Crowdsignal Dashboard – Polls, Surveys & more - Version 2.0.25

Version Description

  • Fixed XSS in shortcode and added reset/restore settings form

=

Download this release

Release Info

Developer donncha
Plugin Icon 128x128 Crowdsignal Dashboard – Polls, Surveys & more
Version 2.0.25
Comparing to
See all releases

Code changes from version 2.0.24 to 2.0.25

Files changed (3) hide show
  1. polldaddy-org.php +11 -3
  2. polldaddy.php +159 -7
  3. readme.txt +9 -4
polldaddy-org.php CHANGED
@@ -548,6 +548,10 @@ class PolldaddyShortcode {
548
  self::$add_script = $infinite_scroll;
549
 
550
  if ( intval( $rating ) > 0 && !$no_script ) { //rating embed
 
 
 
 
551
 
552
  if ( empty( $unique_id ) )
553
  $unique_id = is_page() ? 'wp-page-'.$post->ID : 'wp-post-'.$post->ID;
@@ -562,7 +566,7 @@ class PolldaddyShortcode {
562
  $permalink = get_permalink( $post->ID );
563
 
564
  $rating = intval( $rating );
565
- $unique_id = wp_strip_all_tags( $unique_id );
566
  $item_id = wp_strip_all_tags( $item_id );
567
  $item_id = preg_replace( '/[^_a-z0-9]/i', '', $item_id );
568
 
@@ -582,7 +586,7 @@ class PolldaddyShortcode {
582
  <script type="text/javascript" charset="UTF-8"><!--//--><![CDATA[//><!--
583
  PDRTJS_settings_{$rating}{$item_id}={$settings};
584
  //--><!]]></script>
585
- <script type="text/javascript" charset="UTF-8" src="http://i0.poll.fm/js/rating/rating.js"></script>
586
  SCRIPT;
587
  } else {
588
  if ( self::$scripts === false )
@@ -781,11 +785,15 @@ CONTAINER;
781
 
782
  if ( is_array( self::$scripts ) ) {
783
  if ( isset( self::$scripts['rating'] ) ) {
 
 
 
 
784
  $script = "<script type='text/javascript' charset='UTF-8' id='polldaddyRatings'><!--//--><![CDATA[//><!--\n";
785
  foreach( self::$scripts['rating'] as $rating ) {
786
  $script .= "PDRTJS_settings_{$rating['id']}{$rating['item_id']}={$rating['settings']}; if ( typeof PDRTJS_RATING !== 'undefined' ){if ( typeof PDRTJS_{$rating['id']}{$rating['item_id']} == 'undefined' ){PDRTJS_{$rating['id']}{$rating['item_id']} = new PDRTJS_RATING( PDRTJS_settings_{$rating['id']}{$rating['item_id']} );}}";
787
  }
788
- $script .= "\n//--><!]]></script><script type='text/javascript' charset='UTF-8' src='http://i0.poll.fm/js/rating/rating.js'></script>";
789
 
790
  }
791
 
548
  self::$add_script = $infinite_scroll;
549
 
550
  if ( intval( $rating ) > 0 && !$no_script ) { //rating embed
551
+ if ( is_ssl() )
552
+ $rating_js_file = "https://polldaddy.com/js/rating/rating.js";
553
+ else
554
+ $rating_js_file = "http://i0.poll.fm/js/rating/rating.js";
555
 
556
  if ( empty( $unique_id ) )
557
  $unique_id = is_page() ? 'wp-page-'.$post->ID : 'wp-post-'.$post->ID;
566
  $permalink = get_permalink( $post->ID );
567
 
568
  $rating = intval( $rating );
569
+ $unique_id = preg_replace( '/[^-_a-z0-9]/i', '', wp_strip_all_tags( $unique_id ) );
570
  $item_id = wp_strip_all_tags( $item_id );
571
  $item_id = preg_replace( '/[^_a-z0-9]/i', '', $item_id );
572
 
586
  <script type="text/javascript" charset="UTF-8"><!--//--><![CDATA[//><!--
587
  PDRTJS_settings_{$rating}{$item_id}={$settings};
588
  //--><!]]></script>
589
+ <script type="text/javascript" charset="UTF-8" src="{$rating_js_file}"></script>
590
  SCRIPT;
591
  } else {
592
  if ( self::$scripts === false )
785
 
786
  if ( is_array( self::$scripts ) ) {
787
  if ( isset( self::$scripts['rating'] ) ) {
788
+ if ( is_ssl() )
789
+ $rating_js_file = "https://polldaddy.com/js/rating/rating.js";
790
+ else
791
+ $rating_js_file = "http://i0.poll.fm/js/rating/rating.js";
792
  $script = "<script type='text/javascript' charset='UTF-8' id='polldaddyRatings'><!--//--><![CDATA[//><!--\n";
793
  foreach( self::$scripts['rating'] as $rating ) {
794
  $script .= "PDRTJS_settings_{$rating['id']}{$rating['item_id']}={$rating['settings']}; if ( typeof PDRTJS_RATING !== 'undefined' ){if ( typeof PDRTJS_{$rating['id']}{$rating['item_id']} == 'undefined' ){PDRTJS_{$rating['id']}{$rating['item_id']} = new PDRTJS_RATING( PDRTJS_settings_{$rating['id']}{$rating['item_id']} );}}";
795
  }
796
+ $script .= "\n//--><!]]></script><script type='text/javascript' charset='UTF-8' src='{$rating_js_file}'></script>";
797
 
798
  }
799
 
polldaddy.php CHANGED
@@ -6,7 +6,7 @@ Plugin URI: http://wordpress.org/extend/plugins/polldaddy/
6
  Description: Create and manage Polldaddy polls and ratings in WordPress
7
  Author: Automattic, Inc.
8
  Author URL: http://polldaddy.com/
9
- Version: 2.0.24
10
  */
11
 
12
  // You can hardcode your Polldaddy PartnerGUID (API Key) here
@@ -347,6 +347,8 @@ class WP_Polldaddy {
347
 
348
  if ( !empty( $this->user_code ) ) {
349
  update_option( 'pd-usercode-'.$this->id, $this->user_code );
 
 
350
  }
351
  }
352
  }
@@ -361,7 +363,7 @@ class WP_Polldaddy {
361
  if ( empty( $this->user_code ) && $page == 'polls' ) {
362
  // one last try to get the user code automatically if possible
363
  $this->user_code = apply_filters_ref_array( 'polldaddy_get_user_code', array( $this->user_code, &$this ) );
364
- if ( false == $this->user_code )
365
  $action = 'signup';
366
  }
367
 
@@ -400,6 +402,8 @@ class WP_Polldaddy {
400
  case 'options' :
401
  case 'update-options' :
402
  case 'import-account' :
 
 
403
  $plugin_page = 'polls&action=options';
404
  break;
405
  }//end switch
@@ -470,6 +474,41 @@ class WP_Polldaddy {
470
 
471
  if ( $page == 'polls' ) {
472
  switch ( $action ) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
473
  case 'signup' : // sign up for first time
474
  case 'account' : // reauthenticate
475
  case 'import-account' : // reauthenticate
@@ -3643,15 +3682,21 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"&gt;&lt;/scr
3643
 
3644
  if ( !defined( 'WP_POLLDADDY__PARTNERGUID' ) )
3645
  return false;
 
 
 
3646
  $polldaddy = $this->get_client( WP_POLLDADDY__PARTNERGUID, $this->rating_user_code );
3647
  $polldaddy->reset();
3648
 
 
3649
  if ( empty( $rating_id ) ) {
3650
  $pd_rating = $polldaddy->create_rating( $blog_name , $new_type );
3651
  if ( !empty( $pd_rating ) ) {
3652
  $rating_id = (int) $pd_rating->_id;
3653
  update_option ( 'pd-rating-' . $report_type . '-id', $rating_id );
3654
  update_option ( 'pd-rating-' . $report_type, 0 );
 
 
3655
  }
3656
  } else
3657
  $pd_rating = $polldaddy->get_rating( $rating_id );
@@ -3670,16 +3715,18 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"&gt;&lt;/scr
3670
  $polldaddy = $this->get_client( WP_POLLDADDY__PARTNERGUID, $this->rating_user_code );
3671
  $polldaddy->reset();
3672
  $pd_rating = $polldaddy->get_rating( $rating_id ); //see it exists
 
3673
 
3674
  if ( empty( $pd_rating ) || (int) $pd_rating->_id == 0 ) { //if not then create a rating for blog
3675
  $polldaddy->reset();
3676
  $pd_rating = $polldaddy->create_rating( $blog_name , $new_type );
 
3677
  }
3678
  }
3679
  }
3680
 
3681
  if ( empty( $pd_rating ) ) { //something's up!
3682
- echo '<div class="error" id="polldaddy"><p>'.sprintf( __( 'Sorry! There was an error creating your rating widget. Please contact <a href="%1$s" %2$s>Polldaddy support</a> and tell them your usercode is %3$s.', 'polldaddy' ), 'http://polldaddy.com/feedback/', 'target="_blank"', $this->rating_user_code ) . '</p></div>';
3683
  $error = true;
3684
  } else {
3685
  $rating_id = (int) $pd_rating->_id;
@@ -3916,6 +3963,12 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"&gt;&lt;/scr
3916
  </tbody>
3917
  </table>
3918
  </form>
 
 
 
 
 
 
3919
  </div>
3920
 
3921
  <div style="padding:20px 0px 0px 0px"><?php
@@ -4897,14 +4950,14 @@ src="http://static.polldaddy.com/p/<?php echo (int) $poll_id; ?>.js"&gt;&lt;/scr
4897
  <input type="submit" class="button-primary" value="<?php echo esc_attr( __( 'Link Account', 'polldaddy' ) ); ?>" />
4898
  </p>
4899
  </form>
4900
- <br />
4901
- <?php } ?>
 
4902
  <?php
4903
  // if not connected to a Polldaddy account can't save defaults so don't show the form.
4904
  if ( false == is_object( $poll ) ) {
4905
  echo "</div>";
4906
- return false;
4907
- }
4908
  ?>
4909
  <h3>
4910
  <?php _e( 'General Settings', 'polldaddy' ); ?>
@@ -4991,6 +5044,89 @@ if ( false == is_object( $poll ) ) {
4991
  </form>
4992
  </div>
4993
  <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4994
  }
4995
 
4996
  function plugin_options_add() {}
@@ -5036,6 +5172,22 @@ if ( false == is_object( $poll ) ) {
5036
  }
5037
 
5038
  function log( $message ) {}
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
5039
  }
5040
 
5041
  require dirname( __FILE__ ).'/rating.php';
6
  Description: Create and manage Polldaddy polls and ratings in WordPress
7
  Author: Automattic, Inc.
8
  Author URL: http://polldaddy.com/
9
+ Version: 2.0.25
10
  */
11
 
12
  // You can hardcode your Polldaddy PartnerGUID (API Key) here
347
 
348
  if ( !empty( $this->user_code ) ) {
349
  update_option( 'pd-usercode-'.$this->id, $this->user_code );
350
+ } elseif ( get_option( 'polldaddy_api_key' ) ) {
351
+ $this->contact_support_message( 'There was a problem linking your account', $polldaddy->errors );
352
  }
353
  }
354
  }
363
  if ( empty( $this->user_code ) && $page == 'polls' ) {
364
  // one last try to get the user code automatically if possible
365
  $this->user_code = apply_filters_ref_array( 'polldaddy_get_user_code', array( $this->user_code, &$this ) );
366
+ if ( false == $this->user_code && $action != 'restore-account' )
367
  $action = 'signup';
368
  }
369
 
402
  case 'options' :
403
  case 'update-options' :
404
  case 'import-account' :
405
+ case 'reset-account' :
406
+ case 'restore-account' :
407
  $plugin_page = 'polls&action=options';
408
  break;
409
  }//end switch
474
 
475
  if ( $page == 'polls' ) {
476
  switch ( $action ) {
477
+ case 'reset-account' : // reset everything
478
+ global $current_user;
479
+ check_admin_referer( 'polldaddy-reset' . $this->id );
480
+ $fields = array( 'polldaddy_api_key', 'pd-rating-comments', 'pd-rating-comments-id', 'pd-rating-comments-pos', 'pd-rating-exclude-post-ids', 'pd-rating-pages', 'pd-rating-pages-id', 'pd-rating-posts', 'pd-rating-posts-id', 'pd-rating-posts-index', 'pd-rating-posts-index-id', 'pd-rating-posts-index-pos', 'pd-rating-posts-pos', 'pd-rating-title-filter', 'pd-rating-usercode', 'pd-rich-snippets', 'pd-usercode-' . $current_user->ID );
481
+ $msg = __( "You have just reset your Polldaddy connection settings." ) . "\n\n";
482
+ foreach( $fields as $field ) {
483
+ $value = get_option( $field );
484
+ if ( $value != false ) {
485
+ $settings[ $field ] = $value;
486
+ $msg .= "$field: $value\n";
487
+ delete_option( $field );
488
+ }
489
+ }
490
+ if ( isset( $_POST[ 'email' ] ) )
491
+ wp_mail( $current_user->user_email, "Polldaddy Settings", $msg );
492
+ update_option( 'polldaddy_settings', $settings );
493
+ break;
494
+ case 'restore-account' : // restore everything
495
+ global $current_user;
496
+ check_admin_referer( 'polldaddy-restore' . $this->id );
497
+ $previous_settings = get_option( 'polldaddy_settings' );
498
+ foreach( $previous_settings as $key => $value )
499
+ update_option( $key, $value );
500
+ delete_option( 'polldaddy_settings' );
501
+ break;
502
+ case 'restore-ratings' : // restore ratings
503
+ global $current_user;
504
+ check_admin_referer( 'polldaddy-restore-ratings' . $this->id );
505
+ $previous_settings = get_option( 'polldaddy_settings' );
506
+ $fields = array( 'pd-rating-comments', 'pd-rating-comments-id', 'pd-rating-comments-pos', 'pd-rating-exclude-post-ids', 'pd-rating-pages', 'pd-rating-pages-id', 'pd-rating-posts', 'pd-rating-posts-id', 'pd-rating-posts-index', 'pd-rating-posts-index-id', 'pd-rating-posts-index-pos', 'pd-rating-posts-pos', 'pd-rating-title-filter' );
507
+ foreach( $fields as $key ) {
508
+ if ( isset( $previous_settings[ $key ] ) )
509
+ update_option( $key, $previous_settings[ $key ] );
510
+ }
511
+ break;
512
  case 'signup' : // sign up for first time
513
  case 'account' : // reauthenticate
514
  case 'import-account' : // reauthenticate
3682
 
3683
  if ( !defined( 'WP_POLLDADDY__PARTNERGUID' ) )
3684
  return false;
3685
+
3686
+ if ( $this->rating_user_code == '' )
3687
+ die();
3688
  $polldaddy = $this->get_client( WP_POLLDADDY__PARTNERGUID, $this->rating_user_code );
3689
  $polldaddy->reset();
3690
 
3691
+ $rating_errors = array();
3692
  if ( empty( $rating_id ) ) {
3693
  $pd_rating = $polldaddy->create_rating( $blog_name , $new_type );
3694
  if ( !empty( $pd_rating ) ) {
3695
  $rating_id = (int) $pd_rating->_id;
3696
  update_option ( 'pd-rating-' . $report_type . '-id', $rating_id );
3697
  update_option ( 'pd-rating-' . $report_type, 0 );
3698
+ } else {
3699
+ $rating_errors[] = $polldaddy->errors;
3700
  }
3701
  } else
3702
  $pd_rating = $polldaddy->get_rating( $rating_id );
3715
  $polldaddy = $this->get_client( WP_POLLDADDY__PARTNERGUID, $this->rating_user_code );
3716
  $polldaddy->reset();
3717
  $pd_rating = $polldaddy->get_rating( $rating_id ); //see it exists
3718
+ $rating_errors[] = $polldaddy->errors;
3719
 
3720
  if ( empty( $pd_rating ) || (int) $pd_rating->_id == 0 ) { //if not then create a rating for blog
3721
  $polldaddy->reset();
3722
  $pd_rating = $polldaddy->create_rating( $blog_name , $new_type );
3723
+ $rating_errors[] = $polldaddy->errors;
3724
  }
3725
  }
3726
  }
3727
 
3728
  if ( empty( $pd_rating ) ) { //something's up!
3729
+ $this->contact_support_message( __( 'There was an error creating your rating widget' ), $rating_errors );
3730
  $error = true;
3731
  } else {
3732
  $rating_id = (int) $pd_rating->_id;
3963
  </tbody>
3964
  </table>
3965
  </form>
3966
+ <?php // check for previous settings
3967
+ $previous_settings = get_option( 'polldaddy_settings' );
3968
+ if ( get_option( 'pd-rating-posts-id' ) && get_option( 'pd-rating-posts-id' ) != $previous_settings[ 'pd-rating-posts-id' ] ) {
3969
+ echo "<p>" . sprintf( __( "Previous settings for ratings on this site discovered. You can restore them on the <a href='%s'>poll settings page</a> if your site is missing ratings after resetting your connection settings.", 'polldaddy' ), "options-general.php?page=polls&action=options" ) . "</p>";
3970
+ }
3971
+ ?>
3972
  </div>
3973
 
3974
  <div style="padding:20px 0px 0px 0px"><?php
4950
  <input type="submit" class="button-primary" value="<?php echo esc_attr( __( 'Link Account', 'polldaddy' ) ); ?>" />
4951
  </p>
4952
  </form>
4953
+
4954
+ <?php
4955
+ } ?>
4956
  <?php
4957
  // if not connected to a Polldaddy account can't save defaults so don't show the form.
4958
  if ( false == is_object( $poll ) ) {
4959
  echo "</div>";
4960
+ } else {
 
4961
  ?>
4962
  <h3>
4963
  <?php _e( 'General Settings', 'polldaddy' ); ?>
5044
  </form>
5045
  </div>
5046
  <?php
5047
+ } // is_object( $poll )
5048
+ global $current_user;
5049
+ $fields = array( 'polldaddy_api_key', 'pd-rating-comments', 'pd-rating-comments-id', 'pd-rating-comments-pos', 'pd-rating-exclude-post-ids', 'pd-rating-pages', 'pd-rating-pages-id', 'pd-rating-posts', 'pd-rating-posts-id', 'pd-rating-posts-index', 'pd-rating-posts-index-id', 'pd-rating-posts-index-pos', 'pd-rating-posts-pos', 'pd-rating-title-filter', 'pd-rating-usercode', 'pd-rich-snippets', 'pd-usercode-' . $current_user->ID );
5050
+ $show_reset_form = false;
5051
+ foreach( $fields as $field ) {
5052
+ $value = get_option( $field );
5053
+ if ( $value != false )
5054
+ $show_reset_form = true;
5055
+ $settings[ $field ] = $value;
5056
+ }
5057
+ if ( $show_reset_form ) {
5058
+ echo "<h3>" . __( 'Reset Connection Settings', 'polldaddy' ) . "</h3>";
5059
+ echo "<p>" . __( 'If you are experiencing problems connecting to the Polldaddy website resetting your connection settings may help. A backup will be made. After resetting, link your account again with the same API key.', 'polldaddy' ) . "</p>";
5060
+ echo "<p>" . __( 'The following settings will be reset:', 'polldaddy' ) . "</p>";
5061
+ echo "<table>";
5062
+ foreach( $settings as $key => $value ) {
5063
+ if ( $value != '' ) {
5064
+ if ( strpos( $key, 'usercode' ) )
5065
+ $value = "***********" . substr( $value, -4 );
5066
+ elseif ( in_array( $key, array( 'pd-rating-pages-id', 'pd-rating-comments-id', 'pd-rating-posts-id' ) ) )
5067
+ $value = "$value (<a href='http://polldaddy.com/ratings/{$value}/edit/'>" . __( 'Edit', 'polldaddy' ) . "</a>)";
5068
+ echo "<tr><th style='text-align: right'>$key:</th><td>$value</td></tr>\n";
5069
+ }
5070
+ }
5071
+ echo "</table>";
5072
+ echo "<p>" . __( "* The usercode is like a password, keep it secret.", 'polldaddy' ) . "</p>";
5073
+ ?>
5074
+ <form action="" method="post">
5075
+ <p class="submit">
5076
+ <?php wp_nonce_field( 'polldaddy-reset' . $current_user->ID ); ?>
5077
+ <input type="hidden" name="action" value="reset-account" />
5078
+ <input type="hidden" name="account" value="import" />
5079
+ <p><input type="checkbox" name="email" value="1" /> <?php _e( 'Send me an email with the connection settings for future reference' ); ?></p>
5080
+ <input type="submit" class="button-primary" value="<?php echo esc_attr( __( 'Reset', 'polldaddy' ) ); ?>" />
5081
+ </p>
5082
+ </form>
5083
+ <br />
5084
+ <?php
5085
+ }
5086
+ $previous_settings = get_option( 'polldaddy_settings' );
5087
+ if ( is_array( $previous_settings ) && !empty( $previous_settings ) ) {
5088
+ echo "<h3>" . __( 'Restore Previous Settings', 'polldaddy' ) . "</h3>";
5089
+ echo "<p>" . __( 'The connection settings for this site were reset but a backup was made. The following settings can be restored:', 'polldaddy' ) . "</p>";
5090
+ echo "<table>";
5091
+ foreach( $previous_settings as $key => $value ) {
5092
+ if ( $value != '' ) {
5093
+ if ( strpos( $key, 'usercode' ) )
5094
+ $value = "***********" . substr( $value, -4 );
5095
+ elseif ( in_array( $key, array( 'pd-rating-pages-id', 'pd-rating-comments-id', 'pd-rating-posts-id' ) ) )
5096
+ $value = "$value (<a href='http://polldaddy.com/ratings/{$value}/edit/'>" . __( 'Edit', 'polldaddy' ) . "</a>)";
5097
+ echo "<tr><th style='text-align: right'>$key:</th><td>$value</td></tr>\n";
5098
+ }
5099
+ }
5100
+ echo "</table>";
5101
+ echo "<p>" . __( "* The usercode is like a password, keep it secret.", 'polldaddy' ) . "</p>";
5102
+ ?>
5103
+ <form action="" method="post">
5104
+ <p class="submit">
5105
+ <?php wp_nonce_field( 'polldaddy-restore' . $current_user->ID ); ?>
5106
+ <input type="hidden" name="action" value="restore-account" />
5107
+ <input type="hidden" name="account" value="import" />
5108
+ <input type="submit" class="button-primary" value="<?php echo esc_attr( __( 'Restore', 'polldaddy' ) ); ?>" />
5109
+ </p>
5110
+ </form>
5111
+ <br />
5112
+ <?php
5113
+ if ( $show_reset_form && isset( $settings[ 'pd-rating-posts-id' ] ) && $settings[ 'pd-rating-posts-id' ] != $previous_settings[ 'pd-rating-posts-id' ] ) {
5114
+ echo "<h3>" . __( 'Restore Ratings Settings', 'polldaddy' ) . "</h3>";
5115
+ echo "<p>" . __( 'Different rating settings detected. If you are missing ratings on your posts, pages or comments you can restore the original rating settings by clicking the button below.', 'polldaddy' ) . "</p>";
5116
+ echo "<p>" . __( 'This tells the plugin to look for this data in a different rating in your Polldaddy account.', 'polldaddy' ) . "</p>";
5117
+ ?>
5118
+ <form action="" method="post">
5119
+ <p class="submit">
5120
+ <?php wp_nonce_field( 'polldaddy-restore-ratings' . $current_user->ID ); ?>
5121
+ <input type="hidden" name="action" value="restore-ratings" />
5122
+ <input type="hidden" name="account" value="import" />
5123
+ <input type="submit" class="button-primary" value="<?php echo esc_attr( __( 'Restore Ratings Only', 'polldaddy' ) ); ?>" />
5124
+ </p>
5125
+ </form>
5126
+ <br />
5127
+ <?php
5128
+ }
5129
+ }
5130
  }
5131
 
5132
  function plugin_options_add() {}
5172
  }
5173
 
5174
  function log( $message ) {}
5175
+
5176
+ function contact_support_message( $message, $errors ) {
5177
+ global $current_user;
5178
+ echo '<div class="error" id="polldaddy">';
5179
+ echo '<h1>' . $message . '</h1>';
5180
+ echo '<p>' . __( "There are a few things you can do:" );
5181
+ echo "<ul><ol>" . __( "Press reload on your browser and reload this page. There may have been a temporary problem communicating with Polldaddy.com", "polldaddy" ) . "</ol>";
5182
+ echo "<ol>" . sprintf( __( "Go to the <a href='%s'>poll settings page</a>, scroll to the end of the page and reset your connection settings. Link your account again with the same API key.", "polldaddy" ), 'options-general.php?page=polls&action=options' ) . "</ol>";
5183
+ echo "<ol>" . sprintf( __( 'Contact <a href="%1$s" %2$s>Polldaddy support</a> and tell them your rating usercode is %3$s', 'polldaddy' ), 'http://polldaddy.com/feedback/', 'target="_blank"', $this->rating_user_code ) . '<br />' . __( 'Also include the following information when contacting support to help us resolve your problem as quickly as possible:', 'polldaddy' ) . '';
5184
+ echo "<ul><li> API Key: " . get_option( 'polldaddy_api_key' ) . "</li>";
5185
+ echo "<li> ID Usercode: " . get_option( 'pd-usercode-' . $current_user->ID ) . "</li>";
5186
+ echo "<li> pd-rating-usercode: " . get_option( 'pd-rating-usercode' ) . "</li>";
5187
+ echo "<li> pd-rating-posts-id: " . get_option( 'pd-rating-posts-id' ) . "</li>";
5188
+ echo "<li> Errors: " . print_r( $errors, 1 ) . "</li></ul>";
5189
+ echo "</ol></ul></div>";
5190
+ }
5191
  }
5192
 
5193
  require dirname( __FILE__ ).'/rating.php';
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: eoigal, alternatekev, mdawaffe, donncha, johnny5
3
  Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
4
  Requires at least: 3.3
5
  Tested up to: 3.9.1
6
- Stable tag: 2.0.24
7
 
8
  Create and manage Polldaddy polls and ratings from within WordPress.
9
 
@@ -112,12 +112,17 @@ Your theme is getting the post content, without necessarily showing it. If the p
112
 
113
 
114
  == Upgrade Notice ==
115
- = 2.0.24 =
116
- * Minor security fix: Properly sanitize and escape the rating title filter.
117
 
118
  == Changelog ==
 
 
 
 
 
119
  = 2.0.24 =
120
- * Minor security fix: Properly sanitize and escape the rating title filter.
121
 
122
  = 2.0.23 =
123
  * Added a UI to the ratings settings page to enable or disable the rich snippets support
3
  Tags: polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
4
  Requires at least: 3.3
5
  Tested up to: 3.9.1
6
+ Stable tag: 2.0.25
7
 
8
  Create and manage Polldaddy polls and ratings from within WordPress.
9
 
112
 
113
 
114
  == Upgrade Notice ==
115
+ = 2.0.25 =
116
+ * Fixed XSS in shortcode and added reset/restore settings form
117
 
118
  == Changelog ==
119
+ = 2.0.25 =
120
+ * Fixed XSS in ratings shortcode. Props vortfu
121
+ * Added forms to allow users to reset and restore their connection settings. Useful to fix rating widget problems.
122
+ * The "contact support text is improved. Now it suggests resetting the connection first.
123
+
124
  = 2.0.24 =
125
+ * Minor security fix: Properly sanitize and escape the rating title filter. Props mazengamal.
126
 
127
  = 2.0.23 =
128
  * Added a UI to the ratings settings page to enable or disable the rich snippets support