ( up ) {

349	if ( max > hundredmb && file.size > hundredmb && up.runtime != 'html5' ) {
350	// file size error?
351	} else {
352	+ jQuery( '.drag-drop-inside' ).html( '<p><?php echo esc_html__( 'Please wait...', 'download-monitor' ); ?></p>' );
353	}
354	} );
355

src/Admin/Reports/Ajax.php CHANGED Viewed

	@@ -20,10 +20,10 @@ class DLM_Reports_Ajax {
20	}
21
22	// getters
23	- $id = ( ! empty( $_GET['id'] ) ) ? $_GET['id'] : null;
24	- $from = ( ! empty( $_GET['from'] ) ) ? $_GET['from'] : null;
25	- $to = ( ! empty( $_GET['to'] ) ) ? $_GET['to'] : null;
26	- $period = ( ! empty( $_GET['period'] ) ) ? $_GET['period'] : 'day';
27
28	// setup date filter query
29	$filters = array(
	@@ -53,7 +53,7 @@ class DLM_Reports_Ajax {
53
54	$data = $repo->retrieve_grouped_count( $filters, $period );
55
56	- $chart = new DLM_Reports_Chart( $data, array(
57	'from' => $from,
58	'to' => $to
59	), $period );


20	}
21
22	// getters
23	+ $id = ( ! empty( $_GET['id'] ) ) ? sanitize_text_field( wp_unslash( $_GET['id'] ) ) : null;
24	+ $from = ( ! empty( $_GET['from'] ) ) ? sanitize_text_field( wp_unslash($_GET['from']) ) : null;
25	+ $to = ( ! empty( $_GET['to'] ) ) ? sanitize_text_field( wp_unslash($_GET['to']) ) : null;
26	+ $period = ( ! empty( $_GET['period'] ) ) ? sanitize_text_field( wp_unslash($_GET['period']) ) : 'day';
27
28	// setup date filter query
29	$filters = array(

53
54	$data = $repo->retrieve_grouped_count( $filters, $period );
55
56	+ $chart = new DLM_Reports_Chart( $data, array(
57	'from' => $from,
58	'to' => $to
59	), $period );

src/Admin/Reports/Page.php CHANGED Viewed

	@@ -57,8 +57,8 @@ class DLM_Reports_Page {
57	*/
58	private function get_date_range() {
59
60	- $from = ( isset( $_GET['date_from'] ) ) ? $_GET['date_from'] : null;
61	- $to = ( isset( $_GET['date_to'] ) ) ? $_GET['date_to'] : null;
62
63	if ( null === $to ) {
64	$to_date = new DateTime( current_time( "mysql" ) );
	@@ -86,7 +86,7 @@ class DLM_Reports_Page {
86	* @return string
87	*/
88	private function get_current_tab() {
89	- return ( ! empty( $_GET['tab'] ) ) ? $_GET['tab'] : "totals";
90	}
91
92	/**
	@@ -95,7 +95,7 @@ class DLM_Reports_Page {
95	* @return string
96	*/
97	private function get_current_chart() {
98	- return ( ! empty( $_GET['chart'] ) ) ? $_GET['chart'] : "line";
99	}
100
101	/**
	@@ -104,7 +104,7 @@ class DLM_Reports_Page {
104	* @return string
105	*/
106	private function get_current_period() {
107	- $current_period = ( ! empty( $_GET['period'] ) ) ? $_GET['period'] : "day";
108
109	// add check to prevent crazy period modifiers via get
110	if ( $current_period != 'month' ) {
	@@ -119,7 +119,7 @@ class DLM_Reports_Page {
119	*/
120	private function chart_button() {
121	$other_chart = ( "line" == $this->get_current_chart() ) ? "bar" : "line";
122	- echo "<a title='" . sprintf( __( "Switch to %s", 'download-monitor' ), $other_chart ) . "' href='" . add_query_arg( array( 'chart' => $other_chart ), $this->get_url() ) . "' class='button dlm-reports-header-chart-switcher dlm-" . $other_chart . "'></a>";
123	}
124
125	/**
	@@ -132,7 +132,7 @@ class DLM_Reports_Page {
132	$end = new DateTime( $date_range['to'] );
133	?>
134	<div class="dlm-reports-header-date-selector" id="dlm-date-range-picker">
135	- <?php echo $start->format( "d M Y" ) . " - " . $end->format( "d M Y" ); ?>
136	<span class="dlm-arrow"></span>
137	</div>
138	<?php
	@@ -144,15 +144,15 @@ class DLM_Reports_Page {
144	private function period_interval_buttons() {
145	$current = $this->get_current_period();
146	echo "<div class='dlm-reports-header-period'>";
147	- echo "<a href='" . add_query_arg( array( 'period' => 'day' ), $this->get_url() ) . "' class='button" . ( ( 'day' === $current ) ? ' active' : '' ) . "'>" . __( 'Per Day', 'download-monitor' ) . "</a>";
148	- echo "<a href='" . add_query_arg( array( 'period' => 'month' ), $this->get_url() ) . "' class='button" . ( ( 'month' === $current ) ? ' active' : '' ) . "'>" . __( 'Month', 'download-monitor' ) . "</a>";
149	echo "</div>";
150	}
151
152	private function generate_js_data() {
153	$range = $this->get_date_range();
154
155	- ~~return~~ ' data-type="' . $this->get_current_chart() . '" data-period="' . $this->get_current_period() . '" data-from="' . $range['from'] . '" data-to="' . $range['to'] . '"';
156	}
157
158	/**
	@@ -184,7 +184,7 @@ class DLM_Reports_Page {
184	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
185
186	<h1><?php
187	- _e( 'Download Reports', 'download-monitor' );
188	echo '<div class="dlm-reports-actions">';
189	$this->chart_button();
190	$this->date_range_button();
	@@ -209,7 +209,7 @@ class DLM_Reports_Page {
209
210	<?php do_action( 'dlm_reports_page_start' ); ?>
211	<div class="dlm-reports-block dlm-reports-block-summary"
212	- id="total_downloads_summary"<?php ~~echo~~ $this->generate_js_data(); ?>>
213	<ul>
214	<li id="total"><label>Total Downloads</label><span>...</span></li>
215	<li id="average"><label>Daily Average Downloads</label><span>...</span></li>
	@@ -217,11 +217,11 @@ class DLM_Reports_Page {
217	</ul>
218	</div>
219	<div class="total_downloads_chart-wrapper">
220	- <canvas class="dlm-reports-block dlm-reports-block-chart" id="total_downloads_chart"<?php ~~echo~~ $this->generate_js_data(); ?>></canvas>
221	</div>
222
223	<div class="dlm-reports-block dlm-reports-block-table"
224	- id="total_downloads_table"<?php ~~echo~~ $this->generate_js_data(); ?>>
225	<span class="dlm-reports-placeholder-no-data">NO DATA</span>
226	</div>
227
	@@ -229,7 +229,7 @@ class DLM_Reports_Page {
229
230	<script type="text/javascript">
231	jQuery( document ).ready( function ( $ ) {
232	- $( '#dlm-date-range-picker' ).dlm_reports_date_range( '<?php echo $date_range['from']; ?>', '<?php echo $date_range['to']; ?>', '<?php echo $js_url; ?>' );
233	} );
234	</script>
235	</div>


57	*/
58	private function get_date_range() {
59
60	+ $from = ( isset( $_GET['date_from'] ) ) ? sanitize_text_field( wp_unslash( $_GET['date_from'] ) ) : null;
61	+ $to = ( isset( $_GET['date_to'] ) ) ? sanitize_text_field( wp_unslash( $_GET['date_to'] ) ) : null;
62
63	if ( null === $to ) {
64	$to_date = new DateTime( current_time( "mysql" ) );

86	* @return string
87	*/
88	private function get_current_tab() {
89	+ return ( ! empty( $_GET['tab'] ) ) ? sanitize_text_field( wp_unslash( $_GET['tab'] ) ) : "totals";
90	}
91
92	/**

95	* @return string
96	*/
97	private function get_current_chart() {
98	+ return ( ! empty( $_GET['chart'] ) ) ? sanitize_text_field( wp_unslash( $_GET['chart'] ) ) : "line";
99	}
100
101	/**

104	* @return string
105	*/
106	private function get_current_period() {
107	+ $current_period = ( ! empty( $_GET['period'] ) ) ? sanitize_text_field( wp_unslash( $_GET['period'] ) ) : "day";
108
109	// add check to prevent crazy period modifiers via get
110	if ( $current_period != 'month' ) {

119	*/
120	private function chart_button() {
121	$other_chart = ( "line" == $this->get_current_chart() ) ? "bar" : "line";
122	+ echo "<a title='" . sprintf( esc_html__( "Switch to %s", 'download-monitor' ), esc_html( $other_chart ) ) . "' href='" . esc_url( add_query_arg( array( 'chart' => $other_chart ), $this->get_url() ) ) . "' class='button dlm-reports-header-chart-switcher dlm-" . esc_attr( $other_chart ) . "'></a>";
123	}
124
125	/**

132	$end = new DateTime( $date_range['to'] );
133	?>
134	<div class="dlm-reports-header-date-selector" id="dlm-date-range-picker">
135	+ <?php echo esc_html( $start->format( "d M Y" ) ) . " - " . esc_html( $end->format( "d M Y" ) ); ?>
136	<span class="dlm-arrow"></span>
137	</div>
138	<?php

144	private function period_interval_buttons() {
145	$current = $this->get_current_period();
146	echo "<div class='dlm-reports-header-period'>";
147	+ echo "<a href='" . esc_url( add_query_arg( array( 'period' => 'day' ), $this->get_url() ) ) . "' class='button" . ( ( 'day' === $current ) ? ' active' : '' ) . "'>" . esc_html__( 'Per Day', 'download-monitor' ) . "</a>";
148	+ echo "<a href='" . esc_url( add_query_arg( array( 'period' => 'month' ), $this->get_url() ) ) . "' class='button" . ( ( 'month' === $current ) ? ' active' : '' ) . "'>" . esc_html__( 'Month', 'download-monitor' ) . "</a>";
149	echo "</div>";
150	}
151
152	private function generate_js_data() {
153	$range = $this->get_date_range();
154
155	+ echo ' data-type="' . esc_attr( $this->get_current_chart() ) . '" data-period="' . esc_attr( $this->get_current_period() ) . '" data-from="' . esc_attr( $range['from'] ) . '" data-to="' . esc_attr( $range['to'] ) . '"';
156	}
157
158	/**

184	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
185
186	<h1><?php
187	+ echo esc_html__( 'Download Reports', 'download-monitor' );
188	echo '<div class="dlm-reports-actions">';
189	$this->chart_button();
190	$this->date_range_button();

209
210	<?php do_action( 'dlm_reports_page_start' ); ?>
211	<div class="dlm-reports-block dlm-reports-block-summary"
212	+ id="total_downloads_summary"<?php $this->generate_js_data(); ?>>
213	<ul>
214	<li id="total"><label>Total Downloads</label><span>...</span></li>
215	<li id="average"><label>Daily Average Downloads</label><span>...</span></li>

217	</ul>
218	</div>
219	<div class="total_downloads_chart-wrapper">
220	+ <canvas class="dlm-reports-block dlm-reports-block-chart" id="total_downloads_chart"<?php $this->generate_js_data(); ?>></canvas>
221	</div>
222
223	<div class="dlm-reports-block dlm-reports-block-table"
224	+ id="total_downloads_table"<?php $this->generate_js_data(); ?>>
225	<span class="dlm-reports-placeholder-no-data">NO DATA</span>
226	</div>
227

229
230	<script type="text/javascript">
231	jQuery( document ).ready( function ( $ ) {
232	+ $( '#dlm-date-range-picker' ).dlm_reports_date_range( '<?php echo esc_html( $date_range['from'] ); ?>', '<?php echo esc_html( $date_range['to'] ); ?>', '<?php echo esc_url( $js_url ); ?>' );
233	} );
234	</script>
235	</div>

src/Admin/Settings/Fields/ActionButton.php CHANGED Viewed

	@@ -49,7 +49,7 @@ class DLM_Admin_Fields_Field_ActionButton extends DLM_Admin_Fields_Field {
49	*/
50	public function render() {
51	?>
52	- <a class="button" href="<?php echo $this->get_url(); ?>"><?php echo $this->label; ?></a>
53	<?php
54	}
55


49	*/
50	public function render() {
51	?>
52	+ <a class="button" href="<?php echo esc_url( $this->get_url() ); ?>"><?php echo esc_html( $this->label ); ?></a>
53	<?php
54	}
55

src/Admin/Settings/Fields/Checkbox.php CHANGED Viewed

	@@ -40,7 +40,7 @@ class DLM_Admin_Fields_Field_Checkbox extends DLM_Admin_Fields_Field {
40	?>
41	<label><input id="setting-<?php esc_attr_e( $this->get_name() ); ?>"
42	name="<?php esc_attr_e( $this->get_name() ); ?>" type="checkbox"
43	- value="1" <?php checked( '1', $this->get_value() ); ?> /> <?php echo $this->get_cb_label(); ?>
44	</label>
45	<?php
46	}


40	?>
41	<label><input id="setting-<?php esc_attr_e( $this->get_name() ); ?>"
42	name="<?php esc_attr_e( $this->get_name() ); ?>" type="checkbox"
43	+ value="1" <?php checked( '1', $this->get_value() ); ?> /> <?php echo esc_html( $this->get_cb_label() ); ?>
44	</label>
45	<?php
46	}

src/Admin/Settings/Fields/Desc.php CHANGED Viewed

	@@ -7,7 +7,7 @@ class DLM_Admin_Fields_Field_Desc extends DLM_Admin_Fields_Field {
7	*/
8	public function render() {
9	?>
10	- <p class="dlm-setting-field-description"><?php echo $this->get_value(); ?></p>
11	<?php
12	}
13


7	*/
8	public function render() {
9	?>
10	+ <p class="dlm-setting-field-description"><?php echo esc_html( $this->get_value() ); ?></p>
11	<?php
12	}
13

src/Admin/Settings/Fields/LazySelect.php CHANGED Viewed

	@@ -38,7 +38,7 @@ class DLM_Admin_Fields_Field_Lazy_Select extends DLM_Admin_Fields_Field {
38	?>
39	<select id="setting-<?php esc_attr_e( $this->get_name() ); ?>" class="regular-text dlm-lazy-select"
40	name="<?php esc_attr_e( $this->get_name() ); ?>" data-selected="<?php esc_attr_e( $this->get_value() ); ?>">
41	- <option value="0"><?php _e( 'Loading', 'download-monitor'); ?>...</option>
42	</select>
43	<?php
44	}


38	?>
39	<select id="setting-<?php esc_attr_e( $this->get_name() ); ?>" class="regular-text dlm-lazy-select"
40	name="<?php esc_attr_e( $this->get_name() ); ?>" data-selected="<?php esc_attr_e( $this->get_value() ); ?>">
41	+ <option value="0"><?php echo esc_html__( 'Loading', 'download-monitor'); ?>...</option>
42	</select>
43	<?php
44	}

src/Admin/Settings/Page.php CHANGED Viewed

	@@ -37,12 +37,12 @@ class DLM_Settings_Page {
37	public function catch_admin_actions() {
38
39	if ( isset( $_GET['dlm_action'] ) && isset( $_GET['dlm_nonce'] ) ) {
40	- $action = $_GET['dlm_action'];
41	- $nonce = $_GET['dlm_nonce'];
42
43	// check nonce
44	- if ~~( ! wp_verify_nonce( $nonce, $action ) ) {~~
45	- ~~wp_die~~( ~~"Download~~ ~~Monitor~~ action ~~nonce~~ ~~failed."~~ );

46	}
47
48	switch ( $action ) {
	@@ -65,12 +65,17 @@ class DLM_Settings_Page {
65	* Display the admin action success mesage
66	*/
67	public function display_admin_action_message() {





68	?>
69	<div class="notice notice-success">
70	<?php
71	switch ( $_GET['dlm_action_done'] ) {
72	case 'dlm_clear_transients':
73	- echo "<p>" . __( 'Download Monitor Transients successfully cleared!', 'download-monitor' ) . "</p>";
74	break;
75	}
76	?>
	@@ -104,11 +109,11 @@ class DLM_Settings_Page {
104
105	if ( ! empty( $_GET['settings-updated'] ) ) {
106	$this->need_rewrite_flush = true;
107	- echo '<div class="updated notice is-dismissible"><p>' . __( 'Settings successfully saved', 'download-monitor' ) . '</p></div>';
108
109	$dlm_settings_tab_saved = get_option( 'dlm_settings_tab_saved', 'general' );
110
111	- echo '<script type="text/javascript">var dlm_settings_tab_saved = "' . $dlm_settings_tab_saved . '";</script>';
112	}
113
114	// loop fields for this tab
	@@ -122,10 +127,10 @@ class DLM_Settings_Page {
122	<ul class="nav-section-wrapper">
123	<?php foreach ( $settings[ $tab ]['sections'] as $section_key => $section ) : ?>
124	<?php echo "<li" . ( ( $active_section == $section_key ) ? " class='active-section'" : "" ) . ">"; ?>
125	- <a href="<?php echo add_query_arg( array(
126	'tab' => $tab,
127	'section' => $section_key
128	- ), DLM_Admin_Settings::get_url() ); ?>"><?php echo $section['title']; ?></a></liM>
129	<?php endforeach; ?>
130	</ul>
131	<h2><?php echo esc_html( $settings[ $tab ]['sections'][ $active_section ]['title'] ); ?></h2>
	@@ -149,13 +154,13 @@ class DLM_Settings_Page {
149
150	echo '<tr valign="top">';
151	if ( isset( $option['label'] ) && '' !== $option['label'] ) {
152	- echo '<th scope="row"><label for="setting-' . $option['name'] . '">' . $option['label'] . '</a></th>';
153	} else {
154	$cs ++;
155	}
156
157
158	- echo '<td colspan="' . $cs . '">';
159
160	if ( ! isset( $option['type'] ) ) {
161	$option['type'] = '';
	@@ -170,7 +175,7 @@ class DLM_Settings_Page {
170	$field->render();
171
172	if ( isset( $option['desc'] ) && '' !== $option['desc'] ) {
173	- echo ' <p class="dlm-description description">' . $option['desc'] . '</p>';
174	}
175	}
176
	@@ -197,7 +202,7 @@ class DLM_Settings_Page {
197	?>
198	<p class="submit">
199	<input type="submit" class="button-primary"
200	- value="<?php _e( 'Save Changes', 'download-monitor' ); ?>"/>
201	</p>
202
203	<?php } ?>
	@@ -213,19 +218,22 @@ class DLM_Settings_Page {
213	function print_global_notices() {
214
215	// check for nginx
216	- if ( isset( $_SERVER['SERVER_SOFTWARE'] ) && ~~stristr( $_SERVER['SERVER_SOFTWARE'], 'nginx' ) !== false && 1 != get_option( 'dlm_hide_notice-nginx_rules', 0 ) ) {~~


217
218	// get upload dir
219	$upload_dir = wp_upload_dir();
220
221	// replace document root because nginx uses path from document root
222	- ~~$upload_path~~ ~~= str_replace( $_SERVER['DOCUMENT_ROOT'], '', $upload_dir['basedir'] );~~

223
224	// form nginx rules
225	$nginx_rules = "location " . $upload_path . "/dlm_uploads {<br/>deny all;<br/>return 403;<br/>}";
226	- echo '<div class="error notice is-dismissible dlm-notice" id="nginx_rules" data-nonce="' . wp_create_nonce( 'dlm_hide_notice-nginx_rules' ) . '">';
227	- echo '<p>' . __( "Because your server is running on nginx, our .htaccess file can't protect your downloads.", 'download-monitor' );
228	- echo '<br/>' . sprintf( __( "Please add the following rules to your nginx config to disable direct file access: %s", 'download-monitor' ), '<br/><br/><code class="dlm-code-nginx-rules">' . $nginx_rules . '</code>' ) . '</p>';
229	echo '</div>';
230	}
231
	@@ -244,7 +252,7 @@ class DLM_Settings_Page {
244	// backwards compatibility for when $section did not have 'title' index yet (it simply had the title set at 0)
245	$title = ( isset( $section['title'] ) ? $section['title'] : $section[0] );
246
247	- echo '<a href="' . add_query_arg( 'tab', $key, DLM_Admin_Settings::get_url() ) . '" class="nav-tab' . ( ( $this->get_active_tab() === $key ) ? ' nav-tab-active' : '' ) . '">' . esc_html( $title ) . ( isset( $section['badge'] ) ? ' <span class="dlm-upsell-badge">PRO</span>' : '' ) . '</a>';
248	}
249	?>
250	</h2><br/>
	@@ -274,7 +282,7 @@ class DLM_Settings_Page {
274	*/
275	private
276	function get_active_tab() {
277	- return ( ! empty( $_GET['tab'] ) ? sanitize_title( $_GET['tab'] ) : 'general' );
278	}
279
280	/**
	@@ -284,11 +292,8 @@ class DLM_Settings_Page {
284	*
285	* @return string
286	*/
287	- private
288	- ~~function~~ ~~get_active_section~~(
289	- $sections
290	- ) {
291	- return ( ! empty( $_GET['section'] ) ? sanitize_title( $_GET['section'] ) : $this->array_first_key( $sections ) );
292	}
293
294


37	public function catch_admin_actions() {
38
39	if ( isset( $_GET['dlm_action'] ) && isset( $_GET['dlm_nonce'] ) ) {
40	+ $action = sanitize_text_field( wp_unslash( $_GET['dlm_action'] ) );

41
42	// check nonce
43	+ // phpcs:ignore
44	+ if ( ! wp_verify_nonce( $_GET['dlm_nonce'], $action ) ) {
45	+ wp_die( esc_html__( "Download Monitor action nonce failed.", 'download-monitor' ) );
46	}
47
48	switch ( $action ) {

65	* Display the admin action success mesage
66	*/
67	public function display_admin_action_message() {
68	+
69	+ if ( ! isset( $_GET['dlm_action_done'] ) ) {
70	+ return;
71	+ }
72	+
73	?>
74	<div class="notice notice-success">
75	<?php
76	switch ( $_GET['dlm_action_done'] ) {
77	case 'dlm_clear_transients':
78	+ echo "<p>" . esc_html__( 'Download Monitor Transients successfully cleared!', 'download-monitor' ) . "</p>";
79	break;
80	}
81	?>

109
110	if ( ! empty( $_GET['settings-updated'] ) ) {
111	$this->need_rewrite_flush = true;
112	+ echo '<div class="updated notice is-dismissible"><p>' . esc_html__( 'Settings successfully saved', 'download-monitor' ) . '</p></div>';
113
114	$dlm_settings_tab_saved = get_option( 'dlm_settings_tab_saved', 'general' );
115
116	+ echo '<script type="text/javascript">var dlm_settings_tab_saved = "' . esc_js( $dlm_settings_tab_saved ) . '";</script>';
117	}
118
119	// loop fields for this tab

127	<ul class="nav-section-wrapper">
128	<?php foreach ( $settings[ $tab ]['sections'] as $section_key => $section ) : ?>
129	<?php echo "<li" . ( ( $active_section == $section_key ) ? " class='active-section'" : "" ) . ">"; ?>
130	+ <a href="<?php echo esc_url( add_query_arg( array(
131	'tab' => $tab,
132	'section' => $section_key
133	+ ), DLM_Admin_Settings::get_url() ) ); ?>"><?php echo esc_html( $section['title'] ); ?></a></liM>
134	<?php endforeach; ?>
135	</ul>
136	<h2><?php echo esc_html( $settings[ $tab ]['sections'][ $active_section ]['title'] ); ?></h2>

154
155	echo '<tr valign="top">';
156	if ( isset( $option['label'] ) && '' !== $option['label'] ) {
157	+ echo '<th scope="row"><label for="setting-' . esc_attr( $option['name'] ) . '">' . esc_attr( $option['label'] ) . '</a></th>';
158	} else {
159	$cs ++;
160	}
161
162
163	+ echo '<td colspan="' . esc_attr( $cs ) . '">';
164
165	if ( ! isset( $option['type'] ) ) {
166	$option['type'] = '';

175	$field->render();
176
177	if ( isset( $option['desc'] ) && '' !== $option['desc'] ) {
178	+ echo ' <p class="dlm-description description">' . wp_kses_post( $option['desc'] ) . '</p>';
179	}
180	}
181

202	?>
203	<p class="submit">
204	<input type="submit" class="button-primary"
205	+ value="<?php echo esc_html__( 'Save Changes', 'download-monitor' ); ?>"/>
206	</p>
207
208	<?php } ?>

218	function print_global_notices() {
219
220	// check for nginx
221	+ if ( isset( $_SERVER['SERVER_SOFTWARE'] ) &&
222	+ stristr( sanitize_text_field( wp_unslash($_SERVER['SERVER_SOFTWARE']) ), 'nginx' ) !== false &&
223	+ 1 != get_option( 'dlm_hide_notice-nginx_rules', 0 ) ) {
224
225	// get upload dir
226	$upload_dir = wp_upload_dir();
227
228	// replace document root because nginx uses path from document root
229	+ // phpcs:ignore
230	+ $upload_path = str_replace( sanitize_text_field( wp_unslash($_SERVER['DOCUMENT_ROOT']) ), '', $upload_dir['basedir'] );
231
232	// form nginx rules
233	$nginx_rules = "location " . $upload_path . "/dlm_uploads {<br/>deny all;<br/>return 403;<br/>}";
234	+ echo '<div class="error notice is-dismissible dlm-notice" id="nginx_rules" data-nonce="' . esc_attr( wp_create_nonce( 'dlm_hide_notice-nginx_rules' ) ) . '">';
235	+ echo '<p>' . esc_html__( "Because your server is running on nginx, our .htaccess file can't protect your downloads.", 'download-monitor' );
236	+ echo '<br/>' . sprintf( esc_html__( "Please add the following rules to your nginx config to disable direct file access: %s", 'download-monitor' ), '<br/><br/><code class="dlm-code-nginx-rules">' . wp_kses_post( $nginx_rules ) . '</code>' ) . '</p>';
237	echo '</div>';
238	}
239

252	// backwards compatibility for when $section did not have 'title' index yet (it simply had the title set at 0)
253	$title = ( isset( $section['title'] ) ? $section['title'] : $section[0] );
254
255	+ echo '<a href="' . esc_url( add_query_arg( 'tab', $key, DLM_Admin_Settings::get_url() ) ) . '" class="nav-tab' . ( ( $this->get_active_tab() === $key ) ? ' nav-tab-active' : '' ) . '">' . esc_html( $title ) . ( isset( $section['badge'] ) ? ' <span class="dlm-upsell-badge">PRO</span>' : '' ) . '</a>';
256	}
257	?>
258	</h2><br/>

282	*/
283	private
284	function get_active_tab() {
285	+ return ( ! empty( $_GET['tab'] ) ? sanitize_title( wp_unslash($_GET['tab']) ) : 'general' );
286	}
287
288	/**

292	*
293	* @return string
294	*/
295	+ private function get_active_section( $sections) {
296	+ return ( ! empty( $_GET['section'] ) ? sanitize_title( wp_unslash($_GET['section']) ) : $this->array_first_key( $sections ) );



297	}
298
299

src/Admin/WritePanels.php CHANGED Viewed

	@@ -32,49 +32,39 @@ class DLM_Admin_Writepanels {
32	remove_meta_box( 'submitdiv', 'dlm_download', 'side' );
33
34	$meta_boxes = apply_filters( 'dlm_download_metaboxes', array(
35	- array(
36	- 'id' => 'submitdiv',
37	- 'title' => __( 'Publish' ),
38	- 'callback' => 'post_submit_meta_box',
39	- 'screen' => 'dlm_download',
40	- 'context' => 'side',
41	- 'priority' => 1
42	- ),
43	- array(
44	- 'id' => 'download-monitor-information',
45	- 'title' => __( 'Download Information', 'download-monitor' ),
46	- 'callback' => array(
47	- ~~$this~~,
48	- '~~download_information~~'
49	- ),
50	- ~~'screen' => 'dlm_download'~~,
51	- ~~'context' => 'side',~~
52	- '~~priority~~' => 5
53	- ),
54	- array(
55	- 'id' => '~~download-monitor-options~~',
56	- '~~title~~' => ~~__(~~ '~~Download Options~~', ~~'download-monitor' ),~~
57	- '~~callback~~' => ~~array(~~
58	- ~~$this~~,
59	- ~~'download_options'~~
60	- ),
61	- '~~screen~~' => '~~dlm_download~~',
62	- '~~context~~' => '~~side~~',
63	- '~~priority~~' => 10
64	- ),
65	- ~~array(~~
66	- ~~'id' => 'download-monitor-file'~~,
67	- ~~'title' =>~~ ~~__( 'Downloadable Files/Versions', 'download-monitor'~~ ),
68	- 'callback' => array(
69	- $this,
70	- 'download_files'
71	- ),
72	- 'screen' => 'dlm_download',
73	- 'context' => 'normal',
74	- 'priority' => 20
75	- ),
76	- )
77	- );
78
79	uasort( $meta_boxes, array( 'DLM_Admin_Helper', 'sort_data_by_priority' ) );
80
	@@ -86,7 +76,7 @@ class DLM_Admin_Writepanels {
86	// Excerpt
87	if ( function_exists( 'wp_editor' ) ) {
88	remove_meta_box( 'postexcerpt', 'dlm_download', 'normal' );
89	- add_meta_box( 'postexcerpt', __( 'Short Description', 'download-monitor' ), array(
90	$this,
91	'short_description'
92	), 'dlm_download', 'normal', 'high' );
	@@ -113,27 +103,27 @@ class DLM_Admin_Writepanels {
113	do_action( 'dlm_information_start', $download->get_id(), $download );
114	?>
115	<p>
116	- <label for="dlm-info-id"><?php _e( 'ID', 'download-monitor' ); ?>
117	- <input type="text" id="dlm-info-id" value="<?php echo $download->get_id(); ?>" readonly
118	onfocus="this.select()"/>
119	</label>
120	</p>
121	<p>
122	- <label for="dlm-info-url"><?php _e( 'URL', 'download-monitor' ); ?>
123	- <input type="text" id="dlm-info-url" value="<?php echo $download->get_the_download_link(); ?>"
124	readonly onfocus="this.select()"/>
125	</label>
126	</p>
127	<p>
128	- <label for="dlm-info-shortcode"><?php _e( 'Shortcode', 'download-monitor' ); ?>
129	<input type="text" id="dlm-info-shortcode"
130	- value='[download id="<?php echo $download->get_id(); ?>"]' readonly onfocus="this.select()"/>
131	</label>
132	</p>
133	<?php
134	do_action( 'dlm_information_end', $download->get_id(), $download );
135	} catch ( Exception $e ) {
136	- echo "<p>" . __( "No download information for new downloads.", 'download-monitor' ) . "</p>";
137	}
138
139	echo '</div>';
	@@ -163,20 +153,20 @@ class DLM_Admin_Writepanels {
163
164	echo '<p class="form-field form-field-checkbox">
165	<input type="checkbox" name="_featured" id="_featured" ' . checked( true, $download->is_featured(), false ) . ' />
166	- <label for="_featured">' . __( 'Featured download', 'download-monitor' ) . '</label>
167	- <span class="dlm-description">' . __( 'Mark this download as featured. Used by shortcodes and widgets.', 'download-monitor' ) . '</span>
168	</p>';
169
170	echo '<p class="form-field form-field-checkbox">
171	<input type="checkbox" name="_members_only" id="_members_only" ' . checked( true, $download->is_members_only(), false ) . ' />
172	- <label for="_members_only">' . __( 'Members only', 'download-monitor' ) . '</label>
173	- <span class="dlm-description">' . __( 'Only logged in users will be able to access the file via a download link if this is enabled.', 'download-monitor' ) . '</span>
174	</p>';
175
176	echo '<p class="form-field form-field-checkbox">
177	<input type="checkbox" name="_redirect_only" id="_redirect_only" ' . checked( true, $download->is_redirect_only(), false ) . ' />
178	- <label for="_redirect_only">' . __( 'Redirect to file', 'download-monitor' ) . '</label>
179	- <span class="dlm-description">' . __( 'Don\'t force download. If the <code>dlm_uploads</code> folder is protected you may need to move your file.', 'download-monitor' ) . '</span>
180	</p>';
181
182	do_action( 'dlm_options_end', $download->get_id(), $download );
	@@ -209,20 +199,20 @@ class DLM_Admin_Writepanels {
209	?>
210	<div class="download_monitor_files dlm-metaboxes-wrapper">
211
212	- <input type="hidden" name="dlm_post_id" id="dlm-post-id" value="<?php echo $post->ID; ?>"/>
213	<input type="hidden" name="dlm_post_id" id="dlm-plugin-url"
214	- value="<?php echo download_monitor()->get_plugin_url(); ?>"/>
215	<input type="hidden" name="dlm_post_id" id="dlm-ajax-nonce-add-file"
216	- value="<?php echo wp_create_nonce( "add-file" ); ?>"/>
217	<input type="hidden" name="dlm_post_id" id="dlm-ajax-nonce-remove-file"
218	- value="<?php echo wp_create_nonce( "remove-file" ); ?>"/>
219
220	<?php do_action( 'dlm_download_monitor_files_writepanel_start', $download ); ?>
221
222	<p class="toolbar">
223	- <a href="#" class="button plus add_file"><?php _e( 'Add file', 'download-monitor' ); ?></a>
224	- <a href="#" class="close_all"><?php _e( 'Close all', 'download-monitor' ); ?></a>
225	- <a href="#" class="expand_all"><?php _e( 'Expand all', 'download-monitor' ); ?></a>
226	</p>
227
228	<div class="dlm-metaboxes downloadable_files">
	@@ -305,7 +295,9 @@ class DLM_Admin_Writepanels {
305	if ( is_int( wp_is_post_autosave( $post ) ) ) {
306	return;
307	}
308	- if ( ~~empty( $_POST['dlm_nonce'] ) \|\| ! wp_verify_nonce( $_POST['dlm_nonce'], 'save_meta_data' ) ) {~~


309	return;
310	}
311	if ( ! current_user_can( 'edit_post', $post_id ) ) {
	@@ -363,7 +355,8 @@ class DLM_Admin_Writepanels {
363	// Process files
364	if ( isset( $_POST['downloadable_file_id'] ) ) {
365
366	- // gather post data

367	$downloadable_file_id = $_POST['downloadable_file_id'];
368	$downloadable_file_menu_order = $_POST['downloadable_file_menu_order'];
369	$downloadable_file_version = $_POST['downloadable_file_version'];
	@@ -372,6 +365,7 @@ class DLM_Admin_Writepanels {
372	$downloadable_file_date_hour = $_POST['downloadable_file_date_hour'];
373	$downloadable_file_date_minute = $_POST['downloadable_file_date_minute'];
374	$downloadable_file_download_count = $_POST['downloadable_file_download_count'];

375
376	// loop
377	for ( $i = 0; $i <= max( array_keys( $downloadable_file_id ) ); $i ++ ) {


32	remove_meta_box( 'submitdiv', 'dlm_download', 'side' );
33
34	$meta_boxes = apply_filters( 'dlm_download_metaboxes', array(
35	+ array(
36	+ 'id' => 'submitdiv',
37	+ 'title' => esc_html__( 'Publish' ),
38	+ 'callback' => 'post_submit_meta_box',
39	+ 'screen' => 'dlm_download',
40	+ 'context' => 'side',
41	+ 'priority' => 1
42	+ ),
43	+ array(
44	+ 'id' => 'download-monitor-information',
45	+ 'title' => esc_html__( 'Download Information', 'download-monitor' ),
46	+ 'callback' => array( $this, 'download_information' ),
47	+ 'screen' => 'dlm_download',
48	+ 'context' => 'side',
49	+ 'priority' => 5
50	+ ),
51	+ array(
52	+ 'id' => 'download-monitor-options',
53	+ 'title' => esc_html__( 'Download Options', 'download-monitor' ),
54	+ 'callback' => array( $this, 'download_options' ),
55	+ 'screen' => 'dlm_download',
56	+ 'context' => 'side',
57	+ 'priority' => 10
58	+ ),
59	+ array(
60	+ 'id' => 'download-monitor-file',
61	+ 'title' => esc_html__( 'Downloadable Files/Versions', 'download-monitor' ),
62	+ 'callback' => array( $this, 'download_files' ),
63	+ 'screen' => 'dlm_download',
64	+ 'context' => 'normal',
65	+ 'priority' => 20
66	+ ),
67	+ ) );










68
69	uasort( $meta_boxes, array( 'DLM_Admin_Helper', 'sort_data_by_priority' ) );
70

76	// Excerpt
77	if ( function_exists( 'wp_editor' ) ) {
78	remove_meta_box( 'postexcerpt', 'dlm_download', 'normal' );
79	+ add_meta_box( 'postexcerpt', esc_html__( 'Short Description', 'download-monitor' ), array(
80	$this,
81	'short_description'
82	), 'dlm_download', 'normal', 'high' );

103	do_action( 'dlm_information_start', $download->get_id(), $download );
104	?>
105	<p>
106	+ <label for="dlm-info-id"><?php echo esc_html__( 'ID', 'download-monitor' ); ?>
107	+ <input type="text" id="dlm-info-id" value="<?php echo esc_attr( $download->get_id() ); ?>" readonly
108	onfocus="this.select()"/>
109	</label>
110	</p>
111	<p>
112	+ <label for="dlm-info-url"><?php echo esc_html__( 'URL', 'download-monitor' ); ?>
113	+ <input type="text" id="dlm-info-url" value="<?php echo esc_attr( $download->get_the_download_link() ); ?>"
114	readonly onfocus="this.select()"/>
115	</label>
116	</p>
117	<p>
118	+ <label for="dlm-info-shortcode"><?php echo esc_html__( 'Shortcode', 'download-monitor' ); ?>
119	<input type="text" id="dlm-info-shortcode"
120	+ value='[download id="<?php echo esc_attr( $download->get_id() ); ?>"]' readonly onfocus="this.select()"/>
121	</label>
122	</p>
123	<?php
124	do_action( 'dlm_information_end', $download->get_id(), $download );
125	} catch ( Exception $e ) {
126	+ echo "<p>" . esc_html__( "No download information for new downloads.", 'download-monitor' ) . "</p>";
127	}
128
129	echo '</div>';

153
154	echo '<p class="form-field form-field-checkbox">
155	<input type="checkbox" name="_featured" id="_featured" ' . checked( true, $download->is_featured(), false ) . ' />
156	+ <label for="_featured">' . esc_html__( 'Featured download', 'download-monitor' ) . '</label>
157	+ <span class="dlm-description">' . esc_html__( 'Mark this download as featured. Used by shortcodes and widgets.', 'download-monitor' ) . '</span>
158	</p>';
159
160	echo '<p class="form-field form-field-checkbox">
161	<input type="checkbox" name="_members_only" id="_members_only" ' . checked( true, $download->is_members_only(), false ) . ' />
162	+ <label for="_members_only">' . esc_html__( 'Members only', 'download-monitor' ) . '</label>
163	+ <span class="dlm-description">' . esc_html__( 'Only logged in users will be able to access the file via a download link if this is enabled.', 'download-monitor' ) . '</span>
164	</p>';
165
166	echo '<p class="form-field form-field-checkbox">
167	<input type="checkbox" name="_redirect_only" id="_redirect_only" ' . checked( true, $download->is_redirect_only(), false ) . ' />
168	+ <label for="_redirect_only">' . esc_html__( 'Redirect to file', 'download-monitor' ) . '</label>
169	+ <span class="dlm-description">' . wp_kses_post( __( 'Don\'t force download. If the <code>dlm_uploads</code> folder is protected you may need to move your file.', 'download-monitor' ) ) . '</span>
170	</p>';
171
172	do_action( 'dlm_options_end', $download->get_id(), $download );

199	?>
200	<div class="download_monitor_files dlm-metaboxes-wrapper">
201
202	+ <input type="hidden" name="dlm_post_id" id="dlm-post-id" value="<?php echo esc_attr( $post->ID ); ?>"/>
203	<input type="hidden" name="dlm_post_id" id="dlm-plugin-url"
204	+ value="<?php echo esc_attr( download_monitor()->get_plugin_url() ); ?>"/>
205	<input type="hidden" name="dlm_post_id" id="dlm-ajax-nonce-add-file"
206	+ value="<?php echo esc_attr(wp_create_nonce( "add-file" )); ?>"/>
207	<input type="hidden" name="dlm_post_id" id="dlm-ajax-nonce-remove-file"
208	+ value="<?php echo esc_attr(wp_create_nonce( "remove-file" )); ?>"/>
209
210	<?php do_action( 'dlm_download_monitor_files_writepanel_start', $download ); ?>
211
212	<p class="toolbar">
213	+ <a href="#" class="button plus add_file"><?php echo esc_html__( 'Add file', 'download-monitor' ); ?></a>
214	+ <a href="#" class="close_all"><?php echo esc_html__( 'Close all', 'download-monitor' ); ?></a>
215	+ <a href="#" class="expand_all"><?php echo esc_html__( 'Expand all', 'download-monitor' ); ?></a>
216	</p>
217
218	<div class="dlm-metaboxes downloadable_files">

295	if ( is_int( wp_is_post_autosave( $post ) ) ) {
296	return;
297	}
298	+ // validate nonce.
299	+ // phpcs:ignore
300	+ if ( empty( $_POST['dlm_nonce'] ) \|\| ! wp_verify_nonce( wp_unslash($_POST['dlm_nonce']), 'save_meta_data' ) ) {
301	return;
302	}
303	if ( ! current_user_can( 'edit_post', $post_id ) ) {

355	// Process files
356	if ( isset( $_POST['downloadable_file_id'] ) ) {
357
358	+ // gather post data we will sanitize in for becase each variable is an array.
359	+ // phpcs:disable
360	$downloadable_file_id = $_POST['downloadable_file_id'];
361	$downloadable_file_menu_order = $_POST['downloadable_file_menu_order'];
362	$downloadable_file_version = $_POST['downloadable_file_version'];

365	$downloadable_file_date_hour = $_POST['downloadable_file_date_hour'];
366	$downloadable_file_date_minute = $_POST['downloadable_file_date_minute'];
367	$downloadable_file_download_count = $_POST['downloadable_file_download_count'];
368	+ // phpcs:enable
369
370	// loop
371	for ( $i = 0; $i <= max( array_keys( $downloadable_file_id ) ); $i ++ ) {

src/Ajax/CreatePage.php CHANGED Viewed

	@@ -52,7 +52,7 @@ class DLM_Ajax_CreatePage extends DLM_Ajax {
52	) );
53	}
54	}
55	-
56	wp_send_json( array( 'result' => 'failed', 'error' => __( "No page set", 'download-monitor' ) ) );
57
58	exit;


52	) );
53	}
54	}
55	+
56	wp_send_json( array( 'result' => 'failed', 'error' => __( "No page set", 'download-monitor' ) ) );
57
58	exit;

src/Ajax/GetVersions.php CHANGED Viewed

	@@ -18,6 +18,11 @@ class DLM_Ajax_GetVersions extends DLM_Ajax {
18	// check nonce
19	$this->check_nonce();
20





21	$download_id = absint( $_GET['download_id'] );
22
23	try {


18	// check nonce
19	$this->check_nonce();
20
21	+ if ( ! isset( $_GET['download_id'] ) ) {
22	+ wp_send_json( array() );
23	+ exit;
24	+ }
25	+
26	$download_id = absint( $_GET['download_id'] );
27
28	try {

src/Ajax/Manager.php CHANGED Viewed

	@@ -57,7 +57,7 @@ class DLM_Ajax_Manager {
57
58	// set AJAX action if it's set in $_GET
59	if ( ! empty( $_GET[ self::ENDPOINT ] ) ) {
60	- $wp_query->set( self::ENDPOINT, sanitize_text_field( $_GET[ self::ENDPOINT ] ) );
61	}
62
63	// check if endpoint is not false or an empty string


57
58	// set AJAX action if it's set in $_GET
59	if ( ! empty( $_GET[ self::ENDPOINT ] ) ) {
60	+ $wp_query->set( self::ENDPOINT, sanitize_text_field( wp_unslash($_GET[ self::ENDPOINT ]) ) );
61	}
62
63	// check if endpoint is not false or an empty string

src/AjaxHandler.php CHANGED Viewed

	@@ -49,7 +49,7 @@ class DLM_Ajax_Handler {
49	$attachment_url = wp_get_attachment_url( $attachment_id );
50
51	if ( false !== $attachment_url ) {
52	- echo $attachment_url;
53	}
54	}
55
	@@ -71,6 +71,10 @@ class DLM_Ajax_Handler {
71	die();
72	}
73




74	$file = get_post( intval( $_POST['file_id'] ) );
75
76	if ( $file && $file->post_type == "dlm_download_version" ) {
	@@ -100,8 +104,8 @@ class DLM_Ajax_Handler {
100	}
101
102	// get POST data
103	- $download_id = absint( $_POST['post_id'] );
104	- $size = absint( $_POST['size'] );
105
106	/** @var DLM_Download_Version $new_version */
107	$new_version = new DLM_Download_Version();
	@@ -149,39 +153,40 @@ class DLM_Ajax_Handler {
149	die();
150	}
151
152	- ~~$path~~ ~~= esc_attr~~( ~~stripslashes~~( $_POST['path'] ) );
153	-
154	- ~~if ( $path ) {~~
155
156	- // ~~List~~ ~~all~~ ~~files~~
157	- $files = download_monitor()->service( 'file_manager' )->list_files( $path );
158
159	- ~~foreach~~ ( $files ~~as $found_file ) {~~

160
161	- // ~~Multi-byte-safe~~ ~~pathinfo~~
162	- $file = download_monitor()->service( 'file_manager' )->mb_pathinfo( $found_file['path'] );
163
164	- if ( ~~$found_file['type'] == 'folder' ) {~~

165
166	- ~~echo~~ ~~'<li><a href="#" class="folder" data-path="' . trailingslashit~~( $~~file~~['~~dirname~~'] ) ~~. $file[~~'~~basename~~'] . ~~'">' . $file['basename'] . '</a></li>';~~
167
168	- } ~~else~~ {
169
170	- ~~$filename =~~ ~~$file['basename'];~~
171	- $extension = ( empty( $file['extension'] ) ) ? '' : $file['extension'];
172
173	- ~~if ( substr(~~ $filename, ~~0, 1 ) ==~~ '.' ~~) {~~
174	- ~~continue~~;
175	- } // Ignore files starting with . like htaccess
176	- if ( in_array( $extension, array( '', 'php', 'html', 'htm', 'tmp' ) ) ) {
177	- continue;
178	- } // Ignored file types
179
180	- ~~echo~~ ~~'<li><a~~ ~~href="#" class="file filetype-' . sanitize_title~~( $~~extension~~ ) . ~~'" data-path="' . trailingslashit( $file['dirname']~~ ) . ~~$file[~~'~~basename']~~ . '~~">'~~ . ~~$file['basename'] . '</a></li>';~~





181
182	- }
183
184	}

185	}
186
187	die();
	@@ -198,7 +203,7 @@ class DLM_Ajax_Handler {
198	}
199
200	// the notice
201	- $notice = $_POST['notice'];
202
203	// check nonce
204	check_ajax_referer( 'dlm_hide_notice-' . $notice, 'nonce' );
	@@ -218,8 +223,13 @@ class DLM_Ajax_Handler {
218	// check nonce
219	check_ajax_referer( 'dlm-settings-lazy-select-nonce', 'nonce' );
220





221	// settings key
222	- $option_key = sanitize_text_field( $_POST['option'] );
223
224	// get options
225	$options = apply_filters( 'dlm_settings_lazy_select_'.$option_key, array() );
	@@ -239,10 +249,10 @@ class DLM_Ajax_Handler {
239	check_ajax_referer( 'dlm-ajax-nonce', 'nonce' );
240
241	// Post vars
242	- $product_id = sanitize_text_field( $_POST['product_id'] );
243	- $key = sanitize_text_field( $_POST['key'] );
244	- $email = sanitize_text_field( $_POST['email'] );
245	- $extension_action = $_POST['extension_action'];
246
247	// Get products
248	$products = DLM_Product_Manager::get()->get_products();


49	$attachment_url = wp_get_attachment_url( $attachment_id );
50
51	if ( false !== $attachment_url ) {
52	+ echo esc_url( $attachment_url );
53	}
54	}
55

71	die();
72	}
73
74	+ if ( ! isset( $_POST['file_id'] ) ) {
75	+ die();
76	+ }
77	+
78	$file = get_post( intval( $_POST['file_id'] ) );
79
80	if ( $file && $file->post_type == "dlm_download_version" ) {

104	}
105
106	// get POST data
107	+ $download_id = isset( $_POST['post_id'] ) ? absint( $_POST['post_id'] ) : 0;
108	+ $size = isset( $_POST['size'] ) ? absint( $_POST['size'] ) : 0;
109
110	/** @var DLM_Download_Version $new_version */
111	$new_version = new DLM_Download_Version();

153	die();
154	}
155
156	+ if ( ! isset( $_POST['path'] ) ) {
157	+ die();
158	+ }
159
160	+ $path = sanitize_text_field( wp_unslash( $_POST['path'] ) );

161
162	+ // List all files
163	+ $files = download_monitor()->service( 'file_manager' )->list_files( $path );
164
165	+ foreach ( $files as $found_file ) {

166
167	+ // Multi-byte-safe pathinfo
168	+ $file = download_monitor()->service( 'file_manager' )->mb_pathinfo( $found_file['path'] );
169
170	+ if ( $found_file['type'] == 'folder' ) {
171
172	+ echo '<li><a href="#" class="folder" data-path="' . esc_attr( trailingslashit( $file['dirname'] ) ) . esc_attr( $file['basename'] ) . '">' . esc_attr( $file['basename'] ) . '</a></li>';
173
174	+ } else {

175
176	+ $filename = $file['basename'];
177	+ $extension = ( empty( $file['extension'] ) ) ? '' : $file['extension'];




178
179	+ if ( substr( $filename, 0, 1 ) == '.' ) {
180	+ continue;
181	+ } // Ignore files starting with . like htaccess
182	+ if ( in_array( $extension, array( '', 'php', 'html', 'htm', 'tmp' ) ) ) {
183	+ continue;
184	+ } // Ignored file types
185
186	+ echo '<li><a href="#" class="file filetype-' . esc_attr( sanitize_title( $extension ) ) . '" data-path="' . esc_attr( trailingslashit( $file['dirname'] ) ) . esc_attr( $file['basename'] ) . '">' . esc_attr( $file['basename'] ) . '</a></li>';
187
188	}
189	+
190	}
191
192	die();

203	}
204
205	// the notice
206	+ $notice = sanitize_text_field( wp_unslash($_POST['notice']) );
207
208	// check nonce
209	check_ajax_referer( 'dlm_hide_notice-' . $notice, 'nonce' );

223	// check nonce
224	check_ajax_referer( 'dlm-settings-lazy-select-nonce', 'nonce' );
225
226	+ if ( ! isset( $_POST['option'] ) ) {
227	+ wp_send_json_error();
228	+ exit;
229	+ }
230	+
231	// settings key
232	+ $option_key = sanitize_text_field( wp_unslash($_POST['option']) );
233
234	// get options
235	$options = apply_filters( 'dlm_settings_lazy_select_'.$option_key, array() );

249	check_ajax_referer( 'dlm-ajax-nonce', 'nonce' );
250
251	// Post vars
252	+ $product_id = isset( $_POST['product_id'] ) ? sanitize_text_field( wp_unslash($_POST['product_id']) ) : 0;
253	+ $key = isset( $_POST['key'] ) ? sanitize_text_field( wp_unslash($_POST['key']) ) : '';
254	+ $email = isset( $_POST['email'] ) ? sanitize_text_field( wp_unslash($_POST['email']) ) : '';
255	+ $extension_action = isset( $_POST['extension_action'] ) ? sanitize_text_field( wp_unslash($_POST['extension_action']) ) : 'activate';
256
257	// Get products
258	$products = DLM_Product_Manager::get()->get_products();

src/CookieManager.php CHANGED Viewed

	@@ -38,7 +38,7 @@ class DLM_Cookie_Manager {
38	public static function get_cookie_data() {
39	$cdata = null;
40	if ( ! empty( $_COOKIE[ self::KEY ] ) ) {
41	- $cdata = json_decode( base64_decode( $_COOKIE[ self::KEY ] ), true );
42	}
43
44	return $cdata;


38	public static function get_cookie_data() {
39	$cdata = null;
40	if ( ! empty( $_COOKIE[ self::KEY ] ) ) {
41	+ $cdata = json_decode( base64_decode( sanitize_text_field( wp_unslash( $_COOKIE[ self::KEY ] ) ) ), true );
42	}
43
44	return $cdata;

src/Dependencies/PayPal/Rest/ApiContext.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php
2	-
3	namespace Never5\DownloadMonitor\Dependencies\PayPal\Rest;
4
5	use Never5\DownloadMonitor\Dependencies\PayPal\Core\PayPalConfigManager;


1	<?php
2	+ // phpcs:ignoreFile
3	namespace Never5\DownloadMonitor\Dependencies\PayPal\Rest;
4
5	use Never5\DownloadMonitor\Dependencies\PayPal\Core\PayPalConfigManager;

src/Dependencies/Pimple/Container.php CHANGED Viewed

	@@ -246,7 +246,7 @@ class Container implements \ArrayAccess
246	}
247
248	if (isset($this->protected[$this->values[$id]])) {
249	- @\trigger_error(\sprintf('How Pimple behaves when extending protected closures will be fixed in Pimple 4. Are you sure "%s" should be protected?', $id), \E_USER_DEPRECATED);
250	}
251
252	if (!\is_object($callable) \|\| !\method_exists($callable, '__invoke')) {


246	}
247
248	if (isset($this->protected[$this->values[$id]])) {
249	+ @\trigger_error(\sprintf('How Pimple behaves when extending protected closures will be fixed in Pimple 4. Are you sure "%s" should be protected?', esc_html($id)), \E_USER_DEPRECATED);
250	}
251
252	if (!\is_object($callable) \|\| !\method_exists($callable, '__invoke')) {

src/Dependencies/Pimple/Tests/PimpleTest.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php
2	-
3	/*
4	* This file is part of Pimple.
5	*


1	<?php
2	+ // phpcs:ignoreFile
3	/*
4	* This file is part of Pimple.
5	*

src/Download/Download.php CHANGED Viewed

	@@ -105,7 +105,7 @@ class DLM_Download {
105	* @return void
106	*/
107	public function the_title() {
108	- echo $this->get_title();
109	}
110
111	/**
	@@ -173,7 +173,7 @@ class DLM_Download {
173	* @return void
174	*/
175	public function the_author() {
176	- echo $this->get_the_author();
177	}
178
179	/**
	@@ -201,7 +201,7 @@ class DLM_Download {
201	* Prints the excerpt
202	*/
203	public function the_excerpt() {
204	- echo wpautop( do_shortcode( $this->get_excerpt() ) );
205	}
206
207	/**
	@@ -317,7 +317,7 @@ class DLM_Download {
317	* @return void
318	*/
319	public function the_image( $size = 'full' ) {
320	- echo $this->get_image( $size );
321	}
322
323	/**
	@@ -327,7 +327,7 @@ class DLM_Download {
327	* @return void
328	*/
329	public function the_download_link() {
330	- echo $this->get_the_download_link();
331	}
332
333	/**
	@@ -630,7 +630,7 @@ class DLM_Download {
630	public function the_download_count() {
631	DLM_Debug_Logger::deprecated( "DLM_Download::the_download_count()" );
632
633	- echo $this->get_download_count();
634	}
635
636	/**
	@@ -729,7 +729,7 @@ class DLM_Download {
729	public function the_version_number() {
730	DLM_Debug_Logger::deprecated( 'DLM_Download::the_version_number()' );
731
732	- echo $this->get_version()->get_version_number();
733	}
734
735	/**
	@@ -771,7 +771,7 @@ class DLM_Download {
771	public function the_filename() {
772	DLM_Debug_Logger::deprecated( 'DLM_Download::get_the_filename()' );
773
774	- echo $this->get_version()->get_filename();
775	}
776
777	/**
	@@ -813,7 +813,7 @@ class DLM_Download {
813	public function the_filesize() {
814	DLM_Debug_Logger::deprecated( 'DLM_Download::the_filesize()' );
815
816	- echo $this->get_version()->get_filesize_formatted();
817	}
818
819	/**
	@@ -848,7 +848,7 @@ class DLM_Download {
848	DLM_Debug_Logger::deprecated( 'DLM_Download::the_hash()' );
849
850	if ( method_exists( $this->get_version(), "get_" . $type ) ) {
851	- echo call_user_func( array( $this->get_version(), "get_" . $type ) );
852	}
853	}
854
	@@ -877,6 +877,6 @@ class DLM_Download {
877	public function the_filetype() {
878	DLM_Debug_Logger::deprecated( 'DLM_Download::the_filetype()' );
879
880	- echo $this->get_version()->get_filetype();
881	}
882	}


105	* @return void
106	*/
107	public function the_title() {
108	+ echo esc_html( $this->get_title() );
109	}
110
111	/**

173	* @return void
174	*/
175	public function the_author() {
176	+ echo esc_html( $this->get_the_author() );
177	}
178
179	/**

201	* Prints the excerpt
202	*/
203	public function the_excerpt() {
204	+ echo wp_kses_post( wpautop( do_shortcode( $this->get_excerpt() ) ) );
205	}
206
207	/**

317	* @return void
318	*/
319	public function the_image( $size = 'full' ) {
320	+ echo wp_kses_post( $this->get_image( $size ) );
321	}
322
323	/**

327	* @return void
328	*/
329	public function the_download_link() {
330	+ echo esc_url( $this->get_the_download_link() );
331	}
332
333	/**

630	public function the_download_count() {
631	DLM_Debug_Logger::deprecated( "DLM_Download::the_download_count()" );
632
633	+ echo esc_html( $this->get_download_count() );
634	}
635
636	/**

729	public function the_version_number() {
730	DLM_Debug_Logger::deprecated( 'DLM_Download::the_version_number()' );
731
732	+ echo esc_html( $this->get_version()->get_version_number() );
733	}
734
735	/**

771	public function the_filename() {
772	DLM_Debug_Logger::deprecated( 'DLM_Download::get_the_filename()' );
773
774	+ echo esc_html( $this->get_version()->get_filename() );
775	}
776
777	/**

813	public function the_filesize() {
814	DLM_Debug_Logger::deprecated( 'DLM_Download::the_filesize()' );
815
816	+ echo esc_html( $this->get_version()->get_filesize_formatted() );
817	}
818
819	/**

848	DLM_Debug_Logger::deprecated( 'DLM_Download::the_hash()' );
849
850	if ( method_exists( $this->get_version(), "get_" . $type ) ) {
851	+ echo esc_html(call_user_func( array( $this->get_version(), "get_" . $type ) ));
852	}
853	}
854

877	public function the_filetype() {
878	DLM_Debug_Logger::deprecated( 'DLM_Download::the_filetype()' );
879
880	+ echo esc_html( $this->get_version()->get_filetype() );
881	}
882	}

src/DownloadHandler.php CHANGED Viewed

	@@ -208,14 +208,14 @@ class DLM_Download_Handler {
208	global $wp, $wpdb;
209
210	// check HTTP method
211	- $request_method = ( ! empty( $_SERVER['REQUEST_METHOD'] ) ? $_SERVER['REQUEST_METHOD'] : 'GET' );
212	if ( ! in_array( $request_method, apply_filters( 'dlm_accepted_request_methods', array( 'GET', 'POST' ) ) ) ) {
213	return;
214	}
215
216	// GET to query_var
217	if ( ! empty( $_GET[ $this->endpoint ] ) ) {
218	- $wp->query_vars[ $this->endpoint ] = $_GET[ $this->endpoint ];
219	}
220
221	// check if endpoint is set but is empty
	@@ -250,7 +250,7 @@ class DLM_Download_Handler {
250	if ( '1' == get_option( 'dlm_hotlink_protection_enabled' ) ) {
251
252	// Get referer
253	- $referer = ! empty( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : '';
254
255	// Check if referer isn't empty or if referer is empty but empty referer isn't allowed
256	if ( ! empty( $referer ) \|\| ( empty( $referer ) && apply_filters( 'dlm_hotlink_block_empty_referer', false ) ) ) {
	@@ -282,19 +282,19 @@ class DLM_Download_Handler {
282	try {
283	$download = download_monitor()->service( 'download_repository' )->retrieve_single( $download_id );
284	} catch ( Exception $e ) {
285	- wp_die( __( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
286	}
287	}
288
289	if ( ! $download ) {
290	- wp_die( __( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
291	}
292
293	// Handle version (if set)
294	$version_id = '';
295
296	if ( ! empty( $_GET['version'] ) ) {
297	- $version_id = $download->get_version_id_version_name( $_GET['version'] );
298	}
299
300	if ( ! empty( $_GET['v'] ) ) {
	@@ -314,14 +314,14 @@ class DLM_Download_Handler {
314	// Action on found download
315	if ( $download->exists() ) {
316	if ( post_password_required( $download_id ) ) {
317	- wp_die( get_the_password_form( $download_id ), __( 'Password Required', 'download-monitor' ) );
318	}
319
320	$this->trigger( $download );
321	} elseif ( $redirect = apply_filters( 'dlm_404_redirect', false ) ) {
322	wp_redirect( $redirect );
323	} else {
324	- wp_die( __( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
325	}
326
327	die( '1' );
	@@ -398,7 +398,7 @@ class DLM_Download_Handler {
398
399	// Check if we got files in this version
400	if ( empty( $file_paths ) ) {
401	- wp_die( __( 'No file paths defined.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ) );
402	}
403
404	// Get a random file (mirror)
	@@ -406,7 +406,7 @@ class DLM_Download_Handler {
406
407	// Check if we actually got a path
408	if ( ! $file_path ) {
409	- wp_die( __( 'No file paths defined.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ) );
410	}
411
412	// Check Access
	@@ -446,7 +446,7 @@ class DLM_Download_Handler {
446	}
447
448	// if we get to this point, we have no proper 'no access' page. Fallback to default wp_die
449	- wp_die( wp_kses_post( get_option( 'dlm_no_access_error', '' ) ), __( 'Download Error', 'download-monitor' ), array( 'response' => 200 ) );
450
451	}
452
	@@ -516,7 +516,11 @@ class DLM_Download_Handler {
516
517	$this->log( 'download', 'redirected', __( 'Redirected to file', 'download-monitor' ), $download, $version );
518
519	- ~~$file_path~~ = ~~str_ireplace~~( $_SERVER['DOCUMENT_ROOT'], ~~'',~~ ~~$file_path~~ );




520	header( "X-Accel-Redirect: /$file_path" );
521	exit;
522	}
	@@ -524,6 +528,7 @@ class DLM_Download_Handler {
524
525	// multipart-download and download resuming support - http://www.phpgang.com/force-to-download-a-file-in-php_112.html
526	if ( isset( $_SERVER['HTTP_RANGE'] ) && $version->get_filesize() ) {

527	list( $a, $range ) = explode( "=", $_SERVER['HTTP_RANGE'], 2 );
528	list( $range ) = explode( ",", $range, 2 );
529	list( $range, $range_end ) = explode( "-", $range );
	@@ -560,7 +565,7 @@ class DLM_Download_Handler {
560	} else {
561	$this->log( 'download', 'failed', __( 'File not found.', 'download-monitor' ), $download, $version );
562
563	- wp_die( __( 'File not found.', 'download-monitor' ) . ' <a href="' . home_url() . '">' . __( 'Go to homepage →', 'download-monitor' ) . '</a>', __( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
564	}
565
566	exit;
	@@ -684,6 +689,7 @@ class DLM_Download_Handler {
684
685	while ( ! feof( $handle ) ) {
686	$buffer = fread( $handle, $chunksize );

687	echo $buffer;
688
689	if ( $retbytes ) {


208	global $wp, $wpdb;
209
210	// check HTTP method
211	+ $request_method = ( ! empty( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : 'GET' );
212	if ( ! in_array( $request_method, apply_filters( 'dlm_accepted_request_methods', array( 'GET', 'POST' ) ) ) ) {
213	return;
214	}
215
216	// GET to query_var
217	if ( ! empty( $_GET[ $this->endpoint ] ) ) {
218	+ $wp->query_vars[ $this->endpoint ] = sanitize_text_field( wp_unslash($_GET[ $this->endpoint ]) );
219	}
220
221	// check if endpoint is set but is empty

250	if ( '1' == get_option( 'dlm_hotlink_protection_enabled' ) ) {
251
252	// Get referer
253	+ $referer = ! empty( $_SERVER['HTTP_REFERER'] ) ? sanitize_text_field( wp_unslash($_SERVER['HTTP_REFERER'])) : '';
254
255	// Check if referer isn't empty or if referer is empty but empty referer isn't allowed
256	if ( ! empty( $referer ) \|\| ( empty( $referer ) && apply_filters( 'dlm_hotlink_block_empty_referer', false ) ) ) {

282	try {
283	$download = download_monitor()->service( 'download_repository' )->retrieve_single( $download_id );
284	} catch ( Exception $e ) {
285	+ wp_die( esc_html__( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
286	}
287	}
288
289	if ( ! $download ) {
290	+ wp_die( esc_html__( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
291	}
292
293	// Handle version (if set)
294	$version_id = '';
295
296	if ( ! empty( $_GET['version'] ) ) {
297	+ $version_id = $download->get_version_id_version_name( sanitize_text_field( wp_unslash($_GET['version']) ) );
298	}
299
300	if ( ! empty( $_GET['v'] ) ) {

314	// Action on found download
315	if ( $download->exists() ) {
316	if ( post_password_required( $download_id ) ) {
317	+ wp_die( wp_kses_post( get_the_password_form( $download_id ) ), esc_html__( 'Password Required', 'download-monitor' ) );
318	}
319
320	$this->trigger( $download );
321	} elseif ( $redirect = apply_filters( 'dlm_404_redirect', false ) ) {
322	wp_redirect( $redirect );
323	} else {
324	+ wp_die( esc_html__( 'Download does not exist.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
325	}
326
327	die( '1' );

398
399	// Check if we got files in this version
400	if ( empty( $file_paths ) ) {
401	+ wp_die( esc_html__( 'No file paths defined.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ) );
402	}
403
404	// Get a random file (mirror)

406
407	// Check if we actually got a path
408	if ( ! $file_path ) {
409	+ wp_die( esc_html__( 'No file paths defined.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ) );
410	}
411
412	// Check Access

446	}
447
448	// if we get to this point, we have no proper 'no access' page. Fallback to default wp_die
449	+ wp_die( wp_kses_post( get_option( 'dlm_no_access_error', '' ) ), esc_html__( 'Download Error', 'download-monitor' ), array( 'response' => 200 ) );
450
451	}
452

516
517	$this->log( 'download', 'redirected', __( 'Redirected to file', 'download-monitor' ), $download, $version );
518
519	+ if ( isset( $_SERVER['DOCUMENT_ROOT'] ) ) {
520	+ // phpcs:ignore
521	+ $file_path = str_ireplace( $_SERVER['DOCUMENT_ROOT'], '', $file_path );
522	+ }
523	+
524	header( "X-Accel-Redirect: /$file_path" );
525	exit;
526	}

528
529	// multipart-download and download resuming support - http://www.phpgang.com/force-to-download-a-file-in-php_112.html
530	if ( isset( $_SERVER['HTTP_RANGE'] ) && $version->get_filesize() ) {
531	+ // phpcs:ignore
532	list( $a, $range ) = explode( "=", $_SERVER['HTTP_RANGE'], 2 );
533	list( $range ) = explode( ",", $range, 2 );
534	list( $range, $range_end ) = explode( "-", $range );

565	} else {
566	$this->log( 'download', 'failed', __( 'File not found.', 'download-monitor' ), $download, $version );
567
568	+ wp_die( esc_html__( 'File not found.', 'download-monitor' ) . ' <a href="' . esc_url( home_url() ) . '">' . esc_html__( 'Go to homepage →', 'download-monitor' ) . '</a>', esc_html__( 'Download Error', 'download-monitor' ), array( 'response' => 404 ) );
569	}
570
571	exit;

689
690	while ( ! feof( $handle ) ) {
691	$buffer = fread( $handle, $chunksize );
692	+ // phpcs:ignore
693	echo $buffer;
694
695	if ( $retbytes ) {

src/DownloadPreview/Preview.php CHANGED Viewed

	@@ -24,7 +24,7 @@ class DLM_DownloadPreview_Preview {
24	$config = new DLM_DownloadPreview_Config();
25
26	if ( isset( $_GET['download_id'] ) ) {
27	-
28	try {
29	/** @var DLM_Download $download */
30	$download = download_monitor()->service( 'download_repository' )->retrieve_single( absint( $_GET['download_id'] ) );
	@@ -50,11 +50,11 @@ class DLM_DownloadPreview_Preview {
50	}
51
52	if ( isset( $_GET['template'] ) ) {
53	- $config->set_template( $_GET['template'] );
54	}
55
56	if ( isset( $_GET['custom_template'] ) ) {
57	- $config->set_template( $_GET['custom_template'] );
58	}
59
60	return $config;
	@@ -81,7 +81,7 @@ class DLM_DownloadPreview_Preview {
81	$template_handler->get_template_part( 'content-download', $config->get_template(), '', array( 'dlm_download' => $config->get_download() ) );
82
83	} else {
84	- echo "<p>" . __( "Select a download first", 'download-monitor' ) . "</p>";
85	}
86
87	echo '</div></td></tr></table></body>


24	$config = new DLM_DownloadPreview_Config();
25
26	if ( isset( $_GET['download_id'] ) ) {
27	+
28	try {
29	/** @var DLM_Download $download */
30	$download = download_monitor()->service( 'download_repository' )->retrieve_single( absint( $_GET['download_id'] ) );

50	}
51
52	if ( isset( $_GET['template'] ) ) {
53	+ $config->set_template( sanitize_text_field( wp_unslash( $_GET['template'] ) ));
54	}
55
56	if ( isset( $_GET['custom_template'] ) ) {
57	+ $config->set_template( sanitize_text_field( wp_unslash( $_GET['custom_template'] ) ) );
58	}
59
60	return $config;

81	$template_handler->get_template_part( 'content-download', $config->get_template(), '', array( 'dlm_download' => $config->get_download() ) );
82
83	} else {
84	+ echo "<p>" . esc_html__( "Select a download first", 'download-monitor' ) . "</p>";
85	}
86
87	echo '</div></td></tr></table></body>

src/LegacyUpgrader/Ajax.php CHANGED Viewed

	@@ -52,6 +52,10 @@ class DLM_LU_Ajax {
52	exit;
53	}
54




55	// get download id
56	$download_id = absint( $_GET['download_id'] );
57
	@@ -107,6 +111,10 @@ class DLM_LU_Ajax {
107	exit;
108	}
109




110	// get download id
111	$content_id = absint( $_GET['content_id'] );
112


52	exit;
53	}
54
55	+ if ( ! isset( $_GET['download_id'] ) ) {
56	+ exit;
57	+ }
58	+
59	// get download id
60	$download_id = absint( $_GET['download_id'] );
61

111	exit;
112	}
113
114	+ if ( ! isset( $_GET['content_id'] ) ) {
115	+ exit;
116	+ }
117	+
118	// get download id
119	$content_id = absint( $_GET['content_id'] );
120

src/LegacyUpgrader/Page.php CHANGED Viewed

	@@ -38,14 +38,14 @@ class DLM_LU_Page {
38
39	?>
40	<div class="wrap">
41	- <h1><?php _e( 'Download Monitor - Legacy Upgrade', 'download-monitor' ); ?></h1><br/>
42	- <p><?php printf( __( "Welcome to the Download Monitor Legacy Upgrader. On this page we will upgrade your old Download Monitor (legacy) data so it will work with the latest version. If you're on this page, it should mean that you updated to this version from Download Monitor %s. If you're unsure if this is correct, or you want to read more about the legacy upgrade, we've setup a page that will explain this process in a lot more detail. %sClick here%s if to view that page.", 'download-monitor' ), "<strong>3.x</strong>", "<a href='https://www.download-monitor.com/kb/legacy-upgrade?utm_source=plugin&utm_medium=dlm-lu-upgrade-page&utm_campaign=dlm-lu-more-information' target='_blank'>", "</a>" ); ?></p>
43	<?php
44	if ( ! $show_upgrader ) {
45	?>
46	- <p style='font-weight:bold;color:#a00;font-size:1.4em;'><?php _e( "WARNING: We don't think your database needs upgrading. Only continue if you're 100% sure what you're doing!", 'download-monitor' ); ?></p>
47	<a class="button button-primary button-large"
48	- href="<?php echo add_query_arg( array( 'page' => 'dlm_legacy_upgrade', 'dlm_lu_force' => 'true' ), admin_url( 'options.php' ) ); ?>"><?php _e( "I'm sure I want to run the upgrader anyway", 'download-monitor' ); ?></a>
49	<?php
50	} else {
51	?>


38
39	?>
40	<div class="wrap">
41	+ <h1><?php echo esc_html__( 'Download Monitor - Legacy Upgrade', 'download-monitor' ); ?></h1><br/>
42	+ <p><?php printf( wp_kses_post( __( "Welcome to the Download Monitor Legacy Upgrader. On this page we will upgrade your old Download Monitor (legacy) data so it will work with the latest version. If you're on this page, it should mean that you updated to this version from Download Monitor %s. If you're unsure if this is correct, or you want to read more about the legacy upgrade, we've setup a page that will explain this process in a lot more detail. %sClick here%s if to view that page.", 'download-monitor' ) ), "<strong>3.x</strong>", "<a href='https://www.download-monitor.com/kb/legacy-upgrade?utm_source=plugin&utm_medium=dlm-lu-upgrade-page&utm_campaign=dlm-lu-more-information' target='_blank'>", "</a>" ); ?></p>
43	<?php
44	if ( ! $show_upgrader ) {
45	?>
46	+ <p style='font-weight:bold;color:#a00;font-size:1.4em;'><?php echo esc_html__( "WARNING: We don't think your database needs upgrading. Only continue if you're 100% sure what you're doing!", 'download-monitor' ); ?></p>
47	<a class="button button-primary button-large"
48	+ href="<?php echo esc_url( add_query_arg( array( 'page' => 'dlm_legacy_upgrade', 'dlm_lu_force' => 'true' ), admin_url( 'options.php' ) ) ); ?>"><?php echo esc_html__( "I'm sure I want to run the upgrader anyway", 'download-monitor' ); ?></a>
49	<?php
50	} else {
51	?>

src/Logs/LogExportCSV.php CHANGED Viewed

	@@ -32,8 +32,8 @@ class DLM_Log_Export_CSV {
32	}
33
34	// catch and sanitize filter values
35	- $filter_status = isset( $_REQUEST['filter_status'] ) ? sanitize_text_field( $_REQUEST['filter_status'] ) : '';
36	- $filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( $_REQUEST['filter_month'] ) : '';
37
38	// setup filters
39	$filters = array();
	@@ -155,7 +155,7 @@ class DLM_Log_Export_CSV {
155	header( "Content-Disposition: attachment; filename=download_log.csv" );
156	header( "Cache-Control: must-revalidate, post-check=0, pre-check=0" );
157	header( "Content-Length: " . strlen( $log ) );
158	- echo $log;
159	exit;
160	}
161	}


32	}
33
34	// catch and sanitize filter values
35	+ $filter_status = isset( $_REQUEST['filter_status'] ) ? sanitize_text_field( wp_unslash($_REQUEST['filter_status']) ) : '';
36	+ $filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( wp_unslash($_REQUEST['filter_month']) ) : '';
37
38	// setup filters
39	$filters = array();

155	header( "Content-Disposition: attachment; filename=download_log.csv" );
156	header( "Cache-Control: must-revalidate, post-check=0, pre-check=0" );
157	header( "Content-Length: " . strlen( $log ) );
158	+ echo wp_kses_post( $log );
159	exit;
160	}
161	}

src/Logs/LogPage.php CHANGED Viewed

	@@ -82,15 +82,18 @@ class DLM_Log_Page {
82
83	$DLM_Logging_List_Table = new DLM_Logging_List_Table();
84	$DLM_Logging_List_Table->prepare_items();



85	?>
86	<div class="wrap">
87	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
88
89	- <h1><?php _e( 'Download Logs', 'download-monitor' ); ?>
90	- <a href="<?php echo add_query_arg( 'dlm_download_logs', 'true', admin_url( 'edit.php?post_type=dlm_download&page=download-monitor-logs' ) ); ?>"
91	- class="add-new-h2"><?php _e( 'Export CSV', 'download-monitor' ); ?></a>
92	- <a onclick="return confirm('<?php _e( "Are you sure you want to delete ALL log items?", "download-monitor" ); ?>');" href="<?php echo ~~wp_nonce_url~~( ~~add_query_arg(~~ ~~'dlm_delete_logs', 'true', admin_url( 'edit.php?post_type=dlm_download&page=download-monitor-logs'~~ ) ~~), 'delete_logs' )~~; ?>"
93	- class="add-new-h2 dlm-delete-logs"><?php _e( 'Delete Logs', 'download-monitor' ); ?></a></h1><br/>
94
95	<form id="dlm_logs" method="post">
96	<?php $DLM_Logging_List_Table->display() ?>


82
83	$DLM_Logging_List_Table = new DLM_Logging_List_Table();
84	$DLM_Logging_List_Table->prepare_items();
85	+
86	+ $delete_url = wp_nonce_url( add_query_arg( 'dlm_delete_logs', 'true', admin_url( 'edit.php?post_type=dlm_download&page=download-monitor-logs' ) ), 'delete_logs' );
87	+
88	?>
89	<div class="wrap">
90	<div id="icon-edit" class="icon32 icon32-posts-dlm_download"><br/></div>
91
92	+ <h1><?php echo esc_html__( 'Download Logs', 'download-monitor' ); ?>
93	+ <a href="<?php echo esc_url( add_query_arg( 'dlm_download_logs', 'true', admin_url( 'edit.php?post_type=dlm_download&page=download-monitor-logs' ) ) ); ?>"
94	+ class="add-new-h2"><?php echo esc_html__( 'Export CSV', 'download-monitor' ); ?></a>
95	+ <a onclick="return confirm('<?php echo esc_html__( "Are you sure you want to delete ALL log items?", "download-monitor" ); ?>');" href="<?php echo esc_url( $delete_url ); ?>"
96	+ class="add-new-h2 dlm-delete-logs"><?php echo esc_html__( 'Delete Logs', 'download-monitor' ); ?></a></h1><br/>
97
98	<form id="dlm_logs" method="post">
99	<?php $DLM_Logging_List_Table->display() ?>

src/Logs/LoggingListTable.php CHANGED Viewed

	@@ -29,9 +29,9 @@ class DLM_Logging_List_Table extends WP_List_Table {
29	'ajax' => false
30	) );
31
32	- $this->filter_status = isset( $_REQUEST['filter_status'] ) ? sanitize_text_field( $_REQUEST['filter_status'] ) : '';
33	$this->logs_per_page = ! empty( $_REQUEST['logs_per_page'] ) ? intval( $_REQUEST['logs_per_page'] ) : 25;
34	- $this->filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( $_REQUEST['filter_month'] ) : '';
35	$this->filter_user = ! empty( $_REQUEST['filter_user'] ) ? intval( $_REQUEST['filter_user'] ) : 0;
36
37	if ( $this->logs_per_page < 1 ) {
	@@ -221,7 +221,7 @@ class DLM_Logging_List_Table extends WP_List_Table {
221	if ( 'top' == $which && true === $this->display_delete_message ) {
222	?>
223	<div id="message" class="updated notice notice-success">
224	- <p><?php _e( 'Log entries deleted', 'download-monitor' ); ?></p>
225	</div>
226	<?php
227	}
	@@ -238,13 +238,13 @@ class DLM_Logging_List_Table extends WP_List_Table {
238	<div class="alignleft actions">
239
240	<select name="filter_status">
241	- <option value=""><?php _e( 'Any status', 'download-monitor' ); ?></option>
242	<option
243	- value="failed" <?php selected( $this->filter_status, 'failed' ); ?>><?php _e( 'Failed', 'download-monitor' ); ?></option>
244	<option
245	- value="redirected" <?php selected( $this->filter_status, 'redirected' ); ?>><?php _e( 'Redirected', 'download-monitor' ); ?></option>
246	<option
247	- value="completed" <?php selected( $this->filter_status, 'completed' ); ?>><?php _e( 'Completed', 'download-monitor' ); ?></option>
248	</select>
249	<?php
250	global $wpdb, $wp_locale;
	@@ -259,10 +259,10 @@ class DLM_Logging_List_Table extends WP_List_Table {
259	$month_count = count( $months );
260
261	if ( $month_count && ! ( 1 == $month_count && 0 == $months[0]->month ) ) {
262	- $m = isset( $_GET['filter_month'] ) ? $_GET['filter_month'] : 0;
263	?>
264	<select name="filter_month">
265	- <option <?php selected( $m, 0 ); ?> value='0'><?php _e( 'Show all dates' ); ?></option>
266	<?php
267	foreach ( $months as $arc_row ) {
268	if ( 0 == $arc_row->year ) {
	@@ -276,14 +276,14 @@ class DLM_Logging_List_Table extends WP_List_Table {
276	selected( $m, $year . '-' . $month, false ),
277	esc_attr( $year . '-' . $month ),
278
279	- sprintf( __( '%1$s %2$d' ), $wp_locale->get_month( $month ), $year )
280	);
281	}
282	?>
283	</select>
284	<?php } ?>
285	<select name="filter_user">
286	- <option value="0"><?php _e( 'Select a User', 'download-monitor' ); ?></option>
287	<?php
288	$users = $wpdb->get_results( "
289	SELECT DISTINCT user_id
	@@ -295,26 +295,26 @@ class DLM_Logging_List_Table extends WP_List_Table {
295	}
296	$the_user = get_userdata( $a_user->user_id );
297	?>
298	- <option value="<?php echo $a_user->user_id; ?>" <?php echo ( $this->filter_user == $a_user->user_id ) ? 'selected="selected"' : ''; ?>>
299	- <?php echo $the_user->display_name; ?>
300	</option><?php
301	}
302	?>
303	</select>
304	<select name="logs_per_page">
305	- <option value="25"><?php _e( '25 per page', 'download-monitor' ); ?></option>
306	<option
307	- value="50" <?php selected( $this->logs_per_page, 50 ) ?>><?php _e( '50 per page', 'download-monitor' ); ?></option>
308	<option
309	- value="100" <?php selected( $this->logs_per_page, 100 ) ?>><?php _e( '100 per page', 'download-monitor' ); ?></option>
310	<option
311	- value="200" <?php selected( $this->logs_per_page, 200 ) ?>><?php _e( '200 per page', 'download-monitor' ); ?></option>
312	<option
313	- value="-1" <?php selected( $this->logs_per_page, - 1 ) ?>><?php _e( 'Show All', 'download-monitor' ); ?></option>
314	</select>
315	<input type="hidden" name="post_type" value="dlm_download"/>
316	<input type="hidden" name="page" value="download-monitor-logs"/>
317	- <input type="submit" value="<?php _e( 'Filter', 'download-monitor' ); ?>" class="button"/>
318	</div>
319	<?php
320	}
	@@ -381,8 +381,12 @@ class DLM_Logging_List_Table extends WP_List_Table {
381	}
382
383	// check for order
384	- $order_by = ( ! empty( $_GET['orderby'] ) ) ? sanitize_sql_orderby( $_GET['orderby'] ) : 'download_date';
385	- $order = ~~( ! empty( $_GET[~~'~~order'] ) ) ? esc_sql( $_GET['order'] ) : '~~DESC';




386
387	/** @var DLM_WordPress_Log_Item_Repository $log_item_repository */
388	$log_item_repository = download_monitor()->service( 'log_item_repository' );
	@@ -406,21 +410,27 @@ class DLM_Logging_List_Table extends WP_List_Table {
406	if ( 'delete' === $this->current_action() ) {
407
408	// check nonce

409	if ( empty( $_POST['_wpnonce'] ) \|\| ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
410	- wp_die( 'process_bulk_action() nonce check failed' );
411	}
412
413	// check capability
414	if ( ! current_user_can( 'dlm_manage_logs' ) ) {
415	- wp_die( "You're not allowed to delete logs!" );




416	}
417
418	// check
419	if ( count( $_POST['log'] ) > 0 ) {
420
421	// delete the posted logs

422	foreach ( $_POST['log'] as $log_id ) {
423	- download_monitor()->service( 'log_item_repository' )->delete( $log_id );
424	}
425
426	// display delete message


29	'ajax' => false
30	) );
31
32	+ $this->filter_status = isset( $_REQUEST['filter_status'] ) ? sanitize_text_field( wp_unslash($_REQUEST['filter_status']) ) : '';
33	$this->logs_per_page = ! empty( $_REQUEST['logs_per_page'] ) ? intval( $_REQUEST['logs_per_page'] ) : 25;
34	+ $this->filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( wp_unslash($_REQUEST['filter_month']) ) : '';
35	$this->filter_user = ! empty( $_REQUEST['filter_user'] ) ? intval( $_REQUEST['filter_user'] ) : 0;
36
37	if ( $this->logs_per_page < 1 ) {

221	if ( 'top' == $which && true === $this->display_delete_message ) {
222	?>
223	<div id="message" class="updated notice notice-success">
224	+ <p><?php echo esc_html__( 'Log entries deleted', 'download-monitor' ); ?></p>
225	</div>
226	<?php
227	}

238	<div class="alignleft actions">
239
240	<select name="filter_status">
241	+ <option value=""><?php echo esc_html__( 'Any status', 'download-monitor' ); ?></option>
242	<option
243	+ value="failed" <?php selected( $this->filter_status, 'failed' ); ?>><?php echo esc_html__( 'Failed', 'download-monitor' ); ?></option>
244	<option
245	+ value="redirected" <?php selected( $this->filter_status, 'redirected' ); ?>><?php echo esc_html__( 'Redirected', 'download-monitor' ); ?></option>
246	<option
247	+ value="completed" <?php selected( $this->filter_status, 'completed' ); ?>><?php echo esc_html__( 'Completed', 'download-monitor' ); ?></option>
248	</select>
249	<?php
250	global $wpdb, $wp_locale;

259	$month_count = count( $months );
260
261	if ( $month_count && ! ( 1 == $month_count && 0 == $months[0]->month ) ) {
262	+ $m = isset( $_GET['filter_month'] ) ? sanitize_text_field( wp_unslash($_GET['filter_month']) ) : 0;
263	?>
264	<select name="filter_month">
265	+ <option <?php selected( $m, 0 ); ?> value='0'><?php echo esc_html__( 'Show all dates' ); ?></option>
266	<?php
267	foreach ( $months as $arc_row ) {
268	if ( 0 == $arc_row->year ) {

276	selected( $m, $year . '-' . $month, false ),
277	esc_attr( $year . '-' . $month ),
278
279	+ sprintf( esc_html__( '%1$s %2$d' ), esc_html($wp_locale->get_month( $month )), esc_html($year) )
280	);
281	}
282	?>
283	</select>
284	<?php } ?>
285	<select name="filter_user">
286	+ <option value="0"><?php echo esc_html__( 'Select a User', 'download-monitor' ); ?></option>
287	<?php
288	$users = $wpdb->get_results( "
289	SELECT DISTINCT user_id

295	}
296	$the_user = get_userdata( $a_user->user_id );
297	?>
298	+ <option value="<?php echo esc_attr( $a_user->user_id ); ?>" <?php echo ( $this->filter_user == $a_user->user_id ) ? 'selected="selected"' : ''; ?>>
299	+ <?php echo esc_html( $the_user->display_name ); ?>
300	</option><?php
301	}
302	?>
303	</select>
304	<select name="logs_per_page">
305	+ <option value="25"><?php echo esc_html__( '25 per page', 'download-monitor' ); ?></option>
306	<option
307	+ value="50" <?php selected( $this->logs_per_page, 50 ) ?>><?php echo esc_html__( '50 per page', 'download-monitor' ); ?></option>
308	<option
309	+ value="100" <?php selected( $this->logs_per_page, 100 ) ?>><?php echo esc_html__( '100 per page', 'download-monitor' ); ?></option>
310	<option
311	+ value="200" <?php selected( $this->logs_per_page, 200 ) ?>><?php echo esc_html__( '200 per page', 'download-monitor' ); ?></option>
312	<option
313	+ value="-1" <?php selected( $this->logs_per_page, - 1 ) ?>><?php echo esc_html__( 'Show All', 'download-monitor' ); ?></option>
314	</select>
315	<input type="hidden" name="post_type" value="dlm_download"/>
316	<input type="hidden" name="page" value="download-monitor-logs"/>
317	+ <input type="submit" value="<?php echo esc_html__( 'Filter', 'download-monitor' ); ?>" class="button"/>
318	</div>
319	<?php
320	}

381	}
382
383	// check for order
384	+ $order_by = ( ! empty( $_GET['orderby'] ) ) ? sanitize_sql_orderby( wp_unslash($_GET['orderby']) ) : 'download_date';
385	+ $order = 'DESC';
386	+ // phpcs:ignore
387	+ if ( isset( $_GET['order'] ) && 'ASC' == strtoupper( $_GET['order'] ) ) {
388	+ $order = 'ASC';
389	+ }
390
391	/** @var DLM_WordPress_Log_Item_Repository $log_item_repository */
392	$log_item_repository = download_monitor()->service( 'log_item_repository' );

410	if ( 'delete' === $this->current_action() ) {
411
412	// check nonce
413	+ // phpcs:ignore
414	if ( empty( $_POST['_wpnonce'] ) \|\| ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
415	+ wp_die( esc_html__( 'process_bulk_action() nonce check failed', 'download-monitor' ) );
416	}
417
418	// check capability
419	if ( ! current_user_can( 'dlm_manage_logs' ) ) {
420	+ wp_die( esc_html__( "You're not allowed to delete logs!", 'download-monitor' ) );
421	+ }
422	+
423	+ if ( empty( $_POST['log'] ) ) {
424	+ wp_die( esc_html__( "We don't have logs to delete", 'download-monitor' ) );
425	}
426
427	// check
428	if ( count( $_POST['log'] ) > 0 ) {
429
430	// delete the posted logs
431	+ // phpcs:ignore
432	foreach ( $_POST['log'] as $log_id ) {
433	+ download_monitor()->service( 'log_item_repository' )->delete( absint($log_id) );
434	}
435
436	// display delete message

src/Product/Product.php CHANGED Viewed

	@@ -185,7 +185,7 @@ class DLM_Product {
185	// Return Message
186	return array(
187	'result' => 'success',
188	- 'message' => __( 'License successfully activated.', 'download-monitor' )
189	);
190
191	} elseif ( $activate_results === false ) {
	@@ -452,12 +452,17 @@ class DLM_Product {
452	echo '<tr class="plugin-update-tr active">';
453	echo '<td colspan="3" class="plugin-update colspanchange">';
454	echo '<div style="padding: 6px 12px; margin: 0 10px 8px 31px; background: lightYellow;">';
455	- printf( __( '<a href="%s">Register your copy</a> of the <strong>%s</strong> extension to receive access to automatic upgrades and support. Need a license key? <a href="%s" target="_blank">Purchase one now</a>.', 'download-monitor' ), admin_url( 'edit.php?post_type=dlm_download&page=dlm-installed-extensions' ), $this->get_product_name(), $this->get_tracking_url( 'plugins_page' ) );





456	echo '</div></td></tr>';
457
458	// Disable bottom border on parent row
459	echo '<style scoped="scoped">';
460	- echo sprintf( "#%s td, #%s th { box-shadow: none !important; }", $id, $id );
461	echo '</style>';
462	}
463


185	// Return Message
186	return array(
187	'result' => 'success',
188	+ 'message' => esc_html__( 'License successfully activated.', 'download-monitor' )
189	);
190
191	} elseif ( $activate_results === false ) {

452	echo '<tr class="plugin-update-tr active">';
453	echo '<td colspan="3" class="plugin-update colspanchange">';
454	echo '<div style="padding: 6px 12px; margin: 0 10px 8px 31px; background: lightYellow;">';
455	+ printf(
456	+ wp_kses_post (__( '<a href="%s">Register your copy</a> of the <strong>%s</strong> extension to receive access to automatic upgrades and support. Need a license key? <a href="%s" target="_blank">Purchase one now</a>.', 'download-monitor' ) ),
457	+ esc_url( admin_url( 'edit.php?post_type=dlm_download&page=dlm-installed-extensions' ) ),
458	+ esc_html( $this->get_product_name() ),
459	+ esc_url( $this->get_tracking_url( 'plugins_page' ) )
460	+ );
461	echo '</div></td></tr>';
462
463	// Disable bottom border on parent row
464	echo '<style scoped="scoped">';
465	+ echo sprintf( "#%s td, #%s th { box-shadow: none !important; }", esc_html( $id ), esc_html( $id ) );
466	echo '</style>';
467	}
468

src/Shop/Access/Manager.php CHANGED Viewed

	@@ -34,7 +34,7 @@ class Manager {
34	$has_access = false;
35
36	$order_id = ( isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : "" );
37	- $order_hash = ( isset( $_GET['order_hash'] ) ? $_GET['order_hash'] : "" );
38
39	// if id or hash are empty, no access for you
40	if ( empty( $order_id ) \|\| empty( $order_hash ) ) {


34	$has_access = false;
35
36	$order_id = ( isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : "" );
37	+ $order_hash = ( isset( $_GET['order_hash'] ) ? sanitize_text_field( wp_unslash( $_GET['order_hash'] ) ) : "" );
38
39	// if id or hash are empty, no access for you
40	if ( empty( $order_id ) \|\| empty( $order_hash ) ) {

src/Shop/Admin/DownloadOption.php CHANGED Viewed

	@@ -24,10 +24,13 @@ class DownloadOption {
24	* @param $post_id
25	*/
26	public function add_download_option( $post_id ) {



27	echo '<p class="form-field form-field-checkbox">
28	- <input type="checkbox" name="' . self::OPTION_KEY . '" id="' . self::OPTION_KEY . '" ' . checked( get_post_meta( $post_id, self::OPTION_KEY, true ), '1', false ) . ' />
29	- <label for="' . self::OPTION_KEY . '">' . __( 'Paid Only', 'download-monitor' ) . '</label>
30	- <span class="dlm-description">' . __( 'Only users who purchased a product that contains this download will be able to access the file.', 'download-monitor' ) . '</span>
31	</p>';
32	}
33
	@@ -37,10 +40,22 @@ class DownloadOption {
37	* @param $post_id
38	*/
39	public function save_download_option( $post_id ) {











40	$enabled = ( isset( $_POST[ self::OPTION_KEY ] ) );
41	delete_post_meta( $post_id, self::OPTION_KEY );
42	if ( $enabled ) {
43	add_post_meta( $post_id, self::OPTION_KEY, 1 );
44	}

45	}
46	}


24	* @param $post_id
25	*/
26	public function add_download_option( $post_id ) {
27	+
28	+ wp_nonce_field( 'dlm-paid-only' );
29	+
30	echo '<p class="form-field form-field-checkbox">
31	+ <input type="checkbox" name="' . esc_attr( self::OPTION_KEY ) . '" id="' . esc_attr( self::OPTION_KEY ) . '" ' . checked( get_post_meta( $post_id, self::OPTION_KEY, true ), '1', false ) . ' />
32	+ <label for="' . esc_attr( self::OPTION_KEY ) . '">' . esc_html__( 'Paid Only', 'download-monitor' ) . '</label>
33	+ <span class="dlm-description">' . esc_html__( 'Only users who purchased a product that contains this download will be able to access the file.', 'download-monitor' ) . '</span>
34	</p>';
35	}
36

40	* @param $post_id
41	*/
42	public function save_download_option( $post_id ) {
43	+
44	+ if ( ! isset( $_REQUEST['_wpnonce'] ) ) {
45	+ return;
46	+ }
47	+
48	+ // check nonce
49	+ // phpcs:ignore
50	+ if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'dlm-paid-only' ) ) {
51	+ return;
52	+ }
53	+
54	$enabled = ( isset( $_POST[ self::OPTION_KEY ] ) );
55	delete_post_meta( $post_id, self::OPTION_KEY );
56	if ( $enabled ) {
57	add_post_meta( $post_id, self::OPTION_KEY, 1 );
58	}
59	+
60	}
61	}

src/Shop/Admin/Fields/GatewayOverview.php CHANGED Viewed

	@@ -33,9 +33,9 @@ class GatewayOverview extends \DLM_Admin_Fields_Field {
33	$is_checked = ( $gateway->is_enabled() ? ' checked="checked"' : '' );
34	?>
35	<li>
36	- <input type="checkbox" name="<?php echo $checkbox_name; ?>" id="<?php echo $checkbox_name; ?>"
37	- value="1"<?php echo $is_checked; ?>/>
38	- <label for="<?php echo $checkbox_name; ?>"><?php echo $gateway->get_title(); ?></label>
39	</li>
40	<?php endforeach; ?>
41	</ul>


33	$is_checked = ( $gateway->is_enabled() ? ' checked="checked"' : '' );
34	?>
35	<li>
36	+ <input type="checkbox" name="<?php echo esc_attr( $checkbox_name ); ?>" id="<?php echo esc_attr( $checkbox_name ); ?>"
37	+ value="1"<?php echo esc_attr( $is_checked ); ?>/>
38	+ <label for="<?php echo esc_attr( $checkbox_name ); ?>"><?php echo esc_html( $gateway->get_title() ); ?></label>
39	</li>
40	<?php endforeach; ?>
41	</ul>

src/Shop/Admin/OrderTable.php CHANGED Viewed

	@@ -43,9 +43,9 @@ class OrderTable extends \WP_List_Table {
43	$this->empty_trash();
44	}
45
46	- $this->filter_status = isset( $_REQUEST['status'] ) ? sanitize_text_field( $_REQUEST['status'] ) : '';
47	$this->orders_per_page = ! empty( $_REQUEST['orders_per_page'] ) ? intval( $_REQUEST['orders_per_page'] ) : 25;
48	- $this->filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( $_REQUEST['filter_month'] ) : '';
49
50	if ( $this->orders_per_page < 1 ) {
51	$this->orders_per_page = 9999999999999;
	@@ -59,7 +59,7 @@ class OrderTable extends \WP_List_Table {
59	if ( Services::get()->service( 'order_repository' )->empty_trash() ) {
60	?>
61	<div id="message" class="updated notice notice-success">
62	- <p><?php _e( 'Trashed orders have been permanently deleted.', 'download-monitor' ); ?></p>
63	</div>
64	<?php
65	}
	@@ -187,7 +187,7 @@ class OrderTable extends \WP_List_Table {
187	if ( 'top' == $which && true === $this->display_delete_message ) {
188	?>
189	<div id="message" class="updated notice notice-success">
190	- <p><?php _e( 'Orders deleted', 'download-monitor' ); ?></p>
191	</div>
192	<?php
193	}
	@@ -197,7 +197,7 @@ class OrderTable extends \WP_List_Table {
197	?>
198	<ul class="subsubsub">
199	<li class="all"><a
200	- href="<?php echo $base_url; ?>" <?php echo ( '' === $this->filter_status ) ? ' class="current"' : ''; ?>><?php _e( 'All', 'download-monitor' ); ?></a>
201	</li>
202	<?php
203
	@@ -214,7 +214,7 @@ class OrderTable extends \WP_List_Table {
214	)
215	) );
216	if ( $count > 0 ) {
217	- echo ' \| <li class="' . $status->get_key() . '"><a ' . ( ( $status->get_key() === $this->filter_status ) ? ' class="current"' : '' ) . ' href="' . add_query_arg( 'status', $status->get_key(), $base_url ) . '">' . $status->get_label() . ' (' . $count . ')</a></li>' . PHP_EOL;
218	}
219
220	}
	@@ -247,7 +247,7 @@ class OrderTable extends \WP_List_Table {
247	$m = ! empty( $this->filter_month ) ? $this->filter_month : 0;
248	?>
249	<select name="filter_month">
250	- <option <?php selected( $m, 0 ); ?> value='0'><?php _e( 'Show all dates' ); ?></option>
251	<?php
252	foreach ( $months as $arc_row ) {
253	if ( 0 == $arc_row->year ) {
	@@ -260,8 +260,7 @@ class OrderTable extends \WP_List_Table {
260	printf( "<option %s value='%s'>%s</option>\n",
261	selected( $m, $year . '-' . $month, false ),
262	esc_attr( $year . '-' . $month ),
263	-
264	- sprintf( __( '%1$s %2$d' ), $wp_locale->get_month( $month ), $year )
265	);
266	}
267	?>
	@@ -269,26 +268,22 @@ class OrderTable extends \WP_List_Table {
269	<?php } ?>
270
271	<select name="orders_per_page">
272	- <option value="25"><?php _e( '25 per page', 'download-monitor' ); ?></option>
273	- <option
274	- value="50" <?php selected( $this->orders_per_page, 50 ) ?>><?php _e( '50 per page', 'download-monitor' ); ?></option>
275	- <option
276	- value="~~100~~" <?php selected( $this->orders_per_page, ~~100~~ ) ?>><?php _e( '~~100~~ ~~per page~~', 'download-monitor' ); ?></option>
277	- <option
278	- value="200" <?php selected( $this->orders_per_page, 200 ) ?>><?php _e( '200 per page', 'download-monitor' ); ?></option>
279	- <option
280	- value="-1" <?php selected( $this->orders_per_page, - 1 ) ?>><?php _e( 'Show All', 'download-monitor' ); ?></option>
281	</select>
282
283	- <input type="hidden" name="post_type" value="<?php echo PostType::KEY; ?>"/>
284	<input type="hidden" name="page" value="download-monitor-orders"/>
285	- <input type="submit" value="<?php _e( 'Filter', 'download-monitor' ); ?>" class="button"/>
286
287	<?php
288
289	if ( 'trash' === $this->filter_status ) {
290	?><input type="submit" name="dlm_empty_trash" id="dlm_empty_trash" class="button apply"
291	- value="<?php _e( "Empty Trash", 'download-monitor' ); ?>"/>
292	<?php
293	}
294
	@@ -361,8 +356,12 @@ class OrderTable extends \WP_List_Table {
361	*/
362
363	// check for order
364	- $order_by = ( ! empty( $_GET['orderby'] ) ) ? sanitize_sql_orderby( $_GET['orderby'] ) : 'id';
365	- $order = ~~( ! empty( $_GET[~~'~~order'] ) ) ? esc_sql( $_GET['order'] ) : '~~DESC';




366
367	/** @var \Never5\DownloadMonitor\Shop\Order\WordPressRepository $order_repository */
368	$order_repository = Services::get()->service( 'order_repository' );
	@@ -389,6 +388,7 @@ class OrderTable extends \WP_List_Table {
389	if ( 'delete' === $this->current_action() ) {
390
391	// check nonce

392	if ( empty( $_POST['_wpnonce'] ) \|\| ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
393	wp_die( 'process_bulk_action() nonce check failed' );
394	}
	@@ -399,7 +399,7 @@ class OrderTable extends \WP_List_Table {
399	}
400
401	// check
402	- if ( count( $_POST['log'] ) > 0 ) {
403
404	// @todo: implement delete
405


43	$this->empty_trash();
44	}
45
46	+ $this->filter_status = isset( $_REQUEST['status'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['status'] ) ) : '';
47	$this->orders_per_page = ! empty( $_REQUEST['orders_per_page'] ) ? intval( $_REQUEST['orders_per_page'] ) : 25;
48	+ $this->filter_month = ! empty( $_REQUEST['filter_month'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['filter_month'] ) ) : '';
49
50	if ( $this->orders_per_page < 1 ) {
51	$this->orders_per_page = 9999999999999;

59	if ( Services::get()->service( 'order_repository' )->empty_trash() ) {
60	?>
61	<div id="message" class="updated notice notice-success">
62	+ <p><?php echo esc_html__( 'Trashed orders have been permanently deleted.', 'download-monitor' ); ?></p>
63	</div>
64	<?php
65	}

187	if ( 'top' == $which && true === $this->display_delete_message ) {
188	?>
189	<div id="message" class="updated notice notice-success">
190	+ <p><?php echo esc_html__( 'Orders deleted', 'download-monitor' ); ?></p>
191	</div>
192	<?php
193	}

197	?>
198	<ul class="subsubsub">
199	<li class="all"><a
200	+ href="<?php echo esc_url( $base_url ); ?>" <?php echo ( '' === $this->filter_status ) ? ' class="current"' : ''; ?>><?php echo esc_html__( 'All', 'download-monitor' ); ?></a>
201	</li>
202	<?php
203

214	)
215	) );
216	if ( $count > 0 ) {
217	+ echo ' \| <li class="' . esc_attr( $status->get_key() ) . '"><a ' . ( ( $status->get_key() === $this->filter_status ) ? ' class="current"' : '' ) . ' href="' . esc_url( add_query_arg( 'status', $status->get_key(), $base_url ) ) . '">' . esc_html( $status->get_label() ) . ' (' . esc_html( $count ) . ')</a></li>' . PHP_EOL;
218	}
219
220	}

247	$m = ! empty( $this->filter_month ) ? $this->filter_month : 0;
248	?>
249	<select name="filter_month">
250	+ <option <?php selected( $m, 0 ); ?> value='0'><?php echo esc_html__( 'Show all dates' ); ?></option>
251	<?php
252	foreach ( $months as $arc_row ) {
253	if ( 0 == $arc_row->year ) {

260	printf( "<option %s value='%s'>%s</option>\n",
261	selected( $m, $year . '-' . $month, false ),
262	esc_attr( $year . '-' . $month ),
263	+ esc_html(sprintf( esc_html__( '%1$s %2$d' ), esc_html( $wp_locale->get_month( $month ) ), $year ))

264	);
265	}
266	?>

268	<?php } ?>
269
270	<select name="orders_per_page">
271	+ <option value="25"><?php echo esc_html__( '25 per page', 'download-monitor' ); ?></option>
272	+ <option value="50" <?php selected( $this->orders_per_page, 50 ) ?>><?php echo esc_html__( '50 per page', 'download-monitor' ); ?></option>
273	+ <option value="100" <?php selected( $this->orders_per_page, 100 ) ?>><?php echo esc_html__( '100 per page', 'download-monitor' ); ?></option>
274	+ <option value="200" <?php selected( $this->orders_per_page, 200 ) ?>><?php echo esc_html__( '200 per page', 'download-monitor' ); ?></option>
275	+ <option value="-1" <?php selected( $this->orders_per_page, - 1 ) ?>><?php echo esc_html__( 'Show All', 'download-monitor' ); ?></option>




276	</select>
277
278	+ <input type="hidden" name="post_type" value="<?php echo esc_attr( PostType::KEY ); ?>"/>
279	<input type="hidden" name="page" value="download-monitor-orders"/>
280	+ <input type="submit" value="<?php echo esc_html__( 'Filter', 'download-monitor' ); ?>" class="button"/>
281
282	<?php
283
284	if ( 'trash' === $this->filter_status ) {
285	?><input type="submit" name="dlm_empty_trash" id="dlm_empty_trash" class="button apply"
286	+ value="<?php echo esc_html__( "Empty Trash", 'download-monitor' ); ?>"/>
287	<?php
288	}
289

356	*/
357
358	// check for order
359	+ $order_by = ( ! empty( $_GET['orderby'] ) ) ? sanitize_sql_orderby( wp_unslash($_GET['orderby']) ) : 'id';
360	+ $order = 'DESC';
361	+ // phpcs:ignore
362	+ if ( isset( $_GET['order'] ) && 'ASC' == strtoupper( wp_unslash( $_GET['order'] ) ) ) {
363	+ $order = 'ASC';
364	+ }
365
366	/** @var \Never5\DownloadMonitor\Shop\Order\WordPressRepository $order_repository */
367	$order_repository = Services::get()->service( 'order_repository' );

388	if ( 'delete' === $this->current_action() ) {
389
390	// check nonce
391	+ // phpcs:ignore
392	if ( empty( $_POST['_wpnonce'] ) \|\| ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) ) {
393	wp_die( 'process_bulk_action() nonce check failed' );
394	}

399	}
400
401	// check
402	+ if ( isset( $_POST['log'] ) && count( $_POST['log'] ) > 0 ) {
403
404	// @todo: implement delete
405

src/Shop/Admin/Pages/Orders.php CHANGED Viewed

	@@ -69,7 +69,7 @@ class Orders {
69	'processors' => $processors
70	) );
71	} catch ( \Exception $exception ) {
72	- wp_die( __( "Order with that ID could not be found", 'download-monitor' ) );
73	}
74
75	} else {


69	'processors' => $processors
70	) );
71	} catch ( \Exception $exception ) {
72	+ wp_die( esc_html__( "Order with that ID could not be found", 'download-monitor' ) );
73	}
74
75	} else {

src/Shop/Admin/ProductTableColumns.php CHANGED Viewed

	@@ -58,10 +58,10 @@ class ProductTableColumns {
58
59	switch ( $column ) {
60	case "thumb" :
61	- echo $product->get_image();
62	break;
63	case "price" :
64	- echo dlm_format_money( $product->get_price() );
65	break;
66	}
67	}


58
59	switch ( $column ) {
60	case "thumb" :
61	+ echo wp_kses_post( $product->get_image() );
62	break;
63	case "price" :
64	+ echo esc_html( dlm_format_money( $product->get_price() ) );
65	break;
66	}
67	}

src/Shop/Admin/WritePanels.php CHANGED Viewed

	@@ -50,6 +50,8 @@ class WritePanels {
50	if ( is_int( wp_is_post_autosave( $post ) ) ) {
51	return;
52	}


53	if ( empty( $_POST['dlm_product_nonce'] ) \|\| ! wp_verify_nonce( $_POST['dlm_product_nonce'], 'save_meta_data' ) ) {
54	return;
55	}
	@@ -95,10 +97,13 @@ class WritePanels {
95	// product not found, no point in continuing
96	return;
97	}



98
99	- ~~$product->set_price_from_user_input~~( $_POST['~~_dlm_price~~'] );
100	- $product->set_download_ids( $_POST['_dlm_downloads'] );
101	-
102	// persist download
103	Services::get()->service( 'product_repository' )->persist( $product );
104	}


50	if ( is_int( wp_is_post_autosave( $post ) ) ) {
51	return;
52	}
53	+ // validate nonce
54	+ // phpcs:ignore
55	if ( empty( $_POST['dlm_product_nonce'] ) \|\| ! wp_verify_nonce( $_POST['dlm_product_nonce'], 'save_meta_data' ) ) {
56	return;
57	}

97	// product not found, no point in continuing
98	return;
99	}
100	+ if( isset( $_POST['_dlm_price'] ) ) {
101	+ $product->set_price_from_user_input( sanitize_text_field( wp_unslash( $_POST['_dlm_price'] ) ) );
102	+ }
103
104	+ if( isset( $_POST['_dlm_downloads'] ) ) {
105	+ $product->set_download_ids( sanitize_text_field( wp_unslash( $_POST['_dlm_downloads'] ) ) );
106	+ }
107	// persist download
108	Services::get()->service( 'product_repository' )->persist( $product );
109	}

src/Shop/Ajax/AdminChangeOrderStatus.php CHANGED Viewed

	@@ -25,11 +25,15 @@ class AdminChangeOrderStatus extends Ajax {
25	$this->check_nonce();
26
27	if ( ! current_user_can( 'manage_downloads' ) ) {
28	- $this->response( false, _( 'You are not allowed to do this.', 'download-monitor' ) );




29	}
30
31	$order_id = absint( $_POST['order_id'] );
32	- $new_status = $_POST['status'];
33
34	/** @var \Never5\DownloadMonitor\Shop\Order\WordPressRepository $order_repo */
35	$order_repo = Services::get()->service( 'order_repository' );


25	$this->check_nonce();
26
27	if ( ! current_user_can( 'manage_downloads' ) ) {
28	+ $this->response( false, esc_html__( 'You are not allowed to do this.', 'download-monitor' ) );
29	+ }
30	+
31	+ if ( empty( $_POST['order_id'] ) \|\| empty( $_POST['status'] ) ) {
32	+ $this->response( false, esc_html__( 'We need and order id and a status.', 'download-monitor' ) );
33	}
34
35	$order_id = absint( $_POST['order_id'] );
36	+ $new_status = sanitize_text_field( wp_unslash( $_POST['status'] ) );
37
38	/** @var \Never5\DownloadMonitor\Shop\Order\WordPressRepository $order_repo */
39	$order_repo = Services::get()->service( 'order_repository' );

src/Shop/Ajax/Manager.php CHANGED Viewed

	@@ -59,7 +59,7 @@ class Manager {
59
60	// set AJAX action if it's set in $_GET
61	if ( ! empty( $_GET[ self::ENDPOINT ] ) ) {
62	- $wp_query->set( self::ENDPOINT, sanitize_text_field( $_GET[ self::ENDPOINT ] ) );
63	}
64
65	// check if endpoint is not false or an empty string


59
60	// set AJAX action if it's set in $_GET
61	if ( ! empty( $_GET[ self::ENDPOINT ] ) ) {
62	+ $wp_query->set( self::ENDPOINT, sanitize_text_field( wp_unslash($_GET[ self::ENDPOINT ]) ) );
63	}
64
65	// check if endpoint is not false or an empty string

src/Shop/Ajax/PlaceOrder.php CHANGED Viewed

	@@ -31,18 +31,18 @@ class PlaceOrder extends Ajax {
31	*/
32	private function parse_customer_post_data() {
33	return array(
34	- 'first_name' => isset( $_POST['customer']['first_name'] ) ? $_POST['customer']['first_name'] : '',
35	- 'last_name' => isset( $_POST['customer']['last_name'] ) ? $_POST['customer']['last_name'] : '',
36	- 'company' => isset( $_POST['customer']['company'] ) ? $_POST['customer']['company'] : '',
37	- 'email' => isset( $_POST['customer']['email'] ) ? $_POST['customer']['email'] : '',
38	- 'address_1' => isset( $_POST['customer']['address_1'] ) ? $_POST['customer']['address_1'] : '',
39	- 'address_2' => isset( $_POST['customer']['address_2'] ) ? $_POST['customer']['address_2'] : '',
40	- 'postcode' => isset( $_POST['customer']['postcode'] ) ? $_POST['customer']['postcode'] : '',
41	- 'city' => isset( $_POST['customer']['city'] ) ? $_POST['customer']['city'] : '',
42	- 'state' => isset( $_POST['customer']['state'] ) ? $_POST['customer']['state'] : '',
43	- 'country' => isset( $_POST['customer']['country'] ) ? $_POST['customer']['country'] : '',
44	- 'phone' => isset( $_POST['customer']['phone'] ) ? $_POST['customer']['phone'] : '',
45	- 'ip_address' => isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : ''
46	);
47	}
48
	@@ -73,7 +73,7 @@ class PlaceOrder extends Ajax {
73	$enabled_gateways = Services::get()->service( 'payment_gateway' )->get_enabled_gateways();
74
75	/** @var \Never5\DownloadMonitor\Shop\Checkout\PaymentGateway\PaymentGateway $gateway */
76	- $gateway = ( isset( $_POST['payment_gateway'] ) && isset( $enabled_gateways[ $_POST['payment_gateway'] ] ) ? $enabled_gateways[ $_POST['payment_gateway'] ] : null );
77
78	/**
79	* Check if all required fields are set
	@@ -92,7 +92,7 @@ class PlaceOrder extends Ajax {
92
93	// check if we need to create an order or fetch one based on id and hash
94	$order_id = absint( ( isset( $_POST['order_id'] ) ) ? $_POST['order_id'] : 0 );
95	- $order_hash = ( isset( $_POST['order_hash'] ) ? $_POST['order_hash'] : '' );
96	$order = null;
97	$is_new_order = true;
98


31	*/
32	private function parse_customer_post_data() {
33	return array(
34	+ 'first_name' => isset( $_POST['customer']['first_name'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['first_name'] ) ) : '',
35	+ 'last_name' => isset( $_POST['customer']['last_name'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['last_name'] ) ) : '',
36	+ 'company' => isset( $_POST['customer']['company'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['company'] ) ) : '',
37	+ 'email' => isset( $_POST['customer']['email'] ) ? sanitize_email( wp_unslash( $_POST['customer']['email'] ) ) : '',
38	+ 'address_1' => isset( $_POST['customer']['address_1'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['address_1'] ) ) : '',
39	+ 'address_2' => isset( $_POST['customer']['address_2'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['address_2'] ) ) : '',
40	+ 'postcode' => isset( $_POST['customer']['postcode'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['postcode'] ) ) : '',
41	+ 'city' => isset( $_POST['customer']['city'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['city'] ) ) : '',
42	+ 'state' => isset( $_POST['customer']['state'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['state'] ) ) : '',
43	+ 'country' => isset( $_POST['customer']['country'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['country'] ) ) : '',
44	+ 'phone' => isset( $_POST['customer']['phone'] ) ? sanitize_text_field( wp_unslash( $_POST['customer']['phone'] ) ) : '',
45	+ 'ip_address' => isset( $_SERVER['REMOTE_ADDR'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ) : ''
46	);
47	}
48

73	$enabled_gateways = Services::get()->service( 'payment_gateway' )->get_enabled_gateways();
74
75	/** @var \Never5\DownloadMonitor\Shop\Checkout\PaymentGateway\PaymentGateway $gateway */
76	+ $gateway = ( isset( $_POST['payment_gateway'] ) && isset( $enabled_gateways[ $_POST['payment_gateway'] ] ) ? $enabled_gateways[ sanitize_text_field( wp_unslash( $_POST['payment_gateway'] ) ) ] : null );
77
78	/**
79	* Check if all required fields are set

92
93	// check if we need to create an order or fetch one based on id and hash
94	$order_id = absint( ( isset( $_POST['order_id'] ) ) ? $_POST['order_id'] : 0 );
95	+ $order_hash = ( isset( $_POST['order_hash'] ) ? sanitize_text_field( wp_unslash( $_POST['order_hash'] ) ) : '' );
96	$order = null;
97	$is_new_order = true;
98

src/Shop/Checkout/Field.php CHANGED Viewed

	@@ -198,7 +198,7 @@ class Field {
198
199	foreach ( $fields as $field ) {
200	$val = ( isset( $values[ $field['name'] ] ) ) ? $values[ $field['name'] ] : "";
201	- echo $this->generate( $field, $val );
202	}
203
204	}


198
199	foreach ( $fields as $field ) {
200	$val = ( isset( $values[ $field['name'] ] ) ) ? $values[ $field['name'] ] : "";
201	+ echo wp_kses_post( $this->generate( $field, $val ) );
202	}
203
204	}

src/Shop/Checkout/PaymentGateway/PayPal/ExecutePaymentListener.php CHANGED Viewed

	@@ -35,7 +35,7 @@ class ExecutePaymentListener {
35	*/
36
37	$order_id = isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : 0;
38	- $order_hash = isset( $_GET['order_hash'] ) ? sanitize_text_field( $_GET['order_hash'] ) : '';
39
40	if ( empty( $order_id ) \|\| empty( $order_hash ) ) {
41	$this->execute_failed( $order_id, $order_hash );
	@@ -58,14 +58,21 @@ class ExecutePaymentListener {
58	/**
59	* Get Payment by paymentId
60	*/
61	- $paymentId = ~~$_GET['paymentId']~~;



62	$payment = PayPal\Api\Payment::get( $paymentId, $this->gateway->get_api_context() );
63
64	/**
65	* Setup PaymentExecution object
66	*/
67	$execution = new PayPal\Api\PaymentExecution();
68	- $~~execution->setPayerId(~~ ~~$_GET['PayerID']~~ );




69
70
71	/**


35	*/
36
37	$order_id = isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : 0;
38	+ $order_hash = isset( $_GET['order_hash'] ) ? sanitize_text_field( wp_unslash($_GET['order_hash']) ) : '';
39
40	if ( empty( $order_id ) \|\| empty( $order_hash ) ) {
41	$this->execute_failed( $order_id, $order_hash );

58	/**
59	* Get Payment by paymentId
60	*/
61	+ $paymentId = 0;
62	+ if ( isset( $_GET['paymentId'] ) ) {
63	+ $paymentId = sanitize_text_field( wp_unslash( $_GET['paymentId'] ) );
64	+ }
65	$payment = PayPal\Api\Payment::get( $paymentId, $this->gateway->get_api_context() );
66
67	/**
68	* Setup PaymentExecution object
69	*/
70	$execution = new PayPal\Api\PaymentExecution();
71	+ $payerID = 0;
72	+ if ( isset( $_GET['PayerID'] ) ) {
73	+ $payerID = sanitize_text_field( wp_unslash( $_GET['PayerID'] ) );
74	+ }
75	+ $execution->setPayerId( $payerID );
76
77
78	/**

src/Shop/Product/Product.php CHANGED Viewed

@@ -116,6 +116,21 @@ class Product {
             		return $this->excerpt;
+            	}
             	/**
             	 * @param string $excerpt
             	 */


116	return $this->excerpt;
117	}
118
119	+ /**
120	+ * Prints the excerpt
121	+ */
122	+ public function the_excerpt() {
123	+ echo wp_kses_post( wpautop( do_shortcode( $this->get_excerpt() ) ) );
124	+ }
125	+
126	+ /**
127	+ * Returns the excerpt with wpautop and do_shortcode
128	+ */
129	+ public function get_the_excerpt() {
130	+ return wpautop( do_shortcode( $this->get_excerpt() ) );
131	+ }
132	+
133	+
134	/**
135	* @param string $excerpt
136	*/

src/Shop/Session/Cookie.php CHANGED Viewed

	@@ -23,7 +23,7 @@ class Cookie {
23	$session = null;
24
25	if ( isset( $_COOKIE[ self::COOKIE_NAME ] ) ) {
26	- $cookie_data = json_decode( base64_decode( $_COOKIE[ self::COOKIE_NAME ] ), true );
27
28	if ( is_array( $cookie_data ) && ! empty( $cookie_data['key'] ) && ! empty( $cookie_data['hash'] ) ) {
29


23	$session = null;
24
25	if ( isset( $_COOKIE[ self::COOKIE_NAME ] ) ) {
26	+ $cookie_data = json_decode( base64_decode( sanitize_text_field( wp_unslash( $_COOKIE[ self::COOKIE_NAME ] ) ) ), true );
27
28	if ( is_array( $cookie_data ) && ! empty( $cookie_data['key'] ) && ! empty( $cookie_data['hash'] ) ) {
29

src/Shop/Session/Factory.php CHANGED Viewed

	@@ -10,7 +10,7 @@ class Factory {
10	* @return string
11	*/
12	private function generate_key() {
13	- return md5( uniqid( 'dlm_shop_session_key', true ) . $_SERVER['REMOTE_ADDR'] );
14	}
15
16	/**
	@@ -23,7 +23,8 @@ class Factory {
23	private function generate_hash( $key ) {
24	$nonce = ( defined( 'NONCE_SALT' ) ? NONCE_SALT : 'nononce' );
25
26	- ~~return~~ ~~md5(~~ ~~uniqid~~( '~~dlm_shop_session_hash~~', ~~true~~ ) . ~~mt_rand~~( 0, ~~99 ) .~~ $_SERVER['REMOTE_ADDR'] . ~~$nonce~~ . ~~$key )~~;

27	}
28
29	/**


10	* @return string
11	*/
12	private function generate_key() {
13	+ return md5( uniqid( 'dlm_shop_session_key', true ) . sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ) );
14	}
15
16	/**

23	private function generate_hash( $key ) {
24	$nonce = ( defined( 'NONCE_SALT' ) ? NONCE_SALT : 'nononce' );
25
26	+ $remote_addr = isset( $_SERVER['REMOTE_ADDR'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) ) : '';
27	+ return md5( uniqid( 'dlm_shop_session_hash', true ) . mt_rand( 0, 99 ) . $remote_addr . $nonce . $key );
28	}
29
30	/**

src/Shop/Shortcode/Checkout.php CHANGED Viewed

	@@ -26,7 +26,7 @@ class Checkout {
26	$cart = Services::get()->service( 'cart' )->get_cart();
27
28
29	- $endpoint = ( isset( $_GET['ep'] ) ? $_GET['ep'] : "" );
30
31	ob_start();
32
	@@ -121,7 +121,7 @@ class Checkout {
121	private function get_order_from_url() {
122	// get order data
123	$order_id = isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : 0;
124	- $order_hash = isset( $_GET['order_hash'] ) ? sanitize_text_field( $_GET['order_hash'] ) : '';
125	$order = null;
126
127	if ( $order_id > 0 ) {


26	$cart = Services::get()->service( 'cart' )->get_cart();
27
28
29	+ $endpoint = ( isset( $_GET['ep'] ) ? sanitize_text_field( wp_unslash( $_GET['ep'] ) ) : "" );
30
31	ob_start();
32

121	private function get_order_from_url() {
122	// get order data
123	$order_id = isset( $_GET['order_id'] ) ? absint( $_GET['order_id'] ) : 0;
124	+ $order_hash = isset( $_GET['order_hash'] ) ? sanitize_text_field( wp_unslash( $_GET['order_hash'] ) ) : '';
125	$order = null;
126
127	if ( $order_id > 0 ) {

src/Shortcodes.php CHANGED Viewed

	@@ -132,7 +132,7 @@ class DLM_Shortcodes {
132	if( $download ) {
133	$template_handler->get_template_part( 'content-download', $template, '', array( 'dlm_download' => $download ) );
134	} else {
135	- echo __( 'No download defined', 'download-monitor' );
136	}
137
138	// get output
	@@ -460,7 +460,7 @@ class DLM_Shortcodes {
460	if ( count( $downloads ) > 0 ) {
461
462	// loop start output
463	- echo html_entity_decode( $loop_start );
464
465	foreach ( $downloads as $download ) {
466
	@@ -473,7 +473,7 @@ class DLM_Shortcodes {
473	}
474
475	// display the 'before'
476	- echo html_entity_decode( $before );
477
478	// load the template
479	if ( $download->has_version() ) {
	@@ -483,12 +483,12 @@ class DLM_Shortcodes {
483	}
484
485	// display the 'after'
486	- echo html_entity_decode( $after );
487
488	} // end of the loop.
489
490	// end of loop html
491	- echo html_entity_decode( $loop_end );
492
493	if ( $paginate ) {
494	$template_handler->get_template_part( 'pagination', '', '', array(
	@@ -539,7 +539,7 @@ class DLM_Shortcodes {
539	$version_id = '';
540
541	if ( ! empty( $_GET['version'] ) ) {
542	- $version_id = $download->get_version_id_version_name( $_GET['version'] );
543	}
544
545	if ( ! empty( $_GET['v'] ) ) {


132	if( $download ) {
133	$template_handler->get_template_part( 'content-download', $template, '', array( 'dlm_download' => $download ) );
134	} else {
135	+ echo esc_html__( 'No download defined', 'download-monitor' );
136	}
137
138	// get output

460	if ( count( $downloads ) > 0 ) {
461
462	// loop start output
463	+ echo wp_kses_post( html_entity_decode( $loop_start ) );
464
465	foreach ( $downloads as $download ) {
466

473	}
474
475	// display the 'before'
476	+ echo wp_kses_post( html_entity_decode( $before ) );
477
478	// load the template
479	if ( $download->has_version() ) {

483	}
484
485	// display the 'after'
486	+ echo wp_kses_post( html_entity_decode( $after ) );
487
488	} // end of the loop.
489
490	// end of loop html
491	+ echo wp_kses_post( html_entity_decode( $loop_end ) );
492
493	if ( $paginate ) {
494	$template_handler->get_template_part( 'pagination', '', '', array(

539	$version_id = '';
540
541	if ( ! empty( $_GET['version'] ) ) {
542	+ $version_id = $download->get_version_id_version_name( sanitize_text_field( wp_unslash( $_GET['version'] ) ) );
543	}
544
545	if ( ! empty( $_GET['v'] ) ) {

src/Util/Onboarding.php CHANGED Viewed

	@@ -79,7 +79,7 @@ class Onboarding {
79	public function add_notice() {
80	?>
81	<div class="notice notice-warning is-dismissible dlm-notice dlm-onboarding-notice" data-id="onboarding" data-nonce="<?php echo esc_attr( wp_create_nonce( 'dlm_hide_notice-onboarding' ) ); ?>" id="onboarding">
82	- <p><?php printf( __( 'Download Monitor is almost ready for use, %sclick here%s to finish the installation process.', 'download-monitor' ), '<a href="' . admin_url( 'edit.php?post_type=dlm_download&page=dlm_onboarding' ) . '">', '</a>' ); ?></p>
83	</div>
84	<?php
85	}
	@@ -100,30 +100,30 @@ class Onboarding {
100	<div class="wrap dlm-onboarding">
101
102	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
103	- <h2><?php _e( "Welcome to ", 'download-monitor' ); ?> Download Monitor</h2>
104	<p>
105	- <?php _e( "Thank you for installing Download Monitor! We'd like to help you setup the plugin correctly so you can start sharing your files as quickly as possible.", 'download-monitor' ); ?>
106	- <?php _e( "With Download Monitor you can manage, track and offer downloads to your users using your WordPress website.", 'download-monitor' ); ?>
107	- <?php _e( "On top of that, Download Monitor allows you to sell your downloads, turning your WordPress website into fully featured e-commerce website out of the box.", 'download-monitor' ); ?>
108	</p>
109	<p>
110	- <?php _e( "You decide if you want to offer you downloads for free or want to start selling them (or both!). Whatever you decide, you chose the right plugin for the job!", 'download-monitor' ); ?>
111	</p>
112	</div>
113
114	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
115	- <h2><?php _e( "Let's Create Your Pages", 'download-monitor' ); ?></h2>
116	<p>
117	- <?php _e( 'In order to function properly, Download Monitor needs to create some pages in your WordPress website.', 'download-monitor' ); ?>
118	- <?php _e( "We can create these pages for you here. If you click the 'Create Page' button we will create that page and add the required shortcode to it. We'll also make sure the newly created page is set in your settings page.", 'download-monitor' ); ?>
119	</p>
120	<p>
121	- <?php _e( "If you don't plan on selling downloads, you do not have to create the cart and checkout page. We recommend always creating the No Access page.", 'download-monitor' ); ?>
122	</p>
123	<table cellpadding="0" cellspacing="0" border="0" class="dlm-onboarding-pages">
124	<tr>
125	- <th><?php _e( 'No Access', 'download-monitor' ); ?></th>
126	- <td><?php _e( "The page your visitors see when they are not allowed to download a file.", 'download-monitor' ); ?></td>
127	<td>
128	<?php
129	/**
	@@ -134,13 +134,13 @@ class Onboarding {
134	if ( $page_no_access != 0 ) :
135	?>
136	<a href="javascript:;"
137	- class="button button-primary button-hero dlm-page-exists"><?php _e( 'Page Created', 'download-monitor' ); ?></a>
138	<?php
139	else:
140	?>
141	<a href="javascript:;"
142	class="button button-primary button-hero dlm-create-page"
143	- data-page="no-access"><?php _e( 'Create Page', 'download-monitor' ); ?></a>
144	<?php
145	endif;
146	?>
	@@ -148,8 +148,8 @@ class Onboarding {
148	</td>
149	</tr>
150	<tr>
151	- <th><?php _e( 'Cart', 'download-monitor' ); ?></th>
152	- <td><?php _e( 'Your shop cart page if you decide to sell downloads.', 'download-monitor' ); ?></td>
153	<td>
154	<?php
155	/**
	@@ -160,21 +160,21 @@ class Onboarding {
160	if ( $page_cart != 0 ) :
161	?>
162	<a href="javascript:;"
163	- class="button button-primary button-hero dlm-page-exists"><?php _e( 'Page Created', 'download-monitor' ); ?></a>
164	<?php
165	else:
166	?>
167	<a href="javascript:;"
168	class="button button-primary button-hero dlm-create-page"
169	- data-page="cart"><?php _e( 'Create Page', 'download-monitor' ); ?></a>
170	<?php
171	endif;
172	?>
173	</td>
174	</tr>
175	<tr>
176	- <th><?php _e( 'Checkout', 'download-monitor' ); ?></th>
177	- <td><?php _e( 'Your shop checkout page if you decide to sell downloads.', 'download-monitor' ); ?></td>
178	<td>
179	<?php
180	/**
	@@ -185,13 +185,13 @@ class Onboarding {
185	if ( $page_checkout != 0 ) :
186	?>
187	<a href="javascript:;"
188	- class="button button-primary button-hero dlm-page-exists"><?php _e( 'Page Created', 'download-monitor' ); ?></a>
189	<?php
190	else:
191	?>
192	<a href="javascript:;"
193	class="button button-primary button-hero dlm-create-page"
194	- data-page="checkout"><?php _e( 'Create Page', 'download-monitor' ); ?></a>
195	<?php
196	endif;
197	?>
	@@ -202,10 +202,10 @@ class Onboarding {
202	</div>
203
204	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
205	- <h2><?php _e( 'Extensions', 'download-monitor' ); ?></h2>
206	<p>
207	- <?php _e( 'Power up your Download Monitor website with our official extensions. Our extensions allow you to add specific functionality to your Download Monitor powered website and come with our premium support and updates.', 'download-monitor' ); ?>
208	- <?php _e( "Here's a quick sample of what we offer.", 'download-monitor' ); ?>
209	</p>
210	</div>
211
	@@ -237,25 +237,25 @@ class Onboarding {
237	<p>
238	<a href="https://www.download-monitor.com/extensions/?utm_source=plugin&utm_medium=link&utm_campaign=onboarding"
239	class="button button-primary button-hero"
240	- target="_blank"><?php _e( 'View More Extensions', 'download-monitor' ); ?></a>
241	</p>
242	</div>
243
244	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
245	- <h2><?php _e( "What's Next?", 'download-monitor' ); ?></h2>
246
247	<p>
248	- <?php printf( __( "Now that your Download Monitor installation is done, it's time to setup your downloads. You can %sread more about creating your first Download here%s.", 'download-monitor' ), '<a href="https://www.download-monitor.com/kb/creating-your-first-download/?utm_source=plugin&utm_medium=link&utm_campaign=onboarding" target="_blank">', '</a>' ); ?>
249	- <?php _e( "If you need any help in setting up your downloads or having any other question about Download Monitor, we'd be happy to help you via our support forums.", 'download-monitor' ); ?>
250	<a href="https://wordpress.org/support/plugin/download-monitor/"
251	- target="_blank"><?php _e( "Click here to visit our Support Forum.", 'download-monitor' ); ?></a>
252	</p>
253	</div>
254
255	<div class="dlm-onboarding-section dlm-onboarding-section-one-col dlm-onboarding-section-cta">
256	<p>
257	- <a href="<?php echo admin_url( 'post-new.php?post_type=dlm_download' ); ?>"
258	- class="button button-primary button-hero"><?php _e( 'Create Your First Download', 'download-monitor' ); ?></a>
259	</p>
260	</div>
261


79	public function add_notice() {
80	?>
81	<div class="notice notice-warning is-dismissible dlm-notice dlm-onboarding-notice" data-id="onboarding" data-nonce="<?php echo esc_attr( wp_create_nonce( 'dlm_hide_notice-onboarding' ) ); ?>" id="onboarding">
82	+ <p><?php printf( esc_html__( 'Download Monitor is almost ready for use, %sclick here%s to finish the installation process.', 'download-monitor' ), '<a href="' . esc_url( admin_url( 'edit.php?post_type=dlm_download&page=dlm_onboarding' ) ) . '">', '</a>' ); ?></p>
83	</div>
84	<?php
85	}

100	<div class="wrap dlm-onboarding">
101
102	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
103	+ <h2><?php echo esc_html__( "Welcome to ", 'download-monitor' ); ?> Download Monitor</h2>
104	<p>
105	+ <?php echo esc_html__( "Thank you for installing Download Monitor! We'd like to help you setup the plugin correctly so you can start sharing your files as quickly as possible.", 'download-monitor' ); ?>
106	+ <?php echo esc_html__( "With Download Monitor you can manage, track and offer downloads to your users using your WordPress website.", 'download-monitor' ); ?>
107	+ <?php echo esc_html__( "On top of that, Download Monitor allows you to sell your downloads, turning your WordPress website into fully featured e-commerce website out of the box.", 'download-monitor' ); ?>
108	</p>
109	<p>
110	+ <?php echo esc_html__( "You decide if you want to offer you downloads for free or want to start selling them (or both!). Whatever you decide, you chose the right plugin for the job!", 'download-monitor' ); ?>
111	</p>
112	</div>
113
114	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
115	+ <h2><?php echo esc_html__( "Let's Create Your Pages", 'download-monitor' ); ?></h2>
116	<p>
117	+ <?php echo esc_html__( 'In order to function properly, Download Monitor needs to create some pages in your WordPress website.', 'download-monitor' ); ?>
118	+ <?php echo esc_html__( "We can create these pages for you here. If you click the 'Create Page' button we will create that page and add the required shortcode to it. We'll also make sure the newly created page is set in your settings page.", 'download-monitor' ); ?>
119	</p>
120	<p>
121	+ <?php echo esc_html__( "If you don't plan on selling downloads, you do not have to create the cart and checkout page. We recommend always creating the No Access page.", 'download-monitor' ); ?>
122	</p>
123	<table cellpadding="0" cellspacing="0" border="0" class="dlm-onboarding-pages">
124	<tr>
125	+ <th><?php echo esc_html__( 'No Access', 'download-monitor' ); ?></th>
126	+ <td><?php echo esc_html__( "The page your visitors see when they are not allowed to download a file.", 'download-monitor' ); ?></td>
127	<td>
128	<?php
129	/**

134	if ( $page_no_access != 0 ) :
135	?>
136	<a href="javascript:;"
137	+ class="button button-primary button-hero dlm-page-exists"><?php echo esc_html__( 'Page Created', 'download-monitor' ); ?></a>
138	<?php
139	else:
140	?>
141	<a href="javascript:;"
142	class="button button-primary button-hero dlm-create-page"
143	+ data-page="no-access"><?php echo esc_html__( 'Create Page', 'download-monitor' ); ?></a>
144	<?php
145	endif;
146	?>

148	</td>
149	</tr>
150	<tr>
151	+ <th><?php echo esc_html__( 'Cart', 'download-monitor' ); ?></th>
152	+ <td><?php echo esc_html__( 'Your shop cart page if you decide to sell downloads.', 'download-monitor' ); ?></td>
153	<td>
154	<?php
155	/**

160	if ( $page_cart != 0 ) :
161	?>
162	<a href="javascript:;"
163	+ class="button button-primary button-hero dlm-page-exists"><?php echo esc_html__( 'Page Created', 'download-monitor' ); ?></a>
164	<?php
165	else:
166	?>
167	<a href="javascript:;"
168	class="button button-primary button-hero dlm-create-page"
169	+ data-page="cart"><?php echo esc_html__( 'Create Page', 'download-monitor' ); ?></a>
170	<?php
171	endif;
172	?>
173	</td>
174	</tr>
175	<tr>
176	+ <th><?php echo esc_html__( 'Checkout', 'download-monitor' ); ?></th>
177	+ <td><?php echo esc_html__( 'Your shop checkout page if you decide to sell downloads.', 'download-monitor' ); ?></td>
178	<td>
179	<?php
180	/**

185	if ( $page_checkout != 0 ) :
186	?>
187	<a href="javascript:;"
188	+ class="button button-primary button-hero dlm-page-exists"><?php echo esc_html__( 'Page Created', 'download-monitor' ); ?></a>
189	<?php
190	else:
191	?>
192	<a href="javascript:;"
193	class="button button-primary button-hero dlm-create-page"
194	+ data-page="checkout"><?php echo esc_html__( 'Create Page', 'download-monitor' ); ?></a>
195	<?php
196	endif;
197	?>

202	</div>
203
204	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
205	+ <h2><?php echo esc_html__( 'Extensions', 'download-monitor' ); ?></h2>
206	<p>
207	+ <?php echo esc_html__( 'Power up your Download Monitor website with our official extensions. Our extensions allow you to add specific functionality to your Download Monitor powered website and come with our premium support and updates.', 'download-monitor' ); ?>
208	+ <?php echo esc_html__( "Here's a quick sample of what we offer.", 'download-monitor' ); ?>
209	</p>
210	</div>
211

237	<p>
238	<a href="https://www.download-monitor.com/extensions/?utm_source=plugin&utm_medium=link&utm_campaign=onboarding"
239	class="button button-primary button-hero"
240	+ target="_blank"><?php echo esc_html__( 'View More Extensions', 'download-monitor' ); ?></a>
241	</p>
242	</div>
243
244	<div class="dlm-onboarding-section dlm-onboarding-section-one-col">
245	+ <h2><?php echo esc_html__( "What's Next?", 'download-monitor' ); ?></h2>
246
247	<p>
248	+ <?php printf( esc_html__( "Now that your Download Monitor installation is done, it's time to setup your downloads. You can %sread more about creating your first Download here%s.", 'download-monitor' ), '<a href="https://www.download-monitor.com/kb/creating-your-first-download/?utm_source=plugin&utm_medium=link&utm_campaign=onboarding" target="_blank">', '</a>' ); ?>
249	+ <?php echo esc_html__( "If you need any help in setting up your downloads or having any other question about Download Monitor, we'd be happy to help you via our support forums.", 'download-monitor' ); ?>
250	<a href="https://wordpress.org/support/plugin/download-monitor/"
251	+ target="_blank"><?php echo esc_html__( "Click here to visit our Support Forum.", 'download-monitor' ); ?></a>
252	</p>
253	</div>
254
255	<div class="dlm-onboarding-section dlm-onboarding-section-one-col dlm-onboarding-section-cta">
256	<p>
257	+ <a href="<?php echo esc_url( admin_url( 'post-new.php?post_type=dlm_download' ) ); ?>"
258	+ class="button button-primary button-hero"><?php echo esc_html__( 'Create Your First Download', 'download-monitor' ); ?></a>
259	</p>
260	</div>
261

src/Utils.php CHANGED Viewed

	@@ -9,9 +9,10 @@ abstract class DLM_Utils {
9	*/
10	public static function get_visitor_ip() {
11
12	- $ip = $_SERVER['REMOTE_ADDR'];
13
14	if ( ( '1' == get_option( 'dlm_allow_x_forwarded_for', 0 ) ) && ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {

15	$parts = explode( ",", $_SERVER['HTTP_X_FORWARDED_FOR'] );
16	$ip = trim( array_shift( $parts ) );
17	}
	@@ -25,7 +26,7 @@ abstract class DLM_Utils {
25	* @return string
26	*/
27	public static function get_visitor_ua() {
28	- $ua = ~~sanitize_text_field(~~ isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '' );
29
30	if ( strlen( $ua ) > 200 ) {
31	$ua = substr( $ua, 0, 199 );


9	*/
10	public static function get_visitor_ip() {
11
12	+ $ip = isset( $_SERVER['REMOTE_ADDR'] ) ? sanitize_text_field(wp_unslash($_SERVER['REMOTE_ADDR'])) : '';
13
14	if ( ( '1' == get_option( 'dlm_allow_x_forwarded_for', 0 ) ) && ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
15	+ // phpcs:ignore
16	$parts = explode( ",", $_SERVER['HTTP_X_FORWARDED_FOR'] );
17	$ip = trim( array_shift( $parts ) );
18	}

26	* @return string
27	*/
28	public static function get_visitor_ua() {
29	+ $ua = isset( $_SERVER['HTTP_USER_AGENT'] ) ? sanitize_text_field( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) ) : '' ;
30
31	if ( strlen( $ua ) > 200 ) {
32	$ua = substr( $ua, 0, 199 );

src/Widgets/Downloads.php CHANGED Viewed

	@@ -94,20 +94,20 @@ class DLM_Widget_Downloads extends WP_Widget {
94
95	if ( count( $downloads ) > 0 ) {
96
97	- echo $before_widget;
98
99	if ( $title ) {
100	- echo $before_title . $title . $after_title;
101	}
102
103	- echo apply_filters( 'dlm_widget_downloads_list_start', '<ul class="dlm-downloads">' );
104
105	// Template handler
106	$template_handler = new DLM_Template_Handler();
107
108	foreach ( $downloads as $download ) {
109
110	- echo apply_filters( 'dlm_widget_downloads_list_item_start', '<li>' );
111
112	if ( $download->has_version() ) {
113	$template_handler->get_template_part( 'content-download', $format, '', array( 'dlm_download' => $download ) );
	@@ -115,12 +115,12 @@ class DLM_Widget_Downloads extends WP_Widget {
115	$template_handler->get_template_part( 'content-download', 'no-version', '', array( 'dlm_download' => $download ) );
116	}
117
118	- echo apply_filters( 'dlm_widget_downloads_list_item_end', '</li>' );
119	}
120
121	- echo apply_filters( 'dlm_widget_downloads_list_end', '</ul>' );
122
123	- echo $after_widget;
124	}
125	}
126
	@@ -169,7 +169,7 @@ class DLM_Widget_Downloads extends WP_Widget {
169	?>
170	<p>
171	<label
172	- for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title', 'download-monitor' ); ?>
173	:</label>
174	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>"
175	name="<?php echo esc_attr( $this->get_field_name( 'title' ) ); ?>" type="text"
	@@ -177,7 +177,7 @@ class DLM_Widget_Downloads extends WP_Widget {
177	</p>
178	<p>
179	<label
180	- for="<?php echo $this->get_field_id( 'posts_per_page' ); ?>"><?php _e( 'Limit', 'download-monitor' ); ?>
181	:</label>
182	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'posts_per_page' ) ); ?>"
183	name="<?php echo esc_attr( $this->get_field_name( 'posts_per_page' ) ); ?>" type="text"
	@@ -185,43 +185,34 @@ class DLM_Widget_Downloads extends WP_Widget {
185	</p>
186	<p>
187	<label
188	- for="<?php echo $this->get_field_id( 'format' ); ?>"><?php _e( 'Output template', 'download-monitor' ); ?>
189	:</label>
190	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'format' ) ); ?>"
191	name="<?php echo esc_attr( $this->get_field_name( 'format' ) ); ?>" type="text"
192	value="<?php echo esc_attr( $format ); ?>"
193	- placeholder="<?php _e( 'Default template', 'download-monitor' ); ?>"/>
194	</p>
195	<p>
196	<label
197	- for="<?php echo $this->get_field_id( 'orderby' ); ?>"><?php _e( 'Order by', 'download-monitor' ); ?>
198	:</label>
199	<select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'orderby' ) ); ?>"
200	name="<?php echo esc_attr( $this->get_field_name( 'orderby' ) ); ?>" type="text">
201	- <option
202	- value="~~title~~" <?php selected( $orderby, '~~title~~' ); ?>><?php _e( '~~Title~~', 'download-monitor' ); ?></option>
203	- <option
204	- value="~~rand~~" <?php selected( $orderby, '~~rand~~' ); ?>><?php _e( '~~Random~~', 'download-monitor' ); ?></option>
205	- <option
206	- value="ID" <?php selected( $orderby, 'ID' ); ?>><?php _e( 'ID', 'download-monitor' ); ?></option>
207	- <option
208	- value="date" <?php selected( $orderby, 'date' ); ?>><?php _e( 'Date added', 'download-monitor' ); ?></option>
209	- <option
210	- value="modified" <?php selected( $orderby, 'modified' ); ?>><?php _e( 'Date modified', 'download-monitor' ); ?></option>
211	- <option
212	- value="download_count" <?php selected( $orderby, 'download_count' ); ?>><?php _e( 'Download count', 'download-monitor' ); ?></option>
213	</select>
214	</p>
215	<p>
216	<label
217	- for="<?php echo $this->get_field_id( 'order' ); ?>"><?php _e( 'Order', 'download-monitor' ); ?>
218	:</label>
219	- <select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'order' ) ); ?>"
220	- ~~name~~="<?php ~~echo esc_attr~~( $~~this->get_field_name(~~ '~~order~~' ) ); ~~?>" type="text"~~>
221	- <option
222	- value="ASC" <?php selected( $order, 'ASC' ); ?>><?php _e( 'ASC', 'download-monitor' ); ?></option>
223	- <option
224	- value="DESC" <?php selected( $order, 'DESC' ); ?>><?php _e( 'DESC', 'download-monitor' ); ?></option>
225	</select>
226	</p>
227	<p>
	@@ -229,14 +220,14 @@ class DLM_Widget_Downloads extends WP_Widget {
229	name="<?php echo esc_attr( $this->get_field_name( 'featured' ) ); ?>"
230	type="checkbox" <?php checked( $featured, 'yes' ); ?> />
231	<label
232	- for="<?php echo $this->get_field_id( 'featured' ); ?>"><?php _e( 'Show only featured downloads', 'download-monitor' ); ?></label>
233	</p>
234	<p>
235	<input id="<?php echo esc_attr( $this->get_field_id( 'members_only' ) ); ?>"
236	name="<?php echo esc_attr( $this->get_field_name( 'members_only' ) ); ?>"
237	type="checkbox" <?php checked( $members_only, 'yes' ); ?> />
238	<label
239	- for="<?php echo $this->get_field_id( 'members_only' ); ?>"><?php _e( 'Show only members only downloads', 'download-monitor' ); ?></label>
240	</p>
241	<?php
242	}


94
95	if ( count( $downloads ) > 0 ) {
96
97	+ echo wp_kses_post( $before_widget );
98
99	if ( $title ) {
100	+ echo wp_kses_post( $before_title ) . wp_kses_post( $title ) . wp_kses_post( $after_title );
101	}
102
103	+ echo wp_kses_post( apply_filters( 'dlm_widget_downloads_list_start', '<ul class="dlm-downloads">' ) );
104
105	// Template handler
106	$template_handler = new DLM_Template_Handler();
107
108	foreach ( $downloads as $download ) {
109
110	+ echo wp_kses_post( apply_filters( 'dlm_widget_downloads_list_item_start', '<li>' ) );
111
112	if ( $download->has_version() ) {
113	$template_handler->get_template_part( 'content-download', $format, '', array( 'dlm_download' => $download ) );

115	$template_handler->get_template_part( 'content-download', 'no-version', '', array( 'dlm_download' => $download ) );
116	}
117
118	+ echo wp_kses_post( apply_filters( 'dlm_widget_downloads_list_item_end', '</li>' ) );
119	}
120
121	+ echo wp_kses_post( apply_filters( 'dlm_widget_downloads_list_end', '</ul>' ) );
122
123	+ echo wp_kses_post( $after_widget );
124	}
125	}
126

169	?>
170	<p>
171	<label
172	+ for="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>"><?php echo esc_html__( 'Title', 'download-monitor' ); ?>
173	:</label>
174	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'title' ) ); ?>"
175	name="<?php echo esc_attr( $this->get_field_name( 'title' ) ); ?>" type="text"

177	</p>
178	<p>
179	<label
180	+ for="<?php echo esc_attr( $this->get_field_id( 'posts_per_page' ) ); ?>"><?php echo esc_html__( 'Limit', 'download-monitor' ); ?>
181	:</label>
182	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'posts_per_page' ) ); ?>"
183	name="<?php echo esc_attr( $this->get_field_name( 'posts_per_page' ) ); ?>" type="text"

185	</p>
186	<p>
187	<label
188	+ for="<?php echo esc_attr($this->get_field_id( 'format' )); ?>"><?php echo esc_html__( 'Output template', 'download-monitor' ); ?>
189	:</label>
190	<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'format' ) ); ?>"
191	name="<?php echo esc_attr( $this->get_field_name( 'format' ) ); ?>" type="text"
192	value="<?php echo esc_attr( $format ); ?>"
193	+ placeholder="<?php echo esc_attr__( 'Default template', 'download-monitor' ); ?>"/>
194	</p>
195	<p>
196	<label
197	+ for="<?php echo esc_attr( $this->get_field_id( 'orderby' ) ); ?>"><?php echo esc_html__( 'Order by', 'download-monitor' ); ?>
198	:</label>
199	<select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'orderby' ) ); ?>"
200	name="<?php echo esc_attr( $this->get_field_name( 'orderby' ) ); ?>" type="text">
201	+ <option value="title" <?php selected( $orderby, 'title' ); ?>><?php echo esc_html__( 'Title', 'download-monitor' ); ?></option>
202	+ <option value="rand" <?php selected( $orderby, 'rand' ); ?>><?php echo esc_html__( 'Random', 'download-monitor' ); ?></option>
203	+ <option value="ID" <?php selected( $orderby, 'ID' ); ?>><?php esc_html_e( 'ID', 'download-monitor' ); ?></option>
204	+ <option value="date" <?php selected( $orderby, 'date' ); ?>><?php echo esc_html__( 'Date added', 'download-monitor' ); ?></option>
205	+ <option value="modified" <?php selected( $orderby, 'modified' ); ?>><?php echo esc_html__( 'Date modified', 'download-monitor' ); ?></option>
206	+ <option value="download_count" <?php selected( $orderby, 'download_count' ); ?>><?php echo esc_html__( 'Download count', 'download-monitor' ); ?></option>






207	</select>
208	</p>
209	<p>
210	<label
211	+ for="<?php echo esc_attr( $this->get_field_id( 'order' ) ); ?>"><?php echo esc_html__( 'Order', 'download-monitor' ); ?>
212	:</label>
213	+ <select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'order' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'order' ) ); ?>" type="text">
214	+ <option value="ASC" <?php selected( $order, 'ASC' ); ?>><?php echo esc_html__( 'ASC', 'download-monitor' ); ?></option>
215	+ <option value="DESC" <?php selected( $order, 'DESC' ); ?>><?php echo esc_html__( 'DESC', 'download-monitor' ); ?></option>



216	</select>
217	</p>
218	<p>

220	name="<?php echo esc_attr( $this->get_field_name( 'featured' ) ); ?>"
221	type="checkbox" <?php checked( $featured, 'yes' ); ?> />
222	<label
223	+ for="<?php echo esc_attr( $this->get_field_id( 'featured' ) ); ?>"><?php echo esc_html__( 'Show only featured downloads', 'download-monitor' ); ?></label>
224	</p>
225	<p>
226	<input id="<?php echo esc_attr( $this->get_field_id( 'members_only' ) ); ?>"
227	name="<?php echo esc_attr( $this->get_field_name( 'members_only' ) ); ?>"
228	type="checkbox" <?php checked( $members_only, 'yes' ); ?> />
229	<label
230	+ for="<?php echo esc_attr( $this->get_field_id( 'members_only' ) ); ?>"><?php echo esc_html__( 'Show only members only downloads', 'download-monitor' ); ?></label>
231	</p>
232	<?php
233	}

templates/content-download-box.php CHANGED Viewed

	@@ -14,7 +14,7 @@ if ( ! defined( 'ABSPATH' ) ) {
14	<?php $dlm_download->the_image(); ?>
15
16	<div
17	- class="download-count"><?php printf( _n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' ), $dlm_download->get_download_count() ) ?></div>
18
19	<div class="download-box-content">
20
	@@ -23,10 +23,10 @@ if ( ! defined( 'ABSPATH' ) ) {
23	<?php $dlm_download->the_excerpt(); ?>
24
25	<a class="download-button" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
26	- printf( __( 'Version %s', 'download-monitor' ), $dlm_download->get_version()->get_version_number() );
27	} ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
28	- <?php _e( 'Download File', 'download-monitor' ); ?>
29	- <small><?php echo $dlm_download->get_version()->get_filename(); ?> – <?php echo $dlm_download->get_version()->get_filesize_formatted(); ?></small>
30	</a>
31
32	</div>


14	<?php $dlm_download->the_image(); ?>
15
16	<div
17	+ class="download-count"><?php printf( esc_attr(_n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' )), esc_html( $dlm_download->get_download_count() ) ) ?></div>
18
19	<div class="download-box-content">
20

23	<?php $dlm_download->the_excerpt(); ?>
24
25	<a class="download-button" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
26	+ printf( esc_html__( 'Version %s', 'download-monitor' ), esc_html( $dlm_download->get_version()->get_version_number() ) );
27	} ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
28	+ <?php echo esc_html__( 'Download File', 'download-monitor' ); ?>
29	+ <small><?php echo esc_html( $dlm_download->get_version()->get_filename() ); ?> – <?php echo esc_html( $dlm_download->get_version()->get_filesize_formatted() ); ?></small>
30	</a>
31
32	</div>

templates/content-download-button.php CHANGED Viewed

	@@ -10,6 +10,6 @@ if ( ! defined( 'ABSPATH' ) ) {
10	?>
11
12	<p><a class="aligncenter download-button" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
13	- <?php printf( __( 'Download “%s”', 'download-monitor' ), $dlm_download->get_title() ); ?>
14	- <small><?php echo $dlm_download->get_version()->get_filename(); ?> – <?php printf( _n( 'Downloaded 1 time', 'Downloaded %d times', $dlm_download->get_download_count(), 'download-monitor' ), $dlm_download->get_download_count() ) ?> – <?php echo $dlm_download->get_version()->get_filesize_formatted(); ?></small>
15	</a></p>


10	?>
11
12	<p><a class="aligncenter download-button" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
13	+ <?php printf( esc_html__( 'Download “%s”', 'download-monitor' ), esc_html($dlm_download->get_title()) ); ?>
14	+ <small><?php echo esc_html( $dlm_download->get_version()->get_filename() ); ?> – <?php printf( esc_html(_n( 'Downloaded 1 time', 'Downloaded %d times', $dlm_download->get_download_count(), 'download-monitor' )), esc_html( $dlm_download->get_download_count() ) ) ?> – <?php echo esc_html( $dlm_download->get_version()->get_filesize_formatted() ); ?></small>
15	</a></p>

templates/content-download-filename.php CHANGED Viewed

	@@ -8,10 +8,10 @@ if ( ! defined( 'ABSPATH' ) ) {
8	} // Exit if accessed directly
9
10	?>
11	- <a class="download-link filetype-icon <?php echo 'filetype-' . $dlm_download->get_version()->get_filetype(); ?>"
12	title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
13	- printf( __( 'Version %s', 'download-monitor' ), $dlm_download->get_version()->get_version_number() );
14	} ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
15	- <?php echo $dlm_download->get_version()->get_filename(); ?>
16	- (<?php printf( _n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' ), $dlm_download->get_download_count() ) ?>)
17	</a>


8	} // Exit if accessed directly
9
10	?>
11	+ <a class="download-link filetype-icon <?php echo 'filetype-' . esc_html( $dlm_download->get_version()->get_filetype() ); ?>"
12	title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
13	+ printf( esc_html__( 'Version %s', 'download-monitor' ), esc_html( $dlm_download->get_version()->get_version_number() ) );
14	} ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
15	+ <?php echo esc_html( $dlm_download->get_version()->get_filename() ); ?>
16	+ (<?php printf( esc_html( _n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' ) ), esc_html( $dlm_download->get_download_count() ) ) ?>)
17	</a>

templates/content-download-no-version.php CHANGED Viewed

	@@ -8,6 +8,6 @@ if ( ! defined( 'ABSPATH' ) ) {
8	} // Exit if accessed directly
9
10	?>
11	- <a class="download-link" title="<?php _e( 'Please set a version in your WordPress admin', 'download-monitor' ); ?>" href="#" rel="nofollow">
12	- "<?php $dlm_download->the_title(); ?>" <strong><?php _e( 'has no version set!', 'download-monitor' ); ?></strong>
13	</a>


8	} // Exit if accessed directly
9
10	?>
11	+ <a class="download-link" title="<?php echo esc_attr__( 'Please set a version in your WordPress admin', 'download-monitor' ); ?>" href="#" rel="nofollow">
12	+ "<?php $dlm_download->the_title(); ?>" <strong><?php echo esc_html__( 'has no version set!', 'download-monitor' ); ?></strong>
13	</a>

templates/content-download-title.php CHANGED Viewed

	@@ -9,7 +9,7 @@ if ( ! defined( 'ABSPATH' ) ) {
9
10	?>
11	<a class="download-link" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
12	- printf( __( 'Version %s', 'download-monitor' ), $dlm_download->get_version()->get_version_number() );
13	- } ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
14	- <?php $dlm_download->the_title(); ?>
15	</a>


9
10	?>
11	<a class="download-link" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
12	+ printf( esc_html__( 'Version %s', 'download-monitor' ), esc_html( $dlm_download->get_version()->get_version_number() ) );
13	+ } ?>" href="<?php esc_url( $dlm_download->the_download_link() ); ?>" rel="nofollow">
14	+ <?php esc_html( $dlm_download->the_title() ); ?>
15	</a>

templates/content-download-version-list.php CHANGED Viewed

	@@ -19,10 +19,10 @@ if ( $versions ) : ?>
19	$dlm_download->set_version( $version );
20	?>
21	<li><a class="download-link"
22	- title="<?php printf( _n( 'Downloaded 1 time', 'Downloaded %d times', $dlm_download->get_download_count(), 'download-monitor' ), $dlm_download->get_download_count() ) ?>"
23	href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
24	- <?php echo $version->get_filename(); ?> <?php if ( $version->has_version_number() ) {
25	- echo '- ' . $version->get_version_number();
26	} ?>
27	</a></li>
28	<?php


19	$dlm_download->set_version( $version );
20	?>
21	<li><a class="download-link"
22	+ title="<?php printf( esc_attr(_n( 'Downloaded 1 time', 'Downloaded %d times', $dlm_download->get_download_count(), 'download-monitor' )), esc_html( $dlm_download->get_download_count() ) ) ?>"
23	href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
24	+ <?php echo esc_html( $version->get_filename() ); ?> <?php if ( $version->has_version_number() ) {
25	+ echo '- ' . esc_html( $version->get_version_number() );
26	} ?>
27	</a></li>
28	<?php

templates/content-download.php CHANGED Viewed

	@@ -14,8 +14,8 @@ if ( ! isset( $dlm_download ) \|\| ! $dlm_download ) {
14	/** @var DLM_Download $dlm_download */
15	?>
16	<a class="download-link" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
17	- printf( __( 'Version %s', 'download-monitor' ), $dlm_download->get_version()->get_version_number() );
18	- } ?>" href="<?php $dlm_download->the_download_link(); ?>" rel="nofollow">
19	<?php $dlm_download->the_title(); ?>
20	- (<?php printf( _n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' ), $dlm_download->get_download_count() ) ?>)
21	</a>


14	/** @var DLM_Download $dlm_download */
15	?>
16	<a class="download-link" title="<?php if ( $dlm_download->get_version()->has_version_number() ) {
17	+ printf( esc_html__( 'Version %s', 'download-monitor' ), esc_html( $dlm_download->get_version()->get_version_number() ) );
18	+ } ?>" href="<?php esc_url( $dlm_download->the_download_link() ); ?>" rel="nofollow">
19	<?php $dlm_download->the_title(); ?>
20	+ (<?php printf( esc_html(_n( '1 download', '%d downloads', $dlm_download->get_download_count(), 'download-monitor' )), esc_html( $dlm_download->get_download_count() ) ) ?>)
21	</a>

templates/no-access.php CHANGED Viewed

	@@ -14,7 +14,7 @@ if ( ! defined( 'ABSPATH' ) ) {
14	<?php do_action( 'dlm_no_access_before_message', $download ); ?>
15	<?php if ( ! empty( $no_access_message ) ) : ?>
16
17	- <p><?php echo $no_access_message; ?></p>
18	<?php endif; ?>
19
20	<?php do_action( 'dlm_no_access_after_message', $download ); ?>


14	<?php do_action( 'dlm_no_access_before_message', $download ); ?>
15	<?php if ( ! empty( $no_access_message ) ) : ?>
16
17	+ <p><?php echo esc_html( $no_access_message ); ?></p>
18	<?php endif; ?>
19
20	<?php do_action( 'dlm_no_access_after_message', $download ); ?>

templates/pagination.php CHANGED Viewed

@@ -2,6 +2,7 @@
             /**
              * Pagination - Show numbered pagination.
              */
             if ( ! defined( 'ABSPATH' ) ) {
             	exit;
             } // Exit if accessed directly
@@ -12,16 +13,21 @@ if ( $pages <= 1 ) {
             ?>
             <nav class="download-monitor-pagination">
             	<?php
-            -
            	echo paginate_links( apply_filters( 'download_monitor_pagination_args', array(
-            -
            		'base'      => str_replace( 999999999, '%#%', get_pagenum_link( 999999999 ) ),
-            -
            		'format'    => '',
-            -
            		'current'   => max( 1, get_query_var( 'paged' ) ),
-            -
            		'total'     => $pages,
-            -
            		'prev_text' => '&larr;',
-            -
            		'next_text' => '&rarr;',
-            -
            		'type'      => 'list',
-            -
            		'end_size'  => 3,
-            -
            		'mid_size'  => 3
-            -
            	) ) );
             	?>
-            -
            </nav>


2	/**
3	* Pagination - Show numbered pagination.
4	*/
5	+
6	if ( ! defined( 'ABSPATH' ) ) {
7	exit;
8	} // Exit if accessed directly

13	?>
14	<nav class="download-monitor-pagination">
15	<?php
16	+ echo wp_kses_post( paginate_links(
17	+ apply_filters(
18	+ 'download_monitor_pagination_args',
19	+ array(
20	+ 'base' => str_replace( 999999999, '%#%', get_pagenum_link( 999999999 ) ),
21	+ 'format' => '',
22	+ 'current' => max( 1, get_query_var( 'paged' ) ),
23	+ 'total' => $pages,
24	+ 'prev_text' => '←',
25	+ 'next_text' => '→',
26	+ 'type' => 'list',
27	+ 'end_size' => 3,
28	+ 'mid_size' => 3,
29	+ )
30	+ )
31	+ ) );
32	?>
33	+ </nav>

templates/shop/button/add-to-cart-box.php CHANGED Viewed

	@@ -12,19 +12,19 @@ if ( ! defined( 'ABSPATH' ) ) {
12	?>
13	<aside class="download-box">
14
15	- <?php echo $product->get_image(); ?>
16
17	- <div class="download-count"><?php echo dlm_format_money( $product->get_price() ); ?></div>
18
19	<div class="download-box-content">
20
21	- <h1><?php echo $product->get_title(); ?></h1>
22
23	- <p><?php echo $product->get_the_excerpt(); ?></p>
24
25	- <a class="download-button" title="<?php _e( 'Purchase Now', 'download-monitor' ); ?>" href="<?php echo $atc_url; ?>"
26	rel="nofollow">
27	- <?php _e( 'Purchase Now', 'download-monitor' ); ?>
28	</a>
29
30	</div>


12	?>
13	<aside class="download-box">
14
15	+ <?php echo wp_kses_post( $product->get_image() ); ?>
16
17	+ <div class="download-count"><?php echo esc_html( dlm_format_money( $product->get_price() ) ); ?></div>
18
19	<div class="download-box-content">
20
21	+ <h1><?php echo esc_html( $product->get_title() ); ?></h1>
22
23	+ <p><?php echo esc_html( $product->get_the_excerpt() ); ?></p>
24
25	+ <a class="download-button" title="<?php echo esc_html__( 'Purchase Now', 'download-monitor' ); ?>" href="<?php echo esc_url( $atc_url ); ?>"
26	rel="nofollow">
27	+ <?php echo esc_html__( 'Purchase Now', 'download-monitor' ); ?>
28	</a>
29
30	</div>

templates/shop/button/add-to-cart.php CHANGED Viewed

	@@ -10,8 +10,8 @@ if ( ! defined( 'ABSPATH' ) ) {
10	/** @var \Never5\DownloadMonitor\Shop\Product\Product $product */
11	/** @var string $atc_url */
12	?>
13	- <p><a class="aligncenter download-button" href="<?php echo $atc_url; ?>" rel="nofollow">
14	- <?php printf( __( 'Purchase “%s”', 'download-monitor' ), $product->get_title() ); ?>
15	- <small><?php echo dlm_format_money( $product->get_price() ); ?>
16	- <?php echo esc_html( $product->get_the_excerpt() ); ?></small>
17	</a></p>


10	/** @var \Never5\DownloadMonitor\Shop\Product\Product $product */
11	/** @var string $atc_url */
12	?>
13	+ <p><a class="aligncenter download-button" href="<?php echo esc_url ( $atc_url ); ?>" rel="nofollow">
14	+ <?php printf( esc_html__( 'Purchase “%s”', 'download-monitor' ), esc_html( $product->get_title() ) ); ?>
15	+ <small><?php echo esc_html( dlm_format_money( $product->get_price() ) ); ?>
16	- <?php echo esc_html( $product->get_the_excerpt() ); ?></small>
17	</a></p>

templates/shop/cart.php CHANGED Viewed

	@@ -16,10 +16,10 @@ if ( ! defined( 'ABSPATH' ) ) {
16	<thead>
17	<tr>
18	<th> </th>
19	- <th><?php _e( 'Name', 'download-monitor' ); ?></th>
20	- <th><?php _e( 'Price', 'download-monitor' ); ?></th>
21	- <th><?php _e( 'Quantity', 'download-monitor' ); ?></th>
22	- <th><?php _e( 'Total', 'download-monitor' ); ?></th>
23	</tr>
24	</thead>
25	<tbody>
	@@ -44,7 +44,7 @@ if ( ! defined( 'ABSPATH' ) ) {
44	</div>
45	<div class="dlm-cart-bottom-right">
46	<div class="dlm-cart-totals">
47	- <h2><?php _e( 'Cart Totals', 'download-monitor' ); ?></h2>
48	<?php
49	download_monitor()->service( 'template_handler' )->get_template_part( 'shop/cart/totals', '', '', array(
50	'cart' => $cart
	@@ -52,8 +52,8 @@ if ( ! defined( 'ABSPATH' ) ) {
52	?>
53	</div>
54	<div class="dlm-proceed-to-checkout">
55	- <a href="<?php echo $url_checkout; ?>"
56	- class="dlm-button-checkout"><?php _e( 'Proceed to checkout', 'download-monitor' ); ?> »</a>
57	</div>
58	</div>
59	</div>


16	<thead>
17	<tr>
18	<th> </th>
19	+ <th><?php echo esc_html__( 'Name', 'download-monitor' ); ?></th>
20	+ <th><?php echo esc_html__( 'Price', 'download-monitor' ); ?></th>
21	+ <th><?php echo esc_html__( 'Quantity', 'download-monitor' ); ?></th>
22	+ <th><?php echo esc_html__( 'Total', 'download-monitor' ); ?></th>
23	</tr>
24	</thead>
25	<tbody>

44	</div>
45	<div class="dlm-cart-bottom-right">
46	<div class="dlm-cart-totals">
47	+ <h2><?php echo esc_html__( 'Cart Totals', 'download-monitor' ); ?></h2>
48	<?php
49	download_monitor()->service( 'template_handler' )->get_template_part( 'shop/cart/totals', '', '', array(
50	'cart' => $cart

52	?>
53	</div>
54	<div class="dlm-proceed-to-checkout">
55	+ <a href="<?php echo esc_url( $url_checkout ); ?>"
56	+ class="dlm-button-checkout"><?php echo esc_html__( 'Proceed to checkout', 'download-monitor' ); ?> »</a>
57	</div>
58	</div>
59	</div>

templates/shop/cart/empty.php CHANGED Viewed

	@@ -3,4 +3,4 @@ if ( ! defined( 'ABSPATH' ) ) {
3	exit;
4	} // Exit if accessed directly
5	?>
6	- <p><?php _e( 'Your cart is empty.', 'download-monitor' ); ?></p>


3	exit;
4	} // Exit if accessed directly
5	?>
6	+ <p><?php echo esc_html__( 'Your cart is empty.', 'download-monitor' ); ?></p>

templates/shop/cart/item.php CHANGED Viewed

@@ -6,11 +6,11 @@ if ( ! defined( 'ABSPATH' ) ) {
             /** @var Never5\DownloadMonitor\Shop\Cart\Item\Item $item */
             ?>
             <tr>
-            -
                <td><a href="<?php echo add_query_arg( array( 'dlm-remove-from-cart' => $item->get_product_id() ), $url_cart ); ?>"
-            -
                       class="dlm-cart-remove-item"
-            -
                       aria-label="<?php _e( 'Remove this item from your cart', 'download-monitor' ); ?>">x</a></td>
-            -
                <td><?php echo $item->get_label(); ?></td>
-            -
                <td><?php echo dlm_format_money( $item->get_subtotal() ); ?></td>
-            -
                <td><?php echo $item->get_qty(); ?></td>
-            -
                <td><?php echo dlm_format_money( $item->get_total() ); ?></td>
-            -
            </tr>


6	/** @var Never5\DownloadMonitor\Shop\Cart\Item\Item $item */
7	?>
8	<tr>
9	+ <td><a href="<?php echo esc_url( add_query_arg( array( 'dlm-remove-from-cart' => $item->get_product_id() ), $url_cart ) ); ?>"
10	+ class="dlm-cart-remove-item"
11	+ aria-label="<?php echo esc_attr__( 'Remove this item from your cart', 'download-monitor' ); ?>">x</a></td>
12	+ <td><?php echo esc_html__( $item->get_label() ); ?></td>
13	+ <td><?php echo esc_html__( dlm_format_money( $item->get_subtotal() ) ); ?></td>
14	+ <td><?php echo esc_html__( $item->get_qty() ); ?></td>
15	+ <td><?php echo esc_html__( dlm_format_money( $item->get_total() ) ); ?></td>
16	+ </tr>

templates/shop/cart/totals.php CHANGED Viewed

	@@ -8,8 +8,8 @@ if ( ! defined( 'ABSPATH' ) ) {
8	<table cellspacing="0" cellpadding="0" border="0">
9	<tbody>
10	<tr>
11	- <th><?php _e( 'Subtotal', 'download-monitor' ); ?></th>
12	- <td><?php echo dlm_format_money( $cart->get_subtotal() ); ?></td>
13	</tr>
14	<?php
15	/**
	@@ -22,8 +22,8 @@ if ( ! defined( 'ABSPATH' ) ) {
22	*/
23	?>
24	<tr class="dlm-totals-last-row">
25	- <th><?php _e( 'Total', 'download-monitor' ); ?></th>
26	- <td><?php echo dlm_format_money( $cart->get_total() ); ?></td>
27	</tr>
28	</tbody>
29	</table>


8	<table cellspacing="0" cellpadding="0" border="0">
9	<tbody>
10	<tr>
11	+ <th><?php echo esc_html__( 'Subtotal', 'download-monitor' ); ?></th>
12	+ <td><?php echo esc_html( dlm_format_money( $cart->get_subtotal() ) ); ?></td>
13	</tr>
14	<?php
15	/**

22	*/
23	?>
24	<tr class="dlm-totals-last-row">
25	+ <th><?php echo esc_html__( 'Total', 'download-monitor' ); ?></th>
26	+ <td><?php echo esc_html( dlm_format_money( $cart->get_total() ) ); ?></td>
27	</tr>
28	</tbody>
29	</table>

templates/shop/checkout.php CHANGED Viewed

	@@ -22,7 +22,7 @@ if ( ! defined( 'ABSPATH' ) ) {
22	'error' => __( "Your browser does not support JavaScript which our checkout page requires to function properly.", 'download-monitor' )
23	) );
24	?></noscript>
25	- <form method="post" action="<?php echo $url_checkout; ?>" id="dlm-form-checkout" <?php echo $form_data_str; ?>>
26	<?php
27	if ( ! empty( $errors ) ):
28	foreach ( $errors as $error ):
	@@ -33,11 +33,11 @@ if ( ! defined( 'ABSPATH' ) ) {
33	endif;
34	?>
35	<div class="dlm-checkout-billing">
36	- <h2><?php _e( 'Billing details', 'download-monitor' ); ?></h2>
37	<?php dlm_checkout_fields( $field_values ); ?>
38	</div>
39	<div class="dlm-checkout-order-review">
40	- <h2><?php _e( 'Your order', 'download-monitor' ); ?></h2>
41	<?php
42	download_monitor()->service( 'template_handler' )->get_template_part( 'shop/checkout/order-review', '', '', array(
43	'cart' => $cart,


22	'error' => __( "Your browser does not support JavaScript which our checkout page requires to function properly.", 'download-monitor' )
23	) );
24	?></noscript>
25	+ <form method="post" action="<?php echo esc_url( $url_checkout ); ?>" id="dlm-form-checkout" <?php echo esc_attr( $form_data_str ); ?>>
26	<?php
27	if ( ! empty( $errors ) ):
28	foreach ( $errors as $error ):

33	endif;
34	?>
35	<div class="dlm-checkout-billing">
36	+ <h2><?php echo esc_html__( 'Billing details', 'download-monitor' ); ?></h2>
37	<?php dlm_checkout_fields( $field_values ); ?>
38	</div>
39	<div class="dlm-checkout-order-review">
40	+ <h2><?php echo esc_html__( 'Your order', 'download-monitor' ); ?></h2>
41	<?php
42	download_monitor()->service( 'template_handler' )->get_template_part( 'shop/checkout/order-review', '', '', array(
43	'cart' => $cart,

templates/shop/checkout/empty.php CHANGED Viewed

	@@ -3,4 +3,4 @@ if ( ! defined( 'ABSPATH' ) ) {
3	exit;
4	} // Exit if accessed directly
5	?>
6	- <p><?php _e( 'Your cart is empty.', 'download-monitor' ); ?></p>


3	exit;
4	} // Exit if accessed directly
5	?>
6	+ <p><?php echo esc_html__( 'Your cart is empty.', 'download-monitor' ); ?></p>

templates/shop/checkout/error.php CHANGED Viewed

	@@ -7,7 +7,7 @@ if ( ! defined( 'ABSPATH' ) ) {
7	?>
8
9	<div class="dlm-checkout-error">
10	- <img src="<?php echo download_monitor()->get_plugin_url(); ?>/assets/images/shop/icon-error.svg"
11	- alt="<?php _e( "Checkout error", 'download-monitor' ); ?>" class="dlm-checkout-error-icon">
12	- <p><?php echo esc_html( $error ); ?></p>
13	- </div>


7	?>
8
9	<div class="dlm-checkout-error">
10	+ <img src="<?php echo esc_url( download_monitor()->get_plugin_url() ); ?>/assets/images/shop/icon-error.svg"
11	+ alt="<?php echo esc_html__( 'Checkout error', 'download-monitor' ); ?>" class="dlm-checkout-error-icon">
12	+ <p><?php echo esc_html( $error ); ?></p>
13	+ </div>

templates/shop/checkout/no-access.php CHANGED Viewed

	@@ -3,4 +3,4 @@ if ( ! defined( 'ABSPATH' ) ) {
3	exit;
4	} // Exit if accessed directly
5	?>
6	- <p><?php _e( 'You have no access to this order.', 'download-monitor' ); ?></p>


3	exit;
4	} // Exit if accessed directly
5	?>
6	+ <p><?php echo esc_html__( 'You have no access to this order.', 'download-monitor' ); ?></p>

templates/shop/checkout/order-complete.php CHANGED Viewed

	@@ -6,7 +6,7 @@ if ( ! defined( 'ABSPATH' ) ) {
6	/** @var \Never5\DownloadMonitor\Shop\Order\Order $order */
7	?>
8	<div class="dlm-checkout dlm-checkout-complete">
9	- <p><?php _e( 'Thank you for your order. Please find your order details below.', 'download-monitor' ); ?></p>
10
11	<?php
12	if ( $order != null ) :
	@@ -18,20 +18,20 @@ if ( ! defined( 'ABSPATH' ) ) {
18	*/
19	?>
20	<div class="dlm-checkout-complete-order-details">
21	- <h2><?php _e( "Order Details", 'download-monitor' ); ?></h2>
22	<table cellpadding="0" cellspacing="0" border="0">
23	<tbody>
24	<tr>
25	- <th><?php _e( "Order ID", 'download-monitor' ); ?></th>
26	- <td><?php echo $order->get_id(); ?></td>
27	</tr>
28	<tr>
29	- <th><?php _e( "Order Status", 'download-monitor' ); ?></th>
30	- <td><?php echo $order->get_status()->get_label(); ?></td>
31	</tr>
32	<tr>
33	- <th><?php _e( "Order Date", 'download-monitor' ); ?></th>
34	- <td><?php echo $order->get_date_created()->format( 'Y-h-d H:i:s' ); ?></td>
35	</tr>
36	</tbody>
37	</table>
	@@ -71,8 +71,8 @@ if ( ! defined( 'ABSPATH' ) ) {
71	<table cellpadding="0" cellspacing="0" border="0">
72	<thead>
73	<tr>
74	- <th><?php _e( "Download name", 'download-monitor' ); ?></th>
75	- <th><?php _e( "Download version", 'download-monitor' ); ?></th>
76	<th> </th>
77	</tr>
78	</thead>
	@@ -81,7 +81,7 @@ if ( ! defined( 'ABSPATH' ) ) {
81	<?php
82	$download_title = "-";
83	$version_label = "-";
84	- $download_button_html = __( 'Download is no longer available', 'download-monitor' );
85
86	if ( $download->exists() ) {
87	$download_title = $download->get_title();
	@@ -91,9 +91,9 @@ if ( ! defined( 'ABSPATH' ) ) {
91
92	?>
93	<tr>
94	- <td><?php echo $download_title; ?></td>
95	- <td><?php echo $version_label; ?></td>
96	- <td><?php echo $download_button_html; ?></td>
97	</tr>
98	<?php endforeach; ?>
99	</tbody>
	@@ -103,7 +103,7 @@ if ( ! defined( 'ABSPATH' ) ) {
103
104
105	<?php else: ?>
106	- <p>No items found~~.</~~p>
107	<?php endif; ?>
108	</div>
109


6	/** @var \Never5\DownloadMonitor\Shop\Order\Order $order */
7	?>
8	<div class="dlm-checkout dlm-checkout-complete">
9	+ <p><?php echo esc_html__( 'Thank you for your order. Please find your order details below.', 'download-monitor' ); ?></p>
10
11	<?php
12	if ( $order != null ) :

18	*/
19	?>
20	<div class="dlm-checkout-complete-order-details">
21	+ <h2><?php echo esc_html__( "Order Details", 'download-monitor' ); ?></h2>
22	<table cellpadding="0" cellspacing="0" border="0">
23	<tbody>
24	<tr>
25	+ <th><?php echo esc_html__( "Order ID", 'download-monitor' ); ?></th>
26	+ <td><?php echo esc_html( $order->get_id() ); ?></td>
27	</tr>
28	<tr>
29	+ <th><?php echo esc_html__( "Order Status", 'download-monitor' ); ?></th>
30	+ <td><?php echo esc_html( $order->get_status()->get_label() ); ?></td>
31	</tr>
32	<tr>
33	+ <th><?php echo esc_html__( "Order Date", 'download-monitor' ); ?></th>
34	+ <td><?php echo esc_html( $order->get_date_created()->format( 'Y-h-d H:i:s' ) ); ?></td>
35	</tr>
36	</tbody>
37	</table>

71	<table cellpadding="0" cellspacing="0" border="0">
72	<thead>
73	<tr>
74	+ <th><?php echo esc_html__( "Download name", 'download-monitor' ); ?></th>
75	+ <th><?php echo esc_html__( "Download version", 'download-monitor' ); ?></th>
76	<th> </th>
77	</tr>
78	</thead>

81	<?php
82	$download_title = "-";
83	$version_label = "-";
84	+ $download_button_html = esc_html__( 'Download is no longer available', 'download-monitor' );
85
86	if ( $download->exists() ) {
87	$download_title = $download->get_title();

91
92	?>
93	<tr>
94	+ <td><?php echo esc_html( $download_title ); ?></td>
95	+ <td><?php echo esc_html( $version_label ); ?></td>
96	+ <td><?php echo esc_html( $download_button_html ); ?></td>
97	</tr>
98	<?php endforeach; ?>
99	</tbody>

103
104
105	<?php else: ?>
106	+ <p> <?php echo esc_html__( 'No items found.', 'download-monitor' ); ?></p>
107	<?php endif; ?>
108	</div>
109

templates/shop/checkout/order-review-item.php CHANGED Viewed

	@@ -6,6 +6,6 @@ if ( ! defined( 'ABSPATH' ) ) {
6	/** @var array $item */
7	?>
8	<tr>
9	- <td><?php echo $item['label']; ?></td>
10	- <td><?php echo $item['subtotal']; ?></td>
11	</tr>


6	/** @var array $item */
7	?>
8	<tr>
9	+ <td><?php echo esc_html( $item['label'] ); ?></td>
10	+ <td><?php echo esc_html( $item['subtotal'] ); ?></td>
11	</tr>

templates/shop/checkout/order-review.php CHANGED Viewed

	@@ -13,8 +13,8 @@ if ( ! defined( 'ABSPATH' ) ) {
13	<table cellpadding="0" cellspacing="0" border="0">
14	<thead>
15	<tr>
16	- <th><?php _e( 'Product', 'download-monitor' ); ?></th>
17	- <th><?php _e( 'Total', 'download-monitor' ); ?></th>
18	</tr>
19	</thead>
20	<tbody>
	@@ -31,12 +31,12 @@ if ( ! defined( 'ABSPATH' ) ) {
31	</tbody>
32	<tfoot>
33	<tr>
34	- <th><?php _e( 'Subtotal', 'download-monitor' ); ?></th>
35	- <td><?php echo $subtotal; ?></td>
36	</tr>
37	<tr>
38	- <th><?php _e( 'Total', 'download-monitor' ); ?></th>
39	- <td><?php echo $total; ?></td>
40	</tr>
41	</tfoot>
42	</table>


13	<table cellpadding="0" cellspacing="0" border="0">
14	<thead>
15	<tr>
16	+ <th><?php echo esc_html__( 'Product', 'download-monitor' ); ?></th>
17	+ <th><?php echo esc_html__( 'Total', 'download-monitor' ); ?></th>
18	</tr>
19	</thead>
20	<tbody>

31	</tbody>
32	<tfoot>
33	<tr>
34	+ <th><?php echo esc_html__( 'Subtotal', 'download-monitor' ); ?></th>
35	+ <td><?php echo esc_html( $subtotal ); ?></td>
36	</tr>
37	<tr>
38	+ <th><?php echo esc_html__( 'Total', 'download-monitor' ); ?></th>
39	+ <td><?php echo esc_html( $total ); ?></td>
40	</tr>
41	</tfoot>
42	</table>

templates/shop/checkout/payment-gateway.php CHANGED Viewed

	@@ -6,10 +6,10 @@ if ( ! defined( 'ABSPATH' ) ) {
6	/** @var \Never5\DownloadMonitor\Shop\Checkout\PaymentGateway\PaymentGateway $gateway */
7	?>
8	<li>
9	- <label for="dlm_gateway_<?php echo $gateway->get_id(); ?>">
10	- <input type="radio" name="dlm_gateway" id="dlm_gateway_<?php echo $gateway->get_id(); ?>"
11	- value="<?php echo $gateway->get_id(); ?>" <?php checked( $default_gateway, $gateway->get_id() ); ?>/>
12	- <?php echo $gateway->get_title(); ?>
13	</label>
14	<div class="dlm_gateway_details">
15	<?php


6	/** @var \Never5\DownloadMonitor\Shop\Checkout\PaymentGateway\PaymentGateway $gateway */
7	?>
8	<li>
9	+ <label for="dlm_gateway_<?php echo esc_attr( $gateway->get_id() ); ?>">
10	+ <input type="radio" name="dlm_gateway" id="dlm_gateway_<?php echo esc_attr( $gateway->get_id() ); ?>"
11	+ value="<?php echo esc_attr( $gateway->get_id() ); ?>" <?php checked( $default_gateway, $gateway->get_id() ); ?>/>
12	+ <?php echo esc_html( $gateway->get_title() ); ?>
13	</label>
14	<div class="dlm_gateway_details">
15	<?php

templates/shop/checkout/submit-button.php CHANGED Viewed

	@@ -3,4 +3,4 @@ if ( ! defined( 'ABSPATH' ) ) {
3	exit;
4	} // Exit if accessed directly
5	?>
6	- <input type="submit" name="dlm_checkout_submit" id="dlm_checkout_submit" value="<?php _e('Complete order','download-monitor'); ?>" />


3	exit;
4	} // Exit if accessed directly
5	?>
6	+ <input type="submit" name="dlm_checkout_submit" id="dlm_checkout_submit" value="<?php echo esc_html__( 'Complete order', 'download-monitor' ); ?>" />

templates/shop/content-single-product.php CHANGED Viewed

	@@ -11,7 +11,7 @@ if ( ! defined( 'ABSPATH' ) ) {
11	do_action( 'dlm_before_single_product', $product );
12	?>
13	<div class="dlm-product">
14	- <p><?php echo ~~esc_html~~( $product->get_content() ); ?></p>
15	<?php echo do_shortcode( sprintf( '[dlm_buy id="%s"]', intval( $product->get_id() ) ) ); ?>
16	</div>
17	<?php do_action( 'dlm_after_single_product', $product ); ?>


11	do_action( 'dlm_before_single_product', $product );
12	?>
13	<div class="dlm-product">
14	+ <p><?php echo do_shortcode( $product->get_content() ); ?></p>
15	<?php echo do_shortcode( sprintf( '[dlm_buy id="%s"]', intval( $product->get_id() ) ) ); ?>
16	</div>
17	<?php do_action( 'dlm_after_single_product', $product ); ?>

templates/shop/email/elements/downloads-table-plain.php CHANGED Viewed

	@@ -7,10 +7,10 @@ if ( ! defined( 'ABSPATH' ) ) {
7	?>
8	<?php if ( count( $products ) > 0 ) : ?>
9	<?php foreach ( $products as $product ) : ?>
10	- -- <?php echo $product['label']; ?> -- <?php echo PHP_EOL; ?>
11	<?php if ( count( $product['downloads'] ) > 0 ) : ?>
12	<?php foreach ( $product['downloads'] as $item ) : ?>
13	- <?php echo $item['label']; ?> ( <?php echo $item['version']; ?> ): <?php echo $item['download_url'] . PHP_EOL; ?>
14	<?php endforeach; ?>
15	<?php endif; ?>
16	<?php endforeach; ?>


7	?>
8	<?php if ( count( $products ) > 0 ) : ?>
9	<?php foreach ( $products as $product ) : ?>
10	+ -- <?php echo esc_html( $product['label'] ); ?> -- <?php echo PHP_EOL; ?>
11	<?php if ( count( $product['downloads'] ) > 0 ) : ?>
12	<?php foreach ( $product['downloads'] as $item ) : ?>
13	+ <?php echo esc_html( $item['label'] ); ?> ( <?php echo esc_html( $item['version'] ); ?> ): <?php echo esc_html( $item['download_url'] ) . PHP_EOL; ?>
14	<?php endforeach; ?>
15	<?php endif; ?>
16	<?php endforeach; ?>

templates/shop/email/elements/downloads-table.php CHANGED Viewed

	@@ -7,13 +7,13 @@ if ( ! defined( 'ABSPATH' ) ) {
7	?>
8	<?php if ( count( $products ) > 0 ) : ?>
9	<?php foreach ( $products as $product ) : ?>
10	- <strong style="font-size: 1.2em;"><?php echo $product['label'] ?></strong><br/>
11	<br/>
12	<table cellpadding="0" cellspacing="0" border="0" class="dlm-downloads-table">
13	<thead>
14	<tr>
15	- <th class="dlm-th-name"><?php _e( "Download name", 'download-monitor' ); ?></th>
16	- <th class="dlm-th-version"><?php _e( "Version", 'download-monitor' ); ?></th>
17	<th class="dlm-th-download-button"> </th>
18	</tr>
19	</thead>
	@@ -21,9 +21,9 @@ if ( ! defined( 'ABSPATH' ) ) {
21	<?php if ( count( $product['downloads'] ) > 0 ) : ?>
22	<?php foreach ( $product['downloads'] as $item ) : ?>
23	<tr>
24	- <td class="dlm-td-name"><?php echo $item['label']; ?></td>
25	- <td class="dlm-td-version"><?php echo $item['version']; ?></td>
26	- <td class="dlm-td-download-button"><?php echo $item['button']; ?></td>
27	</tr>
28	<?php endforeach; ?>
29	<?php endif; ?>


7	?>
8	<?php if ( count( $products ) > 0 ) : ?>
9	<?php foreach ( $products as $product ) : ?>
10	+ <strong style="font-size: 1.2em;"><?php echo esc_html( $product['label'] ) ?></strong><br/>
11	<br/>
12	<table cellpadding="0" cellspacing="0" border="0" class="dlm-downloads-table">
13	<thead>
14	<tr>
15	+ <th class="dlm-th-name"><?php echo esc_html__( "Download name", 'download-monitor' ); ?></th>
16	+ <th class="dlm-th-version"><?php echo esc_html__( "Version", 'download-monitor' ); ?></th>
17	<th class="dlm-th-download-button"> </th>
18	</tr>
19	</thead>

21	<?php if ( count( $product['downloads'] ) > 0 ) : ?>
22	<?php foreach ( $product['downloads'] as $item ) : ?>
23	<tr>
24	+ <td class="dlm-td-name"><?php echo esc_html( $item['label'] ); ?></td>
25	+ <td class="dlm-td-version"><?php echo esc_html( $item['version'] ); ?></td>
26	+ <td class="dlm-td-download-button"><?php echo esc_html( $item['button'] ); ?></td>
27	</tr>
28	<?php endforeach; ?>
29	<?php endif; ?>

templates/shop/email/elements/order-table-plain.php CHANGED Viewed

	@@ -6,6 +6,6 @@ if ( ! defined( 'ABSPATH' ) ) {
6
7	<?php if ( count( $items ) > 0 ) : ?>
8	<?php foreach ( $items as $item ) : ?>
9	- <?php echo $item['key']; ?>: <?php echo $item['value'] . PHP_EOL; ?>
10	<?php endforeach; ?>
11	<?php endif; ?>


6
7	<?php if ( count( $items ) > 0 ) : ?>
8	<?php foreach ( $items as $item ) : ?>
9	+ <?php echo esc_html( $item['key'] ); ?>: <?php echo esc_html( $item['value'] ) . PHP_EOL; ?>
10	<?php endforeach; ?>
11	<?php endif; ?>

templates/shop/email/elements/order-table.php CHANGED Viewed

	@@ -8,8 +8,8 @@ if ( ! defined( 'ABSPATH' ) ) {
8	<?php if ( count( $items ) > 0 ) : ?>
9	<?php foreach ( $items as $item ) : ?>
10	<tr>
11	- <th><?php echo $item['key']; ?></th>
12	- <td><?php echo $item['value']; ?></td>
13	</tr>
14	<?php endforeach; ?>
15	<?php endif; ?>


8	<?php if ( count( $items ) > 0 ) : ?>
9	<?php foreach ( $items as $item ) : ?>
10	<tr>
11	+ <th><?php echo esc_html( $item['key'] ); ?></th>
12	+ <td><?php echo esc_html( $item['value'] ); ?></td>
13	</tr>
14	<?php endforeach; ?>
15	<?php endif; ?>