Version Description
- Fixed: XSS vulnerability.
Download this release
Release Info
| Developer | 10web |
| Plugin |  Event Calendar WD – Responsive Event Calendar plugin |
| Version | 1.1.46 |
| Comparing to | |
| See all releases | |
Code changes from version 1.1.45 to 1.1.46
- ecwd.php +1 -1
- includes/ecwd-functions.php +2 -2
- includes/ecwd-shortcodes.php +30 -26
- readme.txt +4 -1
ecwd.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: Event Calendar WD
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-event-calendar/
|
| 5 |
* Description: Event Calendar WD is an easy event management and planning tool with advanced features.
|
| 6 |
-
* Version: 1.1.
|
| 7 |
* Author: 10Web
|
| 8 |
* Author URI: https://10web.io/plugins/
|
| 9 |
* Text Domain: event-calendar-wd
|
| 3 |
* Plugin Name: Event Calendar WD
|
| 4 |
* Plugin URI: https://10web.io/plugins/wordpress-event-calendar/
|
| 5 |
* Description: Event Calendar WD is an easy event management and planning tool with advanced features.
|
| 6 |
+
* Version: 1.1.46
|
| 7 |
* Author: 10Web
|
| 8 |
* Author URI: https://10web.io/plugins/
|
| 9 |
* Text Domain: event-calendar-wd
|
includes/ecwd-functions.php
CHANGED
|
@@ -29,7 +29,7 @@ function ecwd_print_calendar($calendar_ids, $display = 'mini', $args = array(),
|
|
| 29 |
$args = array_merge($defaults, $args);
|
| 30 |
|
| 31 |
extract($args);
|
| 32 |
-
array_walk_recursive( $args, function ( &$value ) { $value = esc_html( $value ); } );
|
| 33 |
if (!is_array($calendar_ids)) {
|
| 34 |
$ids = explode('-', str_replace(' ', '', $calendar_ids));
|
| 35 |
} else {
|
|
@@ -425,7 +425,7 @@ function ecwd_print_countdown($event_id, $widget = 1, $theme_id = null, $args =
|
|
| 425 |
|
| 426 |
$args = array_merge($defaults, $args);
|
| 427 |
extract($args);
|
| 428 |
-
array_walk_recursive( $args, function ( &$value ) { $value = esc_html( $value ); } );
|
| 429 |
$finish_text = isset($args['finish_text']) ? $args['finish_text'] : '';
|
| 430 |
|
| 431 |
$date = ( isset($args['date']) ? $args['date'] : '' );
|
| 29 |
$args = array_merge($defaults, $args);
|
| 30 |
|
| 31 |
extract($args);
|
| 32 |
+
array_walk_recursive( $args, function ( &$value ) { if (is_string( $value )) $value = esc_html( $value ); } );
|
| 33 |
if (!is_array($calendar_ids)) {
|
| 34 |
$ids = explode('-', str_replace(' ', '', $calendar_ids));
|
| 35 |
} else {
|
| 425 |
|
| 426 |
$args = array_merge($defaults, $args);
|
| 427 |
extract($args);
|
| 428 |
+
array_walk_recursive( $args, function ( &$value ) { if (is_string( $value )) $value = esc_html( $value ); } );
|
| 429 |
$finish_text = isset($args['finish_text']) ? $args['finish_text'] : '';
|
| 430 |
|
| 431 |
$date = ( isset($args['date']) ? $args['date'] : '' );
|
includes/ecwd-shortcodes.php
CHANGED
|
@@ -20,7 +20,7 @@ function ecwd_shortcode($attr) {
|
|
| 20 |
return "";
|
| 21 |
}
|
| 22 |
|
| 23 |
-
|
| 24 |
'id' => null,
|
| 25 |
'page_items' => '5',
|
| 26 |
'event_search' => 'yes',
|
|
@@ -28,47 +28,51 @@ function ecwd_shortcode($attr) {
|
|
| 28 |
'displays' => null,
|
| 29 |
'filters' => null,
|
| 30 |
'calendar_start_date' => null
|
| 31 |
-
), $attr
|
| 32 |
|
| 33 |
// If no ID is specified then return
|
| 34 |
-
if (empty($id)) {
|
| 35 |
return;
|
| 36 |
}
|
| 37 |
|
| 38 |
-
|
| 39 |
-
$type = (isset($attr['type']) && $attr['type'] === 'mini') ? 'mini' : 'full';//for gutenberg
|
| 40 |
|
| 41 |
$ecwd_displays_list = array('none',$type,"list","week","day");
|
| 42 |
|
| 43 |
-
|
| 44 |
-
$
|
| 45 |
-
|
| 46 |
-
|
| 47 |
-
|
| 48 |
-
|
|
|
|
| 49 |
|
| 50 |
-
|
| 51 |
-
|
| 52 |
-
|
| 53 |
-
|
| 54 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 55 |
}
|
| 56 |
-
}
|
| 57 |
-
$displays = implode(",",$ecwd_displays);
|
| 58 |
-
$args = array('displays'=>$displays, 'filters'=>$filters, 'page_items'=>$page_items, 'event_search'=>$event_search);
|
| 59 |
|
| 60 |
-
|
| 61 |
-
|
| 62 |
-
|
| 63 |
-
|
|
|
|
| 64 |
}
|
| 65 |
}
|
| 66 |
|
| 67 |
-
if($calendar_start_date !== null){
|
| 68 |
-
$args['date'] = ECWD::ecwd_date('Y-m-d',$calendar_start_date);
|
| 69 |
}
|
| 70 |
|
| 71 |
-
$calendar_ids = explode(',', str_replace(' ', '', $id));
|
|
|
|
| 72 |
$result = ecwd_print_calendar($calendar_ids, $display, $args);
|
| 73 |
return $result;
|
| 74 |
}
|
| 20 |
return "";
|
| 21 |
}
|
| 22 |
|
| 23 |
+
$attr = shortcode_atts(array(
|
| 24 |
'id' => null,
|
| 25 |
'page_items' => '5',
|
| 26 |
'event_search' => 'yes',
|
| 28 |
'displays' => null,
|
| 29 |
'filters' => null,
|
| 30 |
'calendar_start_date' => null
|
| 31 |
+
), $attr);
|
| 32 |
|
| 33 |
// If no ID is specified then return
|
| 34 |
+
if (empty($attr['id'])) {
|
| 35 |
return;
|
| 36 |
}
|
| 37 |
|
| 38 |
+
$type = (isset($attr['type']) && $attr['type'] === 'mini') ? 'mini' : 'full';//for gutenberg
|
|
|
|
| 39 |
|
| 40 |
$ecwd_displays_list = array('none',$type,"list","week","day");
|
| 41 |
|
| 42 |
+
//for gutenberg
|
| 43 |
+
if($type === 'mini'){
|
| 44 |
+
$displays = str_replace('full', 'mini', $attr['displays']);
|
| 45 |
+
}else{
|
| 46 |
+
$displays = str_replace('mini', 'full', $attr['displays']);
|
| 47 |
+
}
|
| 48 |
+
$ecwd_displays = explode(",",$displays);
|
| 49 |
|
| 50 |
+
foreach ($ecwd_displays as $ecwd_key => $ecwd_display_name){
|
| 51 |
+
if(!in_array($ecwd_display_name ,$ecwd_displays_list)){
|
| 52 |
+
$ecwd_displays[$ecwd_key] = $type;
|
| 53 |
+
}
|
| 54 |
+
}
|
| 55 |
+
//for gutenberg
|
| 56 |
+
$display = $ecwd_displays[0];
|
| 57 |
+
$displays = implode(",",$ecwd_displays);
|
| 58 |
+
if(get_post_status($attr['id']) === "private" && !current_user_can('read_private_posts')){
|
| 59 |
+
return;
|
| 60 |
}
|
|
|
|
|
|
|
|
|
|
| 61 |
|
| 62 |
+
$args = array('displays'=>$displays, 'filters'=>$attr['filters'], 'page_items'=>$attr['page_items'], 'event_search'=>$attr['event_search']);
|
| 63 |
+
if($attr['calendar_start_date'] !== null){
|
| 64 |
+
$attr['calendar_start_date'] = strtotime($attr['calendar_start_date']);
|
| 65 |
+
if($attr['calendar_start_date'] === false || $attr['calendar_start_date'] === -1){
|
| 66 |
+
$attr['calendar_start_date'] = null;
|
| 67 |
}
|
| 68 |
}
|
| 69 |
|
| 70 |
+
if($attr['calendar_start_date'] !== null){
|
| 71 |
+
$args['date'] = ECWD::ecwd_date('Y-m-d',$attr['calendar_start_date']);
|
| 72 |
}
|
| 73 |
|
| 74 |
+
$calendar_ids = explode(',', str_replace(' ', '', $attr['id']));
|
| 75 |
+
array_walk( $calendar_ids, function ( &$value ) { $value = ( int ) $value; } );
|
| 76 |
$result = ecwd_print_calendar($calendar_ids, $display, $args);
|
| 77 |
return $result;
|
| 78 |
}
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Tags: calendar, date, event, event calendar, events, events calendar, meeting, o
|
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.5
|
| 6 |
Requires PHP: 5.4
|
| 7 |
-
Stable tag: 1.1.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -345,6 +345,9 @@ After downloading the ZIP file of the Event Calendar WD plugin,
|
|
| 345 |
Event Calendar WD plugin optionally embeds Google Maps on front end to display events on the map. Embedded Google Maps behave in the exact same way as if visitor has opened Google Maps site. Google may collect data about visitors, use cookies and tracking, included their logged-in experience interaction with Google platform. Google Maps are regulated under terms of Google privacy policy https://policies.google.com/privacy. The plugin asks for your consent to collect site administrator’s email address and site URL to offer customer support, deals and discounts on premium products and more.
|
| 346 |
|
| 347 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
| 348 |
= 1.1.45 =
|
| 349 |
* Fixed: XSS vulnerability.
|
| 350 |
|
| 4 |
Requires at least: 4.6
|
| 5 |
Tested up to: 5.5
|
| 6 |
Requires PHP: 5.4
|
| 7 |
+
Stable tag: 1.1.46
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 345 |
Event Calendar WD plugin optionally embeds Google Maps on front end to display events on the map. Embedded Google Maps behave in the exact same way as if visitor has opened Google Maps site. Google may collect data about visitors, use cookies and tracking, included their logged-in experience interaction with Google platform. Google Maps are regulated under terms of Google privacy policy https://policies.google.com/privacy. The plugin asks for your consent to collect site administrator’s email address and site URL to offer customer support, deals and discounts on premium products and more.
|
| 346 |
|
| 347 |
== Changelog ==
|
| 348 |
+
= 1.1.46 =
|
| 349 |
+
* Fixed: XSS vulnerability.
|
| 350 |
+
|
| 351 |
= 1.1.45 =
|
| 352 |
* Fixed: XSS vulnerability.
|
| 353 |
|
