Responsive Add Ons - Version 2.2.4

Version Description

4th March 2020 =
Added - Improved security using nonce

Release Info

Developer	cyberchimps
Plugin	Responsive Add Ons
Version	2.2.4
Comparing to
See all releases

Code changes from version 2.2.3 to 2.2.4

Files changed (4) hide show

admin/js/responsive-ready-sites-admin.js +34 -6
includes/importers/class-responsive-ready-sites-importer.php +85 -0
readme.txt +5 -2
responsive-add-ons.php +21 -7

admin/js/responsive-ready-sites-admin.js CHANGED Viewed

	@@ -243,6 +243,7 @@ var ResponsiveSitesAjaxQueue = (function() {
243	slug: ResponsiveSitesAdmin.active_site_slug,
244	title: ResponsiveSitesAdmin.active_site_title,
245	featured_image_url: ResponsiveSitesAdmin.active_site_featured_image_url,

246	}
247	}
248	)
	@@ -446,6 +447,7 @@ var ResponsiveSitesAjaxQueue = (function() {
446	data : {
447	action : 'responsive-ready-sites-import-wpforms',
448	wpforms_path : ResponsiveSitesAdmin.wpforms_path,

449	},
450	}
451	)
	@@ -477,6 +479,7 @@ var ResponsiveSitesAjaxQueue = (function() {
477	data: {
478	action: 'responsive-ready-sites-import-customizer-settings',
479	site_customizer_data: ResponsiveSitesAdmin.site_customizer_data,

480	},
481	beforeSend: function () {
482	$( '.responsive-ready-sites-import-customizer .responsive-ready-sites-tooltip-icon' ).addClass( 'processing-import' );
	@@ -514,6 +517,7 @@ var ResponsiveSitesAjaxQueue = (function() {
514	data : {
515	action : 'responsive-ready-sites-import-options',
516	options_data : ResponsiveSitesAdmin.site_options_data,

517	},
518	}
519	)
	@@ -549,6 +553,7 @@ var ResponsiveSitesAjaxQueue = (function() {
549	data : {
550	action : 'responsive-ready-sites-import-widgets',
551	widgets_data : ResponsiveSitesAdmin.widgets_data,

552	},
553	}
554	)
	@@ -692,6 +697,7 @@ var ResponsiveSitesAjaxQueue = (function() {
692	dataType: 'json',
693	data: {
694	'action': 'check-responsive-add-ons-pro-license-active',

695	}
696	}
697	)
	@@ -718,6 +724,7 @@ var ResponsiveSitesAjaxQueue = (function() {
718	dataType: 'json',
719	data: {
720	'action': 'check-responsive-add-ons-pro-installed',

721	}
722	}
723	)
	@@ -750,6 +757,7 @@ var ResponsiveSitesAjaxQueue = (function() {
750	data: {
751	'action' : 'responsive-ready-sites-required-plugin-activate',
752	'init' : single_plugin.init,

753	},
754	success: function( result ){
755
	@@ -822,6 +830,7 @@ var ResponsiveSitesAjaxQueue = (function() {
822	data: {
823	action: 'responsive-ready-sites-import-xml',
824	xml_path: ResponsiveSitesAdmin.xml_path,

825	},
826	beforeSend: function () {
827	$( '.responsive-ready-sites-import-process-wrap' ).show();
	@@ -962,6 +971,7 @@ var ResponsiveSitesAjaxQueue = (function() {
962	type : 'POST',
963	data : {
964	action : 'responsive-ready-sites-set-reset-data',

965	},
966	}
967	)
	@@ -995,6 +1005,7 @@ var ResponsiveSitesAjaxQueue = (function() {
995	data : {
996	'action' : 'responsive-ready-sites-import-set-site-data-free',
997	'api_url' : apiURL,

998	},
999	}
1000	)
	@@ -1116,6 +1127,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1116	data: {
1117	'action': 'responsive-ready-sites-required-plugin-activate',
1118	'init': $init,

1119	},
1120	}
1121	)
	@@ -1157,6 +1169,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1157	type : 'POST',
1158	data : {
1159	action : 'responsive-ready-sites-backup-settings',


1160	},
1161	}
1162	)
	@@ -1189,7 +1203,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1189	url : responsiveSitesAdmin.ajaxurl,
1190	type : 'POST',
1191	data : {
1192	- action : 'responsive-ready-sites-reset-customizer-data'

1193	},
1194	}
1195	)
	@@ -1212,7 +1227,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1212	url : responsiveSitesAdmin.ajaxurl,
1213	type : 'POST',
1214	data : {
1215	- action : 'responsive-ready-sites-reset-site-options'

1216	},
1217	}
1218	)
	@@ -1235,7 +1251,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1235	url : responsiveSitesAdmin.ajaxurl,
1236	type : 'POST',
1237	data : {
1238	- action : 'responsive-ready-sites-reset-widgets-data'

1239	},
1240	}
1241	)
	@@ -1276,6 +1293,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1276	data: {
1277	action : 'responsive-ready-sites-delete-posts',
1278	post_id : post_id,

1279	},
1280	success: function( result ){
1281
	@@ -1319,6 +1337,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1319	data: {
1320	action : 'responsive-ready-sites-delete-wp-forms',
1321	post_id : post_id,

1322	},
1323	success: function( result ){
1324
	@@ -1358,6 +1377,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1358	data: {
1359	action : 'responsive-ready-sites-delete-terms',
1360	term_id : term_id,

1361	},
1362	success: function( result ){
1363	if ( ResponsiveSitesAdmin.reset_processed_terms < ResponsiveSitesAdmin.site_imported_data['reset_terms'].length ) {
	@@ -1388,7 +1408,9 @@ var ResponsiveSitesAjaxQueue = (function() {
1388	url : responsiveSitesAdmin.ajaxurl,
1389	type : 'POST',
1390	data : {
1391	- action : 'responsive-ready-sites-reset-customizer-data'


1392	},
1393	}
1394	)
	@@ -1409,7 +1431,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1409	url : responsiveSitesAdmin.ajaxurl,
1410	type : 'POST',
1411	data : {
1412	- action : 'responsive-ready-sites-reset-site-options'

1413	},
1414	}
1415	)
	@@ -1430,7 +1453,8 @@ var ResponsiveSitesAjaxQueue = (function() {
1430	url : responsiveSitesAdmin.ajaxurl,
1431	type : 'POST',
1432	data : {
1433	- action : 'responsive-ready-sites-reset-widgets-data'

1434	},
1435	}
1436	)
	@@ -1461,6 +1485,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1461	data: {
1462	action : 'responsive-ready-sites-delete-posts',
1463	post_id : post_id,

1464	},
1465	success: function( result ){
1466
	@@ -1492,6 +1517,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1492	data: {
1493	action : 'responsive-ready-sites-delete-wp-forms',
1494	post_id : post_id,

1495	},
1496	success: function( result ){
1497
	@@ -1523,6 +1549,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1523	data: {
1524	action : 'responsive-ready-sites-delete-terms',
1525	term_id : term_id,

1526	},
1527	success: function( result ){
1528	if ( ResponsiveSitesAdmin.reset_processed_terms < ResponsiveSitesAdmin.site_imported_data['reset_terms'].length ) {
	@@ -1547,6 +1574,7 @@ var ResponsiveSitesAjaxQueue = (function() {
1547	type: 'POST',
1548	data: {
1549	'action': 'responsive-is-theme-active',

1550	},
1551	}
1552	)


243	slug: ResponsiveSitesAdmin.active_site_slug,
244	title: ResponsiveSitesAdmin.active_site_title,
245	featured_image_url: ResponsiveSitesAdmin.active_site_featured_image_url,
246	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
247	}
248	}
249	)

447	data : {
448	action : 'responsive-ready-sites-import-wpforms',
449	wpforms_path : ResponsiveSitesAdmin.wpforms_path,
450	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
451	},
452	}
453	)

479	data: {
480	action: 'responsive-ready-sites-import-customizer-settings',
481	site_customizer_data: ResponsiveSitesAdmin.site_customizer_data,
482	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
483	},
484	beforeSend: function () {
485	$( '.responsive-ready-sites-import-customizer .responsive-ready-sites-tooltip-icon' ).addClass( 'processing-import' );

517	data : {
518	action : 'responsive-ready-sites-import-options',
519	options_data : ResponsiveSitesAdmin.site_options_data,
520	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
521	},
522	}
523	)

553	data : {
554	action : 'responsive-ready-sites-import-widgets',
555	widgets_data : ResponsiveSitesAdmin.widgets_data,
556	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
557	},
558	}
559	)

697	dataType: 'json',
698	data: {
699	'action': 'check-responsive-add-ons-pro-license-active',
700	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
701	}
702	}
703	)

724	dataType: 'json',
725	data: {
726	'action': 'check-responsive-add-ons-pro-installed',
727	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
728	}
729	}
730	)

757	data: {
758	'action' : 'responsive-ready-sites-required-plugin-activate',
759	'init' : single_plugin.init,
760	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
761	},
762	success: function( result ){
763

830	data: {
831	action: 'responsive-ready-sites-import-xml',
832	xml_path: ResponsiveSitesAdmin.xml_path,
833	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
834	},
835	beforeSend: function () {
836	$( '.responsive-ready-sites-import-process-wrap' ).show();

971	type : 'POST',
972	data : {
973	action : 'responsive-ready-sites-set-reset-data',
974	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
975	},
976	}
977	)

1005	data : {
1006	'action' : 'responsive-ready-sites-import-set-site-data-free',
1007	'api_url' : apiURL,
1008	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
1009	},
1010	}
1011	)

1127	data: {
1128	'action': 'responsive-ready-sites-required-plugin-activate',
1129	'init': $init,
1130	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
1131	},
1132	}
1133	)

1169	type : 'POST',
1170	data : {
1171	action : 'responsive-ready-sites-backup-settings',
1172	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1173	+
1174	},
1175	}
1176	)

1203	url : responsiveSitesAdmin.ajaxurl,
1204	type : 'POST',
1205	data : {
1206	+ action : 'responsive-ready-sites-reset-customizer-data',
1207	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1208	},
1209	}
1210	)

1227	url : responsiveSitesAdmin.ajaxurl,
1228	type : 'POST',
1229	data : {
1230	+ action : 'responsive-ready-sites-reset-site-options',
1231	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1232	},
1233	}
1234	)

1251	url : responsiveSitesAdmin.ajaxurl,
1252	type : 'POST',
1253	data : {
1254	+ action : 'responsive-ready-sites-reset-widgets-data',
1255	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1256	},
1257	}
1258	)

1293	data: {
1294	action : 'responsive-ready-sites-delete-posts',
1295	post_id : post_id,
1296	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1297	},
1298	success: function( result ){
1299

1337	data: {
1338	action : 'responsive-ready-sites-delete-wp-forms',
1339	post_id : post_id,
1340	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1341	},
1342	success: function( result ){
1343

1377	data: {
1378	action : 'responsive-ready-sites-delete-terms',
1379	term_id : term_id,
1380	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1381	},
1382	success: function( result ){
1383	if ( ResponsiveSitesAdmin.reset_processed_terms < ResponsiveSitesAdmin.site_imported_data['reset_terms'].length ) {

1408	url : responsiveSitesAdmin.ajaxurl,
1409	type : 'POST',
1410	data : {
1411	+ action : 'responsive-ready-sites-reset-customizer-data',
1412	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1413	+
1414	},
1415	}
1416	)

1431	url : responsiveSitesAdmin.ajaxurl,
1432	type : 'POST',
1433	data : {
1434	+ action : 'responsive-ready-sites-reset-site-options',
1435	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1436	},
1437	}
1438	)

1453	url : responsiveSitesAdmin.ajaxurl,
1454	type : 'POST',
1455	data : {
1456	+ action : 'responsive-ready-sites-reset-widgets-data',
1457	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1458	},
1459	}
1460	)

1485	data: {
1486	action : 'responsive-ready-sites-delete-posts',
1487	post_id : post_id,
1488	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1489	},
1490	success: function( result ){
1491

1517	data: {
1518	action : 'responsive-ready-sites-delete-wp-forms',
1519	post_id : post_id,
1520	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1521	},
1522	success: function( result ){
1523

1549	data: {
1550	action : 'responsive-ready-sites-delete-terms',
1551	term_id : term_id,
1552	+ _ajax_nonce : responsiveSitesAdmin._ajax_nonce,
1553	},
1554	success: function( result ){
1555	if ( ResponsiveSitesAdmin.reset_processed_terms < ResponsiveSitesAdmin.site_imported_data['reset_terms'].length ) {

1574	type: 'POST',
1575	data: {
1576	'action': 'responsive-is-theme-active',
1577	+ '_ajax_nonce' : responsiveSitesAdmin._ajax_nonce,
1578	},
1579	}
1580	)

includes/importers/class-responsive-ready-sites-importer.php CHANGED Viewed

	@@ -156,6 +156,8 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
156	*/
157	public function import_start() {
158


159	$demo_api_uri = isset( $_POST['api_url'] ) ? esc_url( $_POST['api_url'] ) : ''; //phpcs:ignore
160
161	if ( ! empty( $demo_api_uri ) ) {
	@@ -190,6 +192,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
190	*/
191	public function import_xml_data() {
192







193	if ( ! class_exists( 'XMLReader' ) ) {
194	wp_send_json_error( __( 'If XMLReader is not available, it imports all other settings and only skips XML import. This creates an incomplete website. We should bail early and not import anything if this is not present.', 'responsive-addons' ) );
195	}
	@@ -229,6 +238,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
229	*/
230	public function import_wpforms() {
231







232	$site_wpforms_url = ( isset( $_REQUEST['wpforms_path'] ) ) ? urldecode( $_REQUEST['wpforms_path'] ) : ''; //phpcs:ignore
233	$ids_mapping = array();
234
	@@ -302,6 +318,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
302	*/
303	public function import_customizer_settings() {
304







305	$customizer_data = ( isset( $_POST['site_customizer_data'] ) ) ? (array) json_decode( stripcslashes( $_POST['site_customizer_data'] ), 1 ) : array(); //phpcs:ignore
306
307	if ( ! empty( $customizer_data ) ) {
	@@ -345,6 +368,12 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
345	* @return void
346	*/
347	public function import_widgets() {






348
349	$widgets_data = ( isset( $_POST['widgets_data'] ) ) ? (object) json_decode( stripcslashes( $_POST['widgets_data'] ) ) : ''; //phpcs:ignore
350
	@@ -376,6 +405,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
376	*/
377	public function import_options() {
378







379	$options_data = ( isset( $_POST['options_data'] ) ) ? (array) json_decode( stripcslashes( $_POST['options_data'] ), 1 ) : '';
380
381	if ( ! empty( $options_data ) ) {
	@@ -474,6 +510,12 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
474	*/
475	public function import_end() {
476






477	$current_active_site_slug = isset( $_REQUEST['slug'] ) ? $_REQUEST['slug'] : '';
478	$current_active_site_title = isset( $_REQUEST['title'] ) ? $_REQUEST['title'] : '';
479	$current_active_site_featured_image_url = isset( $_REQUEST['featured_image_url'] ) ? $_REQUEST['featured_image_url'] : '';
	@@ -575,6 +617,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
575	*/
576	public function reset_customizer_data() {
577







578	Responsive_Ready_Sites_Importer_Log::add( 'Deleted customizer Settings ' . wp_json_encode( get_option( 'responsive_theme_options', array() ) ) );
579
580	delete_option( 'responsive_theme_options' );
	@@ -590,6 +639,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
590	*/
591	public function reset_site_options() {
592







593	$options = get_option( '_responsive_ready_sites_old_site_options', array() );
594
595	Responsive_Ready_Sites_Importer_Log::add( 'Deleted - Site Options ' . wp_json_encode( $options ) );
	@@ -610,6 +666,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
610	* @return void
611	*/
612	public function reset_widgets_data() {







613	$old_widgets = get_option( '_responsive_ready_sites_old_widgets_data', array() );
614
615	if ( $old_widgets ) {
	@@ -642,6 +705,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
642	* @return void
643	*/
644	public function delete_imported_posts( $post_id = 0 ) {







645	$post_id = isset( $_REQUEST['post_id'] ) ? absint( $_REQUEST['post_id'] ) : $post_id;
646
647	$message = '';
	@@ -663,6 +733,14 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
663	* @return void
664	*/
665	public function delete_imported_wp_forms( $post_id = 0 ) {








666	$post_id = isset( $_REQUEST['post_id'] ) ? absint( $_REQUEST['post_id'] ) : $post_id;
667
668	$message = '';
	@@ -683,6 +761,13 @@ if ( ! class_exists( 'Responsive_Ready_Sites_Importer' ) ) :
683	*/
684	public function delete_imported_terms( $term_id = 0 ) {
685







686	$term_id = isset( $_REQUEST['term_id'] ) ? absint( $_REQUEST['term_id'] ) : $term_id;
687
688	$message = '';


156	*/
157	public function import_start() {
158
159	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
160	+
161	$demo_api_uri = isset( $_POST['api_url'] ) ? esc_url( $_POST['api_url'] ) : ''; //phpcs:ignore
162
163	if ( ! empty( $demo_api_uri ) ) {

192	*/
193	public function import_xml_data() {
194
195	+ // Verify Nonce.
196	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
197	+
198	+ if ( ! current_user_can( 'install_plugins' ) ) {
199	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
200	+ }
201	+
202	if ( ! class_exists( 'XMLReader' ) ) {
203	wp_send_json_error( __( 'If XMLReader is not available, it imports all other settings and only skips XML import. This creates an incomplete website. We should bail early and not import anything if this is not present.', 'responsive-addons' ) );
204	}

238	*/
239	public function import_wpforms() {
240
241	+ // Verify Nonce.
242	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
243	+
244	+ if ( ! current_user_can( 'install_plugins' ) ) {
245	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
246	+ }
247	+
248	$site_wpforms_url = ( isset( $_REQUEST['wpforms_path'] ) ) ? urldecode( $_REQUEST['wpforms_path'] ) : ''; //phpcs:ignore
249	$ids_mapping = array();
250

318	*/
319	public function import_customizer_settings() {
320
321	+ // Verify Nonce.
322	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
323	+
324	+ if ( ! current_user_can( 'install_plugins' ) ) {
325	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
326	+ }
327	+
328	$customizer_data = ( isset( $_POST['site_customizer_data'] ) ) ? (array) json_decode( stripcslashes( $_POST['site_customizer_data'] ), 1 ) : array(); //phpcs:ignore
329
330	if ( ! empty( $customizer_data ) ) {

368	* @return void
369	*/
370	public function import_widgets() {
371	+ // Verify Nonce.
372	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
373	+
374	+ if ( ! current_user_can( 'install_plugins' ) ) {
375	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
376	+ }
377
378	$widgets_data = ( isset( $_POST['widgets_data'] ) ) ? (object) json_decode( stripcslashes( $_POST['widgets_data'] ) ) : ''; //phpcs:ignore
379

405	*/
406	public function import_options() {
407
408	+ // Verify Nonce.
409	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
410	+
411	+ if ( ! current_user_can( 'install_plugins' ) ) {
412	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
413	+ }
414	+
415	$options_data = ( isset( $_POST['options_data'] ) ) ? (array) json_decode( stripcslashes( $_POST['options_data'] ), 1 ) : '';
416
417	if ( ! empty( $options_data ) ) {

510	*/
511	public function import_end() {
512
513	+ // Verify Nonce.
514	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
515	+ if ( ! current_user_can( 'install_plugins' ) ) {
516	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'resposnive-addons' ) );
517	+ }
518	+
519	$current_active_site_slug = isset( $_REQUEST['slug'] ) ? $_REQUEST['slug'] : '';
520	$current_active_site_title = isset( $_REQUEST['title'] ) ? $_REQUEST['title'] : '';
521	$current_active_site_featured_image_url = isset( $_REQUEST['featured_image_url'] ) ? $_REQUEST['featured_image_url'] : '';

617	*/
618	public function reset_customizer_data() {
619
620	+ // Verify Nonce.
621	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
622	+
623	+ if ( ! current_user_can( 'install_plugins' ) ) {
624	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
625	+ }
626	+
627	Responsive_Ready_Sites_Importer_Log::add( 'Deleted customizer Settings ' . wp_json_encode( get_option( 'responsive_theme_options', array() ) ) );
628
629	delete_option( 'responsive_theme_options' );

639	*/
640	public function reset_site_options() {
641
642	+ // Verify Nonce.
643	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
644	+
645	+ if ( ! current_user_can( 'install_plugins' ) ) {
646	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
647	+ }
648	+
649	$options = get_option( '_responsive_ready_sites_old_site_options', array() );
650
651	Responsive_Ready_Sites_Importer_Log::add( 'Deleted - Site Options ' . wp_json_encode( $options ) );

666	* @return void
667	*/
668	public function reset_widgets_data() {
669	+
670	+ // Verify Nonce.
671	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
672	+ if ( ! current_user_can( 'install_plugins' ) ) {
673	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
674	+ }
675	+
676	$old_widgets = get_option( '_responsive_ready_sites_old_widgets_data', array() );
677
678	if ( $old_widgets ) {

705	* @return void
706	*/
707	public function delete_imported_posts( $post_id = 0 ) {
708	+
709	+ // Verify Nonce.
710	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
711	+
712	+ if ( ! current_user_can( 'install_plugins' ) ) {
713	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
714	+ }
715	$post_id = isset( $_REQUEST['post_id'] ) ? absint( $_REQUEST['post_id'] ) : $post_id;
716
717	$message = '';

733	* @return void
734	*/
735	public function delete_imported_wp_forms( $post_id = 0 ) {
736	+
737	+ // Verify Nonce.
738	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
739	+
740	+ if ( ! current_user_can( 'install_plugins' ) ) {
741	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
742	+ }
743	+
744	$post_id = isset( $_REQUEST['post_id'] ) ? absint( $_REQUEST['post_id'] ) : $post_id;
745
746	$message = '';

761	*/
762	public function delete_imported_terms( $term_id = 0 ) {
763
764	+ // Verify Nonce.
765	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
766	+
767	+ if ( ! current_user_can( 'install_plugins' ) ) {
768	+ wp_send_json_error( __( 'You are not allowed to perform this action', 'responsive-addons' ) );
769	+ }
770	+
771	$term_id = isset( $_REQUEST['term_id'] ) ? absint( $_REQUEST['term_id'] ) : $term_id;
772
773	$message = '';

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Tags: one click demo import, gutenberg, elementor, templates
5	Requires at least: 5.0
6	Tested up to: 5.3
7	Requires PHP: 5.3
8	- Stable tag: 2.2.3
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
	@@ -106,6 +106,9 @@ Absolutely not! Once you install the plugin, it will take care of all other depe
106	4. Your website is ready
107
108	== Changelog ==



109	= 2.2.3 - 18th February 2020 =
110	* Added - API request parameters
111	* Added - Updated analytics library
	@@ -211,4 +214,4 @@ Absolutely not! Once you install the plugin, it will take care of all other depe
211	* Bug fixes
212
213	= 1.0.0 =
214	- * Initial set up and release


5	Requires at least: 5.0
6	Tested up to: 5.3
7	Requires PHP: 5.3
8	+ Stable tag: 2.2.4
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
11

106	4. Your website is ready
107
108	== Changelog ==
109	+ = 2.2.4 - 4th March 2020 =
110	+ * Added - Improved security using nonce
111	+
112	= 2.2.3 - 18th February 2020 =
113	* Added - API request parameters
114	* Added - Updated analytics library

214	* Bug fixes
215
216	= 1.0.0 =
217	+ * Initial set up and release

responsive-add-ons.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Responsive Ready Sites Importer
4	Plugin URI: http://wordpress.org/plugins/responsive-add-ons/
5	Description: Import Responsive Ready Sites that help you launch your website quickly. Just import, update & hit the launch button.
6	- Version: 2.2.3
7	Author: CyberChimps
8	Author URI: http://www.cyberchimps.com
9	License: GPL2
	@@ -39,7 +39,7 @@ if ( ! defined( 'RESPONSIVE_ADDONS_URI' ) ) {
39	}
40
41	if ( ! defined( 'RESPONSIVE_ADDONS_VER' ) ) {
42	- define( 'RESPONSIVE_ADDONS_VER', '2.2.3' );
43	}
44
45	if ( ! function_exists( 'ra_fs' ) ) {
	@@ -56,7 +56,7 @@ if ( ! function_exists( 'ra_fs' ) ) {
56	'slug' => 'responsive-add-ons',
57	'product_name' => 'Responsive Ready Sites Importer',
58	'module_type' => 'plugin',
59	- 'version' => '2.2.3',
60	'plugin_basename' => 'responsive-add-ons/responsive-add-ons.php',
61	'plugin_url' => RESPONSIVE_ADDONS_DIR,
62	) );
	@@ -211,6 +211,12 @@ if( !class_exists( 'Responsive_Addons' ) ) {
211	*/
212	function activate_theme() {
213






214	switch_theme( 'responsive' );
215
216	wp_send_json_success(
	@@ -691,8 +697,10 @@ if( !class_exists( 'Responsive_Addons' ) ) {
691	* Backup existing settings.
692	*/
693	public function backup_settings() {


694	if ( ! current_user_can( 'manage_options' ) ) {
695	- ~~return~~;
696	}
697
698	$file_name = 'responsive-ready-sites-backup-' . date( 'd-M-Y-h-i-s' ) . '.json';
	@@ -723,6 +731,7 @@ if( !class_exists( 'Responsive_Addons' ) ) {
723	* Set reset data
724	*/
725	public function set_reset_data() {

726	if ( ! current_user_can( 'manage_options' ) ) {
727	return;
728	}
	@@ -759,7 +768,7 @@ if( !class_exists( 'Responsive_Addons' ) ) {
759	'notinstalled' => array(),
760	);
761
762	- if ( ! current_user_can( '~~customize~~' ) ) {
763	wp_send_json_error( $response );
764	}
765
	@@ -798,11 +807,13 @@ if( !class_exists( 'Responsive_Addons' ) ) {
798	*/
799	public function required_plugin_activate() {
800
801	- if ( ~~! current_user_can(~~ '~~install_plugins~~' ~~) \|\| ! isset( $_POST[~~'~~init~~'] ) ~~\|\| ! $_POST['init'] ) {~~


802	wp_send_json_error(
803	array(
804	'success' => false,
805	- 'message' => __( 'No ~~plugin~~ ~~specified~~', 'responsive-addons' ),
806	)
807	);
808	}
	@@ -1004,6 +1015,9 @@ if( !class_exists( 'Responsive_Addons' ) ) {
1004	* @since 2.1.1
1005	*/
1006	public function check_responsive_theme_active() {



1007	$current_theme = wp_get_theme();
1008	if ( ( 'Responsive' === $current_theme->get( 'Name' ) ) \|\| ( is_child_theme() && 'Responsive' === $current_theme->parent()->get( 'Name' ) ) ) {
1009	wp_send_json_success(


3	Plugin Name: Responsive Ready Sites Importer
4	Plugin URI: http://wordpress.org/plugins/responsive-add-ons/
5	Description: Import Responsive Ready Sites that help you launch your website quickly. Just import, update & hit the launch button.
6	+ Version: 2.2.4
7	Author: CyberChimps
8	Author URI: http://www.cyberchimps.com
9	License: GPL2

39	}
40
41	if ( ! defined( 'RESPONSIVE_ADDONS_VER' ) ) {
42	+ define( 'RESPONSIVE_ADDONS_VER', '2.2.4' );
43	}
44
45	if ( ! function_exists( 'ra_fs' ) ) {

56	'slug' => 'responsive-add-ons',
57	'product_name' => 'Responsive Ready Sites Importer',
58	'module_type' => 'plugin',
59	+ 'version' => '2.2.4',
60	'plugin_basename' => 'responsive-add-ons/responsive-add-ons.php',
61	'plugin_url' => RESPONSIVE_ADDONS_DIR,
62	) );

211	*/
212	function activate_theme() {
213
214	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
215	+
216	+ if ( ! current_user_can( 'switch_themes' ) ) {
217	+ wp_send_json_error( __( 'You are not allowed to activate the Theme', 'responsive-addons' ) );
218	+ }
219	+
220	switch_theme( 'responsive' );
221
222	wp_send_json_success(

697	* Backup existing settings.
698	*/
699	public function backup_settings() {
700	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
701	+
702	if ( ! current_user_can( 'manage_options' ) ) {
703	+ wp_send_json_error( __( 'User does not have permission!', 'responsive-addons' ) );
704	}
705
706	$file_name = 'responsive-ready-sites-backup-' . date( 'd-M-Y-h-i-s' ) . '.json';

731	* Set reset data
732	*/
733	public function set_reset_data() {
734	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
735	if ( ! current_user_can( 'manage_options' ) ) {
736	return;
737	}

768	'notinstalled' => array(),
769	);
770
771	+ if ( ! current_user_can( 'install_plugins' ) ) {
772	wp_send_json_error( $response );
773	}
774

807	*/
808	public function required_plugin_activate() {
809
810	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
811	+
812	+ if ( ! current_user_can( 'activate_plugins' ) \|\| ! isset( $_POST['init'] ) \|\| ! $_POST['init'] ) {
813	wp_send_json_error(
814	array(
815	'success' => false,
816	+ 'message' => __( 'Error: You don\'t have the required permissions to install plugins.', 'responsive-addons' ),
817	)
818	);
819	}

1015	* @since 2.1.1
1016	*/
1017	public function check_responsive_theme_active() {
1018	+
1019	+ check_ajax_referer( 'responsive-addons', '_ajax_nonce' );
1020	+
1021	$current_theme = wp_get_theme();
1022	if ( ( 'Responsive' === $current_theme->get( 'Name' ) ) \|\| ( is_child_theme() && 'Responsive' === $current_theme->parent()->get( 'Name' ) ) ) {
1023	wp_send_json_success(