Post Snippets - Version 3.0.21

Version Description

Download this release

Release Info

Developer wpexpertsio
Plugin Icon 128x128 Post Snippets
Version 3.0.21
Comparing to
See all releases

Code changes from version 3.0.20 to 3.0.21

Files changed (4) hide show
  1. assets/post-snippets.js +4 -2
  2. post-snippets.php +2 -2
  3. readme.txt +6 -2
  4. src/PostSnippets/Admin.php +10 -0
assets/post-snippets.js CHANGED
@@ -129,7 +129,8 @@ jQuery(document).ready(function ($) {
129
  var data = {
130
  'action': 'update_post_snippet_title',
131
  'key': key,
132
- 'title': title
 
133
  };
134
  $.post(ajaxurl, data, function (res) {
135
  if(res.success){
@@ -162,7 +163,8 @@ jQuery(document).ready(function ($) {
162
  'shortcode': $("#shortcode-" + key).get(0).checked ? 1 : 0,
163
  'php': snippet_php,
164
  'wptexturize': $("#wptexturize-" + key).get(0).checked ? 1 : 0,
165
- 'title' : title
 
166
  };
167
  $.post(ajaxurl, data, function (res) {
168
  if(res.success){
129
  var data = {
130
  'action': 'update_post_snippet_title',
131
  'key': key,
132
+ 'title': title,
133
+ 'save_title_nonce' : post_snippets.save_title_nonce
134
  };
135
  $.post(ajaxurl, data, function (res) {
136
  if(res.success){
163
  'shortcode': $("#shortcode-" + key).get(0).checked ? 1 : 0,
164
  'php': snippet_php,
165
  'wptexturize': $("#wptexturize-" + key).get(0).checked ? 1 : 0,
166
+ 'title' : title,
167
+ 'update_snippet_nonce' : post_snippets.update_snippet_nonce,
168
  };
169
  $.post(ajaxurl, data, function (res) {
170
  if(res.success){
post-snippets.php CHANGED
@@ -12,7 +12,7 @@
12
  * Plugin Name: Post Snippets
13
  * Plugin URI: https://www.postsnippets.com
14
  * Description: Create a library of reusable content and insert it into your posts and pages. Navigate to "Settings > Post Snippets" to get started.
15
- * Version: 3.0.20
16
  * Author: Postsnippets
17
  * Author URI: https://www.postsnippets.com
18
  * License: GPL-2.0+
@@ -94,7 +94,7 @@ if ( !function_exists( 'postsnippets_fs' ) ) {
94
  define( 'PS_MAIN_FILE', basename( __FILE__ ) );
95
  }
96
  if ( !defined( 'PS_VERSION' ) ) {
97
- define( 'PS_VERSION', '3.0.20' );
98
  }
99
  if ( !defined( 'PS_MAIN_FILE_PATH' ) ) {
100
  define( 'PS_MAIN_FILE_PATH', __FILE__ );
12
  * Plugin Name: Post Snippets
13
  * Plugin URI: https://www.postsnippets.com
14
  * Description: Create a library of reusable content and insert it into your posts and pages. Navigate to "Settings > Post Snippets" to get started.
15
+ * Version: 3.0.21
16
  * Author: Postsnippets
17
  * Author URI: https://www.postsnippets.com
18
  * License: GPL-2.0+
94
  define( 'PS_MAIN_FILE', basename( __FILE__ ) );
95
  }
96
  if ( !defined( 'PS_VERSION' ) ) {
97
+ define( 'PS_VERSION', '3.0.21' );
98
  }
99
  if ( !defined( 'PS_MAIN_FILE_PATH' ) ) {
100
  define( 'PS_MAIN_FILE_PATH', __FILE__ );
readme.txt CHANGED
@@ -2,9 +2,9 @@
2
  Contributors: wpexpertsio
3
  Tags: custom snippet, custom shortcode, snippet, snippets, shortcode, shortcodes, block, blocks, html
4
  Requires at least: 3.3
5
- Tested up to: 5.4
6
  Requires PHP: 5.3
7
- Stable tag: 3.0.20
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -107,6 +107,10 @@ your clients to be able to use PHP code in a post snippet.
107
 
108
  == Changelog ==
109
 
 
 
 
 
110
  = Version 3.0.20 - 30 Apr 2020 =
111
 
112
  * Fixed - Saving breaks when PHP snippets are disabled
2
  Contributors: wpexpertsio
3
  Tags: custom snippet, custom shortcode, snippet, snippets, shortcode, shortcodes, block, blocks, html
4
  Requires at least: 3.3
5
+ Tested up to: 5.4.1
6
  Requires PHP: 5.3
7
+ Stable tag: 3.0.21
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
107
 
108
  == Changelog ==
109
 
110
+ = Version 3.0.21 - 2 May 2020 =
111
+
112
+ * Improvement - Code Optimized to improve security
113
+
114
  = Version 3.0.20 - 30 Apr 2020 =
115
 
116
  * Fixed - Saving breaks when PHP snippets are disabled
src/PostSnippets/Admin.php CHANGED
@@ -154,6 +154,8 @@ class Admin
154
  // Localize the strings in the script
155
  $translation_array = array(
156
  'invalid_shortcode' => __( 'Invalid shortcode name', 'post-snippets' ),
 
 
157
  );
158
  wp_localize_script( 'post-snippets', 'post_snippets', $translation_array );
159
  // Add CSS for Pro features page
@@ -1014,6 +1016,11 @@ class Admin
1014
  if ( !isset( $_POST['key'] ) || empty($_POST['title']) ) {
1015
  wp_send_json_error();
1016
  }
 
 
 
 
 
1017
  if ( !current_user_can( 'manage_options' ) ) {
1018
  wp_send_json_error();
1019
  }
@@ -1048,6 +1055,9 @@ class Admin
1048
  if ( !isset( $_POST['key'] ) ) {
1049
  wp_send_json_error();
1050
  }
 
 
 
1051
  if ( !current_user_can( 'manage_options' ) ) {
1052
  wp_send_json_error();
1053
  }
154
  // Localize the strings in the script
155
  $translation_array = array(
156
  'invalid_shortcode' => __( 'Invalid shortcode name', 'post-snippets' ),
157
+ 'save_title_nonce' => wp_create_nonce('ps-save-title-nonce'),
158
+ 'update_snippet_nonce' => wp_create_nonce('ps-update-snippet-nonce'),
159
  );
160
  wp_localize_script( 'post-snippets', 'post_snippets', $translation_array );
161
  // Add CSS for Pro features page
1016
  if ( !isset( $_POST['key'] ) || empty($_POST['title']) ) {
1017
  wp_send_json_error();
1018
  }
1019
+
1020
+ if ( !wp_verify_nonce( $_POST['save_title_nonce'], 'ps-save-title-nonce' ) ) {
1021
+ wp_send_json_error();
1022
+ }
1023
+
1024
  if ( !current_user_can( 'manage_options' ) ) {
1025
  wp_send_json_error();
1026
  }
1055
  if ( !isset( $_POST['key'] ) ) {
1056
  wp_send_json_error();
1057
  }
1058
+ if ( !wp_verify_nonce( $_POST['update_snippet_nonce'], 'ps-update-snippet-nonce' ) ) {
1059
+ wp_send_json_error();
1060
+ }
1061
  if ( !current_user_can( 'manage_options' ) ) {
1062
  wp_send_json_error();
1063
  }