Relevanssi – A Better Search - Version 4.14.5

Version Description

  • Security fix: Any registered user could empty the Relevanssi index by triggering the index truncate AJAX action. That is no longer possible.
  • New feature: The [searchform] shortcode has a new parameter, 'checklist', which you can use to create taxonomy checklists.
  • Changed behaviour: The relevanssi_search_again parameter array has more parameters the filter can modify.
  • Changed behaviour: The relevanssi_show_matches filter hook gets the post object as the second parameter.
  • Minor fix: The cats and tags parameters work better and support array values.
Download this release

Release Info

Developer msaari
Plugin Icon 128x128 Relevanssi – A Better Search
Version 4.14.5
Comparing to
See all releases

Code changes from version 4.14.4 to 4.14.5

Files changed (8) hide show
  1. lib/admin-ajax.php +2 -0
  2. lib/admin_scripts_free.js +1 -0
  3. lib/common.php +6 -1
  4. lib/search.php +35 -21
  5. lib/shortcodes.php +27 -2
  6. lib/utils.php +2 -1
  7. readme.txt +12 -2
  8. relevanssi.php +2 -2
lib/admin-ajax.php CHANGED
@@ -23,6 +23,8 @@ add_action( 'wp_ajax_nopriv_relevanssi_update_counts', 'relevanssi_update_counts
23
  * Wipes the index clean using relevanssi_truncate_index().
24
  */
25
  function relevanssi_truncate_index_ajax_wrapper() {
 
 
26
  $response = relevanssi_truncate_index();
27
  echo wp_json_encode( $response );
28
  wp_die();
23
  * Wipes the index clean using relevanssi_truncate_index().
24
  */
25
  function relevanssi_truncate_index_ajax_wrapper() {
26
+ check_ajax_referer( 'relevanssi_indexing_nonce', 'security' );
27
+
28
  $response = relevanssi_truncate_index();
29
  echo wp_json_encode( $response );
30
  wp_die();
lib/admin_scripts_free.js CHANGED
@@ -11,6 +11,7 @@ jQuery(document).ready(function ($) {
11
 
12
  var data = {
13
  action: "relevanssi_truncate_index",
 
14
  }
15
 
16
  intervalID = window.setInterval(relevanssiUpdateClock, 1000)
11
 
12
  var data = {
13
  action: "relevanssi_truncate_index",
14
+ security: nonce.indexing_nonce,
15
  }
16
 
17
  intervalID = window.setInterval(relevanssiUpdateClock, 1000)
lib/common.php CHANGED
@@ -99,8 +99,9 @@ function relevanssi_show_matches( $post ) {
99
  * filter lets you modify the breakdown before it is added to the excerpt.
100
  *
101
  * @param string $result The breakdown.
 
102
  */
103
- return apply_filters( 'relevanssi_show_matches', $result );
104
  }
105
 
106
  /**
@@ -1263,6 +1264,10 @@ function relevanssi_filter_custom_fields( $values, $field ) {
1263
  $values = array();
1264
  }
1265
 
 
 
 
 
1266
  $values = array_map(
1267
  function( $value ) {
1268
  if ( is_string( $value ) && 'field_' === substr( $value, 0, 6 ) ) {
99
  * filter lets you modify the breakdown before it is added to the excerpt.
100
  *
101
  * @param string $result The breakdown.
102
+ * @param object $post The post object
103
  */
104
+ return apply_filters( 'relevanssi_show_matches', $result, $post );
105
  }
106
 
107
  /**
1264
  $values = array();
1265
  }
1266
 
1267
+ if ( ! $values ) {
1268
+ return $values;
1269
+ }
1270
+
1271
  $values = array_map(
1272
  function( $value ) {
1273
  if ( is_string( $value ) && 'field_' === substr( $value, 0, 6 ) ) {
lib/search.php CHANGED
@@ -321,23 +321,21 @@ function relevanssi_search( $args ) {
321
  }
322
  }
323
 
324
- if ( $no_matches ) {
325
- if ( $search_again ) {
326
- // No hits even with fuzzy search!
327
- $search_again = false;
328
- } else {
329
- if ( 'sometimes' === $fuzzy ) {
330
- $search_again = true;
331
- }
332
- }
333
- } else {
334
  $search_again = false;
 
 
335
  }
 
336
  $params = array(
337
- 'no_matches' => $no_matches,
338
- 'doc_weight' => $doc_weight,
339
- 'terms' => $terms,
340
- 'search_again' => $search_again,
 
 
 
 
341
  );
342
  /**
343
  * Filters the parameters for fallback search.
@@ -348,11 +346,15 @@ function relevanssi_search( $args ) {
348
  *
349
  * @param array The search parameters.
350
  */
351
- $params = apply_filters( 'relevanssi_search_again', $params );
352
- $search_again = $params['search_again'];
353
- $terms = $params['terms'];
354
- $doc_weight = $params['doc_weight'];
355
- $no_matches = $params['no_matches'];
 
 
 
 
356
  } while ( $search_again );
357
 
358
  if ( ! $remove_stopwords ) {
@@ -914,6 +916,7 @@ function relevanssi_compile_search_args( $query, $q ) {
914
  * @param string The default relation, default 'AND'.
915
  */
916
  $tax_query_relation = apply_filters( 'relevanssi_default_tax_query_relation', 'AND' );
 
917
  if ( isset( $query->tax_query ) && empty( $query->tax_query->queries ) ) {
918
  // Tax query is empty, let's get rid of it.
919
  $query->tax_query = null;
@@ -935,14 +938,21 @@ function relevanssi_compile_search_args( $query, $q ) {
935
  }
936
  if ( is_string( $type ) && 'queries' === $type ) {
937
  foreach ( $item as $tax_query_row ) {
 
 
 
938
  $tax_query[] = $tax_query_row;
939
  }
940
  }
941
  }
942
- } else {
 
943
  $cat = false;
944
  if ( isset( $query->query_vars['cats'] ) ) {
945
  $cat = $query->query_vars['cats'];
 
 
 
946
  }
947
  if ( empty( $cat ) ) {
948
  $cat = get_option( 'relevanssi_cat' );
@@ -951,8 +961,9 @@ function relevanssi_compile_search_args( $query, $q ) {
951
  $cat = explode( ',', $cat );
952
  $tax_query[] = array(
953
  'taxonomy' => 'category',
954
- 'field' => 'id',
955
  'terms' => $cat,
 
956
  );
957
  }
958
  $excat = get_option( 'relevanssi_excat' );
@@ -973,6 +984,9 @@ function relevanssi_compile_search_args( $query, $q ) {
973
  $tag = false;
974
  if ( ! empty( $query->query_vars['tags'] ) ) {
975
  $tag = $query->query_vars['tags'];
 
 
 
976
  if ( false !== strpos( $tag, '+' ) ) {
977
  $tag = explode( '+', $tag );
978
  $operator = 'AND';
321
  }
322
  }
323
 
324
+ if ( $search_again ) {
 
 
 
 
 
 
 
 
 
325
  $search_again = false;
326
+ } elseif ( $no_matches && ! $search_again && 'sometimes' === $fuzzy ) {
327
+ $search_again = true;
328
  }
329
+
330
  $params = array(
331
+ 'doc_weight' => $doc_weight,
332
+ 'no_matches' => $no_matches,
333
+ 'operator' => $operator,
334
+ 'phrase_queries' => $phrase_queries,
335
+ 'query_join' => $query_join,
336
+ 'query_restrictions' => $query_restrictions,
337
+ 'search_again' => $search_again,
338
+ 'terms' => $terms,
339
  );
340
  /**
341
  * Filters the parameters for fallback search.
346
  *
347
  * @param array The search parameters.
348
  */
349
+ $params = apply_filters( 'relevanssi_search_again', $params );
350
+ $doc_weight = $params['doc_weight'];
351
+ $no_matches = $params['no_matches'];
352
+ $operator = $params['operator'];
353
+ $phrase_queries = $params['phrase_queries'];
354
+ $query_join = $params['query_join'];
355
+ $query_restrictions = $params['query_restrictions'];
356
+ $search_again = $params['search_again'];
357
+ $terms = $params['terms'];
358
  } while ( $search_again );
359
 
360
  if ( ! $remove_stopwords ) {
916
  * @param string The default relation, default 'AND'.
917
  */
918
  $tax_query_relation = apply_filters( 'relevanssi_default_tax_query_relation', 'AND' );
919
+ $terms_found = false;
920
  if ( isset( $query->tax_query ) && empty( $query->tax_query->queries ) ) {
921
  // Tax query is empty, let's get rid of it.
922
  $query->tax_query = null;
938
  }
939
  if ( is_string( $type ) && 'queries' === $type ) {
940
  foreach ( $item as $tax_query_row ) {
941
+ if ( isset( $tax_query_row['terms'] ) ) {
942
+ $terms_found = true;
943
+ }
944
  $tax_query[] = $tax_query_row;
945
  }
946
  }
947
  }
948
+ }
949
+ if ( ! $terms_found ) {
950
  $cat = false;
951
  if ( isset( $query->query_vars['cats'] ) ) {
952
  $cat = $query->query_vars['cats'];
953
+ if ( is_array( $cat ) ) {
954
+ $cat = implode( ',', $cat );
955
+ }
956
  }
957
  if ( empty( $cat ) ) {
958
  $cat = get_option( 'relevanssi_cat' );
961
  $cat = explode( ',', $cat );
962
  $tax_query[] = array(
963
  'taxonomy' => 'category',
964
+ 'field' => 'term_id',
965
  'terms' => $cat,
966
+ 'operator' => 'IN',
967
  );
968
  }
969
  $excat = get_option( 'relevanssi_excat' );
984
  $tag = false;
985
  if ( ! empty( $query->query_vars['tags'] ) ) {
986
  $tag = $query->query_vars['tags'];
987
+ if ( is_array( $tag ) ) {
988
+ $tag = implode( ',', $tag );
989
+ }
990
  if ( false !== strpos( $tag, '+' ) ) {
991
  $tag = explode( '+', $tag );
992
  $operator = 'AND';
lib/shortcodes.php CHANGED
@@ -114,6 +114,9 @@ function relevanssi_search_form( $atts ) {
114
  if ( 'dropdown' === substr( $key, 0, 8 ) ) {
115
  $key = 'dropdown';
116
  }
 
 
 
117
  if ( 'post_type_boxes' === $key ) {
118
  $post_types = explode( ',', $value );
119
  if ( is_array( $post_types ) ) {
@@ -164,6 +167,27 @@ function relevanssi_search_form( $atts ) {
164
  'name' => $name,
165
  );
166
  $additional_fields[] = wp_dropdown_categories( $args );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
167
  } else {
168
  $key = esc_attr( $key );
169
  $value = esc_attr( $value );
@@ -176,7 +200,8 @@ function relevanssi_search_form( $atts ) {
176
  /**
177
  * Filters the Relevanssi shortcode search form before it's used.
178
  *
179
- * @param string The form HTML code.
 
180
  */
181
- return apply_filters( 'relevanssi_search_form', $form );
182
  }
114
  if ( 'dropdown' === substr( $key, 0, 8 ) ) {
115
  $key = 'dropdown';
116
  }
117
+ if ( 'checklist' === substr( $key, 0, 9 ) ) {
118
+ $key = 'checklist';
119
+ }
120
  if ( 'post_type_boxes' === $key ) {
121
  $post_types = explode( ',', $value );
122
  if ( is_array( $post_types ) ) {
167
  'name' => $name,
168
  );
169
  $additional_fields[] = wp_dropdown_categories( $args );
170
+ } elseif ( 'checklist' === $key && 'post_type' !== $value ) {
171
+ $name = $value;
172
+ if ( 'category' === $value ) {
173
+ $name = 'cat';
174
+ }
175
+ if ( 'post_tag' === $value ) {
176
+ $name = 'tag';
177
+ }
178
+ $args = array(
179
+ 'taxonomy' => $value,
180
+ 'echo' => 0,
181
+ );
182
+ if ( ! function_exists( 'wp_terms_checklist' ) ) {
183
+ include ABSPATH . 'wp-admin/includes/template.php';
184
+ }
185
+ $checklist = wp_terms_checklist( 0, $args );
186
+ $checklist = str_replace( 'post_category', 'cats', $checklist );
187
+ $checklist = str_replace( 'tax_input[post_tag]', 'tags', $checklist );
188
+ $checklist = str_replace( "disabled='disabled'", '', $checklist );
189
+ $checklist = preg_replace( '/tax_input\[(.*?)\]/', '\1', $checklist );
190
+ $additional_fields[] = $checklist;
191
  } else {
192
  $key = esc_attr( $key );
193
  $value = esc_attr( $value );
200
  /**
201
  * Filters the Relevanssi shortcode search form before it's used.
202
  *
203
+ * @param string $form The form HTML code.
204
+ * @param array $atts The shortcode attributes.
205
  */
206
+ return apply_filters( 'relevanssi_search_form', $form, $atts );
207
  }
lib/utils.php CHANGED
@@ -413,8 +413,9 @@ function relevanssi_get_current_language( bool $locale = true ) {
413
  }
414
  if ( is_wp_error( $language_details ) ) {
415
  $current_language = apply_filters( 'wpml_current_language', null );
 
 
416
  }
417
- $current_language = $language_details[ $locale ? 'locale' : 'language_code' ];
418
  } else {
419
  if ( $locale ) {
420
  $languages = apply_filters( 'wpml_active_languages', null );
413
  }
414
  if ( is_wp_error( $language_details ) ) {
415
  $current_language = apply_filters( 'wpml_current_language', null );
416
+ } else {
417
+ $current_language = $language_details[ $locale ? 'locale' : 'language_code' ];
418
  }
 
419
  } else {
420
  if ( $locale ) {
421
  $languages = apply_filters( 'wpml_active_languages', null );
readme.txt CHANGED
@@ -3,9 +3,9 @@ Contributors: msaari
3
  Donate link: https://www.relevanssi.com/buy-premium/
4
  Tags: search, relevance, better search, product search, woocommerce search
5
  Requires at least: 4.9
6
- Tested up to: 5.8.1
7
  Requires PHP: 7.0
8
- Stable tag: 4.14.4
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
@@ -128,6 +128,13 @@ Each document database is full of useless words. All the little words that appea
128
  * John Calahan for extensive 4.0 beta testing.
129
 
130
  == Changelog ==
 
 
 
 
 
 
 
131
  = 4.14.4 =
132
  * Minor fix: `relevanssi_orderby` did not always accept an array-format orderby parameter.
133
  * Minor fix: Removes a highlighting problem stemming from uppercase search terms.
@@ -255,6 +262,9 @@ Each document database is full of useless words. All the little words that appea
255
  * Minor fix: In some cases, having less than or greater than symbols in PDF content would block that PDF content from being indexed.
256
 
257
  == Upgrade notice ==
 
 
 
258
  = 4.14.4 =
259
  * Small bug fixes.
260
 
3
  Donate link: https://www.relevanssi.com/buy-premium/
4
  Tags: search, relevance, better search, product search, woocommerce search
5
  Requires at least: 4.9
6
+ Tested up to: 5.8.2
7
  Requires PHP: 7.0
8
+ Stable tag: 4.14.5
9
  License: GPLv2 or later
10
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
128
  * John Calahan for extensive 4.0 beta testing.
129
 
130
  == Changelog ==
131
+ = 4.14.5 =
132
+ * Security fix: Any registered user could empty the Relevanssi index by triggering the index truncate AJAX action. That is no longer possible.
133
+ * New feature: The [searchform] shortcode has a new parameter, 'checklist', which you can use to create taxonomy checklists.
134
+ * Changed behaviour: The `relevanssi_search_again` parameter array has more parameters the filter can modify.
135
+ * Changed behaviour: The `relevanssi_show_matches` filter hook gets the post object as the second parameter.
136
+ * Minor fix: The `cats` and `tags` parameters work better and support array values.
137
+
138
  = 4.14.4 =
139
  * Minor fix: `relevanssi_orderby` did not always accept an array-format orderby parameter.
140
  * Minor fix: Removes a highlighting problem stemming from uppercase search terms.
262
  * Minor fix: In some cases, having less than or greater than symbols in PDF content would block that PDF content from being indexed.
263
 
264
  == Upgrade notice ==
265
+ = 4.14.5 =
266
+ * Security fix: registered users could delete the Relevanssi index.
267
+
268
  = 4.14.4 =
269
  * Small bug fixes.
270
 
relevanssi.php CHANGED
@@ -13,7 +13,7 @@
13
  * Plugin Name: Relevanssi
14
  * Plugin URI: https://www.relevanssi.com/
15
  * Description: This plugin replaces WordPress search with a relevance-sorting search.
16
- * Version: 4.14.4
17
  * Author: Mikko Saari
18
  * Author URI: http://www.mikkosaari.fi/
19
  * Text Domain: relevanssi
@@ -67,7 +67,7 @@ $relevanssi_variables['database_version'] = 6;
67
  $relevanssi_variables['file'] = __FILE__;
68
  $relevanssi_variables['plugin_dir'] = plugin_dir_path( __FILE__ );
69
  $relevanssi_variables['plugin_basename'] = plugin_basename( __FILE__ );
70
- $relevanssi_variables['plugin_version'] = '4.14.4';
71
 
72
  require_once 'lib/admin-ajax.php';
73
  require_once 'lib/common.php';
13
  * Plugin Name: Relevanssi
14
  * Plugin URI: https://www.relevanssi.com/
15
  * Description: This plugin replaces WordPress search with a relevance-sorting search.
16
+ * Version: 4.14.5
17
  * Author: Mikko Saari
18
  * Author URI: http://www.mikkosaari.fi/
19
  * Text Domain: relevanssi
67
  $relevanssi_variables['file'] = __FILE__;
68
  $relevanssi_variables['plugin_dir'] = plugin_dir_path( __FILE__ );
69
  $relevanssi_variables['plugin_basename'] = plugin_basename( __FILE__ );
70
+ $relevanssi_variables['plugin_version'] = '4.14.5';
71
 
72
  require_once 'lib/admin-ajax.php';
73
  require_once 'lib/common.php';