Version Description
The Plugin was renamed to Geolocation IP Detection in order to prevent trademark issues.
Download this release
Release Info
Developer | benjamin4 |
Plugin | GeoIP Detection |
Version | 3.0.3 |
Comparing to | |
See all releases |
Code changes from version 3.0.2 to 3.0.3
- admin-ui.php +12 -8
- data-sources/auto.php +1 -1
- data-sources/header.php +1 -1
- data-sources/ipstack.php +4 -3
- data-sources/manual.php +1 -1
- data-sources/precision.php +5 -3
- geoip-detect.php +2 -2
- readme.txt +5 -2
- views/lookup.php +9 -7
admin-ui.php
CHANGED
@@ -45,7 +45,7 @@ add_filter( "plugin_action_links_" . GEOIP_PLUGIN_BASENAME, 'geoip_detect_add_se
|
|
45 |
// ------------- Admin GUI --------------------
|
46 |
|
47 |
function geoip_detect_verify_nonce($action) {
|
48 |
-
$nonce = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : '';
|
49 |
return wp_verify_nonce( $nonce, 'geoip_detect_' . $action );
|
50 |
}
|
51 |
|
@@ -56,20 +56,22 @@ function geoip_detect_lookup_page()
|
|
56 |
|
57 |
$ip_lookup_result = false;
|
58 |
$message = '';
|
59 |
-
$action = isset($_POST['action']) ? $_POST['action'] : '';
|
|
|
60 |
|
61 |
if (geoip_detect_verify_nonce($action)) {
|
62 |
switch($action) {
|
63 |
case 'lookup':
|
64 |
-
if (
|
65 |
{
|
66 |
-
$request_ip = geoip_detect_is_ip($
|
67 |
$request_skipCache = !empty($_POST['skip_cache']);
|
68 |
$options = array('skipCache' => $request_skipCache);
|
69 |
|
70 |
$request_locales = null;
|
71 |
-
if (!empty($_POST['locales']))
|
72 |
-
$request_locales = explode(',', $_POST['locales']);
|
|
|
73 |
|
74 |
$start = microtime(true);
|
75 |
$ip_lookup_result = geoip_detect2_get_info_from_ip($request_ip, $request_locales, $options);
|
@@ -84,6 +86,7 @@ function geoip_detect_lookup_page()
|
|
84 |
}
|
85 |
|
86 |
function geoip_detect_sanitize_option($opt_name, $opt_value, &$message = '') {
|
|
|
87 |
switch($opt_name) {
|
88 |
case 'external_ip':
|
89 |
if (!geoip_detect_is_ip($opt_value)) {
|
@@ -125,7 +128,7 @@ function geoip_detect_option_page() {
|
|
125 |
$text_options = array('external_ip', 'trusted_proxy_ips');
|
126 |
$option_names = array_merge($numeric_options, $text_options);
|
127 |
|
128 |
-
$action = isset($_POST['action']) ? $_POST['action'] : '';
|
129 |
|
130 |
if (geoip_detect_verify_nonce($action)) {
|
131 |
switch($action)
|
@@ -144,7 +147,8 @@ function geoip_detect_option_page() {
|
|
144 |
break;
|
145 |
|
146 |
case 'choose':
|
147 |
-
$
|
|
|
148 |
break;
|
149 |
|
150 |
|
45 |
// ------------- Admin GUI --------------------
|
46 |
|
47 |
function geoip_detect_verify_nonce($action) {
|
48 |
+
$nonce = isset($_POST['_wpnonce']) ? sanitize_text_field($_POST['_wpnonce']) : '';
|
49 |
return wp_verify_nonce( $nonce, 'geoip_detect_' . $action );
|
50 |
}
|
51 |
|
56 |
|
57 |
$ip_lookup_result = false;
|
58 |
$message = '';
|
59 |
+
$action = isset($_POST['action']) ? sanitize_key($_POST['action']) : '';
|
60 |
+
$ip = isset($_POST['ip']) ? sanitize_text_field($_POST['ip']) : '';
|
61 |
|
62 |
if (geoip_detect_verify_nonce($action)) {
|
63 |
switch($action) {
|
64 |
case 'lookup':
|
65 |
+
if ($ip)
|
66 |
{
|
67 |
+
$request_ip = geoip_detect_is_ip($ip) ? $ip : '';
|
68 |
$request_skipCache = !empty($_POST['skip_cache']);
|
69 |
$options = array('skipCache' => $request_skipCache);
|
70 |
|
71 |
$request_locales = null;
|
72 |
+
if (!empty($_POST['locales'])) {
|
73 |
+
$request_locales = explode(',', sanitize_text_field($_POST['locales']));
|
74 |
+
}
|
75 |
|
76 |
$start = microtime(true);
|
77 |
$ip_lookup_result = geoip_detect2_get_info_from_ip($request_ip, $request_locales, $options);
|
86 |
}
|
87 |
|
88 |
function geoip_detect_sanitize_option($opt_name, $opt_value, &$message = '') {
|
89 |
+
$opt_value = sanitize_text_field($opt_value);
|
90 |
switch($opt_name) {
|
91 |
case 'external_ip':
|
92 |
if (!geoip_detect_is_ip($opt_value)) {
|
128 |
$text_options = array('external_ip', 'trusted_proxy_ips');
|
129 |
$option_names = array_merge($numeric_options, $text_options);
|
130 |
|
131 |
+
$action = isset($_POST['action']) ? sanitize_key($_POST['action']) : '';
|
132 |
|
133 |
if (geoip_detect_verify_nonce($action)) {
|
134 |
switch($action)
|
147 |
break;
|
148 |
|
149 |
case 'choose':
|
150 |
+
$sourceId = sanitize_text_field($_POST['options']['source']);
|
151 |
+
$registry->setCurrentSource($sourceId);
|
152 |
break;
|
153 |
|
154 |
|
data-sources/auto.php
CHANGED
@@ -104,7 +104,7 @@ HTML;
|
|
104 |
$message = '';
|
105 |
|
106 |
if (isset($post['options_auto']['license_key'])) {
|
107 |
-
$key =
|
108 |
$validationResult = $this->validateApiKey($key);
|
109 |
if (\is_string($validationResult)) {
|
110 |
$message .= $validationResult;
|
104 |
$message = '';
|
105 |
|
106 |
if (isset($post['options_auto']['license_key'])) {
|
107 |
+
$key = sanitize_text_field($post['options_auto']['license_key']);
|
108 |
$validationResult = $this->validateApiKey($key);
|
109 |
if (\is_string($validationResult)) {
|
110 |
$message .= $validationResult;
|
data-sources/header.php
CHANGED
@@ -106,7 +106,7 @@ HTML;
|
|
106 |
public function saveParameters($post) {
|
107 |
$message = '';
|
108 |
|
109 |
-
$value = isset($post['options_header']['provider']) ? $post['options_header']['provider'] : '';
|
110 |
if (!empty($value)) {
|
111 |
update_option('geoip-detect-header-provider', $value);
|
112 |
}
|
106 |
public function saveParameters($post) {
|
107 |
$message = '';
|
108 |
|
109 |
+
$value = isset($post['options_header']['provider']) ? sanitize_key($post['options_header']['provider']) : '';
|
110 |
if (!empty($value)) {
|
111 |
update_option('geoip-detect-header-provider', $value);
|
112 |
}
|
data-sources/ipstack.php
CHANGED
@@ -214,14 +214,15 @@ HTML;
|
|
214 |
$message = '';
|
215 |
|
216 |
if (isset($post['options_ipstack']['key'])) {
|
217 |
-
|
218 |
-
|
|
|
219 |
}
|
220 |
|
221 |
if (isset($post['options_ipstack']['ssl'])) {
|
222 |
$ssl = (int) $post['options_ipstack']['ssl'];
|
223 |
update_option('geoip-detect-ipstack_ssl', $ssl);
|
224 |
-
$this->params['ssl'] = $
|
225 |
}
|
226 |
|
227 |
if (geoip_detect2_is_source_active('ipstack') && !$this->isWorking())
|
214 |
$message = '';
|
215 |
|
216 |
if (isset($post['options_ipstack']['key'])) {
|
217 |
+
$key = sanitize_key($post['options_ipstack']['key']);
|
218 |
+
update_option('geoip-detect-ipstack_key', $key);
|
219 |
+
$this->params['key']= $key;
|
220 |
}
|
221 |
|
222 |
if (isset($post['options_ipstack']['ssl'])) {
|
223 |
$ssl = (int) $post['options_ipstack']['ssl'];
|
224 |
update_option('geoip-detect-ipstack_ssl', $ssl);
|
225 |
+
$this->params['ssl'] = $ssl;
|
226 |
}
|
227 |
|
228 |
if (geoip_detect2_is_source_active('ipstack') && !$this->isWorking())
|
data-sources/manual.php
CHANGED
@@ -82,7 +82,7 @@ HTML;
|
|
82 |
public function saveParameters($post) {
|
83 |
$message = '';
|
84 |
|
85 |
-
$file = isset($post['options_manual']['manual_file']) ? $post['options_manual']['manual_file'] : '';
|
86 |
if (!empty($file)) {
|
87 |
update_option('geoip-detect-manual_file', $file);
|
88 |
|
82 |
public function saveParameters($post) {
|
83 |
$message = '';
|
84 |
|
85 |
+
$file = isset($post['options_manual']['manual_file']) ? sanitize_file_name($post['options_manual']['manual_file']) : '';
|
86 |
if (!empty($file)) {
|
87 |
update_option('geoip-detect-manual_file', $file);
|
88 |
|
data-sources/precision.php
CHANGED
@@ -131,12 +131,14 @@ HTML;
|
|
131 |
update_option('geoip-detect-precision-user_id', $user_id);
|
132 |
}
|
133 |
if (isset($post['options_precision']['user_secret'])) {
|
134 |
-
$user_secret =
|
135 |
update_option('geoip-detect-precision-user_secret', $user_secret);
|
136 |
}
|
137 |
if (isset($post['options_precision']['api_type'])) {
|
138 |
-
|
139 |
-
|
|
|
|
|
140 |
}
|
141 |
|
142 |
if (geoip_detect2_is_source_active('precision') && !$this->isWorking())
|
131 |
update_option('geoip-detect-precision-user_id', $user_id);
|
132 |
}
|
133 |
if (isset($post['options_precision']['user_secret'])) {
|
134 |
+
$user_secret = sanitize_text_field($post['options_precision']['user_secret']);
|
135 |
update_option('geoip-detect-precision-user_secret', $user_secret);
|
136 |
}
|
137 |
if (isset($post['options_precision']['api_type'])) {
|
138 |
+
$type = sanitize_text_field($post['options_precision']['api_type']);
|
139 |
+
if (isset($this->known_api_types[$type])) {
|
140 |
+
update_option('geoip-detect-precision_api_type', $type);
|
141 |
+
}
|
142 |
}
|
143 |
|
144 |
if (geoip_detect2_is_source_active('precision') && !$this->isWorking())
|
geoip-detect.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: http://www.yellowtree.de
|
|
5 |
Description: Retrieving Geo-Information using the Maxmind GeoIP (Lite) Database.
|
6 |
Author: Yellow Tree (Benjamin Pick)
|
7 |
Author URI: http://www.yellowtree.de
|
8 |
-
Version: 3.0.
|
9 |
License: GPLv3 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
11 |
Text Domain: geoip-detect
|
@@ -16,7 +16,7 @@ Requires WP: 4.0
|
|
16 |
Requires PHP: 5.6
|
17 |
*/
|
18 |
|
19 |
-
define('GEOIP_DETECT_VERSION', '3.0.
|
20 |
|
21 |
/*
|
22 |
Copyright 2013-2020 Yellow Tree, Siegen, Germany
|
5 |
Description: Retrieving Geo-Information using the Maxmind GeoIP (Lite) Database.
|
6 |
Author: Yellow Tree (Benjamin Pick)
|
7 |
Author URI: http://www.yellowtree.de
|
8 |
+
Version: 3.0.3
|
9 |
License: GPLv3 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
11 |
Text Domain: geoip-detect
|
16 |
Requires PHP: 5.6
|
17 |
*/
|
18 |
|
19 |
+
define('GEOIP_DETECT_VERSION', '3.0.3');
|
20 |
|
21 |
/*
|
22 |
Copyright 2013-2020 Yellow Tree, Siegen, Germany
|
readme.txt
CHANGED
@@ -111,7 +111,7 @@ Does `geoip_detect2_get_info_from_current_ip()` return the same country, regardl
|
|
111 |
|
112 |
== Upgrade Notice ==
|
113 |
|
114 |
-
= 3.0.
|
115 |
The Plugin was renamed to Geolocation IP Detection in order to prevent trademark issues.
|
116 |
|
117 |
= 3.0.1 =
|
@@ -149,11 +149,14 @@ New: Shortcode for showing/hiding content!
|
|
149 |
|
150 |
== Changelog ==
|
151 |
|
152 |
-
= 3.0.
|
153 |
* The Plugin has been renamed to "Geolocation IP Detection" in order to prevent trademark issues
|
154 |
* FIX: Minor improvements in the backend UI
|
155 |
* FIX: Security hardening against XSS
|
156 |
|
|
|
|
|
|
|
157 |
= 3.0.1 =
|
158 |
* FIX: Button "Update now" now works also on the lookup page.
|
159 |
* FIX: Reverted the vendor code to the one used in 2.13 because it broke installations with the WooCommerce-plugin. I will update the vendor code again once we found a long-term solution for this interdepency.
|
111 |
|
112 |
== Upgrade Notice ==
|
113 |
|
114 |
+
= 3.0.3 =
|
115 |
The Plugin was renamed to Geolocation IP Detection in order to prevent trademark issues.
|
116 |
|
117 |
= 3.0.1 =
|
149 |
|
150 |
== Changelog ==
|
151 |
|
152 |
+
= 3.0.3 =
|
153 |
* The Plugin has been renamed to "Geolocation IP Detection" in order to prevent trademark issues
|
154 |
* FIX: Minor improvements in the backend UI
|
155 |
* FIX: Security hardening against XSS
|
156 |
|
157 |
+
= 3.0.2 =
|
158 |
+
(Was not released)
|
159 |
+
|
160 |
= 3.0.1 =
|
161 |
* FIX: Button "Update now" now works also on the lookup page.
|
162 |
* FIX: Reverted the vendor code to the one used in 2.13 because it broke installations with the WooCommerce-plugin. I will update the vendor code again once we found a long-term solution for this interdepency.
|
views/lookup.php
CHANGED
@@ -57,7 +57,7 @@ function var_export_short($data, $return=true)
|
|
57 |
<form method="post" action="#">
|
58 |
<?php wp_nonce_field( 'geoip_detect_lookup' ); ?>
|
59 |
<input type="hidden" name="action" value="lookup" />
|
60 |
-
<?php _e('IP', 'geoip-detect')?>: <input type="text" placeholder="<?php _e('Enter an IP (v4 or v6)', 'geoip-detect')?>" name="ip" value="<?php echo isset($_REQUEST['ip']) ? esc_attr($
|
61 |
<label><?php _e('Use these locales:', 'geoip-detect'); ?>
|
62 |
<select name="locales">
|
63 |
<option value="" <?php if (empty($_POST['locales'])) echo 'selected="selected"'?>><?php _e('Default (Current site language, English otherwise)', 'geoip-detect')?></option>
|
@@ -146,11 +146,13 @@ function var_export_short($data, $return=true)
|
|
146 |
$value = var_export_short($value, true);
|
147 |
}
|
148 |
|
149 |
-
|
|
|
|
|
150 |
case 'shortcode':
|
151 |
$extra = '';
|
152 |
-
if (
|
153 |
-
$extra .= ' lang="' . esc_attr($
|
154 |
}
|
155 |
if (!empty($_POST['skip_cache'])) {
|
156 |
$extra .= ' skip_cache="true"';
|
@@ -161,13 +163,13 @@ function var_export_short($data, $return=true)
|
|
161 |
|
162 |
case 'js':
|
163 |
$prop = '"' . $key_1 . '.' . $key_2 . '"';
|
164 |
-
if (
|
165 |
$locales_to_js = array(
|
166 |
'en' => '"en"',
|
167 |
'fr,en' => '["fr", "en"]',
|
168 |
);
|
169 |
-
if (isset($locales_to_js[$
|
170 |
-
$locales_js = $locales_to_js[$
|
171 |
} else {
|
172 |
$locales_js = 'NULL';
|
173 |
}
|
57 |
<form method="post" action="#">
|
58 |
<?php wp_nonce_field( 'geoip_detect_lookup' ); ?>
|
59 |
<input type="hidden" name="action" value="lookup" />
|
60 |
+
<?php _e('IP', 'geoip-detect')?>: <input type="text" placeholder="<?php _e('Enter an IP (v4 or v6)', 'geoip-detect')?>" name="ip" value="<?php echo isset($_REQUEST['ip']) ? esc_attr($ip) : esc_attr(geoip_detect2_get_client_ip()); ?>" /><br />
|
61 |
<label><?php _e('Use these locales:', 'geoip-detect'); ?>
|
62 |
<select name="locales">
|
63 |
<option value="" <?php if (empty($_POST['locales'])) echo 'selected="selected"'?>><?php _e('Default (Current site language, English otherwise)', 'geoip-detect')?></option>
|
146 |
$value = var_export_short($value, true);
|
147 |
}
|
148 |
|
149 |
+
$locales = sanitize_text_field(@$_POST['locales']);
|
150 |
+
|
151 |
+
switch(sanitize_key($_POST['syntax'])) {
|
152 |
case 'shortcode':
|
153 |
$extra = '';
|
154 |
+
if ($locales && $key_2 === 'name') {
|
155 |
+
$extra .= ' lang="' . esc_attr($locales) . '"';
|
156 |
}
|
157 |
if (!empty($_POST['skip_cache'])) {
|
158 |
$extra .= ' skip_cache="true"';
|
163 |
|
164 |
case 'js':
|
165 |
$prop = '"' . $key_1 . '.' . $key_2 . '"';
|
166 |
+
if ($locales && $key_2 === 'name') {
|
167 |
$locales_to_js = array(
|
168 |
'en' => '"en"',
|
169 |
'fr,en' => '["fr", "en"]',
|
170 |
);
|
171 |
+
if (isset($locales_to_js[$locales])) {
|
172 |
+
$locales_js = $locales_to_js[$locales];
|
173 |
} else {
|
174 |
$locales_js = 'NULL';
|
175 |
}
|