Calendar by WD – Responsive Event Calendar - Version 1.4.13

Version Description

Download this release

Release Info

Developer webdorado
Plugin Icon 128x128 Calendar by WD – Responsive Event Calendar
Version 1.4.13
Comparing to
See all releases

Code changes from version 1.4.12 to 1.4.13

Files changed (7) hide show
  1. Theme_functions.php +46 -82
  2. calendar.php +6 -6
  3. calendar_functions.html.php +19 -19
  4. calendar_functions.php +43 -43
  5. readme.txt +2 -26
  6. spider_calendar_update.php +2 -2
  7. widget_Theme_functions.php +43 -43
Theme_functions.php CHANGED
@@ -16,7 +16,7 @@ function show_theme_calendar() {
16
  $sort["1_or_2"] = "2";
17
  if (isset($_POST['page_number'])) {
18
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
19
- $sort["sortid_by"] = esc_sql(esc_html($_POST['order_by']));
20
  }
21
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
22
  $sort["custom_style"] = "manage-column column-title sorted asc";
@@ -29,7 +29,7 @@ function show_theme_calendar() {
29
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
30
  }
31
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
32
- $limit = (esc_html($_POST['page_number']) - 1) * 20;
33
  }
34
  else {
35
  $limit = 0;
@@ -39,7 +39,7 @@ function show_theme_calendar() {
39
  $limit = 0;
40
  }
41
  if (isset($_POST['search_events_by_title'])) {
42
- $search_tag = esc_html($_POST['search_events_by_title']);
43
  }
44
  else {
45
  $search_tag = "";
@@ -62,85 +62,49 @@ function show_theme_calendar() {
62
 
63
  function apply_theme_calendar($id) {
64
  global $wpdb;
65
- $title = ((isset($_POST["title"])) ? esc_html(stripslashes($_POST["title"])) : '');
66
- $width = ((isset($_POST["width"])) ? esc_html($_POST["width"]) : '');
67
- $week_start_day = ((isset($_POST["week_start_day"])) ? esc_html($_POST["week_start_day"]) : '');
68
- $border_color = ((isset($_POST["border_color"])) ? esc_html($_POST["border_color"]) : '');
69
- $border_radius = ((isset($_POST["border_radius"])) ? esc_html($_POST["border_radius"]) : '');
70
- $border_width = ((isset($_POST["border_width"])) ? esc_html($_POST["border_width"]) : '');
71
- $show_cat = ((isset($_POST["show_cat"])) ? esc_html($_POST["show_cat"]) : '');
72
- $top_height = ((isset($_POST["top_height"])) ? esc_html($_POST["top_height"]) : '');
73
- $bg_top = ((isset($_POST["bg_top"])) ? esc_html($_POST["bg_top"]) : '');
74
- $year_font_size = ((isset($_POST["year_font_size"])) ? esc_html($_POST["year_font_size"]) : '');
75
- $text_color_year = ((isset($_POST["text_color_year"])) ? esc_html($_POST["text_color_year"]) : '');
76
- $arrow_color_year = ((isset($_POST["arrow_color_year"])) ? esc_html($_POST["arrow_color_year"]) : '');
77
- $month_type = ((isset($_POST["month_type"])) ? esc_html($_POST["month_type"]) : '');
78
- $month_font_size = ((isset($_POST["month_font_size"])) ? esc_html($_POST["month_font_size"]) : '');
79
- $text_color_month = ((isset($_POST["text_color_month"])) ? esc_html($_POST["text_color_month"]) : '');
80
- $arrow_color_month = ((isset($_POST["arrow_color_month"])) ? esc_html($_POST["arrow_color_month"]) : '');
81
- $next_month_text_color = ((isset($_POST["next_month_text_color"])) ? esc_html($_POST["next_month_text_color"]) : '');
82
- $next_month_font_size = ((isset($_POST["next_month_font_size"])) ? esc_html($_POST["next_month_font_size"]) : '');
83
- $next_month_arrow_color = ((isset($_POST["next_month_arrow_color"])) ? esc_html($_POST["next_month_arrow_color"]) : '');
84
- $prev_month_text_color = ((isset($_POST["prev_month_text_color"])) ? esc_html($_POST["prev_month_text_color"]) : '');
85
- $prev_month_font_size = ((isset($_POST["prev_month_font_size"])) ? esc_html($_POST["prev_month_font_size"]) : '');
86
- $prev_month_arrow_color = ((isset($_POST["prev_month_arrow_color"])) ? esc_html($_POST["prev_month_arrow_color"]) : '');
87
- $arrow_size = ((isset($_POST["arrow_size"])) ? esc_html($_POST["arrow_size"]) : '');
88
- $text_color_week_days = ((isset($_POST["text_color_week_days"])) ? esc_html($_POST["text_color_week_days"]) : '');
89
- $week_days_cell_height = ((isset($_POST["week_days_cell_height"])) ? esc_html($_POST["week_days_cell_height"]) : '');
90
- $weekdays_bg_color = ((isset($_POST["weekdays_bg_color"])) ? esc_html($_POST["weekdays_bg_color"]) : '');
91
- $weekday_sunday_bg_color = ((isset($_POST["weekday_sunday_bg_color"])) ? esc_html($_POST["weekday_sunday_bg_color"]) : '');
92
- $weekdays_font_size = ((isset($_POST["weekdays_font_size"])) ? esc_html($_POST["weekdays_font_size"]) : '');
93
- $bg_bottom = ((isset($_POST["bg_bottom"])) ? esc_html($_POST["bg_bottom"]) : '');
94
- $cell_height = ((isset($_POST["cell_height"])) ? esc_html($_POST["cell_height"]) : '');
95
- $text_color_other_months = ((isset($_POST["text_color_other_months"])) ? esc_html($_POST["text_color_other_months"]) : '');
96
- $bg_color_other_months = ((isset($_POST["bg_color_other_months"])) ? esc_html($_POST["bg_color_other_months"]) : '');
97
- $text_color_this_month_unevented = ((isset($_POST["text_color_this_month_unevented"])) ? esc_html($_POST["text_color_this_month_unevented"]) : '');
98
- $text_color_this_month_evented = ((isset($_POST["text_color_this_month_evented"])) ? esc_html($_POST["text_color_this_month_evented"]) : '');
99
- $bg_color_this_month_evented = ((isset($_POST["bg_color_this_month_evented"])) ? esc_html($_POST["bg_color_this_month_evented"]) : '');
100
- $event_title_color = ((isset($_POST["event_title_color"])) ? esc_html($_POST["event_title_color"]) : '');
101
- $current_day_border_color = ((isset($_POST["current_day_border_color"])) ? esc_html($_POST["current_day_border_color"]) : '');
102
- $cell_border_color = ((isset($_POST["cell_border_color"])) ? esc_html($_POST["cell_border_color"]) : '');
103
- $text_color_sun_days = ((isset($_POST["text_color_sun_days"])) ? esc_html($_POST["text_color_sun_days"]) : '');
104
- $sundays_bg_color = ((isset($_POST["sundays_bg_color"])) ? esc_html($_POST["sundays_bg_color"]) : '');
105
- $sundays_font_size = ((isset($_POST["sundays_font_size"])) ? esc_html($_POST["sundays_font_size"]) : '');
106
- $other_days_font_size = ((isset($_POST["other_days_font_size"])) ? esc_html($_POST["other_days_font_size"]) : '');
107
- $show_time = ((isset($_POST["show_time"])) ? esc_html($_POST["show_time"]) : '');
108
- $show_event = ((isset($_POST["show_event"])) ? esc_html($_POST["show_event"]) : '');
109
- $date_format = ((isset($_POST["date_format"])) ? esc_html($_POST["date_format"]) : '');
110
- $title_color = ((isset($_POST["title_color"])) ? esc_html($_POST["title_color"]) : '');
111
- $title_font_size = ((isset($_POST["title_font_size"])) ? esc_html($_POST["title_font_size"]) : '');
112
- $title_font = ((isset($_POST["title_font"])) ? esc_html($_POST["title_font"]) : '');
113
- $title_style = ((isset($_POST["title_style"])) ? esc_html($_POST["title_style"]) : '');
114
- $date_color = ((isset($_POST["date_color"])) ? esc_html($_POST["date_color"]) : '');
115
- $date_size = ((isset($_POST["date_size"])) ? esc_html($_POST["date_size"]) : '');
116
- $date_font = ((isset($_POST["date_font"])) ? esc_html($_POST["date_font"]) : '');
117
- $date_style = ((isset($_POST["date_style"])) ? esc_html($_POST["date_style"]) : '');
118
- $next_prev_event_bgcolor = ((isset($_POST["next_prev_event_bgcolor"])) ? esc_html($_POST["next_prev_event_bgcolor"]) : '');
119
- $next_prev_event_arrowcolor = ((isset($_POST["next_prev_event_arrowcolor"])) ? esc_html($_POST["next_prev_event_arrowcolor"]) : '');
120
- $show_event_bgcolor = ((isset($_POST["show_event_bgcolor"])) ? esc_html($_POST["show_event_bgcolor"]) : '');
121
- $popup_width = ((isset($_POST["popup_width"])) ? esc_html($_POST["popup_width"]) : '');
122
- $popup_height = ((isset($_POST["popup_height"])) ? esc_html($_POST["popup_height"]) : '');
123
- $number_of_shown_evetns = ((isset($_POST["number_of_shown_evetns"])) ? esc_html($_POST["number_of_shown_evetns"]) : '');
124
- $show_repeat = ((isset($_POST["show_repeat"])) ? esc_html($_POST["show_repeat"]) : '');
125
- $day_start = ((isset($_POST["show_event"])) ? esc_html($_POST["show_event"]) : '');
126
- $views_tabs_font_size = ((isset($_POST["views_tabs_font_size"])) ? esc_html($_POST["views_tabs_font_size"]) : '');
127
- $views_tabs_text_color = ((isset($_POST["views_tabs_text_color"])) ? esc_html($_POST["views_tabs_text_color"]) : '');
128
- $views_tabs_bg_color = ((isset($_POST["views_tabs_bg_color"])) ? esc_html($_POST["views_tabs_bg_color"]) : '');
129
- $day_month_font_color = ((isset($_POST["day_month_font_color"])) ? esc_html($_POST["day_month_font_color"]) : '');
130
- $week_font_color = ((isset($_POST["week_font_color"])) ? esc_html($_POST["week_font_color"]) : '');
131
- $day_month_font_size = ((isset($_POST["day_month_font_size"])) ? esc_html($_POST["day_month_font_size"]) : '');
132
- $week_font_size = ((isset($_POST["week_font_size"])) ? esc_html($_POST["week_font_size"]) : '');
133
- $ev_title_bg_color = ((isset($_POST["ev_title_bg_color"])) ? esc_html($_POST["ev_title_bg_color"]) : '');
134
- $date_height = ((isset($_POST["date_height"])) ? esc_html($_POST["date_height"]) : '');
135
- $event_table_height = ((isset($_POST["event_table_height"])) ? esc_html($_POST["event_table_height"]) : '');
136
- $event_num_font_size = ((isset($_POST["event_num_font_size"])) ? esc_html($_POST["event_num_font_size"]) : '');
137
- $date_font_size = ((isset($_POST["date_font_size"])) ? esc_html($_POST["date_font_size"]) : '');
138
- $event_num_color = ((isset($_POST["event_num_color"])) ? esc_html($_POST["event_num_color"]) : '');
139
- $event_num_bg_color2 = ((isset($_POST["event_num_bg_color2"])) ? esc_html($_POST["event_num_bg_color2"]) : '');
140
- $event_num_bg_color1 = ((isset($_POST["event_num_bg_color1"])) ? esc_html($_POST["event_num_bg_color1"]) : '');
141
- $event_bg_color2 = ((isset($_POST["event_bg_color2"])) ? esc_html($_POST["event_bg_color2"]) : '');
142
- $event_bg_color1 = ((isset($_POST["event_bg_color1"])) ? esc_html($_POST["event_bg_color1"]) : '');
143
- $date_bg_color = ((isset($_POST["date_bg_color"])) ? esc_html($_POST["date_bg_color"]) : '');
144
  if ($id === -1) {
145
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_theme', array(
146
  'id' => NULL,
16
  $sort["1_or_2"] = "2";
17
  if (isset($_POST['page_number'])) {
18
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
19
+ $sort["sortid_by"] = esc_sql(esc_html(stripslashes($_POST['order_by'])));
20
  }
21
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
22
  $sort["custom_style"] = "manage-column column-title sorted asc";
29
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
30
  }
31
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
32
+ $limit = (esc_sql(esc_html(stripslashes($_POST['page_number']))) - 1) * 20;
33
  }
34
  else {
35
  $limit = 0;
39
  $limit = 0;
40
  }
41
  if (isset($_POST['search_events_by_title'])) {
42
+ $search_tag = esc_sql(esc_html(stripslashes($_POST['search_events_by_title'])));
43
  }
44
  else {
45
  $search_tag = "";
62
 
63
  function apply_theme_calendar($id) {
64
  global $wpdb;
65
+ $title = ((isset($_POST["title"])) ? esc_sql(esc_html(stripslashes($_POST["title"]))) : '');
66
+ $width = ((isset($_POST["width"])) ? esc_sql(esc_html(stripslashes($_POST["width"]))) : '');
67
+ $week_start_day = ((isset($_POST["week_start_day"])) ? esc_sql(esc_html(stripslashes($_POST["week_start_day"]))) : '');
68
+ $border_color = ((isset($_POST["border_color"])) ? esc_sql(esc_html(stripslashes($_POST["border_color"]))) : '');
69
+ $border_radius = ((isset($_POST["border_radius"])) ? esc_sql(esc_html(stripslashes($_POST["border_radius"]))) : '');
70
+ $border_width = ((isset($_POST["border_width"])) ? esc_sql(esc_html(stripslashes($_POST["border_width"]))) : '');
71
+ $show_cat = ((isset($_POST["show_cat"])) ? esc_sql(esc_html(stripslashes($_POST["show_cat"]))) : '');
72
+ $top_height = ((isset($_POST["top_height"])) ? esc_sql(esc_html(stripslashes($_POST["top_height"]))) : '');
73
+ $bg_top = ((isset($_POST["bg_top"])) ? esc_sql(esc_html(stripslashes($_POST["bg_top"]))) : '');
74
+ $year_font_size = ((isset($_POST["year_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["year_font_size"]))) : '');
75
+ $text_color_year = ((isset($_POST["text_color_year"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_year"]))) : '');
76
+ $arrow_color_year = ((isset($_POST["arrow_color_year"])) ? esc_sql(esc_html(stripslashes($_POST["arrow_color_year"]))) : '');
77
+ $month_type = ((isset($_POST["month_type"])) ? esc_sql(esc_html(stripslashes($_POST["month_type"]))) : '');
78
+ $month_font_size = ((isset($_POST["month_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["month_font_size"]))) : '');
79
+ $text_color_month = ((isset($_POST["text_color_month"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_month"]))) : '');
80
+ $date_font = ((isset($_POST["date_font"])) ? esc_sql(esc_html(stripslashes($_POST["date_font"]))) : '');
81
+ $date_style = ((isset($_POST["date_style"])) ? esc_sql(esc_html(stripslashes($_POST["date_style"]))) : '');
82
+ $next_prev_event_bgcolor = ((isset($_POST["next_prev_event_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["next_prev_event_bgcolor"]))) : '');
83
+ $next_prev_event_arrowcolor = ((isset($_POST["next_prev_event_arrowcolor"])) ? esc_sql(esc_html(stripslashes($_POST["next_prev_event_arrowcolor"]))) : '');
84
+ $show_event_bgcolor = ((isset($_POST["show_event_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["show_event_bgcolor"]))) : '');
85
+ $popup_width = ((isset($_POST["popup_width"])) ? esc_sql(esc_html(stripslashes($_POST["popup_width"]))) : '');
86
+ $popup_height = ((isset($_POST["popup_height"])) ? esc_sql(esc_html(stripslashes($_POST["popup_height"]))) : '');
87
+ $number_of_shown_evetns = ((isset($_POST["number_of_shown_evetns"])) ? esc_sql(esc_html(stripslashes($_POST["number_of_shown_evetns"]))) : '');
88
+ $show_repeat = ((isset($_POST["show_repeat"])) ? esc_sql(esc_html(stripslashes($_POST["show_repeat"]))) : '');
89
+ $day_start = ((isset($_POST["show_event"])) ? esc_sql(esc_html(stripslashes($_POST["show_event"]))) : '');
90
+ $views_tabs_font_size = ((isset($_POST["views_tabs_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["views_tabs_font_size"]))) : '');
91
+ $views_tabs_text_color = ((isset($_POST["views_tabs_text_color"])) ? esc_sql(esc_html(stripslashes($_POST["views_tabs_text_color"]))) : '');
92
+ $views_tabs_bg_color = ((isset($_POST["views_tabs_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["views_tabs_bg_color"]))) : '');
93
+ $day_month_font_color = ((isset($_POST["day_month_font_color"])) ? esc_sql(esc_html(stripslashes($_POST["day_month_font_color"]))) : '');
94
+ $week_font_color = ((isset($_POST["week_font_color"])) ? esc_sql(esc_html(stripslashes($_POST["week_font_color"]))) : '');
95
+ $day_month_font_size = ((isset($_POST["day_month_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["day_month_font_size"]))) : '');
96
+ $week_font_size = ((isset($_POST["week_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["week_font_size"]))) : '');
97
+ $ev_title_bg_color = ((isset($_POST["ev_title_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["ev_title_bg_color"]))) : '');
98
+ $date_height = ((isset($_POST["date_height"])) ? esc_sql(esc_html(stripslashes($_POST["date_height"]))) : '');
99
+ $event_table_height = ((isset($_POST["event_table_height"])) ? esc_sql(esc_html(stripslashes($_POST["event_table_height"]))) : '');
100
+ $event_num_font_size = ((isset($_POST["event_num_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["event_num_font_size"]))) : '');
101
+ $date_font_size = ((isset($_POST["date_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["date_font_size"]))) : '');
102
+ $event_num_color = ((isset($_POST["event_num_color"])) ? esc_sql(esc_html(stripslashes($_POST["event_num_color"]))) : '');
103
+ $event_num_bg_color2 = ((isset($_POST["event_num_bg_color2"])) ? esc_sql(esc_html(stripslashes($_POST["event_num_bg_color2"]))) : '');
104
+ $event_num_bg_color1 = ((isset($_POST["event_num_bg_color1"])) ? esc_sql(esc_html(stripslashes($_POST["event_num_bg_color1"]))) : '');
105
+ $event_bg_color2 = ((isset($_POST["event_bg_color2"])) ? esc_sql(esc_html(stripslashes($_POST["event_bg_color2"]))) : '');
106
+ $event_bg_color1 = ((isset($_POST["event_bg_color1"])) ? esc_sql(esc_html(stripslashes($_POST["event_bg_color1"]))) : '');
107
+ $date_bg_color = ((isset($_POST["date_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["date_bg_color"]))) : '');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
108
  if ($id === -1) {
109
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_theme', array(
110
  'id' => NULL,
calendar.php CHANGED
@@ -4,7 +4,7 @@
4
  Plugin Name: Spider Event Calendar
5
  Plugin URI: http://web-dorado.com/products/wordpress-calendar.html
6
  Description: Spider Event Calendar is a highly configurable product which allows you to have multiple organized events. Spider Event Calendar is an extraordinary user friendly extension.
7
- Version: 1.4.12
8
  Author: http://web-dorado.com/
9
  License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
10
  */
@@ -328,11 +328,11 @@ function spider_calendar_quick_update() {
328
  global $wpdb;
329
  if (isset($_POST['calendar_id']) && isset($_POST['calendar_title']) && isset($_POST['us_12_format_sp_calendar']) && isset($_POST['default_year']) && isset($_POST['default_month'])) {
330
  $wpdb->update($wpdb->prefix . 'spidercalendar_calendar', array(
331
- 'title' => $_POST['calendar_title'],
332
- 'time_format' => $_POST['us_12_format_sp_calendar'],
333
- 'def_year' => $_POST['default_year'],
334
- 'def_month' => $_POST['default_month'],
335
- ), array('id' => $_POST['calendar_id']), array(
336
  '%s',
337
  '%d',
338
  '%s',
4
  Plugin Name: Spider Event Calendar
5
  Plugin URI: http://web-dorado.com/products/wordpress-calendar.html
6
  Description: Spider Event Calendar is a highly configurable product which allows you to have multiple organized events. Spider Event Calendar is an extraordinary user friendly extension.
7
+ Version: 1.4.13
8
  Author: http://web-dorado.com/
9
  License: GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
10
  */
328
  global $wpdb;
329
  if (isset($_POST['calendar_id']) && isset($_POST['calendar_title']) && isset($_POST['us_12_format_sp_calendar']) && isset($_POST['default_year']) && isset($_POST['default_month'])) {
330
  $wpdb->update($wpdb->prefix . 'spidercalendar_calendar', array(
331
+ 'title' => esc_sql(esc_html(stripslashes($_POST['calendar_title']))),
332
+ 'time_format' => esc_sql(esc_html(stripslashes($_POST['us_12_format_sp_calendar']))),
333
+ 'def_year' => esc_sql(esc_html(stripslashes($_POST['default_year']))),
334
+ 'def_month' => esc_sql(esc_html(stripslashes($_POST['default_month']))),
335
+ ), array('id' => esc_sql(esc_html(stripslashes($_POST['calendar_id'])))), array(
336
  '%s',
337
  '%d',
338
  '%s',
calendar_functions.html.php CHANGED
@@ -145,7 +145,7 @@ function html_show_spider_calendar($rows, $pageNav, $sort) {
145
  </table>
146
  <?php
147
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
148
- $serch_value = $_POST['search_events_by_title'];
149
  }
150
  else {
151
  $serch_value = "";
@@ -209,9 +209,9 @@ function html_show_spider_calendar($rows, $pageNav, $sort) {
209
  <?php } ?>
210
  </tbody>
211
  </table>
212
- <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo $_POST['id_for_playlist'];?>"/>
213
- <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo $_POST['asc_or_desc'];?>"/>
214
- <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo $_POST['order_by'];?>"/>
215
  <?php
216
  ?>
217
  </form>
@@ -643,7 +643,7 @@ function show_event_category($rows, $pageNav, $sort){
643
  </table>
644
  <?php
645
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
646
- $serch_value = $_POST['search_cat_by_title'];
647
  }
648
  else {
649
  $serch_value = "";
@@ -710,9 +710,9 @@ function show_event_category($rows, $pageNav, $sort){
710
  <?php } ?>
711
  </tbody>
712
  </table>
713
- <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo $_POST['id_for_playlist'];?>"/>
714
- <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo $_POST['asc_or_desc'];?>"/>
715
- <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo $_POST['order_by'];?>"/>
716
  <?php
717
  ?>
718
  </form>
@@ -996,13 +996,13 @@ else
996
  </table>
997
  <?php
998
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
999
- $serch_value = $_POST['search_events_by_title'];
1000
  }
1001
  else {
1002
  $serch_value = "";
1003
  }
1004
- $startdate = (isset($_POST["startdate"]) ? esc_html($_POST["startdate"]) : '');
1005
- $enddate = (isset($_POST["enddate"]) ? esc_html($_POST["enddate"]) : '');
1006
  $serch_fields = '
1007
  <div class="alignleft actions">
1008
  <label for="search_events_by_title" style="font-size:14px">Title: </label>
@@ -1088,8 +1088,8 @@ else
1088
  </tbody>
1089
  </table>
1090
  <input type="hidden" name="boxchecked" value="0">
1091
- <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo $_POST['asc_or_desc']; ?>"/>
1092
- <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo $_POST['order_by']; ?>"/>
1093
  <?php
1094
  ?>
1095
  </form>
@@ -1167,13 +1167,13 @@ function html_show_spider_event($rows, $pageNav, $sort, $calendar_id, $cal_name)
1167
  </table>
1168
  <?php
1169
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
1170
- $serch_value = $_POST['search_events_by_title'];
1171
  }
1172
  else {
1173
  $serch_value = "";
1174
  }
1175
- $startdate = (isset($_POST["startdate"]) ? esc_html($_POST["startdate"]) : '');
1176
- $enddate = (isset($_POST["enddate"]) ? esc_html($_POST["enddate"]) : '');
1177
  $serch_fields = '
1178
  <div class="alignleft actions">
1179
  <label for="search_events_by_title" style="font-size:14px">Title: </label>
@@ -1257,9 +1257,9 @@ function html_show_spider_event($rows, $pageNav, $sort, $calendar_id, $cal_name)
1257
  <?php } ?>
1258
  </tbody>
1259
  </table>
1260
- <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo $_POST['id_for_playlist']; ?>"/>
1261
- <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo $_POST['asc_or_desc']; ?>"/>
1262
- <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo $_POST['order_by']; ?>"/>
1263
  <?php
1264
  ?>
1265
  </form>
145
  </table>
146
  <?php
147
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
148
+ $serch_value = esc_js(esc_html(stripslashes($_POST['search_events_by_title'])));
149
  }
150
  else {
151
  $serch_value = "";
209
  <?php } ?>
210
  </tbody>
211
  </table>
212
+ <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo esc_js(esc_html(stripslashes($_POST['id_for_playlist'])));?>"/>
213
+ <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo esc_js(esc_html(stripslashes($_POST['asc_or_desc'])));?>"/>
214
+ <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo esc_js(esc_html(stripslashes($_POST['order_by'])));?>"/>
215
  <?php
216
  ?>
217
  </form>
643
  </table>
644
  <?php
645
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
646
+ $serch_value = esc_js(esc_html(stripslashes($_POST['search_cat_by_title'])));
647
  }
648
  else {
649
  $serch_value = "";
710
  <?php } ?>
711
  </tbody>
712
  </table>
713
+ <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo esc_js(esc_html(stripslashes($_POST['id_for_playlist'])));?>"/>
714
+ <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo esc_js(esc_html(stripslashes($_POST['asc_or_desc'])));?>"/>
715
+ <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo esc_js(esc_html(stripslashes($_POST['order_by'])));?>"/>
716
  <?php
717
  ?>
718
  </form>
996
  </table>
997
  <?php
998
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
999
+ $serch_value = esc_js(esc_html(stripslashes($_POST['search_events_by_title'])));
1000
  }
1001
  else {
1002
  $serch_value = "";
1003
  }
1004
+ $startdate = (isset($_POST["startdate"]) ? esc_js(esc_html(stripslashes($_POST["startdate"]))) : '');
1005
+ $enddate = (isset($_POST["enddate"]) ? esc_js(esc_html(stripslashes($_POST["enddate"]))) : '');
1006
  $serch_fields = '
1007
  <div class="alignleft actions">
1008
  <label for="search_events_by_title" style="font-size:14px">Title: </label>
1088
  </tbody>
1089
  </table>
1090
  <input type="hidden" name="boxchecked" value="0">
1091
+ <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo esc_js(esc_html(stripslashes($_POST['asc_or_desc']))); ?>"/>
1092
+ <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo esc_js(esc_html(stripslashes($_POST['order_by']))); ?>"/>
1093
  <?php
1094
  ?>
1095
  </form>
1167
  </table>
1168
  <?php
1169
  if (isset($_POST['serch_or_not']) && ($_POST['serch_or_not'] == "search")) {
1170
+ $serch_value = esc_js(esc_html(stripslashes($_POST['search_events_by_title'])));
1171
  }
1172
  else {
1173
  $serch_value = "";
1174
  }
1175
+ $startdate = (isset($_POST["startdate"]) ? esc_js(esc_html(stripslashes($_POST["startdate"]))) : '');
1176
+ $enddate = (isset($_POST["enddate"]) ? esc_js(esc_html(stripslashes($_POST["enddate"]))) : '');
1177
  $serch_fields = '
1178
  <div class="alignleft actions">
1179
  <label for="search_events_by_title" style="font-size:14px">Title: </label>
1257
  <?php } ?>
1258
  </tbody>
1259
  </table>
1260
+ <input type="hidden" name="id_for_playlist" id="id_for_playlist" value="<?php if (isset($_POST['id_for_playlist'])) echo esc_js(esc_html(stripslashes($_POST['id_for_playlist']))); ?>"/>
1261
+ <input type="hidden" name="asc_or_desc" id="asc_or_desc" value="<?php if (isset($_POST['asc_or_desc'])) echo esc_js(esc_html(stripslashes($_POST['asc_or_desc']))); ?>"/>
1262
+ <input type="hidden" name="order_by" id="order_by" value="<?php if (isset($_POST['order_by'])) echo esc_js(esc_html(stripslashes($_POST['order_by']))); ?>"/>
1263
  <?php
1264
  ?>
1265
  </form>
calendar_functions.php CHANGED
@@ -36,7 +36,7 @@ else $calendar_id="0";
36
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
37
  }
38
  if ($_POST['page_number']) {
39
- $limit = (esc_html($_POST['page_number'])- 1) * 20;
40
  }
41
  else {
42
  $limit = 0;
@@ -46,7 +46,7 @@ else $calendar_id="0";
46
  $limit = 0;
47
  }
48
  if (isset($_POST['search_events_by_title'])) {
49
- $search_tag = esc_html($_POST['search_events_by_title']);
50
  }
51
  else {
52
  $search_tag = "";
@@ -91,7 +91,7 @@ function show_spider_calendar() {
91
  $sort["1_or_2"] = "2";
92
  if (isset($_POST['page_number'])) {
93
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
94
- $sort["sortid_by"] = esc_sql(esc_html($_POST['order_by']));
95
  }
96
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
97
  $sort["custom_style"] = "manage-column column-title sorted asc";
@@ -104,7 +104,7 @@ function show_spider_calendar() {
104
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
105
  }
106
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
107
- $limit = (esc_html($_POST['page_number']) - 1) * 20;
108
  }
109
  else {
110
  $limit = 0;
@@ -114,7 +114,7 @@ function show_spider_calendar() {
114
  $limit = 0;
115
  }
116
  if (isset($_POST['search_events_by_title'])) {
117
- $search_tag = esc_html($_POST['search_events_by_title']);
118
  }
119
  else {
120
  $search_tag = "";
@@ -145,7 +145,7 @@ function show_event_cat(){
145
  $sort["1_or_2"] = "2";
146
  if (isset($_POST['page_number'])) {
147
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
148
- $sort["sortid_by"] = esc_sql( esc_html($_POST['order_by']));
149
  }
150
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
151
  $sort["custom_style"] = "manage-column column-title sorted asc";
@@ -158,7 +158,7 @@ function show_event_cat(){
158
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
159
  }
160
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
161
- $limit = (esc_html($_POST['page_number']) - 1) * 20;
162
  }
163
  else {
164
  $limit = 0;
@@ -168,7 +168,7 @@ function show_event_cat(){
168
  $limit = 0;
169
  }
170
  if (isset($_POST['search_cat_by_title'])) {
171
- $search_tag = esc_html($_POST['search_cat_by_title']);
172
  }
173
  else {
174
  $search_tag = "";
@@ -236,10 +236,10 @@ function save_spider_category_event() {
236
  }
237
  */
238
  if(isset($_POST['title'])){
239
- $title = (isset($_POST["title"]) ? esc_html(stripslashes($_POST["title"])) : '');
240
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
241
- $color = (isset($_POST["color"]) ? esc_html(stripslashes($_POST["color"])) : '');
242
- $description = (isset($_POST["description"]) ? esc_html(stripslashes($_POST["description"])) : '');
243
  global $wpdb;
244
 
245
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_event_category', array(
@@ -291,10 +291,10 @@ function spider_category_published($id) {
291
 
292
  function apply_spider_category_event($id) {
293
 
294
- $title = (isset($_POST["title"]) ? esc_html(stripslashes($_POST["title"])) : '');
295
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
296
- $color = (isset($_POST["color"]) ? esc_html(stripslashes($_POST["color"])) : '');
297
- $description = (isset($_POST["description"]) ? esc_html(stripslashes($_POST["description"])) : '');
298
  global $wpdb;
299
 
300
 
@@ -319,12 +319,12 @@ function apply_spider_calendar($id) {
319
  exit;
320
  }
321
  if(isset($_POST['title'])){
322
- $title = (isset($_POST["title"]) ? esc_html(stripslashes($_POST["title"])) : '');
323
- $user_type = (isset($_POST["user_type"]) ? esc_html($_POST["user_type"]) : '');
324
  $time_format = (isset($_POST["time_format"]) ? (int) $_POST["time_format"] : 0);
325
- $def_year = (isset($_POST["def_year"]) ? esc_html($_POST["def_year"]) : '');
326
- $def_month = (isset($_POST["def_month"]) ? esc_html($_POST["def_month"]) : '');
327
- $allow_publish = (isset($_POST["allow_publish"]) ? esc_html($_POST["allow_publish"]) : '');
328
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
329
  global $wpdb;
330
  if ($id === -1) {
@@ -422,7 +422,7 @@ global $wpdb;
422
  $sort["1_or_2"] = "2";
423
  if (isset($_POST['page_number'])) {
424
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
425
- $sort["sortid_by"] =esc_sql( esc_html($_POST['order_by']));
426
  }
427
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
428
  $sort["custom_style"] = "manage-column column-title sorted asc";
@@ -435,7 +435,7 @@ global $wpdb;
435
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
436
  }
437
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
438
- $limit = (esc_html($_POST['page_number']) - 1) * 20;
439
  }
440
  else {
441
  $limit = 0;
@@ -445,7 +445,7 @@ global $wpdb;
445
  $limit = 0;
446
  }
447
  if (isset($_POST['search_events_by_title'])) {
448
- $search_tag = esc_html($_POST['search_events_by_title']);
449
  }
450
  else {
451
  $search_tag = "";
@@ -457,10 +457,10 @@ global $wpdb;
457
  $where = '';
458
  }
459
  if (isset($_POST['startdate']) && esc_html($_POST['startdate'])) {
460
- $where .= ' AND ' . $wpdb->prefix . 'spidercalendar_event.date > \'' . esc_sql( esc_html($_POST['startdate']) ) . '\' ';
461
  }
462
  if (isset($_POST['enddate']) && $_POST['enddate']) {
463
- $where .= ' AND ' . $wpdb->prefix . 'spidercalendar_event.date < \'' .esc_sql( esc_html($_POST['enddate']) ). '\' ';
464
  }
465
  // Get the total number of records.
466
  $query = $wpdb->prepare ("SELECT COUNT(*) FROM " . $wpdb->prefix . "spidercalendar_event WHERE calendar=%d " . $where . " ", $calendar_id);
@@ -499,29 +499,29 @@ function edit_spider_event($calendar_id, $id) {
499
  function apply_spider_event($calendar_id, $id) {
500
  global $wpdb;
501
  if(isset($_POST['title'])){
502
- $title = ((isset($_POST['title'])) ? esc_html(stripslashes($_POST['title'])) : '');
503
- $category = ((isset($_POST['category'])) ? esc_html(stripslashes($_POST['category'])) : '');
504
- $text_for_date = ((isset($_POST['text_for_date'])) ? stripslashes($_POST['text_for_date']) : '');
505
  $published = ((isset($_POST['published'])) ? (int) $_POST['published'] : 1);
506
- $repeat = ((isset($_POST['repeat'])) ? esc_html($_POST['repeat']) : '');
507
- $week = ((isset($_POST['week'])) ? esc_html($_POST['week']) : '');
508
- $month = ((isset($_POST['month'])) ? esc_html($_POST['month']) : '');
509
- $monthly_list = ((isset($_POST['monthly_list'])) ? esc_html($_POST['monthly_list']) : '');
510
- $month_type = ((isset($_POST['month_type'])) ? esc_html($_POST['month_type']) : '');
511
- $month_week = ((isset($_POST['month_week'])) ? esc_html($_POST['month_week']) : '');
512
- $year_month = ((isset($_POST['year_month'])) ? esc_html($_POST['year_month']) : '');
513
- $repeat_method = ((isset($_POST['repeat_method'])) ? esc_html($_POST['repeat_method']) : 'no_repeat');
514
- $date = ((isset($_POST['date'])) ? esc_html($_POST['date']) : '');
515
- $date_end = ((isset($_POST['date_end'])) ? esc_html($_POST['date_end']) : '');
516
  if ($date_end == '' && $repeat_method != 'no_repeat') {
517
  $date_end = '2070-12-12';
518
  }
519
- $select_from = ((isset($_POST['select_from'])) ? esc_html($_POST['select_from']) : '');
520
- $select_to = ((isset($_POST['select_to'])) ? esc_html($_POST['select_to']) : '');
521
- $selhour_from = ((isset($_POST['selhour_from'])) ? esc_html($_POST['selhour_from']) : '');
522
- $selhour_to = ((isset($_POST['selhour_to'])) ? esc_html($_POST['selhour_to']) : '');
523
- $selminute_from = ((isset($_POST['selminute_from'])) ? esc_html($_POST['selminute_from']) : '');
524
- $selminute_to = ((isset($_POST['selminute_to'])) ? esc_html($_POST['selminute_to']) : '');
525
  if ($selhour_from) {
526
  if ($selhour_to) {
527
  $time = $selhour_from . ':' . $selminute_from . '' . $select_from . '-' . $selhour_to . ':' . $selminute_to . '' . $select_to;
36
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
37
  }
38
  if ($_POST['page_number']) {
39
+ $limit = (esc_sql(esc_html(stripslashes($_POST['page_number'])))- 1) * 20;
40
  }
41
  else {
42
  $limit = 0;
46
  $limit = 0;
47
  }
48
  if (isset($_POST['search_events_by_title'])) {
49
+ $search_tag = esc_sql(esc_html(stripslashes($_POST['search_events_by_title'])));
50
  }
51
  else {
52
  $search_tag = "";
91
  $sort["1_or_2"] = "2";
92
  if (isset($_POST['page_number'])) {
93
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
94
+ $sort["sortid_by"] = esc_sql(esc_html(stripslashes($_POST['order_by'])));
95
  }
96
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
97
  $sort["custom_style"] = "manage-column column-title sorted asc";
104
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
105
  }
106
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
107
+ $limit = (esc_sql(esc_html(stripslashes($_POST['page_number']))) - 1) * 20;
108
  }
109
  else {
110
  $limit = 0;
114
  $limit = 0;
115
  }
116
  if (isset($_POST['search_events_by_title'])) {
117
+ $search_tag = esc_sql(esc_html(stripslashes($_POST['search_events_by_title'])));
118
  }
119
  else {
120
  $search_tag = "";
145
  $sort["1_or_2"] = "2";
146
  if (isset($_POST['page_number'])) {
147
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
148
+ $sort["sortid_by"] = esc_sql(esc_html(stripslashes($_POST['order_by'])));
149
  }
150
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
151
  $sort["custom_style"] = "manage-column column-title sorted asc";
158
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
159
  }
160
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
161
+ $limit = (esc_sql(esc_html(stripslashes($_POST['page_number']))) - 1) * 20;
162
  }
163
  else {
164
  $limit = 0;
168
  $limit = 0;
169
  }
170
  if (isset($_POST['search_cat_by_title'])) {
171
+ $search_tag = esc_sql(esc_html(stripslashes($_POST['search_cat_by_title'])));
172
  }
173
  else {
174
  $search_tag = "";
236
  }
237
  */
238
  if(isset($_POST['title'])){
239
+ $title = (isset($_POST["title"]) ? esc_sql(esc_html(stripslashes($_POST["title"]))) : '');
240
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
241
+ $color = (isset($_POST["color"]) ? esc_sql(esc_html(stripslashes($_POST["color"]))) : '');
242
+ $description = (isset($_POST["description"]) ? esc_sql(esc_html(stripslashes($_POST["description"]))) : '');
243
  global $wpdb;
244
 
245
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_event_category', array(
291
 
292
  function apply_spider_category_event($id) {
293
 
294
+ $title = (isset($_POST["title"]) ? esc_sql(esc_html(stripslashes($_POST["title"]))) : '');
295
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
296
+ $color = (isset($_POST["color"]) ? esc_sql(esc_html(stripslashes($_POST["color"]))) : '');
297
+ $description = (isset($_POST["description"]) ? esc_sql(esc_html(stripslashes($_POST["description"]))) : '');
298
  global $wpdb;
299
 
300
 
319
  exit;
320
  }
321
  if(isset($_POST['title'])){
322
+ $title = (isset($_POST["title"]) ? esc_sql(esc_html(stripslashes($_POST["title"]))) : '');
323
+ $user_type = (isset($_POST["user_type"]) ? esc_sql(esc_html(stripslashes($_POST["user_type"]))) : '');
324
  $time_format = (isset($_POST["time_format"]) ? (int) $_POST["time_format"] : 0);
325
+ $def_year = (isset($_POST["def_year"]) ? esc_sql(esc_html(stripslashes($_POST["def_year"]))) : '');
326
+ $def_month = (isset($_POST["def_month"]) ? esc_sql(esc_html(stripslashes($_POST["def_month"]))) : '');
327
+ $allow_publish = (isset($_POST["allow_publish"]) ? esc_sql(esc_html(stripslashes($_POST["allow_publish"]))) : '');
328
  $published = (isset($_POST["published"]) ? (int) $_POST["published"] : 1);
329
  global $wpdb;
330
  if ($id === -1) {
422
  $sort["1_or_2"] = "2";
423
  if (isset($_POST['page_number'])) {
424
  if (isset($_POST['order_by']) && esc_html($_POST['order_by']) != '') {
425
+ $sort["sortid_by"] =esc_sql(esc_html(stripslashes($_POST['order_by'])));
426
  }
427
  if (isset($_POST['asc_or_desc']) && (esc_html($_POST['asc_or_desc']) == 1)) {
428
  $sort["custom_style"] = "manage-column column-title sorted asc";
435
  $order = "ORDER BY " . $sort["sortid_by"] . " DESC";
436
  }
437
  if (isset($_POST['page_number']) && (esc_html($_POST['page_number']))) {
438
+ $limit = (esc_sql(esc_html(stripslashes($_POST['page_number']))) - 1) * 20;
439
  }
440
  else {
441
  $limit = 0;
445
  $limit = 0;
446
  }
447
  if (isset($_POST['search_events_by_title'])) {
448
+ $search_tag = esc_sql(esc_html(stripslashes($_POST['search_events_by_title'])));
449
  }
450
  else {
451
  $search_tag = "";
457
  $where = '';
458
  }
459
  if (isset($_POST['startdate']) && esc_html($_POST['startdate'])) {
460
+ $where .= ' AND ' . $wpdb->prefix . 'spidercalendar_event.date > \'' . esc_sql(esc_html(stripslashes($_POST['startdate']))) . '\' ';
461
  }
462
  if (isset($_POST['enddate']) && $_POST['enddate']) {
463
+ $where .= ' AND ' . $wpdb->prefix . 'spidercalendar_event.date < \'' .esc_sql(esc_html(stripslashes($_POST['enddate']))). '\' ';
464
  }
465
  // Get the total number of records.
466
  $query = $wpdb->prepare ("SELECT COUNT(*) FROM " . $wpdb->prefix . "spidercalendar_event WHERE calendar=%d " . $where . " ", $calendar_id);
499
  function apply_spider_event($calendar_id, $id) {
500
  global $wpdb;
501
  if(isset($_POST['title'])){
502
+ $title = ((isset($_POST['title'])) ? esc_sql(esc_html(stripslashes($_POST['title']))) : '');
503
+ $category = ((isset($_POST['category'])) ? esc_sql(esc_html(stripslashes($_POST['category']))) : '');
504
+ $text_for_date = ((isset($_POST['text_for_date'])) ? esc_sql(esc_html(stripslashes($_POST['text_for_date']))) : '');
505
  $published = ((isset($_POST['published'])) ? (int) $_POST['published'] : 1);
506
+ $repeat = ((isset($_POST['repeat'])) ? esc_sql(esc_html(stripslashes($_POST['repeat']))) : '');
507
+ $week = ((isset($_POST['week'])) ? esc_sql(esc_html(stripslashes($_POST['week']))) : '');
508
+ $month = ((isset($_POST['month'])) ? esc_sql(esc_html(stripslashes($_POST['month']))) : '');
509
+ $monthly_list = ((isset($_POST['monthly_list'])) ? esc_sql(esc_html(stripslashes($_POST['monthly_list']))) : '');
510
+ $month_type = ((isset($_POST['month_type'])) ? esc_sql(esc_html(stripslashes($_POST['month_type']))) : '');
511
+ $month_week = ((isset($_POST['month_week'])) ? esc_sql(esc_html(stripslashes($_POST['month_week']))) : '');
512
+ $year_month = ((isset($_POST['year_month'])) ? esc_sql(esc_html(stripslashes($_POST['year_month']))) : '');
513
+ $repeat_method = ((isset($_POST['repeat_method'])) ? esc_sql(esc_html(stripslashes($_POST['repeat_method']))) : 'no_repeat');
514
+ $date = ((isset($_POST['date'])) ? esc_sql(esc_html(stripslashes($_POST['date']))) : '');
515
+ $date_end = ((isset($_POST['date_end'])) ? esc_sql(esc_html(stripslashes($_POST['date_end']))) : '');
516
  if ($date_end == '' && $repeat_method != 'no_repeat') {
517
  $date_end = '2070-12-12';
518
  }
519
+ $select_from = ((isset($_POST['select_from'])) ? esc_sql(esc_html(stripslashes($_POST['select_from']))) : '');
520
+ $select_to = ((isset($_POST['select_to'])) ? esc_sql(esc_html(stripslashes($_POST['select_to']))) : '');
521
+ $selhour_from = ((isset($_POST['selhour_from'])) ? esc_sql(esc_html(stripslashes($_POST['selhour_from']))) : '');
522
+ $selhour_to = ((isset($_POST['selhour_to'])) ? esc_sql(esc_html(stripslashes($_POST['selhour_to']))) : '');
523
+ $selminute_from = ((isset($_POST['selminute_from'])) ? esc_sql(esc_html(stripslashes($_POST['selminute_from']))) : '');
524
+ $selminute_to = ((isset($_POST['selminute_to'])) ? esc_sql(esc_html(stripslashes($_POST['selminute_to']))) : '');
525
  if ($selhour_from) {
526
  if ($selhour_to) {
527
  $time = $selhour_from . ':' . $selminute_from . '' . $select_from . '-' . $selhour_to . ':' . $selminute_to . '' . $select_to;
readme.txt CHANGED
@@ -2,9 +2,9 @@
2
  Contributors: webdorado
3
  Donate link: http://web-dorado.com/products/wordpress-calendar.html
4
  Tags: calendar, calendars, event, event calendar, event manager, events calendar,calendar widget, event registration, event management,events, Kalender, agenda, calendario, availability calendar,online calendar,holiday calendar , scheduling, free calendar, Calender, upcoming events , event widget , event list, calendar localization, Organizer, editorial calendar, Interactive Calendar, news calendar, meeting , appointment, event tracking, event organizer, upcoming events widget, event page
5
- Requires at least: 3.0
6
  Tested up to: 4.1
7
- Stable tag: 1.4.12
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -140,30 +140,6 @@ Vietnamese (vi)
140
  6. WordPress Event Calendar - Edit Theme
141
 
142
 
143
- == Frequently Asked Questions ==
144
-
145
- = 1. Can Spider Calendar display more than one event per day? =
146
- You can add multiple events per single day. The first event will be displayed in the Month view with a hyperlink �See More�. Upon clicking �See More� the list of the events will be displayed in a pop-up.
147
-
148
- = 2. Is it possible to translate the Spider Calendar into another language? =
149
- It is only possible to translate the front end of the plugin. To do so, you should set define('WPLANG','[lang_code]') to the desired language code in wp_config.php file of your website. This way the plugin should be translated automatically. Please be informed, that you can modify the translations from wp-content/plugins/spider_event_calendar/languages/ (you will need POEdit http://www.poedit.net/download.php).
150
-
151
- = 3. Can I insert a picture in an event? =
152
- Yes, you can insert any HTML, including images into the text (and even in the title) of an event.
153
-
154
- = 4. Can I create recurring events? =
155
- Yes, there are multiple options for creating recurring events, including events which repeat on a daily, monthly, weekly or yearly basis (the options can be set from the back end).
156
-
157
- = 5. Is it possible to change the month and the year initially displayed on the calendar? =
158
- Yes, when creating the calendar you can change both the initial year and display month. If you leave the year blank it will display the current year. For the month you can select a specific month from the dropdown list or leave it to �current� option.
159
-
160
- = 6. Is it possible to edit the events by the user from front end or back end? =
161
- It is only possible to add events from the back end by the Administrator role user.
162
-
163
- = 7. Why do I need separate upcoming events widget? =
164
- In addition to the typical calendar which comes as a plugin and widget, you also get an upcoming events widget. It displays the upcoming events with a list view. The theme and its overall appearance can be modified within the widget area.
165
-
166
-
167
  == Changelog ==
168
 
169
  = 1.4.11 =
2
  Contributors: webdorado
3
  Donate link: http://web-dorado.com/products/wordpress-calendar.html
4
  Tags: calendar, calendars, event, event calendar, event manager, events calendar,calendar widget, event registration, event management,events, Kalender, agenda, calendario, availability calendar,online calendar,holiday calendar , scheduling, free calendar, Calender, upcoming events , event widget , event list, calendar localization, Organizer, editorial calendar, Interactive Calendar, news calendar, meeting , appointment, event tracking, event organizer, upcoming events widget, event page
5
+ Requires at least: 3.4
6
  Tested up to: 4.1
7
+ Stable tag: 1.4.13
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
140
  6. WordPress Event Calendar - Edit Theme
141
 
142
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
143
  == Changelog ==
144
 
145
  = 1.4.11 =
spider_calendar_update.php CHANGED
@@ -41,8 +41,8 @@ $calendar = $wpdb->get_results("SHOW COLUMNS FROM ".$wpdb->prefix."spidercalenda
41
 
42
 
43
 
44
- if ($calexist1==0) {
45
- if ($calexist==1) {
46
  $sql = "ALTER TABLE " . $wpdb->prefix . "spidercalendar_calendar ADD start_month varchar(255);";
47
  $wpdb->query($sql);
48
  }
41
 
42
 
43
 
44
+ if ($calexist1 == 0) {
45
+ if ($calexist == 0) {
46
  $sql = "ALTER TABLE " . $wpdb->prefix . "spidercalendar_calendar ADD start_month varchar(255);";
47
  $wpdb->query($sql);
48
  }
widget_Theme_functions.php CHANGED
@@ -62,49 +62,49 @@ function show_theme_calendar_widget() {
62
 
63
  function apply_theme_calendar_widget($id) {
64
  global $wpdb;
65
- $title = ((isset($_POST["title"])) ? esc_html(stripslashes($_POST["title"])) : '');
66
- $ev_title_color = ((isset($_POST["ev_title_color"])) ? esc_html(stripslashes($_POST["ev_title_color"])) : '');
67
- $width = ((isset($_POST["width"])) ? esc_html($_POST["width"]) : '');
68
- $week_start_day = ((isset($_POST["week_start_day"])) ? esc_html($_POST["week_start_day"]) : '');
69
- $font_year = ((isset($_POST["font_year"])) ? esc_html($_POST["font_year"]) : '');
70
- $font_month = ((isset($_POST["font_month"])) ? esc_html($_POST["font_month"]) : '');
71
- $font_day = ((isset($_POST["font_day"])) ? esc_html($_POST["font_day"]) : '');
72
- $font_weekday = ((isset($_POST["font_weekday"])) ? esc_html($_POST["font_weekday"]) : '');
73
- $header_bgcolor = ((isset($_POST["header_bgcolor"])) ? esc_html($_POST["header_bgcolor"]) : '');
74
- $footer_bgcolor = ((isset($_POST["footer_bgcolor"])) ? esc_html($_POST["footer_bgcolor"]) : '');
75
- $text_color_month = ((isset($_POST["text_color_month"])) ? esc_html($_POST["text_color_month"]) : '');
76
- $text_color_week_days = ((isset($_POST["text_color_week_days"])) ? esc_html($_POST["text_color_week_days"]) : '');
77
- $text_color_other_months = ((isset($_POST["text_color_other_months"])) ? esc_html($_POST["text_color_other_months"]) : '');
78
- $text_color_this_month_unevented = ((isset($_POST["text_color_this_month_unevented"])) ? esc_html($_POST["text_color_this_month_unevented"]) : '');
79
- $text_color_this_month_evented = ((isset($_POST["text_color_this_month_evented"])) ? esc_html($_POST["text_color_this_month_evented"]) : '');
80
- $bg_color_this_month_evented = ((isset($_POST["bg_color_this_month_evented"])) ? esc_html($_POST["bg_color_this_month_evented"]) : '');
81
- $bg_color_selected = ((isset($_POST["bg_color_selected"])) ? esc_html($_POST["bg_color_selected"]) : '');
82
- $arrow_color = ((isset($_POST["arrow_color"])) ? esc_html($_POST["arrow_color"]) : '');
83
- $text_color_selected = ((isset($_POST["text_color_selected"])) ? esc_html($_POST["text_color_selected"]) : '');
84
- $border_day = ((isset($_POST["border_day"])) ? esc_html($_POST["border_day"]) : '');
85
- $text_color_sun_days = ((isset($_POST["text_color_sun_days"])) ? esc_html($_POST["text_color_sun_days"]) : '');
86
- $weekdays_bg_color = ((isset($_POST["weekdays_bg_color"])) ? esc_html($_POST["weekdays_bg_color"]) : '');
87
- $su_bg_color = ((isset($_POST["su_bg_color"])) ? esc_html($_POST["su_bg_color"]) : '');
88
- $cell_border_color = ((isset($_POST["cell_border_color"])) ? esc_html($_POST["cell_border_color"]) : '');
89
- $year_font_size = ((isset($_POST["year_font_size"])) ? esc_html($_POST["year_font_size"]) : '');
90
- $year_font_color = ((isset($_POST["year_font_color"])) ? esc_html($_POST["year_font_color"]) : '');
91
- $year_tabs_bg_color = ((isset($_POST["year_tabs_bg_color"])) ? esc_html($_POST["year_tabs_bg_color"]) : '');
92
- $show_cat = ((isset($_POST["show_cat"])) ? esc_html($_POST["show_cat"]) : '');
93
- $date_format = ((isset($_POST["date_format"])) ? esc_html($_POST["date_format"]) : '');
94
- $title_color = ((isset($_POST["title_color"])) ? esc_html($_POST["title_color"]) : '');
95
- $title_font_size = ((isset($_POST["title_font_size"])) ? esc_html($_POST["title_font_size"]) : '');
96
- $title_font = ((isset($_POST["title_font"])) ? esc_html($_POST["title_font"]) : '');
97
- $title_style = ((isset($_POST["title_style"])) ? esc_html($_POST["title_style"]) : '');
98
- $date_color = ((isset($_POST["date_color"])) ? esc_html($_POST["date_color"]) : '');
99
- $date_size = ((isset($_POST["date_size"])) ? esc_html($_POST["date_size"]) : '');
100
- $date_font = ((isset($_POST["date_font"])) ? esc_html($_POST["date_font"]) : '');
101
- $date_style = ((isset($_POST["date_style"])) ? esc_html($_POST["date_style"]) : '');
102
- $next_prev_event_bgcolor = ((isset($_POST["next_prev_event_bgcolor"])) ? esc_html($_POST["next_prev_event_bgcolor"]) : '');
103
- $next_prev_event_arrowcolor = ((isset($_POST["next_prev_event_arrowcolor"])) ? esc_html($_POST["next_prev_event_arrowcolor"]) : '');
104
- $show_event_bgcolor = ((isset($_POST["show_event_bgcolor"])) ? esc_html($_POST["show_event_bgcolor"]) : '');
105
- $popup_width = ((isset($_POST["popup_width"])) ? esc_html($_POST["popup_width"]) : '');
106
- $popup_height = ((isset($_POST["popup_height"])) ? esc_html($_POST["popup_height"]) : '');
107
- $show_repeat = ((isset($_POST["show_repeat"])) ? esc_html($_POST["show_repeat"]) : '');
108
  if ($id === -1) {
109
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_widget_theme', array(
110
  'id' => NULL,
62
 
63
  function apply_theme_calendar_widget($id) {
64
  global $wpdb;
65
+ $title = ((isset($_POST["title"])) ? esc_sql(esc_html(stripslashes($_POST["title"]))) : '');
66
+ $ev_title_color = ((isset($_POST["ev_title_color"])) ? esc_sql(esc_html(stripslashes($_POST["ev_title_color"]))) : '');
67
+ $width = ((isset($_POST["width"])) ? esc_sql(esc_html(stripslashes($_POST["width"]))) : '');
68
+ $week_start_day = ((isset($_POST["week_start_day"])) ? esc_sql(esc_html(stripslashes($_POST["week_start_day"]))) : '');
69
+ $font_year = ((isset($_POST["font_year"])) ? esc_sql(esc_html(stripslashes($_POST["font_year"]))) : '');
70
+ $font_month = ((isset($_POST["font_month"])) ? esc_sql(esc_html(stripslashes($_POST["font_month"]))) : '');
71
+ $font_day = ((isset($_POST["font_day"])) ? esc_sql(esc_html(stripslashes($_POST["font_day"]))) : '');
72
+ $font_weekday = ((isset($_POST["font_weekday"])) ? esc_sql(esc_html(stripslashes($_POST["font_weekday"]))) : '');
73
+ $header_bgcolor = ((isset($_POST["header_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["header_bgcolor"]))) : '');
74
+ $footer_bgcolor = ((isset($_POST["footer_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["footer_bgcolor"]))) : '');
75
+ $text_color_month = ((isset($_POST["text_color_month"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_month"]))) : '');
76
+ $text_color_week_days = ((isset($_POST["text_color_week_days"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_week_days"]))) : '');
77
+ $text_color_other_months = ((isset($_POST["text_color_other_months"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_other_months"]))) : '');
78
+ $text_color_this_month_unevented = ((isset($_POST["text_color_this_month_unevented"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_this_month_unevented"]))) : '');
79
+ $text_color_this_month_evented = ((isset($_POST["text_color_this_month_evented"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_this_month_evented"]))) : '');
80
+ $bg_color_this_month_evented = ((isset($_POST["bg_color_this_month_evented"])) ? esc_sql(esc_html(stripslashes($_POST["bg_color_this_month_evented"]))) : '');
81
+ $bg_color_selected = ((isset($_POST["bg_color_selected"])) ? esc_sql(esc_html(stripslashes($_POST["bg_color_selected"]))) : '');
82
+ $arrow_color = ((isset($_POST["arrow_color"])) ? esc_sql(esc_html(stripslashes($_POST["arrow_color"]))) : '');
83
+ $text_color_selected = ((isset($_POST["text_color_selected"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_selected"]))) : '');
84
+ $border_day = ((isset($_POST["border_day"])) ? esc_sql(esc_html(stripslashes($_POST["border_day"]))) : '');
85
+ $text_color_sun_days = ((isset($_POST["text_color_sun_days"])) ? esc_sql(esc_html(stripslashes($_POST["text_color_sun_days"]))) : '');
86
+ $weekdays_bg_color = ((isset($_POST["weekdays_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["weekdays_bg_color"]))) : '');
87
+ $su_bg_color = ((isset($_POST["su_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["su_bg_color"]))) : '');
88
+ $cell_border_color = ((isset($_POST["cell_border_color"])) ? esc_sql(esc_html(stripslashes($_POST["cell_border_color"]))) : '');
89
+ $year_font_size = ((isset($_POST["year_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["year_font_size"]))) : '');
90
+ $year_font_color = ((isset($_POST["year_font_color"])) ? esc_sql(esc_html(stripslashes($_POST["year_font_color"]))) : '');
91
+ $year_tabs_bg_color = ((isset($_POST["year_tabs_bg_color"])) ? esc_sql(esc_html(stripslashes($_POST["year_tabs_bg_color"]))) : '');
92
+ $show_cat = ((isset($_POST["show_cat"])) ? esc_sql(esc_html(stripslashes($_POST["show_cat"]))) : '');
93
+ $date_format = ((isset($_POST["date_format"])) ? esc_sql(esc_html(stripslashes($_POST["date_format"]))) : '');
94
+ $title_color = ((isset($_POST["title_color"])) ? esc_sql(esc_html(stripslashes($_POST["title_color"]))) : '');
95
+ $title_font_size = ((isset($_POST["title_font_size"])) ? esc_sql(esc_html(stripslashes($_POST["title_font_size"]))) : '');
96
+ $title_font = ((isset($_POST["title_font"])) ? esc_sql(esc_html(stripslashes($_POST["title_font"]))) : '');
97
+ $title_style = ((isset($_POST["title_style"])) ? esc_sql(esc_html(stripslashes($_POST["title_style"]))) : '');
98
+ $date_color = ((isset($_POST["date_color"])) ? esc_sql(esc_html(stripslashes($_POST["date_color"]))) : '');
99
+ $date_size = ((isset($_POST["date_size"])) ? esc_sql(esc_html(stripslashes($_POST["date_size"]))) : '');
100
+ $date_font = ((isset($_POST["date_font"])) ? esc_sql(esc_html(stripslashes($_POST["date_font"]))) : '');
101
+ $date_style = ((isset($_POST["date_style"])) ? esc_sql(esc_html(stripslashes($_POST["date_style"]))) : '');
102
+ $next_prev_event_bgcolor = ((isset($_POST["next_prev_event_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["next_prev_event_bgcolor"]))) : '');
103
+ $next_prev_event_arrowcolor = ((isset($_POST["next_prev_event_arrowcolor"])) ? esc_sql(esc_html(stripslashes($_POST["next_prev_event_arrowcolor"]))) : '');
104
+ $show_event_bgcolor = ((isset($_POST["show_event_bgcolor"])) ? esc_sql(esc_html(stripslashes($_POST["show_event_bgcolor"]))) : '');
105
+ $popup_width = ((isset($_POST["popup_width"])) ? esc_sql(esc_html(stripslashes($_POST["popup_width"]))) : '');
106
+ $popup_height = ((isset($_POST["popup_height"])) ? esc_sql(esc_html(stripslashes($_POST["popup_height"]))) : '');
107
+ $show_repeat = ((isset($_POST["show_repeat"])) ? esc_sql(esc_html(stripslashes($_POST["show_repeat"]))) : '');
108
  if ($id === -1) {
109
  $save_or_no = $wpdb->insert($wpdb->prefix . 'spidercalendar_widget_theme', array(
110
  'id' => NULL,