User Submitted Posts - Version 20171103

Version Description

To upgrade User Submitted Posts, remove the old version and replace with the new version. Or just click "Update" from the Plugins screen and let WordPress do it for you automatically.

Important! The /custom/ directory is deprecated. If you are using a custom form template, please move it to /wp-content/your-theme/usp/. For more information, check out the "Custom Submission Form" section under Installation.

Note: uninstalling the plugin from the WP Plugins screen results in the removal of all settings from the WP database. Submitted posts are NOT removed if you deactivate the plugin, reset default options, or uninstall the plugins; that is, all submitted posts must be removed manually.

Download this release

Release Info

Developer	specialk
Plugin	User Submitted Posts
Version	20171103
Comparing to
See all releases

Code changes from version 20171101 to 20171103

Files changed (4) hide show

library/core-functions.php +108 -109
library/plugin-settings.php +5 -5
readme.txt +19 -12
user-submitted-posts.php +3 -3

library/core-functions.php CHANGED Viewed

@@ -2,55 +2,53 @@
             if (!defined('ABSPATH')) die();
-            -
-            -
             function usp_auto_display_images($content) {
             	global $usp_options;
-            -
            	$location = isset($usp_options['auto_display_images']) ? $usp_options['auto_display_images'] : '';
-            -
            	$markup   = isset($usp_options['auto_image_markup'])   ? $usp_options['auto_image_markup'] : '';
-            -
-            -
            	$author = get_post_meta(get_the_ID(), 'user_submit_name', true);
-            -
-            -
            	apply_filters('usp_image_args', $args = array(
-            -
            			'post_type'   => 'attachment',
-            -
            			'post_parent' => get_the_ID(),
-            -
            			'numberposts' => -1,
-            -
            		)
-            -
            	);
-            -
            	$attachments = get_posts($args);
-            -
-            -
            	if ($attachments) {
-            -
            		$images = '<p>';
-            -
            		foreach ($attachments as $attachment) {
-            -
-            -
            			$title  = apply_filters('usp_image_title',  $attachment->post_title);
-            -
-            -
            			$thumb  = apply_filters('usp_image_thumb',  wp_get_attachment_image_src($attachment->ID, 'thumbnail', false));
-            -
            			$medium = apply_filters('usp_image_medium', wp_get_attachment_image_src($attachment->ID, 'medium', false));
-            -
            			$large  = apply_filters('usp_image_large',  wp_get_attachment_image_src($attachment->ID, 'large', false));
-            -
            			$full   = apply_filters('usp_image_full',   wp_get_attachment_image_src($attachment->ID, 'full', false));
-            -
-            -
            			$custom_size = apply_filters('usp_image_custom_size', 'custom');
-            -
            			$custom = apply_filters('usp_image_custom', wp_get_attachment_image_src($attachment->ID, $custom_size, false));
-            -
            			$parent_id = wp_get_post_parent_id($attachment->ID);
-            -
            			$parent_title = get_the_title($parent_id);
-            -
            			$images .= usp_replace_image_vars($markup, $title, $thumb, $medium, $large, $full, $custom, $parent_title, $author);
-            -
            		}
-            -
-            -
            		$images .= '</p>';
-            -
-            -
            		if (usp_is_public_submission()) {
-            -
            			if     ($location === 'before') $content = $images . $content;
-            -
            			elseif ($location === 'after')  $content = $content . $images;
+            		}
@@ -126,31 +124,31 @@ function usp_auto_display_email($content) {
             	global $usp_options;
-            -
            	$location = isset($usp_options['auto_display_email']) ? $usp_options['auto_display_email'] : '';
-            -
            	$markup   = isset($usp_options['auto_email_markup'])  ? $usp_options['auto_email_markup']  : '';
-            -
-            -
            	$author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
-            -
            	$email  = apply_filters('usp_email_custom_field', get_post_meta(get_the_ID(), 'user_submit_email', true));
-            -
            	$title  = get_the_title(get_the_ID());
-            -
            	if (!empty($email)) {
-            -
            		$patterns = array();
-            -
            		$patterns[0] = "/%%author%%/";
-            -
            		$patterns[1] = "/%%email%%/";
-            -
            		$patterns[2] = "/%%title%%/";
-            -
-            -
            		$replacements = array();
-            -
            		$replacements[0] = $author;
-            -
            		$replacements[1] = $email;
-            -
            		$replacements[2] = $title;
-            -
-            -
            		$markup = preg_replace($patterns, $replacements, $markup);
-            -
            		if (usp_is_public_submission()) {
-            -
            			if     ($location === 'before') $content = $markup . $content;
-            -
            			elseif ($location === 'after')  $content = $content . $markup;
+            		}
@@ -167,31 +165,31 @@ function usp_auto_display_url($content) {
             	global $usp_options;
-            -
            	$location = isset($usp_options['auto_display_url']) ? $usp_options['auto_display_url'] : '';
-            -
            	$markup   = isset($usp_options['auto_url_markup'])  ? $usp_options['auto_url_markup']  : '';
-            -
-            -
            	$author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
-            -
            	$url    = apply_filters('usp_url_custom_field', get_post_meta(get_the_ID(), 'user_submit_url', true));
-            -
            	$title  = get_the_title(get_the_ID());
-            -
            	if (!empty($url)) {
-            -
            		$patterns = array();
-            -
            		$patterns[0] = "/%%author%%/";
-            -
            		$patterns[1] = "/%%url%%/";
-            -
            		$patterns[2] = "/%%title%%/";
-            -
            		$replacements = array();
-            -
            		$replacements[0] = $author;
-            -
            		$replacements[1] = $url;
-            -
            		$replacements[2] = $title;
-            -
-            -
            		$markup = preg_replace($patterns, $replacements, $markup);
-            -
-            -
            		if (usp_is_public_submission()) {
-            -
            			if     ($location === 'before') $content = $markup . $content;
-            -
            			elseif ($location === 'after')  $content = $content . $markup;
+            		}
@@ -208,40 +206,41 @@ function usp_auto_display_custom($content) {
             	global $usp_options;
-            -
            	$location = isset($usp_options['auto_display_custom']) ? $usp_options['auto_display_custom'] : '';
-            -
            	$markup   = isset($usp_options['auto_custom_markup'])  ? $usp_options['auto_custom_markup']  : '';
-            -
            	$label    = isset($usp_options['custom_label'])        ? $usp_options['custom_label']        : '';
-            -
            	$name     = isset($usp_options['custom_name'])         ? $usp_options['custom_name']         : '';
-            -
-            -
            	$author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
-            -
            	$value  = apply_filters('usp_custom_custom_field', get_post_meta(get_the_ID(), $name, true));
-            -
            	$title  = get_the_title(get_the_ID());
-            -
            	$value = htmlspecialchars_decode($value);
-            -
            	$value = nl2br($value);
-            -
-            -
            	if (!empty($value)) {
-            -
-            -
            		$patterns = array();
-            -
            		$patterns[0] = "/%%author%%/";
-            -
            		$patterns[1] = "/%%custom_label%%/";
-            -
            		$patterns[2] = "/%%custom_name%%/";
-            -
            		$patterns[3] = "/%%custom_value%%/";
-            -
            		$patterns[4] = "/%%title%%/";
-            -
            		$replacements = array();
-            -
            		$replacements[0] = $author;
-            -
            		$replacements[1] = $label;
-            -
            		$replacements[2] = $name;
-            -
            		$replacements[3] = $value;
-            -
            		$replacements[4] = $title;
-            -
            		$markup = preg_replace($patterns, $replacements, $markup);
-            -
            		if (usp_is_public_submission()) {
-            -
            			if     ($location === 'before') $content = $markup . $content;
-            -
            			elseif ($location === 'after')  $content = $content . $markup;
+            		}


2
3	if (!defined('ABSPATH')) die();
4


5	function usp_auto_display_images($content) {
6
7	global $usp_options;
8
9	+ $enable = isset($usp_options['auto_display_images']) ? $usp_options['auto_display_images'] : 'disable';










10
11	+ if (usp_is_public_submission() && ($enable === 'before' \|\| $enable === 'after')) {


12
13	+ $markup = isset($usp_options['auto_image_markup']) ? $usp_options['auto_image_markup'] : '';
14	+ $author = get_post_meta(get_the_ID(), 'user_submit_name', true);
15
16	+ apply_filters('usp_image_args', $args = array(
17	+ 'post_type' => 'attachment',
18	+ 'post_parent' => get_the_ID(),
19	+ 'numberposts' => -1,
20	+ )
21	+ );
22	+
23	+ $attachments = get_posts($args);
24	+
25	+ if ($attachments) {

26
27	+ $images = '<p>';

28
29	+ foreach ($attachments as $attachment) {
30	+
31	+ $title = apply_filters('usp_image_title', $attachment->post_title);
32	+
33	+ $thumb = apply_filters('usp_image_thumb', wp_get_attachment_image_src($attachment->ID, 'thumbnail', false));
34	+ $medium = apply_filters('usp_image_medium', wp_get_attachment_image_src($attachment->ID, 'medium', false));
35	+ $large = apply_filters('usp_image_large', wp_get_attachment_image_src($attachment->ID, 'large', false));
36	+ $full = apply_filters('usp_image_full', wp_get_attachment_image_src($attachment->ID, 'full', false));
37	+
38	+ $custom_size = apply_filters('usp_image_custom_size', 'custom');
39	+ $custom = apply_filters('usp_image_custom', wp_get_attachment_image_src($attachment->ID, $custom_size, false));
40	+
41	+ $parent_id = wp_get_post_parent_id($attachment->ID);
42	+ $parent_title = get_the_title($parent_id);
43	+
44	+ $images .= usp_replace_image_vars($markup, $title, $thumb, $medium, $large, $full, $custom, $parent_title, $author);
45	+
46	+ }
47
48	+ $images .= '</p>';




49
50	+ if ($enable === 'before') $content = $images . $content;
51	+ elseif ($enable === 'after') $content = $content . $images;
52
53	}
54

124
125	global $usp_options;
126
127	+ $enable = isset($usp_options['auto_display_email']) ? $usp_options['auto_display_email'] : 'disable';





128
129	+ if (usp_is_public_submission() && ($enable === 'before' \|\| $enable === 'after')) {
130
131	+ $markup = isset($usp_options['auto_email_markup']) ? $usp_options['auto_email_markup'] : '';
132	+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
133	+ $email = apply_filters('usp_email_custom_field', get_post_meta(get_the_ID(), 'user_submit_email', true));
134	+ $title = get_the_title(get_the_ID());







135
136	+ if (!empty($email)) {
137
138	+ $patterns = array();
139	+ $patterns[0] = "/%%author%%/";
140	+ $patterns[1] = "/%%email%%/";
141	+ $patterns[2] = "/%%title%%/";
142	+
143	+ $replacements = array();
144	+ $replacements[0] = $author;
145	+ $replacements[1] = $email;
146	+ $replacements[2] = $title;
147	+
148	+ $markup = preg_replace($patterns, $replacements, $markup);
149	+
150	+ if ($enable === 'before') $content = $markup . $content;
151	+ elseif ($enable === 'after') $content = $content . $markup;
152
153	}
154

165
166	global $usp_options;
167
168	+ $enable = isset($usp_options['auto_display_url']) ? $usp_options['auto_display_url'] : 'disable';





169
170	+ if (usp_is_public_submission() && ($enable === 'before' \|\| $enable === 'after')) {
171
172	+ $markup = isset($usp_options['auto_url_markup']) ? $usp_options['auto_url_markup'] : '';
173	+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
174	+ $url = apply_filters('usp_url_custom_field', get_post_meta(get_the_ID(), 'user_submit_url', true));
175	+ $title = get_the_title(get_the_ID());
176
177	+ if (!empty($url)) {
178	+
179	+ $patterns = array();
180	+ $patterns[0] = "/%%author%%/";
181	+ $patterns[1] = "/%%url%%/";
182	+ $patterns[2] = "/%%title%%/";
183	+
184	+ $replacements = array();
185	+ $replacements[0] = $author;
186	+ $replacements[1] = $url;
187	+ $replacements[2] = $title;
188
189	+ $markup = preg_replace($patterns, $replacements, $markup);
190	+
191	+ if ($enable === 'before') $content = $markup . $content;
192	+ elseif ($enable === 'after') $content = $content . $markup;
193
194	}
195

206
207	global $usp_options;
208
209	+ $enable = isset($usp_options['auto_display_custom']) ? $usp_options['auto_display_custom'] : 'disable';







210
211	+ if (usp_is_public_submission() && ($enable === 'before' \|\| $enable === 'after')) {










212
213	+ $markup = isset($usp_options['auto_custom_markup']) ? $usp_options['auto_custom_markup'] : '';
214	+ $label = isset($usp_options['custom_label']) ? $usp_options['custom_label'] : __('Custom Field', 'usp');
215	+ $name = isset($usp_options['custom_name']) ? $usp_options['custom_name'] : 'usp_custom_field';



216
217	+ $author = apply_filters('usp_author_custom_field', get_post_meta(get_the_ID(), 'user_submit_name', true));
218	+ $value = apply_filters('usp_custom_custom_field', get_post_meta(get_the_ID(), $name, true));
219	+ $title = get_the_title(get_the_ID());
220
221	+ if (!empty($value)) {
222	+
223	+ $value = htmlspecialchars_decode($value);
224	+ $value = nl2br($value);
225	+
226	+ $patterns = array();
227	+ $patterns[0] = "/%%author%%/";
228	+ $patterns[1] = "/%%custom_label%%/";
229	+ $patterns[2] = "/%%custom_name%%/";
230	+ $patterns[3] = "/%%custom_value%%/";
231	+ $patterns[4] = "/%%title%%/";
232	+
233	+ $replacements = array();
234	+ $replacements[0] = $author;
235	+ $replacements[1] = $label;
236	+ $replacements[2] = $name;
237	+ $replacements[3] = $value;
238	+ $replacements[4] = $title;
239	+
240	+ $markup = preg_replace($patterns, $replacements, $markup);
241
242	+ if ($enable === 'before') $content = $markup . $content;
243	+ elseif ($enable === 'after') $content = $content . $markup;
244
245	}
246

library/plugin-settings.php CHANGED Viewed

	@@ -10,7 +10,7 @@ function usp_add_options_page() {
10	add_options_page(USP_PLUGIN, USP_PLUGIN, 'manage_options', USP_PATH, 'usp_render_form');
11
12	}
13	- add_action ('admin_menu', 'usp_add_options_page');
14
15
16
	@@ -20,7 +20,7 @@ function usp_init() {
20	register_setting('usp_plugin_options', 'usp_options', 'usp_validate_options');
21
22	}
23	- add_action ('admin_init', 'usp_init');
24
25
26
	@@ -541,7 +541,9 @@ function usp_post_author_options() {
541
542	$limit = ($user_total > $user_max) ? $user_max : $user_total;
543
544	- $~~users~~ = ~~$wpdb->get_results(~~"SELECT ID, display_name FROM {$wpdb->users} LIMIT "~~. $limit)~~;


545
546	$output = '<select id="usp_options[author]" name="usp_options[author]">';
547
	@@ -718,8 +720,6 @@ function usp_validate_options($input) {
718
719	global $usp_options;
720
721	- if (!current_user_can('manage_options')) wp_die(__('Sorry, you are not allowed to modify settings.', 'usp'));
722	-
723	if (!isset($input['version_alert'])) $input['version_alert'] = null;
724	$input['version_alert'] = ($input['version_alert'] == 1 ? 1 : 0);
725


10	add_options_page(USP_PLUGIN, USP_PLUGIN, 'manage_options', USP_PATH, 'usp_render_form');
11
12	}
13	+ add_action('admin_menu', 'usp_add_options_page');
14
15
16

20	register_setting('usp_plugin_options', 'usp_options', 'usp_validate_options');
21
22	}
23	+ add_action('admin_init', 'usp_init');
24
25
26

541
542	$limit = ($user_total > $user_max) ? $user_max : $user_total;
543
544	+ $query = "SELECT ID, display_name FROM {$wpdb->users} LIMIT %d";
545	+
546	+ $users = $wpdb->get_results($wpdb->prepare($query, $limit));
547
548	$output = '<select id="usp_options[author]" name="usp_options[author]">';
549

720
721	global $usp_options;
722


723	if (!isset($input['version_alert'])) $input['version_alert'] = null;
724	$input['version_alert'] = ($input['version_alert'] == 1 ? 1 : 0);
725

readme.txt CHANGED Viewed

	@@ -10,8 +10,8 @@ Donate link: https://m0n.co/donate
10	Contributors: specialk
11	Requires at least: 4.1
12	Tested up to: 4.9
13	- Stable tag: ~~20171101~~
14	- Version: ~~20171101~~
15	Requires PHP: 5.2
16	Text Domain: usp
17	Domain Path: /languages
	@@ -287,18 +287,17 @@ To set submitted images as Featured Images (aka Post Thumbnails) for submitted p
287
288	Shortcodes
289
290	- User Submitted Posts provides a set of useful shortcodes:
291
292	- * `[user-submitted-posts]` - displays the form on any Post or Page
293	- * `[usp-login-form]` - displayed a login/register/password form
294	- * `[usp_display_posts]` - displays list of all submitted posts
295	- * `[usp_access cap="read" deny=""][/usp_access]` - limits access to specific user capability
296	- * `[usp_visitor deny=""][/usp_visitor]` - limits access to visitors (not logged in) only
297	- * `[usp_member deny=""][/usp_member]` - limits access to logged-in users
298
299	- The `[user-submitted-posts]` and `[usp-login-form]` shortcodes do not have any attributes. You simply include either wherever you want to display the form.
300
301	- The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" and "numposts". Examples:
302
303	[usp_display_posts] : default displays all submitted posts by all authors
304	[usp_display_posts userid="1"] : displays all submitted posts by registered user with ID = 1
	@@ -309,7 +308,7 @@ The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" an
309
310	So the shortcode attributes can be used to customize the post list as desired. Note that the Pro version of USP provides many more options for the [display-posts shortcode](https://plugin-planet.com/usp-pro-display-list-submitted-posts/).
311
312	- The three access shortcodes, `[usp_access]`, `[usp_visitor]`, and `[usp_member]`, accept an optional `deny` attribute. The `deny` attribute displays a message to users who are denied access. Tip: to include markup in the deny message, you can use `{tag}` to display ~~`<~~tag~~>`.~~ Also, the `[usp_access]` shortcode accepts a required `cap` attribute. The `cap` attribute specifies the required capability or capabilities (comma-separated).
313
314
315	Template tags
	@@ -592,6 +591,14 @@ Links, tweets and likes also appreciated. Thanks! :)
592
593	Thank you to everyone who shares feedback for User Submitted Posts!
594








595	20171101
596
597	* Updates readme


10	Contributors: specialk
11	Requires at least: 4.1
12	Tested up to: 4.9
13	+ Stable tag: 20171103
14	+ Version: 20171103
15	Requires PHP: 5.2
16	Text Domain: usp
17	Domain Path: /languages

287
288	Shortcodes
289
290	+ User Submitted Posts provides a set of useful shortcodes. Check out the "Display the Form" panel in the plugin settings for examples and more information.
291
292	+ [user-submitted-posts] : displays the form on any Post or Page
293	+ [usp-login-form] : displayed a login/register/password form
294	+ [usp_display_posts] : displays list of all submitted posts
295	+ [usp_access cap="read" deny=""][/usp_access] : limits access to specific user capability
296	+ [usp_visitor deny=""][/usp_visitor] : limits access to visitors (not logged in) only
297	+ [usp_member deny=""][/usp_member] : limits access to logged-in users
298

299
300	+ The `[user-submitted-posts]` and `[usp-login-form]` shortcodes do not accept any attributes. The `[usp_display_posts]` shortcode accepts two optional attributes, "userid" and "numposts". Examples:
301
302	[usp_display_posts] : default displays all submitted posts by all authors
303	[usp_display_posts userid="1"] : displays all submitted posts by registered user with ID = 1

308
309	So the shortcode attributes can be used to customize the post list as desired. Note that the Pro version of USP provides many more options for the [display-posts shortcode](https://plugin-planet.com/usp-pro-display-list-submitted-posts/).
310
311	+ The three access shortcodes, `[usp_access]`, `[usp_visitor]`, and `[usp_member]`, accept an optional `deny` attribute. The `deny` attribute displays a message to users who are denied access. Tip: to include markup in the deny message, you can use `{tag}` to display `<tag>`. Also, the `[usp_access]` shortcode accepts a required `cap` attribute. The `cap` attribute specifies the required capability or capabilities (comma-separated).
312
313
314	Template tags

591
592	Thank you to everyone who shares feedback for User Submitted Posts!
593
594	+ 20171103
595	+
596	+ * Fixes PHP Warning for `htmlspecialchars_decode()`
597	+ * Fixes bug with non-admin users, removes extra `manage_options` requirement
598	+ * Improves logic of core functions for better performance
599	+ * Adds `$wpdb->prepare()` to `usp_post_author_options()`
600	+ * Tests on WordPress 4.9
601	+
602	20171101
603
604	* Updates readme

user-submitted-posts.php CHANGED Viewed

	@@ -10,8 +10,8 @@
10	Contributors: specialk
11	Requires at least: 4.1
12	Tested up to: 4.9
13	- Stable tag: ~~20171101~~
14	- Version: ~~20171101~~
15	Requires PHP: 5.2
16	Text Domain: usp
17	Domain Path: /languages
	@@ -40,7 +40,7 @@ if (!defined('ABSPATH')) die();
40
41
42	define('USP_WP_VERSION', '4.1');
43	- define('USP_VERSION', '~~20171101~~');
44	define('USP_PLUGIN', esc_html__('User Submitted Posts', 'usp'));
45	define('USP_PATH', plugin_basename(__FILE__));
46


10	Contributors: specialk
11	Requires at least: 4.1
12	Tested up to: 4.9
13	+ Stable tag: 20171103
14	+ Version: 20171103
15	Requires PHP: 5.2
16	Text Domain: usp
17	Domain Path: /languages

40
41
42	define('USP_WP_VERSION', '4.1');
43	+ define('USP_VERSION', '20171103');
44	define('USP_PLUGIN', esc_html__('User Submitted Posts', 'usp'));
45	define('USP_PATH', plugin_basename(__FILE__));
46