Transposh WordPress Translation - Version 0.6.6

Version Description

Fixed two XSS vulnerabilities

Download this release

Release Info

Developer oferwald
Plugin Icon 128x128 Transposh WordPress Translation
Version 0.6.6
Comparing to
See all releases

Code changes from version 0.6.5 to 0.6.6

Files changed (24) hide show
  1. core/constants.php +3 -3
  2. core/parser.php +3 -3
  3. core/utils.php +18 -7
  4. js/lazy.js +2 -2
  5. js/transposh.js +2 -2
  6. js/transposhadmin.js +2 -2
  7. js/transposhcontrol.js +2 -2
  8. js/transposhedit.js +2 -2
  9. readme.txt +10 -4
  10. transposh.php +3 -3
  11. widgets/default/tpw_default.php +2 -2
  12. widgets/dropdown/tpw_image_dropdown.php +2 -2
  13. widgets/flags/tpw_flags.php +2 -2
  14. widgets/flags/tpw_flags_css.php +2 -2
  15. widgets/flagslist/tpw_list_with_flags.php +2 -2
  16. widgets/flagslist/tpw_list_with_flags_css.php +2 -2
  17. wp/transposh_3rdparty.php +7 -6
  18. wp/transposh_admin.php +2 -2
  19. wp/transposh_ajax.php +2 -2
  20. wp/transposh_backup.php +2 -2
  21. wp/transposh_db.php +2 -2
  22. wp/transposh_options.php +2 -2
  23. wp/transposh_postpublish.php +2 -2
  24. wp/transposh_widget.php +3 -3
core/constants.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  //Language indicator in URL. i.e. lang=en
@@ -122,7 +122,7 @@ class transposh_consts {
122
  define('TRANSLATOR', 'translator');
123
 
124
  //Define for transposh plugin version
125
- define('TRANSPOSH_PLUGIN_VER', '0.6.5');
126
 
127
  //Define segment id prefix, will be included in span tag. also used as class identifier
128
  define('SPAN_PREFIX', 'tr_');
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  //Language indicator in URL. i.e. lang=en
122
  define('TRANSLATOR', 'translator');
123
 
124
  //Define for transposh plugin version
125
+ define('TRANSPOSH_PLUGIN_VER', '0.6.6');
126
 
127
  //Define segment id prefix, will be included in span tag. also used as class identifier
128
  define('SPAN_PREFIX', 'tr_');
core/parser.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  require_once("shd/simple_html_dom.php");
@@ -172,7 +172,7 @@ class parser {
172
  * @return boolean true if not a breaker (apostrophy)
173
  */
174
  function is_entity_breaker($entity) {
175
- return!(stripos('&#8217;&apos;&quot;&#039;&#39;', $entity) !== FALSE);
176
  }
177
 
178
  /**
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  require_once("shd/simple_html_dom.php");
172
  * @return boolean true if not a breaker (apostrophy)
173
  */
174
  function is_entity_breaker($entity) {
175
+ return!(stripos('&#8217;&apos;&quot;&#039;&#39;&rsquo;&lsquo;&rdquo;&ldquo;', $entity) !== FALSE);
176
  }
177
 
178
  /**
core/utils.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /**
@@ -24,6 +24,15 @@ require_once("constants.php");
24
  */
25
  class transposh_utils {
26
 
 
 
 
 
 
 
 
 
 
27
  /**
28
  * Remove from url any language (or editing) params that were added for our use.
29
  * Return the scrubed url
@@ -73,7 +82,7 @@ class transposh_utils {
73
  }
74
  $url = transposh_utils::glue_url($parsedurl);
75
  if (!$url) return '/';
76
- return $url;
77
  }
78
 
79
  /**
@@ -172,7 +181,8 @@ class transposh_utils {
172
  foreach ($params as $key => $param) {
173
  if (stripos($param, LANG_PARAM) === 0) {
174
  $langa = explode("=", $params[$key]);
175
- return ($langa[1]);
 
176
  }
177
  }
178
  }
@@ -252,8 +262,8 @@ class transposh_utils {
252
  * @return string translated url permalink
253
  */
254
  public static function translate_url($href, $home_url, $target_language, $fetch_translation_func) {
255
- $url='';
256
- $querypart='';
257
  // todo - check query part... sanitize
258
  if (strpos($href, '?') !== false) {
259
  list ($href, $querypart) = explode('?', $href);
@@ -291,7 +301,7 @@ class transposh_utils {
291
  $href = substr($href, strlen($home_url));
292
  $url = urldecode($href);
293
  $url = (($pos = strpos($url, '?')) ? substr($url, 0, $pos) : $url);
294
- $url2 ='';
295
  $parts = explode('/', $url);
296
  foreach ($parts as $part) {
297
  if (!$part) continue;
@@ -397,4 +407,5 @@ class transposh_utils {
397
  }
398
 
399
  }
 
400
  ?>
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /**
24
  */
25
  class transposh_utils {
26
 
27
+ /**
28
+ * Encode URLs based of RFC 3986
29
+ */
30
+ public static function urlencode($url) {
31
+ $entities = array('%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D');
32
+ $replacements = array('!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
33
+ return str_replace($entities, $replacements, urlencode($url));
34
+ }
35
+
36
  /**
37
  * Remove from url any language (or editing) params that were added for our use.
38
  * Return the scrubed url
82
  }
83
  $url = transposh_utils::glue_url($parsedurl);
84
  if (!$url) return '/';
85
+ return transposh_utils::urlencode($url);
86
  }
87
 
88
  /**
181
  foreach ($params as $key => $param) {
182
  if (stripos($param, LANG_PARAM) === 0) {
183
  $langa = explode("=", $params[$key]);
184
+ if (isset(transposh_consts::$languages[$langa[1]]))
185
+ return ($langa[1]);
186
  }
187
  }
188
  }
262
  * @return string translated url permalink
263
  */
264
  public static function translate_url($href, $home_url, $target_language, $fetch_translation_func) {
265
+ $url = '';
266
+ $querypart = '';
267
  // todo - check query part... sanitize
268
  if (strpos($href, '?') !== false) {
269
  list ($href, $querypart) = explode('?', $href);
301
  $href = substr($href, strlen($home_url));
302
  $url = urldecode($href);
303
  $url = (($pos = strpos($url, '?')) ? substr($url, 0, $pos) : $url);
304
+ $url2 = '';
305
  $parts = explode('/', $url);
306
  foreach ($parts as $part) {
307
  if (!$part) continue;
407
  }
408
 
409
  }
410
+
411
  ?>
js/lazy.js CHANGED
@@ -1,12 +1,12 @@
1
  /*
2
- * Transposh v0.6.5
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
10
  */
11
  (function(b){function s(){function h(a,c){t[a](c,function(d){d=="error"?i.push(c):k.push(c)&&g.each(c);o()},"lazy-loaded-"+(g.name?g.name:(new Date).getTime()))}function j(a){g.complete(a,k,i);g[a](a=="error"?i:k);clearTimeout(p);clearTimeout(u)}function o(){if(k.length==l.length)j("success");else k.length+i.length==l.length&&j("error")}function q(){i.push(this.src);o()}var t=this,g,k=[],i=[],p,u,n,l=[];this.init=function(a){if(a){g=b.extend({},b.xLazyLoader.defaults,a);n={js:g.js,css:g.css,img:g.img};
12
  b.each(n,function(c,d){if(typeof d=="string")d=d.split(",");l=l.concat(d)});if(l.length){if(g.timeout)p=setTimeout(function(){var c=k.concat(i);b.each(l,function(d,f){b.inArray(f,c)==-1&&i.push(f)});j("error")},g.timeout);b.each(n,function(c,d){if(b.isArray(d))b.each(d,function(f,e){h(c,e)});else typeof d=="string"&&h(c,d)})}else j("error")}};this.js=function(a,c,d){var f=b('script[src*="'+a+'"]');if(f.length)f.attr("pending")?f.bind("scriptload",c):c();else{var e=document.createElement("script");
1
  /*
2
+ * Transposh v0.6.6
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
10
  */
11
  (function(b){function s(){function h(a,c){t[a](c,function(d){d=="error"?i.push(c):k.push(c)&&g.each(c);o()},"lazy-loaded-"+(g.name?g.name:(new Date).getTime()))}function j(a){g.complete(a,k,i);g[a](a=="error"?i:k);clearTimeout(p);clearTimeout(u)}function o(){if(k.length==l.length)j("success");else k.length+i.length==l.length&&j("error")}function q(){i.push(this.src);o()}var t=this,g,k=[],i=[],p,u,n,l=[];this.init=function(a){if(a){g=b.extend({},b.xLazyLoader.defaults,a);n={js:g.js,css:g.css,img:g.img};
12
  b.each(n,function(c,d){if(typeof d=="string")d=d.split(",");l=l.concat(d)});if(l.length){if(g.timeout)p=setTimeout(function(){var c=k.concat(i);b.each(l,function(d,f){b.inArray(f,c)==-1&&i.push(f)});j("error")},g.timeout);b.each(n,function(c,d){if(b.isArray(d))b.each(d,function(f,e){h(c,e)});else typeof d=="string"&&h(c,d)})}else j("error")}};this.js=function(a,c,d){var f=b('script[src*="'+a+'"]');if(f.length)f.attr("pending")?f.bind("scriptload",c):c();else{var e=document.createElement("script");
js/transposh.js CHANGED
@@ -1,12 +1,12 @@
1
  /*
2
- * Transposh v0.6.5
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
10
  */
11
  (function(a){function u(c,d){if(a.trim(d).length!==0){var b=function(){var e=a(this).attr("id").substr(a(this).attr("id").lastIndexOf("_")+1),i=a("#"+f+"img_"+e);a("#"+f+e).attr("data-source",1);i.removeClass("tr-icon-yellow").removeClass("tr-icon-green").addClass("tr-icon-yellow")};a("*[data-token='"+c+"'][data-hidden!='y']").html(d).each(b);a("*[data-token='"+c+"'][data-hidden='y']").attr("data-trans",d).each(b)}}function v(c,d){clearTimeout(o);h.push(c);n.push(d);u(c,d);o=setTimeout(function(){var b=
12
  {ln0:t_jp.lang,sr0:p,translation_posted:"2",items:h.length},e;for(e=0;e<h.length;e+=1){b["tk"+e]=h[e];b["tr"+e]=n[e];q+=a("*[data-token='"+h[e]+"']").size()}a.ajax({type:"POST",url:t_jp.post_url,data:b,success:function(){var i=q/j*100;t_jp.progress&&a("#"+k).progressbar("value",i)}});n=[];h=[]},200)}function l(c,d){v(c,a("<div>"+a.trim(d)+"</div>").text());var b=(j-a("."+f+'[data-source=""]').size())/j*100;t_jp.progress&&a("#"+m).progressbar("value",b)}function w(c,d){var b="";a(c).each(function(e){b+=
1
  /*
2
+ * Transposh v0.6.6
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
10
  */
11
  (function(a){function u(c,d){if(a.trim(d).length!==0){var b=function(){var e=a(this).attr("id").substr(a(this).attr("id").lastIndexOf("_")+1),i=a("#"+f+"img_"+e);a("#"+f+e).attr("data-source",1);i.removeClass("tr-icon-yellow").removeClass("tr-icon-green").addClass("tr-icon-yellow")};a("*[data-token='"+c+"'][data-hidden!='y']").html(d).each(b);a("*[data-token='"+c+"'][data-hidden='y']").attr("data-trans",d).each(b)}}function v(c,d){clearTimeout(o);h.push(c);n.push(d);u(c,d);o=setTimeout(function(){var b=
12
  {ln0:t_jp.lang,sr0:p,translation_posted:"2",items:h.length},e;for(e=0;e<h.length;e+=1){b["tk"+e]=h[e];b["tr"+e]=n[e];q+=a("*[data-token='"+h[e]+"']").size()}a.ajax({type:"POST",url:t_jp.post_url,data:b,success:function(){var i=q/j*100;t_jp.progress&&a("#"+k).progressbar("value",i)}});n=[];h=[]},200)}function l(c,d){v(c,a("<div>"+a.trim(d)+"</div>").text());var b=(j-a("."+f+'[data-source=""]').size())/j*100;t_jp.progress&&a("#"+m).progressbar("value",b)}function w(c,d){var b="";a(c).each(function(e){b+=
js/transposhadmin.js CHANGED
@@ -1,12 +1,12 @@
1
  /*
2
- * Transposh v0.6.5
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
10
  */
11
  var timer,items=0,translations=[],tokens=[],langs=[],sources=[],BATCH_SIZE=128,pair_count=0,curr_pair=0;t_jp.MSN_APPID="FACA8E2DF8DCCECE0DC311C6E57DA98EFEFA9BC6";function make_progress(e,b){curr_pair+=1;jQuery("#progress_bar").progressbar("value",curr_pair/pair_count*100);jQuery("#p").text("("+b+") "+e);curr_pair===pair_count&&jQuery("#tr_loading").data("done",true)}
12
  function ajax_translate_me(e,b,c,d){b=jQuery("<div>"+jQuery.trim(b)+"</div>").text();make_progress(b,c);clearTimeout(timer);items+=1;tokens.push(e);translations.push(b);langs.push(c);sources.push(d);timer=setTimeout(function(){var f={translation_posted:"2",items:items},a;for(a=0;a<items;a+=1){if(tokens[a]!==tokens[a-1])f["tk"+a]=tokens[a];if(langs[a]!==langs[a-1])f["ln"+a]=langs[a];if(translations[a]!==translations[a-1])f["tr"+a]=translations[a];if(sources[a]!==sources[a-1])f["sr"+a]=sources[a]}jQuery.ajax({type:"POST",
1
  /*
2
+ * Transposh v0.6.6
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
10
  */
11
  var timer,items=0,translations=[],tokens=[],langs=[],sources=[],BATCH_SIZE=128,pair_count=0,curr_pair=0;t_jp.MSN_APPID="FACA8E2DF8DCCECE0DC311C6E57DA98EFEFA9BC6";function make_progress(e,b){curr_pair+=1;jQuery("#progress_bar").progressbar("value",curr_pair/pair_count*100);jQuery("#p").text("("+b+") "+e);curr_pair===pair_count&&jQuery("#tr_loading").data("done",true)}
12
  function ajax_translate_me(e,b,c,d){b=jQuery("<div>"+jQuery.trim(b)+"</div>").text();make_progress(b,c);clearTimeout(timer);items+=1;tokens.push(e);translations.push(b);langs.push(c);sources.push(d);timer=setTimeout(function(){var f={translation_posted:"2",items:items},a;for(a=0;a<items;a+=1){if(tokens[a]!==tokens[a-1])f["tk"+a]=tokens[a];if(langs[a]!==langs[a-1])f["ln"+a]=langs[a];if(translations[a]!==translations[a-1])f["tr"+a]=translations[a];if(sources[a]!==sources[a-1])f["sr"+a]=sources[a]}jQuery.ajax({type:"POST",
js/transposhcontrol.js CHANGED
@@ -1,12 +1,12 @@
1
  /*
2
- * Transposh v0.6.5
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
10
  */
11
  jQuery(function(){jQuery("#tr_anon").click(function(){if(jQuery("#tr_anon").attr("checked")){jQuery(".translateable").addClass("active").removeClass("translateable");jQuery("#sortable .active").each(function(){jQuery("input",this).val(jQuery(this).attr("id")+",v,t")})}jQuery("#yellowcolor").toggleClass("hidden")});jQuery("#sortable").sortable({placeholder:"highlight",update:function(b,a){a.item.unbind("click");a.item.one("click",function(c){c.stopImmediatePropagation();jQuery(this).click(clickfunction)})}});
12
  jQuery("#sortable").disableSelection();jQuery("#changename").click(function(){jQuery(".langname").toggleClass("hidden");return false});jQuery("#selectall").click(function(){jQuery("#sortable .languages").addClass("active").removeClass("translateable");jQuery("#sortable .active").each(function(){jQuery("input",this).val(jQuery(this).attr("id")+",v,t")});return false});clickfunction=function(){if(jQuery(this).attr("id")!=jQuery("#default_list li").attr("id")){if(jQuery("#tr_anon").attr("checked"))jQuery(this).toggleClass("active");
1
  /*
2
+ * Transposh v0.6.6
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
10
  */
11
  jQuery(function(){jQuery("#tr_anon").click(function(){if(jQuery("#tr_anon").attr("checked")){jQuery(".translateable").addClass("active").removeClass("translateable");jQuery("#sortable .active").each(function(){jQuery("input",this).val(jQuery(this).attr("id")+",v,t")})}jQuery("#yellowcolor").toggleClass("hidden")});jQuery("#sortable").sortable({placeholder:"highlight",update:function(b,a){a.item.unbind("click");a.item.one("click",function(c){c.stopImmediatePropagation();jQuery(this).click(clickfunction)})}});
12
  jQuery("#sortable").disableSelection();jQuery("#changename").click(function(){jQuery(".langname").toggleClass("hidden");return false});jQuery("#selectall").click(function(){jQuery("#sortable .languages").addClass("active").removeClass("translateable");jQuery("#sortable .active").each(function(){jQuery("input",this).val(jQuery(this).attr("id")+",v,t")});return false});clickfunction=function(){if(jQuery(this).attr("id")!=jQuery("#default_list li").attr("id")){if(jQuery("#tr_anon").attr("checked"))jQuery(this).toggleClass("active");
js/transposhedit.js CHANGED
@@ -1,12 +1,12 @@
1
  /*
2
- * Transposh v0.6.5
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
10
  */
11
  (function(a){function h(b,c){if(a.trim(c).length===0)c=a("[data-token='"+b+"']").attr("data-orig");var e=function(){var f=a(this).attr("id").substr(a(this).attr("id").lastIndexOf("_")+1),d=a("#"+t_jp.prefix+"img_"+f);a("#"+t_jp.prefix+f).attr("data-source",0);d.removeClass("tr-icon-yellow").removeClass("tr-icon-green").addClass("tr-icon-green")};a("*[data-token='"+b+"'][data-hidden!='y']").html(c).each(e);a("*[data-token='"+b+"'][data-hidden='y']").attr("data-trans",c).each(e)}function i(b,c){h(b,
12
  c);a.ajax({type:"POST",url:t_jp.post_url,data:{ln0:t_jp.lang,sr0:0,translation_posted:"2",items:1,tk0:b,tr0:c},success:function(){},error:function(e){alert("Error !!! failed to translate.\n\nServer's message: "+e.statusText)}})}function j(b,c){a.ajax({url:"http://ajax.googleapis.com/ajax/services/language/translate?v=1.0&q="+encodeURIComponent(b)+"&langpair=%7C"+t_jp.lang,dataType:"jsonp",success:c})}function k(){a(":button:contains('Suggest - Google')").attr("disabled","disabled").addClass("ui-state-disabled");
1
  /*
2
+ * Transposh v0.6.6
3
  * http://transposh.org/
4
  *
5
  * Copyright 2010, Team Transposh
6
  * Licensed under the GPL Version 2 or higher.
7
  * http://transposh.org/license
8
  *
9
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
10
  */
11
  (function(a){function h(b,c){if(a.trim(c).length===0)c=a("[data-token='"+b+"']").attr("data-orig");var e=function(){var f=a(this).attr("id").substr(a(this).attr("id").lastIndexOf("_")+1),d=a("#"+t_jp.prefix+"img_"+f);a("#"+t_jp.prefix+f).attr("data-source",0);d.removeClass("tr-icon-yellow").removeClass("tr-icon-green").addClass("tr-icon-green")};a("*[data-token='"+b+"'][data-hidden!='y']").html(c).each(e);a("*[data-token='"+b+"'][data-hidden='y']").attr("data-trans",c).each(e)}function i(b,c){h(b,
12
  c);a.ajax({type:"POST",url:t_jp.post_url,data:{ln0:t_jp.lang,sr0:0,translation_posted:"2",items:1,tk0:b,tr0:c},success:function(){},error:function(e){alert("Error !!! failed to translate.\n\nServer's message: "+e.statusText)}})}function j(b,c){a.ajax({url:"http://ajax.googleapis.com/ajax/services/language/translate?v=1.0&q="+encodeURIComponent(b)+"&langpair=%7C"+t_jp.lang,dataType:"jsonp",success:c})}function k(){a(":button:contains('Suggest - Google')").attr("disabled","disabled").addClass("ui-state-disabled");
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://transposh.org/donate/
4
  Tags: translation, widget, filter, buddypress, bilingual, multilingual, transposh, translate, language, crowdsourcing, context, wiki, RTL, Hebrew, Spanish, French, Russian, English, Arabic, Portuguese
5
  Requires at least: 2.8
6
  Tested up to: 3.0.1
7
- Stable tag: 0.6.5
8
 
9
  Transposh filter allows in context quick translation of websites, it allows you to crowd-source the translation to your users
10
 
@@ -119,10 +119,10 @@ Users of php speedy will have to deactivate it, add “transposh.js” in the ig
119
 
120
  Currently the plugin is able to add the multilingual urls to the sitemap, and you need to add the following line at the sitemap-core.php, add-url function (line 1509 at version 3.2.2)
121
 
122
- `do_action('sm_addurl', &$page);`
123
 
124
- We hope that future versions will include this by default, and for now you can get the patched file from our site.
125
- After a change of languages used, you are welcomed to trigger a new sitemap buildup.
126
 
127
  = Plugin support: WP-Super-Cache =
128
 
@@ -165,6 +165,8 @@ images based on the current language
165
  5. Widget style selection box, with three basic appearances, flags below (in Hebrew), language selection on the top right and language list on the bottom right.
166
 
167
  == Upgrade Notice ==
 
 
168
  = 0.6.3 =
169
  Support .po/.mo files
170
  = 0.6.0 =
@@ -193,6 +195,10 @@ This version provides integration with google-sitemaps-xml and wp-super-cache
193
  This version allows sorting of languages within the widget
194
 
195
  == Changelog ==
 
 
 
 
196
  = 2010/10/25 - 0.6.5 =
197
  * Fixed Slovenian flag bug reported by anphicle
198
  * Added support for rel alternate in the headers - see http://googlewebmastercentral.blogspot.com/2010/09/unifying-content-under-multilingual.html
4
  Tags: translation, widget, filter, buddypress, bilingual, multilingual, transposh, translate, language, crowdsourcing, context, wiki, RTL, Hebrew, Spanish, French, Russian, English, Arabic, Portuguese
5
  Requires at least: 2.8
6
  Tested up to: 3.0.1
7
+ Stable tag: 0.6.6
8
 
9
  Transposh filter allows in context quick translation of websites, it allows you to crowd-source the translation to your users
10
 
119
 
120
  Currently the plugin is able to add the multilingual urls to the sitemap, and you need to add the following line at the sitemap-core.php, add-url function (line 1509 at version 3.2.2)
121
 
122
+ `do_action('sm_addurl', $page);`
123
 
124
+ As of version 4 beta 3 this is included by default, for earlier versions you can get the patched file from our trac site.
125
+ After a change of languages used, you are welcomed to trigger a new sitemap buildup (not needed in v4).
126
 
127
  = Plugin support: WP-Super-Cache =
128
 
165
  5. Widget style selection box, with three basic appearances, flags below (in Hebrew), language selection on the top right and language list on the bottom right.
166
 
167
  == Upgrade Notice ==
168
+ = 0.6.6 =
169
+ Fixed two XSS vulnerabilities
170
  = 0.6.3 =
171
  Support .po/.mo files
172
  = 0.6.0 =
195
  This version allows sorting of languages within the widget
196
 
197
  == Changelog ==
198
+ = 2010/11/11 - 0.6.6 =
199
+ * Added support for some more breaker html entities such as &rsquo; (thanks archon810)
200
+ * fix XSS vulnerability on IE<8 (Thanks [Joshua Hansen and Scott Caveza](http://www.godaddy.com/security/website-security.aspx))
201
+ * Integration with Google Sitemaps XML v4 beta
202
  = 2010/10/25 - 0.6.5 =
203
  * Fixed Slovenian flag bug reported by anphicle
204
  * Added support for rel alternate in the headers - see http://googlewebmastercentral.blogspot.com/2010/09/unifying-content-under-multilingual.html
transposh.php CHANGED
@@ -5,7 +5,7 @@
5
  Plugin URI: http://transposh.org/
6
  Description: Translation filter for WordPress, After enabling please set languages at the <a href="options-general.php?page=transposh">the options page</a> Want to help? visit our development site at <a href="http://trac.transposh.org/">trac.transposh.org</a>.
7
  Author: Team Transposh
8
- Version: 0.6.5
9
  Author URI: http://transposh.org/
10
  License: GPL (http://www.gnu.org/licenses/gpl.txt)
11
  Text Domain: transposh
@@ -13,14 +13,14 @@
13
  */
14
 
15
  /*
16
- * Transposh v0.6.5
17
  * http://transposh.org/
18
  *
19
  * Copyright 2010, Team Transposh
20
  * Licensed under the GPL Version 2 or higher.
21
  * http://transposh.org/license
22
  *
23
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
24
  */
25
 
26
  //avoid direct calls to this file where wp core files not present
5
  Plugin URI: http://transposh.org/
6
  Description: Translation filter for WordPress, After enabling please set languages at the <a href="options-general.php?page=transposh">the options page</a> Want to help? visit our development site at <a href="http://trac.transposh.org/">trac.transposh.org</a>.
7
  Author: Team Transposh
8
+ Version: 0.6.6
9
  Author URI: http://transposh.org/
10
  License: GPL (http://www.gnu.org/licenses/gpl.txt)
11
  Text Domain: transposh
13
  */
14
 
15
  /*
16
+ * Transposh v0.6.6
17
  * http://transposh.org/
18
  *
19
  * Copyright 2010, Team Transposh
20
  * Licensed under the GPL Version 2 or higher.
21
  * http://transposh.org/license
22
  *
23
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
24
  */
25
 
26
  //avoid direct calls to this file where wp core files not present
widgets/default/tpw_default.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /*
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /*
widgets/dropdown/tpw_image_dropdown.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /**
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /**
widgets/flags/tpw_flags.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /**
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /**
widgets/flags/tpw_flags_css.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /**
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /**
widgets/flagslist/tpw_list_with_flags.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /**
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /**
widgets/flagslist/tpw_list_with_flags_css.php CHANGED
@@ -11,14 +11,14 @@
11
  */
12
 
13
  /*
14
- * Transposh v0.6.5
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
22
  */
23
 
24
  /**
11
  */
12
 
13
  /*
14
+ * Transposh v0.6.6
15
  * http://transposh.org/
16
  *
17
  * Copyright 2010, Team Transposh
18
  * Licensed under the GPL Version 2 or higher.
19
  * http://transposh.org/license
20
  *
21
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
22
  */
23
 
24
  /**
wp/transposh_3rdparty.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
@@ -39,7 +39,7 @@ class transposh_3rdparty {
39
  add_action('transposh_human_translation', array(&$this, 'transposh_buddypress_stream'), 10, 3);
40
 
41
  // google xml sitemaps - with patch
42
- add_action("sm_addurl", array(&$this, 'add_sm_transposh_urls'));
43
  }
44
 
45
  function super_cache_invalidate() {
@@ -161,12 +161,13 @@ class transposh_3rdparty {
161
  /**
162
  * This function integrates with google sitemap generator, and adds for each viewable language, the rest of the languages url
163
  * Also - priority is reduced by 0.2
164
- * And this requires the following line at the sitemap-core.php, add-url function (line 1509 at version 3.2.2)
165
- * do_action('sm_addurl', &$page);
166
  * @param GoogleSitemapGeneratorPage $sm_page Object containing the page information
167
  */
168
- function add_sm_transposh_urls(&$sm_page) {
169
 
 
170
  // we need the generator object (we know it must exist...)
171
  $generatorObject = &GoogleSitemapGenerator::GetInstance();
172
  // we reduce the priorty by 0.2, but not below zero
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
39
  add_action('transposh_human_translation', array(&$this, 'transposh_buddypress_stream'), 10, 3);
40
 
41
  // google xml sitemaps - with patch
42
+ add_action('sm_addurl', array(&$this, 'add_sm_transposh_urls'));
43
  }
44
 
45
  function super_cache_invalidate() {
161
  /**
162
  * This function integrates with google sitemap generator, and adds for each viewable language, the rest of the languages url
163
  * Also - priority is reduced by 0.2
164
+ * And this requires the following line at the sitemap-core.php, add-url function (line 1509 at version 3.2.4)
165
+ * do_action('sm_addurl', $page);
166
  * @param GoogleSitemapGeneratorPage $sm_page Object containing the page information
167
  */
168
+ function add_sm_transposh_urls($sm_page) {
169
 
170
+ $sm_page = clone $sm_page;
171
  // we need the generator object (we know it must exist...)
172
  $generatorObject = &GoogleSitemapGenerator::GetInstance();
173
  // we reduce the priorty by 0.2, but not below zero
wp/transposh_admin.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
wp/transposh_ajax.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
wp/transposh_backup.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
wp/transposh_db.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /**
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /**
wp/transposh_options.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  // OLD Options - To be removed
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  // OLD Options - To be removed
wp/transposh_postpublish.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
wp/transposh_widget.php CHANGED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
  /*
4
- * Transposh v0.6.5
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
- * Date: Mon, 25 Oct 2010 13:00:28 +0200
12
  */
13
 
14
  /*
@@ -63,7 +63,7 @@ class transposh_plugin_widget {
63
  if ($lang && $this->transposh->options->get_enable_url_translate()) {
64
  // and then, we might have to translate it
65
  $ref = transposh_utils::translate_url($ref, $this->transposh->home_url, $lang, array(&$this->transposh->database, 'fetch_translation'));
66
- $ref = str_replace(array('%2F', '%3A', '%3B', '%3F', '%3D', '%26'), array('/', ':', ';', '?', '=', '&'), urlencode($ref));
67
 
68
  }
69
  $ref = transposh_utils::rewrite_url_lang_param($ref, $this->transposh->home_url, $this->transposh->enable_permalinks_rewrite, $lang, $_POST[EDIT_PARAM]);
1
  <?php
2
 
3
  /*
4
+ * Transposh v0.6.6
5
  * http://transposh.org/
6
  *
7
  * Copyright 2010, Team Transposh
8
  * Licensed under the GPL Version 2 or higher.
9
  * http://transposh.org/license
10
  *
11
+ * Date: Thu, 11 Nov 2010 23:52:38 +0200
12
  */
13
 
14
  /*
63
  if ($lang && $this->transposh->options->get_enable_url_translate()) {
64
  // and then, we might have to translate it
65
  $ref = transposh_utils::translate_url($ref, $this->transposh->home_url, $lang, array(&$this->transposh->database, 'fetch_translation'));
66
+ $ref = transposh_utils::urlencode($ref);
67
 
68
  }
69
  $ref = transposh_utils::rewrite_url_lang_param($ref, $this->transposh->home_url, $this->transposh->enable_permalinks_rewrite, $lang, $_POST[EDIT_PARAM]);