My Calendar - Version 2.5.17

Version Description

Security: Authenticated XSS vulnerability resolved.
Remove 'create_function' for PHP 7.2 compatibility.
Updated: Upgrade Notice output.

Release Info

Developer	joedolson
Plugin	My Calendar
Version	2.5.17
Comparing to
See all releases

Code changes from version 2.5.16 to 2.5.17

Files changed (7) hide show

my-calendar-core.php +11 -4
my-calendar-event-manager.php +1 -1
my-calendar-group-manager.php +1 -1
my-calendar-output.php +1 -1
my-calendar-templates.php +1 -1
my-calendar.php +16 -8
readme.txt +21 -15

my-calendar-core.php CHANGED Viewed

	@@ -304,17 +304,24 @@ function my_calendar_write_js() {
304	}
305	}
306

307	add_action( 'in_plugin_update_message-my-calendar/my-calendar.php', 'mc_plugin_update_message' );



308	function mc_plugin_update_message() {
309	global $mc_version;
310	define( 'MC_PLUGIN_README_URL', 'http://svn.wp-plugins.org/my-calendar/trunk/readme.txt' );
311	- $response = wp_remote_get( ~~MC_PLUGIN_README_URL, array( 'user-agent' => 'WordPress/My Calendar' . $mc_version . '; ' . get_bloginfo( 'url' ) ) );~~





312	if ( ! is_wp_error( $response ) \|\| is_array( $response ) ) {
313	$data = $response['body'];
314	$bits = explode( '== Upgrade Notice ==', $data );
315	- echo '<div id="mc-upgrade"><p><strong style="color:#c22;">Upgrade Notes:</strong> ' . nl2br( trim( $bits[1] ) ) . '</p></~~div~~>';
316	- } else {
317	- printf( __( '<br /><strong>Note:</strong> Please review the <a class="thickbox" href="%1$s">changelog</a> before upgrading.', 'my-calendar' ), 'plugin-install.php?tab=plugin-information&plugin=my-calendar&TB_iframe=true&width=640&height=594' );
318	}
319	}
320


304	}
305	}
306
307	+
308	add_action( 'in_plugin_update_message-my-calendar/my-calendar.php', 'mc_plugin_update_message' );
309	+ /**
310	+ * Display notices from WordPress.org about updated versions.
311	+ */
312	function mc_plugin_update_message() {
313	global $mc_version;
314	define( 'MC_PLUGIN_README_URL', 'http://svn.wp-plugins.org/my-calendar/trunk/readme.txt' );
315	+ $response = wp_remote_get(
316	+ MC_PLUGIN_README_URL,
317	+ array(
318	+ 'user-agent' => 'WordPress/My Calendar' . $mc_version . '; ' . get_bloginfo( 'url' ),
319	+ )
320	+ );
321	if ( ! is_wp_error( $response ) \|\| is_array( $response ) ) {
322	$data = $response['body'];
323	$bits = explode( '== Upgrade Notice ==', $data );
324	+ echo '</div><div id="mc-upgrade" class="notice inline notice-warning"><ul><li><strong style="color:#c22;">Upgrade Notes:</strong> ' . str_replace( '* ', '', nl2br( trim( $bits[1] ) ) ) . '</li></ul>';


325	}
326	}
327

my-calendar-event-manager.php CHANGED Viewed

	@@ -1870,7 +1870,7 @@ function mc_list_events() {
1870	if ( $event->event_endtime != "23:59:59" ) {
1871	$eventTime = date_i18n( get_option( 'mc_time_format' ), mc_strtotime( $event->event_time ) );
1872	} else {
1873	- $eventTime = mc_notime_label( $event );
1874	}
1875	$date_format = ( get_option( 'mc_date_format' ) == '' ) ? get_option( 'date_format' ) : get_option( 'mc_date_format' );
1876	$begin = date_i18n( $date_format, mc_strtotime( $event->event_begin ) );


1870	if ( $event->event_endtime != "23:59:59" ) {
1871	$eventTime = date_i18n( get_option( 'mc_time_format' ), mc_strtotime( $event->event_time ) );
1872	} else {
1873	+ $eventTime = esc_html( mc_notime_label( $event ) );
1874	}
1875	$date_format = ( get_option( 'mc_date_format' ) == '' ) ? get_option( 'date_format' ) : get_option( 'mc_date_format' );
1876	$begin = date_i18n( $date_format, mc_strtotime( $event->event_begin ) );

my-calendar-group-manager.php CHANGED Viewed

	@@ -1082,7 +1082,7 @@ function mc_list_groups() {
1082	<td><?php
1083	$date_format = ( get_option( 'mc_date_format' ) == '' ) ? get_option( 'date_format' ) : get_option( 'mc_date_format' );
1084	$begin = date_i18n( $date_format, strtotime( $event->event_begin ) );
1085	- echo "$begin, $eventTime"; ?>
1086	<div class="recurs">
1087	<strong><?php _e( 'Recurs', 'my-calendar' ); ?></strong>
1088	<?php


1082	<td><?php
1083	$date_format = ( get_option( 'mc_date_format' ) == '' ) ? get_option( 'date_format' ) : get_option( 'mc_date_format' );
1084	$begin = date_i18n( $date_format, strtotime( $event->event_begin ) );
1085	+ echo esc_html( "$begin, $eventTime" ); ?>
1086	<div class="recurs">
1087	<strong><?php _e( 'Recurs', 'my-calendar' ); ?></strong>
1088	<?php

my-calendar-output.php CHANGED Viewed

	@@ -42,7 +42,7 @@ function mc_time_html( $event, $type, $current_date ) {
42	}
43	}
44	} else {
45	- $notime = mc_notime_label( $event );
46	$time .= "<span class='event-time'>";
47	$time .= ( $notime == "N/A" ) ? "<abbr title='" . __( 'Not Applicable', 'my-calendar' ) . "'>" . __( 'N/A', 'my-calendar' ) . "</abbr>\n" : $notime;
48	$time .= "</span></p>";


42	}
43	}
44	} else {
45	+ $notime = esc_html( mc_notime_label( $event ) );
46	$time .= "<span class='event-time'>";
47	$time .= ( $notime == "N/A" ) ? "<abbr title='" . __( 'Not Applicable', 'my-calendar' ) . "'>" . __( 'N/A', 'my-calendar' ) . "</abbr>\n" : $notime;
48	$time .= "</span></p>";

my-calendar-templates.php CHANGED Viewed

	@@ -257,7 +257,7 @@ function mc_create_tags( $event, $context = 'filters' ) {
257
258	$e['date_utc'] = date_i18n( apply_filters( 'mc_date_format', $date_format, 'template_begin_ts' ), $event->ts_occur_begin );
259	$e['date_end_utc'] = date_i18n( apply_filters( 'mc_date_format', $date_format, 'template_end_ts' ), $event->ts_occur_end );
260	- $notime = mc_notime_label( $event );
261	$e['time'] = ( date( 'H:i:s', strtotime( $real_begin_date ) ) == '00:00:00' ) ? $notime : date( get_option( 'mc_time_format' ), strtotime( $real_begin_date ) );
262	$e['time24'] = ( date( 'G:i', strtotime( $real_begin_date ) ) == '00:00' ) ? $notime : date( get_option( 'mc_time_format' ), strtotime( $real_begin_date ) );
263	$endtime = ( $event->event_end == '23:59:59' ) ? '00:00:00' : date( 'H:i:s', strtotime( $real_end_date ) );


257
258	$e['date_utc'] = date_i18n( apply_filters( 'mc_date_format', $date_format, 'template_begin_ts' ), $event->ts_occur_begin );
259	$e['date_end_utc'] = date_i18n( apply_filters( 'mc_date_format', $date_format, 'template_end_ts' ), $event->ts_occur_end );
260	+ $notime = esc_html( mc_notime_label( $event ) );
261	$e['time'] = ( date( 'H:i:s', strtotime( $real_begin_date ) ) == '00:00:00' ) ? $notime : date( get_option( 'mc_time_format' ), strtotime( $real_begin_date ) );
262	$e['time24'] = ( date( 'G:i', strtotime( $real_begin_date ) ) == '00:00' ) ? $notime : date( get_option( 'mc_time_format' ), strtotime( $real_begin_date ) );
263	$endtime = ( $event->event_end == '23:59:59' ) ? '00:00:00' : date( 'H:i:s', strtotime( $real_end_date ) );

my-calendar.php CHANGED Viewed

	@@ -7,9 +7,10 @@ Author: Joseph C Dolson
7	Author URI: http://www.joedolson.com
8	Text Domain: my-calendar
9	Domain Path: lang
10	- ~~Version~~: 2.5.16

11	*/
12	- /* Copyright 2009-~~2017~~ Joe Dolson (email : joe@joedolson.com)
13
14	This program is free software; you can redistribute it and/or modify
15	it under the terms of the GNU General Public License as published by
	@@ -30,7 +31,7 @@ if ( ! defined( 'ABSPATH' ) ) {
30	} // Exit if accessed directly
31
32	global $mc_version, $wpdb;
33	- $mc_version = '2.5.16';
34
35	register_activation_hook( __FILE__, 'mc_plugin_activated' );
36	register_deactivation_hook( __FILE__, 'mc_plugin_deactivated' );
	@@ -95,11 +96,18 @@ function mc_load_textdomain() {
95	add_action( 'admin_menu', 'my_calendar_menu' );
96	add_action( 'wp_head', 'my_calendar_wp_head' );
97	add_action( 'delete_user', 'mc_deal_with_deleted_user' );
98	- add_action( 'widgets_init', ~~create_function(~~ '', ~~'return register_widget("my_calendar_today_widget"~~);~~' ) );~~
99	- ~~add_action( 'widgets_init', create_function( '', 'return register_widget("my_calendar_upcoming_widget");' ) );~~
100	- ~~add_action(~~ ~~'widgets_init',~~ ~~create_function(~~ ~~'',~~ ~~'return~~ ~~register_widget("my_calendar_mini_widget");'~~ ~~) );~~
101	- ~~add_action(~~ ~~'widgets_init', create_function( '', 'return register_widget("my_calendar_simple_search");' ) );~~
102	- ~~add_action(~~ ~~'widgets_init', create_function~~( ~~'', 'return register_widget("my_calendar_filters"~~);' ~~) );~~







103	add_action( 'init', 'my_calendar_add_feed' );
104	add_action( 'admin_menu', 'my_calendar_admin_js' );
105	add_action( 'wp_footer', 'mc_footer_js' );


7	Author URI: http://www.joedolson.com
8	Text Domain: my-calendar
9	Domain Path: lang
10	+ Requires PHP: 5.3
11	+ Version: 2.5.17
12	*/
13	+ /* Copyright 2009-2018 Joe Dolson (email : joe@joedolson.com)
14
15	This program is free software; you can redistribute it and/or modify
16	it under the terms of the GNU General Public License as published by

31	} // Exit if accessed directly
32
33	global $mc_version, $wpdb;
34	+ $mc_version = '2.5.17';
35
36	register_activation_hook( __FILE__, 'mc_plugin_activated' );
37	register_deactivation_hook( __FILE__, 'mc_plugin_deactivated' );

96	add_action( 'admin_menu', 'my_calendar_menu' );
97	add_action( 'wp_head', 'my_calendar_wp_head' );
98	add_action( 'delete_user', 'mc_deal_with_deleted_user' );
99	+ add_action( 'widgets_init', 'mc_register_widgets' );
100	+ /**
101	+ * Register all My Calendar widgets
102	+ */
103	+ function mc_register_widgets() {
104	+ register_widget( 'My_Calendar_Today_Widget' );
105	+ register_widget( 'My_Calendar_Upcoming_Widget' );
106	+ register_widget( 'My_Calendar_Mini_Widget' );
107	+ register_widget( 'My_Calendar_Simple_Search' );
108	+ register_widget( 'My_Calendar_Filters' );
109	+ }
110	+
111	add_action( 'init', 'my_calendar_add_feed' );
112	add_action( 'admin_menu', 'my_calendar_admin_js' );
113	add_action( 'wp_footer', 'mc_footer_js' );

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: http://www.joedolson.com/donate/
4	Tags: calendar, dates, times, event, events, scheduling, schedule, event manager, event calendar, class, concert, venue, location, box office, tickets, registration
5	Requires at least: 4.4
6	Tested up to: 4.9
7	- Stable tag: 2.5.16
8	Text domain: my-calendar
9	License: GPLv2 or later
10
	@@ -16,15 +16,15 @@ My Calendar does WordPress event management with richly customizable ways to dis
16
17	Easy to use for anybody, My Calendar provides enormous flexibility for designers and developers needing a custom calendar.
18
19	- * [Buy My Calendar Pro](https://www.joedolson.com/my-calendar/pro/), the premium extension for My Calendar
20	- * [Use My Tickets](https://wordpress.org/plugins/my-tickets/) and sell tickets for My Calendar events
21	- * [Buy the User's Guide](http://www.joedolson.com/my-calendar/users-guide/) for extensive help with set up and use.
22
23	= Features: =
24
25	* Calendar grid and list views of events
26	- * Monthly, weekly, or daily view.
27	- * Mini-calendar for compact displays (as widget or as shortcode)
28	* Widgets: today's events, upcoming events, compact calendar, event search
29	* Custom templates for event output
30	* Limit views by categories, location, author, or host
	@@ -32,15 +32,15 @@ Easy to use for anybody, My Calendar provides enormous flexibility for designers
32	* Editable CSS styles and JavaScript behaviors
33	* Schedule a variety of recurring events.
34	* Edit occurrences of recurring events
35	- * Rich permissions handling to restrict access to parts of My Calendar
36	- * Email notification to administrator when events are scheduled or reserved
37	- * Post to Twitter when events are created with [WP to Twitter](http://wordpress.org/extend/plugins/wp-to-twitter/)
38	* Location Manager for frequently used venues
39	- * Fetch events from a remote database. (Sharing events in a network of sites.)
40	- * Import events from [Kieran O'Shea's Calendar plugin](http://wordpress.org/extend/plugins/calendar/)
41	- * Integrated Help to guide in use of shortcodes and template tags
42	- * Shortcode Generator to create customized views of My Calendar
43	- * [Developer Documentation](http://www.joedolson.com/doc-category/my-calendar-3/)
44
45	> = What's in My Calendar Pro? =
46	>
	@@ -83,6 +83,12 @@ Translating my plug-ins is always appreciated. Visit <a href="https://translate.
83
84	== Changelog ==
85






86	= 2.5.16 =
87
88	* Bug fix: Event deletion action executed when individual instance deleted from front-end
	@@ -912,4 +918,4 @@ The search feature in My Calendar is pretty basic; but buying My Calendar Pro gi
912
913	== Upgrade Notice ==
914
915	- * 2.5.0 ~~Major~~ update! ~~New~~ ~~features,~~ ~~many~~ ~~bug fixes and improvements~~.


4	Tags: calendar, dates, times, event, events, scheduling, schedule, event manager, event calendar, class, concert, venue, location, box office, tickets, registration
5	Requires at least: 4.4
6	Tested up to: 4.9
7	+ Stable tag: 2.5.17
8	Text domain: my-calendar
9	License: GPLv2 or later
10

16
17	Easy to use for anybody, My Calendar provides enormous flexibility for designers and developers needing a custom calendar.
18
19	+ * [Buy My Calendar Pro](https://www.joedolson.com/my-calendar/pro/), the premium extension for My Calendar
20	+ * [Use My Tickets](https://wordpress.org/plugins/my-tickets/) and sell tickets for My Calendar events
21	+ * [Buy the User's Guide](http://www.joedolson.com/my-calendar/users-guide/) for extensive help with set up and use.
22
23	= Features: =
24
25	* Calendar grid and list views of events
26	+ * Monthly, weekly, or daily view.
27	+ * Mini-calendar for compact displays (as widget or as shortcode)
28	* Widgets: today's events, upcoming events, compact calendar, event search
29	* Custom templates for event output
30	* Limit views by categories, location, author, or host

32	* Editable CSS styles and JavaScript behaviors
33	* Schedule a variety of recurring events.
34	* Edit occurrences of recurring events
35	+ * Rich permissions handling to restrict access to parts of My Calendar
36	+ * Email notification to administrator when events are scheduled or reserved
37	+ * Post to Twitter when events are created with [WP to Twitter](http://wordpress.org/extend/plugins/wp-to-twitter/)
38	* Location Manager for frequently used venues
39	+ * Fetch events from a remote database. (Sharing events in a network of sites.)
40	+ * Import events from [Kieran O'Shea's Calendar plugin](http://wordpress.org/extend/plugins/calendar/)
41	+ * Integrated Help to guide in use of shortcodes and template tags
42	+ * Shortcode Generator to create customized views of My Calendar
43	+ * [Developer Documentation](http://www.joedolson.com/doc-category/my-calendar-3/)
44
45	> = What's in My Calendar Pro? =
46	>

83
84	== Changelog ==
85
86	+ = 2.5.17 =
87	+
88	+ * Security: Authenticated XSS vulnerability resolved.
89	+ * Remove 'create_function' for PHP 7.2 compatibility.
90	+ * Updated: Upgrade Notice output.
91	+
92	= 2.5.16 =
93
94	* Bug fix: Event deletion action executed when individual instance deleted from front-end

918
919	== Upgrade Notice ==
920
921	+ * 2.5.17 Critical update! Authenticated XSS issue resolved.