SendGrid - Version 1.10.8

Version Description

Fixed an XSS vulnerability in the settings forms that would allow other admins to inject scripts.

Release Info

Developer	team-rs
Plugin	SendGrid
Version	1.10.8
Comparing to
See all releases

Code changes from version 1.10.7 to 1.10.8

Files changed (10) hide show

lib/class-sendgrid-nlvx-widget.php +13 -11
lib/class-sendgrid-settings.php +109 -60
lib/class-sendgrid-tools.php +47 -4
readme.txt +5 -1
view/sendgrid_settings.php +2 -2
view/sendgrid_settings_general.php +1 -1
view/sendgrid_settings_nlvx.php +1 -1
view/sendgrid_settings_test_contact.php +1 -1
view/sendgrid_settings_test_email.php +1 -1
wpsendgrid.php +1 -1

lib/class-sendgrid-nlvx-widget.php CHANGED Viewed

	@@ -162,7 +162,7 @@ class SendGrid_NLVX_Widget extends WP_Widget {
162
163	// Form was submitted
164	if ( isset( $_POST['sendgrid_mc_email'] ) ) {
165	- $process_form_reponse = $this->process_subscription( ~~$_POST~~ );
166	if ( self::SUCCESS_EMAIL_SEND == $process_form_reponse ) {
167	echo '<p class="sendgrid_widget_text"> ' . $success_text . ' </p>';
168	} elseif ( self::INVALID_EMAIL_ERROR == $process_form_reponse ) {
	@@ -188,12 +188,10 @@ class SendGrid_NLVX_Widget extends WP_Widget {
188	/**
189	* Method that processes the subscription params
190	*
191	- * @param mixed $params array of parameters from $_POST
192	- *
193	* @return void
194	*/
195	- private function process_subscription( ~~$params~~ ) {
196	- $email_split = explode( "@", $_POST['sendgrid_mc_email'] );
197
198	if ( isset( $email_split[1] ) ) {
199	$email_domain = $email_split[1];
	@@ -207,7 +205,7 @@ class SendGrid_NLVX_Widget extends WP_Widget {
207
208	$email = $email_split[0] . '@' . $email_domain;
209	} else {
210	- $email = $_POST['sendgrid_mc_email'];
211	}
212
213	// Bad call
	@@ -225,7 +223,11 @@ class SendGrid_NLVX_Widget extends WP_Widget {
225	}
226
227	if ( isset( $_POST['sendgrid_mc_first_name'] ) and isset( $_POST['sendgrid_mc_last_name'] ) ) {
228	- Sendgrid_OptIn_API_Endpoint::send_confirmation_email( ~~$email, $_POST['sendgrid_mc_first_name'], $_POST['sendgrid_mc_last_name'] );~~




229	} else {
230	Sendgrid_OptIn_API_Endpoint::send_confirmation_email( $email );
231	}
	@@ -239,22 +241,22 @@ class SendGrid_NLVX_Widget extends WP_Widget {
239	* @return void
240	*/
241	private function display_form() {
242	- $email_label = ~~htmlspecialchars~~( Sendgrid_Tools::get_mc_email_label() );
243	if ( false == $email_label ) {
244	$email_label = Sendgrid_Settings::DEFAULT_EMAIL_LABEL;
245	}
246
247	- $first_name_label = ~~htmlspecialchars~~( Sendgrid_Tools::get_mc_first_name_label() );
248	if ( false == $first_name_label ) {
249	$first_name_label = Sendgrid_Settings::DEFAULT_FIRST_NAME_LABEL;
250	}
251
252	- $last_name_label = ~~htmlspecialchars~~( Sendgrid_Tools::get_mc_last_name_label() );
253	if ( false == $last_name_label ) {
254	$last_name_label = Sendgrid_Settings::DEFAULT_LAST_NAME_LABEL;
255	}
256
257	- $subscribe_label = ~~htmlspecialchars~~( Sendgrid_Tools::get_mc_subscribe_label() );
258	if ( false == $subscribe_label ) {
259	$subscribe_label = Sendgrid_Settings::DEFAULT_SUBSCRIBE_LABEL;
260	}


162
163	// Form was submitted
164	if ( isset( $_POST['sendgrid_mc_email'] ) ) {
165	+ $process_form_reponse = $this->process_subscription();
166	if ( self::SUCCESS_EMAIL_SEND == $process_form_reponse ) {
167	echo '<p class="sendgrid_widget_text"> ' . $success_text . ' </p>';
168	} elseif ( self::INVALID_EMAIL_ERROR == $process_form_reponse ) {

188	/**
189	* Method that processes the subscription params
190	*


191	* @return void
192	*/
193	+ private function process_subscription() {
194	+ $email_split = explode( "@", htmlspecialchars($_POST['sendgrid_mc_email'], ENT_QUOTES, 'UTF-8') );
195
196	if ( isset( $email_split[1] ) ) {
197	$email_domain = $email_split[1];

205
206	$email = $email_split[0] . '@' . $email_domain;
207	} else {
208	+ $email = htmlspecialchars( $_POST['sendgrid_mc_email'], ENT_QUOTES, 'UTF-8 ');
209	}
210
211	// Bad call

223	}
224
225	if ( isset( $_POST['sendgrid_mc_first_name'] ) and isset( $_POST['sendgrid_mc_last_name'] ) ) {
226	+ Sendgrid_OptIn_API_Endpoint::send_confirmation_email(
227	+ $email,
228	+ htmlspecialchars( $_POST['sendgrid_mc_first_name'], ENT_QUOTES, 'UTF-8' ),
229	+ htmlspecialchars( $_POST['sendgrid_mc_last_name'], ENT_QUOTES, 'UTF-8' )
230	+ );
231	} else {
232	Sendgrid_OptIn_API_Endpoint::send_confirmation_email( $email );
233	}

241	* @return void
242	*/
243	private function display_form() {
244	+ $email_label = stripslashes( Sendgrid_Tools::get_mc_email_label() );
245	if ( false == $email_label ) {
246	$email_label = Sendgrid_Settings::DEFAULT_EMAIL_LABEL;
247	}
248
249	+ $first_name_label = stripslashes( Sendgrid_Tools::get_mc_first_name_label() );
250	if ( false == $first_name_label ) {
251	$first_name_label = Sendgrid_Settings::DEFAULT_FIRST_NAME_LABEL;
252	}
253
254	+ $last_name_label = stripslashes( Sendgrid_Tools::get_mc_last_name_label() );
255	if ( false == $last_name_label ) {
256	$last_name_label = Sendgrid_Settings::DEFAULT_LAST_NAME_LABEL;
257	}
258
259	+ $subscribe_label = stripslashes( Sendgrid_Tools::get_mc_subscribe_label() );
260	if ( false == $subscribe_label ) {
261	$subscribe_label = Sendgrid_Settings::DEFAULT_SUBSCRIBE_LABEL;
262	}

lib/class-sendgrid-settings.php CHANGED Viewed

	@@ -143,43 +143,45 @@ class Sendgrid_Settings {
143	$status = '';
144	$message = '';
145
146	- $user = Sendgrid_Tools::get_username();
147	- $password = Sendgrid_Tools::get_password();
148	- $api_key = Sendgrid_Tools::get_api_key();
149	- $send_method = Sendgrid_Tools::get_send_method();
150	- $auth_method = Sendgrid_Tools::get_auth_method();
151	$name = stripslashes( Sendgrid_Tools::get_from_name() );
152	- $email = Sendgrid_Tools::get_from_email();
153	- $reply_to = Sendgrid_Tools::get_reply_to();
154	$categories = stripslashes( Sendgrid_Tools::get_categories() );
155	$template = stripslashes( Sendgrid_Tools::get_template() );
156	- $port = Sendgrid_Tools::get_port();
157	- $content_type = Sendgrid_Tools::get_content_type();
158	- $unsubscribe_group_id = Sendgrid_Tools::get_unsubscribe_group();
159	$stats_categories = stripslashes( Sendgrid_Tools::get_stats_categories() );
160
161	- $mc_api_key = Sendgrid_Tools::get_mc_api_key();
162	- $mc_list_id = Sendgrid_Tools::get_mc_list_id();
163	- $mc_opt_use_transactional = Sendgrid_Tools::get_mc_opt_use_transactional();
164	- $mc_opt_incl_fname_lname = Sendgrid_Tools::get_mc_opt_incl_fname_lname();
165	- $mc_opt_req_fname_lname = Sendgrid_Tools::get_mc_opt_req_fname_lname();
166	- $mc_signup_confirmation_page = Sendgrid_Tools::get_mc_signup_confirmation_page();
167
168	// input padding
169	- $mc_signup_input_padding_top = Sendgrid_Tools::get_mc_input_padding_by_position( 'top' );
170	- $mc_signup_input_padding_right = Sendgrid_Tools::get_mc_input_padding_by_position( 'right' );
171	- $mc_signup_input_padding_bottom = Sendgrid_Tools::get_mc_input_padding_by_position( 'bottom' );
172	- $mc_signup_input_padding_left = Sendgrid_Tools::get_mc_input_padding_by_position( 'left' );

173	// button padding
174	- $mc_signup_button_padding_top = Sendgrid_Tools::get_mc_button_padding_by_position( 'top' );
175	- $mc_signup_button_padding_right = Sendgrid_Tools::get_mc_button_padding_by_position( 'right' );
176	- $mc_signup_button_padding_bottom = Sendgrid_Tools::get_mc_button_padding_by_position( 'bottom' );
177	- $mc_signup_button_padding_left = Sendgrid_Tools::get_mc_button_padding_by_position( 'left' );
178
179	$mc_signup_email_subject = Sendgrid_Tools::get_mc_signup_email_subject();
180	if ( false == $mc_signup_email_subject ) {
181	$mc_signup_email_subject = self::DEFAULT_SIGNUP_EMAIL_SUBJECT . get_bloginfo('name');
182	}

183
184	$mc_signup_email_content = Sendgrid_Tools::get_mc_signup_email_content();
185	if ( false == $mc_signup_email_content ) {
	@@ -317,18 +319,25 @@ class Sendgrid_Settings {
317	if ( false == $mc_signup_email_label ) {
318	$mc_signup_email_label = self::DEFAULT_EMAIL_LABEL;
319	}


320	$mc_signup_first_name_label = Sendgrid_Tools::get_mc_first_name_label();
321	if ( false == $mc_signup_first_name_label ) {
322	$mc_signup_first_name_label = self::DEFAULT_FIRST_NAME_LABEL;
323	}


324	$mc_signup_last_name_label = Sendgrid_Tools::get_mc_last_name_label();
325	if ( false == $mc_signup_last_name_label ) {
326	$mc_signup_last_name_label = self::DEFAULT_LAST_NAME_LABEL;
327	}


328	$mc_signup_subscribe_label = Sendgrid_Tools::get_mc_subscribe_label();
329	if ( false == $mc_signup_subscribe_label ) {
330	$mc_signup_subscribe_label = self::DEFAULT_SUBSCRIBE_LABEL;
331	}

332
333	$is_env_auth_method = defined( 'SENDGRID_AUTH_METHOD' );
334	$is_env_send_method = defined( 'SENDGRID_SEND_METHOD' );
	@@ -400,7 +409,8 @@ class Sendgrid_Settings {
400	private static function save_subsite_settings( $params ) {
401	$sites = get_sites();
402	foreach( $sites as $site ) {
403	- if ( isset( $params['checked_sites'][$site->blog_id] ) and ~~'on' == $params['checked_sites'][$site->blog_id] ) {~~

404	update_blog_option( $site->blog_id, 'sendgrid_can_manage_subsite', 1 );
405	} else {
406	update_blog_option( $site->blog_id, 'sendgrid_can_manage_subsite', 0 );
	@@ -463,7 +473,7 @@ class Sendgrid_Settings {
463	Sendgrid_Tools::set_mc_api_key( '' );
464	} else {
465	// MC API Key was set, check scopes and save if correct
466	- $apikey = $params['sendgrid_mc_apikey'];
467
468	if ( ! Sendgrid_Tools::check_api_key_mc( $apikey ) ) {
469	$response = array(
	@@ -493,7 +503,8 @@ class Sendgrid_Settings {
493	}
494
495	if ( isset( $params['sendgrid_mc_contact_list'] ) and ! defined( 'SENDGRID_MC_LIST_ID' ) ) {
496	- ~~Sendgrid_Tools::set_mc_list_id~~( $params['sendgrid_mc_contact_list'] );

497	}
498
499	if ( ! defined( 'SENDGRID_MC_SIGNUP_EMAIL_SUBJECT' ) ) {
	@@ -503,7 +514,8 @@ class Sendgrid_Settings {
503	'status' => 'error'
504	);
505	} else {
506	- ~~Sendgrid_Tools::set_mc_signup_email_subject~~( $params['sendgrid_mc_email_subject'] );

507	}
508	}
509
	@@ -514,6 +526,8 @@ class Sendgrid_Settings {
514	'status' => 'error'
515	);
516	} else {


517	Sendgrid_Tools::set_mc_signup_email_content( $params['sendgrid_mc_email_content'] );
518	}
519	}
	@@ -525,53 +539,68 @@ class Sendgrid_Settings {
525	'status' => 'error'
526	);
527	} else {


528	Sendgrid_Tools::set_mc_signup_email_content_text( $params['sendgrid_mc_email_content_text'] );
529	}
530	}
531
532	if ( isset( $params['sendgrid_mc_signup_page'] ) and ! defined( 'SENDGRID_MC_SIGNUP_CONFIRMATION_PAGE' ) ) {
533	- ~~Sendgrid_Tools::set_mc_signup_confirmation_page~~( $params['sendgrid_mc_signup_page'] );

534	}
535
536	// form configuration
537	// labels
538	if ( isset( $params['sendgrid_mc_email_label'] ) and ! defined( 'SENDGRID_MC_EMAIL_LABEL' ) ) {
539	- ~~Sendgrid_Tools::set_mc_email_label~~( $params['sendgrid_mc_email_label'] );

540	}
541	if ( isset( $params['sendgrid_mc_first_name_label'] ) and ! defined( 'SENDGRID_MC_FIRST_NAME_LABEL' ) ) {
542	- ~~Sendgrid_Tools::set_mc_first_name_label~~( $params['sendgrid_mc_first_name_label'] );

543	}
544	if ( isset( $params['sendgrid_mc_last_name_label'] ) and ! defined( 'SENDGRID_MC_LAST_NAME_LABEL' ) ) {
545	- ~~Sendgrid_Tools::set_mc_last_name_label~~( $params['sendgrid_mc_last_name_label'] );

546	}
547	if ( isset( $params['sendgrid_mc_subscribe_label'] ) and ! defined( 'SENDGRID_MC_SUBSCRIBE_LABEL' ) ) {
548	- ~~Sendgrid_Tools::set_mc_subscribe_label~~( $params['sendgrid_mc_subscribe_label'] );

549	}
550	// input padding
551	if ( isset( $params['sendgrid_mc_input_padding_top'] ) ) {
552	- ~~Sendgrid_Tools::set_mc_input_padding~~( ~~'top',~~ $params['sendgrid_mc_input_padding_top'] );

553	}
554	if ( isset( $params['sendgrid_mc_input_padding_right'] ) ) {
555	- ~~Sendgrid_Tools::set_mc_input_padding~~( ~~'right',~~ $params['sendgrid_mc_input_padding_right'] );

556	}
557	if ( isset( $params['sendgrid_mc_input_padding_bottom'] ) ) {
558	- ~~Sendgrid_Tools::set_mc_input_padding~~( ~~'bottom',~~ $params['sendgrid_mc_input_padding_bottom'] );

559	}
560	if ( isset( $params['sendgrid_mc_input_padding_left'] ) ) {
561	- ~~Sendgrid_Tools::set_mc_input_padding~~( ~~'left',~~ $params['sendgrid_mc_input_padding_left'] );

562	}
563	// button padding
564	if ( isset( $params['sendgrid_mc_button_padding_top'] ) ) {
565	- ~~Sendgrid_Tools::set_mc_button_padding~~( ~~'top',~~ $params['sendgrid_mc_button_padding_top'] );

566	}
567	if ( isset( $params['sendgrid_mc_button_padding_right'] ) ) {
568	- ~~Sendgrid_Tools::set_mc_button_padding~~( ~~'right',~~ $params['sendgrid_mc_button_padding_right'] );

569	}
570	if ( isset( $params['sendgrid_mc_button_padding_bottom'] ) ) {
571	- ~~Sendgrid_Tools::set_mc_button_padding~~( ~~'bottom',~~ $params['sendgrid_mc_button_padding_bottom'] );

572	}
573	if ( isset( $params['sendgrid_mc_button_padding_left'] ) ) {
574	- ~~Sendgrid_Tools::set_mc_button_padding~~( ~~'left',~~ $params['sendgrid_mc_button_padding_left'] );

575	}
576
577	if ( isset( $response ) and $response['status'] == 'error' ) {
	@@ -610,7 +639,9 @@ class Sendgrid_Settings {
610	break;
611	}
612
613	- if ( ~~! Sendgrid_Tools::check_api_key~~( $params['sendgrid_apikey'], ~~true~~ ) ) {


614	$response = array(
615	'message' => 'API Key is invalid or without permissions.',
616	'status' => 'error'
	@@ -619,21 +650,22 @@ class Sendgrid_Settings {
619	break;
620	}
621
622	- if ( 'true' == Sendgrid_Tools::get_mc_opt_use_transactional() and ! Sendgrid_Tools::check_api_key_mc( $~~params['sendgrid_apikey']~~ ) ) {
623	$response = array(
624	'message' => 'This API key is also used for the Subscription Widget but does not have Marketing Campaigns permissions.',
625	'status' => 'error'
626	);
627	}
628
629	- Sendgrid_Tools::set_api_key( $~~params['sendgrid_apikey']~~ );
630	}
631
632	break;
633
634	case 'credentials':
635	- if ( ! isset( $params['sendgrid_username'] ) and ! isset( $params['sendgrid_password'] ) )
636	break;

637
638	$save_username = true;
639	$save_password = true;
	@@ -648,12 +680,15 @@ class Sendgrid_Settings {
648	$params['sendgrid_password'] = Sendgrid_Tools::get_username();
649	}
650



651	if ( ( isset( $params['sendgrid_username'] ) and ! $params['sendgrid_username'] ) or ( isset( $params['sendgrid_password'] ) and ! $params['sendgrid_password'] ) ) {
652	$response = array(
653	'message' => 'Username or password is empty.',
654	'status' => 'error'
655	);
656	- } elseif ( ! Sendgrid_Tools::check_username_password( $~~params['sendgrid_username']~~, $~~params['sendgrid_password']~~, true ) ) {
657	$response = array(
658	'message' => 'Username and password are invalid.',
659	'status' => 'error'
	@@ -663,18 +698,19 @@ class Sendgrid_Settings {
663	}
664
665	if ( $save_username ) {
666	- Sendgrid_Tools::set_username( $~~params['sendgrid_username']~~ );
667	}
668
669	if ( $save_password ) {
670	- Sendgrid_Tools::set_password( $~~params['sendgrid_password']~~ );
671	}
672
673	break;
674	}
675
676	if ( isset( $params['sendgrid_name'] ) ) {
677	- ~~Sendgrid_Tools::set_from_name~~( $params['sendgrid_name'] );

678	}
679
680	if ( isset( $params['sendgrid_email'] ) ) {
	@@ -684,7 +720,9 @@ class Sendgrid_Settings {
684	'status' => 'error'
685	);
686	} else {
687	- ~~Sendgrid_Tools::set_from_email(~~ ~~$params['sendgrid_email']~~ );


688	}
689	}
690
	@@ -695,47 +733,58 @@ class Sendgrid_Settings {
695	'status' => 'error'
696	);
697	} else {
698	- ~~Sendgrid_Tools::set_reply_to(~~ ~~$params['sendgrid_reply_to']~~ );


699	}
700	}
701
702	if ( isset( $params['sendgrid_categories'] ) ) {
703	- ~~Sendgrid_Tools::set_categories~~( $params['sendgrid_categories'] );

704	}
705
706	if ( isset( $params['sendgrid_stats_categories'] ) ) {
707	- ~~Sendgrid_Tools::set_stats_categories~~( $params['sendgrid_stats_categories'] );

708	}
709
710	if ( isset( $params['sendgrid_template'] ) ) {
711	- if ( ~~! Sendgrid_Tools::check_template~~( $params['sendgrid_template'] ) ) {

712	$response = array(
713	'message' => 'Template not found.',
714	'status' => 'error'
715	);
716	} else {
717	- Sendgrid_Tools::set_template( $~~params['sendgrid_template']~~ );
718	}
719	}
720
721	if ( isset( $params['send_method'] ) ) {
722	- ~~Sendgrid_Tools::set_send_method~~( $params['send_method'] );

723	}
724
725	if ( isset( $params['auth_method'] ) and in_array( $params['auth_method'], Sendgrid_Tools::$allowed_auth_methods ) ) {
726	- ~~Sendgrid_Tools::set_auth_method(~~ ~~$params['auth_method']~~ );


727	}
728
729	if ( isset( $params['sendgrid_port'] ) ) {
730	- ~~Sendgrid_Tools::set_port~~( $params['sendgrid_port'] );

731	}
732
733	if ( isset( $params['content_type'] ) ) {
734	- ~~Sendgrid_Tools::set_content_type~~( $params['content_type'] );

735	}
736
737	if ( isset( $params['unsubscribe_group'] ) ) {
738	- ~~Sendgrid_Tools::set_unsubscribe_group~~( $params['unsubscribe_group'] );

739	}
740
741	if( isset( $response ) and $response['status'] == 'error') {


143	$status = '';
144	$message = '';
145
146	+ $user = stripslashes( Sendgrid_Tools::get_username() );
147	+ $password = stripslashes( Sendgrid_Tools::get_password() );
148	+ $api_key = stripslashes( Sendgrid_Tools::get_api_key() );
149	+ $send_method = stripslashes( Sendgrid_Tools::get_send_method() );
150	+ $auth_method = stripslashes( Sendgrid_Tools::get_auth_method() );
151	$name = stripslashes( Sendgrid_Tools::get_from_name() );
152	+ $email = stripslashes( Sendgrid_Tools::get_from_email() );
153	+ $reply_to = stripslashes( Sendgrid_Tools::get_reply_to() );
154	$categories = stripslashes( Sendgrid_Tools::get_categories() );
155	$template = stripslashes( Sendgrid_Tools::get_template() );
156	+ $port = stripslashes( Sendgrid_Tools::get_port() );
157	+ $content_type = stripslashes( Sendgrid_Tools::get_content_type() );
158	+ $unsubscribe_group_id = stripslashes( Sendgrid_Tools::get_unsubscribe_group() );
159	$stats_categories = stripslashes( Sendgrid_Tools::get_stats_categories() );
160
161	+ $mc_api_key = stripslashes( Sendgrid_Tools::get_mc_api_key() );
162	+ $mc_list_id = stripslashes( Sendgrid_Tools::get_mc_list_id() );
163	+ $mc_opt_use_transactional = stripslashes( Sendgrid_Tools::get_mc_opt_use_transactional() );
164	+ $mc_opt_incl_fname_lname = stripslashes( Sendgrid_Tools::get_mc_opt_incl_fname_lname() );
165	+ $mc_opt_req_fname_lname = stripslashes( Sendgrid_Tools::get_mc_opt_req_fname_lname() );
166	+ $mc_signup_confirmation_page = stripslashes( Sendgrid_Tools::get_mc_signup_confirmation_page() );
167
168	// input padding
169	+ $mc_signup_input_padding_top = stripslashes( Sendgrid_Tools::get_mc_input_padding_by_position( 'top' ) );
170	+ $mc_signup_input_padding_right = stripslashes( Sendgrid_Tools::get_mc_input_padding_by_position( 'right' ) );
171	+ $mc_signup_input_padding_bottom = stripslashes( Sendgrid_Tools::get_mc_input_padding_by_position( 'bottom' ) );
172	+ $mc_signup_input_padding_left = stripslashes( Sendgrid_Tools::get_mc_input_padding_by_position( 'left' ) );
173	+
174	// button padding
175	+ $mc_signup_button_padding_top = stripslashes( Sendgrid_Tools::get_mc_button_padding_by_position( 'top' ) );
176	+ $mc_signup_button_padding_right = stripslashes( Sendgrid_Tools::get_mc_button_padding_by_position( 'right' ) );
177	+ $mc_signup_button_padding_bottom = stripslashes( Sendgrid_Tools::get_mc_button_padding_by_position( 'bottom' ) );
178	+ $mc_signup_button_padding_left = stripslashes( Sendgrid_Tools::get_mc_button_padding_by_position( 'left' ) );
179
180	$mc_signup_email_subject = Sendgrid_Tools::get_mc_signup_email_subject();
181	if ( false == $mc_signup_email_subject ) {
182	$mc_signup_email_subject = self::DEFAULT_SIGNUP_EMAIL_SUBJECT . get_bloginfo('name');
183	}
184	+ $mc_signup_email_subject = stripslashes( $mc_signup_email_subject );
185
186	$mc_signup_email_content = Sendgrid_Tools::get_mc_signup_email_content();
187	if ( false == $mc_signup_email_content ) {

319	if ( false == $mc_signup_email_label ) {
320	$mc_signup_email_label = self::DEFAULT_EMAIL_LABEL;
321	}
322	+ $mc_signup_email_label = stripslashes( $mc_signup_email_label );
323	+
324	$mc_signup_first_name_label = Sendgrid_Tools::get_mc_first_name_label();
325	if ( false == $mc_signup_first_name_label ) {
326	$mc_signup_first_name_label = self::DEFAULT_FIRST_NAME_LABEL;
327	}
328	+ $mc_signup_first_name_label = stripslashes( $mc_signup_first_name_label );
329	+
330	$mc_signup_last_name_label = Sendgrid_Tools::get_mc_last_name_label();
331	if ( false == $mc_signup_last_name_label ) {
332	$mc_signup_last_name_label = self::DEFAULT_LAST_NAME_LABEL;
333	}
334	+ $mc_signup_last_name_label = stripslashes( $mc_signup_last_name_label );
335	+
336	$mc_signup_subscribe_label = Sendgrid_Tools::get_mc_subscribe_label();
337	if ( false == $mc_signup_subscribe_label ) {
338	$mc_signup_subscribe_label = self::DEFAULT_SUBSCRIBE_LABEL;
339	}
340	+ $mc_signup_subscribe_label = stripslashes( $mc_signup_subscribe_label );
341
342	$is_env_auth_method = defined( 'SENDGRID_AUTH_METHOD' );
343	$is_env_send_method = defined( 'SENDGRID_SEND_METHOD' );

409	private static function save_subsite_settings( $params ) {
410	$sites = get_sites();
411	foreach( $sites as $site ) {
412	+ if ( isset( $params['checked_sites'][$site->blog_id] ) and
413	+ 'on' == $params['checked_sites'][$site->blog_id] ) {
414	update_blog_option( $site->blog_id, 'sendgrid_can_manage_subsite', 1 );
415	} else {
416	update_blog_option( $site->blog_id, 'sendgrid_can_manage_subsite', 0 );

473	Sendgrid_Tools::set_mc_api_key( '' );
474	} else {
475	// MC API Key was set, check scopes and save if correct
476	+ $apikey = htmlspecialchars( $params['sendgrid_mc_apikey'], ENT_QUOTES, 'UTF-8' );
477
478	if ( ! Sendgrid_Tools::check_api_key_mc( $apikey ) ) {
479	$response = array(

503	}
504
505	if ( isset( $params['sendgrid_mc_contact_list'] ) and ! defined( 'SENDGRID_MC_LIST_ID' ) ) {
506	+ $mc_list_id = htmlspecialchars( $params['sendgrid_mc_contact_list'], ENT_QUOTES, 'UTF-8' );
507	+ Sendgrid_Tools::set_mc_list_id( $mc_list_id );
508	}
509
510	if ( ! defined( 'SENDGRID_MC_SIGNUP_EMAIL_SUBJECT' ) ) {

514	'status' => 'error'
515	);
516	} else {
517	+ $email_subject = htmlspecialchars( $params['sendgrid_mc_email_subject'] , ENT_QUOTES, 'UTF-8' );
518	+ Sendgrid_Tools::set_mc_signup_email_subject( $email_subject );
519	}
520	}
521

526	'status' => 'error'
527	);
528	} else {
529	+ // Textarea values are automatically escaping HTML characters.
530	+ // The user needs to be able to enter any content.
531	Sendgrid_Tools::set_mc_signup_email_content( $params['sendgrid_mc_email_content'] );
532	}
533	}

539	'status' => 'error'
540	);
541	} else {
542	+ // Textarea values are automatically escaping HTML characters.
543	+ // The user needs to be able to enter any content.
544	Sendgrid_Tools::set_mc_signup_email_content_text( $params['sendgrid_mc_email_content_text'] );
545	}
546	}
547
548	if ( isset( $params['sendgrid_mc_signup_page'] ) and ! defined( 'SENDGRID_MC_SIGNUP_CONFIRMATION_PAGE' ) ) {
549	+ $signup_page = htmlspecialchars( $params['sendgrid_mc_signup_page'], ENT_QUOTES, 'UTF-8' );
550	+ Sendgrid_Tools::set_mc_signup_confirmation_page( $signup_page );
551	}
552
553	// form configuration
554	// labels
555	if ( isset( $params['sendgrid_mc_email_label'] ) and ! defined( 'SENDGRID_MC_EMAIL_LABEL' ) ) {
556	+ $email_label = htmlspecialchars( $params['sendgrid_mc_email_label'], ENT_QUOTES, 'UTF-8' );
557	+ Sendgrid_Tools::set_mc_email_label( $email_label );
558	}
559	if ( isset( $params['sendgrid_mc_first_name_label'] ) and ! defined( 'SENDGRID_MC_FIRST_NAME_LABEL' ) ) {
560	+ $first_name_label = htmlspecialchars( $params['sendgrid_mc_first_name_label'], ENT_QUOTES, 'UTF-8' );
561	+ Sendgrid_Tools::set_mc_first_name_label( $first_name_label );
562	}
563	if ( isset( $params['sendgrid_mc_last_name_label'] ) and ! defined( 'SENDGRID_MC_LAST_NAME_LABEL' ) ) {
564	+ $last_name_label = htmlspecialchars( $params['sendgrid_mc_last_name_label'], ENT_QUOTES, 'UTF-8' );
565	+ Sendgrid_Tools::set_mc_last_name_label( $last_name_label );
566	}
567	if ( isset( $params['sendgrid_mc_subscribe_label'] ) and ! defined( 'SENDGRID_MC_SUBSCRIBE_LABEL' ) ) {
568	+ $subscribe_label = htmlspecialchars( $params['sendgrid_mc_subscribe_label'], ENT_QUOTES, 'UTF-8' );
569	+ Sendgrid_Tools::set_mc_subscribe_label( $subscribe_label );
570	}
571	// input padding
572	if ( isset( $params['sendgrid_mc_input_padding_top'] ) ) {
573	+ $padding = htmlspecialchars( $params['sendgrid_mc_input_padding_top'], ENT_QUOTES, 'UTF-8' );
574	+ Sendgrid_Tools::set_mc_input_padding( 'top', $padding );
575	}
576	if ( isset( $params['sendgrid_mc_input_padding_right'] ) ) {
577	+ $padding = htmlspecialchars( $params['sendgrid_mc_input_padding_right'], ENT_QUOTES, 'UTF-8' );
578	+ Sendgrid_Tools::set_mc_input_padding( 'right', $padding );
579	}
580	if ( isset( $params['sendgrid_mc_input_padding_bottom'] ) ) {
581	+ $padding = htmlspecialchars( $params['sendgrid_mc_input_padding_bottom'], ENT_QUOTES, 'UTF-8' );
582	+ Sendgrid_Tools::set_mc_input_padding( 'bottom', $padding );
583	}
584	if ( isset( $params['sendgrid_mc_input_padding_left'] ) ) {
585	+ $padding = htmlspecialchars( $params['sendgrid_mc_input_padding_left'], ENT_QUOTES, 'UTF-8' );
586	+ Sendgrid_Tools::set_mc_input_padding( 'left', $padding );
587	}
588	// button padding
589	if ( isset( $params['sendgrid_mc_button_padding_top'] ) ) {
590	+ $padding = htmlspecialchars( $params['sendgrid_mc_button_padding_top'], ENT_QUOTES, 'UTF-8' );
591	+ Sendgrid_Tools::set_mc_button_padding( 'top', $padding );
592	}
593	if ( isset( $params['sendgrid_mc_button_padding_right'] ) ) {
594	+ $padding = htmlspecialchars( $params['sendgrid_mc_button_padding_right'], ENT_QUOTES, 'UTF-8' );
595	+ Sendgrid_Tools::set_mc_button_padding( 'right', $padding );
596	}
597	if ( isset( $params['sendgrid_mc_button_padding_bottom'] ) ) {
598	+ $padding = htmlspecialchars( $params['sendgrid_mc_button_padding_bottom'], ENT_QUOTES, 'UTF-8' );
599	+ Sendgrid_Tools::set_mc_button_padding( 'bottom', $padding );
600	}
601	if ( isset( $params['sendgrid_mc_button_padding_left'] ) ) {
602	+ $padding = htmlspecialchars( $params['sendgrid_mc_button_padding_left'], ENT_QUOTES, 'UTF-8' );
603	+ Sendgrid_Tools::set_mc_button_padding( 'left', $padding );
604	}
605
606	if ( isset( $response ) and $response['status'] == 'error' ) {

639	break;
640	}
641
642	+ $apikey = htmlspecialchars( $params['sendgrid_apikey'], ENT_QUOTES, 'UTF-8' );
643	+
644	+ if ( ! Sendgrid_Tools::check_api_key( $apikey, true ) ) {
645	$response = array(
646	'message' => 'API Key is invalid or without permissions.',
647	'status' => 'error'

650	break;
651	}
652
653	+ if ( 'true' == Sendgrid_Tools::get_mc_opt_use_transactional() and ! Sendgrid_Tools::check_api_key_mc( $apikey ) ) {
654	$response = array(
655	'message' => 'This API key is also used for the Subscription Widget but does not have Marketing Campaigns permissions.',
656	'status' => 'error'
657	);
658	}
659
660	+ Sendgrid_Tools::set_api_key( $apikey );
661	}
662
663	break;
664
665	case 'credentials':
666	+ if ( ! isset( $params['sendgrid_username'] ) and ! isset( $params['sendgrid_password'] ) ) {
667	break;
668	+ }
669
670	$save_username = true;
671	$save_password = true;

680	$params['sendgrid_password'] = Sendgrid_Tools::get_username();
681	}
682
683	+ $username = htmlspecialchars( $params['sendgrid_username'], ENT_QUOTES, 'UTF-8' );
684	+ $password = htmlspecialchars( $params['sendgrid_password'], ENT_QUOTES, 'UTF-8' );
685	+
686	if ( ( isset( $params['sendgrid_username'] ) and ! $params['sendgrid_username'] ) or ( isset( $params['sendgrid_password'] ) and ! $params['sendgrid_password'] ) ) {
687	$response = array(
688	'message' => 'Username or password is empty.',
689	'status' => 'error'
690	);
691	+ } elseif ( ! Sendgrid_Tools::check_username_password( $username, $password, true ) ) {
692	$response = array(
693	'message' => 'Username and password are invalid.',
694	'status' => 'error'

698	}
699
700	if ( $save_username ) {
701	+ Sendgrid_Tools::set_username( $username );
702	}
703
704	if ( $save_password ) {
705	+ Sendgrid_Tools::set_password( $password );
706	}
707
708	break;
709	}
710
711	if ( isset( $params['sendgrid_name'] ) ) {
712	+ $from_name = htmlspecialchars( $params['sendgrid_name'], ENT_QUOTES, 'UTF-8' );
713	+ Sendgrid_Tools::set_from_name( $from_name );
714	}
715
716	if ( isset( $params['sendgrid_email'] ) ) {

720	'status' => 'error'
721	);
722	} else {
723	+ // Although it should be rejected by email validity, just to be extra safe
724	+ $from_email = htmlspecialchars( $params['sendgrid_email'], ENT_QUOTES, 'UTF-8' );
725	+ Sendgrid_Tools::set_from_email( $from_email );
726	}
727	}
728

733	'status' => 'error'
734	);
735	} else {
736	+ // Although it should be rejected by email validity, just to be extra safe
737	+ $reply_to_email = htmlspecialchars( $params['sendgrid_reply_to'], ENT_QUOTES, 'UTF-8' );
738	+ Sendgrid_Tools::set_reply_to( $reply_to_email );
739	}
740	}
741
742	if ( isset( $params['sendgrid_categories'] ) ) {
743	+ $categories = htmlspecialchars( $params['sendgrid_categories'], ENT_QUOTES, 'UTF-8' );
744	+ Sendgrid_Tools::set_categories( $categories );
745	}
746
747	if ( isset( $params['sendgrid_stats_categories'] ) ) {
748	+ $stats_categories = htmlspecialchars( $params['sendgrid_stats_categories'], ENT_QUOTES, 'UTF-8' );
749	+ Sendgrid_Tools::set_stats_categories( $stats_categories );
750	}
751
752	if ( isset( $params['sendgrid_template'] ) ) {
753	+ $template_id = htmlspecialchars( $params['sendgrid_template'], ENT_QUOTES, 'UTF-8' );
754	+ if ( ! Sendgrid_Tools::check_template( $template_id ) ) {
755	$response = array(
756	'message' => 'Template not found.',
757	'status' => 'error'
758	);
759	} else {
760	+ Sendgrid_Tools::set_template( $template_id );
761	}
762	}
763
764	if ( isset( $params['send_method'] ) ) {
765	+ $send_method = htmlspecialchars( $params['send_method'], ENT_QUOTES, 'UTF-8' );
766	+ Sendgrid_Tools::set_send_method( $send_method );
767	}
768
769	if ( isset( $params['auth_method'] ) and in_array( $params['auth_method'], Sendgrid_Tools::$allowed_auth_methods ) ) {
770	+ // Should be rejected by allowed auth method check, but just to be extra safe
771	+ $auth_method = htmlspecialchars( $params['auth_method'], ENT_QUOTES, 'UTF-8' );
772	+ Sendgrid_Tools::set_auth_method( $auth_method );
773	}
774
775	if ( isset( $params['sendgrid_port'] ) ) {
776	+ $port = htmlspecialchars( $params['sendgrid_port'], ENT_QUOTES, 'UTF-8' );
777	+ Sendgrid_Tools::set_port( $port );
778	}
779
780	if ( isset( $params['content_type'] ) ) {
781	+ $content_type = htmlspecialchars( $params['content_type'], ENT_QUOTES, 'UTF-8' );
782	+ Sendgrid_Tools::set_content_type( $content_type );
783	}
784
785	if ( isset( $params['unsubscribe_group'] ) ) {
786	+ $unsubscribe_group = htmlspecialchars( $params['unsubscribe_group'], ENT_QUOTES, 'UTF-8' );
787	+ Sendgrid_Tools::set_unsubscribe_group( $unsubscribe_group );
788	}
789
790	if( isset( $response ) and $response['status'] == 'error') {

lib/class-sendgrid-tools.php CHANGED Viewed

	@@ -447,7 +447,8 @@ class Sendgrid_Tools
447	if ( defined( 'SENDGRID_MC_SIGNUP_EMAIL_CONTENT' ) ) {
448	return SENDGRID_MC_SIGNUP_EMAIL_CONTENT;
449	} else {
450	- ~~return~~ Sendgrid_Tools::get_sendgrid_option( 'mc_signup_email_content' );

451	}
452	}
453
	@@ -461,7 +462,8 @@ class Sendgrid_Tools
461	if ( defined( 'SENDGRID_MC_SIGNUP_EMAIL_CONTENT_TEXT' ) ) {
462	return SENDGRID_MC_SIGNUP_EMAIL_CONTENT_TEXT;
463	} else {
464	- ~~return~~ Sendgrid_Tools::get_sendgrid_option( 'mc_signup_email_content_text' );

465	}
466	}
467
	@@ -614,6 +616,7 @@ class Sendgrid_Tools
614	*/
615	public static function set_mc_signup_email_content( $email_content )
616	{

617	return Sendgrid_Tools::update_sendgrid_option( 'mc_signup_email_content', $email_content );
618	}
619
	@@ -626,6 +629,7 @@ class Sendgrid_Tools
626	*/
627	public static function set_mc_signup_email_content_text( $email_content )
628	{

629	return Sendgrid_Tools::update_sendgrid_option( 'mc_signup_email_content_text', $email_content );
630	}
631
	@@ -1068,7 +1072,7 @@ class Sendgrid_Tools
1068	*/
1069	public static function set_mc_first_name_label( $first_name_label )
1070	{
1071	- return ~~update_option~~( 'mc_first_name_label', $first_name_label );
1072	}
1073
1074	/**
	@@ -1509,6 +1513,45 @@ class Sendgrid_Tools
1509
1510	return $value;
1511	}







































1512	}
1513
1514	/**
	@@ -1548,4 +1591,4 @@ function sg_subscription_widget_admin_notice() {
1548	echo '</form>';
1549	echo '</p>';
1550	echo '</div>';
1551	- }


447	if ( defined( 'SENDGRID_MC_SIGNUP_EMAIL_CONTENT' ) ) {
448	return SENDGRID_MC_SIGNUP_EMAIL_CONTENT;
449	} else {
450	+ $signup_email_content = Sendgrid_Tools::get_sendgrid_option( 'mc_signup_email_content' );
451	+ return htmlspecialchars_decode( $signup_email_content, ENT_QUOTES );
452	}
453	}
454

462	if ( defined( 'SENDGRID_MC_SIGNUP_EMAIL_CONTENT_TEXT' ) ) {
463	return SENDGRID_MC_SIGNUP_EMAIL_CONTENT_TEXT;
464	} else {
465	+ $signup_email_text = Sendgrid_Tools::get_sendgrid_option( 'mc_signup_email_content_text' );
466	+ return htmlspecialchars_decode( $signup_email_text, ENT_QUOTES );
467	}
468	}
469

616	*/
617	public static function set_mc_signup_email_content( $email_content )
618	{
619	+ $email_content = htmlspecialchars( $email_content, ENT_QUOTES, 'UTF-8' );
620	return Sendgrid_Tools::update_sendgrid_option( 'mc_signup_email_content', $email_content );
621	}
622

629	*/
630	public static function set_mc_signup_email_content_text( $email_content )
631	{
632	+ $email_content = htmlspecialchars( $email_content, ENT_QUOTES, 'UTF-8' );
633	return Sendgrid_Tools::update_sendgrid_option( 'mc_signup_email_content_text', $email_content );
634	}
635

1072	*/
1073	public static function set_mc_first_name_label( $first_name_label )
1074	{
1075	+ return Sendgrid_Tools::update_sendgrid_option( 'mc_first_name_label', $first_name_label );
1076	}
1077
1078	/**

1513
1514	return $value;
1515	}
1516	+
1517	+ /**
1518	+ * Function that outputs the XSS sanitized string of the current request URI,
1519	+ * this is used in all plugin settings forms.
1520	+ *
1521	+ * @return string XSS sanitized form action attribute
1522	+ */
1523	+ public static function get_form_action() {
1524	+ // Get the original query string
1525	+ $original_query_string = $_SERVER['QUERY_STRING'];
1526	+ parse_str( $original_query_string, $get_params );
1527	+ $count_of_parameters = count( $get_params );
1528	+
1529	+ // No get parameters are set
1530	+ if ( ! count( $get_params ) ) {
1531	+ return $_SERVER['REQUEST_URI'];
1532	+ }
1533	+
1534	+ // Perform sanitization for XSS
1535	+ $sanitized_query_string = '';
1536	+ $current_parameter_count = 0;
1537	+
1538	+ foreach ( $get_params as $key => $value ) {
1539	+ $value = urldecode( $value );
1540	+ $value = htmlspecialchars( $value );
1541	+ $value = urlencode( $value );
1542	+ $sanitized_query_string .= $key . '=' . $value;
1543	+
1544	+ // Append & if it's not the last element
1545	+ if ( ++$current_parameter_count !== $count_of_parameters ) {
1546	+ $sanitized_query_string .= '&';
1547	+ }
1548	+ }
1549	+
1550	+ $request_uri = str_replace( $original_query_string, $sanitized_query_string, $_SERVER['REQUEST_URI'] );
1551	+ // This might be redundant, but certain online url encoders omit the ~ character when encoding
1552	+ $request_uri = str_replace( '%7E', '~', $request_uri );
1553	+ return $request_uri;
1554	+ }
1555	}
1556
1557	/**

1591	echo '</form>';
1592	echo '</p>';
1593	echo '</div>';
1594	+ }

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: http://sendgrid.com/
4	Tags: email, email reliability, email templates, sendgrid, smtp, transactional email, wp_mail,email infrastructure, email marketing, marketing email, deliverability, email deliverability, email delivery, email server, mail server, email integration, cloud email
5	Requires at least: 4.2
6	Tested up to: 4.7
7	- Stable tag: 1.10.7
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -256,6 +256,8 @@ The settings for all sites in the network can be configured only by the Network
256
257	== Changelog ==
258


259	= 1.10.7 =
260	* Add port 2525 for SMTP
261	* Use cache for stats widget on dashboard
	@@ -400,6 +402,8 @@ The settings for all sites in the network can be configured only by the Network
400
401	== Upgrade notice ==
402


403	= 1.10.7 =
404	* Add port 2525 for SMTP
405	* Use cache for stats widget on dashboard


4	Tags: email, email reliability, email templates, sendgrid, smtp, transactional email, wp_mail,email infrastructure, email marketing, marketing email, deliverability, email deliverability, email delivery, email server, mail server, email integration, cloud email
5	Requires at least: 4.2
6	Tested up to: 4.7
7	+ Stable tag: 1.10.8
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

256
257	== Changelog ==
258
259	+ = 1.10.8 =
260	+ * Fixed an XSS vulnerability in the settings forms that would allow other admins to inject scripts.
261	= 1.10.7 =
262	* Add port 2525 for SMTP
263	* Use cache for stats widget on dashboard

402
403	== Upgrade notice ==
404
405	+ = 1.10.8 =
406	+ * Fixed an XSS vulnerability in the settings forms that would allow other admins to inject scripts.
407	= 1.10.7 =
408	* Add port 2525 for SMTP
409	* Use cache for stats widget on dashboard

view/sendgrid_settings.php CHANGED Viewed

	@@ -19,8 +19,8 @@
19	}
20
21	$active_tab = current( array_keys( $tabs ) );
22	- if ( isset( $_GET[ 'tab' ] ) ) {
23	- $selected_tab = $_GET[ 'tab' ];
24	if ( array_key_exists( $selected_tab, $tabs ) ) {
25	$active_tab = $selected_tab;
26	}


19	}
20
21	$active_tab = current( array_keys( $tabs ) );
22	+ if ( isset( $_GET['tab'] ) ) {
23	+ $selected_tab = $_GET['tab'];
24	if ( array_key_exists( $selected_tab, $tabs ) ) {
25	$active_tab = $selected_tab;
26	}

view/sendgrid_settings_general.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php if ( $active_tab == 'general' ): ?>
2	- <form class="form-table" name="sendgrid_form" id="sendgrid_general_settings_form" method="POST" action="<?php echo ~~str_replace~~( ~~'%7E', '~', $_SERVER['REQUEST_URI']~~ ); ?>">
3	<table class="form-table">
4	<tbody>
5	<tr valign="top">


1	<?php if ( $active_tab == 'general' ): ?>
2	+ <form class="form-table" name="sendgrid_form" id="sendgrid_general_settings_form" method="POST" action="<?php echo Sendgrid_Tools::get_form_action(); ?>">
3	<table class="form-table">
4	<tbody>
5	<tr valign="top">

view/sendgrid_settings_nlvx.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php if ( $active_tab == 'marketing' ): ?>
2	- <form class="form-table" name="sendgrid_form" id="sendgrid_form_mc" method="POST" action="<?php echo ~~str_replace~~( ~~'%7E', '~', $_SERVER['REQUEST_URI']~~ ); ?>">
3	<table class="form-table">
4	<tbody>
5	<tr valign="top">


1	<?php if ( $active_tab == 'marketing' ): ?>
2	+ <form class="form-table" name="sendgrid_form" id="sendgrid_form_mc" method="POST" action="<?php echo Sendgrid_Tools::get_form_action(); ?>">
3	<table class="form-table">
4	<tbody>
5	<tr valign="top">

view/sendgrid_settings_test_contact.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php if ( $active_tab == 'marketing' ): ?>
2	<?php if ( ( $is_mc_api_key_valid and $contact_list_id_is_valid ) or ( 'error' == $status and isset( $error_type ) and 'upload' == $error_type ) ): ?>
3	- <form class="form-table" name="sendgrid_form" method="POST" action="<?php echo ~~str_replace~~( ~~'%7E', '~', $_SERVER['REQUEST_URI']~~ ); ?>">
4	<table class="form-table">
5	<tbody>
6	<tr valign="top">


1	<?php if ( $active_tab == 'marketing' ): ?>
2	<?php if ( ( $is_mc_api_key_valid and $contact_list_id_is_valid ) or ( 'error' == $status and isset( $error_type ) and 'upload' == $error_type ) ): ?>
3	+ <form class="form-table" name="sendgrid_form" method="POST" action="<?php echo Sendgrid_Tools::get_form_action(); ?>">
4	<table class="form-table">
5	<tbody>
6	<tr valign="top">

view/sendgrid_settings_test_email.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php if ( $active_tab == 'general' ): ?>
2	<?php if ( ! isset($status) or ( 'updated' == $status ) or ( 'valid_auth' == $status) or ( 'error' == $status and isset( $error_type ) and 'sending' == $error_type ) ): ?>
3	- <form name="sendgrid_test" method="POST" action="<?php echo ~~str_replace~~(~~'%7E', '~', $_SERVER['REQUEST_URI']~~); ?>">
4	<table class="form-table">
5	<tbody>
6	<tr valign="top">


1	<?php if ( $active_tab == 'general' ): ?>
2	<?php if ( ! isset($status) or ( 'updated' == $status ) or ( 'valid_auth' == $status) or ( 'error' == $status and isset( $error_type ) and 'sending' == $error_type ) ): ?>
3	+ <form name="sendgrid_test" method="POST" action="<?php echo Sendgrid_Tools::get_form_action(); ?>">
4	<table class="form-table">
5	<tbody>
6	<tr valign="top">

wpsendgrid.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: SendGrid
4	Plugin URI: http://wordpress.org/plugins/sendgrid-email-delivery-simplified/
5	Description: Email Delivery. Simplified. SendGrid's cloud-based email infrastructure relieves businesses of the cost and complexity of maintaining custom email systems. SendGrid provides reliable delivery, scalability and real-time analytics along with flexible APIs that make custom integration a breeze.
6	- Version: 1.10.7
7	Author: SendGrid
8	Author URI: http://sendgrid.com
9	Text Domain: sendgrid-email-delivery-simplified


3	Plugin Name: SendGrid
4	Plugin URI: http://wordpress.org/plugins/sendgrid-email-delivery-simplified/
5	Description: Email Delivery. Simplified. SendGrid's cloud-based email infrastructure relieves businesses of the cost and complexity of maintaining custom email systems. SendGrid provides reliable delivery, scalability and real-time analytics along with flexible APIs that make custom integration a breeze.
6	+ Version: 1.10.8
7	Author: SendGrid
8	Author URI: http://sendgrid.com
9	Text Domain: sendgrid-email-delivery-simplified