User Submitted Posts - Version 20171103

Version Description

To upgrade User Submitted Posts, remove the old version and replace with the new version. Or just click "Update" from the Plugins screen and let WordPress do it for you automatically.

Important! The /custom/ directory is deprecated. If you are using a custom form template, please move it to /wp-content/your-theme/usp/. For more information, check out the "Custom Submission Form" section under Installation.

Note: uninstalling the plugin from the WP Plugins screen results in the removal of all settings from the WP database. Submitted posts are NOT removed if you deactivate the plugin, reset default options, or uninstall the plugins; that is, all submitted posts must be removed manually.

Download this release

Release Info

Developer specialk
Plugin Icon 128x128 User Submitted Posts
Version 20171103
Comparing to
See all releases

Code changes from version 20171101 to 20171103

library/core-functions.php CHANGED
@@ -2,55 +2,53 @@
2
3
if (!defined('ABSPATH')) die();
4
5
-
6
-
7
function usp_auto_display_images($content) {
8
9
global $usp_options;
10
11
- $location = isset($usp_options['auto_display_images']) ? $usp_options['auto_display_images'] : '';
12
- $markup = isset($usp_options['auto_image_markup']) ? $usp_options['auto_image_markup'] : '';
13
-
14
- $author = get_post_meta(get_the_ID(), 'user_submit_name', true);
15
-
16
- apply_filters('usp_image_args', $args = array(
17
- 'post_type' => 'attachment',
18
- 'post_parent' => get_the_ID(),
19
- 'numberposts' => -1,
20
- )
21
- );
22
23
- $attachments = get_posts($args);
24
-
25
- if ($attachments) {
26
27
- $images = '<p>';
28
29
- foreach ($attachments as $attachment) {
30
-
31
- $title = apply_filters('usp_image_title', $attachment->post_title);
32
-
33
- $thumb = apply_filters('usp_image_thumb', wp_get_attachment_image_src($attachment->ID, 'thumbnail', false));
34
- $medium = apply_filters('usp_image_medium', wp_get_attachment_image_src($attachment->ID, 'medium', false));
35
- $large = apply_filters('usp_image_large', wp_get_attachment_image_src($attachment->ID, 'large', false));
36
- $full = apply_filters('usp_image_full', wp_get_attachment_image_src($attachment->ID, 'full', false));
37
-
38
- $custom_size = apply_filters('usp_image_custom_size', 'custom');
39
- $custom = apply_filters('usp_image_custom', wp_get_attachment_image_src($attachment->ID, $custom_size, false));
40
41
- $parent_id = wp_get_post_parent_id($attachment->ID);
42
- $parent_title = get_the_title($parent_id);
43
44
- $images .= usp_replace_image_vars($markup, $title, $thumb, $medium, $large, $full, $custom, $parent_title, $author);
45
46
- }
47
-
48
- $images .= '</p>';
49
-
50
- if (usp_is_public_submission()) {
51
52
- if ($location === 'before') $content = $images . $content;
53
- elseif ($location === 'after') $content = $content . $images;
54
55
}
56
@@ -126,31 +124,31 @@ function usp_auto_display_email($content) {
126
127
global $usp_options;
128
129
- $location = isset($usp_options['auto_display_email']) ? $usp_options['auto_display_email'] : '';
130
- $markup = isset($usp_options['auto_email_markup']) ? $usp_options['auto_email_markup'] : '';
131
-
132
- $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
133
- $email = apply_filters('usp_email_custom_field', get_post_meta(get_the_ID(), 'user_submit_email', true));
134
- $title = get_the_title(get_the_ID());
135
136
- if (!empty($email)) {
137
138
- $patterns = array();
139
- $patterns[0] = "/%%author%%/";
140
- $patterns[1] = "/%%email%%/";
141
- $patterns[2] = "/%%title%%/";
142
-
143
- $replacements = array();
144
- $replacements[0] = $author;
145
- $replacements[1] = $email;
146
- $replacements[2] = $title;
147
-
148
- $markup = preg_replace($patterns, $replacements, $markup);
149
150
- if (usp_is_public_submission()) {
151
152
- if ($location === 'before') $content = $markup . $content;
153
- elseif ($location === 'after') $content = $content . $markup;
154
155
}
156
@@ -167,31 +165,31 @@ function usp_auto_display_url($content) {
167
168
global $usp_options;
169
170
- $location = isset($usp_options['auto_display_url']) ? $usp_options['auto_display_url'] : '';
171
- $markup = isset($usp_options['auto_url_markup']) ? $usp_options['auto_url_markup'] : '';
172
-
173
- $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
174
- $url = apply_filters('usp_url_custom_field', get_post_meta(get_the_ID(), 'user_submit_url', true));
175
- $title = get_the_title(get_the_ID());
176
177
- if (!empty($url)) {
178
179
- $patterns = array();
180
- $patterns[0] = "/%%author%%/";
181
- $patterns[1] = "/%%url%%/";
182
- $patterns[2] = "/%%title%%/";
183
184
- $replacements = array();
185
- $replacements[0] = $author;
186
- $replacements[1] = $url;
187
- $replacements[2] = $title;
188
-
189
- $markup = preg_replace($patterns, $replacements, $markup);
190
-
191
- if (usp_is_public_submission()) {
192
193
- if ($location === 'before') $content = $markup . $content;
194
- elseif ($location === 'after') $content = $content . $markup;
195
196
}
197
@@ -208,40 +206,41 @@ function usp_auto_display_custom($content) {
208
209
global $usp_options;
210
211
- $location = isset($usp_options['auto_display_custom']) ? $usp_options['auto_display_custom'] : '';
212
- $markup = isset($usp_options['auto_custom_markup']) ? $usp_options['auto_custom_markup'] : '';
213
- $label = isset($usp_options['custom_label']) ? $usp_options['custom_label'] : '';
214
- $name = isset($usp_options['custom_name']) ? $usp_options['custom_name'] : '';
215
-
216
- $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
217
- $value = apply_filters('usp_custom_custom_field', get_post_meta(get_the_ID(), $name, true));
218
- $title = get_the_title(get_the_ID());
219
220
- $value = htmlspecialchars_decode($value);
221
- $value = nl2br($value);
222
-
223
- if (!empty($value)) {
224
-
225
- $patterns = array();
226
- $patterns[0] = "/%%author%%/";
227
- $patterns[1] = "/%%custom_label%%/";
228
- $patterns[2] = "/%%custom_name%%/";
229
- $patterns[3] = "/%%custom_value%%/";
230
- $patterns[4] = "/%%title%%/";
231
232
- $replacements = array();
233
- $replacements[0] = $author;
234
- $replacements[1] = $label;
235
- $replacements[2] = $name;
236
- $replacements[3] = $value;
237
- $replacements[4] = $title;
238
239
- $markup = preg_replace($patterns, $replacements, $markup);
240
241
- if (usp_is_public_submission()) {
242
243
- if ($location === 'before') $content = $markup . $content;
244
- elseif ($location === 'after') $content = $content . $markup;
245
246
}
247
2
3
if (!defined('ABSPATH')) die();
4
5
function usp_auto_display_images($content) {
6
7
global $usp_options;
8
9
+ $enable = isset($usp_options['auto_display_images']) ? $usp_options['auto_display_images'] : 'disable';
10
11
+ if (usp_is_public_submission() && ($enable === 'before' || $enable === 'after')) {
12
13
+ $markup = isset($usp_options['auto_image_markup']) ? $usp_options['auto_image_markup'] : '';
14
+ $author = get_post_meta(get_the_ID(), 'user_submit_name', true);
15
16
+ apply_filters('usp_image_args', $args = array(
17
+ 'post_type' => 'attachment',
18
+ 'post_parent' => get_the_ID(),
19
+ 'numberposts' => -1,
20
+ )
21
+ );
22
+
23
+ $attachments = get_posts($args);
24
+
25
+ if ($attachments) {
26
27
+ $images = '<p>';
28
29
+ foreach ($attachments as $attachment) {
30
+
31
+ $title = apply_filters('usp_image_title', $attachment->post_title);
32
+
33
+ $thumb = apply_filters('usp_image_thumb', wp_get_attachment_image_src($attachment->ID, 'thumbnail', false));
34
+ $medium = apply_filters('usp_image_medium', wp_get_attachment_image_src($attachment->ID, 'medium', false));
35
+ $large = apply_filters('usp_image_large', wp_get_attachment_image_src($attachment->ID, 'large', false));
36
+ $full = apply_filters('usp_image_full', wp_get_attachment_image_src($attachment->ID, 'full', false));
37
+
38
+ $custom_size = apply_filters('usp_image_custom_size', 'custom');
39
+ $custom = apply_filters('usp_image_custom', wp_get_attachment_image_src($attachment->ID, $custom_size, false));
40
+
41
+ $parent_id = wp_get_post_parent_id($attachment->ID);
42
+ $parent_title = get_the_title($parent_id);
43
+
44
+ $images .= usp_replace_image_vars($markup, $title, $thumb, $medium, $large, $full, $custom, $parent_title, $author);
45
+
46
+ }
47
48
+ $images .= '</p>';
49
50
+ if ($enable === 'before') $content = $images . $content;
51
+ elseif ($enable === 'after') $content = $content . $images;
52
53
}
54
124
125
global $usp_options;
126
127
+ $enable = isset($usp_options['auto_display_email']) ? $usp_options['auto_display_email'] : 'disable';
128
129
+ if (usp_is_public_submission() && ($enable === 'before' || $enable === 'after')) {
130
131
+ $markup = isset($usp_options['auto_email_markup']) ? $usp_options['auto_email_markup'] : '';
132
+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
133
+ $email = apply_filters('usp_email_custom_field', get_post_meta(get_the_ID(), 'user_submit_email', true));
134
+ $title = get_the_title(get_the_ID());
135
136
+ if (!empty($email)) {
137
138
+ $patterns = array();
139
+ $patterns[0] = "/%%author%%/";
140
+ $patterns[1] = "/%%email%%/";
141
+ $patterns[2] = "/%%title%%/";
142
+
143
+ $replacements = array();
144
+ $replacements[0] = $author;
145
+ $replacements[1] = $email;
146
+ $replacements[2] = $title;
147
+
148
+ $markup = preg_replace($patterns, $replacements, $markup);
149
+
150
+ if ($enable === 'before') $content = $markup . $content;
151
+ elseif ($enable === 'after') $content = $content . $markup;
152
153
}
154
165
166
global $usp_options;
167
168
+ $enable = isset($usp_options['auto_display_url']) ? $usp_options['auto_display_url'] : 'disable';
169
170
+ if (usp_is_public_submission() && ($enable === 'before' || $enable === 'after')) {
171
172
+ $markup = isset($usp_options['auto_url_markup']) ? $usp_options['auto_url_markup'] : '';
173
+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
174
+ $url = apply_filters('usp_url_custom_field', get_post_meta(get_the_ID(), 'user_submit_url', true));
175
+ $title = get_the_title(get_the_ID());
176
177
+ if (!empty($url)) {
178
+
179
+ $patterns = array();
180
+ $patterns[0] = "/%%author%%/";
181
+ $patterns[1] = "/%%url%%/";
182
+ $patterns[2] = "/%%title%%/";
183
+
184
+ $replacements = array();
185
+ $replacements[0] = $author;
186
+ $replacements[1] = $url;
187
+ $replacements[2] = $title;
188
189
+ $markup = preg_replace($patterns, $replacements, $markup);
190
+
191
+ if ($enable === 'before') $content = $markup . $content;
192
+ elseif ($enable === 'after') $content = $content . $markup;
193
194
}
195
206
207
global $usp_options;
208
209
+ $enable = isset($usp_options['auto_display_custom']) ? $usp_options['auto_display_custom'] : 'disable';
210
211
+ if (usp_is_public_submission() && ($enable === 'before' || $enable === 'after')) {
212
213
+ $markup = isset($usp_options['auto_custom_markup']) ? $usp_options['auto_custom_markup'] : '';
214
+ $label = isset($usp_options['custom_label']) ? $usp_options['custom_label'] : __('Custom Field', 'usp');
215
+ $name = isset($usp_options['custom_name']) ? $usp_options['custom_name'] : 'usp_custom_field';
216
217
+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
218
+ $value = apply_filters('usp_custom_custom_field', get_post_meta(get_the_ID(), $name, true));
219
+ $title = get_the_title(get_the_ID());
220
221
+ if (!empty($value)) {
222
+
223
+ $value = htmlspecialchars_decode($value);
224
+ $value = nl2br($value);
225
+
226
+ $patterns = array();
227
+ $patterns[0] = "/%%author%%/";
228
+ $patterns[1] = "/%%custom_label%%/";
229
+ $patterns[2] = "/%%custom_name%%/";
230
+ $patterns[3] = "/%%custom_value%%/";
231
+ $patterns[4] = "/%%title%%/";
232
+
233
+ $replacements = array();
234
+ $replacements[0] = $author;
235
+ $replacements[1] = $label;
236
+ $replacements[2] = $name;
237
+ $replacements[3] = $value;
238
+ $replacements[4] = $title;
239
+
240
+ $markup = preg_replace($patterns, $replacements, $markup);
241
242
+ if ($enable === 'before') $content = $markup . $content;
243
+ elseif ($enable === 'after') $content = $content . $markup;
244
245
}
246
library/plugin-settings.php CHANGED
@@ -10,7 +10,7 @@ function usp_add_options_page() {
10
add_options_page(USP_PLUGIN, USP_PLUGIN, 'manage_options', USP_PATH, 'usp_render_form');
11
12
}
13
- add_action ('admin_menu', 'usp_add_options_page');
14
15
16
@@ -20,7 +20,7 @@ function usp_init() {
20
register_setting('usp_plugin_options', 'usp_options', 'usp_validate_options');
21
22
}
23
- add_action ('admin_init', 'usp_init');
24
25
26
@@ -541,7 +541,9 @@ function usp_post_author_options() {
541
542
$limit = ($user_total > $user_max) ? $user_max : $user_total;
543
544
- $users = $wpdb->get_results("SELECT ID, display_name FROM {$wpdb->users} LIMIT ". $limit);
545
546
$output = '<select id="usp_options[author]" name="usp_options[author]">';
547
@@ -718,8 +720,6 @@ function usp_validate_options($input) {
718
719
global $usp_options;
720
721
- if (!current_user_can('manage_options')) wp_die(__('Sorry, you are not allowed to modify settings.', 'usp'));
722
-
723
if (!isset($input['version_alert'])) $input['version_alert'] = null;
724
$input['version_alert'] = ($input['version_alert'] == 1 ? 1 : 0);
725
10
add_options_page(USP_PLUGIN, USP_PLUGIN, 'manage_options', USP_PATH, 'usp_render_form');
11
12
}
13
+ add_action('admin_menu', 'usp_add_options_page');
14
15
16
20
register_setting('usp_plugin_options', 'usp_options', 'usp_validate_options');
21
22
}
23
+ add_action('admin_init', 'usp_init');
24
25
26
541
542
$limit = ($user_total > $user_max) ? $user_max : $user_total;
543
544
+ $query = "SELECT ID, display_name FROM {$wpdb->users} LIMIT %d";
545
+
546
+ $users = $wpdb->get_results($wpdb->prepare($query, $limit));
547
548
$output = '<select id="usp_options[author]" name="usp_options[author]">';
549
720
721
global $usp_options;
722
723
if (!isset($input['version_alert'])) $input['version_alert'] = null;
724
$input['version_alert'] = ($input['version_alert'] == 1 ? 1 : 0);
725
readme.txt CHANGED
@@ -10,8 +10,8 @@ Donate link: https://m0n.co/donate
10
Contributors: specialk
11
Requires at least: 4.1
12
Tested up to: 4.9
13
- Stable tag: 20171101
14
- Version: 20171101
15
Requires PHP: 5.2
16
Text Domain: usp
17
Domain Path: /languages
@@ -287,18 +287,17 @@ To set submitted images as Featured Images (aka Post Thumbnails) for submitted p
287
288
**Shortcodes**
289
290
- User Submitted Posts provides a set of useful shortcodes:
291
292
- * `[user-submitted-posts]` - displays the form on any Post or Page
293
- * `[usp-login-form]` - displayed a login/register/password form
294
- * `[usp_display_posts]` - displays list of all submitted posts
295
- * `[usp_access cap="read" deny=""][/usp_access]` - limits access to specific user capability
296
- * `[usp_visitor deny=""][/usp_visitor]` - limits access to visitors (not logged in) only
297
- * `[usp_member deny=""][/usp_member]` - limits access to logged-in users
298
299
- The `[user-submitted-posts]` and `[usp-login-form]` shortcodes do not have any attributes. You simply include either wherever you want to display the form.
300
301
- The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" and "numposts". Examples:
302
303
[usp_display_posts] : default displays all submitted posts by all authors
304
[usp_display_posts userid="1"] : displays all submitted posts by registered user with ID = 1
@@ -309,7 +308,7 @@ The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" an
309
310
So the shortcode attributes can be used to customize the post list as desired. Note that the Pro version of USP provides many more options for the [display-posts shortcode](https://plugin-planet.com/usp-pro-display-list-submitted-posts/).
311
312
- The three access shortcodes, `[usp_access]`, `[usp_visitor]`, and `[usp_member]`, accept an optional `deny` attribute. The `deny` attribute displays a message to users who are denied access. Tip: to include markup in the deny message, you can use `{tag}` to display `&lt;tag&gt;`. Also, the `[usp_access]` shortcode accepts a required `cap` attribute. The `cap` attribute specifies the required capability or capabilities (comma-separated).
313
314
315
**Template tags**
@@ -592,6 +591,14 @@ Links, tweets and likes also appreciated. Thanks! :)
592
593
*Thank you to everyone who shares feedback for User Submitted Posts!*
594
595
**20171101**
596
597
* Updates readme
10
Contributors: specialk
11
Requires at least: 4.1
12
Tested up to: 4.9
13
+ Stable tag: 20171103
14
+ Version: 20171103
15
Requires PHP: 5.2
16
Text Domain: usp
17
Domain Path: /languages
287
288
**Shortcodes**
289
290
+ User Submitted Posts provides a set of useful shortcodes. Check out the "Display the Form" panel in the plugin settings for examples and more information.
291
292
+ [user-submitted-posts] : displays the form on any Post or Page
293
+ [usp-login-form] : displayed a login/register/password form
294
+ [usp_display_posts] : displays list of all submitted posts
295
+ [usp_access cap="read" deny=""][/usp_access] : limits access to specific user capability
296
+ [usp_visitor deny=""][/usp_visitor] : limits access to visitors (not logged in) only
297
+ [usp_member deny=""][/usp_member] : limits access to logged-in users
298
299
300
+ The `[user-submitted-posts]` and `[usp-login-form]` shortcodes do not accept any attributes. The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" and "numposts". Examples:
301
302
[usp_display_posts] : default displays all submitted posts by all authors
303
[usp_display_posts userid="1"] : displays all submitted posts by registered user with ID = 1
308
309
So the shortcode attributes can be used to customize the post list as desired. Note that the Pro version of USP provides many more options for the [display-posts shortcode](https://plugin-planet.com/usp-pro-display-list-submitted-posts/).
310
311
+ The three access shortcodes, `[usp_access]`, `[usp_visitor]`, and `[usp_member]`, accept an optional `deny` attribute. The `deny` attribute displays a message to users who are denied access. Tip: to include markup in the deny message, you can use `{tag}` to display `<tag>`. Also, the `[usp_access]` shortcode accepts a required `cap` attribute. The `cap` attribute specifies the required capability or capabilities (comma-separated).
312
313
314
**Template tags**
591
592
*Thank you to everyone who shares feedback for User Submitted Posts!*
593
594
+ **20171103**
595
+
596
+ * Fixes PHP Warning for `htmlspecialchars_decode()`
597
+ * Fixes bug with non-admin users, removes extra `manage_options` requirement
598
+ * Improves logic of core functions for better performance
599
+ * Adds `$wpdb->prepare()` to `usp_post_author_options()`
600
+ * Tests on WordPress 4.9
601
+
602
**20171101**
603
604
* Updates readme
user-submitted-posts.php CHANGED
@@ -10,8 +10,8 @@
10
Contributors: specialk
11
Requires at least: 4.1
12
Tested up to: 4.9
13
- Stable tag: 20171101
14
- Version: 20171101
15
Requires PHP: 5.2
16
Text Domain: usp
17
Domain Path: /languages
@@ -40,7 +40,7 @@ if (!defined('ABSPATH')) die();
40
41
42
define('USP_WP_VERSION', '4.1');
43
- define('USP_VERSION', '20171101');
44
define('USP_PLUGIN', esc_html__('User Submitted Posts', 'usp'));
45
define('USP_PATH', plugin_basename(__FILE__));
46
10
Contributors: specialk
11
Requires at least: 4.1
12
Tested up to: 4.9
13
+ Stable tag: 20171103
14
+ Version: 20171103
15
Requires PHP: 5.2
16
Text Domain: usp
17
Domain Path: /languages
40
41
42
define('USP_WP_VERSION', '4.1');
43
+ define('USP_VERSION', '20171103');
44
define('USP_PLUGIN', esc_html__('User Submitted Posts', 'usp'));
45
define('USP_PATH', plugin_basename(__FILE__));
46