Shortcodes Ultimate - Version 4.10.0

Version Description

  • Fixed: security vulnerability at 'Examples' admin page (insecure call of file_get_contents() at inc/core/tools.php:774)
  • Fixed: added access check to permalink shortcode. Pull request #20.
  • Added: PHP7 compatibility. Checked with php7cc and PHP Compatibility Checker. Pull request #45.
  • Added: https support for Google Maps. Pull request #40.
  • Added: https support for Youtube. Pull request #39.
Download this release

Release Info

Developer gn_themes
Plugin Icon 128x128 Shortcodes Ultimate
Version 4.10.0
Comparing to
See all releases

Code changes from version 4.9.9 to 4.10.0

Files changed (8) hide show
  1. assets/js/options-page.js +1 -3
  2. assets/js/other-shortcodes.js +23 -23
  3. inc/core/admin-views.php +1 -2
  4. inc/core/shortcodes.php +9 -4
  5. inc/core/tools.php +34 -7
  6. languages/shortcodes-ultimate-el_GR.po +1 -103
  7. readme.txt +8 -1
  8. shortcodes-ultimate.php +2 -2
assets/js/options-page.js CHANGED
@@ -73,8 +73,7 @@ jQuery(document).ready(function($) {
73
  delay = 200;
74
  if ($item.hasClass('su-examples-item')) {
75
  $item.on('click', function(e) {
76
- var code = $(this).data('code'),
77
- id = $(this).data('id');
78
  $item.magnificPopup({
79
  type: 'inline',
80
  alignTop: true,
@@ -96,7 +95,6 @@ jQuery(document).ready(function($) {
96
  dataType: 'html',
97
  data: {
98
  action: 'su_example_preview',
99
- code: code,
100
  id: id,
101
  nonce: nonce
102
  },
73
  delay = 200;
74
  if ($item.hasClass('su-examples-item')) {
75
  $item.on('click', function(e) {
76
+ var id = $(this).data('id');
 
77
  $item.magnificPopup({
78
  type: 'inline',
79
  alignTop: true,
95
  dataType: 'html',
96
  data: {
97
  action: 'su_example_preview',
 
98
  id: id,
99
  nonce: nonce
100
  },
assets/js/other-shortcodes.js CHANGED
@@ -1,7 +1,7 @@
1
- jQuery(document).ready(function ($) {
2
 
3
  // Spoiler
4
- $('body:not(.su-other-shortcodes-loaded)').on('click', '.su-spoiler-title', function (e) {
5
  var $title = $(this),
6
  $spoiler = $title.parent(),
7
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
@@ -15,7 +15,7 @@ jQuery(document).ready(function ($) {
15
  });
16
  $('.su-spoiler-content').removeAttr('style');
17
  // Tabs
18
- $('body:not(.su-other-shortcodes-loaded)').on('click', '.su-tabs-nav span', function (e) {
19
  var $tab = $(this),
20
  data = $tab.data(),
21
  index = $tab.index(),
@@ -30,7 +30,7 @@ jQuery(document).ready(function ($) {
30
  // Disable all tabs, enable selected tab
31
  $tabs.removeClass('su-tabs-current').eq(index).addClass('su-tabs-current');
32
  // Reload gmaps
33
- if ($gmaps.length > 0) $gmaps.each(function () {
34
  var $iframe = $(this).find('iframe:first');
35
  $(this).addClass('su-gmap-reloaded');
36
  $iframe.attr('src', $iframe.attr('src'));
@@ -46,7 +46,7 @@ jQuery(document).ready(function ($) {
46
  });
47
 
48
  // Activate tabs
49
- $('.su-tabs').each(function () {
50
  var active = parseInt($(this).data('active')) - 1;
51
  $(this).children('.su-tabs-nav').children('span').eq(active).trigger('click');
52
  tabs_height();
@@ -56,8 +56,8 @@ jQuery(document).ready(function ($) {
56
  anchor_nav();
57
 
58
  // Lightbox
59
- $('.su-lightbox').each(function () {
60
- $(this).on('click', function (e) {
61
  e.preventDefault();
62
  e.stopPropagation();
63
  if ($(this).parent().attr('id') === 'su-generator-preview') $(this).html(su_other_shortcodes.no_preview);
@@ -85,12 +85,12 @@ jQuery(document).ready(function ($) {
85
  // Tables
86
  $('.su-table tr:even').addClass('su-even');
87
  // Frame
88
- $('.su-frame-align-center, .su-frame-align-none').each(function () {
89
  var frame_width = $(this).find('img').width();
90
  $(this).css('width', frame_width + 12);
91
  });
92
  // Tooltip
93
- $('.su-tooltip').each(function () {
94
  var $tt = $(this),
95
  $content = $tt.find('.su-tooltip-content'),
96
  is_advanced = $content.length > 0,
@@ -116,17 +116,17 @@ jQuery(document).ready(function ($) {
116
  if (data.behavior === 'click') {
117
  config.show = 'click';
118
  config.hide = 'click';
119
- $tt.on('click', function (e) {
120
  e.preventDefault();
121
  e.stopPropagation();
122
  });
123
- $(window).on('scroll resize', function () {
124
  $tt.qtip('reposition');
125
  });
126
  } else if (data.behavior === 'always') {
127
  config.show = true;
128
  config.hide = false;
129
- $(window).on('scroll resize', function () {
130
  $tt.qtip('reposition');
131
  });
132
  } else if (data.behavior === 'hover' && is_advanced) {
@@ -139,7 +139,7 @@ jQuery(document).ready(function ($) {
139
  });
140
 
141
  // Expand
142
- $('.su-expand').each(function () {
143
  var $this = $(this),
144
  $content = $this.children('.su-expand-content'),
145
  $more = $this.children('.su-expand-link-more'),
@@ -147,11 +147,11 @@ jQuery(document).ready(function ($) {
147
  data = $this.data(),
148
  col = 'su-expand-collapsed';
149
 
150
- $more.on('click', function (e) {
151
  $content.css('max-height', 'none');
152
  $this.removeClass(col);
153
  });
154
- $less.on('click', function (e) {
155
  $content.css('max-height', data.height + 'px');
156
  $this.addClass(col);
157
  });
@@ -168,11 +168,11 @@ jQuery(document).ready(function ($) {
168
  // Animations is supported
169
  if (is_transition_supported()) {
170
  // Animate
171
- $('.su-animate').each(function () {
172
- $(this).one('inview', function (e) {
173
  var $this = $(this),
174
  data = $this.data();
175
- window.setTimeout(function () {
176
  $this.addClass(data.animation);
177
  $this.addClass('animated');
178
  $this.css('visibility', 'visible');
@@ -186,7 +186,7 @@ jQuery(document).ready(function ($) {
186
  }
187
 
188
  function tabs_height() {
189
- $('.su-tabs-vertical').each(function () {
190
  var $tabs = $(this),
191
  $nav = $tabs.children('.su-tabs-nav'),
192
  $panes = $tabs.find('.su-tabs-pane'),
@@ -199,27 +199,27 @@ jQuery(document).ready(function ($) {
199
  // Check hash
200
  if (document.location.hash === '') return;
201
  // Go through tabs
202
- $('.su-tabs-nav span[data-anchor]').each(function () {
203
  if ('#' + $(this).data('anchor') === document.location.hash) {
204
  var $tabs = $(this).parents('.su-tabs'),
205
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
206
  // Activate tab
207
  $(this).trigger('click');
208
  // Scroll-in tabs container
209
- window.setTimeout(function () {
210
  $(window).scrollTop($tabs.offset().top - bar - 10);
211
  }, 100);
212
  }
213
  });
214
  // Go through spoilers
215
- $('.su-spoiler[data-anchor]').each(function () {
216
  if ('#' + $(this).data('anchor') === document.location.hash) {
217
  var $spoiler = $(this),
218
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
219
  // Activate tab
220
  if ($spoiler.hasClass('su-spoiler-closed')) $spoiler.find('.su-spoiler-title:first').trigger('click');
221
  // Scroll-in tabs container
222
- window.setTimeout(function () {
223
  $(window).scrollTop($spoiler.offset().top - bar - 10);
224
  }, 100);
225
  }
1
+ jQuery(document).ready(function($) {
2
 
3
  // Spoiler
4
+ $('body:not(.su-other-shortcodes-loaded)').on('click', '.su-spoiler-title', function(e) {
5
  var $title = $(this),
6
  $spoiler = $title.parent(),
7
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
15
  });
16
  $('.su-spoiler-content').removeAttr('style');
17
  // Tabs
18
+ $('body:not(.su-other-shortcodes-loaded)').on('click', '.su-tabs-nav span', function(e) {
19
  var $tab = $(this),
20
  data = $tab.data(),
21
  index = $tab.index(),
30
  // Disable all tabs, enable selected tab
31
  $tabs.removeClass('su-tabs-current').eq(index).addClass('su-tabs-current');
32
  // Reload gmaps
33
+ if ($gmaps.length > 0) $gmaps.each(function() {
34
  var $iframe = $(this).find('iframe:first');
35
  $(this).addClass('su-gmap-reloaded');
36
  $iframe.attr('src', $iframe.attr('src'));
46
  });
47
 
48
  // Activate tabs
49
+ $('.su-tabs').each(function() {
50
  var active = parseInt($(this).data('active')) - 1;
51
  $(this).children('.su-tabs-nav').children('span').eq(active).trigger('click');
52
  tabs_height();
56
  anchor_nav();
57
 
58
  // Lightbox
59
+ $('.su-lightbox').each(function() {
60
+ $(this).on('click', '.su-lightbox', function(e) {
61
  e.preventDefault();
62
  e.stopPropagation();
63
  if ($(this).parent().attr('id') === 'su-generator-preview') $(this).html(su_other_shortcodes.no_preview);
85
  // Tables
86
  $('.su-table tr:even').addClass('su-even');
87
  // Frame
88
+ $('.su-frame-align-center, .su-frame-align-none').each(function() {
89
  var frame_width = $(this).find('img').width();
90
  $(this).css('width', frame_width + 12);
91
  });
92
  // Tooltip
93
+ $('.su-tooltip').each(function() {
94
  var $tt = $(this),
95
  $content = $tt.find('.su-tooltip-content'),
96
  is_advanced = $content.length > 0,
116
  if (data.behavior === 'click') {
117
  config.show = 'click';
118
  config.hide = 'click';
119
+ $tt.on('click', function(e) {
120
  e.preventDefault();
121
  e.stopPropagation();
122
  });
123
+ $(window).on('scroll resize', function() {
124
  $tt.qtip('reposition');
125
  });
126
  } else if (data.behavior === 'always') {
127
  config.show = true;
128
  config.hide = false;
129
+ $(window).on('scroll resize', function() {
130
  $tt.qtip('reposition');
131
  });
132
  } else if (data.behavior === 'hover' && is_advanced) {
139
  });
140
 
141
  // Expand
142
+ $('.su-expand').each(function() {
143
  var $this = $(this),
144
  $content = $this.children('.su-expand-content'),
145
  $more = $this.children('.su-expand-link-more'),
147
  data = $this.data(),
148
  col = 'su-expand-collapsed';
149
 
150
+ $more.on('click', function(e) {
151
  $content.css('max-height', 'none');
152
  $this.removeClass(col);
153
  });
154
+ $less.on('click', function(e) {
155
  $content.css('max-height', data.height + 'px');
156
  $this.addClass(col);
157
  });
168
  // Animations is supported
169
  if (is_transition_supported()) {
170
  // Animate
171
+ $('.su-animate').each(function() {
172
+ $(this).one('inview', function(e) {
173
  var $this = $(this),
174
  data = $this.data();
175
+ window.setTimeout(function() {
176
  $this.addClass(data.animation);
177
  $this.addClass('animated');
178
  $this.css('visibility', 'visible');
186
  }
187
 
188
  function tabs_height() {
189
+ $('.su-tabs-vertical').each(function() {
190
  var $tabs = $(this),
191
  $nav = $tabs.children('.su-tabs-nav'),
192
  $panes = $tabs.find('.su-tabs-pane'),
199
  // Check hash
200
  if (document.location.hash === '') return;
201
  // Go through tabs
202
+ $('.su-tabs-nav span[data-anchor]').each(function() {
203
  if ('#' + $(this).data('anchor') === document.location.hash) {
204
  var $tabs = $(this).parents('.su-tabs'),
205
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
206
  // Activate tab
207
  $(this).trigger('click');
208
  // Scroll-in tabs container
209
+ window.setTimeout(function() {
210
  $(window).scrollTop($tabs.offset().top - bar - 10);
211
  }, 100);
212
  }
213
  });
214
  // Go through spoilers
215
+ $('.su-spoiler[data-anchor]').each(function() {
216
  if ('#' + $(this).data('anchor') === document.location.hash) {
217
  var $spoiler = $(this),
218
  bar = ($('#wpadminbar').length > 0) ? 28 : 0;
219
  // Activate tab
220
  if ($spoiler.hasClass('su-spoiler-closed')) $spoiler.find('.su-spoiler-title:first').trigger('click');
221
  // Scroll-in tabs container
222
+ window.setTimeout(function() {
223
  $(window).scrollTop($spoiler.offset().top - bar - 10);
224
  }, 100);
225
  }
inc/core/admin-views.php CHANGED
@@ -100,9 +100,8 @@ class Su_Admin_Views {
100
  foreach ( $examples as $group ) {
101
  $items = array();
102
  if ( isset( $group['items'] ) ) foreach ( $group['items'] as $item ) {
103
- $code = ( isset( $item['code'] ) ) ? $item['code'] : plugins_url( 'inc/examples/' . $item['id'] . '.example', SU_PLUGIN_FILE );
104
  $id = ( isset( $item['id'] ) ) ? $item['id'] : '';
105
- $items[] = '<div class="su-examples-item" data-code="' . $code . '" data-id="' . $id . '" data-mfp-src="#su-examples-window"><i class="fa fa-' . $item['icon'] . '"></i> ' . $item['name'] . '</div>';
106
  }
107
  $output[] = '<div class="su-examples-group su-clearfix"><h2 class="su-examples-group-title">' . $group['title'] . '</h2>' . implode( '', $items ) . '</div>';
108
  }
100
  foreach ( $examples as $group ) {
101
  $items = array();
102
  if ( isset( $group['items'] ) ) foreach ( $group['items'] as $item ) {
 
103
  $id = ( isset( $item['id'] ) ) ? $item['id'] : '';
104
+ $items[] = '<div class="su-examples-item" data-id="' . $id . '" data-mfp-src="#su-examples-window"><i class="fa fa-' . $item['icon'] . '"></i> ' . $item['name'] . '</div>';
105
  }
106
  $output[] = '<div class="su-examples-group su-clearfix"><h2 class="su-examples-group-title">' . $group['title'] . '</h2>' . implode( '', $items ) . '</div>';
107
  }
inc/core/shortcodes.php CHANGED
@@ -629,7 +629,7 @@ class Su_Shortcodes {
629
  $autoplay = ( $atts['autoplay'] === 'yes' ) ? '?autoplay=1' : '';
630
  // Create player
631
  $return[] = '<div class="su-youtube su-responsive-media-' . $atts['responsive'] . su_ecssc( $atts ) . '">';
632
- $return[] = '<iframe width="' . $atts['width'] . '" height="' . $atts['height'] . '" src="http://www.youtube.com/embed/' . $id . $autoplay . '" frameborder="0" allowfullscreen="true"></iframe>';
633
  $return[] = '</div>';
634
  su_query_asset( 'css', 'su-media-shortcodes' );
635
  // Return result
@@ -847,7 +847,11 @@ class Su_Shortcodes {
847
  $atts['id'] = su_scattr( $atts['id'] );
848
  // Prepare link text
849
  $text = ( $content ) ? $content : get_the_title( $atts['id'] );
850
- return '<a href="' . get_permalink( $atts['id'] ) . '" class="' . su_ecssc( $atts ) . '" title="' . $text . '" target="_' . $atts['target'] . '">' . $text . '</a>';
 
 
 
 
851
  }
852
 
853
  public static function members( $atts = null, $content = null ) {
@@ -971,7 +975,7 @@ class Su_Shortcodes {
971
  'class' => ''
972
  ), $atts, 'gmap' );
973
  su_query_asset( 'css', 'su-media-shortcodes' );
974
- return '<div class="su-gmap su-responsive-media-' . $atts['responsive'] . su_ecssc( $atts ) . '"><iframe width="' . $atts['width'] . '" height="' . $atts['height'] . '" src="http://maps.google.com/maps?q=' . urlencode( su_scattr( $atts['address'] ) ) . '&amp;output=embed"></iframe></div>';
975
  }
976
 
977
  public static function slider( $atts = null, $content = null ) {
@@ -1103,7 +1107,7 @@ class Su_Shortcodes {
1103
  // Open slide
1104
  $return .= '<div class="su-carousel-slide">';
1105
  // Slide content with link
1106
- if ( $slide['link'] ) $return .= '<a href="' . $slide['link'] . '"' . $target . 'title="' . esc_attr( $slide['title'] ) . '"><img src="' . $image['url'] . '" alt="' . esc_attr( $slide['title'] ) . '" />' . $title . '</a>';
1107
  // Slide content without link
1108
  else $return .= '<a><img src="' . $image['url'] . '" alt="' . esc_attr( $slide['title'] ) . '" />' . $title . '</a>';
1109
  // Close slide
@@ -1267,6 +1271,7 @@ class Su_Shortcodes {
1267
  // Term string to array
1268
  $tax_term = explode( ',', $tax_term );
1269
  // Validate operator
 
1270
  if ( !in_array( $tax_operator, array( 'IN', 'NOT IN', 'AND' ) ) ) $tax_operator = 'IN';
1271
  $tax_args = array( 'tax_query' => array( array(
1272
  'taxonomy' => $taxonomy,
629
  $autoplay = ( $atts['autoplay'] === 'yes' ) ? '?autoplay=1' : '';
630
  // Create player
631
  $return[] = '<div class="su-youtube su-responsive-media-' . $atts['responsive'] . su_ecssc( $atts ) . '">';
632
+ $return[] = '<iframe width="' . $atts['width'] . '" height="' . $atts['height'] . '" src="https://www.youtube.com/embed/' . $id . $autoplay . '" frameborder="0" allowfullscreen="true"></iframe>';
633
  $return[] = '</div>';
634
  su_query_asset( 'css', 'su-media-shortcodes' );
635
  // Return result
847
  $atts['id'] = su_scattr( $atts['id'] );
848
  // Prepare link text
849
  $text = ( $content ) ? $content : get_the_title( $atts['id'] );
850
+ if (current_user_can('read',$atts['id'])) {
851
+ return '<a href="' . get_permalink( $atts['id'] ) . '" class="' . su_ecssc( $atts ) . '" title="' . $text . '" target="_' . $atts['target'] . '">' . $text . '</a>';
852
+ } else {
853
+ return $text;
854
+ }
855
  }
856
 
857
  public static function members( $atts = null, $content = null ) {
975
  'class' => ''
976
  ), $atts, 'gmap' );
977
  su_query_asset( 'css', 'su-media-shortcodes' );
978
+ return '<div class="su-gmap su-responsive-media-' . $atts['responsive'] . su_ecssc( $atts ) . '"><iframe width="' . $atts['width'] . '" height="' . $atts['height'] . '" src="//maps.google.com/maps?q=' . urlencode( su_scattr( $atts['address'] ) ) . '&amp;output=embed"></iframe></div>';
979
  }
980
 
981
  public static function slider( $atts = null, $content = null ) {
1107
  // Open slide
1108
  $return .= '<div class="su-carousel-slide">';
1109
  // Slide content with link
1110
+ if ( $slide['link'] ) $return .= '<a href="' . $slide['link'] . '"' . $target . ' title="' . esc_attr( $slide['title'] ) . '"><img src="' . $image['url'] . '" alt="' . esc_attr( $slide['title'] ) . '" />' . $title . '</a>';
1111
  // Slide content without link
1112
  else $return .= '<a><img src="' . $image['url'] . '" alt="' . esc_attr( $slide['title'] ) . '" />' . $title . '</a>';
1113
  // Close slide
1271
  // Term string to array
1272
  $tax_term = explode( ',', $tax_term );
1273
  // Validate operator
1274
+ $tax_operator = str_replace( array( 0, 1, 2 ), array( 'IN', 'NOT IN', 'AND' ), $tax_operator );
1275
  if ( !in_array( $tax_operator, array( 'IN', 'NOT IN', 'AND' ) ) ) $tax_operator = 'IN';
1276
  $tax_args = array( 'tax_query' => array( array(
1277
  'taxonomy' => $taxonomy,
inc/core/tools.php CHANGED
@@ -672,7 +672,7 @@ class Su_Tools {
672
  // Prepare empty array for slides
673
  $slides = array();
674
  // Loop through source types
675
- foreach ( array( 'media', 'posts', 'category', 'taxonomy' ) as $type )
676
  if ( strpos( trim( $args['source'] ), $type . ':' ) === 0 ) {
677
  $args['source'] = array(
678
  'type' => $type,
@@ -680,6 +680,7 @@ class Su_Tools {
680
  );
681
  break;
682
  }
 
683
  // Source is not parsed correctly, return empty array
684
  if ( !is_array( $args['source'] ) ) return $slides;
685
  // Default posts query
@@ -696,6 +697,7 @@ class Su_Tools {
696
  if ( $args['source']['val'] !== 'recent' ) {
697
  $query['post__in'] = (array) explode( ',', $args['source']['val'] );
698
  $query['orderby'] = 'post__in';
 
699
  }
700
  }
701
  // Source: category
@@ -761,19 +763,19 @@ class Su_Tools {
761
  // Check nonce
762
  if ( !isset( $_REQUEST['nonce'] ) || !wp_verify_nonce( $_REQUEST['nonce'], 'su_examples_nonce' ) ) return;
763
  // Check incoming data
764
- if ( !isset( $_REQUEST['code'] ) || !isset( $_REQUEST['id'] ) ) return;
 
 
765
  // Check for cache
766
- $output = get_transient( 'su/examples/render/' . sanitize_key( $_REQUEST['id'] ) );
767
  if ( $output && SU_ENABLE_CACHE ) echo $output;
768
  // Cache not found
769
  else {
770
  ob_start();
771
  // Prepare data
772
- $code = file_get_contents( sanitize_text_field( $_REQUEST['code'] ) );
773
  // Check for code
774
  if ( !$code ) die( '<p class="su-examples-error">' . __( 'Example code does not found, please check it later', 'shortcodes-ultimate' ) . '</p>' );
775
- // Clean-up the code
776
- $code = str_replace( array( "\t", '%su_' ), array( ' ', su_cmpt() ), $code );
777
  // Split code
778
  $chunks = explode( '-----', $code );
779
  // Show snippets
@@ -792,12 +794,37 @@ class Su_Tools {
792
  do_action( 'su/examples/preview/after' );
793
  $output = ob_get_contents();
794
  ob_end_clean();
795
- set_transient( 'su/examples/render/' . sanitize_key( $_REQUEST['id'] ), $output );
796
  echo $output;
797
  }
798
  die();
799
  }
800
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
801
  public static function reset_examples() {
802
  foreach ( (array) Su_Data::examples() as $example ) foreach ( (array) $example['items'] as $item ) delete_transient( 'su/examples/render/' . $item['id'] );
803
  }
672
  // Prepare empty array for slides
673
  $slides = array();
674
  // Loop through source types
675
+ foreach ( array( 'media', 'posts', 'category', 'taxonomy' ) as $type ) {
676
  if ( strpos( trim( $args['source'] ), $type . ':' ) === 0 ) {
677
  $args['source'] = array(
678
  'type' => $type,
680
  );
681
  break;
682
  }
683
+ }
684
  // Source is not parsed correctly, return empty array
685
  if ( !is_array( $args['source'] ) ) return $slides;
686
  // Default posts query
697
  if ( $args['source']['val'] !== 'recent' ) {
698
  $query['post__in'] = (array) explode( ',', $args['source']['val'] );
699
  $query['orderby'] = 'post__in';
700
+ $query['post_type'] = 'any';
701
  }
702
  }
703
  // Source: category
763
  // Check nonce
764
  if ( !isset( $_REQUEST['nonce'] ) || !wp_verify_nonce( $_REQUEST['nonce'], 'su_examples_nonce' ) ) return;
765
  // Check incoming data
766
+ if ( !isset( $_REQUEST['id'] ) ) return;
767
+ // Set example ID
768
+ $id = sanitize_key( $_REQUEST['id'] );
769
  // Check for cache
770
+ $output = get_transient( 'su/examples/render/' . $id );
771
  if ( $output && SU_ENABLE_CACHE ) echo $output;
772
  // Cache not found
773
  else {
774
  ob_start();
775
  // Prepare data
776
+ $code = self::get_example_code( $id );
777
  // Check for code
778
  if ( !$code ) die( '<p class="su-examples-error">' . __( 'Example code does not found, please check it later', 'shortcodes-ultimate' ) . '</p>' );
 
 
779
  // Split code
780
  $chunks = explode( '-----', $code );
781
  // Show snippets
794
  do_action( 'su/examples/preview/after' );
795
  $output = ob_get_contents();
796
  ob_end_clean();
797
+ set_transient( 'su/examples/render/' . $id, $output );
798
  echo $output;
799
  }
800
  die();
801
  }
802
 
803
+ public static function get_example_code( $id ) {
804
+
805
+ $examples = Su_Data::examples();
806
+ $code;
807
+
808
+ foreach( $examples as $group ) {
809
+ foreach( $group['items'] as $example ) {
810
+ if ( isset( $example['id'], $example['code'] ) && $example['id'] === $id ) {
811
+ $code = $example['code'];
812
+ break 2;
813
+ }
814
+ }
815
+ }
816
+
817
+ if ( ! file_exists( $code ) ) {
818
+ return false;
819
+ }
820
+
821
+ $code = file_get_contents( $code );
822
+ $code = str_replace( array( "\t", '%su_' ), array( ' ', su_cmpt() ), $code );
823
+
824
+ return $code;
825
+
826
+ }
827
+
828
  public static function reset_examples() {
829
  foreach ( (array) Su_Data::examples() as $example ) foreach ( (array) $example['items'] as $item ) delete_transient( 'su/examples/render/' . $item['id'] );
830
  }
languages/shortcodes-ultimate-el_GR.po CHANGED
@@ -1,106 +1,4 @@
1
-
2
- <!-- saved from url=(0077)https://dl.dropboxusercontent.com/u/78269592/Shortcode%20Ultimate/su-el_GR.po -->
3
- <html><script>(function main() {
4
-
5
- var w = window;
6
-
7
- if (!w.alert.is_nice) {
8
-
9
- w.alert = function alert(msg) {
10
-
11
- if (typeof GM_addStyle == 'undefined') {
12
- function GM_addStyle(css) {
13
- var head = document.head || document.getElementsByTagName('head')[0];
14
- if (head) {
15
- var style = document.createElement("style");
16
- style.type = "text/css";
17
- style.appendChild(document.createTextNode(css));
18
- head.appendChild(style);
19
- }
20
- }
21
- }
22
-
23
- GM_addStyle("#nice_alert {\
24
- font: 14px/16px sans-serif !important;\
25
- position: fixed !important;\
26
- top: 0 !important;\
27
- right: 0 !important;\
28
- margin: 0 !important;\
29
- padding: 0 !important;\
30
- list-style-type: none !important;\
31
- float: left !important;\
32
- cursor: pointer !important;\
33
- text-align: left !important;\
34
- z-index: 9999 !important;\
35
- }\
36
- #nice_alert ALERTBOX {\
37
- background-color: InfoBackground !important;\
38
- color: InfoText !important;\
39
- border-bottom: 1px solid rgba(0,0,0,0.3) !important;\
40
- margin: 0 !important;\
41
- float: right !important;\
42
- clear: both !important;\
43
- overflow: hidden !important;\
44
- font-size: 14px !important;\
45
- white-space: pre-wrap !important;\
46
- outline: 0 !important;\
47
- -webkit-box-shadow: 0px 2px 8px rgba(0,0,0,0.2);\
48
- -moz-box-shadow: 0px 2px 8px rgba(0,0,0,0.3);\
49
- box-shadow: 0px 2px 8px rgba(0,0,0,0.3);\
50
- }");
51
-
52
- var nice_alert = document.getElementById('nice_alert') || document.createElement('ALERTGROUP');
53
- nice_alert.id = 'nice_alert';
54
- document.documentElement.appendChild(nice_alert);
55
- nice_alert.addEventListener('click',function(e){
56
- var t = e.target;
57
- if (t.tagName == 'ALERTBOX') {
58
- var h = t.clientHeight - 18;
59
- t.style.height = h +'px';
60
- var i = 9;
61
- var closing = setInterval(function(){
62
- i--;
63
- t.style.opacity = i/10;
64
- t.style.paddingTop = parseInt(t.style.paddingTop) - 1 +'px';
65
- t.style.paddingBottom = parseInt(t.style.paddingBottom) - 1 +'px';
66
- var currentHeight = parseInt(t.style.height) - h/10;
67
- t.style.height = (currentHeight < 0 ? 0 : currentHeight) +'px';
68
- if (i < 1) {
69
- t.style.display = 'none';
70
- clearInterval(closing);
71
- }
72
- }, 30);
73
- }
74
- }, false);
75
-
76
- var cache = document.createElement('ALERTBOX');
77
- cache.style.padding = '0px 16px';
78
- cache.style.opacity = 0;
79
- cache.tabIndex = 0;
80
-
81
- (w.alert = function alert (msg) {
82
- w.alert.is_nice = 'Of course it is!';
83
- var box = cache.cloneNode(false);
84
- box.appendChild(document.createTextNode(msg));
85
- nice_alert.appendChild(box);
86
- var i = 1;
87
- var showing = setInterval(function(){
88
- box.style.opacity = i/10;
89
- i++;
90
- box.style.paddingTop = parseInt(box.style.paddingTop) + 1 +'px';
91
- box.style.paddingBottom = parseInt(box.style.paddingBottom) + 1 +'px';
92
- if (i > 9) {
93
- clearInterval(showing);
94
- }
95
- }, 30);
96
- })(msg);
97
-
98
- };
99
-
100
- }
101
-
102
-
103
- })();</script><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link type="text/css" rel="stylesheet" href="chrome-extension://cpngackimfmofbokmjmljamhdncknpmg/style.css"><script type="text/javascript" charset="utf-8" src="chrome-extension://cpngackimfmofbokmjmljamhdncknpmg/js/page_context.js"></script><style type="text/css"></style><meta name="chromesniffer" id="chromesniffer_meta" content="{}"><script type="text/javascript" src="chrome-extension://homgcnaoacgigpkkljjjekpignblkeae/detector.js"></script></head><body screen_capture_injected="true"><pre style="word-wrap: break-word; white-space: pre-wrap;">msgid ""
104
  msgstr ""
105
  "Project-Id-Version: Shortcodes Ultimate 4.1.5\n"
106
  "Report-Msgid-Bugs-To: \n"
1
+ msgid ""
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2
  msgstr ""
3
  "Project-Id-Version: Shortcodes Ultimate 4.1.5\n"
4
  "Report-Msgid-Bugs-To: \n"
readme.txt CHANGED
@@ -4,7 +4,7 @@ License: GPL
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=MMA2VA7JDXWDY
5
  Tags: shortcode, shortcodes, short code, video, responsive, responsive video, youtube, vimeo, audio, mp3, tab, tabs, button, buttons, jquery, box, boxes, toggle, spoiler, column, columns, services, service, pullquote, list, lists, images, image, links, fancy, fancy link, fancy links, fancy buttons, jquery tabs, accordion, slider, plugin, admin, gallery, bloginfo, list pages, sub pages, navigation, siblings pages, children pages, permalink, permalinks, feed, document, member, members, guests, membership, documents, carousel, rss, touch, icon, icons, trl, right-to-left, multilingual, lang, international
6
  Requires at least: 3.5
7
- Tested up to: 5
8
  Stable tag: trunk
9
 
10
  Supercharge your WordPress theme with mega pack of shortcodes
@@ -110,6 +110,13 @@ Upgrade normally
110
 
111
  == Changelog ==
112
 
 
 
 
 
 
 
 
113
  = 4.9.9 =
114
  * Fixed: vote popup at plugins page
115
  * Minor improvements, fixes
4
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=MMA2VA7JDXWDY
5
  Tags: shortcode, shortcodes, short code, video, responsive, responsive video, youtube, vimeo, audio, mp3, tab, tabs, button, buttons, jquery, box, boxes, toggle, spoiler, column, columns, services, service, pullquote, list, lists, images, image, links, fancy, fancy link, fancy links, fancy buttons, jquery tabs, accordion, slider, plugin, admin, gallery, bloginfo, list pages, sub pages, navigation, siblings pages, children pages, permalink, permalinks, feed, document, member, members, guests, membership, documents, carousel, rss, touch, icon, icons, trl, right-to-left, multilingual, lang, international
6
  Requires at least: 3.5
7
+ Tested up to: 4.8
8
  Stable tag: trunk
9
 
10
  Supercharge your WordPress theme with mega pack of shortcodes
110
 
111
  == Changelog ==
112
 
113
+ = 4.10.0 =
114
+ * Fixed: security vulnerability at 'Examples' admin page (insecure call of file_get_contents() at inc/core/tools.php:774)
115
+ * Fixed: added access check to permalink shortcode. [Pull request #20](https://github.com/gndev/shortcodes-ultimate/pull/20).
116
+ * Added: PHP7 compatibility. Checked with [php7cc](https://github.com/sstalle/php7cc) and [PHP Compatibility Checker](https://wordpress.org/plugins/php-compatibility-checker/). [Pull request #45](https://github.com/gndev/shortcodes-ultimate/pull/45).
117
+ * Added: https support for Google Maps. [Pull request #40](https://github.com/gndev/shortcodes-ultimate/pull/40).
118
+ * Added: https support for Youtube. [Pull request #39](https://github.com/gndev/shortcodes-ultimate/pull/39).
119
+
120
  = 4.9.9 =
121
  * Fixed: vote popup at plugins page
122
  * Minor improvements, fixes
shortcodes-ultimate.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: Shortcodes Ultimate
4
  Plugin URI: http://gndev.info/shortcodes-ultimate/
5
- Version: 4.9.9
6
  Author: Vladimir Anokhin
7
  Author URI: http://gndev.info/
8
  Description: Supercharge your WordPress theme with mega pack of shortcodes
@@ -13,7 +13,7 @@
13
 
14
  // Define plugin constants
15
  define( 'SU_PLUGIN_FILE', __FILE__ );
16
- define( 'SU_PLUGIN_VERSION', '4.9.9' );
17
  define( 'SU_ENABLE_CACHE', true );
18
 
19
  // Includes
2
  /*
3
  Plugin Name: Shortcodes Ultimate
4
  Plugin URI: http://gndev.info/shortcodes-ultimate/
5
+ Version: 4.10.0
6
  Author: Vladimir Anokhin
7
  Author URI: http://gndev.info/
8
  Description: Supercharge your WordPress theme with mega pack of shortcodes
13
 
14
  // Define plugin constants
15
  define( 'SU_PLUGIN_FILE', __FILE__ );
16
+ define( 'SU_PLUGIN_VERSION', '4.10.0' );
17
  define( 'SU_ENABLE_CACHE', true );
18
 
19
  // Includes