Version Description
- Fixed issue related to data sanitization.
Download this release
Release Info
| Developer | amarsib |
| Plugin |  SendinBlue Subscribe Form And WP SMTP |
| Version | 3.1.30 |
| Comparing to | |
| See all releases | |
Code changes from version 3.1.29 to 3.1.30
- inc/SendinblueApiClient.php +1 -1
- inc/sib-form-preview.php +2 -1
- inc/table-forms.php +5 -3
- model/model-forms.php +2 -1
- page/page-form.php +5 -1
- page/page-home.php +1 -0
- page/page-statistics.php +2 -2
- readme.txt +4 -1
- sendinblue.php +5 -3
inc/SendinblueApiClient.php
CHANGED
|
@@ -14,7 +14,7 @@ class SendinblueApiClient
|
|
| 14 |
const RESPONSE_CODE_CREATED = 201;
|
| 15 |
const RESPONSE_CODE_ACCEPTED = 202;
|
| 16 |
const RESPONSE_CODE_UNAUTHORIZED = 401;
|
| 17 |
-
const PLUGIN_VERSION = '3.1.
|
| 18 |
const USER_AGENT = 'sendinblue_plugins/wordpress';
|
| 19 |
|
| 20 |
private $apiKey;
|
| 14 |
const RESPONSE_CODE_CREATED = 201;
|
| 15 |
const RESPONSE_CODE_ACCEPTED = 202;
|
| 16 |
const RESPONSE_CODE_UNAUTHORIZED = 401;
|
| 17 |
+
const PLUGIN_VERSION = '3.1.30';
|
| 18 |
const USER_AGENT = 'sendinblue_plugins/wordpress';
|
| 19 |
|
| 20 |
private $apiKey;
|
inc/sib-form-preview.php
CHANGED
|
@@ -53,6 +53,7 @@ wp_head();
|
|
| 53 |
|
| 54 |
$html = stripslashes_deep($formData['html']);
|
| 55 |
$css = stripslashes_deep($formData['css']);
|
|
|
|
| 56 |
echo $html;
|
| 57 |
?>
|
| 58 |
</div>
|
|
@@ -60,7 +61,7 @@ wp_head();
|
|
| 60 |
<?php
|
| 61 |
if($formData['dependTheme'] != '1'){
|
| 62 |
$css = str_replace('[form]', '#sib-preview-form', $css);
|
| 63 |
-
echo $css;
|
| 64 |
}
|
| 65 |
?>
|
| 66 |
</style>
|
| 53 |
|
| 54 |
$html = stripslashes_deep($formData['html']);
|
| 55 |
$css = stripslashes_deep($formData['css']);
|
| 56 |
+
// phpcs:ignore
|
| 57 |
echo $html;
|
| 58 |
?>
|
| 59 |
</div>
|
| 61 |
<?php
|
| 62 |
if($formData['dependTheme'] != '1'){
|
| 63 |
$css = str_replace('[form]', '#sib-preview-form', $css);
|
| 64 |
+
echo sanitize_text_field( $css );
|
| 65 |
}
|
| 66 |
?>
|
| 67 |
</style>
|
inc/table-forms.php
CHANGED
|
@@ -241,12 +241,14 @@ class SIB_Forms_List extends WP_List_Table {
|
|
| 241 |
|| ( isset( $_POST['action2'] ) && $_POST['action2'] == 'bulk-delete' )
|
| 242 |
) {
|
| 243 |
|
| 244 |
-
$delete_ids =
|
| 245 |
|
| 246 |
// loop over the array of record IDs and delete them
|
| 247 |
foreach ( $delete_ids as $id ) {
|
| 248 |
-
|
| 249 |
-
|
|
|
|
|
|
|
| 250 |
}
|
| 251 |
wp_redirect(esc_url(add_query_arg(NULL,NULL))); exit;
|
| 252 |
|
| 241 |
|| ( isset( $_POST['action2'] ) && $_POST['action2'] == 'bulk-delete' )
|
| 242 |
) {
|
| 243 |
|
| 244 |
+
$delete_ids = array_map('intval', $_POST['bulk-delete']);
|
| 245 |
|
| 246 |
// loop over the array of record IDs and delete them
|
| 247 |
foreach ( $delete_ids as $id ) {
|
| 248 |
+
if( $id > 0 ) {
|
| 249 |
+
SIB_Forms::deleteForm( $id );
|
| 250 |
+
SIB_Forms_Lang::remove_trans( $id );
|
| 251 |
+
}
|
| 252 |
}
|
| 253 |
wp_redirect(esc_url(add_query_arg(NULL,NULL))); exit;
|
| 254 |
|
model/model-forms.php
CHANGED
|
@@ -131,7 +131,7 @@ if ( ! class_exists( 'SIB_Forms' ) ) {
|
|
| 131 |
$list = maybe_serialize( array( SIB_API_Manager::get_default_list_id() ) );
|
| 132 |
$results = array(
|
| 133 |
'title' => '',
|
| 134 |
-
'html' => $formData['html']
|
| 135 |
'css' => $formData['css'],
|
| 136 |
'listID' => $list,
|
| 137 |
'dependTheme' => '1',
|
|
@@ -276,6 +276,7 @@ if ( ! class_exists( 'SIB_Forms' ) ) {
|
|
| 276 |
/** Create default form */
|
| 277 |
public static function createDefaultForm() {
|
| 278 |
$formData = self::getDefaultForm();
|
|
|
|
| 279 |
$html = $formData['html'];
|
| 280 |
$css = $formData['css'];
|
| 281 |
$list = maybe_serialize( array( SIB_API_Manager::get_default_list_id() ) );
|
| 131 |
$list = maybe_serialize( array( SIB_API_Manager::get_default_list_id() ) );
|
| 132 |
$results = array(
|
| 133 |
'title' => '',
|
| 134 |
+
'html' => $formData['html'],// phpcs:ignore
|
| 135 |
'css' => $formData['css'],
|
| 136 |
'listID' => $list,
|
| 137 |
'dependTheme' => '1',
|
| 276 |
/** Create default form */
|
| 277 |
public static function createDefaultForm() {
|
| 278 |
$formData = self::getDefaultForm();
|
| 279 |
+
// phpcs:ignore
|
| 280 |
$html = $formData['html'];
|
| 281 |
$css = $formData['css'];
|
| 282 |
$list = maybe_serialize( array( SIB_API_Manager::get_default_list_id() ) );
|
page/page-form.php
CHANGED
|
@@ -239,6 +239,7 @@ if ( ! class_exists( 'SIB_Page_Form' ) ) {
|
|
| 239 |
|
| 240 |
<?php
|
| 241 |
if ( function_exists( 'wp_editor' ) ) {
|
|
|
|
| 242 |
wp_editor(
|
| 243 |
esc_html(stripcslashes($formData['html'])), 'sibformmarkup', array(
|
| 244 |
'tinymce' => false,
|
|
@@ -250,7 +251,9 @@ if ( ! class_exists( 'SIB_Page_Form' ) ) {
|
|
| 250 |
} else {
|
| 251 |
?>
|
| 252 |
<textarea class="widefat" cols="160" rows="20" id="sibformmarkup"
|
| 253 |
-
name="sib_form_html"><?php
|
|
|
|
|
|
|
| 254 |
<?php
|
| 255 |
}
|
| 256 |
?>
|
|
@@ -1089,6 +1092,7 @@ For your information, you cannot select a template with the tag [DOUBLEOPTIN].',
|
|
| 1089 |
check_ajax_referer( 'ajax_sib_admin_nonce', 'security' );
|
| 1090 |
$pID = isset( $_POST['pid'] ) ? sanitize_text_field( $_POST['pid'] ) : 1;
|
| 1091 |
$formData = SIB_Forms::getForm( $pID );
|
|
|
|
| 1092 |
$html = $formData['html'];
|
| 1093 |
|
| 1094 |
wp_send_json( $html );
|
| 239 |
|
| 240 |
<?php
|
| 241 |
if ( function_exists( 'wp_editor' ) ) {
|
| 242 |
+
// phpcs:ignore
|
| 243 |
wp_editor(
|
| 244 |
esc_html(stripcslashes($formData['html'])), 'sibformmarkup', array(
|
| 245 |
'tinymce' => false,
|
| 251 |
} else {
|
| 252 |
?>
|
| 253 |
<textarea class="widefat" cols="160" rows="20" id="sibformmarkup"
|
| 254 |
+
name="sib_form_html"><?php
|
| 255 |
+
// phpcs:ignore
|
| 256 |
+
echo stripcslashes( $formData['html'] ); ?></textarea>
|
| 257 |
<?php
|
| 258 |
}
|
| 259 |
?>
|
| 1092 |
check_ajax_referer( 'ajax_sib_admin_nonce', 'security' );
|
| 1093 |
$pID = isset( $_POST['pid'] ) ? sanitize_text_field( $_POST['pid'] ) : 1;
|
| 1094 |
$formData = SIB_Forms::getForm( $pID );
|
| 1095 |
+
// phpcs:ignore
|
| 1096 |
$html = $formData['html'];
|
| 1097 |
|
| 1098 |
wp_send_json( $html );
|
page/page-home.php
CHANGED
|
@@ -692,6 +692,7 @@ if ( ! class_exists( 'SIB_Page_Home' ) ) {
|
|
| 692 |
/** Ajax module for sync wp users to contact list */
|
| 693 |
public static function ajax_sync_users() {
|
| 694 |
check_ajax_referer( 'ajax_sib_admin_nonce', 'security' );
|
|
|
|
| 695 |
$postData = isset( $_POST['data'] ) ? $_POST['data'] : array();
|
| 696 |
if ( ! isset( $postData['sync_role'] ) ) {
|
| 697 |
wp_send_json(
|
| 692 |
/** Ajax module for sync wp users to contact list */
|
| 693 |
public static function ajax_sync_users() {
|
| 694 |
check_ajax_referer( 'ajax_sib_admin_nonce', 'security' );
|
| 695 |
+
// phpcs:ignore
|
| 696 |
$postData = isset( $_POST['data'] ) ? $_POST['data'] : array();
|
| 697 |
if ( ! isset( $postData['sync_role'] ) ) {
|
| 698 |
wp_send_json(
|
page/page-statistics.php
CHANGED
|
@@ -201,13 +201,13 @@ if ( ! class_exists( 'SIB_Page_Statistics' ) ) {
|
|
| 201 |
<?php
|
| 202 |
if (!empty($smsCampaigns)) {
|
| 203 |
foreach($smsCampaigns as $smsCampaign){ ?>
|
| 204 |
-
<tr id="<?php echo str_replace(' ', '-', $smsCampaign['name']);?>">
|
| 205 |
<td width="1%" class="sort ui-sortable-handle">
|
| 206 |
<input type="hidden" name="method_order[flat_rate]" value="">
|
| 207 |
</td>
|
| 208 |
<td class=""><?php echo esc_attr( $smsCampaign['name'] );?></td>
|
| 209 |
<td class="sib-statistics-data-value"><?php echo esc_attr( $smsCampaign['statistics']['sent'] );?></td>
|
| 210 |
-
<td class="sib-statistics-data-value"><?php echo empty($smsCampaign['statistics']['sent']) ? 0 : round($smsCampaign['statistics']['delivered'] * 100 / $smsCampaign['statistics']['sent'], 2);?>%</td>
|
| 211 |
<td class="sib-statistics-data-value"><?php echo !empty($smsCampaign['statistics']['answered']) ? esc_attr( $smsCampaign['statistics']['answered'] ) : 0;?></td>
|
| 212 |
<td class="sib-statistics-data-value"><?php echo !empty($smsCampaign['statistics']['unsubscriptions']) ? esc_attr( $smsCampaign['statistics']['unsubscriptions'] ) : 0;?></td>
|
| 213 |
<td class="sib-statistics-data-value"><?php echo esc_attr( $smsCampaign['statistics']['softBounces'] ) + esc_attr( $smsCampaign['statistics']['hardBounces'] );?></td>
|
| 201 |
<?php
|
| 202 |
if (!empty($smsCampaigns)) {
|
| 203 |
foreach($smsCampaigns as $smsCampaign){ ?>
|
| 204 |
+
<tr id="<?php echo str_replace(' ', '-', esc_attr( $smsCampaign['name'] ));?>">
|
| 205 |
<td width="1%" class="sort ui-sortable-handle">
|
| 206 |
<input type="hidden" name="method_order[flat_rate]" value="">
|
| 207 |
</td>
|
| 208 |
<td class=""><?php echo esc_attr( $smsCampaign['name'] );?></td>
|
| 209 |
<td class="sib-statistics-data-value"><?php echo esc_attr( $smsCampaign['statistics']['sent'] );?></td>
|
| 210 |
+
<td class="sib-statistics-data-value"><?php echo empty($smsCampaign['statistics']['sent']) ? 0 : round(esc_attr( $smsCampaign['statistics']['delivered'] ) * 100 / esc_attr( $smsCampaign['statistics']['sent'] ), 2);?>%</td>
|
| 211 |
<td class="sib-statistics-data-value"><?php echo !empty($smsCampaign['statistics']['answered']) ? esc_attr( $smsCampaign['statistics']['answered'] ) : 0;?></td>
|
| 212 |
<td class="sib-statistics-data-value"><?php echo !empty($smsCampaign['statistics']['unsubscriptions']) ? esc_attr( $smsCampaign['statistics']['unsubscriptions'] ) : 0;?></td>
|
| 213 |
<td class="sib-statistics-data-value"><?php echo esc_attr( $smsCampaign['statistics']['softBounces'] ) + esc_attr( $smsCampaign['statistics']['hardBounces'] );?></td>
|
readme.txt
CHANGED
|
@@ -4,7 +4,7 @@ Tags: Email Marketing, Newsletter, Sendinblue, Forms, smtp, marketing automation
|
|
| 4 |
Requires at least: 4.4
|
| 5 |
Tested up to: 5.8
|
| 6 |
Requires PHP: 5.6
|
| 7 |
-
Stable tag: 3.1.
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
|
@@ -116,6 +116,9 @@ In order to create a signup form, you need to:
|
|
| 116 |
|
| 117 |
== Changelog ==
|
| 118 |
|
|
|
|
|
|
|
|
|
|
| 119 |
= 3.1.29 =
|
| 120 |
* Fixed issue related to data sanitization.
|
| 121 |
|
| 4 |
Requires at least: 4.4
|
| 5 |
Tested up to: 5.8
|
| 6 |
Requires PHP: 5.6
|
| 7 |
+
Stable tag: 3.1.30
|
| 8 |
License: GPLv2 or later
|
| 9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 10 |
|
| 116 |
|
| 117 |
== Changelog ==
|
| 118 |
|
| 119 |
+
= 3.1.30 =
|
| 120 |
+
* Fixed issue related to data sanitization.
|
| 121 |
+
|
| 122 |
= 3.1.29 =
|
| 123 |
* Fixed issue related to data sanitization.
|
| 124 |
|
sendinblue.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue
|
| 4 |
* Plugin URI: https://www.sendinblue.com/?r=wporg
|
| 5 |
* Description: Manage your contact lists, subscription forms and all email and marketing-related topics from your wp panel, within one single plugin
|
| 6 |
-
* Version: 3.1.
|
| 7 |
* Author: Sendinblue
|
| 8 |
* Author URI: https://www.sendinblue.com/?r=wporg
|
| 9 |
* License: GPLv2 or later
|
|
@@ -580,6 +580,7 @@ if ( ! class_exists( 'SIB_Manager' ) ) {
|
|
| 580 |
<div style="/*display:none*/" class="sib_msg_disp">
|
| 581 |
</div>
|
| 582 |
<?php
|
|
|
|
| 583 |
echo stripcslashes($formData['html']);
|
| 584 |
?>
|
| 585 |
</div>
|
|
@@ -699,8 +700,8 @@ if ( ! class_exists( 'SIB_Manager' ) ) {
|
|
| 699 |
if (empty($listID)) {
|
| 700 |
$listID = array();
|
| 701 |
}
|
| 702 |
-
$interestingLists = isset( $_POST['interestingLists']) ? array_map( '
|
| 703 |
-
$expectedLists = isset( $_POST['listIDs'] ) ? array_map( '
|
| 704 |
if ( empty($interestingLists) )
|
| 705 |
{
|
| 706 |
$unlinkedLists = [];
|
|
@@ -1149,6 +1150,7 @@ if ( ! class_exists( 'SIB_Manager' ) ) {
|
|
| 1149 |
$class = 'error';
|
| 1150 |
$message = sprintf( 'Please note that your Sendinblue account is in %s, but Sendinblue WordPress plugin is only available in English / French for now. Sorry for inconvenience.', $lang );
|
| 1151 |
if ( 'en' !== $lang_prefix && 'fr' !== $lang_prefix ) {
|
|
|
|
| 1152 |
echo ( "<div class=\"$class\" style='margin-left: 2px;margin-bottom: 4px;'> <p>$message<a class='' href='?dismiss_admin_lang_notice=1'> No problem...</a></p></div>" );
|
| 1153 |
}
|
| 1154 |
}
|
| 3 |
* Plugin Name: Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue
|
| 4 |
* Plugin URI: https://www.sendinblue.com/?r=wporg
|
| 5 |
* Description: Manage your contact lists, subscription forms and all email and marketing-related topics from your wp panel, within one single plugin
|
| 6 |
+
* Version: 3.1.30
|
| 7 |
* Author: Sendinblue
|
| 8 |
* Author URI: https://www.sendinblue.com/?r=wporg
|
| 9 |
* License: GPLv2 or later
|
| 580 |
<div style="/*display:none*/" class="sib_msg_disp">
|
| 581 |
</div>
|
| 582 |
<?php
|
| 583 |
+
// phpcs:ignore
|
| 584 |
echo stripcslashes($formData['html']);
|
| 585 |
?>
|
| 586 |
</div>
|
| 700 |
if (empty($listID)) {
|
| 701 |
$listID = array();
|
| 702 |
}
|
| 703 |
+
$interestingLists = isset( $_POST['interestingLists']) ? array_map( 'sanitize_text_field', $_POST['interestingLists'] ) : array();
|
| 704 |
+
$expectedLists = isset( $_POST['listIDs'] ) ? array_map( 'sanitize_text_field', $_POST['listIDs'] ) : array();
|
| 705 |
if ( empty($interestingLists) )
|
| 706 |
{
|
| 707 |
$unlinkedLists = [];
|
| 1150 |
$class = 'error';
|
| 1151 |
$message = sprintf( 'Please note that your Sendinblue account is in %s, but Sendinblue WordPress plugin is only available in English / French for now. Sorry for inconvenience.', $lang );
|
| 1152 |
if ( 'en' !== $lang_prefix && 'fr' !== $lang_prefix ) {
|
| 1153 |
+
// phpcs:ignore
|
| 1154 |
echo ( "<div class=\"$class\" style='margin-left: 2px;margin-bottom: 4px;'> <p>$message<a class='' href='?dismiss_admin_lang_notice=1'> No problem...</a></p></div>" );
|
| 1155 |
}
|
| 1156 |
}
|
