Gwolle Guestbook - Version 3.1.6

Version Description

  • 2019-08-21
  • Use wp_kses for filtering html elements.
  • Add support for quotes already in the bbcode link.
Download this release

Release Info

Developer mpol
Plugin Icon 128x128 Gwolle Guestbook
Version 3.1.6
Comparing to
See all releases

Code changes from version 3.1.5 to 3.1.6

Files changed (4) hide show
  1. functions/gb-bbcode_emoji.php +6 -1
  2. functions/gb-formatting.php +2 -2
  3. gwolle-gb.php +6 -2
  4. readme.txt +6 -1
functions/gb-bbcode_emoji.php CHANGED
@@ -43,8 +43,13 @@ function gwolle_gb_bbcode_parse( $str ) {
43
  $replace = '<img src="\\1" alt=""/>';
44
  $str = preg_replace($pattern, $replace, $str);
45
 
46
- $pattern = "#\[url href=([^\]]*)\]([^\[]*)\[/url\]#i";
47
  $bbcode_link_rel = apply_filters( 'gwolle_gb_bbcode_link_rel', 'nofollow' );
 
 
 
 
 
48
  $replace = '<a href="\\1" target="_blank" rel="' . $bbcode_link_rel . '">\\2</a>';
49
  $str = preg_replace($pattern, $replace, $str);
50
 
43
  $replace = '<img src="\\1" alt=""/>';
44
  $str = preg_replace($pattern, $replace, $str);
45
 
46
+ // Links with quotes.
47
  $bbcode_link_rel = apply_filters( 'gwolle_gb_bbcode_link_rel', 'nofollow' );
48
+ $pattern = "#\[url href=\&\#034\;([^\]]*)\&\#034\;\]([^\[]*)\[/url\]#i";
49
+ $replace = '<a href="\\1" target="_blank" rel="' . $bbcode_link_rel . '">\\2</a>';
50
+ $str = preg_replace($pattern, $replace, $str);
51
+ // Links without quotes.
52
+ $pattern = "#\[url href=([^\]]*)\]([^\[]*)\[/url\]#i";
53
  $replace = '<a href="\\1" target="_blank" rel="' . $bbcode_link_rel . '">\\2</a>';
54
  $str = preg_replace($pattern, $replace, $str);
55
 
functions/gb-formatting.php CHANGED
@@ -23,7 +23,7 @@ function gwolle_gb_sanitize_input( $input, $field = '' ) {
23
  $input = str_replace("'", '&#39;', $input);
24
  $input = trim($input);
25
  if ( $field == 'content' || $field == 'admin_reply' || $field == 'setting_textarea' ) {
26
- $input = wp_kses_post( $input ); // Rely on this, not on strip_tags.
27
  } else {
28
  $input = sanitize_text_field( $input );
29
  }
@@ -48,7 +48,7 @@ function gwolle_gb_sanitize_output( $output, $field = '' ) {
48
  $output = str_replace('"', '&#34;', $output);
49
  $output = str_replace("'", '&#39;', $output);
50
  if ( $field == 'content' || $field == 'admin_reply' || $field == 'setting_textarea' ) {
51
- $output = wp_kses_post( $output );
52
  } else {
53
  $output = sanitize_text_field( $output );
54
  }
23
  $input = str_replace("'", '&#39;', $input);
24
  $input = trim($input);
25
  if ( $field == 'content' || $field == 'admin_reply' || $field == 'setting_textarea' ) {
26
+ $input = wp_kses( $input, array() ); // Rely on this, not on strip_tags.
27
  } else {
28
  $input = sanitize_text_field( $input );
29
  }
48
  $output = str_replace('"', '&#34;', $output);
49
  $output = str_replace("'", '&#39;', $output);
50
  if ( $field == 'content' || $field == 'admin_reply' || $field == 'setting_textarea' ) {
51
+ $output = wp_kses( $output, array() );
52
  } else {
53
  $output = sanitize_text_field( $output );
54
  }
gwolle-gb.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Gwolle Guestbook
4
  Plugin URI: http://zenoweb.nl
5
  Description: Gwolle Guestbook is not just another guestbook for WordPress. The goal is to provide an easy and slim way to integrate a guestbook into your WordPress powered site. Don't use your 'comment' section the wrong way - install Gwolle Guestbook and have a real guestbook.
6
- Version: 3.1.5
7
  Author: Marcel Pol
8
  Author URI: http://zenoweb.nl
9
  License: GPLv2 or later
@@ -32,7 +32,7 @@ Domain Path: /lang/
32
 
33
 
34
  // Plugin Version
35
- define('GWOLLE_GB_VER', '3.1.5');
36
 
37
 
38
  /*
@@ -59,6 +59,10 @@ define('GWOLLE_GB_VER', '3.1.5');
59
  * - Use foreign keys through a hook with SQL, and add a setter for meta.
60
  * - Or add function to prepopulate metas for export.
61
  * - Add emoji for Zwarte Piet and Sinterklaas when locale=nl_nl.
 
 
 
 
62
  *
63
  */
64
 
3
  Plugin Name: Gwolle Guestbook
4
  Plugin URI: http://zenoweb.nl
5
  Description: Gwolle Guestbook is not just another guestbook for WordPress. The goal is to provide an easy and slim way to integrate a guestbook into your WordPress powered site. Don't use your 'comment' section the wrong way - install Gwolle Guestbook and have a real guestbook.
6
+ Version: 3.1.6
7
  Author: Marcel Pol
8
  Author URI: http://zenoweb.nl
9
  License: GPLv2 or later
32
 
33
 
34
  // Plugin Version
35
+ define('GWOLLE_GB_VER', '3.1.6');
36
 
37
 
38
  /*
59
  * - Use foreign keys through a hook with SQL, and add a setter for meta.
60
  * - Or add function to prepopulate metas for export.
61
  * - Add emoji for Zwarte Piet and Sinterklaas when locale=nl_nl.
62
+ * - Look into saving a timestamp including offset. Look again at saving from editor.
63
+ * - Use button for metabox control.
64
+ * - Show InnoDB on debug tab (Azure is teh suxorz).
65
+ * - Do not set meta_key when shortcode is used in widget.
66
  *
67
  */
68
 
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: Gwolle, mpol
3
  Tags: guestbook, guest book, livre d'or, Gästebuch, review
4
  Requires at least: 3.7
5
  Tested up to: 5.2
6
- Stable tag: 3.1.5
7
  License: GPLv2 or later
8
  Requires PHP: 5.3
9
 
@@ -427,6 +427,11 @@ But if you don't use standard comments, you can just as easily use the comment s
427
 
428
  == Changelog ==
429
 
 
 
 
 
 
430
  = 3.1.5 =
431
  * 2019-06-08
432
  * Add log entry for privacy policy accepted (gets added to notification mail).
3
  Tags: guestbook, guest book, livre d'or, Gästebuch, review
4
  Requires at least: 3.7
5
  Tested up to: 5.2
6
+ Stable tag: 3.1.6
7
  License: GPLv2 or later
8
  Requires PHP: 5.3
9
 
427
 
428
  == Changelog ==
429
 
430
+ = 3.1.6 =
431
+ * 2019-08-21
432
+ * Use wp_kses for filtering html elements.
433
+ * Add support for quotes already in the bbcode link.
434
+
435
  = 3.1.5 =
436
  * 2019-06-08
437
  * Add log entry for privacy policy accepted (gets added to notification mail).