Version Description
- XSS and CSRF fixes
Download this release
Release Info
Developer | freediver |
Plugin | SEO Friendly Images |
Version | 2.7.5 |
Comparing to | |
See all releases |
Code changes from version 2.7.4 to 2.7.5
- readme.txt +3 -0
- seo-friendly-images.php +9 -6
readme.txt
CHANGED
@@ -23,6 +23,9 @@ If you like what I do in WordPress, you will also like [ManageWP](http://managew
|
|
23 |
|
24 |
== Changelog ==
|
25 |
|
|
|
|
|
|
|
26 |
= 2.7.4 =
|
27 |
* WordPress 3.5.1 Compatibility
|
28 |
|
23 |
|
24 |
== Changelog ==
|
25 |
|
26 |
+
= 2.7.5 =
|
27 |
+
* XSS and CSRF fixes
|
28 |
+
|
29 |
= 2.7.4 =
|
30 |
* WordPress 3.5.1 Compatibility
|
31 |
|
seo-friendly-images.php
CHANGED
@@ -4,7 +4,7 @@
|
|
4 |
Plugin Name: SEO Friendly Images
|
5 |
Plugin URI: http://www.prelovac.com/vladimir/wordpress-plugins/seo-friendly-images
|
6 |
Description: Automatically adds alt and title attributes to all your images. Improves traffic from search results and makes them W3C/xHTML valid as well.
|
7 |
-
Version: 2.7.
|
8 |
Author: Vladimir Prelovac
|
9 |
Author URI: http://www.prelovac.com/vladimir
|
10 |
|
@@ -15,7 +15,7 @@ To-Do:
|
|
15 |
Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
16 |
|
17 |
*/
|
18 |
-
$seo_friendly_images_localversion="2.
|
19 |
$sfi_plugin_url = trailingslashit( get_bloginfo('wpurl') ).PLUGINDIR.'/'. dirname( plugin_basename(__FILE__) );
|
20 |
function seo_friendly_images_add_pages() {
|
21 |
add_options_page('SEO Friendly Images options', 'SEO Friendly Images', 'manage_options', __FILE__, 'seo_friendly_images_options_page');
|
@@ -38,9 +38,9 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
38 |
}
|
39 |
|
40 |
// If form was submitted
|
41 |
-
if (isset($_POST['submitted'])) {
|
42 |
-
$alt_text=(!isset($_POST['alttext'])? '': $_POST['alttext']);
|
43 |
-
$title_text=(!isset($_POST['titletext'])? '': $_POST['titletext']);
|
44 |
$override=(!isset($_POST['override'])? 'off': 'on');
|
45 |
$override_title=(!isset($_POST['override_title'])? 'off': 'on');
|
46 |
update_option('seo_friendly_images_alt', $alt_text);
|
@@ -68,7 +68,7 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
68 |
|
69 |
global $sfi_plugin_url;
|
70 |
$imgpath=$sfi_plugin_url.'/i';
|
71 |
-
$action_url
|
72 |
|
73 |
// Configuration Page
|
74 |
echo <<<END
|
@@ -121,6 +121,9 @@ Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
|
121 |
</p>
|
122 |
<div class="submit"><input type="submit" name="Submit" value="Update options" /></div>
|
123 |
</div>
|
|
|
|
|
|
|
124 |
</form>
|
125 |
<br/><br/><h3> </h3>
|
126 |
</div>
|
4 |
Plugin Name: SEO Friendly Images
|
5 |
Plugin URI: http://www.prelovac.com/vladimir/wordpress-plugins/seo-friendly-images
|
6 |
Description: Automatically adds alt and title attributes to all your images. Improves traffic from search results and makes them W3C/xHTML valid as well.
|
7 |
+
Version: 2.7.5
|
8 |
Author: Vladimir Prelovac
|
9 |
Author URI: http://www.prelovac.com/vladimir
|
10 |
|
15 |
Copyright 2008 Vladimir Prelovac vprelovac@gmail.com
|
16 |
|
17 |
*/
|
18 |
+
$seo_friendly_images_localversion="2.7.5";
|
19 |
$sfi_plugin_url = trailingslashit( get_bloginfo('wpurl') ).PLUGINDIR.'/'. dirname( plugin_basename(__FILE__) );
|
20 |
function seo_friendly_images_add_pages() {
|
21 |
add_options_page('SEO Friendly Images options', 'SEO Friendly Images', 'manage_options', __FILE__, 'seo_friendly_images_options_page');
|
38 |
}
|
39 |
|
40 |
// If form was submitted
|
41 |
+
if (isset($_POST['submitted']) && check_admin_referer('CSRFcheck','CSRF_check')) {
|
42 |
+
$alt_text=(!isset($_POST['alttext'])? '': htmlentities(stripslashes(strip_tags($_POST['alttext']))));
|
43 |
+
$title_text=(!isset($_POST['titletext'])? '': htmlentities(stripslashes(strip_tags($_POST['titletext']))));
|
44 |
$override=(!isset($_POST['override'])? 'off': 'on');
|
45 |
$override_title=(!isset($_POST['override_title'])? 'off': 'on');
|
46 |
update_option('seo_friendly_images_alt', $alt_text);
|
68 |
|
69 |
global $sfi_plugin_url;
|
70 |
$imgpath=$sfi_plugin_url.'/i';
|
71 |
+
$action_url=htmlentities(stripslashes(strip_tags($_SERVER['REQUEST_URI'])));
|
72 |
|
73 |
// Configuration Page
|
74 |
echo <<<END
|
121 |
</p>
|
122 |
<div class="submit"><input type="submit" name="Submit" value="Update options" /></div>
|
123 |
</div>
|
124 |
+
END;
|
125 |
+
wp_nonce_field('CSRFcheck','CSRF_check', false);
|
126 |
+
echo <<<END
|
127 |
</form>
|
128 |
<br/><br/><h3> </h3>
|
129 |
</div>
|