The Events Calendar - Version 3.9.2

Version Description

Hardened URL output to protect against XSS attacks.

Release Info

Developer	jazbek
Plugin	The Events Calendar
Version	3.9.2
Comparing to
See all releases

Code changes from version 3.9.1 to 3.9.2

Files changed (31) hide show

admin-views/app-shop.php +3 -3
admin-views/tribe-options-general.php +7 -7
admin-views/tribe-options-help.php +4 -4
lib/Activation_Page.php +2 -2
lib/io/csv/admin-views/in-progress.php +1 -1
lib/pue/lib/pue_plugin_info.class.php +2 -2
lib/pue/lib/pue_plugin_update_engine.class.php +3 -3
lib/template-classes/month.php +1 -1
lib/the-events-calendar.class.php +42 -28
lib/tribe-amalgamator.php +2 -2
lib/tribe-ical.class.php +4 -4
lib/tribe-settings.class.php +2 -2
public/advanced-functions/meta.php +1 -1
public/template-tags/day.php +2 -2
public/template-tags/general.php +2 -2
public/template-tags/google-map.php +1 -1
public/template-tags/link.php +2 -2
public/template-tags/loop.php +1 -1
public/template-tags/month.php +2 -2
public/template-tags/options.php +2 -2
public/template-tags/organizer.php +3 -3
public/template-tags/venue.php +3 -3
readme.txt +10 -2
the-events-calendar.php +1 -1
views/day/single-event.php +2 -2
views/list/nav.php +3 -3
views/list/single-event.php +2 -2
views/month/single-day.php +3 -3
views/single-event.php +1 -1
views/tickets/email.php +2 -2
views/widgets/list-widget.php +2 -2

admin-views/app-shop.php CHANGED Viewed

	@@ -40,10 +40,10 @@
40	echo ' first tribe-clearfix';
41	} ?>">
42	<div class="thumb">
43	- <a href="<?php echo $product->permalink; ?>"><img src="<?php echo $product->featured_image_url; ?>" /></a>
44	</div>
45	<div class="caption">
46	- <h4><a href="<?php echo $product->permalink; ?>"><?php echo $product->title; ?></a></h4>
47
48	<div class="description">
49	<p><?php echo $product->description; ?></p>
	@@ -58,7 +58,7 @@
58	}
59	?>
60	</div>
61	- <a class="button button-primary" href="<?php echo $product->permalink; ?>">Get This Add-on</a>
62	</div>
63	</div>
64


40	echo ' first tribe-clearfix';
41	} ?>">
42	<div class="thumb">
43	+ <a href="<?php echo esc_url( $product->permalink ); ?>"><img src="<?php echo $product->featured_image_url; ?>" /></a>
44	</div>
45	<div class="caption">
46	+ <h4><a href="<?php echo esc_url( $product->permalink ); ?>"><?php echo $product->title; ?></a></h4>
47
48	<div class="description">
49	<p><?php echo $product->description; ?></p>

58	}
59	?>
60	</div>
61	+ <a class="button button-primary" href="<?php echo esc_url( $product->permalink ); ?>">Get This Add-on</a>
62	</div>
63	</div>
64

admin-views/tribe-options-general.php CHANGED Viewed

	@@ -22,7 +22,7 @@ $generalTab = array(
22	),
23	'view-calendar-link' => array(
24	'type' => 'html',
25	- 'html' => '<p>' . __( 'Where\'s my calendar?', 'tribe-events-calendar' ) . ' <a href="' . TribeEvents::getLink() . '">' . __( 'Right here', 'tribe-events-calendar' ) . '</a>.</p>',
26	),
27	'upsell-info' => array(
28	'type' => 'html',
	@@ -35,12 +35,12 @@ $generalTab = array(
35	),
36	'donate-link-info' => array(
37	'type' => 'html',
38	- 'html' => '<p>' . __( 'Are you thinking "Wow, this plugin is amazing! I should say thanks to Modern Tribe for all their hard work." The greatest thanks we could ask for is recognition. Add a small text-only link at the bottom of your calendar pointing to The Events Calendar project.', 'tribe-events-calendar' ) . '<br><a href="' . plugins_url( 'resources/images/donate-link-screenshot.jpg', dirname( __FILE__ ) ) . '" class="thickbox">' . __( 'See an example of the link', 'tribe-events-calendar' ) . '</a>.</p>',
39	'conditional' => ! class_exists( 'TribeEventsPro' ),
40	),
41	'donate-link-pro-info' => array(
42	'type' => 'html',
43	- 'html' => '<p>' . __( 'Are you thinking "Wow, this plugin is amazing! I should say thanks to Modern Tribe for all their hard work." The greatest thanks we could ask for is recognition. Add a small text only link at the bottom of your calendar pointing to The Events Calendar project.', 'tribe-events-calendar' ) . '<br><a href="' . plugins_url( 'resources/images/donate-link-pro-screenshot.jpg', dirname( __FILE__ ) ) . '" class="thickbox">' . __( 'See an example of the link', 'tribe-events-calendar' ) . '</a>.</p>',
44	'conditional' => class_exists( 'TribeEventsPro' ),
45	),
46	'donate-link' => array(
	@@ -94,7 +94,7 @@ $generalTab = array(
94	'unprettyPermalinksUrl' => array(
95	'type' => 'html',
96	'label' => __( 'Events URL slug', 'tribe-events-calendar' ),
97	- 'html' => '<p>' . sprintf( __( 'You cannot edit the slug for your events page as you do not have pretty permalinks enabled. The current URL for your events page is <a href="%s">%s</a>. In order to edit the slug here, <a href="%soptions-permalink.php">enable pretty permalinks</a>.', 'tribe-events-calendar' ), $tec->getLink( 'home' ), $tec->getLink( 'home ' ), trailingslashit( get_admin_url() ) ) . '</p>',
98	'conditional' => ( '' == get_option( 'permalink_structure' ) ),
99	),
100	'eventsSlug' => array(
	@@ -106,7 +106,7 @@ $generalTab = array(
106	),
107	'current-events-slug' => array(
108	'type' => 'html',
109	- 'html' => '<p class="tribe-field-indent tribe-field-description description">' . __( 'The slug used for building the events URL.', 'tribe-events-calendar' ) . sprintf( __( 'Your current events URL is: %s', 'tribe-events-calendar' ), '<code><a href="' . tribe_get_events_link() . '">' . tribe_get_events_link() . '</a></code>' ) . '</p>',
110	'conditional' => ( '' != get_option( 'permalink_structure' ) ),
111	),
112	'ical-info' => array(
	@@ -222,12 +222,12 @@ $generalTab = array(
222	),
223	'viewWelcomePage' => array(
224	'type' => 'html',
225	- 'html' => '<fieldset class="tribe-field tribe-field-html"><legend>' . __( 'View Welcome Page', 'tribe-events-calendar' ) . '</legend><div class="tribe-field-wrap"><a href="' . get_site_url() . '/wp-admin/edit.php?post_type=tribe_events&page=tribe-events-calendar&tec-welcome-message" class="button">' . __( 'View Welcome Page', 'tribe-events-calendar' ) . '</a><p class="tribe-field-indent description">' . __( 'View the page that displayed when you initially installed the plugin.', 'tribe-events-calendar' ) . '</p></div></fieldset><div class="clear"></div>',
226
227	),
228	'viewUpdatePage' => array(
229	'type' => 'html',
230	- 'html' => '<fieldset class="tribe-field tribe-field-html"><legend>' . __( 'View Update Page', 'tribe-events-calendar' ) . '</legend><div class="tribe-field-wrap"><a href="' . get_site_url() . '/wp-admin/edit.php?post_type=tribe_events&page=tribe-events-calendar&tec-update-message" class="button">' . __( 'View Update Page', 'tribe-events-calendar' ) . '</a><p class="tribe-field-indent description">' . __( 'View the page that displayed when you updated the plugin.', 'tribe-events-calendar' ) . '</p></div></fieldset><div class="clear"></div>'
231	),
232	'tribe-form-content-end' => array(
233	'type' => 'html',


22	),
23	'view-calendar-link' => array(
24	'type' => 'html',
25	+ 'html' => '<p>' . __( 'Where\'s my calendar?', 'tribe-events-calendar' ) . ' <a href="' . esc_url( TribeEvents::getLink() ) . '">' . __( 'Right here', 'tribe-events-calendar' ) . '</a>.</p>',
26	),
27	'upsell-info' => array(
28	'type' => 'html',

35	),
36	'donate-link-info' => array(
37	'type' => 'html',
38	+ 'html' => '<p>' . __( 'Are you thinking "Wow, this plugin is amazing! I should say thanks to Modern Tribe for all their hard work." The greatest thanks we could ask for is recognition. Add a small text-only link at the bottom of your calendar pointing to The Events Calendar project.', 'tribe-events-calendar' ) . '<br><a href="' . esc_url( plugins_url( 'resources/images/donate-link-screenshot.jpg', dirname( __FILE__ ) ) ) . '" class="thickbox">' . __( 'See an example of the link', 'tribe-events-calendar' ) . '</a>.</p>',
39	'conditional' => ! class_exists( 'TribeEventsPro' ),
40	),
41	'donate-link-pro-info' => array(
42	'type' => 'html',
43	+ 'html' => '<p>' . __( 'Are you thinking "Wow, this plugin is amazing! I should say thanks to Modern Tribe for all their hard work." The greatest thanks we could ask for is recognition. Add a small text only link at the bottom of your calendar pointing to The Events Calendar project.', 'tribe-events-calendar' ) . '<br><a href="' . esc_url( plugins_url( 'resources/images/donate-link-pro-screenshot.jpg', dirname( __FILE__ ) ) ) . '" class="thickbox">' . __( 'See an example of the link', 'tribe-events-calendar' ) . '</a>.</p>',
44	'conditional' => class_exists( 'TribeEventsPro' ),
45	),
46	'donate-link' => array(

94	'unprettyPermalinksUrl' => array(
95	'type' => 'html',
96	'label' => __( 'Events URL slug', 'tribe-events-calendar' ),
97	+ 'html' => '<p>' . sprintf( __( 'You cannot edit the slug for your events page as you do not have pretty permalinks enabled. The current URL for your events page is <a href="%s">%s</a>. In order to edit the slug here, <a href="%soptions-permalink.php">enable pretty permalinks</a>.', 'tribe-events-calendar' ), esc_url( $tec->getLink( 'home' ) ), $tec->getLink( 'home ' ), esc_url( trailingslashit( get_admin_url() ) ) ) . '</p>',
98	'conditional' => ( '' == get_option( 'permalink_structure' ) ),
99	),
100	'eventsSlug' => array(

106	),
107	'current-events-slug' => array(
108	'type' => 'html',
109	+ 'html' => '<p class="tribe-field-indent tribe-field-description description">' . __( 'The slug used for building the events URL.', 'tribe-events-calendar' ) . sprintf( __( 'Your current events URL is: %s', 'tribe-events-calendar' ), '<code><a href="' . esc_url( tribe_get_events_link() ) . '">' . tribe_get_events_link() . '</a></code>' ) . '</p>',
110	'conditional' => ( '' != get_option( 'permalink_structure' ) ),
111	),
112	'ical-info' => array(

222	),
223	'viewWelcomePage' => array(
224	'type' => 'html',
225	+ 'html' => '<fieldset class="tribe-field tribe-field-html"><legend>' . __( 'View Welcome Page', 'tribe-events-calendar' ) . '</legend><div class="tribe-field-wrap"><a href="' . esc_url( get_site_url() . '/wp-admin/edit.php?post_type=tribe_events&page=tribe-events-calendar&tec-welcome-message' ) . '" class="button">' . __( 'View Welcome Page', 'tribe-events-calendar' ) . '</a><p class="tribe-field-indent description">' . __( 'View the page that displayed when you initially installed the plugin.', 'tribe-events-calendar' ) . '</p></div></fieldset><div class="clear"></div>',
226
227	),
228	'viewUpdatePage' => array(
229	'type' => 'html',
230	+ 'html' => '<fieldset class="tribe-field tribe-field-html"><legend>' . __( 'View Update Page', 'tribe-events-calendar' ) . '</legend><div class="tribe-field-wrap"><a href="' . esc_url( get_site_url() . '/wp-admin/edit.php?post_type=tribe_events&page=tribe-events-calendar&tec-update-message' ) . '" class="button">' . __( 'View Update Page', 'tribe-events-calendar' ) . '</a><p class="tribe-field-indent description">' . __( 'View the page that displayed when you updated the plugin.', 'tribe-events-calendar' ) . '</p></div></fieldset><div class="clear"></div>'
231	),
232	'tribe-form-content-end' => array(
233	'type' => 'html',

admin-views/tribe-options-help.php CHANGED Viewed

	@@ -176,7 +176,7 @@ $more_text = __( 'More...', 'tribe-events-calendar' );
176	<?php if ( isset( $requires ) ) { ?>
177	<b><?php _e( 'Requires:', 'tribe-events-calendar' ); ?></b> <?php _e( 'WordPress ', 'tribe-events-calendar' );
178	echo $requires; ?>+<br /><?php } ?>
179	- <a href="<?php echo apply_filters( 'tribe_help_tab_wp_plugin_url', TribeEvents::WP_PLUGIN_URL ); ?>"><?php _e( 'Wordpress.org Plugin Page', 'tribe-events-calendar' ); ?></a>
180	</p>
181	</div>
182
	@@ -188,7 +188,7 @@ $more_text = __( 'More...', 'tribe-events-calendar' );
188	</div>
189	<?php printf( _n( 'Based on %d rating', 'Based on %d ratings', $num_rating, 'tribe-events-calendar' ), $num_rating ); ?>
190	<p>
191	- <a href="<?php echo apply_filters( 'tribe_help_tab_wp_plugin_url', 'http://wordpress.org/support/view/plugin-reviews/the-events-calendar?filter=5' ); ?>"><?php _e( 'Give us 5 stars!', 'tribe-events-calendar' ); ?></a>
192	</p>
193	<?php } ?>
194
	@@ -197,7 +197,7 @@ $more_text = __( 'More...', 'tribe-events-calendar' );
197	<?php foreach ( $premium_add_ons as $addon ) :
198	echo '<li>';
199	if ( isset( $addon['link'] ) ) {
200	- echo '<a href="' . $addon['link'] . '" target="_blank">';
201	}
202	echo $addon['title'];
203	if ( isset( $addon['coming_soon'] ) ) {
	@@ -215,7 +215,7 @@ $more_text = __( 'More...', 'tribe-events-calendar' );
215	<ul>
216	<?php
217	foreach ( $news_feed as $item ) {
218	- echo( '<li><a href="' . $item['link'] . $ga_query_string . '">' . $item['title'] . '</a></li>' );
219	}
220	echo '<li><a href="' . TribeEvents::$tribeUrl . 'category/products/' . $ga_query_string . '">' . $more_text . '</a></li>';
221	?>


176	<?php if ( isset( $requires ) ) { ?>
177	<b><?php _e( 'Requires:', 'tribe-events-calendar' ); ?></b> <?php _e( 'WordPress ', 'tribe-events-calendar' );
178	echo $requires; ?>+<br /><?php } ?>
179	+ <a href="<?php echo esc_url( apply_filters( 'tribe_help_tab_wp_plugin_url', TribeEvents::WP_PLUGIN_URL ) ); ?>"><?php _e( 'Wordpress.org Plugin Page', 'tribe-events-calendar' ); ?></a>
180	</p>
181	</div>
182

188	</div>
189	<?php printf( _n( 'Based on %d rating', 'Based on %d ratings', $num_rating, 'tribe-events-calendar' ), $num_rating ); ?>
190	<p>
191	+ <a href="<?php echo esc_url( apply_filters( 'tribe_help_tab_wp_plugin_url', 'http://wordpress.org/support/view/plugin-reviews/the-events-calendar?filter=5' ) ); ?>"><?php _e( 'Give us 5 stars!', 'tribe-events-calendar' ); ?></a>
192	</p>
193	<?php } ?>
194

197	<?php foreach ( $premium_add_ons as $addon ) :
198	echo '<li>';
199	if ( isset( $addon['link'] ) ) {
200	+ echo '<a href="' . esc_url( $addon['link'] ) . '" target="_blank">';
201	}
202	echo $addon['title'];
203	if ( isset( $addon['coming_soon'] ) ) {

215	<ul>
216	<?php
217	foreach ( $news_feed as $item ) {
218	+ echo( '<li><a href="' . esc_url( $item['link'] . $ga_query_string ) . '">' . $item['title'] . '</a></li>' );
219	}
220	echo '<li><a href="' . TribeEvents::$tribeUrl . 'category/products/' . $ga_query_string . '">' . $more_text . '</a></li>';
221	?>

lib/Activation_Page.php CHANGED Viewed

	@@ -97,7 +97,7 @@ class Tribe__Events__Activation_Page {
97	), admin_url( 'edit.php' )
98	)
99	);
100	- $url = add_query_arg( $slug, 1, $url );
101	return $url;
102	}
103
	@@ -167,7 +167,7 @@ class Tribe__Events__Activation_Page {
167	* Initialize the global instance of the class.
168	*/
169	public static function init() {
170	- self::instance()->add_hooks();
171	}
172
173	/**


97	), admin_url( 'edit.php' )
98	)
99	);
100	+ $url = esc_url( add_query_arg( $slug, 1, $url ) );
101	return $url;
102	}
103

167	* Initialize the global instance of the class.
168	*/
169	public static function init() {
170	+ // self::instance()->add_hooks();
171	}
172
173	/**

lib/io/csv/admin-views/in-progress.php CHANGED Viewed

	@@ -25,4 +25,4 @@ require_once 'header.php';
25	<?php
26	require_once 'footer.php';
27	?>
28	- <script>window.location.href = '<?php echo add_query_arg( array('action'=>'continue') ); ?>';</script>


25	<?php
26	require_once 'footer.php';
27	?>
28	+ <script>window.location.href = '<?php echo esc_url_raw( add_query_arg( array('action'=>'continue') ) ); ?>';</script>

lib/pue/lib/pue_plugin_info.class.php CHANGED Viewed

	@@ -92,7 +92,7 @@ if ( !class_exists('Tribe_PU_PluginInfo') ) {
92	$info->download_link = $this->download_url;
93
94	if ( !empty($this->author_homepage) ){
95	- $info->author = sprintf('<a href="%s">%s</a>', $this->author_homepage, $this->author);
96	} else {
97	$info->author = $this->author;
98	}
	@@ -111,4 +111,4 @@ if ( !class_exists('Tribe_PU_PluginInfo') ) {
111	}
112	}
113	}
114	- ?>


92	$info->download_link = $this->download_url;
93
94	if ( !empty($this->author_homepage) ){
95	+ $info->author = sprintf('<a href="%s">%s</a>', esc_url( $this->author_homepage ), $this->author);
96	} else {
97	$info->author = $this->author;
98	}

111	}
112	}
113	}
114	+ ?>

lib/pue/lib/pue_plugin_update_engine.class.php CHANGED Viewed

	@@ -529,7 +529,7 @@ if ( ! class_exists( 'TribePluginUpdateEngineChecker' ) ) {
529
530	$url = $this->get_pue_update_url();
531	if ( ! empty( $queryArgs ) ) {
532	- $url = add_query_arg( $queryArgs, $url );
533	}
534
535	// Cache the API call so it only needs to be made once per plugin per page load.
	@@ -586,7 +586,7 @@ if ( ! class_exists( 'TribePluginUpdateEngineChecker' ) ) {
586
587	$download_query = $this->get_download_query();
588	if ( ! empty( $download_query ) ) {
589	- $pluginInfo->download_url = add_query_arg( $download_query, $pluginInfo->download_url );
590	}
591
592	return TribePluginUpdateUtility::from_plugin_info( $pluginInfo );
	@@ -845,4 +845,4 @@ if ( ! class_exists( 'TribePluginUpdateEngineChecker' ) ) {
845	}
846	}
847	}
848	- ?>


529
530	$url = $this->get_pue_update_url();
531	if ( ! empty( $queryArgs ) ) {
532	+ $url = esc_url_raw( add_query_arg( $queryArgs, $url ) );
533	}
534
535	// Cache the API call so it only needs to be made once per plugin per page load.

586
587	$download_query = $this->get_download_query();
588	if ( ! empty( $download_query ) ) {
589	+ $pluginInfo->download_url = esc_url_raw( add_query_arg( $download_query, $pluginInfo->download_url ) );
590	}
591
592	return TribePluginUpdateUtility::from_plugin_info( $pluginInfo );

845	}
846	}
847	}
848	+ ?>

lib/template-classes/month.php CHANGED Viewed

	@@ -206,7 +206,7 @@ if ( ! class_exists( 'Tribe_Events_Month_Template' ) ) {
206	$day_link = add_query_arg( $args, $day_link );
207	}
208
209	- return $day_link;
210	}
211
212	return '';


206	$day_link = add_query_arg( $args, $day_link );
207	}
208
209	+ return esc_url_raw( $day_link );
210	}
211
212	return '';

lib/the-events-calendar.class.php CHANGED Viewed

	@@ -24,7 +24,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
24	const VENUE_POST_TYPE = 'tribe_venue';
25	const ORGANIZER_POST_TYPE = 'tribe_organizer';
26
27	- const VERSION = '3.9.1';
28	const FEED_URL = 'http://tri.be/category/products/feed/';
29	const INFO_API_URL = 'http://wpapi.org/api/plugin/the-events-calendar.php';
30	const WP_PLUGIN_URL = 'http://wordpress.org/extend/plugins/the-events-calendar/';
	@@ -720,7 +720,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
720	), 'upgrade-plugin_' . $plugin_short_path
721	);
722	$output .= '<div class="error">';
723	- $output .= '<p>' . sprintf( __( 'Your version of The Events Calendar is not up-to-date with one of your The Events Calendar add-ons. Please %supdate now.%s', 'tribe-events-calendar' ), '<a href="' . $upgrade_path . '">', '</a>' ) . '</p>';
724	$output .= '</div>';
725	} else {
726	// Otherwise, if the addons are out of date, generate the proper messaging.
	@@ -740,7 +740,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
740	'utm_source' => 'notice'
741	), self::$tribeUrl . 'version-relationships-in-modern-tribe-pluginsadd-ons/'
742	);
743	- $output .= '<p>' . sprintf( __( 'The following plugins are out of date: <b>%s</b>. All add-ons contain dependencies on The Events Calendar and will not function properly unless paired with the right version. %sLearn More%s.', 'tribe-events-calendar' ), join( $out_of_date_addons, ', ' ), "<a href='$link' target='_blank'>", '</a>' ) . '</p>';
744	$output .= '</div>';
745	}
746	}
	@@ -797,6 +797,8 @@ if ( ! class_exists( 'TribeEvents' ) ) {
797	), self::$tribeUrl . 'license-keys/'
798	);
799


800	$tribe_licences_tab_fields = array(
801	'info-start' => array(
802	'type' => 'html',
	@@ -2480,7 +2482,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
2480	public function redirect_past_upcoming_view_urls() {
2481
2482	if ( strpos( $_SERVER['REQUEST_URI'], $this->getRewriteSlug() . '/' . $this->pastSlug ) !== false ) {
2483	- wp_redirect( add_query_arg( array( 'tribe_event_display' => 'past' ), str_replace( '/' . $this->pastSlug . '/', '/' . $this->listSlug . '/', $_SERVER['REQUEST_URI'] ) ) );
2484	} elseif ( strpos( $_SERVER['REQUEST_URI'], $this->getRewriteSlug() . '/' . $this->upcomingSlug ) !== false ) {
2485	wp_redirect( str_replace( '/' . $this->upcomingSlug . '/', '/' . $this->listSlug . '/', $_SERVER['REQUEST_URI'] ) );
2486	}
	@@ -3996,7 +3998,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
3996	'utm_source' => 'plugins-manager'
3997	), self::$tribeUrl . self::$addOnPath
3998	);
3999	- $links [] = '<a href="' . $link . '" target="_blank">' . $anchor . '</a>';
4000	}
4001
4002	return $links;
	@@ -4108,12 +4110,15 @@ if ( ! class_exists( 'TribeEvents' ) ) {
4108	<td colspan="2">
4109	<p><?php _e( 'Looking for additional functionality including recurring events, ticket sales, publicly submitted events, new views and more?', 'tribe-events-calendar' ) ?> <?php printf(
4110	__( 'Check out the <a href="%s">available add-ons</a>.', 'tribe-events-calendar' ),
4111	- ~~add_query_arg~~(
4112	- ~~array~~(
4113	- ~~'utm_campaign' => 'in-app',~~
4114	- '~~utm_medium~~' => '~~plugin~~-~~tec~~',
4115	- '~~utm_source~~' => '~~post~~-~~editor~~'
4116	- ), ~~TribeEvents::$tribeUrl . self::$addOnPath~~



4117	)
4118	); ?></p>
4119	</td>
	@@ -4235,11 +4240,14 @@ if ( ! class_exists( 'TribeEvents' ) ) {
4235	array(
4236	'id' => 'tribe-csv-import',
4237	'title' => __( 'CSV', 'tribe-events-calendar' ),
4238	- 'href' => ~~add_query_arg~~(
4239	- ~~array~~(
4240	- ~~'post_type' => TribeEvents::POSTTYPE,~~
4241	- '~~page~~' => ~~'events-importer'~~
4242	- ), ~~admin_url(~~ '~~edit.php~~' )



4243	),
4244	'parent' => 'tribe-events-import'
4245	)
	@@ -4335,11 +4343,14 @@ if ( ! class_exists( 'TribeEvents' ) ) {
4335	* @todo move to an admin class
4336	*/
4337	public function addLinksToPluginActions( $actions ) {
4338	- $actions['settings'] = '<a href="' . ~~add_query_arg~~(
4339	- ~~array~~(
4340	- ~~'post_type' => self::POSTTYPE,~~
4341	- '~~page~~' => ~~'tribe-events-calendar'~~
4342	- ), ~~admin_url(~~ '~~edit.php~~' )



4343	) . '">' . __( 'Settings', 'tribe-events-calendar' ) . '</a>';
4344	$actions['tribe-calendar'] = '<a href="' . $this->getLink() . '">' . __( 'Calendar', 'tribe-events-calendar' ) . '</a>';
4345
	@@ -4359,12 +4370,15 @@ if ( ! class_exists( 'TribeEvents' ) ) {
4359
4360	$parent = 'edit.php?post_type=' . self::POSTTYPE;
4361	$title = __( 'Help', 'tribe-events-calendar' );
4362	- $slug = ~~add_query_arg~~(
4363	- ~~array~~(
4364	- ~~'post_type' => self::POSTTYPE,~~
4365	- '~~page~~' => ~~'tribe-events-calendar'~~,
4366	- '~~tab~~' => '~~help~~'
4367	- ), '~~edit.php~~'



4368	);
4369
4370	add_submenu_page( $parent, $title, $title, 'manage_options', $slug, '' );
	@@ -4401,7 +4415,7 @@ if ( ! class_exists( 'TribeEvents' ) ) {
4401	$link = add_query_arg( array( 'post_type' => self::POSTTYPE ), $link );
4402	}
4403
4404	- return $link;
4405	}
4406
4407	/**


24	const VENUE_POST_TYPE = 'tribe_venue';
25	const ORGANIZER_POST_TYPE = 'tribe_organizer';
26
27	+ const VERSION = '3.9.2';
28	const FEED_URL = 'http://tri.be/category/products/feed/';
29	const INFO_API_URL = 'http://wpapi.org/api/plugin/the-events-calendar.php';
30	const WP_PLUGIN_URL = 'http://wordpress.org/extend/plugins/the-events-calendar/';

720	), 'upgrade-plugin_' . $plugin_short_path
721	);
722	$output .= '<div class="error">';
723	+ $output .= '<p>' . sprintf( __( 'Your version of The Events Calendar is not up-to-date with one of your The Events Calendar add-ons. Please %supdate now.%s', 'tribe-events-calendar' ), '<a href="' . esc_url( $upgrade_path ) . '">', '</a>' ) . '</p>';
724	$output .= '</div>';
725	} else {
726	// Otherwise, if the addons are out of date, generate the proper messaging.

740	'utm_source' => 'notice'
741	), self::$tribeUrl . 'version-relationships-in-modern-tribe-pluginsadd-ons/'
742	);
743	+ $output .= '<p>' . sprintf( __( 'The following plugins are out of date: <b>%s</b>. All add-ons contain dependencies on The Events Calendar and will not function properly unless paired with the right version. %sLearn More%s.', 'tribe-events-calendar' ), join( $out_of_date_addons, ', ' ), "<a href='" . esc_url( $link ) . "' target='_blank'>", '</a>' ) . '</p>';
744	$output .= '</div>';
745	}
746	}

797	), self::$tribeUrl . 'license-keys/'
798	);
799
800	+ $link = esc_url( $link );
801	+
802	$tribe_licences_tab_fields = array(
803	'info-start' => array(
804	'type' => 'html',

2482	public function redirect_past_upcoming_view_urls() {
2483
2484	if ( strpos( $_SERVER['REQUEST_URI'], $this->getRewriteSlug() . '/' . $this->pastSlug ) !== false ) {
2485	+ wp_redirect( esc_url_raw( add_query_arg( array( 'tribe_event_display' => 'past' ), str_replace( '/' . $this->pastSlug . '/', '/' . $this->listSlug . '/', $_SERVER['REQUEST_URI'] ) ) ) );
2486	} elseif ( strpos( $_SERVER['REQUEST_URI'], $this->getRewriteSlug() . '/' . $this->upcomingSlug ) !== false ) {
2487	wp_redirect( str_replace( '/' . $this->upcomingSlug . '/', '/' . $this->listSlug . '/', $_SERVER['REQUEST_URI'] ) );
2488	}

3998	'utm_source' => 'plugins-manager'
3999	), self::$tribeUrl . self::$addOnPath
4000	);
4001	+ $links [] = '<a href="' . esc_url( $link ) . '" target="_blank">' . $anchor . '</a>';
4002	}
4003
4004	return $links;

4110	<td colspan="2">
4111	<p><?php _e( 'Looking for additional functionality including recurring events, ticket sales, publicly submitted events, new views and more?', 'tribe-events-calendar' ) ?> <?php printf(
4112	__( 'Check out the <a href="%s">available add-ons</a>.', 'tribe-events-calendar' ),
4113	+ esc_url(
4114	+ add_query_arg(
4115	+ array(
4116	+ 'utm_campaign' => 'in-app',
4117	+ 'utm_medium' => 'plugin-tec',
4118	+ 'utm_source' => 'post-editor'
4119	+ ),
4120	+ TribeEvents::$tribeUrl . self::$addOnPath
4121	+ )
4122	)
4123	); ?></p>
4124	</td>

4240	array(
4241	'id' => 'tribe-csv-import',
4242	'title' => __( 'CSV', 'tribe-events-calendar' ),
4243	+ 'href' => esc_url(
4244	+ add_query_arg(
4245	+ array(
4246	+ 'post_type' => TribeEvents::POSTTYPE,
4247	+ 'page' => 'events-importer'
4248	+ ),
4249	+ admin_url( 'edit.php' )
4250	+ )
4251	),
4252	'parent' => 'tribe-events-import'
4253	)

4343	* @todo move to an admin class
4344	*/
4345	public function addLinksToPluginActions( $actions ) {
4346	+ $actions['settings'] = '<a href="' . esc_url(
4347	+ add_query_arg(
4348	+ array(
4349	+ 'post_type' => self::POSTTYPE,
4350	+ 'page' => 'tribe-events-calendar'
4351	+ ),
4352	+ admin_url( 'edit.php' )
4353	+ )
4354	) . '">' . __( 'Settings', 'tribe-events-calendar' ) . '</a>';
4355	$actions['tribe-calendar'] = '<a href="' . $this->getLink() . '">' . __( 'Calendar', 'tribe-events-calendar' ) . '</a>';
4356

4370
4371	$parent = 'edit.php?post_type=' . self::POSTTYPE;
4372	$title = __( 'Help', 'tribe-events-calendar' );
4373	+ $slug = esc_url(
4374	+ add_query_arg(
4375	+ array(
4376	+ 'post_type' => self::POSTTYPE,
4377	+ 'page' => 'tribe-events-calendar',
4378	+ 'tab' => 'help'
4379	+ ),
4380	+ 'edit.php'
4381	+ )
4382	);
4383
4384	add_submenu_page( $parent, $title, $title, 'manage_options', $slug, '' );

4415	$link = add_query_arg( array( 'post_type' => self::POSTTYPE ), $link );
4416	}
4417
4418	+ return esc_url( $link );
4419	}
4420
4421	/**

lib/tribe-amalgamator.php CHANGED Viewed

	@@ -269,7 +269,7 @@ class Tribe_Amalgamator {
269	), admin_url( 'edit.php' )
270	)
271	);
272	- $url = add_query_arg( array( 'amalgamate' => '1' ), $url );
273	$url = wp_nonce_url( $url, 'amalgamate_duplicates' );
274	$html = sprintf( $html, $url, $text );
275
	@@ -299,7 +299,7 @@ class Tribe_Amalgamator {
299	), admin_url( 'edit.php' )
300	)
301	);
302	- wp_redirect( $url );
303	exit();
304	}
305	}


269	), admin_url( 'edit.php' )
270	)
271	);
272	+ $url = esc_url( add_query_arg( array( 'amalgamate' => '1' ), $url ) );
273	$url = wp_nonce_url( $url, 'amalgamate_duplicates' );
274	$html = sprintf( $html, $url, $text );
275

299	), admin_url( 'edit.php' )
300	)
301	);
302	+ wp_redirect( esc_url_raw( $url ) );
303	exit();
304	}
305	}

lib/tribe-ical.class.php CHANGED Viewed

	@@ -28,7 +28,7 @@ class TribeiCal {
28	$separator = _x( '»', 'feed link', 'tribe-events-calendar' );
29	$feed_title = sprintf( __( '%1$s %2$s iCal Feed', 'tribe-events-calendar' ), get_bloginfo( 'name' ), $separator );
30
31	- printf( '<link rel="alternate" type="text/calendar" title="%s" href="%s" />', $feed_title, tribe_get_ical_link() );
32	echo "\n";
33	}
34
	@@ -74,8 +74,8 @@ class TribeiCal {
74	}
75
76	echo '<div class="tribe-events-cal-links">';
77	- echo '<a class="tribe-events-gcal tribe-events-button" href="' . tribe_get_gcal_link() . '" title="' . __( 'Add to Google Calendar', 'tribe-events-calendar' ) . '">+ ' . __( 'Google Calendar', 'tribe-events-calendar' ) . '</a>';
78	- echo '<a class="tribe-events-ical tribe-events-button" href="' . tribe_get_single_ical_link() . '" title="' . __( 'Download .ics file', 'tribe-events-calendar' ) . '" >+ ' . __( 'iCal Export', 'tribe-events-calendar' ) . '</a>';
79	echo '</div><!-- .tribe-events-cal-links -->';
80	}
81
	@@ -120,7 +120,7 @@ class TribeiCal {
120
121	$text = apply_filters( 'tribe_events_ical_export_text', __( 'Export', 'tribe-events-calendar' ) . ' ' . $modifier );
122	$title = __( 'Use this to share calendar data with Google Calendar, Apple iCal and other compatible apps', 'tribe-events-calendar' );
123	- $ical = '<a class="tribe-events-ical tribe-events-button" title="' . $title . '" href="' . tribe_get_ical_link() . '">+ ' . $text . '</a>';
124
125	echo $ical;
126	}


28	$separator = _x( '»', 'feed link', 'tribe-events-calendar' );
29	$feed_title = sprintf( __( '%1$s %2$s iCal Feed', 'tribe-events-calendar' ), get_bloginfo( 'name' ), $separator );
30
31	+ printf( '<link rel="alternate" type="text/calendar" title="%s" href="%s" />', $feed_title, esc_url( tribe_get_ical_link() ) );
32	echo "\n";
33	}
34

74	}
75
76	echo '<div class="tribe-events-cal-links">';
77	+ echo '<a class="tribe-events-gcal tribe-events-button" href="' . esc_url( tribe_get_gcal_link() ) . '" title="' . __( 'Add to Google Calendar', 'tribe-events-calendar' ) . '">+ ' . __( 'Google Calendar', 'tribe-events-calendar' ) . '</a>';
78	+ echo '<a class="tribe-events-ical tribe-events-button" href="' . esc_url( tribe_get_single_ical_link() ) . '" title="' . __( 'Download .ics file', 'tribe-events-calendar' ) . '" >+ ' . __( 'iCal Export', 'tribe-events-calendar' ) . '</a>';
79	echo '</div><!-- .tribe-events-cal-links -->';
80	}
81

120
121	$text = apply_filters( 'tribe_events_ical_export_text', __( 'Export', 'tribe-events-calendar' ) . ' ' . $modifier );
122	$title = __( 'Use this to share calendar data with Google Calendar, Apple iCal and other compatible apps', 'tribe-events-calendar' );
123	+ $ical = '<a class="tribe-events-ical tribe-events-button" title="' . $title . '" href="' . esc_url( tribe_get_ical_link() ) . '">+ ' . $text . '</a>';
124
125	echo $ical;
126	}

lib/tribe-settings.class.php CHANGED Viewed

	@@ -466,7 +466,7 @@ if ( ! class_exists( 'TribeSettings' ) ) {
466	add_option( 'tribe_settings_sent_data', $_POST );
467	add_option( 'tribe_settings_errors', $this->errors );
468	add_option( 'tribe_settings_major_error', $this->major_error );
469	- wp_redirect( add_query_arg( array( 'saved' => true ), $this->url ) );
470	exit;
471
472	}
	@@ -535,4 +535,4 @@ if ( ! class_exists( 'TribeSettings' ) ) {
535	}
536
537	} // end class
538	- } // endif class_exists


466	add_option( 'tribe_settings_sent_data', $_POST );
467	add_option( 'tribe_settings_errors', $this->errors );
468	add_option( 'tribe_settings_major_error', $this->major_error );
469	+ wp_redirect( esc_url_raw( add_query_arg( array( 'saved' => true ), $this->url ) ) );
470	exit;
471
472	}

535	}
536
537	} // end class
538	+ } // endif class_exists

public/advanced-functions/meta.php CHANGED Viewed

	@@ -325,7 +325,7 @@ if ( class_exists( 'Tribe_Meta_Factory' ) ) {
325	public static function gmap_link() {
326	$link = sprintf(
327	'<a class="tribe-events-gmap" href="%s" title="%s" target="_blank">%s</a>',
328	- tribe_get_map_link(),
329	__( 'Click to view a Google Map', 'tribe-events-calendar' ),
330	__( '+ Google Map', 'tribe-events-calendar' )
331	);


325	public static function gmap_link() {
326	$link = sprintf(
327	'<a class="tribe-events-gmap" href="%s" title="%s" target="_blank">%s</a>',
328	+ esc_url( tribe_get_map_link() ),
329	__( 'Click to view a Google Map', 'tribe-events-calendar' ),
330	__( '+ Google Map', 'tribe-events-calendar' )
331	);

public/template-tags/day.php CHANGED Viewed

	@@ -45,7 +45,7 @@ if ( ! function_exists( 'tribe_get_linked_day' ) ) {
45	*/
46	function tribe_get_linked_day( $date, $day ) {
47	$return = '';
48	- $return .= "<a href='" . tribe_get_day_link( $date ) . "'>";
49	$return .= $day;
50	$return .= "</a>";
51
	@@ -77,7 +77,7 @@ if ( ! function_exists( 'tribe_the_day_link' ) ) {
77	$latest = tribe_events_latest_date( TribeDateUtils::DBDATEFORMAT );
78
79	if ( $date >= $earliest && $date <= $latest ) {
80	- $html = '<a href="' . $link . '" data-day="' . $date . '" rel="prev">' . $text . '</a>';
81	}
82
83	} catch ( OverflowException $e ) {


45	*/
46	function tribe_get_linked_day( $date, $day ) {
47	$return = '';
48	+ $return .= "<a href='" . esc_url( tribe_get_day_link( $date ) ) . "'>";
49	$return .= $day;
50	$return .= "</a>";
51

77	$latest = tribe_events_latest_date( TribeDateUtils::DBDATEFORMAT );
78
79	if ( $date >= $earliest && $date <= $latest ) {
80	+ $html = '<a href="' . esc_url( $link ) . '" data-day="' . $date . '" rel="prev">' . $text . '</a>';
81	}
82
83	} catch ( OverflowException $e ) {

public/template-tags/general.php CHANGED Viewed

	@@ -880,9 +880,9 @@ if ( class_exists( 'TribeEvents' ) ) {
880
881	//if link is not specifically excluded, then include <a>
882	if ( ! empty( $image_src ) && $link ) {
883	- $featured_image .= '<div class="tribe-events-event-image"><a href="' . tribe_get_event_link() . '" title="' . get_the_title( $post_id ) . '"><img src="' . $image_src[0] . '" title="' . get_the_title( $post_id ) . '" /></a></div>';
884	} elseif ( ! empty( $image_src ) ) {
885	- $featured_image .= '<div class="tribe-events-event-image"><img src="' . $image_src[0] . '" title="' . get_the_title( $post_id ) . '" /></div>';
886	}
887
888	return apply_filters( 'tribe_event_featured_image', $featured_image, $post_id, $size, $image_src );


880
881	//if link is not specifically excluded, then include <a>
882	if ( ! empty( $image_src ) && $link ) {
883	+ $featured_image .= '<div class="tribe-events-event-image"><a href="' . esc_url( tribe_get_event_link() ) . '" title="' . get_the_title( $post_id ) . '"><img src="' . esc_url( $image_src[0] ) . '" title="' . get_the_title( $post_id ) . '" /></a></div>';
884	} elseif ( ! empty( $image_src ) ) {
885	+ $featured_image .= '<div class="tribe-events-event-image"><img src="' . esc_url( $image_src[0] ) . '" title="' . get_the_title( $post_id ) . '" /></div>';
886	}
887
888	return apply_filters( 'tribe_event_featured_image', $featured_image, $post_id, $size, $image_src );

public/template-tags/google-map.php CHANGED Viewed

	@@ -40,7 +40,7 @@ if ( class_exists( 'TribeEvents' ) ) {
40	function tribe_get_map_link_html( $postId = null ) {
41	$link = sprintf(
42	'<a class="tribe-events-gmap" href="%s" title="%s" target="_blank">%s</a>',
43	- tribe_get_map_link( $postId ),
44	__( 'Click to view a Google Map', 'tribe-events-calendar' ),
45	__( '+ Google Map', 'tribe-events-calendar' )
46	);


40	function tribe_get_map_link_html( $postId = null ) {
41	$link = sprintf(
42	'<a class="tribe-events-gmap" href="%s" title="%s" target="_blank">%s</a>',
43	+ esc_url( tribe_get_map_link( $postId ) ),
44	__( 'Click to view a Google Map', 'tribe-events-calendar' ),
45	__( '+ Google Map', 'tribe-events-calendar' )
46	);

public/template-tags/link.php CHANGED Viewed

	@@ -212,7 +212,7 @@ if ( class_exists( 'TribeEvents' ) ) {
212	$label = is_null( $label ) ? $url : $label;
213	$html = sprintf(
214	'<a href="%s" target="%s">%s</a>',
215	- $url,
216	apply_filters( 'tribe_get_event_website_link_target', 'self' ),
217	apply_filters( 'tribe_get_event_website_link_label', $label )
218	);
	@@ -246,4 +246,4 @@ if ( class_exists( 'TribeEvents' ) ) {
246	}
247
248	}
249	- ?>


212	$label = is_null( $label ) ? $url : $label;
213	$html = sprintf(
214	'<a href="%s" target="%s">%s</a>',
215	+ esc_url( $url ),
216	apply_filters( 'tribe_get_event_website_link_target', 'self' ),
217	apply_filters( 'tribe_get_event_website_link_label', $label )
218	);

246	}
247
248	}
249	+ ?>

public/template-tags/loop.php CHANGED Viewed

	@@ -161,7 +161,7 @@ if ( class_exists( 'TribeEvents' ) ) {
161
162	if ( is_tax( $tribe_ecp->get_event_taxonomy() ) && $depth ) {
163	$cat = get_queried_object();
164	- $title = '<a href="' . tribe_get_events_link() . '">' . $title . '</a>';
165	$title .= ' › ' . $cat->name;
166	}
167


161
162	if ( is_tax( $tribe_ecp->get_event_taxonomy() ) && $depth ) {
163	$cat = get_queried_object();
164	+ $title = '<a href="' . esc_url( tribe_get_events_link() ) . '">' . $title . '</a>';
165	$title .= ' › ' . $cat->name;
166	}
167

public/template-tags/month.php CHANGED Viewed

	@@ -245,7 +245,7 @@ if ( class_exists( 'TribeEvents' ) ) {
245
246	if ( $date >= tribe_events_earliest_date( TribeDateUtils::DBYEARMONTHTIMEFORMAT ) ) {
247	$text = tribe_get_previous_month_text();
248	- $html = '<a data-month="' . $date . '" href="' . $url . '" rel="prev"><span>«</span> ' . $text . ' </a>';
249	}
250
251	echo apply_filters( 'tribe_events_the_previous_month_link', $html );
	@@ -266,7 +266,7 @@ if ( class_exists( 'TribeEvents' ) ) {
266	if ( ! empty( $url ) ) {
267	$date = TribeEvents::instance()->nextMonth( tribe_get_month_view_date() );
268	if ( $date <= tribe_events_latest_date( TribeDateUtils::DBYEARMONTHTIMEFORMAT ) ) {
269	- $html = '<a data-month="' . $date . '" href="' . $url . '" rel="next">' . $text . ' <span>»</span></a>';
270	}
271	}
272


245
246	if ( $date >= tribe_events_earliest_date( TribeDateUtils::DBYEARMONTHTIMEFORMAT ) ) {
247	$text = tribe_get_previous_month_text();
248	+ $html = '<a data-month="' . $date . '" href="' . esc_url( $url ) . '" rel="prev"><span>«</span> ' . $text . ' </a>';
249	}
250
251	echo apply_filters( 'tribe_events_the_previous_month_link', $html );

266	if ( ! empty( $url ) ) {
267	$date = TribeEvents::instance()->nextMonth( tribe_get_month_view_date() );
268	if ( $date <= tribe_events_latest_date( TribeDateUtils::DBYEARMONTHTIMEFORMAT ) ) {
269	+ $html = '<a data-month="' . $date . '" href="' . esc_url( $url ) . '" rel="next">' . $text . ' <span>»</span></a>';
270	}
271	}
272

public/template-tags/options.php CHANGED Viewed

	@@ -17,7 +17,7 @@ if ( ! defined( 'ABSPATH' ) ) {
17	* @return string, the string to display
18	*/
19	function tribe_display_current_events_slug() {
20	- echo '<p class="tribe-field-indent tribe-field-description description">' . __( 'The slug used for building the events URL.', 'tribe-events-calendar' ) . sprintf( __( 'Your current Events URL is %s', 'tribe-events-calendar' ), '<code><a href="' . tribe_get_events_link() . '">' . tribe_get_events_link() . '</a></code>' ) . '</p>';
21	}
22
23	/**
	@@ -38,4 +38,4 @@ function tribe_display_current_ical_link() {
38	if ( function_exists( 'tribe_get_ical_link' ) ) {
39	echo '<p id="ical-link" class="tribe-field-indent tribe-field-description description">' . __( 'Here is the iCal feed URL for your events:', 'tribe-events-calendar' ) . ' ' . '<code>' . tribe_get_ical_link() . '</code></p>';
40	}
41	- }


17	* @return string, the string to display
18	*/
19	function tribe_display_current_events_slug() {
20	+ echo '<p class="tribe-field-indent tribe-field-description description">' . __( 'The slug used for building the events URL.', 'tribe-events-calendar' ) . sprintf( __( 'Your current Events URL is %s', 'tribe-events-calendar' ), '<code><a href="' . esc_url( tribe_get_events_link() ) . '">' . tribe_get_events_link() . '</a></code>' ) . '</p>';
21	}
22
23	/**

38	if ( function_exists( 'tribe_get_ical_link' ) ) {
39	echo '<p id="ical-link" class="tribe-field-indent tribe-field-description description">' . __( 'Here is the iCal feed URL for your events:', 'tribe-events-calendar' ) . ' ' . '<code>' . tribe_get_ical_link() . '</code></p>';
40	}
41	+ }

public/template-tags/organizer.php CHANGED Viewed

	@@ -125,10 +125,10 @@ if ( class_exists( 'TribeEvents' ) ) {
125	function tribe_get_organizer_link( $postId = null, $full_link = true, $echo = true ) {
126	$postId = TribeEvents::postIdHelper( $postId );
127	if ( class_exists( 'TribeEventsPro' ) ) {
128	- $url = ~~esc_url~~( get_permalink( tribe_get_organizer_id( $postId ) ) );
129	if ( $full_link ) {
130	$name = tribe_get_organizer( $postId );
131	- $link = ! empty( $url ) && ! empty( $name ) ? '<a href="' . $url . '">' . $name . '</a>' : false;
132	$link = apply_filters( 'tribe_get_organizer_link', $link, $postId, $echo, $url, $name );
133	} else {
134	$link = $url;
	@@ -198,7 +198,7 @@ if ( class_exists( 'TribeEvents' ) ) {
198	}
199	$html = sprintf(
200	'<a href="%s" target="%s">%s</a>',
201	- $url,
202	apply_filters( 'tribe_get_organizer_website_link_target', 'self' ),
203	apply_filters( 'tribe_get_organizer_website_link_label', $label )
204	);


125	function tribe_get_organizer_link( $postId = null, $full_link = true, $echo = true ) {
126	$postId = TribeEvents::postIdHelper( $postId );
127	if ( class_exists( 'TribeEventsPro' ) ) {
128	+ $url = esc_url_raw( get_permalink( tribe_get_organizer_id( $postId ) ) );
129	if ( $full_link ) {
130	$name = tribe_get_organizer( $postId );
131	+ $link = ! empty( $url ) && ! empty( $name ) ? '<a href="' . esc_url( $url ) . '">' . $name . '</a>' : false;
132	$link = apply_filters( 'tribe_get_organizer_link', $link, $postId, $echo, $url, $name );
133	} else {
134	$link = $url;

198	}
199	$html = sprintf(
200	'<a href="%s" target="%s">%s</a>',
201	+ esc_url( $url ),
202	apply_filters( 'tribe_get_organizer_website_link_target', 'self' ),
203	apply_filters( 'tribe_get_organizer_website_link_label', $label )
204	);

public/template-tags/venue.php CHANGED Viewed

	@@ -102,12 +102,12 @@ if ( class_exists( 'TribeEvents' ) ) {
102	$url = '';
103
104	if ( $venue_id = tribe_get_venue_id( $postId ) ) {
105	- $url = ~~esc_url~~( get_permalink( $venue_id ) );
106	}
107
108	if ( $display && $url != '' ) {
109	$venue_name = tribe_get_venue( $postId );
110	- $link = '<a href="' . $url . '">' . $venue_name . '</a>';
111	} else {
112	$link = $url;
113	}
	@@ -354,7 +354,7 @@ if ( class_exists( 'TribeEvents' ) ) {
354	}
355	$html = sprintf(
356	'<a href="%s" target="%s">%s</a>',
357	- $url,
358	apply_filters( 'tribe_get_venue_website_link_target', 'self' ),
359	apply_filters( 'tribe_get_venue_website_link_label', $label )
360	);


102	$url = '';
103
104	if ( $venue_id = tribe_get_venue_id( $postId ) ) {
105	+ $url = esc_url_raw( get_permalink( $venue_id ) );
106	}
107
108	if ( $display && $url != '' ) {
109	$venue_name = tribe_get_venue( $postId );
110	+ $link = '<a href="' . esc_url( $url ) . '">' . $venue_name . '</a>';
111	} else {
112	$link = $url;
113	}

354	}
355	$html = sprintf(
356	'<a href="%s" target="%s">%s</a>',
357	+ esc_url( $url ),
358	apply_filters( 'tribe_get_venue_website_link_target', 'self' ),
359	apply_filters( 'tribe_get_venue_website_link_label', $label )
360	);

readme.txt CHANGED Viewed

	@@ -4,8 +4,8 @@ Contributors: ModernTribe, roblagatta, faction23, jazbek, jbrinley, leahkoerper
4	Tags: events, calendar, event, venue, organizer, dates, date, google maps, conference, workshop, concert, meeting, seminar, summit, class, modern tribe, tribe, widget
5	Donate link: http://m.tri.be/29
6	Requires at least: 3.9
7	- Tested up to: 4.0.1
8	- Stable tag: 3.9.1
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
	@@ -325,6 +325,10 @@ At no point during the 3.0 lifecycle will the major version change. But you can
325
326	3.x is a complete overhaul of the plugin, and as a result we're starting the changelog fresh. For release notes from the 2.x lifecycle, see <a href="http://m.tri.be/k">our 2.x release notes.</a>
327




328	= 3.9.1 =
329
330	* Implemented some styling to ensure compatibility and cohesive design with the new Twenty Fifteen theme (more to come in 3.10)
	@@ -687,6 +691,10 @@ Still not happy? Shoot us an email to pro@tri.be or tweet to @moderntribeinc and
687
688	IMPORTANT NOTICE: 3.x upgrade is a HUGE upgrade from 2.x versions. If you are upgrading from an older version, please test thoroughly before updating on your live website.
689




690	= 3.8 =
691
692	Please see the changelog for the complete list of changes in this release. Remember to always make a backup of your database and files before updating!


4	Tags: events, calendar, event, venue, organizer, dates, date, google maps, conference, workshop, concert, meeting, seminar, summit, class, modern tribe, tribe, widget
5	Donate link: http://m.tri.be/29
6	Requires at least: 3.9
7	+ Tested up to: 4.1.2
8	+ Stable tag: 3.9.2
9	License: GPLv2 or later
10	License URI: http://www.gnu.org/licenses/gpl-2.0.html
11

325
326	3.x is a complete overhaul of the plugin, and as a result we're starting the changelog fresh. For release notes from the 2.x lifecycle, see <a href="http://m.tri.be/k">our 2.x release notes.</a>
327
328	+ = 3.9.2 =
329	+
330	+ * Hardened URL output to protect against XSS attacks.
331	+
332	= 3.9.1 =
333
334	* Implemented some styling to ensure compatibility and cohesive design with the new Twenty Fifteen theme (more to come in 3.10)

691
692	IMPORTANT NOTICE: 3.x upgrade is a HUGE upgrade from 2.x versions. If you are upgrading from an older version, please test thoroughly before updating on your live website.
693
694	+ = 3.9 =
695	+
696	+ Please see the changelog for the complete list of changes in this release. Remember to always make a backup of your database and files before updating!
697	+
698	= 3.8 =
699
700	Please see the changelog for the complete list of changes in this release. Remember to always make a backup of your database and files before updating!

the-events-calendar.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/*
3	Plugin Name: The Events Calendar
4	Description: The Events Calendar is a carefully crafted, extensible plugin that lets you easily share your events. Beautiful. Solid. Awesome.
5	- Version: 3.9.1
6	Author: Modern Tribe, Inc.
7	Author URI: http://m.tri.be/1x
8	Text Domain: tribe-events-calendar


2	/*
3	Plugin Name: The Events Calendar
4	Description: The Events Calendar is a carefully crafted, extensible plugin that lets you easily share your events. Beautiful. Solid. Awesome.
5	+ Version: 3.9.2
6	Author: Modern Tribe, Inc.
7	Author URI: http://m.tri.be/1x
8	Text Domain: tribe-events-calendar

views/day/single-event.php CHANGED Viewed

	@@ -39,7 +39,7 @@ $has_venue_address = ( $venue_address ) ? ' location' : '';
39	<!-- Event Title -->
40	<?php do_action( 'tribe_events_before_the_event_title' ) ?>
41	<h2 class="tribe-events-list-event-title summary">
42	- <a class="url" href="<?php echo tribe_get_event_link() ?>" title="<?php the_title() ?>" rel="bookmark">
43	<?php the_title() ?>
44	</a>
45	</h2>
	@@ -71,6 +71,6 @@ $has_venue_address = ( $venue_address ) ? ' location' : '';
71	<?php do_action( 'tribe_events_before_the_content' ) ?>
72	<div class="tribe-events-list-event-description tribe-events-content description entry-summary">
73	<?php echo tribe_events_get_the_excerpt() ?>
74	- <a href="<?php echo tribe_get_event_link() ?>" class="tribe-events-read-more" rel="bookmark"><?php _e( 'Find out more', 'tribe-events-calendar' ) ?> »</a>
75	</div><!-- .tribe-events-list-event-description -->
76	<?php do_action( 'tribe_events_after_the_content' ) ?>


39	<!-- Event Title -->
40	<?php do_action( 'tribe_events_before_the_event_title' ) ?>
41	<h2 class="tribe-events-list-event-title summary">
42	+ <a class="url" href="<?php echo esc_url( tribe_get_event_link() ); ?>" title="<?php the_title() ?>" rel="bookmark">
43	<?php the_title() ?>
44	</a>
45	</h2>

71	<?php do_action( 'tribe_events_before_the_content' ) ?>
72	<div class="tribe-events-list-event-description tribe-events-content description entry-summary">
73	<?php echo tribe_events_get_the_excerpt() ?>
74	+ <a href="<?php echo esc_url( tribe_get_event_link() ); ?>" class="tribe-events-read-more" rel="bookmark"><?php _e( 'Find out more', 'tribe-events-calendar' ) ?> »</a>
75	</div><!-- .tribe-events-list-event-description -->
76	<?php do_action( 'tribe_events_after_the_content' ) ?>

views/list/nav.php CHANGED Viewed

	@@ -20,14 +20,14 @@ if ( ! defined( 'ABSPATH' ) ) {
20
21	<?php if ( tribe_has_previous_event() ) : ?>
22	<li class="<?php echo tribe_left_navigation_classes(); ?>">
23	- <a href="<?php echo tribe_get_listview_link() ?>" rel="prev"><?php _e( '<span>«</span> Previous Events', 'tribe-events-calendar' ) ?></a>
24	</li><!-- .tribe-events-nav-left -->
25	<?php endif; ?>
26
27	<!-- Right Navigation -->
28	<?php if ( tribe_has_next_event() ) : ?>
29	<li class="<?php echo tribe_right_navigation_classes(); ?>">
30	- <a href="<?php echo tribe_get_listview_link() ?>" rel="next"><?php _e( 'Next Events <span>»</span>', 'tribe-events-calendar' ) ?></a>
31	</li><!-- .tribe-events-nav-right -->
32	<?php endif; ?>
33	- </ul>


20
21	<?php if ( tribe_has_previous_event() ) : ?>
22	<li class="<?php echo tribe_left_navigation_classes(); ?>">
23	+ <a href="<?php echo esc_url( tribe_get_listview_link() ); ?>" rel="prev"><?php _e( '<span>«</span> Previous Events', 'tribe-events-calendar' ) ?></a>
24	</li><!-- .tribe-events-nav-left -->
25	<?php endif; ?>
26
27	<!-- Right Navigation -->
28	<?php if ( tribe_has_next_event() ) : ?>
29	<li class="<?php echo tribe_right_navigation_classes(); ?>">
30	+ <a href="<?php echo esc_url( tribe_get_listview_link() ); ?>" rel="next"><?php _e( 'Next Events <span>»</span>', 'tribe-events-calendar' ) ?></a>
31	</li><!-- .tribe-events-nav-right -->
32	<?php endif; ?>
33	+ </ul>

views/list/single-event.php CHANGED Viewed

	@@ -43,7 +43,7 @@ $organizer = tribe_get_organizer();
43	<!-- Event Title -->
44	<?php do_action( 'tribe_events_before_the_event_title' ) ?>
45	<h2 class="tribe-events-list-event-title entry-title summary">
46	- <a class="url" href="<?php echo tribe_get_event_link() ?>" title="<?php the_title() ?>" rel="bookmark">
47	<?php the_title() ?>
48	</a>
49	</h2>
	@@ -77,6 +77,6 @@ $organizer = tribe_get_organizer();
77	<?php do_action( 'tribe_events_before_the_content' ) ?>
78	<div class="tribe-events-list-event-description tribe-events-content description entry-summary">
79	<?php the_excerpt() ?>
80	- <a href="<?php echo tribe_get_event_link() ?>" class="tribe-events-read-more" rel="bookmark"><?php _e( 'Find out more', 'tribe-events-calendar' ) ?> »</a>
81	</div><!-- .tribe-events-list-event-description -->
82	<?php do_action( 'tribe_events_after_the_content' ) ?>


43	<!-- Event Title -->
44	<?php do_action( 'tribe_events_before_the_event_title' ) ?>
45	<h2 class="tribe-events-list-event-title entry-title summary">
46	+ <a class="url" href="<?php echo esc_url( tribe_get_event_link() ); ?>" title="<?php the_title() ?>" rel="bookmark">
47	<?php the_title() ?>
48	</a>
49	</h2>

77	<?php do_action( 'tribe_events_before_the_content' ) ?>
78	<div class="tribe-events-list-event-description tribe-events-content description entry-summary">
79	<?php the_excerpt() ?>
80	+ <a href="<?php echo esc_url( tribe_get_event_link() ); ?>" class="tribe-events-read-more" rel="bookmark"><?php _e( 'Find out more', 'tribe-events-calendar' ) ?> »</a>
81	</div><!-- .tribe-events-list-event-description -->
82	<?php do_action( 'tribe_events_after_the_content' ) ?>

views/month/single-day.php CHANGED Viewed

	@@ -21,7 +21,7 @@ $day = tribe_events_get_current_month_day();
21	<div id="tribe-events-daynum-<?php echo $day['daynum'] ?>">
22
23	<?php if ( $day['total_events'] > 0 && tribe_events_is_view_enabled( 'day' ) ) { ?>
24	- <a href="<?php echo tribe_get_day_link( $day['date'] ) ?>"><?php echo $day['daynum'] ?></a>
25	<?php } else { ?>
26	<?php echo $day['daynum'] ?>
27	<?php } ?>
	@@ -41,6 +41,6 @@ $day = tribe_events_get_current_month_day();
41	$view_all_label = sprintf( _n( 'View 1 Event', 'View All %s Events', $day['total_events'], 'tribe-events-calendar' ), $day['total_events'] );
42
43	?>
44	- <a href="<?php echo $day['view_more'] ?>"><?php echo $view_all_label ?> »</a>
45	</div>
46	- <?php endif ?>


21	<div id="tribe-events-daynum-<?php echo $day['daynum'] ?>">
22
23	<?php if ( $day['total_events'] > 0 && tribe_events_is_view_enabled( 'day' ) ) { ?>
24	+ <a href="<?php echo esc_url( tribe_get_day_link( $day['date'] ) ); ?>"><?php echo $day['daynum'] ?></a>
25	<?php } else { ?>
26	<?php echo $day['daynum'] ?>
27	<?php } ?>

41	$view_all_label = sprintf( _n( 'View 1 Event', 'View All %s Events', $day['total_events'], 'tribe-events-calendar' ), $day['total_events'] );
42
43	?>
44	+ <a href="<?php echo esc_url( $day['view_more'] ); ?>"><?php echo $view_all_label ?> »</a>
45	</div>
46	+ <?php endif ?>

views/single-event.php CHANGED Viewed

	@@ -21,7 +21,7 @@ $event_id = get_the_ID();
21	<div id="tribe-events-content" class="tribe-events-single vevent hentry">
22
23	<p class="tribe-events-back">
24	- <a href="<?php echo tribe_get_events_link() ?>"> <?php _e( '« All Events', 'tribe-events-calendar' ) ?></a>
25	</p>
26
27	<!-- Notices -->


21	<div id="tribe-events-content" class="tribe-events-single vevent hentry">
22
23	<p class="tribe-events-back">
24	+ <a href="<?php echo esc_url( tribe_get_events_link() ); ?>"> <?php _e( '« All Events', 'tribe-events-calendar' ) ?></a>
25	</p>
26
27	<!-- Notices -->

views/tickets/email.php CHANGED Viewed

	@@ -368,7 +368,7 @@
368	<table border="0" cellpadding="0" cellspacing="0" width="100%" align="center">
369	<tr>
370	<td class="ticket-footer" valign="top" align="left" width="100%" style="padding: 0 !important; width:100%; margin:0 !important;">
371	- <a href="<?php echo home_url(); ?>" style="color:#006caa !important; display:block; margin-top:20px; font-family: 'Helvetica Neue', Helvetica, sans-serif; font-size:13px; text-decoration:underline;"><?php echo home_url(); ?></a>
372	</td>
373	</tr>
374	</table>
	@@ -393,4 +393,4 @@
393	</center>
394	</div>
395	</body>
396	- </html>


368	<table border="0" cellpadding="0" cellspacing="0" width="100%" align="center">
369	<tr>
370	<td class="ticket-footer" valign="top" align="left" width="100%" style="padding: 0 !important; width:100%; margin:0 !important;">
371	+ <a href="<?php echo esc_url( home_url() ); ?>" style="color:#006caa !important; display:block; margin-top:20px; font-family: 'Helvetica Neue', Helvetica, sans-serif; font-size:13px; text-decoration:underline;"><?php echo home_url(); ?></a>
372	</td>
373	</tr>
374	</table>

393	</center>
394	</div>
395	</body>
396	+ </html>

views/widgets/list-widget.php CHANGED Viewed

	@@ -38,7 +38,7 @@ if ( $posts ) {
38	<?php do_action( 'tribe_events_list_widget_before_the_event_title' ); ?>
39	<!-- Event Title -->
40	<h4 class="entry-title summary">
41	- <a href="<?php echo tribe_get_event_link(); ?>" rel="bookmark"><?php the_title(); ?></a>
42	</h4>
43
44	<?php do_action( 'tribe_events_list_widget_after_the_event_title' ); ?>
	@@ -60,7 +60,7 @@ if ( $posts ) {
60	</ol><!-- .hfeed -->
61
62	<p class="tribe-events-widget-link">
63	- <a href="<?php echo tribe_get_events_link(); ?>" rel="bookmark"><?php _e( 'View All Events', 'tribe-events-calendar' ); ?></a>
64	</p>
65
66	<?php


38	<?php do_action( 'tribe_events_list_widget_before_the_event_title' ); ?>
39	<!-- Event Title -->
40	<h4 class="entry-title summary">
41	+ <a href="<?php echo esc_url( tribe_get_event_link() ); ?>" rel="bookmark"><?php the_title(); ?></a>
42	</h4>
43
44	<?php do_action( 'tribe_events_list_widget_after_the_event_title' ); ?>

60	</ol><!-- .hfeed -->
61
62	<p class="tribe-events-widget-link">
63	+ <a href="<?php echo esc_url( tribe_get_events_link() ); ?>" rel="bookmark"><?php _e( 'View All Events', 'tribe-events-calendar' ); ?></a>
64	</p>
65
66	<?php