Slider by WD – Responsive Slider

Version Description

Fixed: Filemanager vulnerability. Thanks to Mika Epstein.

Release Info

Developer	webdorado
Plugin	Slider by WD – Responsive Slider
Version	1.1.10
Comparing to
See all releases

Code changes from version 1.1.9 to 1.1.10

Files changed (8) hide show

admin/controllers/WDSControllerSliders_wds.php +1 -1
admin/views/WDSViewSliders_wds.php +20 -13
filemanager/controller.php +17 -7
filemanager/model.php +0 -3
filemanager/view.php +6 -1
framework/WDW_S_Library.php +10 -0
readme.txt +5 -2
slider-wd.php +5 -2

admin/controllers/WDSControllerSliders_wds.php CHANGED Viewed

	@@ -75,7 +75,7 @@ class WDSControllerSliders_wds {
75	// $this->save_slide_db();
76	// $this->edit();
77	// }
78	-
79	public function save_slider_db() {
80	global $wpdb;
81	$del_slide_ids_string = (isset($_POST['del_slide_ids_string']) ? substr(esc_html(stripslashes($_POST['del_slide_ids_string'])), 0, -1) : '');


75	// $this->save_slide_db();
76	// $this->edit();
77	// }
78	+
79	public function save_slider_db() {
80	global $wpdb;
81	$del_slide_ids_string = (isset($_POST['del_slide_ids_string']) ? substr(esc_html(stripslashes($_POST['del_slide_ids_string'])), 0, -1) : '');

admin/views/WDSViewSliders_wds.php CHANGED Viewed

	@@ -103,7 +103,8 @@ class WDSViewSliders_wds {
103	}" value="Delete" />
104	</div>
105	</div>
106	- <?php ~~WDW_S_Library::html_page_nav($page_nav['total'], $page_nav['limit'], 'sliders_form');~~

107	?>
108	<table class="wp-list-table widefat fixed pages">
109	<thead>
	@@ -148,9 +149,9 @@ class WDSViewSliders_wds {
148	foreach ($rows_data as $row_data) {
149	$alternate = ($alternate == 'class="wds_alternate"') ? '' : 'class="wds_alternate"';
150	$published_image = (($row_data->published) ? 'publish_slide' : 'unpublish_slide');
151	- $published = (($row_data->published) ? 'unpublish' : 'publish');
152	- $prev_img_url = $this->model->get_slider_prev_img($row_data->id);
153	- $slides_count = $this->model->get_slides_count($row_data->id);
154	?>
155	<tr id="tr_<?php echo $row_data->id; ?>" <?php echo $alternate; ?>>
156	<td class="table_small_col check-column"><input id="check_<?php echo $row_data->id; ?>" name="check_<?php echo $row_data->id; ?>" onclick="spider_check_all(this)" type="checkbox" /></td>
	@@ -176,7 +177,9 @@ class WDSViewSliders_wds {
176	<td class="mobile_hide table_large_col" style="padding-left: 0; padding-right: 0;">
177	<input type="text" value="<?php wd_slider(<?php echo $row_data->id; ?>); ?>" onclick="spider_select_value(this)" size="23" readonly="readonly" style="padding-left: 1px; padding-right: 1px;" />
178	</td>
179	- <td class="mobile_hide table_big_col"><a onclick="spider_set_input_value('task', '<?php echo $published; ?>');spider_set_input_value('current_id', '<?php echo $row_data->id; ?>');spider_form_submit(event, 'sliders_form')" href=""><img src="<?php echo WD_S_URL . '/images/sliderwdpng/' . $published_image . '.png'; ?>"></img></a></td>


180	<td class="mobile_hide table_big_col" colspan="3">
181	<div class='slider_edit_buttons'>
182	<div class="slider_edit">
	@@ -213,7 +216,11 @@ class WDSViewSliders_wds {
213	</form>
214	<?php
215	}

216	public function edit($id, $reset = FALSE) {



217	$row = $this->model->get_row_data($id, $reset);
218	$slides_row = $this->model->get_slides_row_data($id);
219	$slide_ids_string = '';
	@@ -1860,7 +1867,7 @@ class WDSViewSliders_wds {
1860	}
1861	else {
1862	?>
1863	- <a href="<?php echo add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'watermark', 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)); ?>" class="button-primary thickbox thickbox-preview" title="Add Image" onclick="return false;">
1864	Add Image
1865	</a>
1866	<?php
	@@ -2056,9 +2063,9 @@ class WDSViewSliders_wds {
2056	if ($row->spider_uploader) {
2057	?>
2058	<div class="wds_button_wrap">
2059	- <a href="<?php echo add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'add_slides', 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)); ?>" class="wds_buttons_320 action_buttons thickbox thickbox-preview add_images" title="Add Images" onclick="return false;">
2060	- Add Images
2061	- </a>
2062	</div>
2063	<?php
2064	}
	@@ -2127,7 +2134,7 @@ class WDSViewSliders_wds {
2127	<?php
2128	if ($row->spider_uploader) {
2129	?>
2130	- <a href="<?php echo add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'add_update_slide','slide_id' => $slide_row->id, 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)); ?>" class="wds_change_thumbnail thickbox thickbox-preview" title="Add/Edit Image" onclick="return false;">
2131	</a>
2132	<?php
2133	}
	@@ -2179,7 +2186,7 @@ class WDSViewSliders_wds {
2179	else {
2180	?>
2181	<div class="slide_add_buttons_wrap">
2182	- <a href="<?php echo add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'add_update_slide', 'slide_id' => $slide_row->id, 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)); ?>" class="action_buttons edit_slide thickbox thickbox-preview" title="Add/Edit Image" onclick="return false;">
2183	Add/Edit Image
2184	</a>
2185	</div>
	@@ -2310,7 +2317,7 @@ class WDSViewSliders_wds {
2310	else {
2311	?>
2312	<div class="layer_add_buttons_wrap">
2313	- <a href="<?php echo !$fv ? add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'add_layer', 'slide_id' => $slide_row->id, 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)) : ''; ?>" onclick="<?php echo !$fv ? '' : "alert('This functionality is disabled in free version.')"; ?>; return false;" class="action_buttons add_image_layer <?php echo !$fv ? "thickbox thickbox-preview" : "wds_free_button"; ?> button-small" title="Add Image Layer">
2314	Add Image layer
2315	</a>
2316	</div>
	@@ -2973,7 +2980,7 @@ class WDSViewSliders_wds {
2973	<input id="task" name="task" type="hidden" value="" />
2974	<script>
2975	var wds_preview_url = "<?php echo add_query_arg(array('action' => 'WDSPreview', 'slider_id' => $id ? $id : 'sliderID', 'width' => '700', 'height' => '550', 'TB_iframe' => '1'), admin_url('admin-ajax.php')); ?>";
2976	- var uploader_href = '<?php echo add_query_arg(array('~~action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', '~~callback' => 'wds_add_image', 'image_for' => 'add_update_slide', 'slide_id' => 'slideID', 'layer_id' => 'layerID', 'TB_iframe' => '1'), ~~admin_url('admin-ajax.php'~~)); ?>';
2977	var fv = '<?php echo $fv; ?>';
2978	jQuery(document).ready(function() {
2979	wds_onload();


103	}" value="Delete" />
104	</div>
105	</div>
106	+ <?php
107	+ WDW_S_Library::html_page_nav($page_nav['total'], $page_nav['limit'], 'sliders_form');
108	?>
109	<table class="wp-list-table widefat fixed pages">
110	<thead>

149	foreach ($rows_data as $row_data) {
150	$alternate = ($alternate == 'class="wds_alternate"') ? '' : 'class="wds_alternate"';
151	$published_image = (($row_data->published) ? 'publish_slide' : 'unpublish_slide');
152	+ $published = (($row_data->published) ? 'unpublish' : 'publish');
153	+ $prev_img_url = $this->model->get_slider_prev_img($row_data->id);
154	+ $slides_count = $this->model->get_slides_count($row_data->id);
155	?>
156	<tr id="tr_<?php echo $row_data->id; ?>" <?php echo $alternate; ?>>
157	<td class="table_small_col check-column"><input id="check_<?php echo $row_data->id; ?>" name="check_<?php echo $row_data->id; ?>" onclick="spider_check_all(this)" type="checkbox" /></td>

177	<td class="mobile_hide table_large_col" style="padding-left: 0; padding-right: 0;">
178	<input type="text" value="<?php wd_slider(<?php echo $row_data->id; ?>); ?>" onclick="spider_select_value(this)" size="23" readonly="readonly" style="padding-left: 1px; padding-right: 1px;" />
179	</td>
180	+ <td class="mobile_hide table_big_col">
181	+ <a onclick="spider_set_input_value('task', '<?php echo $published; ?>');spider_set_input_value('current_id', '<?php echo $row_data->id; ?>');spider_form_submit(event, 'sliders_form')" href=""><img src="<?php echo WD_S_URL . '/images/sliderwdpng/' . $published_image . '.png'; ?>"></img></a>
182	+ </td>
183	<td class="mobile_hide table_big_col" colspan="3">
184	<div class='slider_edit_buttons'>
185	<div class="slider_edit">

216	</form>
217	<?php
218	}
219	+
220	public function edit($id, $reset = FALSE) {
221	+ $query_url = add_query_arg(array('action' => 'addImage', 'width' => '700', 'height' => '550', 'extensions' => 'jpg,jpeg,png,gif', 'callback' => 'bwg_add_preview_image'), admin_url('admin-ajax.php'));
222	+ $query_url = wp_nonce_url($query_url, 'addImage', 'nonce_wd');
223	+
224	$row = $this->model->get_row_data($id, $reset);
225	$slides_row = $this->model->get_slides_row_data($id);
226	$slide_ids_string = '';

1867	}
1868	else {
1869	?>
1870	+ <a href="<?php echo add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'watermark', 'TB_iframe' => '1'), $query_url); ?>" class="button-primary thickbox thickbox-preview" title="Add Image" onclick="return false;">
1871	Add Image
1872	</a>
1873	<?php

2063	if ($row->spider_uploader) {
2064	?>
2065	<div class="wds_button_wrap">
2066	+ <a href="<?php echo add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'add_slides', 'TB_iframe' => '1'), $query_url); ?>" class="wds_buttons_320 action_buttons thickbox thickbox-preview add_images" title="Add Images" onclick="return false;">
2067	+ Add Images
2068	+ </a>
2069	</div>
2070	<?php
2071	}

2134	<?php
2135	if ($row->spider_uploader) {
2136	?>
2137	+ <a href="<?php echo add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'add_update_slide','slide_id' => $slide_row->id, 'TB_iframe' => '1'), $query_url); ?>" class="wds_change_thumbnail thickbox thickbox-preview" title="Add/Edit Image" onclick="return false;">
2138	</a>
2139	<?php
2140	}

2186	else {
2187	?>
2188	<div class="slide_add_buttons_wrap">
2189	+ <a href="<?php echo add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'add_update_slide', 'slide_id' => $slide_row->id, 'TB_iframe' => '1'), $query_url); ?>" class="action_buttons edit_slide thickbox thickbox-preview" title="Add/Edit Image" onclick="return false;">
2190	Add/Edit Image
2191	</a>
2192	</div>

2317	else {
2318	?>
2319	<div class="layer_add_buttons_wrap">
2320	+ <a href="<?php echo !$fv ? add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'add_layer', 'slide_id' => $slide_row->id, 'TB_iframe' => '1'), $query_url) : ''; ?>" onclick="<?php echo !$fv ? '' : "alert('This functionality is disabled in free version.')"; ?>; return false;" class="action_buttons add_image_layer <?php echo !$fv ? "thickbox thickbox-preview" : "wds_free_button"; ?> button-small" title="Add Image Layer">
2321	Add Image layer
2322	</a>
2323	</div>

2980	<input id="task" name="task" type="hidden" value="" />
2981	<script>
2982	var wds_preview_url = "<?php echo add_query_arg(array('action' => 'WDSPreview', 'slider_id' => $id ? $id : 'sliderID', 'width' => '700', 'height' => '550', 'TB_iframe' => '1'), admin_url('admin-ajax.php')); ?>";
2983	+ var uploader_href = '<?php echo add_query_arg(array('callback' => 'wds_add_image', 'image_for' => 'add_update_slide', 'slide_id' => 'slideID', 'layer_id' => 'layerID', 'TB_iframe' => '1'), $query_url); ?>';
2984	var fv = '<?php echo $fv; ?>';
2985	jQuery(document).ready(function() {
2986	wds_onload();

filemanager/controller.php CHANGED Viewed

	@@ -22,14 +22,14 @@ class FilemanagerController {
22	////////////////////////////////////////////////////////////////////////////////////////
23	// Constructor & Destructor //
24	////////////////////////////////////////////////////////////////////////////////////////
25	-
26	public function __construct() {
27	global $WD_S_UPLOAD_DIR;
28	$upload_dir = wp_upload_dir();
29	//$bwg_options = $this->get_options_data();
30	//$this->uploads_dir = (($bwg_options->images_directory . '/photo-gallery') ? ABSPATH . $bwg_options->images_directory . '/photo-gallery' : WD_S_DIR . '/filemanager/uploads');
31	$this->uploads_dir = ABSPATH . $WD_S_UPLOAD_DIR;
32	- if (file_exists($this->uploads_dir) == FALSE) {
33	mkdir($this->uploads_dir);
34	}
35	//$this->uploads_url = (($bwg_options->images_directory . '/photo-gallery') ? site_url() . '/' . $bwg_options->images_directory . '/photo-gallery' : WD_S_URL . '/filemanager/uploads');
	@@ -86,7 +86,9 @@ class FilemanagerController {
86	else {
87	mkdir($new_dir_path);
88	}
89	- ~~header('Location: ' . add_query_arg(array('action' => 'addImage', 'filemanager_msg' =>~~ $~~msg,~~ ~~'width'~~ ~~=> '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html~~(~~$_REQUEST['extensions']), 'callback' => esc_html~~(~~$_REQUEST[~~'~~callback~~']), '~~image_for~~' ~~=> esc_html($_REQUEST['image_for'])~~, ~~'slide_id'~~ ~~=> esc_html($_REQUEST[~~'~~slide_id~~'])~~, 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), admin_url('admin-ajax.php')))~~;


90	exit;
91	}
92
	@@ -126,7 +128,9 @@ class FilemanagerController {
126	$msg = "Can't rename the file.";
127	}
128	$_REQUEST['file_names'] = '';
129	- ~~header('Location: ' . add_query_arg(array('action' => 'addImage', 'filemanager_msg' =>~~ $~~msg,~~ ~~'width'~~ ~~=> '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html~~(~~$_REQUEST['extensions']), 'callback' => esc_html~~(~~$_REQUEST[~~'~~callback~~']), '~~image_for~~' ~~=> esc_html($_REQUEST['image_for'])~~, ~~'slide_id'~~ ~~=> esc_html($_REQUEST[~~'~~slide_id~~'])~~, 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), admin_url('admin-ajax.php')))~~;


130	exit;
131	}
132
	@@ -157,7 +161,9 @@ class FilemanagerController {
157	}
158	}
159	$_REQUEST['file_names'] = '';
160	- ~~header('Location: ' . add_query_arg(array('action' => 'addImage', 'filemanager_msg' =>~~ $~~msg,~~ ~~'width'~~ ~~=> '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html~~(~~$_REQUEST['extensions']), 'callback' => esc_html~~(~~$_REQUEST[~~'~~callback~~']), '~~image_for~~' ~~=> esc_html($_REQUEST['image_for'])~~, ~~'slide_id'~~ ~~=> esc_html($_REQUEST[~~'~~slide_id~~'])~~, 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), admin_url('admin-ajax.php')))~~;


161	exit;
162	}
163
	@@ -247,12 +253,16 @@ class FilemanagerController {
247	}
248	break;
249	}
250	- ~~header('Location: ' . add_query_arg(array('action' => 'addImage', 'filemanager_msg' =>~~ $~~msg,~~ ~~'width'~~ ~~=> '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html~~(~~$_REQUEST['extensions']), 'callback' => esc_html~~(~~$_REQUEST[~~'~~callback~~']), '~~image_for~~' ~~=> esc_html($_REQUEST['image_for'])~~, ~~'slide_id'~~ ~~=> esc_html($_REQUEST[~~'~~slide_id~~'])~~, 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), admin_url('admin-ajax.php')))~~;


251	exit;
252	}
253
254	public function import_items() {
255	- ~~header('Location: ' . add_query_arg(array('action' => 'wds_UploadHandler', 'importer_thumb_width' => esc_html(~~$~~_REQUEST['importer_thumb_width']),~~ ~~'importer_thumb_height'~~ ~~=> esc_html~~(~~$_REQUEST['importer_thumb_height']), 'callback' => esc_html~~(~~$_REQUEST[~~'~~callback~~']), '~~image_for~~' ~~=> esc_html($_REQUEST['image_for'])~~, ~~'slide_id'~~ ~~=> esc_html($_REQUEST[~~'~~slide_id~~']), 'file_namesML' => esc_html($_REQUEST['file_namesML']), 'importer_img_width' => esc_html($_REQUEST['importer_img_width']), 'importer_img_height' => esc_html($_REQUEST['importer_img_height']), 'import' => 'true', 'redir' => esc_html($_REQUEST['dir']), 'dir' => $this->get_uploads_dir() . '/' . esc_html($_REQUEST['dir']) . '/'), admin_url('admin-ajax.php')));


256	exit;
257	}
258


22	////////////////////////////////////////////////////////////////////////////////////////
23	// Constructor & Destructor //
24	////////////////////////////////////////////////////////////////////////////////////////
25	+
26	public function __construct() {
27	global $WD_S_UPLOAD_DIR;
28	$upload_dir = wp_upload_dir();
29	//$bwg_options = $this->get_options_data();
30	//$this->uploads_dir = (($bwg_options->images_directory . '/photo-gallery') ? ABSPATH . $bwg_options->images_directory . '/photo-gallery' : WD_S_DIR . '/filemanager/uploads');
31	$this->uploads_dir = ABSPATH . $WD_S_UPLOAD_DIR;
32	+ if (file_exists($this->uploads_dir) == FALSE) {
33	mkdir($this->uploads_dir);
34	}
35	//$this->uploads_url = (($bwg_options->images_directory . '/photo-gallery') ? site_url() . '/' . $bwg_options->images_directory . '/photo-gallery' : WD_S_URL . '/filemanager/uploads');

86	else {
87	mkdir($new_dir_path);
88	}
89	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'addImage', 'nonce_wd');
90	+ $query_url = add_query_arg(array('action' => 'addImage', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'image_for' => esc_html($_REQUEST['image_for']), 'slide_id' => esc_html($_REQUEST['slide_id']), 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), $query_url);
91	+ header('Location: ' . $query_url);
92	exit;
93	}
94

128	$msg = "Can't rename the file.";
129	}
130	$_REQUEST['file_names'] = '';
131	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'addImage', 'nonce_wd');
132	+ $query_url = add_query_arg(array('action' => 'addImage', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'display', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'image_for' => esc_html($_REQUEST['image_for']), 'slide_id' => esc_html($_REQUEST['slide_id']), 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), $query_url);
133	+ header('Location: ' . $query_url);
134	exit;
135	}
136

161	}
162	}
163	$_REQUEST['file_names'] = '';
164	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'addImage', 'nonce_wd');
165	+ $query_url = add_query_arg(array('action' => 'addImage', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'image_for' => esc_html($_REQUEST['image_for']), 'slide_id' => esc_html($_REQUEST['slide_id']), 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), $query_url);
166	+ header('Location: ' . $query_url);
167	exit;
168	}
169

253	}
254	break;
255	}
256	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'addImage', 'nonce_wd');
257	+ $query_url = add_query_arg(array('action' => 'addImage', 'filemanager_msg' => $msg, 'width' => '650', 'height' => '500', 'task' => 'show_file_manager', 'extensions' => esc_html($_REQUEST['extensions']), 'callback' => esc_html($_REQUEST['callback']), 'image_for' => esc_html($_REQUEST['image_for']), 'slide_id' => esc_html($_REQUEST['slide_id']), 'dir' => esc_html($_REQUEST['dir']), 'TB_iframe' => '1'), $query_url);
258	+ header('Location: ' . $query_url);
259	exit;
260	}
261
262	public function import_items() {
263	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'addImage', 'nonce_wd');
264	+ $query_url = add_query_arg(array('action' => 'wds_UploadHandler', 'importer_thumb_width' => esc_html($_REQUEST['importer_thumb_width']), 'importer_thumb_height' => esc_html($_REQUEST['importer_thumb_height']), 'callback' => esc_html($_REQUEST['callback']), 'image_for' => esc_html($_REQUEST['image_for']), 'slide_id' => esc_html($_REQUEST['slide_id']), 'file_namesML' => esc_html($_REQUEST['file_namesML']), 'importer_img_width' => esc_html($_REQUEST['importer_img_width']), 'importer_img_height' => esc_html($_REQUEST['importer_img_height']), 'import' => 'true', 'redir' => esc_html($_REQUEST['dir']), 'dir' => $this->get_uploads_dir() . '/' . esc_html($_REQUEST['dir']) . '/'), $query_url);
265	+ header('Location: ' . $query_url);
266	exit;
267	}
268

filemanager/model.php CHANGED Viewed

	@@ -20,7 +20,6 @@ class FilemanagerModel {
20	////////////////////////////////////////////////////////////////////////////////////////
21	private $controller;
22
23	-
24	////////////////////////////////////////////////////////////////////////////////////////
25	// Constructor & Destructor //
26	////////////////////////////////////////////////////////////////////////////////////////
	@@ -28,7 +27,6 @@ class FilemanagerModel {
28	$this->controller = $controller;
29	}
30
31	-
32	////////////////////////////////////////////////////////////////////////////////////////
33	// Public Methods //
34	////////////////////////////////////////////////////////////////////////////////////////
	@@ -55,7 +53,6 @@ class FilemanagerModel {
55	return $data;
56	}
57
58	-
59	////////////////////////////////////////////////////////////////////////////////////////
60	// Getters & Setters //
61	////////////////////////////////////////////////////////////////////////////////////////


20	////////////////////////////////////////////////////////////////////////////////////////
21	private $controller;
22

23	////////////////////////////////////////////////////////////////////////////////////////
24	// Constructor & Destructor //
25	////////////////////////////////////////////////////////////////////////////////////////

27	$this->controller = $controller;
28	}
29

30	////////////////////////////////////////////////////////////////////////////////////////
31	// Public Methods //
32	////////////////////////////////////////////////////////////////////////////////////////

53	return $data;
54	}
55

56	////////////////////////////////////////////////////////////////////////////////////////
57	// Getters & Setters //
58	////////////////////////////////////////////////////////////////////////////////////////

filemanager/view.php CHANGED Viewed

	@@ -108,6 +108,7 @@ class FilemanagerView {
108	?>
109
110	<form id="adminForm" name="adminForm" action="" method="post">

111	<div id="wrapper">
112	<div id="opacity_div" style="background-color: rgba(0, 0, 0, 0.2); position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99998;"></div>
113	<div id="loading_div" style="text-align: center; position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99999;">
	@@ -291,8 +292,12 @@ class FilemanagerView {
291	<span><?php echo 'Drag files here or click the button below' . '<br />' . 'to upload files' ?></span>
292	</div>
293	<div id="btnBrowseContainer">




294	<input id="jQueryUploader" type="file" name="files[]"
295	- data-url="<?php echo ~~add_query_arg(array('action' => 'wds_UploadHandler', 'dir' =>~~ $~~this->controller->get_uploads_dir() . '/' . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '') . '/'), admin_url('admin-ajax.php'))~~; ?>"
296	multiple>
297	</div>
298	<script>


108	?>
109
110	<form id="adminForm" name="adminForm" action="" method="post">
111	+ <?php wp_nonce_field('', 'nonce_wd'); ?>
112	<div id="wrapper">
113	<div id="opacity_div" style="background-color: rgba(0, 0, 0, 0.2); position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99998;"></div>
114	<div id="loading_div" style="text-align: center; position: fixed; top: 0; left: 0; width: 100%; height: 100%; z-index: 99999;">

292	<span><?php echo 'Drag files here or click the button below' . '<br />' . 'to upload files' ?></span>
293	</div>
294	<div id="btnBrowseContainer">
295	+ <?php
296	+ $query_url = wp_nonce_url(admin_url('admin-ajax.php'), 'wds_UploadHandler', 'nonce_wd');
297	+ $query_url = add_query_arg(array('action' => 'wds_UploadHandler', 'dir' => $this->controller->get_uploads_dir() . '/' . (isset($_REQUEST['dir']) ? esc_html($_REQUEST['dir']) : '') . '/'), $query_url);
298	+ ?>
299	<input id="jQueryUploader" type="file" name="files[]"
300	+ data-url="<?php echo $query_url; ?>"
301	multiple>
302	</div>
303	<script>

framework/WDW_S_Library.php CHANGED Viewed

	@@ -544,6 +544,16 @@ class WDW_S_Library {
544	<?php
545	exit();
546	}










547	////////////////////////////////////////////////////////////////////////////////////////
548	// Private Methods //
549	////////////////////////////////////////////////////////////////////////////////////////


544	<?php
545	exit();
546	}
547	+
548	+ public static function verify_nonce($page){
549	+ $nonce_verified = FALSE;
550	+ if (isset($_GET['nonce_wd']) && wp_verify_nonce($_GET['nonce_wd'], $page)) {
551	+ $nonce_verified = TRUE;
552	+ }
553	+ if (!$nonce_verified) {
554	+ die('Sorry, your nonce did not verify.');
555	+ }
556	+ }
557	////////////////////////////////////////////////////////////////////////////////////////
558	// Private Methods //
559	////////////////////////////////////////////////////////////////////////////////////////

readme.txt CHANGED Viewed

	@@ -1,10 +1,10 @@
1	=== Slider WD ===
2	Contributors: webdorado
3	Donate link: https://web-dorado.com/products/wordpress-slider-plugin.html
4	- Tags: best slider plugin, carousel, carousel slider, coin slider, content slider, content slideshow, custom video slider, flex slider, free video slider, free video slideshow, Horizontal slider, Image Rotator, image slider, image slideshow, javascript slider, javascript slideshow, jquery slider, jquery slideshow, Photo Slider, posts slider, responsive slider, responsive slideshow, sidebar, slide, slide show, slider, slider plugin, slider widget, slides, slideshow,slideshow manager, slideshow plugin, vertical slider, video slider, video slideshow,vimeo slideshow, vimeo slider, widget slider, widget slideshow, wordpress slider, wordpress slideshow, wp slider, youtube slider, youtube slideshow, post slider, fullscreen Slider, css3 slider, responsive image slider, banner slider, social slider, cycle slider, text slider, revolution slider, thumbnail slider, touch slider, sliders, parallax slider, 3D slider, coinslider, featured-content-slider, image, images, picture, pictures, picture slider, responsive, shortcode, widget, vertical slides, autoplay, auto, jquery, rotate, flexslider, gallery, photo gallery, javascript, rotator, wordpress picture slider, wordpress responsive slider, animation, best slider, fullwidth slider, mobile slider, swipe, layer, layer slider, product slider, mp3, video, embed media
5	Requires at least: 3.4
6	Tested up to: 4.4
7	- Stable tag: 1.1.9
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -159,6 +159,9 @@ After downloading the ZIP file of the slider plugin,
159
160	== Changelog ==
161



162	= 1.1.9 =
163	* Fixed: Licensing page.
164	* Fixed: Plugin direction for icons.


1	=== Slider WD ===
2	Contributors: webdorado
3	Donate link: https://web-dorado.com/products/wordpress-slider-plugin.html
4	+ Tags: best slider plugin, carousel, carousel slider, coin slider, content slider, content slideshow, custom video slider, flex slider, free video slider, free video slideshow, Horizontal slider, Image Rotator, image slider, image slideshow, javascript slider, javascript slideshow, jquery slider, jquery slideshow, Photo Slider, posts slider, responsive slider, responsive slideshow, sidebar, slide, slide show, slider, slider plugin, slider widget, slides, slideshow,slideshow manager, slideshow plugin, vertical slider, video slider, video slideshow,vimeo slideshow, vimeo slider, widget slider, widget slideshow, wordpress slider, wordpress slideshow, wp slider, youtube slider, youtube slideshow, post slider, fullscreen Slider, css3 slider, responsive image slider, banner slider, social slider, cycle slider, text slider, revolution slider, thumbnail slider, touch slider, sliders, parallax slider, 3D slider, coinslider, featured-content-slider, image, images, picture, pictures, picture slider, responsive, shortcode, widget, vertical slides, autoplay, auto, jquery, rotate, flexslider, gallery, photo gallery, javascript, rotator, wordpress picture slider, wordpress responsive slider, animation, best slider, fullwidth slider, mobile slider, swipe, layer, layer slider, product slider, mp3, video, embed media, hotspot
5	Requires at least: 3.4
6	Tested up to: 4.4
7	+ Stable tag: 1.1.10
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

159
160	== Changelog ==
161
162	+ = 1.1.10 =
163	+ * Fixed: Filemanager vulnerability. Thanks to Mika Epstein.
164	+
165	= 1.1.9 =
166	* Fixed: Licensing page.
167	* Fixed: Plugin direction for icons.

slider-wd.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Slider WD
5	* Plugin URI: https://web-dorado.com/products/wordpress-slider-plugin.html
6	* Description: This is a responsive plugin, which allows adding sliders to your posts/pages and to custom location. It uses large number of transition effects and supports various types of layers.
7	- * Version: 1.1.9
8	* Author: WebDorado
9	* Author URI: https://web-dorado.com/
10	* License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
	@@ -272,6 +272,8 @@ add_action('wp_ajax_addImage', 'wds_filemanager_ajax');
272
273	// Upload.
274	function wds_UploadHandler() {


275	require_once(WD_S_DIR . '/filemanager/UploadHandler.php');
276	}
277
	@@ -288,6 +290,7 @@ function wds_filemanager_ajax() {
288	require_once(WD_S_DIR . '/framework/WDW_S_Library.php');
289	$page = WDW_S_Library::get('action');
290	if (($page != '') && (($page == 'addImage') \|\| ($page == 'addMusic'))) {

291	require_once(WD_S_DIR . '/filemanager/controller.php');
292	$controller_class = 'FilemanagerController';
293	$controller = new $controller_class();
	@@ -424,7 +427,7 @@ register_activation_hook(__FILE__, 'wds_activate');
424
425	function wds_install() {
426	$version = get_option("wds_version");
427	- $new_version = '1.1.9';
428	if ($version && version_compare($version, $new_version, '<')) {
429	require_once WD_S_DIR . "/sliders-update.php";
430	wds_update($version);


4	* Plugin Name: Slider WD
5	* Plugin URI: https://web-dorado.com/products/wordpress-slider-plugin.html
6	* Description: This is a responsive plugin, which allows adding sliders to your posts/pages and to custom location. It uses large number of transition effects and supports various types of layers.
7	+ * Version: 1.1.10
8	* Author: WebDorado
9	* Author URI: https://web-dorado.com/
10	* License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html

272
273	// Upload.
274	function wds_UploadHandler() {
275	+ require_once(WD_S_DIR . '/framework/WDW_S_Library.php');
276	+ WDW_S_Library::verify_nonce('wds_UploadHandler');
277	require_once(WD_S_DIR . '/filemanager/UploadHandler.php');
278	}
279

290	require_once(WD_S_DIR . '/framework/WDW_S_Library.php');
291	$page = WDW_S_Library::get('action');
292	if (($page != '') && (($page == 'addImage') \|\| ($page == 'addMusic'))) {
293	+ WDW_S_Library::verify_nonce($page);
294	require_once(WD_S_DIR . '/filemanager/controller.php');
295	$controller_class = 'FilemanagerController';
296	$controller = new $controller_class();

427
428	function wds_install() {
429	$version = get_option("wds_version");
430	+ $new_version = '1.1.10';
431	if ($version && version_compare($version, $new_version, '<')) {
432	require_once WD_S_DIR . "/sliders-update.php";
433	wds_update($version);

Slider by WD – Responsive Slider - Version 1.1.10

Version Description

Release Info

Code changes from version 1.1.9 to 1.1.10