Version Description
- Security fix
Download this release
Release Info
| Developer | mailerlite |
| Plugin |  Official MailerLite Sign Up Forms |
| Version | 1.5.8 |
| Comparing to | |
| See all releases | |
Code changes from version 1.5.7 to 1.5.8
- mailerlite.php +2 -2
- readme.txt +4 -1
- src/Admin/AdminNotice.php +1 -1
- src/Admin/Settings.php +30 -0
- src/Admin/Views/SettingsView.php +3 -0
mailerlite.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
/**
|
| 3 |
* Plugin Name: MailerLite - Signup forms (official)
|
| 4 |
* Description: Official MailerLite Signup forms plugin for WordPress. Ability to embed MailerLite webforms and create custom ones just with few clicks.
|
| 5 |
-
* Version: 1.5.
|
| 6 |
* Author: MailerLite
|
| 7 |
* Author URI: https://www.mailerlite.com
|
| 8 |
* License: GPLv2 or later
|
|
@@ -33,7 +33,7 @@ define( 'MAILERLITE_PLUGIN_URL', plugins_url( '', __FILE__ ) );
|
|
| 33 |
// Plugin basename
|
| 34 |
define( 'MAILERLITE_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
|
| 35 |
|
| 36 |
-
define( 'MAILERLITE_VERSION', '1.5.
|
| 37 |
|
| 38 |
define( 'MAILERLITE_PHP_VERSION', '7.2.5' );
|
| 39 |
define( 'MAILERLITE_WP_VERSION', '3.0.1' );
|
| 2 |
/**
|
| 3 |
* Plugin Name: MailerLite - Signup forms (official)
|
| 4 |
* Description: Official MailerLite Signup forms plugin for WordPress. Ability to embed MailerLite webforms and create custom ones just with few clicks.
|
| 5 |
+
* Version: 1.5.8
|
| 6 |
* Author: MailerLite
|
| 7 |
* Author URI: https://www.mailerlite.com
|
| 8 |
* License: GPLv2 or later
|
| 33 |
// Plugin basename
|
| 34 |
define( 'MAILERLITE_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );
|
| 35 |
|
| 36 |
+
define( 'MAILERLITE_VERSION', '1.5.8' );
|
| 37 |
|
| 38 |
define( 'MAILERLITE_PHP_VERSION', '7.2.5' );
|
| 39 |
define( 'MAILERLITE_WP_VERSION', '3.0.1' );
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: mailerlite, newsletter, subscribe, form, webform
|
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 6.0.1
|
| 7 |
Requires PHP: 7.2.5
|
| 8 |
-
Stable tag: 1.5.
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
|
@@ -130,6 +130,9 @@ Add your custom CSS rules to the end of your theme stylesheet, /wp-content/theme
|
|
| 130 |
|
| 131 |
== Changelog ==
|
| 132 |
|
|
|
|
|
|
|
|
|
|
| 133 |
= 1.5.7 =
|
| 134 |
* Tested up to latest WP version
|
| 135 |
|
| 5 |
Requires at least: 3.0.1
|
| 6 |
Tested up to: 6.0.1
|
| 7 |
Requires PHP: 7.2.5
|
| 8 |
+
Stable tag: 1.5.8
|
| 9 |
License: GPLv2 or later
|
| 10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
| 11 |
|
| 130 |
|
| 131 |
== Changelog ==
|
| 132 |
|
| 133 |
+
= 1.5.8 =
|
| 134 |
+
* Security fix
|
| 135 |
+
|
| 136 |
= 1.5.7 =
|
| 137 |
* Tested up to latest WP version
|
| 138 |
|
src/Admin/AdminNotice.php
CHANGED
|
@@ -72,7 +72,7 @@ class AdminNotice
|
|
| 72 |
{
|
| 73 |
|
| 74 |
$class = 'notice notice-error';
|
| 75 |
-
$message = __( 'You are not allowed to do that', 'mailerlite' );
|
| 76 |
|
| 77 |
printf( '<div class="%1$s"><p>%2$s</p></div>', esc_attr( $class ), $message );
|
| 78 |
}
|
| 72 |
{
|
| 73 |
|
| 74 |
$class = 'notice notice-error';
|
| 75 |
+
$message = __( 'You are not allowed to do that.', 'mailerlite' );
|
| 76 |
|
| 77 |
printf( '<div class="%1$s"><p>%2$s</p></div>', esc_attr( $class ), $message );
|
| 78 |
}
|
src/Admin/Settings.php
CHANGED
|
@@ -36,6 +36,16 @@ class Settings
|
|
| 36 |
return;
|
| 37 |
}
|
| 38 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 39 |
$key = $_POST['mailerlite_key'];
|
| 40 |
|
| 41 |
if ( $key == '' ) {
|
|
@@ -104,6 +114,16 @@ class Settings
|
|
| 104 |
return;
|
| 105 |
}
|
| 106 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 107 |
update_option( 'mailerlite_popups_disabled', ! get_option( 'mailerlite_popups_disabled' ) );
|
| 108 |
}
|
| 109 |
|
|
@@ -123,6 +143,16 @@ class Settings
|
|
| 123 |
return;
|
| 124 |
}
|
| 125 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 126 |
$ML_Settings_Double_OptIn = new PlatformAPI( AdminController::apiKey() );
|
| 127 |
$ML_Settings_Double_OptIn->setDoubleOptin( get_option( 'mailerlite_double_optin_disabled' ) );
|
| 128 |
|
| 36 |
return;
|
| 37 |
}
|
| 38 |
|
| 39 |
+
if ( ! wp_verify_nonce( $_POST['ml_api_field_nonce'], 'ml_form_nonce' ) ) {
|
| 40 |
+
|
| 41 |
+
add_action( 'admin_notices', [
|
| 42 |
+
'\MailerLiteForms\Admin\AdminNotice',
|
| 43 |
+
'notAllowedNotice'
|
| 44 |
+
] );
|
| 45 |
+
|
| 46 |
+
return;
|
| 47 |
+
}
|
| 48 |
+
|
| 49 |
$key = $_POST['mailerlite_key'];
|
| 50 |
|
| 51 |
if ( $key == '' ) {
|
| 114 |
return;
|
| 115 |
}
|
| 116 |
|
| 117 |
+
if ( ! wp_verify_nonce( $_POST['ml_settings_popup_nonce'], 'ml_form_popup_nonce' ) ) {
|
| 118 |
+
|
| 119 |
+
add_action( 'admin_notices', [
|
| 120 |
+
'\MailerLiteForms\Admin\AdminNotice',
|
| 121 |
+
'notAllowedNotice'
|
| 122 |
+
] );
|
| 123 |
+
|
| 124 |
+
return;
|
| 125 |
+
}
|
| 126 |
+
|
| 127 |
update_option( 'mailerlite_popups_disabled', ! get_option( 'mailerlite_popups_disabled' ) );
|
| 128 |
}
|
| 129 |
|
| 143 |
return;
|
| 144 |
}
|
| 145 |
|
| 146 |
+
if ( ! wp_verify_nonce( $_POST['ml_settings_doi_nonce'], 'ml_form_doi_nonce' ) ) {
|
| 147 |
+
|
| 148 |
+
add_action( 'admin_notices', [
|
| 149 |
+
'\MailerLiteForms\Admin\AdminNotice',
|
| 150 |
+
'notAllowedNotice'
|
| 151 |
+
] );
|
| 152 |
+
|
| 153 |
+
return;
|
| 154 |
+
}
|
| 155 |
+
|
| 156 |
$ML_Settings_Double_OptIn = new PlatformAPI( AdminController::apiKey() );
|
| 157 |
$ML_Settings_Double_OptIn->setDoubleOptin( get_option( 'mailerlite_double_optin_disabled' ) );
|
| 158 |
|
src/Admin/Views/SettingsView.php
CHANGED
|
@@ -56,6 +56,7 @@ class SettingsView
|
|
| 56 |
<input type="submit" name="submit" id="submit" class="button button-primary"
|
| 57 |
value="<?php if ( $api_key != "") { echo __( 'Update this key', 'mailerlite' ); } else { echo __( 'Save this key', 'mailerlite' ); } ?>">
|
| 58 |
<input type="hidden" name="action" value="enter-mailerlite-key">
|
|
|
|
| 59 |
|
| 60 |
</form>
|
| 61 |
|
|
@@ -102,6 +103,7 @@ class SettingsView
|
|
| 102 |
'mailerlite' ); ?><?php else: ?><?php echo __( 'Enable',
|
| 103 |
'mailerlite' ); ?><?php endif; ?>">
|
| 104 |
<input type="hidden" name="action" value="enter-popup-forms">
|
|
|
|
| 105 |
|
| 106 |
</form>
|
| 107 |
|
|
@@ -135,6 +137,7 @@ class SettingsView
|
|
| 135 |
<?php if ( ! get_option( 'mailerlite_double_optin_disabled' ) ) { ?>onclick="return confirm('<?php _e( 'Are you sure you want to disable double opt-in?',
|
| 136 |
'mailerlite' ); ?>');"<?php } ?>>
|
| 137 |
<input type="hidden" name="action" value="toggle-double-opt-in">
|
|
|
|
| 138 |
</form>
|
| 139 |
|
| 140 |
<p class="description">
|
| 56 |
<input type="submit" name="submit" id="submit" class="button button-primary"
|
| 57 |
value="<?php if ( $api_key != "") { echo __( 'Update this key', 'mailerlite' ); } else { echo __( 'Save this key', 'mailerlite' ); } ?>">
|
| 58 |
<input type="hidden" name="action" value="enter-mailerlite-key">
|
| 59 |
+
<?php wp_nonce_field('ml_form_nonce','ml_api_field_nonce'); ?>
|
| 60 |
|
| 61 |
</form>
|
| 62 |
|
| 103 |
'mailerlite' ); ?><?php else: ?><?php echo __( 'Enable',
|
| 104 |
'mailerlite' ); ?><?php endif; ?>">
|
| 105 |
<input type="hidden" name="action" value="enter-popup-forms">
|
| 106 |
+
<?php wp_nonce_field('ml_form_popup_nonce','ml_settings_popup_nonce'); ?>
|
| 107 |
|
| 108 |
</form>
|
| 109 |
|
| 137 |
<?php if ( ! get_option( 'mailerlite_double_optin_disabled' ) ) { ?>onclick="return confirm('<?php _e( 'Are you sure you want to disable double opt-in?',
|
| 138 |
'mailerlite' ); ?>');"<?php } ?>>
|
| 139 |
<input type="hidden" name="action" value="toggle-double-opt-in">
|
| 140 |
+
<?php wp_nonce_field('ml_form_doi_nonce','ml_settings_doi_nonce'); ?>
|
| 141 |
</form>
|
| 142 |
|
| 143 |
<p class="description">
|
