Toolset Types – Custom Post Types, Custom Fields and Taxonomies -

Version Description

Release date: 2015-08-03
Fixed WYSIWYG field for WP 4.2.3 security release.
Added HTML frontend rendering settings.

Release Info

Developer	jadpm
Plugin	Toolset Types – Custom Post Types, Custom Fields and Taxonomies
Version	1.7.8
Comparing to
See all releases

Code changes from version 1.7.7 to 1.7.8

Files changed (14) hide show

embedded/bootstrap.php +1 -1
embedded/classes/field.php +9 -1
embedded/classes/loader.php +20 -0
embedded/frontend.php +117 -1
embedded/functions.php +2 -0
embedded/includes/fields-post.php +46 -0
embedded/includes/fields/wysiwyg.php +69 -24
embedded/includes/usermeta-post.php +45 -1
embedded/plugin.php +1 -1
embedded/readme.txt +2 -2
embedded/usermeta-init.php +20 -0
includes/settings.php +41 -2
readme.txt +8 -2
wpcf.php +2 -2

embedded/bootstrap.php CHANGED Viewed

	@@ -133,7 +133,7 @@ function wpcf_embedded_init() {
133	// Define necessary constants if plugin is not present
134	// This ones are skipped if used as embedded code!
135	if ( !defined( 'WPCF_VERSION' ) ) {
136	- define( 'WPCF_VERSION', '1.7.7' );
137	define( 'WPCF_META_PREFIX', 'wpcf-' );
138	}
139


133	// Define necessary constants if plugin is not present
134	// This ones are skipped if used as embedded code!
135	if ( !defined( 'WPCF_VERSION' ) ) {
136	+ define( 'WPCF_VERSION', '1.7.8' );
137	define( 'WPCF_META_PREFIX', 'wpcf-' );
138	}
139

embedded/classes/field.php CHANGED Viewed

	@@ -715,8 +715,16 @@ class WPCF_Field
715	} else {
716	$html = htmlspecialchars( $html );
717	}








718	// Process shortcodes too
719	- $html = do_shortcode( ~~htmlspecialchars_decode( stripslashes(~~ $html ) ~~) )~~;
720	return $html;
721	}
722


715	} else {
716	$html = htmlspecialchars( $html );
717	}
718	+ if (
719	+ isset( $params['unfiltered_html'] )
720	+ && $params['unfiltered_html'] === false
721	+ ) {
722	+ $html = stripslashes( $html );
723	+ } else {
724	+ $html = htmlspecialchars_decode( stripslashes( $html ) );
725	+ }
726	// Process shortcodes too
727	+ $html = do_shortcode( $html );
728	return $html;
729	}
730

embedded/classes/loader.php CHANGED Viewed

@@ -33,7 +33,27 @@ class WPCF_Loader
                     add_action( 'admin_print_scripts',
                             array('WPCF_Loader', 'renderJsSettings'), 5 );
             		add_filter( 'the_posts', array('WPCF_Loader', 'wpcf_cache_complete_postmeta') );
+                }
                 /**
                  * Cache the postmeta for posts returned by a WP_Query


33	add_action( 'admin_print_scripts',
34	array('WPCF_Loader', 'renderJsSettings'), 5 );
35	add_filter( 'the_posts', array('WPCF_Loader', 'wpcf_cache_complete_postmeta') );
36	+ add_filter( 'wpcf_fields_value_save', array( 'WPCF_Loader', 'wpcf_sanitize_values_on_save' ) );
37	}
38	+
39	+ /**
40	+ * Sanitize fields values on save
41	+ *
42	+ */
43	+
44	+ public static function wpcf_sanitize_values_on_save( $value ) {
45	+ if ( is_array( $value ) ) {
46	+ // Recursion
47	+ $value = array_map( array( 'WPCF_Loader', 'wpcf_sanitize_values_on_save' ), $value );
48	+ } else {
49	+ if ( current_user_can( 'unfiltered_html' ) ) {
50	+ $value = wp_filter_post_kses( $value );
51	+ } else {
52	+ $value = wp_filter_kses( $value );
53	+ }
54	+ }
55	+ return $value;
56	+ }
57
58	/**
59	* Cache the postmeta for posts returned by a WP_Query

embedded/frontend.php CHANGED Viewed

@@ -125,6 +125,8 @@ function types_render_field( $field_id = null, $params = array(), $content = nul
                 // Get field
                 $field = types_get_field( $field_id );
                 // If field not found return empty string
                 if ( empty( $field ) ) {
@@ -327,7 +329,15 @@ function types_render_field_single( $field, $params, $content = null, $code = ''
                 $output = strval( apply_filters( 'types_view', $output,
                     $params['field_value'], $field['type'], $field['slug'],
                     $field['name'], $params ) );
-            -
                return htmlspecialchars_decode( stripslashes( strval( $output ) ) );
+            }
             function wpcf_frontend_compat_html_output( $output, $field, $content, $params ) {
@@ -496,6 +506,22 @@ function wpcf_frontend_wrap_field_value( $field, $content, $params = array() ) {
+                }
+            }
             // Add a filter to handle Views queries with checkboxes.
             add_filter( 'wpv_filter_query', 'wpcf_views_query', 12, 2 ); // after custom fields.
@@ -657,3 +683,93 @@ function wpcf_views_get_meta_sql( $clause, $queries, $type, $primary_table,
                 return $clause;
+            }


125
126	// Get field
127	$field = types_get_field( $field_id );
128	+
129	+ $params['unfiltered_html'] = wpcf_postmeta_fields_can_unfiltered_html( $post_id );
130
131	// If field not found return empty string
132	if ( empty( $field ) ) {

329	$output = strval( apply_filters( 'types_view', $output,
330	$params['field_value'], $field['type'], $field['slug'],
331	$field['name'], $params ) );
332	+
333	+ if (
334	+ isset( $params['unfiltered_html'] )
335	+ && $params['unfiltered_html'] === false
336	+ ) {
337	+ return stripslashes( strval( $output ) );
338	+ } else {
339	+ return htmlspecialchars_decode( stripslashes( strval( $output ) ) );
340	+ }
341	}
342
343	function wpcf_frontend_compat_html_output( $output, $field, $content, $params ) {

506	}
507	}
508
509	+ function wpcf_postmeta_fields_can_unfiltered_html( $post_id = '' ) {
510	+ $return = true;
511	+ if ( empty( $post_id ) ) {
512	+ return $return;
513	+ }
514	+ $can_unfiltered_html = wpcf_get_post_meta( $post_id, '_wpcf_postmeta_fields_unfiltered_html', true );
515	+ if (
516	+ $can_unfiltered_html == 'off'
517	+ \|\| wpcf_get_settings('postmeta_unfiltered_html') == 'off'
518	+ \|\| ! apply_filters( 'wpcf_filter_wpcf_postmeta_fields_unfiltered_html', true, $post_id )
519	+ ) {
520	+ $return = false;
521	+ }
522	+ return $return;
523	+ }
524	+
525	// Add a filter to handle Views queries with checkboxes.
526
527	add_filter( 'wpv_filter_query', 'wpcf_views_query', 12, 2 ); // after custom fields.

683
684	return $clause;
685	}
686	+
687	+
688	+ /** Fix shortcode rendering for WP 4.2.3 security fixes.
689	+ * We now pre-process before the main do_shortcode fitler so that we
690	+ * can still use shortcodes in html attributes
691	+ * like <img src="[types field="image-field"][/types]">
692	+ * adding filter with priority before do_shortcode and other WP standard filters
693	+ */
694	+
695	+ add_filter('the_content', 'wpcf_preprocess_shortcodes_for_4_2_3', 5);
696	+
697	+ function wpcf_preprocess_shortcodes_for_4_2_3($content) {
698	+
699	+ $shortcode = "/\\[types.?\\](.?)\\[\\/types\\]/is";
700	+
701	+ // Normalize entities in unfiltered HTML before adding placeholders.
702	+ $trans = array( '[' => '[', ']' => ']' );
703	+ $content = strtr( $content, $trans );
704	+ $trans = array( '[' => '[', ']' => ']' );
705	+
706	+ $comment_regex =
707	+ '!' // Start of comment, after the <.
708	+ . '(?:' // Unroll the loop: Consume everything until --> is found.
709	+ . '-(?!->)' // Dash not followed by end of comment.
710	+ . '[^\-]*+' // Consume non-dashes.
711	+ . ')*+' // Loop possessively.
712	+ . '(?:-->)?'; // End of comment. If not found, match all input.
713	+
714	+ $regex =
715	+ '/(' // Capture the entire match.
716	+ . '<' // Find start of element.
717	+ . '(?(?=!--)' // Is this a comment?
718	+ . $comment_regex // Find end of comment.
719	+ . '\|'
720	+ . '[^>]*>?' // Find end of element. If not found, match all input.
721	+ . ')'
722	+ . ')/s';
723	+
724	+ $textarr = preg_split( $regex, $content, -1, PREG_SPLIT_DELIM_CAPTURE \| PREG_SPLIT_NO_EMPTY );
725	+
726	+ foreach ( $textarr as &$element ) {
727	+ if ( '<' !== $element[0] ) {
728	+ continue;
729	+ }
730	+
731	+ $noopen = false === strpos( $element, '[' );
732	+ $noclose = false === strpos( $element, ']' );
733	+ if ( $noopen \|\| $noclose ) {
734	+ // This element does not contain shortcodes.
735	+ if ( $noopen xor $noclose ) {
736	+ // Need to encode stray [ or ] chars.
737	+ $element = strtr( $element, $trans );
738	+ }
739	+ continue;
740	+ }
741	+
742	+ if ( '<!--' === substr( $element, 0, 4 ) ) {
743	+ // Encode all [ and ] chars.
744	+ $element = strtr( $element, $trans );
745	+ continue;
746	+ }
747	+
748	+ $counts = preg_match_all($shortcode, $element, $matches);
749	+
750	+ if($counts > 0) {
751	+ foreach($matches[0] as $index => &$match) {
752	+
753	+ $string_to_replace = $match;
754	+
755	+ $inner_content = $matches[1][ $index ];
756	+ if ( $inner_content ) {
757	+ $new_inner_content = wpcf_preprocess_shortcodes_for_4_2_3( $inner_content );
758	+ $match = str_replace( $inner_content, $new_inner_content, $match );
759	+ }
760	+
761	+ $replacement = do_shortcode($match);
762	+ $element = str_replace($string_to_replace, $replacement, $element);
763	+
764	+ }
765	+ }
766	+
767	+ // Now encode any remaining [ or ] chars.
768	+ $element = strtr( $element, $trans );
769	+ }
770	+
771	+ $content = implode( '', $textarr );
772	+
773	+ return $content;
774	+ }
775	+

embedded/functions.php CHANGED Viewed

	@@ -342,6 +342,8 @@ function wpcf_get_settings($specific = false)
342	'images_remote' => 0,
343	'images_remote_cache_time' => '36',
344	'help_box' => 'by_types',


345	);
346	$settings = wp_parse_args( get_option( 'wpcf_settings', array() ), $defaults );
347	$settings = apply_filters( 'types_settings', $settings );


342	'images_remote' => 0,
343	'images_remote_cache_time' => '36',
344	'help_box' => 'by_types',
345	+ 'postmeta_unfiltered_html' => 'on',
346	+ 'usermeta_unfiltered_html' => 'on',
347	);
348	$settings = wp_parse_args( get_option( 'wpcf_settings', array() ), $defaults );
349	$settings = apply_filters( 'types_settings', $settings );

embedded/includes/fields-post.php CHANGED Viewed

@@ -153,6 +153,16 @@ function wpcf_add_meta_boxes( $post_type, $post ) {
                 // Get groups
                 $groups = wpcf_admin_post_get_post_groups_fields( $post );
                 foreach ( $groups as $group ) {
@@ -218,6 +228,31 @@ function wpcf_add_meta_boxes( $post_type, $post ) {
+                }
+            }
             /**
              * Renders meta box content (preview).
+             *
@@ -569,6 +604,17 @@ function wpcf_admin_post_meta_box( $post, $group, $echo = '', $open_style_editor
             function wpcf_admin_post_save_post_hook( $post_ID, $post )
+            {
                 if ( defined( 'WPTOOLSET_FORMS_VERSION' ) ) {


153
154	// Get groups
155	$groups = wpcf_admin_post_get_post_groups_fields( $post );
156	+
157	+ if ( current_user_can( 'unfiltered_html' ) ) {
158	+ add_meta_box( "wpcf-group-postmeta-fields-can-unfiltered-html",
159	+ wpcf_translate( 'group postmeta-fields-can-unfiltered-html name', 'Types fields - unfiltered HTML' ),
160	+ 'wpcf_admin_postmeta_fields_can_unfiltered_html_meta_box',
161	+ $post_type,
162	+ 'normal',
163	+ 'low'
164	+ );
165	+ }
166
167	foreach ( $groups as $group ) {
168

228	}
229	}
230
231	+ function wpcf_admin_postmeta_fields_can_unfiltered_html_meta_box( $post ) {
232	+ $can_unfiltered_html = wpcf_get_post_meta( $post->ID, '_wpcf_postmeta_fields_unfiltered_html', true );
233	+ $can_unfiltered_html = empty( $can_unfiltered_html ) ? 'on' : $can_unfiltered_html;
234	+ $disabled = '';
235	+ if ( wpcf_get_settings('postmeta_unfiltered_html') == 'off' ) {
236	+ $can_unfiltered_html = 'off';
237	+ $disabled = ' disabled="disabled"';
238	+ }
239	+ ?>
240	+ <input type="radio" id="wpcf_postmeta_fields_can_unfiltered_html_on" name="_wpcf_postmeta_fields_unfiltered_html" value="on" <?php checked( $can_unfiltered_html, 'on' ); echo $disabled; ?> />
241	+ <label for="wpcf_postmeta_fields_can_unfiltered_html_on">
242	+ <?php _e( 'Enable unfiltered HTML in Types custom fields on this post', 'wpcf' ); ?>
243	+ </label>
244	+ <br />
245	+ <input type="radio" id="wpcf_postmeta_fields_can_unfiltered_html_off" name="_wpcf_postmeta_fields_unfiltered_html" value="off" <?php checked( $can_unfiltered_html, 'off' ); echo $disabled; ?> />
246	+ <label for="wpcf_postmeta_fields_can_unfiltered_html_off">
247	+ <?php _e( 'Disable unfiltered HTML in Types custom fields on this post', 'wpcf' ); ?>
248	+ </label>
249	+ <!--
250	+ <hr />
251	+ Documentation link
252	+ -->
253	+ <?php
254	+ }
255	+
256	/**
257	* Renders meta box content (preview).
258	*

604	function wpcf_admin_post_save_post_hook( $post_ID, $post )
605	{
606
607	+ if ( current_user_can( 'unfiltered_html' ) ) {
608	+ if (
609	+ isset( $_POST['_wpcf_postmeta_fields_unfiltered_html'] )
610	+ && in_array( $_POST['_wpcf_postmeta_fields_unfiltered_html'], array( 'on', 'off' ) )
611	+ ) {
612	+ $unfiltered_html = $_POST['_wpcf_postmeta_fields_unfiltered_html'];
613	+ update_post_meta( $post_ID, '_wpcf_postmeta_fields_unfiltered_html', $unfiltered_html );
614	+ }
615	+ } else {
616	+ update_post_meta( $post_ID, '_wpcf_postmeta_fields_unfiltered_html', 'off' );
617	+ }
618
619	if ( defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
620

embedded/includes/fields/wysiwyg.php CHANGED Viewed

@@ -128,35 +128,80 @@ function wpcf_fields_wysiwyg_view( $params ) {
                     $output .= '>';
+                }
-            -
                if ( isset( $params['suppress_filters'] ) && $params['suppress_filters'] == 'true' ) {
-            -
                    $the_content_filters = array(
-            -
                        'wptexturize', 'convert_smilies', 'convert_chars', 'wpautop',
-            -
                        'shortcode_unautop', 'prepend_attachment', 'capital_P_dangit', 'do_shortcode');
-            -
                    $content = htmlspecialchars_decode( stripslashes( $params['field_value'] ) );
-            -
                    foreach ($the_content_filters as $func) {
-            -
                        if (  function_exists( $func ) ) {
-            -
                            $content = call_user_func($func, $content);
-            -
                        }
+                    }
-            -
                    $output .= $content;
-            -
                } else {
-            -
                    /**
-            -
                     * remove_shortcode playlist to avoid htmlspecialchars_decode on json
-            -
                     * data
-            -
                     */
-            -
                    remove_shortcode('playlist', 'wp_playlist_shortcode');
-            -
                    $output .= apply_filters( 'the_content', htmlspecialchars_decode( stripslashes( $params['field_value'] ) ) );
-            -
                    if ( preg_match_all('/playlist[^\]]+/', $output, $matches ) ) {
-            -
                        foreach( $matches[0] as $one ) {
-            -
                            $re = '/'.$one.'/';
-            -
                            $one = preg_replace('/\&\#(8221|8243);/', '"', $one);
-            -
                            $output = preg_replace($re, $one, $output);
-            -
                        }
+                    }
-            -
                    add_shortcode( 'playlist', 'wp_playlist_shortcode' );
+                }
                 if ( !empty( $params['style'] ) || !empty( $params['class'] ) ) {
                     $output .= '</div>';
+                }
                 return $output;
+            }


128	$output .= '>';
129	}
130
131	+ // We'll only run a limited number of filters.
132	+ // We need to do this to avoid issues after the WP 4.2.3 shortcode API changes.
133	+
134	+ $the_content_filters = array(
135	+ 'wptexturize', 'convert_smilies', 'convert_chars', 'wpautop',
136	+ 'shortcode_unautop', 'prepend_attachment', 'capital_P_dangit', 'do_shortcode');
137	+
138	+ /**
139	+ * remove_shortcode playlist to avoid htmlspecialchars_decode on json
140	+ * data
141	+ */
142	+ remove_shortcode('playlist', 'wp_playlist_shortcode');
143	+
144	+ if (
145	+ isset( $params['unfiltered_html'] )
146	+ && $params['unfiltered_html'] === false
147	+ ) {
148	+ $content = stripslashes( $params['field_value'] );
149	+ } else {
150	+ $content = htmlspecialchars_decode( stripslashes( $params['field_value'] ) );
151	+ }
152	+
153	+ foreach ($the_content_filters as $func) {
154	+ if ( function_exists( $func ) ) {
155	+ $content = call_user_func($func, $content);
156	}
157	+ }
158	+ if ( preg_match_all('/playlist[^\]]+/', $output, $matches ) ) {
159	+ foreach( $matches[0] as $one ) {
160	+ $re = '/'.$one.'/';
161	+ $one = preg_replace('/\&\#(8221\|8243);/', '"', $one);
162	+ $output = preg_replace($re, $one, $output);








163	}

164	}
165	+ add_shortcode( 'playlist', 'wp_playlist_shortcode' );
166	+
167	+ $output .= $content;
168	if ( !empty( $params['style'] ) \|\| !empty( $params['class'] ) ) {
169	$output .= '</div>';
170	}
171	return $output;
172	}
173	+
174	+ /**
175	+ * Records the WP filter state.
176	+ *
177	+ * @since 1.9.1
178	+ */
179	+
180	+ class WPCF_WP_filter_state {
181	+
182	+ private $current_index;
183	+ private $tag;
184	+
185	+ public function __construct( $tag ) {
186	+ global $wp_filter;
187	+
188	+ $this->tag = $tag;
189	+
190	+ if ( isset( $wp_filter[$tag] ) ) {
191	+ $this->current_index = current($wp_filter[$tag]);
192	+ }
193	+ }
194	+
195	+ public function restore( ) {
196	+ global $wp_filter;
197	+
198	+ if ( isset( $wp_filter[$this->tag] ) && $this->current_index ) {
199	+ reset($wp_filter[$this->tag]);
200	+ while ( $this->current_index && current($wp_filter[$this->tag]) && $this->current_index != current($wp_filter[$this->tag]) ) {
201	+ next( $wp_filter[$this->tag] );
202	+ }
203	+ }
204	+
205	+ }
206	+
207	+ }

embedded/includes/usermeta-post.php CHANGED Viewed

@@ -25,7 +25,39 @@ function wpcf_admin_userprofile_init($user_id){
             	$wpcf_active = false;
             	$profile_only_preview = '';
-            -
                 foreach ( $groups as $group ) {
                     if ( !empty( $group['fields'] ) ) {
                         $wpcf_active = true;
@@ -326,6 +358,18 @@ function wpcf_admin_profile_js_validation(){
             */
             function wpcf_admin_userprofilesave_init($user_id){
                 if ( defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
                     global $wpcf;


25	$wpcf_active = false;
26	$profile_only_preview = '';
27
28	+ if ( current_user_can( 'unfiltered_html' ) ) {
29	+ $can_unfiltered_html = get_user_meta( $user_id->ID, '_wpcf_usermeta_fields_unfiltered_html', true );
30	+ $can_unfiltered_html = empty( $can_unfiltered_html ) ? 'on' : $can_unfiltered_html;
31	+ $disabled = '';
32	+ if ( wpcf_get_settings('usermeta_unfiltered_html') == 'off' ) {
33	+ $can_unfiltered_html = 'off';
34	+ $disabled = ' disabled="disabled"';
35	+ }
36	+ ?>
37	+ <h3><?php _e( 'Types usermeta fields - unfiltered HTML', 'wpcf' ) ?></h3>
38	+ <table class="form-table">
39	+ <tbody>
40	+ <tr>
41	+ <th>
42	+ <?php _e( 'Unfiltered HTML', 'wpcf' ) ?>
43	+ </th>
44	+ <td>
45	+ <input id="wpcf_postmeta_fields_can_unfiltered_html_on" type="radio" name="_wpcf_usermeta_fields_unfiltered_html" value="on" <?php checked( $can_unfiltered_html, 'on' ); echo $disabled; ?> />
46	+ <label for="wpcf_postmeta_fields_can_unfiltered_html_on">
47	+ <?php _e( 'Enable unfiltered HTML in Types usermeta fields for this user', 'wpcf' ); ?>
48	+ </label>
49	+ <br />
50	+ <input id="wpcf_postmeta_fields_can_unfiltered_html_off" type="radio" name="_wpcf_usermeta_fields_unfiltered_html" value="off" <?php checked( $can_unfiltered_html, 'off' ); echo $disabled; ?> />
51	+ <label for="wpcf_postmeta_fields_can_unfiltered_html_off">
52	+ <?php _e( 'Disable unfiltered HTML in Types usermeta fields for this user', 'wpcf' ); ?>
53	+ </label>
54	+ </td>
55	+ </tr>
56	+ </tbody>
57	+ </table>
58	+ <?php
59	+ }
60	+
61	foreach ( $groups as $group ) {
62	if ( !empty( $group['fields'] ) ) {
63	$wpcf_active = true;

358	*/
359	function wpcf_admin_userprofilesave_init($user_id){
360
361	+ if ( current_user_can( 'unfiltered_html' ) ) {
362	+ if (
363	+ isset( $_POST['_wpcf_usermeta_fields_unfiltered_html'] )
364	+ && in_array( $_POST['_wpcf_usermeta_fields_unfiltered_html'], array( 'on', 'off' ) )
365	+ ) {
366	+ $unfiltered_html = $_POST['_wpcf_usermeta_fields_unfiltered_html'];
367	+ update_user_meta( $user_id, '_wpcf_usermeta_fields_unfiltered_html', $unfiltered_html );
368	+ }
369	+ } else {
370	+ update_user_meta( $user_id, '_wpcf_usermeta_fields_unfiltered_html', 'off' );
371	+ }
372	+
373	if ( defined( 'WPTOOLSET_FORMS_VERSION' ) ) {
374
375	global $wpcf;

embedded/plugin.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	Description: Define custom post types, custom taxonomies and custom fields.
6	Author: OnTheGoSystems
7	Author URI: http://www.onthegosystems.com
8	- Version: 1.7.7
9	*/
10	/**
11	*


5	Description: Define custom post types, custom taxonomies and custom fields.
6	Author: OnTheGoSystems
7	Author URI: http://www.onthegosystems.com
8	+ Version: 1.7.8
9	*/
10	/**
11	*

embedded/readme.txt CHANGED Viewed

	@@ -4,8 +4,8 @@ Donate link: http://wp-types.com
4	Tags: CMS, custom field, custom fields, custom post type, custom post types, field, fields post, post type, post types, taxonomies, taxonomy
5	License: GPLv2
6	Requires at least: 3.4
7	- Tested up to: 4.2.2
8	- Stable tag: 1.6.~~6.6~~
9
10	The Embedded version lets you create custom types, taxonomies and fields for your theme or plugin, without requiring any plugin.
11


4	Tags: CMS, custom field, custom fields, custom post type, custom post types, field, fields post, post type, post types, taxonomies, taxonomy
5	License: GPLv2
6	Requires at least: 3.4
7	+ Tested up to: 4.2.3
8	+ Stable tag: 1.7.8
9
10	The Embedded version lets you create custom types, taxonomies and fields for your theme or plugin, without requiring any plugin.
11

embedded/usermeta-init.php CHANGED Viewed

	@@ -421,6 +421,8 @@ function types_render_usermeta( $field_id, $params, $content = null, $code = ''
421	// Get field
422	$field = wpcf_fields_get_field_by_slug( $field_id, 'wpcf-usermeta' );
423


424
425	// If field not found return empty string
426	if ( empty( $field ) ) {
	@@ -597,6 +599,8 @@ function types_render_usermeta_field( $field_id, $params, $content = null,
597
598	// Set field
599	$wpcf->usermeta_field->set( $user_id, $field );


600
601
602	// See if repetitive
	@@ -681,6 +685,22 @@ function types_render_usermeta_field( $field_id, $params, $content = null,
681	return $wpcf->usermeta_field->html( $html, $params );
682	}
683
















684	/**
685	* Add fields to user profile
686	*/


421	// Get field
422	$field = wpcf_fields_get_field_by_slug( $field_id, 'wpcf-usermeta' );
423
424	+ $params['unfiltered_html'] = wpcf_usermeta_fields_can_unfiltered_html( $user_id );
425	+
426
427	// If field not found return empty string
428	if ( empty( $field ) ) {

599
600	// Set field
601	$wpcf->usermeta_field->set( $user_id, $field );
602	+
603	+ $params['unfiltered_html'] = wpcf_usermeta_fields_can_unfiltered_html( $user_id );
604
605
606	// See if repetitive

685	return $wpcf->usermeta_field->html( $html, $params );
686	}
687
688	+ function wpcf_usermeta_fields_can_unfiltered_html( $user_id ) {
689	+ $return = true;
690	+ if ( empty( $user_id ) ) {
691	+ return $return;
692	+ }
693	+ $can_unfiltered_html = get_user_meta( $user_id, '_wpcf_usermeta_fields_unfiltered_html', true );
694	+ if (
695	+ $can_unfiltered_html == 'off'
696	+ \|\| wpcf_get_settings('usermeta_unfiltered_html') == 'off'
697	+ \|\| ! apply_filters( 'wpcf_filter_wpcf_usermeta_fields_unfiltered_html', true, $user_id )
698	+ ) {
699	+ $return = false;
700	+ }
701	+ return $return;
702	+ }
703	+
704	/**
705	* Add fields to user profile
706	*/

includes/settings.php CHANGED Viewed

@@ -91,7 +91,7 @@ function wpcf_admin_general_settings_form() {
                         '#type' => 'checkbox',
                         '#title' => __("When importing, add texts to WPML's String Translation table",
                                 'wpcf'),
-            -
                        '#inline' => true,
                         '#default_value' => !empty($settings['register_translations_on_import']),
                         '#after' => '<br />',
                     );
@@ -132,6 +132,45 @@ function wpcf_admin_general_settings_form() {
                     ),
                     '#inline' => false,
                     '#default_value' => $settings['help_box'],
                 );
                 $form['submit'] = array(
                     '#type' => 'submit',
@@ -200,7 +239,7 @@ function wpcf_admin_general_settings_form_submit($form) {
                 $settings = wpcf_get_settings();
                 $data = $_POST['wpcf_settings'];
-            -
                foreach (array('register_translations_on_import','help_box') as $setting) {
                     if (!isset($data[$setting])) {
                         $settings[$setting] = 0;
                     } else {


91	'#type' => 'checkbox',
92	'#title' => __("When importing, add texts to WPML's String Translation table",
93	'wpcf'),
94	+ '#inline' => false,
95	'#default_value' => !empty($settings['register_translations_on_import']),
96	'#after' => '<br />',
97	);

132	),
133	'#inline' => false,
134	'#default_value' => $settings['help_box'],
135	+ );
136	+ $form['postmeta-unfiltered-html'] = array(
137	+ '#id' => 'postmeta_unfiltered_html',
138	+ '#name' => 'wpcf_settings[postmeta_unfiltered_html]',
139	+ '#type' => 'radios',
140	+ '#title' => __('Custom fields - unfiltered HTML', 'wpcf'),
141	+ '#options' => array(
142	+ 'on' => array(
143	+ '#value' => 'on',
144	+ '#title' => __("Enable saving unfiltered HTML in Types custom fields for users with higher roles - can be disabled on each post", 'wpcf'),
145	+ '#description' => __('Note that when a user with a low level role saves a post, he will disable unfiltered HTML.', 'wpcf'),
146	+ ),
147	+ 'off' => array(
148	+ '#value' => 'off',
149	+ '#title' => __("Disable saving unfiltered HTML in Types custom fields for all users", 'wpcf'),
150	+ //'#description' => __('.', 'wpcf'),
151	+ ),
152	+ ),
153	+ '#inline' => false,
154	+ '#default_value' => $settings['postmeta_unfiltered_html'],
155	+ );
156	+ $form['usermeta-unfiltered-html'] = array(
157	+ '#id' => 'usermeta_unfiltered_html',
158	+ '#name' => 'wpcf_settings[usermeta_unfiltered_html]',
159	+ '#type' => 'radios',
160	+ '#title' => __('Usermeta fields - unfiltered HTML', 'wpcf'),
161	+ '#options' => array(
162	+ 'on' => array(
163	+ '#value' => 'on',
164	+ '#title' => __("Enable saving unfiltered HTML in Types usermeta fields for users with higher roles - can be disabled on each user", 'wpcf'),
165	+ '#description' => __('Note that when a user with a low level role edits his own profile, he will disable unfiltered HTML.', 'wpcf'),
166	+ ),
167	+ 'off' => array(
168	+ '#value' => 'off',
169	+ '#title' => __("Disable saving unfiltered HTML in Types usermeta fields for all users", 'wpcf')
170	+ ),
171	+ ),
172	+ '#inline' => false,
173	+ '#default_value' => $settings['usermeta_unfiltered_html'],
174	);
175	$form['submit'] = array(
176	'#type' => 'submit',

239
240	$settings = wpcf_get_settings();
241	$data = $_POST['wpcf_settings'];
242	+ foreach (array('register_translations_on_import','help_box','postmeta_unfiltered_html','usermeta_unfiltered_html') as $setting) {
243	if (!isset($data[$setting])) {
244	$settings[$setting] = 0;
245	} else {

readme.txt CHANGED Viewed

	@@ -4,8 +4,8 @@ Donate link: http://wp-types.com
4	Tags: CMS, custom field, custom fields, custom post type, custom post types, field, fields post, post type, post types, taxonomies, taxonomy
5	License: GPLv2
6	Requires at least: 3.4
7	- Tested up to: 4.2.2
8	- Stable tag: 1.7.7
9
10	The complete and reliable plugin for managing custom post types, custom taxonomies and custom fields.
11
	@@ -155,6 +155,12 @@ Additionally, Types is the only plugin that lets you define parent/child relatio
155
156	== Changelog ==
157






158	= 1.7.7 =
159
160	* Release date: 2015-07-21


4	Tags: CMS, custom field, custom fields, custom post type, custom post types, field, fields post, post type, post types, taxonomies, taxonomy
5	License: GPLv2
6	Requires at least: 3.4
7	+ Tested up to: 4.2.3
8	+ Stable tag: 1.7.8
9
10	The complete and reliable plugin for managing custom post types, custom taxonomies and custom fields.
11

155
156	== Changelog ==
157
158	+ = 1.7.8 =
159	+
160	+ * Release date: 2015-08-03
161	+ * Fixed WYSIWYG field for WP 4.2.3 security release.
162	+ * Added HTML frontend rendering settings.
163	+
164	= 1.7.7 =
165
166	* Release date: 2015-07-21

wpcf.php CHANGED Viewed

	@@ -5,7 +5,7 @@
5	Description: Define custom post types, custom taxonomies and custom fields.
6	Author: OnTheGoSystems
7	Author URI: http://www.onthegosystems.com
8	- Version: 1.7.7
9	*/
10	/**
11	*
	@@ -16,7 +16,7 @@ if ( !defined( 'WPCF_VERSION' ) ) {
16	/**
17	* make sure that WPCF_VERSION in embedded/bootstrap.php is the same!
18	*/
19	- define( 'WPCF_VERSION', '1.7.7' );
20	}
21
22	define( 'WPCF_REPOSITORY', 'http://api.wp-types.com/' );


5	Description: Define custom post types, custom taxonomies and custom fields.
6	Author: OnTheGoSystems
7	Author URI: http://www.onthegosystems.com
8	+ Version: 1.7.8
9	*/
10	/**
11	*

16	/**
17	* make sure that WPCF_VERSION in embedded/bootstrap.php is the same!
18	*/
19	+ define( 'WPCF_VERSION', '1.7.8' );
20	}
21
22	define( 'WPCF_REPOSITORY', 'http://api.wp-types.com/' );

Toolset Types – Custom Post Types, Custom Fields and Taxonomies - Version 1.7.8

Version Description

Release Info

Code changes from version 1.7.7 to 1.7.8