Version Description
- Bug Fix: Security fixes
Download this release
Release Info
Developer | cartpauj |
Plugin | ThirstyAffiliates Affiliate Link Manager |
Version | 3.10.11 |
Comparing to | |
See all releases |
Code changes from version 3.10.10 to 3.10.11
- Helpers/Plugin_Constants.php +1 -1
- Models/Affiliate_Links_CPT.php +5 -5
- Models/Marketing.php +5 -8
- Models/Notifications.php +1 -1
- Models/Rewrites_Redirection.php +7 -3
- Models/Script_Loader.php +1 -1
- Models/Settings.php +10 -3
- readme.txt +5 -2
- thirstyaffiliates.php +1 -1
- views/cpt/view-inserted-link-scanner-metabox.php +1 -1
Helpers/Plugin_Constants.php
CHANGED
@@ -27,7 +27,7 @@ class Plugin_Constants {
|
|
27 |
// Plugin configuration constants
|
28 |
const TOKEN = 'ta';
|
29 |
const INSTALLED_VERSION = 'ta_installed_version';
|
30 |
-
const VERSION = '3.10.
|
31 |
const TEXT_DOMAIN = 'thirstyaffiliates';
|
32 |
const THEME_TEMPLATE_PATH = 'thirstyaffiliates';
|
33 |
const META_DATA_PREFIX = '_ta_';
|
27 |
// Plugin configuration constants
|
28 |
const TOKEN = 'ta';
|
29 |
const INSTALLED_VERSION = 'ta_installed_version';
|
30 |
+
const VERSION = '3.10.11';
|
31 |
const TEXT_DOMAIN = 'thirstyaffiliates';
|
32 |
const THEME_TEMPLATE_PATH = 'thirstyaffiliates';
|
33 |
const META_DATA_PREFIX = '_ta_';
|
Models/Affiliate_Links_CPT.php
CHANGED
@@ -561,15 +561,15 @@ class Affiliate_Links_CPT implements Model_Interface , Initiable_Interface {
|
|
561 |
$inserted_to_str = implode( ',' , $inserted_to );
|
562 |
|
563 |
// phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
|
564 |
-
$results = $wpdb->get_results(
|
565 |
-
"SELECT ID , post_title , post_type FROM $wpdb->posts WHERE ID IN ( $inserted_to_str )"
|
566 |
);
|
567 |
|
568 |
ob_start();
|
569 |
foreach ( $results as $object ) : ?>
|
570 |
<tr>
|
571 |
<td class="id"><?php echo esc_html( $object->ID ); ?></td>
|
572 |
-
<td class="title"><?php echo
|
573 |
<td class="post-type"><?php echo esc_html( $object->post_type ); ?></td>
|
574 |
<td class="actions">
|
575 |
<a class="view" href="<?php echo esc_url( get_permalink( $object->ID ) ); ?>" target="_blank"><span class="dashicons dashicons-admin-links"></span></a>
|
@@ -966,7 +966,7 @@ class Affiliate_Links_CPT implements Model_Interface , Initiable_Interface {
|
|
966 |
$response = array( 'status' => 'success' , 'category_slug' => $category->slug );
|
967 |
}
|
968 |
|
969 |
-
@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
|
970 |
echo wp_json_encode( $response );
|
971 |
wp_die();
|
972 |
}
|
@@ -1003,7 +1003,7 @@ class Affiliate_Links_CPT implements Model_Interface , Initiable_Interface {
|
|
1003 |
);
|
1004 |
}
|
1005 |
|
1006 |
-
@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
|
1007 |
echo wp_json_encode( $response );
|
1008 |
wp_die();
|
1009 |
}
|
561 |
$inserted_to_str = implode( ',' , $inserted_to );
|
562 |
|
563 |
// phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
|
564 |
+
$results = $wpdb->get_results(
|
565 |
+
"SELECT ID , post_title , post_type FROM $wpdb->posts WHERE ID IN ( $inserted_to_str )"
|
566 |
);
|
567 |
|
568 |
ob_start();
|
569 |
foreach ( $results as $object ) : ?>
|
570 |
<tr>
|
571 |
<td class="id"><?php echo esc_html( $object->ID ); ?></td>
|
572 |
+
<td class="title"><?php echo esc_html( mb_strimwidth( $object->post_title , 0 , 60 , "..." ) ); ?></td>
|
573 |
<td class="post-type"><?php echo esc_html( $object->post_type ); ?></td>
|
574 |
<td class="actions">
|
575 |
<a class="view" href="<?php echo esc_url( get_permalink( $object->ID ) ); ?>" target="_blank"><span class="dashicons dashicons-admin-links"></span></a>
|
966 |
$response = array( 'status' => 'success' , 'category_slug' => $category->slug );
|
967 |
}
|
968 |
|
969 |
+
@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
|
970 |
echo wp_json_encode( $response );
|
971 |
wp_die();
|
972 |
}
|
1003 |
);
|
1004 |
}
|
1005 |
|
1006 |
+
@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
|
1007 |
echo wp_json_encode( $response );
|
1008 |
wp_die();
|
1009 |
}
|
Models/Marketing.php
CHANGED
@@ -225,12 +225,9 @@ class Marketing implements Model_Interface , Activatable_Interface , Initiable_I
|
|
225 |
type: 'POST',
|
226 |
data: {
|
227 |
action: 'ta_dismiss_review_prompt',
|
228 |
-
_ajax_nonce: "<?php echo wp_create_nonce( 'ta_dismiss_review_prompt' );
|
229 |
type: type
|
230 |
},
|
231 |
-
})
|
232 |
-
.done(function(data) {
|
233 |
-
|
234 |
});
|
235 |
}
|
236 |
|
@@ -347,7 +344,7 @@ class Marketing implements Model_Interface , Activatable_Interface , Initiable_I
|
|
347 |
<h4><?php esc_html_e('Enable Enhanced Javascript Redirect','thirstyaffiliates'); ?></h4>
|
348 |
<p><?php esc_html_e("ThirstyAffiliates version 3.2.5 introduces a new method of redirecting via javascript which will only run on your website's frontend.
|
349 |
We've added this so the plugin can provide more accurate tracking data of your affiliate link clicks.
|
350 |
-
This feature is turned on automatically for <strong>new installs</strong>, but for this install we would like to give you the choice of enabling the feature or not.",'thirstyaffiliates'); ?>
|
351 |
</p>
|
352 |
<p>
|
353 |
<button type="button" class="button-primary" id="ta_enable_js_redirect_trigger">
|
@@ -462,9 +459,9 @@ class Marketing implements Model_Interface , Activatable_Interface , Initiable_I
|
|
462 |
*/
|
463 |
public function advanced_features_marketing_metabox_cb( $post ) {
|
464 |
|
465 |
-
$url =
|
466 |
-
$img =
|
467 |
-
echo '<a href="' . $url . '" target="_blank"><img src="' . $img . '"></a>';
|
468 |
}
|
469 |
|
470 |
public function dismiss_review_prompt() {
|
225 |
type: 'POST',
|
226 |
data: {
|
227 |
action: 'ta_dismiss_review_prompt',
|
228 |
+
_ajax_nonce: "<?php echo esc_js( wp_create_nonce( 'ta_dismiss_review_prompt' ) ); ?>",
|
229 |
type: type
|
230 |
},
|
|
|
|
|
|
|
231 |
});
|
232 |
}
|
233 |
|
344 |
<h4><?php esc_html_e('Enable Enhanced Javascript Redirect','thirstyaffiliates'); ?></h4>
|
345 |
<p><?php esc_html_e("ThirstyAffiliates version 3.2.5 introduces a new method of redirecting via javascript which will only run on your website's frontend.
|
346 |
We've added this so the plugin can provide more accurate tracking data of your affiliate link clicks.
|
347 |
+
This feature is turned on automatically for <strong>new installs</strong>, but for this install we would like to give you the choice of enabling the feature or not.",'thirstyaffiliates'); ?>
|
348 |
</p>
|
349 |
<p>
|
350 |
<button type="button" class="button-primary" id="ta_enable_js_redirect_trigger">
|
459 |
*/
|
460 |
public function advanced_features_marketing_metabox_cb( $post ) {
|
461 |
|
462 |
+
$url = 'https://thirstyaffiliates.com/pricing/?utm_source=Free%20Plugin&utm_medium=Pro&utm_campaign=Sidebar';
|
463 |
+
$img = $this->_constants->IMAGES_ROOT_URL() . 'sidebar.jpg';
|
464 |
+
echo '<a href="' . esc_url( $url ) . '" target="_blank"><img src="' . esc_url( $img ) . '"></a>';
|
465 |
}
|
466 |
|
467 |
public function dismiss_review_prompt() {
|
Models/Notifications.php
CHANGED
@@ -740,7 +740,7 @@ class Notifications implements Model_Interface {
|
|
740 |
|
741 |
<div class="thirstyaff-notifications-body">
|
742 |
<div class="thirstyaff-notifications-messages">
|
743 |
-
<?php echo $notifications_html;
|
744 |
</div>
|
745 |
</div>
|
746 |
|
740 |
|
741 |
<div class="thirstyaff-notifications-body">
|
742 |
<div class="thirstyaff-notifications-messages">
|
743 |
+
<?php echo wp_kses_post( $notifications_html ); ?>
|
744 |
</div>
|
745 |
</div>
|
746 |
|
Models/Rewrites_Redirection.php
CHANGED
@@ -378,14 +378,18 @@ class Rewrites_Redirection implements Model_Interface , Deactivatable_Interface
|
|
378 |
|
379 |
global $post;
|
380 |
|
381 |
-
$
|
|
|
382 |
|
383 |
if ( $is_apache || ! is_object( $post ) || $post->post_type !== Plugin_Constants::AFFILIATE_LINKS_CPT || ! $this->_helper_functions->is_user_agent_bot() )
|
384 |
return;
|
385 |
|
386 |
-
$
|
|
|
387 |
header( 'HTTP/1.0 403 Forbidden' );
|
388 |
-
|
|
|
|
|
389 |
}
|
390 |
|
391 |
|
378 |
|
379 |
global $post;
|
380 |
|
381 |
+
$server_software = isset( $_SERVER['SERVER_SOFTWARE'] ) ? sanitize_text_field( wp_unslash( $_SERVER['SERVER_SOFTWARE'] ) ) : '';
|
382 |
+
$is_apache = strpos( $server_software, 'Apache' ) !== false;
|
383 |
|
384 |
if ( $is_apache || ! is_object( $post ) || $post->post_type !== Plugin_Constants::AFFILIATE_LINKS_CPT || ! $this->_helper_functions->is_user_agent_bot() )
|
385 |
return;
|
386 |
|
387 |
+
$request_uri = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '';
|
388 |
+
$message = apply_filters( 'ta_blocked_bots_non_apache_message' , sprintf( __( "<h1>Forbidden</h1><p>You don't have permission to access %s on this server.</p>" , 'thirstyaffiliates' ) , esc_html( $request_uri ) ) );
|
389 |
header( 'HTTP/1.0 403 Forbidden' );
|
390 |
+
echo wp_kses_post( $message );
|
391 |
+
exit;
|
392 |
+
|
393 |
}
|
394 |
|
395 |
|
Models/Script_Loader.php
CHANGED
@@ -362,7 +362,7 @@ class Script_Loader implements Model_Interface {
|
|
362 |
<img src="%3$s" alt="%2$s" data-active="%4$s" />
|
363 |
</a>
|
364 |
</div>',
|
365 |
-
$this->get_items_html(),
|
366 |
esc_attr__( 'See Quick Links', 'thirstyaffiliates' ),
|
367 |
esc_url( $this->_constants->IMAGES_ROOT_URL() . 'admin-flyout.svg' ),
|
368 |
esc_url( $this->_constants->IMAGES_ROOT_URL() . 'admin-flyout.svg' ),
|
362 |
<img src="%3$s" alt="%2$s" data-active="%4$s" />
|
363 |
</a>
|
364 |
</div>',
|
365 |
+
$this->get_items_html(),
|
366 |
esc_attr__( 'See Quick Links', 'thirstyaffiliates' ),
|
367 |
esc_url( $this->_constants->IMAGES_ROOT_URL() . 'admin-flyout.svg' ),
|
368 |
esc_url( $this->_constants->IMAGES_ROOT_URL() . 'admin-flyout.svg' ),
|
Models/Settings.php
CHANGED
@@ -2148,10 +2148,17 @@ class Settings implements Model_Interface , Activatable_Interface , Initiable_In
|
|
2148 |
|
2149 |
<div class="ta-upgrade-header" id="ta-upgrade-header">
|
2150 |
<span id="close-ta-upgrade-header">X</span>
|
2151 |
-
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2152 |
</div>
|
2153 |
|
2154 |
-
<div id="ta-admin-header"><img class="ta-logo" src="<?php echo esc_url( $this->_constants->IMAGES_ROOT_URL() . 'TA.svg' ); ?>" /></div>
|
2155 |
|
2156 |
<script>
|
2157 |
jQuery(document).ready(function($) {
|
@@ -2163,7 +2170,7 @@ class Settings implements Model_Interface , Activatable_Interface , Initiable_In
|
|
2163 |
type: 'POST',
|
2164 |
data: {
|
2165 |
action: 'ta_dismiss_upgrade_header',
|
2166 |
-
_ajax_nonce: "<?php echo wp_create_nonce( 'ta_dismiss_upgrade_header' );
|
2167 |
},
|
2168 |
})
|
2169 |
.done(function() {
|
2148 |
|
2149 |
<div class="ta-upgrade-header" id="ta-upgrade-header">
|
2150 |
<span id="close-ta-upgrade-header">X</span>
|
2151 |
+
<?php
|
2152 |
+
printf(
|
2153 |
+
/* translators: %1$s: open link tag, %2$s: close link tag */
|
2154 |
+
esc_html__( 'You\'re using ThirstyAffiliates Lite. To unlock more features, consider %1$supgrading to Pro%2$s.', 'thirstyaffiliates' ),
|
2155 |
+
'<a href="https://thirstyaffiliates.com/pricing?utm_source=plugin_admin&utm_medium=link&utm_campaign=in_plugin&utm_content=upgrade_header">',
|
2156 |
+
'</a>'
|
2157 |
+
);
|
2158 |
+
?>
|
2159 |
</div>
|
2160 |
|
2161 |
+
<div id="ta-admin-header"><img class="ta-logo" src="<?php echo esc_url( $this->_constants->IMAGES_ROOT_URL() . 'TA.svg' ); ?>" alt="" /></div>
|
2162 |
|
2163 |
<script>
|
2164 |
jQuery(document).ready(function($) {
|
2170 |
type: 'POST',
|
2171 |
data: {
|
2172 |
action: 'ta_dismiss_upgrade_header',
|
2173 |
+
_ajax_nonce: "<?php echo esc_js( wp_create_nonce( 'ta_dismiss_upgrade_header' ) ); ?>"
|
2174 |
},
|
2175 |
})
|
2176 |
.done(function() {
|
readme.txt
CHANGED
@@ -4,8 +4,8 @@ Donate link:
|
|
4 |
Tags: affiliate, link, affiliate link management, link cloaker, link redirect, shortlink, thirstyaffiliates, thirsty affiliates
|
5 |
Requires at least: 5.0
|
6 |
Requires PHP: 5.6
|
7 |
-
Tested up to:
|
8 |
-
Stable tag: 3.10.
|
9 |
License: GPLv2 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
11 |
|
@@ -159,6 +159,9 @@ See our [Knowledge Base](https://thirstyaffiliates.com/knowledge-base/?utm_sourc
|
|
159 |
|
160 |
== Changelog ==
|
161 |
|
|
|
|
|
|
|
162 |
= 3.10.10 =
|
163 |
* Bug Fix: Security fixes
|
164 |
|
4 |
Tags: affiliate, link, affiliate link management, link cloaker, link redirect, shortlink, thirstyaffiliates, thirsty affiliates
|
5 |
Requires at least: 5.0
|
6 |
Requires PHP: 5.6
|
7 |
+
Tested up to: 6.0
|
8 |
+
Stable tag: 3.10.11
|
9 |
License: GPLv2 or later
|
10 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
11 |
|
159 |
|
160 |
== Changelog ==
|
161 |
|
162 |
+
= 3.10.11 =
|
163 |
+
* Bug Fix: Security fixes
|
164 |
+
|
165 |
= 3.10.10 =
|
166 |
* Bug Fix: Security fixes
|
167 |
|
thirstyaffiliates.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: ThirstyAffiliates
|
4 |
* Plugin URI: http://thirstyaffiliates.com/
|
5 |
* Description: ThirstyAffiliates is a revolution in affiliate link management. Collect, collate and store your affiliate links for use in your posts and pages.
|
6 |
-
* Version: 3.10.
|
7 |
* Author: Caseproof
|
8 |
* Author URI: https://caseproof.com/
|
9 |
* Requires at least: 5.0
|
3 |
* Plugin Name: ThirstyAffiliates
|
4 |
* Plugin URI: http://thirstyaffiliates.com/
|
5 |
* Description: ThirstyAffiliates is a revolution in affiliate link management. Collect, collate and store your affiliate links for use in your posts and pages.
|
6 |
+
* Version: 3.10.11
|
7 |
* Author: Caseproof
|
8 |
* Author URI: https://caseproof.com/
|
9 |
* Requires at least: 5.0
|
views/cpt/view-inserted-link-scanner-metabox.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
|
3 |
<div class="scanned-inserted-status">
|
4 |
<button id="inserted-link-scan-trigger" class="button-primary" type="button"><?php esc_html_e( 'Start Scan' , 'thirstyaffiliates' ); ?></button>
|
5 |
-
<span class="last-scanned"><?php echo wp_kses_post( $last_scanned_txt );
|
6 |
</div>
|
7 |
|
8 |
<div class="inserted-into-table">
|
2 |
|
3 |
<div class="scanned-inserted-status">
|
4 |
<button id="inserted-link-scan-trigger" class="button-primary" type="button"><?php esc_html_e( 'Start Scan' , 'thirstyaffiliates' ); ?></button>
|
5 |
+
<span class="last-scanned"><?php echo wp_kses_post( $last_scanned_txt ); ?></span>
|
6 |
</div>
|
7 |
|
8 |
<div class="inserted-into-table">
|