Version Description
- Escape HTML for custom text if users do not have capability
- Tested against 6.0
Download this release
Release Info
| Developer | printfriendly |
| Plugin |  Print, PDF, Email by PrintFriendly |
| Version | 5.2.3 |
| Comparing to | |
| See all releases | |
Code changes from version 5.2.2 to 5.2.3
- pf.php +15 -9
- readme.txt +6 -2
- views/tabs.php +1 -1
pf.php
CHANGED
|
@@ -1,11 +1,11 @@
|
|
| 1 |
-
<?php
|
| 2 |
|
| 3 |
/*
|
| 4 |
Plugin Name: Print, PDF & Email by PrintFriendly
|
| 5 |
Plugin URI: http://www.printfriendly.com
|
| 6 |
Description: PrintFriendly & PDF button for your website. Optimizes your pages and brand for print, pdf, and email.
|
| 7 |
Name and URL are included to ensure repeat visitors and new visitors when printed versions are shared.
|
| 8 |
-
Version: 5.2.
|
| 9 |
Author: Print, PDF, & Email by PrintFriendly
|
| 10 |
Author URI: http://www.printfriendly.com
|
| 11 |
Domain Path: /languages
|
|
@@ -35,13 +35,12 @@ if (! class_exists('PrintFriendly_WordPress')) {
|
|
| 35 |
*/
|
| 36 |
class PrintFriendly_WordPress
|
| 37 |
{
|
| 38 |
-
|
| 39 |
/**
|
| 40 |
* Current plugin version.
|
| 41 |
*
|
| 42 |
* @var string
|
| 43 |
*/
|
| 44 |
-
var $plugin_version = '5.2.
|
| 45 |
/**
|
| 46 |
* The hook, used for text domain as well as hooks on pages and in get requests for admin.
|
| 47 |
*
|
|
@@ -77,7 +76,7 @@ if (! class_exists('PrintFriendly_WordPress')) {
|
|
| 77 |
*
|
| 78 |
* @var array
|
| 79 |
*/
|
| 80 |
-
private static $_buttons = array(
|
| 81 |
'buttons/printfriendly-pdf-email-button.png' => array( 'width' => 170, 'height' => 24 ),
|
| 82 |
'buttons/printfriendly-pdf-email-button-md.png' => array( 'width' => 194, 'height' => 30 ),
|
| 83 |
'buttons/printfriendly-pdf-email-button-notext.png' => array( 'width' => 110, 'height' => 30 ),
|
|
@@ -1299,9 +1298,8 @@ if (! class_exists('PrintFriendly_WordPress')) {
|
|
| 1299 |
$return = '<img src="' . esc_url($this->options['custom_button_icon']) . '" alt="Print Friendly, PDF & Email" class="pf-button-img" style="' . $imgStyle . '" />';
|
| 1300 |
}
|
| 1301 |
|
| 1302 |
-
// esc_html is deliberately not used here
|
| 1303 |
if ($this->options['custom_button_text'] === 'custom-text') {
|
| 1304 |
-
$return .= sprintf('<span id="printfriendly-text2" class="pf-button-text">%s</span>', $this->options['custom_text']);
|
| 1305 |
}
|
| 1306 |
|
| 1307 |
return $return;
|
|
@@ -1363,8 +1361,7 @@ if (! class_exists('PrintFriendly_WordPress')) {
|
|
| 1363 |
$style .= 'color: ' . $this->options['text_color'] . ';';
|
| 1364 |
}
|
| 1365 |
|
| 1366 |
-
|
| 1367 |
-
$button_preview = sprintf('<span><span id="pf-custom-button-preview" class="pf-button-img">%s</span><span id="printfriendly-text2" class="pf-button-text" style="%s">%s</span></span>', $img, $style, $button_text);
|
| 1368 |
|
| 1369 |
echo $button_preview;
|
| 1370 |
}
|
|
@@ -1510,6 +1507,15 @@ if (! class_exists('PrintFriendly_WordPress')) {
|
|
| 1510 |
}
|
| 1511 |
}
|
| 1512 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1513 |
/**
|
| 1514 |
* Returns if the user is a pro user.
|
| 1515 |
*/
|
| 1 |
+
<?php // phpcs:ignore PSR1.Files.SideEffects.FoundWithSymbols
|
| 2 |
|
| 3 |
/*
|
| 4 |
Plugin Name: Print, PDF & Email by PrintFriendly
|
| 5 |
Plugin URI: http://www.printfriendly.com
|
| 6 |
Description: PrintFriendly & PDF button for your website. Optimizes your pages and brand for print, pdf, and email.
|
| 7 |
Name and URL are included to ensure repeat visitors and new visitors when printed versions are shared.
|
| 8 |
+
Version: 5.2.3
|
| 9 |
Author: Print, PDF, & Email by PrintFriendly
|
| 10 |
Author URI: http://www.printfriendly.com
|
| 11 |
Domain Path: /languages
|
| 35 |
*/
|
| 36 |
class PrintFriendly_WordPress
|
| 37 |
{
|
|
|
|
| 38 |
/**
|
| 39 |
* Current plugin version.
|
| 40 |
*
|
| 41 |
* @var string
|
| 42 |
*/
|
| 43 |
+
var $plugin_version = '5.2.3';
|
| 44 |
/**
|
| 45 |
* The hook, used for text domain as well as hooks on pages and in get requests for admin.
|
| 46 |
*
|
| 76 |
*
|
| 77 |
* @var array
|
| 78 |
*/
|
| 79 |
+
private static $_buttons = array( // phpcs:ignore PSR2.Classes.PropertyDeclaration.Underscore
|
| 80 |
'buttons/printfriendly-pdf-email-button.png' => array( 'width' => 170, 'height' => 24 ),
|
| 81 |
'buttons/printfriendly-pdf-email-button-md.png' => array( 'width' => 194, 'height' => 30 ),
|
| 82 |
'buttons/printfriendly-pdf-email-button-notext.png' => array( 'width' => 110, 'height' => 30 ),
|
| 1298 |
$return = '<img src="' . esc_url($this->options['custom_button_icon']) . '" alt="Print Friendly, PDF & Email" class="pf-button-img" style="' . $imgStyle . '" />';
|
| 1299 |
}
|
| 1300 |
|
|
|
|
| 1301 |
if ($this->options['custom_button_text'] === 'custom-text') {
|
| 1302 |
+
$return .= sprintf('<span id="printfriendly-text2" class="pf-button-text">%s</span>', $this->esc_html_if_needed($this->options['custom_text']));
|
| 1303 |
}
|
| 1304 |
|
| 1305 |
return $return;
|
| 1361 |
$style .= 'color: ' . $this->options['text_color'] . ';';
|
| 1362 |
}
|
| 1363 |
|
| 1364 |
+
$button_preview = sprintf('<span><span id="pf-custom-button-preview" class="pf-button-img">%s</span><span id="printfriendly-text2" class="pf-button-text" style="%s">%s</span></span>', $img, $style, $this->esc_html_if_needed($button_text));
|
|
|
|
| 1365 |
|
| 1366 |
echo $button_preview;
|
| 1367 |
}
|
| 1507 |
}
|
| 1508 |
}
|
| 1509 |
|
| 1510 |
+
function esc_html_if_needed($input)
|
| 1511 |
+
{
|
| 1512 |
+
if (current_user_can('unfiltered_html')) {
|
| 1513 |
+
return $input;
|
| 1514 |
+
} else {
|
| 1515 |
+
return esc_html($input);
|
| 1516 |
+
}
|
| 1517 |
+
}
|
| 1518 |
+
|
| 1519 |
/**
|
| 1520 |
* Returns if the user is a pro user.
|
| 1521 |
*/
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: printfriendly, joostdevalk, jrf, rozroz
|
| 3 |
Tags: print, pdf, email, woocommerce print, woocommerce pdf, print plugin, print button, pdf plugin, pdf button
|
| 4 |
Requires at least: 4.9
|
| 5 |
-
Tested up to:
|
| 6 |
-
Stable tag: 5.2.
|
| 7 |
|
| 8 |
|
| 9 |
The #1 Print, PDF, Email button. Stylish, full featured, customizable. Add custom header, footer, and more.
|
|
@@ -144,6 +144,10 @@ You can [hide the Print, PDF, and Email button](https://support.printfriendly.co
|
|
| 144 |
|
| 145 |
== Changelog ==
|
| 146 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 147 |
= 5.2.2 =
|
| 148 |
* Better detection of Google Analytics
|
| 149 |
|
| 2 |
Contributors: printfriendly, joostdevalk, jrf, rozroz
|
| 3 |
Tags: print, pdf, email, woocommerce print, woocommerce pdf, print plugin, print button, pdf plugin, pdf button
|
| 4 |
Requires at least: 4.9
|
| 5 |
+
Tested up to: 6.0
|
| 6 |
+
Stable tag: 5.2.3
|
| 7 |
|
| 8 |
|
| 9 |
The #1 Print, PDF, Email button. Stylish, full featured, customizable. Add custom header, footer, and more.
|
| 144 |
|
| 145 |
== Changelog ==
|
| 146 |
|
| 147 |
+
= 5.2.3 =
|
| 148 |
+
* Escape HTML for custom text if users do not have capability
|
| 149 |
+
* Tested against 6.0
|
| 150 |
+
|
| 151 |
= 5.2.2 =
|
| 152 |
* Better detection of Google Analytics
|
| 153 |
|
views/tabs.php
CHANGED
|
@@ -273,7 +273,7 @@
|
|
| 273 |
</div>
|
| 274 |
</div>
|
| 275 |
|
| 276 |
-
<div class="pf-bu-block pf-bu-card">
|
| 277 |
<header class="pf-bu-card-header">
|
| 278 |
<p class="pf-bu-card-header-title">
|
| 279 |
<?php _e('Button Display', 'printfriendly'); ?>
|
| 273 |
</div>
|
| 274 |
</div>
|
| 275 |
|
| 276 |
+
<div class="pf-bu-block pf-bu-card" id="button-display-setting">
|
| 277 |
<header class="pf-bu-card-header">
|
| 278 |
<p class="pf-bu-card-header-title">
|
| 279 |
<?php _e('Button Display', 'printfriendly'); ?>
|
