Tidio Live Chat - Version 4.2.0

Version Description

  • Update menu icon
  • Use email from plugin form as default email for a Tidio account
  • Improve error handling
  • Use nonce system
Download this release

Release Info

Developer lucastidio
Plugin Icon 128x128 Tidio Live Chat
Version 4.2.0
Comparing to
See all releases

Code changes from version 4.1.0 to 4.2.0

Files changed (5) hide show
  1. media/img/icon.png +0 -0
  2. media/js/options.js +55 -24
  3. options.php +3 -0
  4. readme.txt +7 -1
  5. tidio-elements.php +43 -11
media/img/icon.png DELETED
Binary file
media/js/options.js CHANGED
@@ -2,11 +2,28 @@
2
  jQuery(function ($) {
3
  var TidioChatWP = {
4
  apiUrl: 'https://api-v2.tidio.co',
5
- chatUrl: 'https://www.tidiochat.com',
6
  token: null,
 
7
  init: function () {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
8
  this.error = $('.error');
9
-
10
  this.form = $('#tidio-start');
11
  this.form.show();
12
  var emailField = this.form.find('#email');
@@ -25,7 +42,7 @@ jQuery(function ($) {
25
  return false;
26
  }
27
  this.hideError();
28
-
29
  submitButton.prop('disabled', true).text('Loading...');
30
 
31
  $.get(TidioChatWP.apiUrl + '/access/checkIfEmailIsRegistered', {
@@ -34,15 +51,19 @@ jQuery(function ($) {
34
  if (data.status === true && data.value &&
35
  data.value.registered === true) {
36
  this.form.hide();
37
- submitButton.prop('disabled', false).
38
- text('Start using Tidio');
39
  this.showLoginForm(emailField.val());
40
  } else {
41
  this.redirectToPanel();
42
  }
43
- }.bind(this)).fail((function() {
44
  submitButton.prop('disabled', false).text('Start using Tidio');
45
- this.showError('Something went wrong.');
 
 
 
 
 
46
  }).bind(this));
47
  return false;
48
  },
@@ -99,21 +120,27 @@ jQuery(function ($) {
99
  }).bind(this), 'json');
100
  return false;
101
  },
 
 
 
102
  redirectToPanel: function () {
103
- var form = this.form;
104
  var redirect = function (response) {
105
- window.open(response, '_blank');
106
- TidioChatWP.setRedirectLink(response);
107
- form.fadeOut('fast', function () {
 
108
  $('#after-install-text').fadeIn('fast');
109
  });
110
- };
111
 
112
- $.post(ajaxurl, { 'action': 'get_private_key' },
 
 
 
113
  function (response) {
114
  if (response === 'error') {
115
- // load trought ajax url
116
- TidioChatWP.accessTroughtXHR(redirect);
117
  return false;
118
  }
119
  redirect(response);
@@ -170,12 +197,17 @@ jQuery(function ($) {
170
  }).bind(this), 'json');
171
  },
172
  onProjectSubmit: function () {
173
- var details = $('#select-tidio-project option:selected').
174
- data('value');
175
- $.extend(details, { 'action': 'set_project_keys', 'api_token': TidioChatWP.token });
 
 
 
 
176
  $.post(ajaxurl, details, (function (response) {
177
- window.open(response, '_blank');
178
- TidioChatWP.setRedirectLink(response);
 
179
  this.form.fadeOut('fast', function () {
180
  $('#after-install-text').fadeIn('fast');
181
  });
@@ -280,7 +312,7 @@ jQuery(function ($) {
280
  then close all select boxes: */
281
  document.addEventListener('click', closeAllSelect);
282
  },
283
- accessTroughtXHR: function (_func) {
284
 
285
  var xhr_url = TidioChatWP.apiUrl + '/access/external/create?url=' +
286
  location.protocol + '//' + location.host +
@@ -293,15 +325,14 @@ jQuery(function ($) {
293
  _func(TidioChatWP.chatUrl + '/access?privateKey=' +
294
  r.value.private_key +
295
  '&app=chat&utm_source=platform&utm_medium=wordpress');
 
296
  // save this in wordpress database
297
  $.post(ajaxurl, {
298
  'action': 'tidio_chat_save_keys',
299
  'public_key': r.value.public_key,
300
  'private_key': r.value.private_key,
301
- }, function (response) {
302
-
303
  });
304
-
305
  }).fail(function () {
306
  alert('Error occured while creating, please try again!');
307
  });
2
  jQuery(function ($) {
3
  var TidioChatWP = {
4
  apiUrl: 'https://api-v2.tidio.co',
5
+ chatUrl: 'https://www.tidio.com',
6
  token: null,
7
+ email: '',
8
  init: function () {
9
+ // check if page is already integrated; if so show after install screen
10
+ if ($('a[href="admin.php?page=tidio-chat"]').length === 0) {
11
+ $.post(ajaxurl, {
12
+ 'action': 'get_private_key',
13
+ '_wpnonce': nonce,
14
+ },
15
+ function (response) {
16
+ if (response === 'error') {
17
+ // load through ajax url
18
+ TidioChatWP.accessThroughXHR(redirect);
19
+ return false;
20
+ }
21
+ $('#after-install-text').show();
22
+ TidioChatWP.setRedirectLink(response);
23
+ });
24
+ return;
25
+ }
26
  this.error = $('.error');
 
27
  this.form = $('#tidio-start');
28
  this.form.show();
29
  var emailField = this.form.find('#email');
42
  return false;
43
  }
44
  this.hideError();
45
+ this.email = emailField.val();
46
  submitButton.prop('disabled', true).text('Loading...');
47
 
48
  $.get(TidioChatWP.apiUrl + '/access/checkIfEmailIsRegistered', {
51
  if (data.status === true && data.value &&
52
  data.value.registered === true) {
53
  this.form.hide();
54
+ submitButton.prop('disabled', false).text('Start using Tidio');
 
55
  this.showLoginForm(emailField.val());
56
  } else {
57
  this.redirectToPanel();
58
  }
59
+ }.bind(this)).fail((function(error) {
60
  submitButton.prop('disabled', false).text('Start using Tidio');
61
+ if (error && error.status === 429) {
62
+ this.showError('You have been blocked for too many failed attempts. Please try again in an hour.');
63
+ } else {
64
+ this.showError('Something went wrong.');
65
+ }
66
+
67
  }).bind(this));
68
  return false;
69
  },
120
  }).bind(this), 'json');
121
  return false;
122
  },
123
+ addEmailToRedirectLink: function(url) {
124
+ return url + '&tour_default_email=' + encodeURIComponent(this.email);
125
+ },
126
  redirectToPanel: function () {
 
127
  var redirect = function (response) {
128
+ var url = this.addEmailToRedirectLink(response);
129
+ window.open(url, '_blank');
130
+ TidioChatWP.setRedirectLink(url);
131
+ this.form.fadeOut('fast', function () {
132
  $('#after-install-text').fadeIn('fast');
133
  });
134
+ }.bind(this);
135
 
136
+ $.post(ajaxurl, {
137
+ 'action': 'get_private_key',
138
+ '_wpnonce': nonce,
139
+ },
140
  function (response) {
141
  if (response === 'error') {
142
+ // load through ajax url
143
+ TidioChatWP.accessThroughXHR(redirect);
144
  return false;
145
  }
146
  redirect(response);
197
  }).bind(this), 'json');
198
  },
199
  onProjectSubmit: function () {
200
+ var details = $('#select-tidio-project option:selected').data('value');
201
+ $.extend(details, {
202
+ 'action': 'set_project_keys',
203
+ 'api_token': TidioChatWP.token,
204
+ '_wpnonce': nonce,
205
+ });
206
+
207
  $.post(ajaxurl, details, (function (response) {
208
+ var url = this.addEmailToRedirectLink(response);
209
+ window.open(url, '_blank');
210
+ TidioChatWP.setRedirectLink(url);
211
  this.form.fadeOut('fast', function () {
212
  $('#after-install-text').fadeIn('fast');
213
  });
312
  then close all select boxes: */
313
  document.addEventListener('click', closeAllSelect);
314
  },
315
+ accessThroughXHR: function (_func) {
316
 
317
  var xhr_url = TidioChatWP.apiUrl + '/access/external/create?url=' +
318
  location.protocol + '//' + location.host +
325
  _func(TidioChatWP.chatUrl + '/access?privateKey=' +
326
  r.value.private_key +
327
  '&app=chat&utm_source=platform&utm_medium=wordpress');
328
+
329
  // save this in wordpress database
330
  $.post(ajaxurl, {
331
  'action': 'tidio_chat_save_keys',
332
  'public_key': r.value.public_key,
333
  'private_key': r.value.private_key,
334
+ '_wpnonce': nonce,
 
335
  });
 
336
  }).fail(function () {
337
  alert('Error occured while creating, please try again!');
338
  });
options.php CHANGED
@@ -1,3 +1,6 @@
 
 
 
1
  <div id="tidio-wrapper">
2
  <div class="tidio-box-wrapper">
3
  <div class="tidio-box tidio-box-actions">
1
+ <script>
2
+ var nonce = '<?php echo wp_create_nonce(TidioLiveChat::TIDIO_XHR_NONCE_NAME); ?>';
3
+ </script>
4
  <div id="tidio-wrapper">
5
  <div class="tidio-box-wrapper">
6
  <div class="tidio-box tidio-box-actions">
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: tytus-tytus, lucastidio, marcingwizdala
3
  Tags: free live chat, plugin, facebook, admin, live chat, chat, livechat, post, tidio, widget, post, posts, twitter, zendesk, mailchimp
4
  Requires at least: 3.0
5
  Tested up to: 5.2
6
- Stable tag: 4.1.0
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
@@ -121,6 +121,12 @@ Yes, simply go to your chat panel and switch the “Display” option to off.
121
 
122
  == Changelog ==
123
 
 
 
 
 
 
 
124
  = 4.1.0 =
125
  * Simplify login flow for users with only one project
126
  * Set widget as installed immediately after user connected project
3
  Tags: free live chat, plugin, facebook, admin, live chat, chat, livechat, post, tidio, widget, post, posts, twitter, zendesk, mailchimp
4
  Requires at least: 3.0
5
  Tested up to: 5.2
6
+ Stable tag: 4.2.0
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
121
 
122
  == Changelog ==
123
 
124
+ = 4.2.0 =
125
+ * Update menu icon
126
+ * Use email from plugin form as default email for a Tidio account
127
+ * Improve error handling
128
+ * Use nonce system
129
+
130
  = 4.1.0 =
131
  * Simplify login flow for users with only one project
132
  * Set widget as installed immediately after user connected project
tidio-elements.php CHANGED
@@ -2,14 +2,14 @@
2
 
3
  /**
4
  * Plugin Name: Tidio Chat
5
- * Plugin URI: http://www.tidiochat.com
6
- * Description: Tidio Live Chat - Live chat for your website. No logging in, no signing up - integrates with your website in less than 20 seconds.
7
- * Version: 4.1.0
8
  * Author: Tidio Ltd.
9
- * Author URI: http://www.tidiochat.com
10
  * License: GPL2
11
  */
12
- define('TIDIOCHAT_VERSION', '4.1.0');
13
  define('AFFILIATE_CONFIG_FILE_PATH', get_template_directory().'/tidio_affiliate_ref_id.txt');
14
 
15
  class TidioLiveChat
@@ -23,6 +23,8 @@ class TidioLiveChat
23
  const CLEAR_ACCOUNT_DATA_ACTION = 'tidio-chat-reset';
24
  const TIDIO_PLUGIN_NAME = 'tidio-live-chat';
25
  const TOGGLE_ASYNC_ACTION = 'tidio-chat-toggle-async';
 
 
26
 
27
  public function __construct()
28
  {
@@ -69,6 +71,8 @@ class TidioLiveChat
69
 
70
  public static function ajaxGetPrivateKey()
71
  {
 
 
72
  $privateKey = TidioLiveChat::getPrivateKey();
73
  if (!$privateKey || $privateKey == 'false') {
74
  echo 'error';
@@ -182,8 +186,7 @@ class TidioLiveChat
182
  array(
183
  'privateKey' => $privateKey,
184
  'utm_source' => 'platform',
185
- 'utm_medium' => 'wordpress',
186
- 'tour_default_email' => get_option('admin_email'),
187
  )
188
  );
189
  }
@@ -192,8 +195,15 @@ class TidioLiveChat
192
  {
193
  if (strpos($file, basename(__FILE__)) !== false) {
194
  if (get_option(TidioLiveChat::PRIVATE_KEY_OPTION)) {
195
- $links[] = '<a href="' . admin_url('admin-post.php') . '?action=' . TidioLiveChat::CLEAR_ACCOUNT_DATA_ACTION . '">' . esc_html__('Clear Account Data',
 
 
 
 
 
 
196
  TidioLiveChat::TIDIO_PLUGIN_NAME) . '</a>';
 
197
  if (get_option(TidioLiveChat::ASYNC_LOAD_OPTION)) {
198
  $toggleAsyncLabel = '✓';
199
  $onclickPart = 'onclick="return confirm(\'Disabling asynchronous loading of the chat widget may affect the page loading time of your website. Are you sure you want to disable the asynchronous loading?\');"';
@@ -201,7 +211,13 @@ class TidioLiveChat
201
  $toggleAsyncLabel = '✘';
202
  $onclickPart = '';
203
  }
204
- $links[] = '<a href="' . admin_url('admin-post.php') . '?action=' . TidioLiveChat::TOGGLE_ASYNC_ACTION . '" ' . $onclickPart . '>' . esc_html__($toggleAsyncLabel . ' Asynchronous loading',
 
 
 
 
 
 
205
  TidioLiveChat::TIDIO_PLUGIN_NAME) . '</a>';
206
  }
207
  }
@@ -211,6 +227,10 @@ class TidioLiveChat
211
 
212
  public function toggleAsync()
213
  {
 
 
 
 
214
  update_option(TidioLiveChat::ASYNC_LOAD_OPTION, !get_option(TidioLiveChat::ASYNC_LOAD_OPTION));
215
  wp_redirect(admin_url('plugins.php'));
216
  die();
@@ -218,6 +238,8 @@ class TidioLiveChat
218
 
219
  public function ajaxSetProjectKeys()
220
  {
 
 
221
  update_option(TidioLiveChat::PUBLIC_KEY_OPTION, $_POST['public_key']);
222
  update_option(TidioLiveChat::PRIVATE_KEY_OPTION, $_POST['private_key']);
223
 
@@ -241,6 +263,8 @@ class TidioLiveChat
241
  exit;
242
  }
243
 
 
 
244
  if (empty($_POST['private_key']) || empty($_POST['public_key'])) {
245
  exit;
246
  }
@@ -325,8 +349,12 @@ SRC;
325
  public function addAdminMenuLink()
326
  {
327
  add_menu_page(
328
- 'Tidio Chat', 'Tidio Chat', 'manage_options', 'tidio-chat', array($this, 'addAdminPage'),
329
- content_url() . '/plugins/' . TidioLiveChat::TIDIO_PLUGIN_NAME . '/media/img/icon.png'
 
 
 
 
330
  );
331
  }
332
 
@@ -339,6 +367,10 @@ SRC;
339
 
340
  public function uninstall()
341
  {
 
 
 
 
342
  delete_option(TidioLiveChat::PUBLIC_KEY_OPTION);
343
  delete_option(TidioLiveChat::PRIVATE_KEY_OPTION);
344
  delete_option(TidioLiveChat::ASYNC_LOAD_OPTION);
2
 
3
  /**
4
  * Plugin Name: Tidio Chat
5
+ * Plugin URI: http://www.tidio.com
6
+ * Description: Tidio Live Chat - live chat boosted with chatbots for your online business. Integrates with your website in less than 20 seconds.
7
+ * Version: 4.2.0
8
  * Author: Tidio Ltd.
9
+ * Author URI: http://www.tidio.com
10
  * License: GPL2
11
  */
12
+ define('TIDIOCHAT_VERSION', '4.2.0');
13
  define('AFFILIATE_CONFIG_FILE_PATH', get_template_directory().'/tidio_affiliate_ref_id.txt');
14
 
15
  class TidioLiveChat
23
  const CLEAR_ACCOUNT_DATA_ACTION = 'tidio-chat-reset';
24
  const TIDIO_PLUGIN_NAME = 'tidio-live-chat';
25
  const TOGGLE_ASYNC_ACTION = 'tidio-chat-toggle-async';
26
+ const TIDIO_ICON_BASE64 = 'PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDIzLjEuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IldhcnN0d2FfMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB4bWxuczp4bGluaz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94bGluayIgeD0iMHB4IiB5PSIwcHgiCgkgdmlld0JveD0iMCAwIDIwIDIwIiBzdHlsZT0iZW5hYmxlLWJhY2tncm91bmQ6bmV3IDAgMCAyMCAyMDsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiNBMEE1QUE7fQo8L3N0eWxlPgo8cGF0aCBjbGFzcz0ic3QwIiBkPSJNMiwxOHYtNS45YzAtMi43LDEuNy01LDQuMy01LjdDNy4xLDMuNyw5LjQsMiwxMi4xLDJDMTUuNCwyLDE4LDQuNiwxOCw3Ljl2NS45aC00LjVsMCwwLjEKCWMtMC44LDIuNS0zLDQuMS01LjYsNC4xSDJ6IE02LjEsOC4xTDYuMSw4LjFjLTEuNiwwLjctMi42LDIuMy0yLjYsNC4xdjQuNGg0LjRjMS44LDAsMy4zLTEsNC4xLTIuNmwwLTAuMWwtMC4xLDAKCWMtMy4xLTAuMi01LjYtMi43LTUuNy01LjZsMC0wLjFMNi4xLDguMXogTTEyLjEsMy41Yy0xLjgsMC0zLjMsMS00LjEsMi42bDAsMC4xbDAuMSwwYzMuMiwwLjEsNS43LDIuNyw1LjcsNS45djAuMWwwLjEsMC4xaDIuN1Y3LjkKCUMxNi41LDUuNSwxNC41LDMuNSwxMi4xLDMuNXogTTcuNiw3LjhMNy42LDcuOGMwLDIuNSwyLDQuNSw0LjQsNC41aDAuMWwwLjEtMC4xYzAtMi41LTItNC41LTQuNC00LjVINy43TDcuNiw3Ljh6Ii8+Cjwvc3ZnPgo=';
27
+ const TIDIO_XHR_NONCE_NAME = 'tidio-xhr-nonce';
28
 
29
  public function __construct()
30
  {
71
 
72
  public static function ajaxGetPrivateKey()
73
  {
74
+ check_ajax_referer(TidioLiveChat::TIDIO_XHR_NONCE_NAME);
75
+
76
  $privateKey = TidioLiveChat::getPrivateKey();
77
  if (!$privateKey || $privateKey == 'false') {
78
  echo 'error';
186
  array(
187
  'privateKey' => $privateKey,
188
  'utm_source' => 'platform',
189
+ 'utm_medium' => 'wordpress'
 
190
  )
191
  );
192
  }
195
  {
196
  if (strpos($file, basename(__FILE__)) !== false) {
197
  if (get_option(TidioLiveChat::PRIVATE_KEY_OPTION)) {
198
+ $queryString = http_build_query(
199
+ array(
200
+ 'action' => TidioLiveChat::CLEAR_ACCOUNT_DATA_ACTION,
201
+ '_wpnonce' => wp_create_nonce(TidioLiveChat::CLEAR_ACCOUNT_DATA_ACTION),
202
+ )
203
+ );
204
+ $links[] = '<a href="' . admin_url('admin-post.php') . '?' . $queryString . '">' . esc_html__('Clear Account Data',
205
  TidioLiveChat::TIDIO_PLUGIN_NAME) . '</a>';
206
+
207
  if (get_option(TidioLiveChat::ASYNC_LOAD_OPTION)) {
208
  $toggleAsyncLabel = '✓';
209
  $onclickPart = 'onclick="return confirm(\'Disabling asynchronous loading of the chat widget may affect the page loading time of your website. Are you sure you want to disable the asynchronous loading?\');"';
211
  $toggleAsyncLabel = '✘';
212
  $onclickPart = '';
213
  }
214
+ $queryString = http_build_query(
215
+ array(
216
+ 'action' => TidioLiveChat::TOGGLE_ASYNC_ACTION,
217
+ '_wpnonce' => wp_create_nonce(TidioLiveChat::TOGGLE_ASYNC_ACTION),
218
+ )
219
+ );
220
+ $links[] = '<a href="' . admin_url('admin-post.php') . '?' . $queryString . '" ' . $onclickPart . '>' . esc_html__($toggleAsyncLabel . ' Asynchronous loading',
221
  TidioLiveChat::TIDIO_PLUGIN_NAME) . '</a>';
222
  }
223
  }
227
 
228
  public function toggleAsync()
229
  {
230
+ if (wp_verify_nonce($_GET['_wpnonce'], TidioLiveChat::TOGGLE_ASYNC_ACTION) === false) {
231
+ wp_die('', 403);
232
+ }
233
+
234
  update_option(TidioLiveChat::ASYNC_LOAD_OPTION, !get_option(TidioLiveChat::ASYNC_LOAD_OPTION));
235
  wp_redirect(admin_url('plugins.php'));
236
  die();
238
 
239
  public function ajaxSetProjectKeys()
240
  {
241
+ check_ajax_referer(TidioLiveChat::TIDIO_XHR_NONCE_NAME);
242
+
243
  update_option(TidioLiveChat::PUBLIC_KEY_OPTION, $_POST['public_key']);
244
  update_option(TidioLiveChat::PRIVATE_KEY_OPTION, $_POST['private_key']);
245
 
263
  exit;
264
  }
265
 
266
+ check_ajax_referer(TidioLiveChat::TIDIO_XHR_NONCE_NAME);
267
+
268
  if (empty($_POST['private_key']) || empty($_POST['public_key'])) {
269
  exit;
270
  }
349
  public function addAdminMenuLink()
350
  {
351
  add_menu_page(
352
+ 'Tidio Chat',
353
+ 'Tidio Chat',
354
+ 'manage_options',
355
+ 'tidio-chat',
356
+ array($this, 'addAdminPage'),
357
+ 'data:image/svg+xml;base64,' . self::TIDIO_ICON_BASE64
358
  );
359
  }
360
 
367
 
368
  public function uninstall()
369
  {
370
+ if (wp_verify_nonce($_GET['_wpnonce'], TidioLiveChat::CLEAR_ACCOUNT_DATA_ACTION) === false) {
371
+ wp_die('', 403);
372
+ }
373
+
374
  delete_option(TidioLiveChat::PUBLIC_KEY_OPTION);
375
  delete_option(TidioLiveChat::PRIVATE_KEY_OPTION);
376
  delete_option(TidioLiveChat::ASYNC_LOAD_OPTION);