OneSignal – Free Web Push Notifications - Version 2.2.3

Version Description

  • Includes minor (non-critical) security improvements to notification customization functionality
Download this release

Release Info

Developer OneSignal
Plugin Icon 128x128 OneSignal – Free Web Push Notifications
Version 2.2.3
Comparing to
See all releases

Code changes from version 2.2.2 to 2.2.3

Files changed (3) hide show
  1. onesignal-admin.php +10 -10
  2. onesignal.php +1 -1
  3. readme.txt +6 -2
onesignal-admin.php CHANGED
@@ -202,8 +202,8 @@ class OneSignal_Admin
202
 
203
  if (array_key_exists('onesignal_modify_title_and_content', $_POST)) {
204
  update_post_meta($post_id, 'onesignal_modify_title_and_content', true);
205
- update_post_meta($post_id, 'onesignal_notification_custom_heading', $_POST['onesignal_notification_custom_heading']);
206
- update_post_meta($post_id, 'onesignal_notification_custom_content', $_POST['onesignal_notification_custom_content']);
207
  } else {
208
  update_post_meta($post_id, 'onesignal_modify_title_and_content', false);
209
  update_post_meta($post_id, 'onesignal_notification_custom_heading', null);
@@ -717,15 +717,15 @@ class OneSignal_Admin
717
 
718
  // If this post is newly being created and if the user has chosen to customize the content
719
  $onesignal_customized_content = $onesignal_customize_content_checked || (get_post_meta($post->ID, 'onesignal_modify_title_and_content', true) === '1');
720
-
721
- if($was_posted && $onesignal_customized_content) {
722
- $onesignal_custom_notification_heading = $_POST['onesignal_notification_custom_heading'];
723
- $onesignal_custom_notification_content = $_POST['onesignal_notification_custom_content'];
724
- } else { // If this post was created previously (eg: scheduled), and the user had chosen to customize the content
725
  $onesignal_custom_notification_heading = get_post_meta($post->ID, 'onesignal_notification_custom_heading', true);
726
  $onesignal_custom_notification_content = get_post_meta($post->ID, 'onesignal_notification_custom_content', true);
727
  }
728
-
729
  /* This is a scheduled post and the OneSignal meta box was present. */
730
  $post_metadata_was_onesignal_meta_box_present = (get_post_meta($post->ID, 'onesignal_meta_box_present', true) === '1');
731
  /* This is a scheduled post and the user checked "Send a notification on post publish/update". */
@@ -840,11 +840,11 @@ class OneSignal_Admin
840
  $fields = array(
841
  'external_id' => self::uuid($notif_content),
842
  'app_id' => $onesignal_wp_settings['app_id'],
843
- 'headings' => array('en' => stripslashes_deep($site_title)),
844
  'included_segments' => array('All'),
845
  'isAnyWeb' => true,
846
  'url' => get_permalink($post->ID),
847
- 'contents' => array('en' => stripslashes_deep($notif_content)),
848
  );
849
 
850
  $send_to_mobile_platforms = $onesignal_wp_settings['send_to_mobile_platforms'];
202
 
203
  if (array_key_exists('onesignal_modify_title_and_content', $_POST)) {
204
  update_post_meta($post_id, 'onesignal_modify_title_and_content', true);
205
+ update_post_meta($post_id, 'onesignal_notification_custom_heading', sanitize_text_field($_POST['onesignal_notification_custom_heading']));
206
+ update_post_meta($post_id, 'onesignal_notification_custom_content', sanitize_text_field($_POST['onesignal_notification_custom_content']));
207
  } else {
208
  update_post_meta($post_id, 'onesignal_modify_title_and_content', false);
209
  update_post_meta($post_id, 'onesignal_notification_custom_heading', null);
717
 
718
  // If this post is newly being created and if the user has chosen to customize the content
719
  $onesignal_customized_content = $onesignal_customize_content_checked || (get_post_meta($post->ID, 'onesignal_modify_title_and_content', true) === '1');
720
+
721
+ if($was_posted && $onesignal_customized_content) {
722
+ $onesignal_custom_notification_heading = sanitize_text_field($_POST['onesignal_notification_custom_heading']);
723
+ $onesignal_custom_notification_content = sanitize_text_field($_POST['onesignal_notification_custom_content']);
724
+ } else { // If this post was created previously (eg: scheduled), and the user had chosen to customize the content
725
  $onesignal_custom_notification_heading = get_post_meta($post->ID, 'onesignal_notification_custom_heading', true);
726
  $onesignal_custom_notification_content = get_post_meta($post->ID, 'onesignal_notification_custom_content', true);
727
  }
728
+
729
  /* This is a scheduled post and the OneSignal meta box was present. */
730
  $post_metadata_was_onesignal_meta_box_present = (get_post_meta($post->ID, 'onesignal_meta_box_present', true) === '1');
731
  /* This is a scheduled post and the user checked "Send a notification on post publish/update". */
840
  $fields = array(
841
  'external_id' => self::uuid($notif_content),
842
  'app_id' => $onesignal_wp_settings['app_id'],
843
+ 'headings' => array('en' => stripslashes_deep(wp_specialchars_decode($site_title))),
844
  'included_segments' => array('All'),
845
  'isAnyWeb' => true,
846
  'url' => get_permalink($post->ID),
847
+ 'contents' => array('en' => stripslashes_deep(wp_specialchars_decode($notif_content))),
848
  );
849
 
850
  $send_to_mobile_platforms = $onesignal_wp_settings['send_to_mobile_platforms'];
onesignal.php CHANGED
@@ -6,7 +6,7 @@ defined('ABSPATH') or die('This page may not be accessed directly.');
6
  * Plugin Name: OneSignal Push Notifications
7
  * Plugin URI: https://onesignal.com/
8
  * Description: Free web push notifications.
9
- * Version: 2.2.2
10
  * Author: OneSignal
11
  * Author URI: https://onesignal.com
12
  * License: MIT
6
  * Plugin Name: OneSignal Push Notifications
7
  * Plugin URI: https://onesignal.com/
8
  * Description: Free web push notifications.
9
+ * Version: 2.2.3
10
  * Author: OneSignal
11
  * Author URI: https://onesignal.com
12
  * License: MIT
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://onesignal.com
4
  Tags: push notification, push notifications, desktop notifications, mobile notifications, chrome push, android, android notification, android notifications, android push, desktop notification, firefox, firefox push, mobile, mobile notification, notification, notifications, notify, onesignal, push, push messages, safari, safari push, web push, chrome
5
  Requires at least: 3.8
6
  Tested up to: 5.8
7
- Stable tag: 2.2.2
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -23,7 +23,7 @@ You can configure notification delivery at preset intervals, create user segment
23
  OneSignal’s free plan allows targeting up to 10,000 subscribers with push notifications. Contact support@onesignal.com if you have any questions. We’d love to hear from you!
24
 
25
  = Company =
26
- OneSignal is trusted by over 1,300,000 developers and marketing strategists. We power push notifications for everyone from early stage startups to Fortune 500 Companies, sending over 6 billion notifications per day. It is the most popular push notification plugin on Wordpress with 100,000+ installations.
27
 
28
  = Features =
29
  * **Supports Chrome** (Desktop & Android), **Safari** (Mac OS X), **Microsoft Edge** (Desktop & Android), **Opera** (Desktop & Android) and **Firefox** (Desktop & Android) on both HTTP and HTTPS sites.
@@ -67,6 +67,10 @@ HTTPS Setup Video: [youtube https://www.youtube.com/watch?v=BeTZ2KgytC0]
67
 
68
  == Changelog ==
69
 
 
 
 
 
70
  = 2.2.2 =
71
 
72
  - Update tested up to version to WP 5.8
4
  Tags: push notification, push notifications, desktop notifications, mobile notifications, chrome push, android, android notification, android notifications, android push, desktop notification, firefox, firefox push, mobile, mobile notification, notification, notifications, notify, onesignal, push, push messages, safari, safari push, web push, chrome
5
  Requires at least: 3.8
6
  Tested up to: 5.8
7
+ Stable tag: 2.2.3
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
23
  OneSignal’s free plan allows targeting up to 10,000 subscribers with push notifications. Contact support@onesignal.com if you have any questions. We’d love to hear from you!
24
 
25
  = Company =
26
+ OneSignal is trusted by over 1,400,000 developers and marketing strategists. We power push notifications for everyone from early stage startups to Fortune 500 Companies, sending over 6 billion notifications per day. It is the most popular push notification plugin on Wordpress with 100,000+ installations.
27
 
28
  = Features =
29
  * **Supports Chrome** (Desktop & Android), **Safari** (Mac OS X), **Microsoft Edge** (Desktop & Android), **Opera** (Desktop & Android) and **Firefox** (Desktop & Android) on both HTTP and HTTPS sites.
67
 
68
  == Changelog ==
69
 
70
+ = 2.2.3 =
71
+
72
+ - Includes minor (non-critical) security improvements to notification customization functionality
73
+
74
  = 2.2.2 =
75
 
76
  - Update tested up to version to WP 5.8