Version Description
- Minor security fix: Properly sanitize and escape the rating title filter.
=
Download this release
Release Info
| Developer | donncha |
| Plugin |  Crowdsignal Dashboard – Polls, Surveys & more |
| Version | 2.0.24 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0.23 to 2.0.24
- polldaddy-org.php +3 -3
- polldaddy.php +10 -3
- readme.txt +7 -4
polldaddy-org.php
CHANGED
|
@@ -118,7 +118,7 @@ class WPORG_Polldaddy extends WP_Polldaddy {
|
|
| 118 |
|
| 119 |
$rating_title_filter = '';
|
| 120 |
if ( isset( $_POST['polldaddy-ratings-title-filter'] ) )
|
| 121 |
-
$rating_title_filter = $_POST['polldaddy-ratings-title-filter'];
|
| 122 |
|
| 123 |
update_option( 'pd-rating-title-filter', $rating_title_filter );
|
| 124 |
}
|
|
@@ -374,7 +374,7 @@ class WPORG_Polldaddy extends WP_Polldaddy {
|
|
| 374 |
</label>
|
| 375 |
</th>
|
| 376 |
<td>
|
| 377 |
-
<input type="text" name="polldaddy-ratings-title-filter" id="polldaddy-ratings-title-filter" value="<?php echo $rating_title_filter; ?>" style="width: auto" />
|
| 378 |
<span class="description">
|
| 379 |
<label for="polldaddy-ratings-title-filter"><?php _e( 'This setting allows you to specify a filter to use with your ratings title.', 'polldaddy' ); ?></label>
|
| 380 |
</span>
|
|
@@ -1084,7 +1084,7 @@ function polldaddy_post_rating( $content ) {
|
|
| 1084 |
$average = ceil( ( $rating[0][ 'average' ] / $rating[0][ 'votes' ] ) * 5 );
|
| 1085 |
else
|
| 1086 |
$average = $rating[ 'average' ];
|
| 1087 |
-
if ( $average < 0 )
|
| 1088 |
return $content;
|
| 1089 |
global $post;
|
| 1090 |
return $content . '<span class="hreview-aggregate"><span class="item"><span class="fn">"' . $post->post_title . '"</span></span>, <span class="rating"><span class="average">' . $average . '</span> out of <span class="best">5</span> based on <span class="votes">' . $rating[0][ 'votes' ] . '</span> ratings.</span></span>';
|
| 118 |
|
| 119 |
$rating_title_filter = '';
|
| 120 |
if ( isset( $_POST['polldaddy-ratings-title-filter'] ) )
|
| 121 |
+
$rating_title_filter = sanitize_text_field( $_POST['polldaddy-ratings-title-filter'] );
|
| 122 |
|
| 123 |
update_option( 'pd-rating-title-filter', $rating_title_filter );
|
| 124 |
}
|
| 374 |
</label>
|
| 375 |
</th>
|
| 376 |
<td>
|
| 377 |
+
<input type="text" name="polldaddy-ratings-title-filter" id="polldaddy-ratings-title-filter" value="<?php echo esc_attr( $rating_title_filter ); ?>" style="width: auto" />
|
| 378 |
<span class="description">
|
| 379 |
<label for="polldaddy-ratings-title-filter"><?php _e( 'This setting allows you to specify a filter to use with your ratings title.', 'polldaddy' ); ?></label>
|
| 380 |
</span>
|
| 1084 |
$average = ceil( ( $rating[0][ 'average' ] / $rating[0][ 'votes' ] ) * 5 );
|
| 1085 |
else
|
| 1086 |
$average = $rating[ 'average' ];
|
| 1087 |
+
if ( $average < 0 || $average == '' )
|
| 1088 |
return $content;
|
| 1089 |
global $post;
|
| 1090 |
return $content . '<span class="hreview-aggregate"><span class="item"><span class="fn">"' . $post->post_title . '"</span></span>, <span class="rating"><span class="average">' . $average . '</span> out of <span class="best">5</span> based on <span class="votes">' . $rating[0][ 'votes' ] . '</span> ratings.</span></span>';
|
polldaddy.php
CHANGED
|
@@ -6,7 +6,7 @@ Plugin URI: http://wordpress.org/extend/plugins/polldaddy/
|
|
| 6 |
Description: Create and manage Polldaddy polls and ratings in WordPress
|
| 7 |
Author: Automattic, Inc.
|
| 8 |
Author URL: http://polldaddy.com/
|
| 9 |
-
Version: 2.0.
|
| 10 |
*/
|
| 11 |
|
| 12 |
// You can hardcode your Polldaddy PartnerGUID (API Key) here
|
|
@@ -3679,7 +3679,7 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"></scr
|
|
| 3679 |
}
|
| 3680 |
|
| 3681 |
if ( empty( $pd_rating ) ) { //something's up!
|
| 3682 |
-
echo '<div class="error" id="polldaddy"><p>'.sprintf( __( 'Sorry! There was an error creating your rating widget. Please contact <a href="%1$s" %2$s>Polldaddy support</a>
|
| 3683 |
$error = true;
|
| 3684 |
} else {
|
| 3685 |
$rating_id = (int) $pd_rating->_id;
|
|
@@ -4867,7 +4867,7 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"></scr
|
|
| 4867 |
</h3>
|
| 4868 |
<p><?php _e( '<em>Polldaddy</em> and <em>WordPress.com</em> are now connected using <a href="http://en.support.wordpress.com/wpcc-faq/">WordPress.com Connect</a>. If you have a WordPress.com account you can use it to login to <a href="http://polldaddy.com/">Polldaddy.com</a>. Click on the Polldaddy "sign in" button, authorize the connection and create your new Polldaddy account.', 'polldaddy' ); ?></p>
|
| 4869 |
<p><?php _e( 'Login to the Polldaddy website and scroll to the end of your <a href="http://polldaddy.com/account/#apikey">account page</a> to create or retrieve an API key.', 'polldaddy' ); ?></p>
|
| 4870 |
-
<?php if ( $account_email != false ) { ?>
|
| 4871 |
<p><?php printf( __( 'Your account is currently linked to this API key: <strong>%s</strong>', 'polldaddy' ), WP_POLLDADDY__PARTNERGUID ); ?></p>
|
| 4872 |
<br />
|
| 4873 |
<h3><?php _e( 'Link to a different Polldaddy account', 'polldaddy' ); ?></h3>
|
|
@@ -4899,6 +4899,13 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"></scr
|
|
| 4899 |
</form>
|
| 4900 |
<br />
|
| 4901 |
<?php } ?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4902 |
<h3>
|
| 4903 |
<?php _e( 'General Settings', 'polldaddy' ); ?>
|
| 4904 |
</h3>
|
| 6 |
Description: Create and manage Polldaddy polls and ratings in WordPress
|
| 7 |
Author: Automattic, Inc.
|
| 8 |
Author URL: http://polldaddy.com/
|
| 9 |
+
Version: 2.0.24
|
| 10 |
*/
|
| 11 |
|
| 12 |
// You can hardcode your Polldaddy PartnerGUID (API Key) here
|
| 3679 |
}
|
| 3680 |
|
| 3681 |
if ( empty( $pd_rating ) ) { //something's up!
|
| 3682 |
+
echo '<div class="error" id="polldaddy"><p>'.sprintf( __( 'Sorry! There was an error creating your rating widget. Please contact <a href="%1$s" %2$s>Polldaddy support</a> and tell them your usercode is %3$s.', 'polldaddy' ), 'http://polldaddy.com/feedback/', 'target="_blank"', $this->rating_user_code ) . '</p></div>';
|
| 3683 |
$error = true;
|
| 3684 |
} else {
|
| 3685 |
$rating_id = (int) $pd_rating->_id;
|
| 4867 |
</h3>
|
| 4868 |
<p><?php _e( '<em>Polldaddy</em> and <em>WordPress.com</em> are now connected using <a href="http://en.support.wordpress.com/wpcc-faq/">WordPress.com Connect</a>. If you have a WordPress.com account you can use it to login to <a href="http://polldaddy.com/">Polldaddy.com</a>. Click on the Polldaddy "sign in" button, authorize the connection and create your new Polldaddy account.', 'polldaddy' ); ?></p>
|
| 4869 |
<p><?php _e( 'Login to the Polldaddy website and scroll to the end of your <a href="http://polldaddy.com/account/#apikey">account page</a> to create or retrieve an API key.', 'polldaddy' ); ?></p>
|
| 4870 |
+
<?php if ( isset( $account_email ) && $account_email != false ) { ?>
|
| 4871 |
<p><?php printf( __( 'Your account is currently linked to this API key: <strong>%s</strong>', 'polldaddy' ), WP_POLLDADDY__PARTNERGUID ); ?></p>
|
| 4872 |
<br />
|
| 4873 |
<h3><?php _e( 'Link to a different Polldaddy account', 'polldaddy' ); ?></h3>
|
| 4899 |
</form>
|
| 4900 |
<br />
|
| 4901 |
<?php } ?>
|
| 4902 |
+
<?php
|
| 4903 |
+
// if not connected to a Polldaddy account can't save defaults so don't show the form.
|
| 4904 |
+
if ( false == is_object( $poll ) ) {
|
| 4905 |
+
echo "</div>";
|
| 4906 |
+
return false;
|
| 4907 |
+
}
|
| 4908 |
+
?>
|
| 4909 |
<h3>
|
| 4910 |
<?php _e( 'General Settings', 'polldaddy' ); ?>
|
| 4911 |
</h3>
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: eoigal, alternatekev, mdawaffe, donncha, johnny5
|
| 3 |
Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 3.3
|
| 5 |
-
Tested up to: 3.9
|
| 6 |
-
Stable tag: 2.0.
|
| 7 |
|
| 8 |
Create and manage Polldaddy polls and ratings from within WordPress.
|
| 9 |
|
|
@@ -112,10 +112,13 @@ Your theme is getting the post content, without necessarily showing it. If the p
|
|
| 112 |
|
| 113 |
|
| 114 |
== Upgrade Notice ==
|
| 115 |
-
= 2.0.
|
| 116 |
-
*
|
| 117 |
|
| 118 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
| 119 |
= 2.0.23 =
|
| 120 |
* Added a UI to the ratings settings page to enable or disable the rich snippets support
|
| 121 |
* Minor bug fixes
|
| 2 |
Contributors: eoigal, alternatekev, mdawaffe, donncha, johnny5
|
| 3 |
Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 3.3
|
| 5 |
+
Tested up to: 3.9.1
|
| 6 |
+
Stable tag: 2.0.24
|
| 7 |
|
| 8 |
Create and manage Polldaddy polls and ratings from within WordPress.
|
| 9 |
|
| 112 |
|
| 113 |
|
| 114 |
== Upgrade Notice ==
|
| 115 |
+
= 2.0.24 =
|
| 116 |
+
* Minor security fix: Properly sanitize and escape the rating title filter.
|
| 117 |
|
| 118 |
== Changelog ==
|
| 119 |
+
= 2.0.24 =
|
| 120 |
+
* Minor security fix: Properly sanitize and escape the rating title filter.
|
| 121 |
+
|
| 122 |
= 2.0.23 =
|
| 123 |
* Added a UI to the ratings settings page to enable or disable the rich snippets support
|
| 124 |
* Minor bug fixes
|
