Version Description
- XSS and CSRF fixes
Download this release
Release Info
| Developer | freediver |
| Plugin |  SEO Friendly Images |
| Version | 2.7.5 |
| Comparing to | |
| See all releases | |
Code changes from version 2.7.4 to 2.7.5
- readme.txt +3 -0
- seo-friendly-images.php +9 -6
readme.txt
CHANGED
|
@@ -23,6 +23,9 @@ If you like what I do in WordPress, you will also like [ManageWP](http://managew
|
|
| 23 |
|
| 24 |
== Changelog ==
|
| 25 |
|
|
|
|
|
|
|
|
|
|
| 26 |
= 2.7.4 =
|
| 27 |
* WordPress 3.5.1 Compatibility
|
| 28 |
|
| 23 |
|
| 24 |
== Changelog ==
|
| 25 |
|
| 26 |
+
= 2.7.5 =
|
| 27 |
+
* XSS and CSRF fixes
|
| 28 |
+
|
| 29 |
= 2.7.4 =
|
| 30 |
* WordPress 3.5.1 Compatibility
|
| 31 |
|
seo-friendly-images.php
CHANGED
|
@@ -4,7 +4,7 @@
|
|
| 4 |
Plugin Name: SEO Friendly Images
|
| 5 |
Plugin URI: http://www.prelovac.com/vladimir/wordpress-plugins/seo-friendly-images
|
| 6 |
Description: Automatically adds alt and title attributes to all your images. Improves traffic from search results and makes them W3C/xHTML valid as well.
|
| 7 |
-
Version: 2.7.
|
| 8 |
Author: Vladimir Prelovac
|
| 9 |
Author URI: http://www.prelovac.com/vladimir
|
| 10 |
|
|
@@ -15,7 +15,7 @@ To-Do:
|
|
| 15 |
Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
| 16 |
|
| 17 |
*/
|
| 18 |
-
$seo_friendly_images_localversion="2.
|
| 19 |
$sfi_plugin_url = trailingslashit( get_bloginfo('wpurl') ).PLUGINDIR.'/'. dirname( plugin_basename(__FILE__) );
|
| 20 |
function seo_friendly_images_add_pages() {
|
| 21 |
add_options_page('SEO Friendly Images options', 'SEO Friendly Images', 'manage_options', __FILE__, 'seo_friendly_images_options_page');
|
|
@@ -38,9 +38,9 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
| 38 |
}
|
| 39 |
|
| 40 |
// If form was submitted
|
| 41 |
-
if (isset($_POST['submitted'])) {
|
| 42 |
-
$alt_text=(!isset($_POST['alttext'])? '': $_POST['alttext']);
|
| 43 |
-
$title_text=(!isset($_POST['titletext'])? '': $_POST['titletext']);
|
| 44 |
$override=(!isset($_POST['override'])? 'off': 'on');
|
| 45 |
$override_title=(!isset($_POST['override_title'])? 'off': 'on');
|
| 46 |
update_option('seo_friendly_images_alt', $alt_text);
|
|
@@ -68,7 +68,7 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
| 68 |
|
| 69 |
global $sfi_plugin_url;
|
| 70 |
$imgpath=$sfi_plugin_url.'/i';
|
| 71 |
-
$action_url
|
| 72 |
|
| 73 |
// Configuration Page
|
| 74 |
echo <<<END
|
|
@@ -121,6 +121,9 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
| 121 |
</p>
|
| 122 |
<div class="submit"><input type="submit" name="Submit" value="Update options" /></div>
|
| 123 |
</div>
|
|
|
|
|
|
|
|
|
|
| 124 |
</form>
|
| 125 |
<br/><br/><h3> </h3>
|
| 126 |
</div>
|
| 4 |
Plugin Name: SEO Friendly Images
|
| 5 |
Plugin URI: http://www.prelovac.com/vladimir/wordpress-plugins/seo-friendly-images
|
| 6 |
Description: Automatically adds alt and title attributes to all your images. Improves traffic from search results and makes them W3C/xHTML valid as well.
|
| 7 |
+
Version: 2.7.5
|
| 8 |
Author: Vladimir Prelovac
|
| 9 |
Author URI: http://www.prelovac.com/vladimir
|
| 10 |
|
| 15 |
Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
| 16 |
|
| 17 |
*/
|
| 18 |
+
$seo_friendly_images_localversion="2.7.5";
|
| 19 |
$sfi_plugin_url = trailingslashit( get_bloginfo('wpurl') ).PLUGINDIR.'/'. dirname( plugin_basename(__FILE__) );
|
| 20 |
function seo_friendly_images_add_pages() {
|
| 21 |
add_options_page('SEO Friendly Images options', 'SEO Friendly Images', 'manage_options', __FILE__, 'seo_friendly_images_options_page');
|
| 38 |
}
|
| 39 |
|
| 40 |
// If form was submitted
|
| 41 |
+
if (isset($_POST['submitted']) && check_admin_referer('CSRFcheck','CSRF_check')) {
|
| 42 |
+
$alt_text=(!isset($_POST['alttext'])? '': htmlentities(stripslashes(strip_tags($_POST['alttext']))));
|
| 43 |
+
$title_text=(!isset($_POST['titletext'])? '': htmlentities(stripslashes(strip_tags($_POST['titletext']))));
|
| 44 |
$override=(!isset($_POST['override'])? 'off': 'on');
|
| 45 |
$override_title=(!isset($_POST['override_title'])? 'off': 'on');
|
| 46 |
update_option('seo_friendly_images_alt', $alt_text);
|
| 68 |
|
| 69 |
global $sfi_plugin_url;
|
| 70 |
$imgpath=$sfi_plugin_url.'/i';
|
| 71 |
+
$action_url=htmlentities(stripslashes(strip_tags($_SERVER['REQUEST_URI'])));
|
| 72 |
|
| 73 |
// Configuration Page
|
| 74 |
echo <<<END
|
| 121 |
</p>
|
| 122 |
<div class="submit"><input type="submit" name="Submit" value="Update options" /></div>
|
| 123 |
</div>
|
| 124 |
+
END;
|
| 125 |
+
wp_nonce_field('CSRFcheck','CSRF_check', false);
|
| 126 |
+
echo <<<END
|
| 127 |
</form>
|
| 128 |
<br/><br/><h3> </h3>
|
| 129 |
</div>
|
