Version Description
Bugfix and security release
Download this release
Release Info
| Developer | donncha |
| Plugin |  Crowdsignal Dashboard – Polls, Surveys & more |
| Version | 3.0.10 |
| Comparing to | |
| See all releases | |
Code changes from version 3.0.9 to 3.0.10
- polldaddy.php +8 -10
- readme.txt +11 -4
polldaddy.php
CHANGED
|
@@ -5,7 +5,7 @@
|
|
| 5 |
* Description: Create and manage Crowdsignal polls and ratings in WordPress
|
| 6 |
* Author: Automattic, Inc.
|
| 7 |
* Author URL: https://crowdsignal.com/
|
| 8 |
-
* Version: 3.0.
|
| 9 |
*/
|
| 10 |
|
| 11 |
// To hardcode your Polldaddy PartnerGUID (API Key), add the (uncommented) line below with the PartnerGUID to your `wp-config.php`
|
|
@@ -202,11 +202,10 @@ class WP_Polldaddy {
|
|
| 202 |
foreach( array( 'crowdsignal-settings' => __( 'Crowdsignal', 'polldaddy' ), 'ratingsettings' => __( 'Ratings', 'polldaddy' ) ) as $menu_slug => $page_title ) {
|
| 203 |
// translators: %s placeholder is the setting page type (Poll or Rating).
|
| 204 |
$settings_page_title = sprintf( esc_html__( '%s', 'polldaddy' ), $page_title );
|
| 205 |
-
$hook = add_options_page( $settings_page_title, $settings_page_title, $menu_slug == '
|
| 206 |
add_action( "load-$hook", array( $this, 'management_page_load' ) );
|
| 207 |
}
|
| 208 |
|
| 209 |
-
add_action( 'media_buttons', array( &$this, 'media_buttons' ) );
|
| 210 |
}
|
| 211 |
|
| 212 |
function menu_alter() {
|
|
@@ -393,11 +392,6 @@ class WP_Polldaddy {
|
|
| 393 |
<?php
|
| 394 |
}
|
| 395 |
|
| 396 |
-
function media_buttons() {
|
| 397 |
-
$title = __( 'Add Poll', 'polldaddy' );
|
| 398 |
-
echo " <a href='admin.php?page=polls&iframe&TB_iframe=true' onclick='return false;' id='add_poll' class='button thickbox' title='" . esc_attr( $title ) . "'><img src='{$this->base_url}img/polldaddy@2x.png' width='15' height='15' alt='" . esc_attr( $title ) . "' style='margin: -2px 0 0 -1px; padding: 0 2px 0 0; vertical-align: middle;' /> " . esc_html( $title ) . "</a>";
|
| 399 |
-
}
|
| 400 |
-
|
| 401 |
function get_usercode( $for_current_user = false ) {
|
| 402 |
// sitewide access to Crowdsignal account
|
| 403 |
if ( ! $for_current_user && $user_id = get_option( 'polldaddy_usercode_user' ) ) {
|
|
@@ -467,7 +461,11 @@ class WP_Polldaddy {
|
|
| 467 |
die();
|
| 468 |
}
|
| 469 |
|
| 470 |
-
if (
|
|
|
|
|
|
|
|
|
|
|
|
|
| 471 |
check_admin_referer( 'disconnect-api-key' );
|
| 472 |
delete_option( 'polldaddy_api_key' );
|
| 473 |
delete_option( 'crowdsignal_api_key' );
|
|
@@ -1693,7 +1691,7 @@ class WP_Polldaddy {
|
|
| 1693 |
$page = $_GET['page']; // phpcs:ignore
|
| 1694 |
}
|
| 1695 |
if ( 'crowdsignal-settings' === $page ) {
|
| 1696 |
-
if ( !
|
| 1697 |
return;
|
| 1698 |
}
|
| 1699 |
$this->plugin_options();
|
| 5 |
* Description: Create and manage Crowdsignal polls and ratings in WordPress
|
| 6 |
* Author: Automattic, Inc.
|
| 7 |
* Author URL: https://crowdsignal.com/
|
| 8 |
+
* Version: 3.0.10
|
| 9 |
*/
|
| 10 |
|
| 11 |
// To hardcode your Polldaddy PartnerGUID (API Key), add the (uncommented) line below with the PartnerGUID to your `wp-config.php`
|
| 202 |
foreach( array( 'crowdsignal-settings' => __( 'Crowdsignal', 'polldaddy' ), 'ratingsettings' => __( 'Ratings', 'polldaddy' ) ) as $menu_slug => $page_title ) {
|
| 203 |
// translators: %s placeholder is the setting page type (Poll or Rating).
|
| 204 |
$settings_page_title = sprintf( esc_html__( '%s', 'polldaddy' ), $page_title );
|
| 205 |
+
$hook = add_options_page( $settings_page_title, $settings_page_title, $menu_slug == 'ratingsettings' ? 'manage_options' : 'edit_others_posts', $menu_slug, array( $this, 'settings_page' ) );
|
| 206 |
add_action( "load-$hook", array( $this, 'management_page_load' ) );
|
| 207 |
}
|
| 208 |
|
|
|
|
| 209 |
}
|
| 210 |
|
| 211 |
function menu_alter() {
|
| 392 |
<?php
|
| 393 |
}
|
| 394 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 395 |
function get_usercode( $for_current_user = false ) {
|
| 396 |
// sitewide access to Crowdsignal account
|
| 397 |
if ( ! $for_current_user && $user_id = get_option( 'polldaddy_usercode_user' ) ) {
|
| 461 |
die();
|
| 462 |
}
|
| 463 |
|
| 464 |
+
if (
|
| 465 |
+
isset( $_POST['action'] )
|
| 466 |
+
&& $_POST['action'] === 'disconnect'
|
| 467 |
+
&& current_user_can( 'edit_others_posts' )
|
| 468 |
+
) {
|
| 469 |
check_admin_referer( 'disconnect-api-key' );
|
| 470 |
delete_option( 'polldaddy_api_key' );
|
| 471 |
delete_option( 'crowdsignal_api_key' );
|
| 1691 |
$page = $_GET['page']; // phpcs:ignore
|
| 1692 |
}
|
| 1693 |
if ( 'crowdsignal-settings' === $page ) {
|
| 1694 |
+
if ( ! current_user_can( 'edit_others_posts' ) ) { // check user privileges has access to action.
|
| 1695 |
return;
|
| 1696 |
}
|
| 1697 |
$this->plugin_options();
|
readme.txt
CHANGED
|
@@ -1,10 +1,10 @@
|
|
| 1 |
=== Crowdsignal Dashboard - Polls, Surveys & more ===
|
| 2 |
-
Contributors: donncha, ice9js, cgastrell, digitalwaveride, jcheringer
|
| 3 |
Tags: crowdsignal, polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 5.5
|
| 5 |
Requires PHP: 5.6
|
| 6 |
-
Tested up to: 6.
|
| 7 |
-
Stable tag: 3.0.
|
| 8 |
|
| 9 |
== Description ==
|
| 10 |
|
|
@@ -27,6 +27,9 @@ Some strings are not translated when polls and surveys are embedded. You will ha
|
|
| 27 |
|
| 28 |
Development of the plugin will take place in [this Github repository](https://github.com/Automattic/crowdsignal-plugin).
|
| 29 |
|
|
|
|
|
|
|
|
|
|
| 30 |
== Installation ==
|
| 31 |
|
| 32 |
Upload the plugin to your blog (or search for it and install it on your plugins page), activate it, then go to Settings->Crowdsignal to configure the plugin. You'll need a Crowdsignal API key available from your [Crowdsignal account page](https://app.crowdsignal.com/account/#apikey) to sync your account and pull in your existing polls and ratings.
|
|
@@ -89,9 +92,13 @@ This is possible if your server or network is blocking outgoing calls to Crowdsi
|
|
| 89 |
Make sure to whitelist `api.crowdsignal.com` in your firewall to fix this.
|
| 90 |
|
| 91 |
== Upgrade Notice ==
|
| 92 |
-
|
| 93 |
|
| 94 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
| 95 |
|
| 96 |
= 3.0.9
|
| 97 |
* Prevent warnings due to by-ref arguments
|
| 1 |
=== Crowdsignal Dashboard - Polls, Surveys & more ===
|
| 2 |
+
Contributors: donncha, ice9js, cgastrell, digitalwaveride, jcheringer
|
| 3 |
Tags: crowdsignal, polls, poll, polldaddy, wppolls, vote, polling, surveys, rate, rating, ratings
|
| 4 |
Requires at least: 5.5
|
| 5 |
Requires PHP: 5.6
|
| 6 |
+
Tested up to: 6.1
|
| 7 |
+
Stable tag: 3.0.10
|
| 8 |
|
| 9 |
== Description ==
|
| 10 |
|
| 27 |
|
| 28 |
Development of the plugin will take place in [this Github repository](https://github.com/Automattic/crowdsignal-plugin).
|
| 29 |
|
| 30 |
+
=== The Classic Editor ===
|
| 31 |
+
If you are a long time user of this plugin and you still use the classic post editor, the best way to create polls is through your [Crowdsignal account](https://app.crowdsignal.com/dashboard/) where you have a number of different ways to share polls (and surveys). However, up to version 2.2.6, this plugin had an "Add Poll" button above the post editor that opened a very basic poll editor. That "Add Poll" button has since been removed but if you would still like to use it, open up the wp-admin dashboard on your WordPress site. Add "admin.php?page=polls&action=create-poll" to the end of the URL, after "wp-admin/" so it looks like https://example.com/wp-admin/admin.php?page=polls&action=create-poll and you will see the old poll editor. Bookmark that URL if you still want to use that poll editor. We do not recommend using version 2.2.6 of the plugin as you will miss out on many bug fixes and new features added since then.
|
| 32 |
+
|
| 33 |
== Installation ==
|
| 34 |
|
| 35 |
Upload the plugin to your blog (or search for it and install it on your plugins page), activate it, then go to Settings->Crowdsignal to configure the plugin. You'll need a Crowdsignal API key available from your [Crowdsignal account page](https://app.crowdsignal.com/account/#apikey) to sync your account and pull in your existing polls and ratings.
|
| 92 |
Make sure to whitelist `api.crowdsignal.com` in your firewall to fix this.
|
| 93 |
|
| 94 |
== Upgrade Notice ==
|
| 95 |
+
Bugfix and security release
|
| 96 |
|
| 97 |
== Changelog ==
|
| 98 |
+
= 3.0.10
|
| 99 |
+
* Fix the permissions required on the settings page. Authors couldn't use it, so avoid showing them a blank page.
|
| 100 |
+
* Only allow admin users to load the rating settings page as it's a global setting that affects the entire site.
|
| 101 |
+
* Remove the "Add Poll" button from the classic post editor as it was broken. Add section to readme.txt with a link to bookmark if the wp-admin editor is still needed.
|
| 102 |
|
| 103 |
= 3.0.9
|
| 104 |
* Prevent warnings due to by-ref arguments
|
