Version Description
-
Bug fixes:
- Santized several unsanitized post and get requests
-
Deprecated:
- External PHP file tracking option introduced in v2.3.0 in line with wordpress.org plugin repository listing requirements.
Download this release
Release Info
| Developer | Ajay |
| Plugin |  Top 10 – Popular posts plugin for WordPress |
| Version | 2.3.2 |
| Comparing to | |
| See all releases | |
Code changes from version 2.3.1 to 2.3.2
- admin/admin-metabox.php +1 -1
- admin/admin.php +39 -40
- admin/main-view.php +0 -7
- includes/counter.php +0 -20
- includes/top-10-addcount.js.php +0 -57
- includes/top-10-counter.js.php +0 -39
- readme.txt +12 -4
- top-10.php +1 -2
admin/admin-metabox.php
CHANGED
|
@@ -194,7 +194,7 @@ function tptn_save_meta_box( $post_id ) {
|
|
| 194 |
|
| 195 |
// Update the thumbnail URL
|
| 196 |
if ( isset( $_POST['thumb_meta'] ) ) {
|
| 197 |
-
$thumb_meta = $_POST['thumb_meta']
|
| 198 |
}
|
| 199 |
|
| 200 |
$tptn_post_meta = get_post_meta( $post_id, $tptn_settings['thumb_meta'], true );
|
| 194 |
|
| 195 |
// Update the thumbnail URL
|
| 196 |
if ( isset( $_POST['thumb_meta'] ) ) {
|
| 197 |
+
$thumb_meta = '' == $_POST['thumb_meta'] ? '' : sanitize_text_field( $_POST['thumb_meta'] );
|
| 198 |
}
|
| 199 |
|
| 200 |
$tptn_post_meta = get_post_meta( $post_id, $tptn_settings['thumb_meta'], true );
|
admin/admin.php
CHANGED
|
@@ -62,7 +62,6 @@ function tptn_options() {
|
|
| 62 |
$tptn_settings['activate_daily'] = isset( $_POST['activate_daily'] ) ? true : false;
|
| 63 |
$tptn_settings['cache'] = isset( $_POST['cache'] ) ? true : false;
|
| 64 |
$tptn_settings['cache_fix'] = isset( $_POST['cache_fix'] ) ? true : false;
|
| 65 |
-
$tptn_settings['external_tracker'] = isset( $_POST['external_tracker'] ) ? true : false;
|
| 66 |
$tptn_settings['daily_midnight'] = isset( $_POST['daily_midnight'] ) ? true : false;
|
| 67 |
$tptn_settings['daily_range'] = intval( $_POST['daily_range'] );
|
| 68 |
$tptn_settings['hour_range'] = intval( $_POST['hour_range'] );
|
|
@@ -81,8 +80,8 @@ function tptn_options() {
|
|
| 81 |
$tptn_settings['add_to_tag_archives'] = isset( $_POST['add_to_tag_archives'] ) ? true : false;
|
| 82 |
$tptn_settings['add_to_archives'] = isset( $_POST['add_to_archives'] ) ? true : false;
|
| 83 |
|
| 84 |
-
$tptn_settings['count_disp_form'] = $_POST['count_disp_form'];
|
| 85 |
-
$tptn_settings['count_disp_form_zero'] = $_POST['count_disp_form_zero'];
|
| 86 |
$tptn_settings['dynamic_post_count'] = isset( $_POST['dynamic_post_count'] ) ? true : false;
|
| 87 |
|
| 88 |
$tptn_settings['track_authors'] = isset( $_POST['track_authors'] ) ? true : false;
|
|
@@ -100,14 +99,14 @@ function tptn_options() {
|
|
| 100 |
$wp_post_types = get_post_types( array(
|
| 101 |
'public' => true,
|
| 102 |
) );
|
| 103 |
-
$post_types_arr = ( isset( $_POST['post_types'] ) && is_array( $_POST['post_types'] ) ) ? $_POST['post_types'] : array( 'post' => 'post' );
|
| 104 |
$post_types = array_intersect( $wp_post_types, $post_types_arr );
|
| 105 |
$tptn_settings['post_types'] = http_build_query( $post_types, '', '&' );
|
| 106 |
|
| 107 |
-
$tptn_settings['exclude_post_ids'] = $_POST['exclude_post_ids']
|
| 108 |
|
| 109 |
/**** Exclude categories ****/
|
| 110 |
-
$exclude_categories_slugs = array_map( 'trim', explode( ',',
|
| 111 |
$tptn_settings['exclude_cat_slugs'] = implode( ', ', $exclude_categories_slugs );
|
| 112 |
|
| 113 |
foreach ( $exclude_categories_slugs as $exclude_categories_slug ) {
|
|
@@ -119,7 +118,7 @@ function tptn_options() {
|
|
| 119 |
$tptn_settings['title'] = wp_kses_post( $_POST['title'] );
|
| 120 |
$tptn_settings['title_daily'] = wp_kses_post( $_POST['title_daily'] );
|
| 121 |
|
| 122 |
-
$tptn_settings['blank_output'] = ( $_POST['blank_output']
|
| 123 |
$tptn_settings['blank_output_text'] = wp_kses_post( $_POST['blank_output_text'] );
|
| 124 |
|
| 125 |
$tptn_settings['show_excerpt'] = isset( $_POST['show_excerpt'] ) ? true : false;
|
|
@@ -131,31 +130,31 @@ function tptn_options() {
|
|
| 131 |
|
| 132 |
$tptn_settings['link_new_window'] = isset( $_POST['link_new_window'] ) ? true : false;
|
| 133 |
$tptn_settings['link_nofollow'] = isset( $_POST['link_nofollow'] ) ? true : false;
|
| 134 |
-
$tptn_settings['exclude_on_post_ids'] = $_POST['exclude_on_post_ids']
|
| 135 |
|
| 136 |
// List HTML options
|
| 137 |
-
$tptn_settings['before_list'] = $_POST['before_list'];
|
| 138 |
-
$tptn_settings['after_list'] = $_POST['after_list'];
|
| 139 |
-
$tptn_settings['before_list_item'] = $_POST['before_list_item'];
|
| 140 |
-
$tptn_settings['after_list_item'] = $_POST['after_list_item'];
|
| 141 |
|
| 142 |
/* Thumbnail options */
|
| 143 |
-
$tptn_settings['post_thumb_op'] = $_POST['post_thumb_op'];
|
| 144 |
-
$tptn_settings['thumb_size'] = $_POST['thumb_size'];
|
| 145 |
$tptn_settings['thumb_width'] = intval( $_POST['thumb_width'] );
|
| 146 |
$tptn_settings['thumb_height'] = intval( $_POST['thumb_height'] );
|
| 147 |
$tptn_settings['thumb_crop'] = ( isset( $_POST['thumb_crop'] ) ? true : false );
|
| 148 |
-
$tptn_settings['thumb_html'] = $_POST['thumb_html'];
|
| 149 |
|
| 150 |
-
$tptn_settings['thumb_meta'] = '' == $_POST['thumb_meta'] ? 'post-image' : $_POST['thumb_meta'];
|
| 151 |
$tptn_settings['scan_images'] = isset( $_POST['scan_images'] ) ? true : false;
|
| 152 |
$tptn_settings['thumb_default_show'] = isset( $_POST['thumb_default_show'] ) ? true : false;
|
| 153 |
-
$tptn_settings['thumb_default'] = ( ( '' == $_POST['thumb_default'] ) || ( '/default.png' == $_POST['thumb_default'] ) ) ? TOP_TEN_PLUGIN_URL . '/default.png' : $_POST['thumb_default'];
|
| 154 |
|
| 155 |
/* Styles */
|
| 156 |
$tptn_settings['custom_CSS'] = wp_kses_post( $_POST['custom_CSS'] );
|
| 157 |
|
| 158 |
-
$tptn_settings['tptn_styles'] = $_POST['tptn_styles'];
|
| 159 |
|
| 160 |
if ( 'left_thumbs' == $tptn_settings['tptn_styles'] ) {
|
| 161 |
$tptn_settings['include_default_style'] = true;
|
|
@@ -250,7 +249,7 @@ function tptn_options() {
|
|
| 250 |
if ( ( isset( $_POST['tptn_mnts_save'] ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 251 |
$tptn_settings['cron_hour'] = min( 23, intval( $_POST['cron_hour'] ) );
|
| 252 |
$tptn_settings['cron_min'] = min( 59, intval( $_POST['cron_min'] ) );
|
| 253 |
-
$tptn_settings['cron_recurrence'] = $_POST['cron_recurrence'];
|
| 254 |
|
| 255 |
if ( isset( $_POST['cron_on'] ) ) {
|
| 256 |
$tptn_settings['cron_on'] = true;
|
|
@@ -269,8 +268,8 @@ function tptn_options() {
|
|
| 269 |
|
| 270 |
if ( ( isset( $_POST['tptn_import'] ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 271 |
|
| 272 |
-
$top_ten_all_mu_tables = isset( $_POST['top_ten_all_mu_tables'] ) ? $_POST['top_ten_all_mu_tables'] : array();
|
| 273 |
-
$top_ten_mu_tables_blog_ids = explode( ',', $_POST['top_ten_mu_tables_blog_ids'] );
|
| 274 |
$top_ten_mu_tables_sel_blog_ids = array_values( $top_ten_all_mu_tables );
|
| 275 |
|
| 276 |
foreach ( $top_ten_mu_tables_sel_blog_ids as $top_ten_mu_tables_sel_blog_id ) {
|
|
@@ -302,8 +301,8 @@ function tptn_options() {
|
|
| 302 |
}
|
| 303 |
|
| 304 |
if ( ( ( isset( $_POST['tptn_delete_selected_tables'] ) ) || ( isset( $_POST['tptn_delete_imported_tables'] ) ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 305 |
-
$top_ten_all_mu_tables = isset( $_POST['top_ten_all_mu_tables'] ) ? $_POST['top_ten_all_mu_tables'] : array();
|
| 306 |
-
$top_ten_mu_tables_blog_ids = explode( ',', $_POST['top_ten_mu_tables_blog_ids'] );
|
| 307 |
$top_ten_mu_tables_sel_blog_ids = array_values( $top_ten_all_mu_tables );
|
| 308 |
|
| 309 |
if ( isset( $_POST['tptn_delete_selected_tables'] ) ) {
|
|
@@ -339,9 +338,9 @@ function tptn_options() {
|
|
| 339 |
*/
|
| 340 |
function tptn_admin_side() {
|
| 341 |
?>
|
| 342 |
-
|
| 343 |
-
|
| 344 |
-
|
| 345 |
<div id="donate-form">
|
| 346 |
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
|
| 347 |
<input type="hidden" name="cmd" value="_xclick">
|
|
@@ -357,11 +356,11 @@ function tptn_admin_side() {
|
|
| 357 |
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
|
| 358 |
</form>
|
| 359 |
</div>
|
| 360 |
-
|
| 361 |
-
|
| 362 |
-
|
| 363 |
-
|
| 364 |
-
|
| 365 |
<div id="twitter">
|
| 366 |
<div style="text-align:center"><a href="https://twitter.com/WebberZoneWP" class="twitter-follow-button" data-show-count="false" data-size="large" data-dnt="true">Follow @WebberZoneWP</a>
|
| 367 |
<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script></div>
|
|
@@ -381,12 +380,12 @@ function tptn_admin_side() {
|
|
| 381 |
</script>
|
| 382 |
<div class="fb-page" data-href="https://www.facebook.com/WebberZone" data-small-header="false" data-adapt-container-width="true" data-hide-cover="false" data-show-facepile="false" data-show-posts="false"><div class="fb-xfbml-parse-ignore"><blockquote cite="https://www.facebook.com/WebberZone"><a href="https://www.facebook.com/WebberZone">WebberZone</a></blockquote></div></div>
|
| 383 |
</div>
|
| 384 |
-
|
| 385 |
-
|
| 386 |
-
|
| 387 |
-
|
| 388 |
-
|
| 389 |
-
|
| 390 |
<ul>
|
| 391 |
<li><a href="https://webberzone.com/plugins/top-10/" target="_blank"><?php _e( 'Top 10 plugin page', 'top-10' ); ?></a></li>
|
| 392 |
<li><a href="https://github.com/ajaydsouza/top-10" target="_blank"><?php _e( 'Top 10 Github page', 'top-10' ); ?></a></li>
|
|
@@ -396,9 +395,9 @@ function tptn_admin_side() {
|
|
| 396 |
<li><a href="https://wordpress.org/support/view/plugin-reviews/top-10" target="_blank"><?php _e( 'Reviews', 'top-10' ); ?></a></li>
|
| 397 |
<li><a href="https://ajaydsouza.com/" target="_blank"><?php _e( "Ajay's blog", 'top-10' ); ?></a></li>
|
| 398 |
</ul>
|
| 399 |
-
|
| 400 |
-
|
| 401 |
-
|
| 402 |
|
| 403 |
<?php
|
| 404 |
}
|
| 62 |
$tptn_settings['activate_daily'] = isset( $_POST['activate_daily'] ) ? true : false;
|
| 63 |
$tptn_settings['cache'] = isset( $_POST['cache'] ) ? true : false;
|
| 64 |
$tptn_settings['cache_fix'] = isset( $_POST['cache_fix'] ) ? true : false;
|
|
|
|
| 65 |
$tptn_settings['daily_midnight'] = isset( $_POST['daily_midnight'] ) ? true : false;
|
| 66 |
$tptn_settings['daily_range'] = intval( $_POST['daily_range'] );
|
| 67 |
$tptn_settings['hour_range'] = intval( $_POST['hour_range'] );
|
| 80 |
$tptn_settings['add_to_tag_archives'] = isset( $_POST['add_to_tag_archives'] ) ? true : false;
|
| 81 |
$tptn_settings['add_to_archives'] = isset( $_POST['add_to_archives'] ) ? true : false;
|
| 82 |
|
| 83 |
+
$tptn_settings['count_disp_form'] = wp_kses_post( $_POST['count_disp_form'] );
|
| 84 |
+
$tptn_settings['count_disp_form_zero'] = wp_kses_post( $_POST['count_disp_form_zero'] );
|
| 85 |
$tptn_settings['dynamic_post_count'] = isset( $_POST['dynamic_post_count'] ) ? true : false;
|
| 86 |
|
| 87 |
$tptn_settings['track_authors'] = isset( $_POST['track_authors'] ) ? true : false;
|
| 99 |
$wp_post_types = get_post_types( array(
|
| 100 |
'public' => true,
|
| 101 |
) );
|
| 102 |
+
$post_types_arr = ( isset( $_POST['post_types'] ) && is_array( $_POST['post_types'] ) ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['post_types'] ) ) : array( 'post' => 'post' );
|
| 103 |
$post_types = array_intersect( $wp_post_types, $post_types_arr );
|
| 104 |
$tptn_settings['post_types'] = http_build_query( $post_types, '', '&' );
|
| 105 |
|
| 106 |
+
$tptn_settings['exclude_post_ids'] = '' == sanitize_text_field( $_POST['exclude_post_ids'] ) ? '' : implode( ',', array_map( 'intval', explode( ',', sanitize_text_field( $_POST['exclude_post_ids'] ) ) ) );
|
| 107 |
|
| 108 |
/**** Exclude categories ****/
|
| 109 |
+
$exclude_categories_slugs = array_map( 'trim', explode( ',', sanitize_text_field( $_POST['exclude_cat_slugs'] ) ) );
|
| 110 |
$tptn_settings['exclude_cat_slugs'] = implode( ', ', $exclude_categories_slugs );
|
| 111 |
|
| 112 |
foreach ( $exclude_categories_slugs as $exclude_categories_slug ) {
|
| 118 |
$tptn_settings['title'] = wp_kses_post( $_POST['title'] );
|
| 119 |
$tptn_settings['title_daily'] = wp_kses_post( $_POST['title_daily'] );
|
| 120 |
|
| 121 |
+
$tptn_settings['blank_output'] = ( 'blank' === sanitize_text_field( $_POST['blank_output'] ) ) ? true : false;
|
| 122 |
$tptn_settings['blank_output_text'] = wp_kses_post( $_POST['blank_output_text'] );
|
| 123 |
|
| 124 |
$tptn_settings['show_excerpt'] = isset( $_POST['show_excerpt'] ) ? true : false;
|
| 130 |
|
| 131 |
$tptn_settings['link_new_window'] = isset( $_POST['link_new_window'] ) ? true : false;
|
| 132 |
$tptn_settings['link_nofollow'] = isset( $_POST['link_nofollow'] ) ? true : false;
|
| 133 |
+
$tptn_settings['exclude_on_post_ids'] = '' == sanitize_text_field( $_POST['exclude_on_post_ids'] ) ? '' : implode( ',', array_map( 'intval', explode( ',', sanitize_text_field( $_POST['exclude_on_post_ids'] ) ) ) );
|
| 134 |
|
| 135 |
// List HTML options
|
| 136 |
+
$tptn_settings['before_list'] = wp_kses_post( $_POST['before_list'] );
|
| 137 |
+
$tptn_settings['after_list'] = wp_kses_post( $_POST['after_list'] );
|
| 138 |
+
$tptn_settings['before_list_item'] = wp_kses_post( $_POST['before_list_item'] );
|
| 139 |
+
$tptn_settings['after_list_item'] = wp_kses_post( $_POST['after_list_item'] );
|
| 140 |
|
| 141 |
/* Thumbnail options */
|
| 142 |
+
$tptn_settings['post_thumb_op'] = sanitize_text_field( $_POST['post_thumb_op'] );
|
| 143 |
+
$tptn_settings['thumb_size'] = sanitize_text_field( $_POST['thumb_size'] );
|
| 144 |
$tptn_settings['thumb_width'] = intval( $_POST['thumb_width'] );
|
| 145 |
$tptn_settings['thumb_height'] = intval( $_POST['thumb_height'] );
|
| 146 |
$tptn_settings['thumb_crop'] = ( isset( $_POST['thumb_crop'] ) ? true : false );
|
| 147 |
+
$tptn_settings['thumb_html'] = sanitize_text_field( $_POST['thumb_html'] );
|
| 148 |
|
| 149 |
+
$tptn_settings['thumb_meta'] = '' == sanitize_text_field( $_POST['thumb_meta'] ) ? 'post-image' : sanitize_text_field( $_POST['thumb_meta'] );
|
| 150 |
$tptn_settings['scan_images'] = isset( $_POST['scan_images'] ) ? true : false;
|
| 151 |
$tptn_settings['thumb_default_show'] = isset( $_POST['thumb_default_show'] ) ? true : false;
|
| 152 |
+
$tptn_settings['thumb_default'] = ( ( '' == esc_url_raw( $_POST['thumb_default'] ) ) || ( '/default.png' == esc_url_raw( $_POST['thumb_default'] ) ) ) ? TOP_TEN_PLUGIN_URL . '/default.png' : esc_url_raw( $_POST['thumb_default'] );
|
| 153 |
|
| 154 |
/* Styles */
|
| 155 |
$tptn_settings['custom_CSS'] = wp_kses_post( $_POST['custom_CSS'] );
|
| 156 |
|
| 157 |
+
$tptn_settings['tptn_styles'] = sanitize_text_field( $_POST['tptn_styles'] );
|
| 158 |
|
| 159 |
if ( 'left_thumbs' == $tptn_settings['tptn_styles'] ) {
|
| 160 |
$tptn_settings['include_default_style'] = true;
|
| 249 |
if ( ( isset( $_POST['tptn_mnts_save'] ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 250 |
$tptn_settings['cron_hour'] = min( 23, intval( $_POST['cron_hour'] ) );
|
| 251 |
$tptn_settings['cron_min'] = min( 59, intval( $_POST['cron_min'] ) );
|
| 252 |
+
$tptn_settings['cron_recurrence'] = sanitize_text_field( $_POST['cron_recurrence'] );
|
| 253 |
|
| 254 |
if ( isset( $_POST['cron_on'] ) ) {
|
| 255 |
$tptn_settings['cron_on'] = true;
|
| 268 |
|
| 269 |
if ( ( isset( $_POST['tptn_import'] ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 270 |
|
| 271 |
+
$top_ten_all_mu_tables = isset( $_POST['top_ten_all_mu_tables'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['top_ten_all_mu_tables'] ) ) : array();
|
| 272 |
+
$top_ten_mu_tables_blog_ids = explode( ',', sanitize_text_field( $_POST['top_ten_mu_tables_blog_ids'] ) );
|
| 273 |
$top_ten_mu_tables_sel_blog_ids = array_values( $top_ten_all_mu_tables );
|
| 274 |
|
| 275 |
foreach ( $top_ten_mu_tables_sel_blog_ids as $top_ten_mu_tables_sel_blog_id ) {
|
| 301 |
}
|
| 302 |
|
| 303 |
if ( ( ( isset( $_POST['tptn_delete_selected_tables'] ) ) || ( isset( $_POST['tptn_delete_imported_tables'] ) ) ) && ( check_admin_referer( 'tptn-plugin-settings' ) ) ) {
|
| 304 |
+
$top_ten_all_mu_tables = isset( $_POST['top_ten_all_mu_tables'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['top_ten_all_mu_tables'] ) ) : array();
|
| 305 |
+
$top_ten_mu_tables_blog_ids = explode( ',', sanitize_text_field( $_POST['top_ten_mu_tables_blog_ids'] ) );
|
| 306 |
$top_ten_mu_tables_sel_blog_ids = array_values( $top_ten_all_mu_tables );
|
| 307 |
|
| 308 |
if ( isset( $_POST['tptn_delete_selected_tables'] ) ) {
|
| 338 |
*/
|
| 339 |
function tptn_admin_side() {
|
| 340 |
?>
|
| 341 |
+
<div id="donatediv" class="postbox"><div class="handlediv" title="<?php _e( 'Click to toggle', 'top-10' ); ?>"><br /></div>
|
| 342 |
+
<h3 class='hndle'><span><?php _e( 'Support the development', 'top-10' ); ?></span></h3>
|
| 343 |
+
<div class="inside">
|
| 344 |
<div id="donate-form">
|
| 345 |
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
|
| 346 |
<input type="hidden" name="cmd" value="_xclick">
|
| 356 |
<img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
|
| 357 |
</form>
|
| 358 |
</div>
|
| 359 |
+
</div>
|
| 360 |
+
</div>
|
| 361 |
+
<div id="followdiv" class="postbox"><div class="handlediv" title="<?php _e( 'Click to toggle', 'top-10' ); ?>"><br /></div>
|
| 362 |
+
<h3 class='hndle'><span><?php _e( 'Follow me', 'top-10' ); ?></span></h3>
|
| 363 |
+
<div class="inside">
|
| 364 |
<div id="twitter">
|
| 365 |
<div style="text-align:center"><a href="https://twitter.com/WebberZoneWP" class="twitter-follow-button" data-show-count="false" data-size="large" data-dnt="true">Follow @WebberZoneWP</a>
|
| 366 |
<script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script></div>
|
| 380 |
</script>
|
| 381 |
<div class="fb-page" data-href="https://www.facebook.com/WebberZone" data-small-header="false" data-adapt-container-width="true" data-hide-cover="false" data-show-facepile="false" data-show-posts="false"><div class="fb-xfbml-parse-ignore"><blockquote cite="https://www.facebook.com/WebberZone"><a href="https://www.facebook.com/WebberZone">WebberZone</a></blockquote></div></div>
|
| 382 |
</div>
|
| 383 |
+
</div>
|
| 384 |
+
</div>
|
| 385 |
+
<div id="qlinksdiv" class="postbox"><div class="handlediv" title="<?php _e( 'Click to toggle', 'top-10' ); ?>"><br /></div>
|
| 386 |
+
<h3 class='hndle'><span><?php _e( 'Quick links', 'top-10' ); ?></span></h3>
|
| 387 |
+
<div class="inside">
|
| 388 |
+
<div id="quick-links">
|
| 389 |
<ul>
|
| 390 |
<li><a href="https://webberzone.com/plugins/top-10/" target="_blank"><?php _e( 'Top 10 plugin page', 'top-10' ); ?></a></li>
|
| 391 |
<li><a href="https://github.com/ajaydsouza/top-10" target="_blank"><?php _e( 'Top 10 Github page', 'top-10' ); ?></a></li>
|
| 395 |
<li><a href="https://wordpress.org/support/view/plugin-reviews/top-10" target="_blank"><?php _e( 'Reviews', 'top-10' ); ?></a></li>
|
| 396 |
<li><a href="https://ajaydsouza.com/" target="_blank"><?php _e( "Ajay's blog", 'top-10' ); ?></a></li>
|
| 397 |
</ul>
|
| 398 |
+
</div>
|
| 399 |
+
</div>
|
| 400 |
+
</div>
|
| 401 |
|
| 402 |
<?php
|
| 403 |
}
|
admin/main-view.php
CHANGED
|
@@ -92,13 +92,6 @@ if ( ! defined( 'WPINC' ) ) {
|
|
| 92 |
<p class="description"><?php _e( 'This will try to prevent W3 Total Cache and other caching plugins from caching the tracker script of the plugin. Try toggling this option in case you find that your posts are not tracked.', 'top-10' ); ?></p>
|
| 93 |
</td>
|
| 94 |
</tr>
|
| 95 |
-
<tr>
|
| 96 |
-
<th scope="row"><label for="cache_fix"><?php _e( 'Use external JS file for tracking:', 'top-10' ); ?></label></th>
|
| 97 |
-
<td>
|
| 98 |
-
<input type="checkbox" name="external_tracker" id="external_tracker" <?php if ( $tptn_settings['external_tracker'] ) { echo 'checked="checked"'; } ?> />
|
| 99 |
-
<p class="description"><?php _e( 'This uses the external javascript file for tracking. This is a more efficient and less resource intensive tracker. This settings might have some compatibility issues on some WordPress installs or might be blocked by some security plugins. If you find that your posts are not being tracked then disable this option.', 'top-10' ); ?></p>
|
| 100 |
-
</td>
|
| 101 |
-
</tr>
|
| 102 |
<tr>
|
| 103 |
<th scope="row"><label for="cache"><?php _e( 'Enable cache:', 'top-10' ); ?></label></th>
|
| 104 |
<td>
|
| 92 |
<p class="description"><?php _e( 'This will try to prevent W3 Total Cache and other caching plugins from caching the tracker script of the plugin. Try toggling this option in case you find that your posts are not tracked.', 'top-10' ); ?></p>
|
| 93 |
</td>
|
| 94 |
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 95 |
<tr>
|
| 96 |
<th scope="row"><label for="cache"><?php _e( 'Enable cache:', 'top-10' ); ?></label></th>
|
| 97 |
<td>
|
includes/counter.php
CHANGED
|
@@ -426,26 +426,6 @@ function get_tptn_post_count_only( $id = false, $count = 'total', $blog_id = fal
|
|
| 426 |
}
|
| 427 |
|
| 428 |
|
| 429 |
-
/**
|
| 430 |
-
* Use external tracker.
|
| 431 |
-
*
|
| 432 |
-
* @since 2.3.0
|
| 433 |
-
*
|
| 434 |
-
* @param string $home_url
|
| 435 |
-
* @return string
|
| 436 |
-
*/
|
| 437 |
-
function filter_tptn_add_counter_script_url( $home_url ) {
|
| 438 |
-
global $tptn_settings;
|
| 439 |
-
|
| 440 |
-
if ( false == $tptn_settings['external_tracker'] ) {
|
| 441 |
-
return $home_url;
|
| 442 |
-
} else {
|
| 443 |
-
return TOP_TEN_PLUGIN_URL . 'includes/top-10-addcount.js.php';
|
| 444 |
-
}
|
| 445 |
-
}
|
| 446 |
-
add_filter( 'tptn_add_counter_script_url', 'filter_tptn_add_counter_script_url' );
|
| 447 |
-
|
| 448 |
-
|
| 449 |
/**
|
| 450 |
* Add tracker code.
|
| 451 |
*
|
| 426 |
}
|
| 427 |
|
| 428 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 429 |
/**
|
| 430 |
* Add tracker code.
|
| 431 |
*
|
includes/top-10-addcount.js.php
DELETED
|
@@ -1,57 +0,0 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
/**
|
| 3 |
-
* Update counts to database.
|
| 4 |
-
*
|
| 5 |
-
* @package Top_Ten
|
| 6 |
-
* @author Ajay D'Souza <me@ajaydsouza.com>
|
| 7 |
-
* @license GPL-2.0+
|
| 8 |
-
* @link https://webberzone.com
|
| 9 |
-
* @copyright 2008-2016 Ajay D'Souza
|
| 10 |
-
*/
|
| 11 |
-
Header( 'content-type: application/x-javascript' );
|
| 12 |
-
|
| 13 |
-
// Force a short-init since we just need core WP, not the entire framework stack
|
| 14 |
-
define( 'SHORTINIT', true );
|
| 15 |
-
|
| 16 |
-
// Build the wp-config.php path from a plugin/theme
|
| 17 |
-
$wp_config_path = dirname( dirname( dirname( dirname( __FILE__ ) ) ) );
|
| 18 |
-
$wp_config_filename = '/wp-load.php';
|
| 19 |
-
|
| 20 |
-
// Check if the file exists in the root or one level up
|
| 21 |
-
if ( ! file_exists( $wp_config_path . $wp_config_filename ) ) {
|
| 22 |
-
// Just in case the user may have placed wp-config.php one more level up from the root
|
| 23 |
-
$wp_config_filename = dirname( $wp_config_path ) . $wp_config_filename;
|
| 24 |
-
}
|
| 25 |
-
// Require the wp-config.php file
|
| 26 |
-
require( $wp_config_filename );
|
| 27 |
-
|
| 28 |
-
// Include the now instantiated global $wpdb Class for use
|
| 29 |
-
global $wpdb;
|
| 30 |
-
|
| 31 |
-
|
| 32 |
-
// Ajax Increment Counter
|
| 33 |
-
tptn_inc_count();
|
| 34 |
-
function tptn_inc_count() {
|
| 35 |
-
global $wpdb;
|
| 36 |
-
$table_name = $wpdb->base_prefix . 'top_ten';
|
| 37 |
-
$top_ten_daily = $wpdb->base_prefix . 'top_ten_daily';
|
| 38 |
-
$str = '';
|
| 39 |
-
|
| 40 |
-
$id = intval( $_GET['top_ten_id'] );
|
| 41 |
-
$blog_id = intval( $_GET['top_ten_blog_id'] );
|
| 42 |
-
$activate_counter = intval( $_GET['activate_counter'] );
|
| 43 |
-
|
| 44 |
-
if ( $id > 0 ) {
|
| 45 |
-
if ( ( 1 == $activate_counter ) || ( 11 == $activate_counter ) ) {
|
| 46 |
-
$tt = $wpdb->query( $wpdb->prepare( "INSERT INTO {$table_name} (postnumber, cntaccess, blog_id) VALUES('%d', '1', '%d') ON DUPLICATE KEY UPDATE cntaccess= cntaccess+1 ", $id, $blog_id ) );
|
| 47 |
-
$str .= ( false === $tt ) ? 'tte' : 'tt' . $tt;
|
| 48 |
-
}
|
| 49 |
-
if ( ( 10 == $activate_counter ) || ( 11 == $activate_counter ) ) {
|
| 50 |
-
$current_date = gmdate( 'Y-m-d H', current_time( 'timestamp', 1 ) );
|
| 51 |
-
$ttd = $wpdb->query( $wpdb->prepare( "INSERT INTO {$top_ten_daily} (postnumber, cntaccess, dp_date, blog_id) VALUES('%d', '1', '%s', '%d' ) ON DUPLICATE KEY UPDATE cntaccess= cntaccess+1 ", $id, $current_date, $blog_id ) );
|
| 52 |
-
$str .= ( false === $ttd ) ? ' ttde' : ' ttd' . $ttd;
|
| 53 |
-
}
|
| 54 |
-
}
|
| 55 |
-
echo '<!-- ' . $str . ' -->';
|
| 56 |
-
}
|
| 57 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
includes/top-10-counter.js.php
DELETED
|
@@ -1,39 +0,0 @@
|
|
| 1 |
-
<?php
|
| 2 |
-
/**
|
| 3 |
-
* Display number of page views.
|
| 4 |
-
*
|
| 5 |
-
* @package Top_Ten
|
| 6 |
-
* @author Ajay D'Souza <me@ajaydsouza.com>
|
| 7 |
-
* @license GPL-2.0+
|
| 8 |
-
* @link https://webberzone.com
|
| 9 |
-
* @copyright 2008-2016 Ajay D'Souza
|
| 10 |
-
*/
|
| 11 |
-
Header( 'content-type: application/x-javascript' );
|
| 12 |
-
|
| 13 |
-
// Build the wp-config.php path from a plugin/theme
|
| 14 |
-
$wp_config_path = dirname( dirname( dirname( dirname( __FILE__ ) ) ) );
|
| 15 |
-
$wp_config_filename = '/wp-load.php';
|
| 16 |
-
|
| 17 |
-
// Check if the file exists in the root or one level up
|
| 18 |
-
if ( ! file_exists( $wp_config_path . $wp_config_filename ) ) {
|
| 19 |
-
// Just in case the user may have placed wp-config.php one more level up from the root
|
| 20 |
-
$wp_config_filename = dirname( $wp_config_path ) . $wp_config_filename;
|
| 21 |
-
}
|
| 22 |
-
// Require the wp-config.php file
|
| 23 |
-
require( $wp_config_filename );
|
| 24 |
-
|
| 25 |
-
$id = intval( $_GET['top_ten_id'] );
|
| 26 |
-
|
| 27 |
-
// Display counter using Ajax
|
| 28 |
-
function tptn_disp_count() {
|
| 29 |
-
|
| 30 |
-
$id = intval( $_GET['top_ten_id'] );
|
| 31 |
-
if ( $id > 0 ) {
|
| 32 |
-
|
| 33 |
-
$output = get_tptn_post_count( $id );
|
| 34 |
-
|
| 35 |
-
echo 'document.write("' . $output . '")';
|
| 36 |
-
}
|
| 37 |
-
}
|
| 38 |
-
tptn_disp_count();
|
| 39 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Tags: popular posts, top 10, counter, top posts, daily popular, page views, stat
|
|
| 3 |
Contributors: webberzone, Ajay
|
| 4 |
Donate link: https://ajaydsouza.com/donate/
|
| 5 |
Stable tag: trunk
|
| 6 |
-
Requires at least:
|
| 7 |
-
Tested up to: 4.5.
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Track daily and total visits on your blog posts. Display the count as well as popular and trending posts.
|
|
@@ -166,6 +166,14 @@ add_filter( 'manage_edit-projects_sortable_columns', 'tptn_column_register_sorta
|
|
| 166 |
|
| 167 |
== Changelog ==
|
| 168 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 169 |
= 2.3.1 =
|
| 170 |
|
| 171 |
* Bug fixes:
|
|
@@ -306,7 +314,7 @@ For previous changelog entries, please refer to the separate changelog.txt file
|
|
| 306 |
|
| 307 |
== Upgrade Notice ==
|
| 308 |
|
| 309 |
-
= 2.3.
|
| 310 |
-
*
|
| 311 |
Check the Changelog for more details
|
| 312 |
|
| 3 |
Contributors: webberzone, Ajay
|
| 4 |
Donate link: https://ajaydsouza.com/donate/
|
| 5 |
Stable tag: trunk
|
| 6 |
+
Requires at least: 4.0
|
| 7 |
+
Tested up to: 4.5.3
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Track daily and total visits on your blog posts. Display the count as well as popular and trending posts.
|
| 166 |
|
| 167 |
== Changelog ==
|
| 168 |
|
| 169 |
+
= 2.3.2 =
|
| 170 |
+
|
| 171 |
+
* Bug fixes:
|
| 172 |
+
* Santized several unsanitized post and get requests
|
| 173 |
+
|
| 174 |
+
* Deprecated:
|
| 175 |
+
* External PHP file tracking option introduced in v2.3.0 in line with wordpress.org plugin repository listing requirements.
|
| 176 |
+
|
| 177 |
= 2.3.1 =
|
| 178 |
|
| 179 |
* Bug fixes:
|
| 314 |
|
| 315 |
== Upgrade Notice ==
|
| 316 |
|
| 317 |
+
= 2.3.2 =
|
| 318 |
+
* Security release. Fixes potential CSRF and also deprecates the external PHP tracker.
|
| 319 |
Check the Changelog for more details
|
| 320 |
|
top-10.php
CHANGED
|
@@ -14,7 +14,7 @@
|
|
| 14 |
* Plugin Name: Top 10
|
| 15 |
* Plugin URI: https://webberzone.com/plugins/top-10/
|
| 16 |
* Description: Count daily and total visits per post and display the most popular posts based on the number of views
|
| 17 |
-
* Version: 2.3.
|
| 18 |
* Author: Ajay D'Souza
|
| 19 |
* Author URI: https://webberzone.com
|
| 20 |
* License: GPL-2.0+
|
|
@@ -111,7 +111,6 @@ function tptn_default_options() {
|
|
| 111 |
'cache' => false, // Enable Caching using Transienst API
|
| 112 |
'cache_time' => HOUR_IN_SECONDS, // Cache for 1 Hour
|
| 113 |
'cache_fix' => true, // Fix for W3 Total Cache - Uses Ajax
|
| 114 |
-
'external_tracker' => true, // Use external JS tracker file
|
| 115 |
'daily_midnight' => true, // Start daily counts from midnight (default as old behaviour)
|
| 116 |
'daily_range' => '1', // Daily Popular will contain posts of how many days?
|
| 117 |
'hour_range' => '0', // Daily Popular will contain posts of how many days?
|
| 14 |
* Plugin Name: Top 10
|
| 15 |
* Plugin URI: https://webberzone.com/plugins/top-10/
|
| 16 |
* Description: Count daily and total visits per post and display the most popular posts based on the number of views
|
| 17 |
+
* Version: 2.3.2
|
| 18 |
* Author: Ajay D'Souza
|
| 19 |
* Author URI: https://webberzone.com
|
| 20 |
* License: GPL-2.0+
|
| 111 |
'cache' => false, // Enable Caching using Transienst API
|
| 112 |
'cache_time' => HOUR_IN_SECONDS, // Cache for 1 Hour
|
| 113 |
'cache_fix' => true, // Fix for W3 Total Cache - Uses Ajax
|
|
|
|
| 114 |
'daily_midnight' => true, // Start daily counts from midnight (default as old behaviour)
|
| 115 |
'daily_range' => '1', // Daily Popular will contain posts of how many days?
|
| 116 |
'hour_range' => '0', // Daily Popular will contain posts of how many days?
|
