WordPress Popular Posts - Version 4.0.3

Version Description

This is a hotfix release.

Dashboard: escapes post titles to prevent potential XSS (props Delta!)
Restores ability to use a custom default thumbnail.

Release Info

Developer	hcabrera
Plugin	WordPress Popular Posts
Version	4.0.3
Comparing to
See all releases

Code changes from version 4.0.2 to 4.0.3

Files changed (6) hide show

admin/class-wordpress-popular-posts-admin.php +2 -2
admin/partials/admin.php +2 -2
includes/class-wordpress-popular-posts-image.php +10 -0
includes/class-wordpress-popular-posts-output.php +23 -10
readme.txt +9 -2
wordpress-popular-posts.php +1 -1

admin/class-wordpress-popular-posts-admin.php CHANGED Viewed

	@@ -747,7 +747,7 @@ class WPP_Admin {
747	foreach ( $posts as $post ) { ?>
748	<li>
749	<p>
750	- <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo $post->title; ?></a>
751	<br />
752	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?></span>
753	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>
	@@ -802,7 +802,7 @@ class WPP_Admin {
802	foreach ( $posts as $post ) { ?>
803	<li>
804	<p>
805	- <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo $post->title; ?></a>
806	<br />
807	<span><?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
808	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>


747	foreach ( $posts as $post ) { ?>
748	<li>
749	<p>
750	+ <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo sanitize_text_field( $post->title ); ?></a>
751	<br />
752	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?></span>
753	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>

802	foreach ( $posts as $post ) { ?>
803	<li>
804	<p>
805	+ <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo sanitize_text_field( $post->title ); ?></a>
806	<br />
807	<span><?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
808	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>

admin/partials/admin.php CHANGED Viewed

	@@ -407,7 +407,7 @@ $tabs = array(
407	foreach ( $posts as $post ) { ?>
408	<li>
409	<p>
410	- <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo $post->title; ?></a>
411	<br />
412	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?>, <?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
413	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>
	@@ -454,7 +454,7 @@ $tabs = array(
454	foreach ( $posts as $post ) { ?>
455	<li>
456	<p>
457	- <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo $post->title; ?></a>
458	<br />
459	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?>, <?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
460	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>


407	foreach ( $posts as $post ) { ?>
408	<li>
409	<p>
410	+ <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo sanitize_text_field( $post->title ); ?></a>
411	<br />
412	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?>, <?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
413	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>

454	foreach ( $posts as $post ) { ?>
455	<li>
456	<p>
457	+ <a href="<?php echo get_permalink( $post->id ); ?>"><?php echo sanitize_text_field( $post->title ); ?></a>
458	<br />
459	<span><?php printf( _n( '1 view', '%s views', $post->pageviews, 'wordpress-popular-posts' ), number_format_i18n( $post->pageviews ) ); ?>, <?php printf( _n( '1 comment', '%s comments', $post->comment_count, 'wordpress-popular-posts' ), number_format_i18n( $post->comment_count ) ); ?></span>
460	<small> — <a href="<?php echo get_permalink( $post->id ); ?>"><?php _e("View"); ?></a> \| <a href="<?php echo get_edit_post_link( $post->id ); ?>"><?php _e("Edit"); ?></a></small>

includes/class-wordpress-popular-posts-image.php CHANGED Viewed

@@ -508,4 +508,14 @@ class WPP_Image {
                     return $sizes;
+                }
             } // End WPP_Image class


508	return $sizes;
509	}
510
511	+ /**
512	+ * Sets default thumbnail image.
513	+ *
514	+ * @since 4.0.2
515	+ * @param string $url
516	+ */
517	+ public function set_default( $url ) {
518	+ $this->default_thumbnail = esc_url( $url );
519	+ }
520	+
521	} // End WPP_Image class

includes/class-wordpress-popular-posts-output.php CHANGED Viewed

	@@ -30,14 +30,27 @@ class WPP_Output {
30	*/
31	private $default_thumbnail_sizes = array();
32








33	public function __construct( array $popular_posts = array(), array $options = array() ) {
34
35	$this->data = $popular_posts;
36	$this->options = $options;
37	$this->admin_options = WPP_Settings::get( 'admin_options' );
38
39	- $wpp_image = WPP_Image::get_instance();
40	- ~~$this->default_thumbnail_sizes = $wpp_image->get_image_sizes();~~





41
42	$this->build_output();
43
	@@ -278,13 +291,13 @@ class WPP_Output {
278	*/
279	private function get_thumbnail( stdClass $post_object ) {
280
281	- $wpp_image = WPP_Image::get_instance();
282
283	$thumbnail = '';
284
285	if (
286	$this->options['thumbnail']['active']
287	- && $wpp_image->can_create_thumbnails()
288	) {
289
290	// Create / get thumbnail from custom field
	@@ -301,7 +314,7 @@ class WPP_Output {
301	// Resize CF image
302	if ( $this->admin_options['tools']['thumbnail']['resize'] ) {
303
304	- $thumbnail = $wpp_image->get_img(
305	$post_object,
306	$thumb_url,
307	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
	@@ -312,7 +325,7 @@ class WPP_Output {
312	} // Use original CF image
313	else {
314
315	- $thumbnail = $wpp_image->render_image(
316	$thumb_url,
317	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
318	'wpp-thumbnail wpp_cf',
	@@ -324,7 +337,7 @@ class WPP_Output {
324	} // Custom field is empty / not set, use default thumbnail
325	else {
326
327	- $thumbnail = $wpp_image->get_img(
328	null,
329	null,
330	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
	@@ -376,7 +389,7 @@ class WPP_Output {
376	} // There's no Featured Image set for this post
377	else {
378
379	- $thumbnail = $wpp_image->get_img(
380	null,
381	null,
382	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
	@@ -389,7 +402,7 @@ class WPP_Output {
389	} // Current theme does not support Featured Images (?)
390	else {
391
392	- $thumbnail = $wpp_image->get_img(
393	null,
394	null,
395	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
	@@ -402,7 +415,7 @@ class WPP_Output {
402	} // Build / Fetch WPP thumbnail
403	else {
404
405	- $thumbnail = $wpp_image->get_img(
406	$post_object,
407	null,
408	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),


30	*/
31	private $default_thumbnail_sizes = array();
32
33	+ /**
34	+ * WPP_Image object
35	+ *
36	+ * @since 4.0.2
37	+ * @var object
38	+ */
39	+ private $wpp_image;
40	+
41	public function __construct( array $popular_posts = array(), array $options = array() ) {
42
43	$this->data = $popular_posts;
44	$this->options = $options;
45	$this->admin_options = WPP_Settings::get( 'admin_options' );
46
47	+ $this->wpp_image = WPP_Image::get_instance();
48	+
49	+ if ( filter_var( $this->admin_options['tools']['thumbnail']['default'], FILTER_VALIDATE_URL ) ) {
50	+ $this->wpp_image->set_default( $this->admin_options['tools']['thumbnail']['default'] );
51	+ }
52	+
53	+ $this->default_thumbnail_sizes = $this->wpp_image->get_image_sizes();
54
55	$this->build_output();
56

291	*/
292	private function get_thumbnail( stdClass $post_object ) {
293
294	+ $this->wpp_image = WPP_Image::get_instance();
295
296	$thumbnail = '';
297
298	if (
299	$this->options['thumbnail']['active']
300	+ && $this->wpp_image->can_create_thumbnails()
301	) {
302
303	// Create / get thumbnail from custom field

314	// Resize CF image
315	if ( $this->admin_options['tools']['thumbnail']['resize'] ) {
316
317	+ $thumbnail = $this->wpp_image->get_img(
318	$post_object,
319	$thumb_url,
320	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),

325	} // Use original CF image
326	else {
327
328	+ $thumbnail = $this->wpp_image->render_image(
329	$thumb_url,
330	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),
331	'wpp-thumbnail wpp_cf',

337	} // Custom field is empty / not set, use default thumbnail
338	else {
339
340	+ $thumbnail = $this->wpp_image->get_img(
341	null,
342	null,
343	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),

389	} // There's no Featured Image set for this post
390	else {
391
392	+ $thumbnail = $this->wpp_image->get_img(
393	null,
394	null,
395	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),

402	} // Current theme does not support Featured Images (?)
403	else {
404
405	+ $thumbnail = $this->wpp_image->get_img(
406	null,
407	null,
408	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),

415	} // Build / Fetch WPP thumbnail
416	else {
417
418	+ $thumbnail = $this->wpp_image->get_img(
419	$post_object,
420	null,
421	array( $this->options['thumbnail']['width'], $this->options['thumbnail']['height'] ),

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=hcabr
4	Tags: popular, posts, widget, popularity, top
5	Requires at least: 4.1
6	Tested up to: 4.8.2
7	- Stable tag: 4.0.2
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -82,6 +82,13 @@ The FAQ section has been moved [here](https://github.com/cabrerahector/wordpress
82	4. WordPress Popular Posts Stats panel.
83
84	== Changelog ==







85	= 4.0.2 =
86
87	This is a hotfix release.
	@@ -107,7 +114,7 @@ The FAQ section has been moved [here](https://github.com/cabrerahector/wordpress
107	- Adds ability to pick a Custom Time Range!
108	- Adds ability to filter posts by other taxonomies than just categories!
109	- Adds Relative Date Format.
110	- - Fixes error caused by changeset 41508 https://core.trac.wordpress.org/changeset/41508
111	- Improves PHP7+ compatibility.
112	- Improves compatibility with WP-SpamShield, WooCommerce, Polylang and WPML.
113	- Drops qTranslate support (that plugin has been long removed from WordPress.org anyways.)


4	Tags: popular, posts, widget, popularity, top
5	Requires at least: 4.1
6	Tested up to: 4.8.2
7	+ Stable tag: 4.0.3
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

82	4. WordPress Popular Posts Stats panel.
83
84	== Changelog ==
85	+ = 4.0.3 =
86	+
87	+ This is a hotfix release.
88	+
89	+ - Dashboard: escapes post titles to prevent potential XSS (props Delta!)
90	+ - Restores ability to use a custom default thumbnail.
91	+
92	= 4.0.2 =
93
94	This is a hotfix release.

114	- Adds ability to pick a Custom Time Range!
115	- Adds ability to filter posts by other taxonomies than just categories!
116	- Adds Relative Date Format.
117	+ - Fixes error caused by changeset 41508 https://core.trac.wordpress.org/changeset/41508 (props hykw!)
118	- Improves PHP7+ compatibility.
119	- Improves compatibility with WP-SpamShield, WooCommerce, Polylang and WPML.
120	- Drops qTranslate support (that plugin has been long removed from WordPress.org anyways.)

wordpress-popular-posts.php CHANGED Viewed

	@@ -16,7 +16,7 @@
16	* Plugin Name: WordPress Popular Posts
17	* Plugin URI: https://wordpress.org/plugins/wordpress-popular-posts/
18	* Description: A highly customizable widget that displays the most popular posts on your blog.
19	- * Version: 4.0.2
20	* Author: Hector Cabrera
21	* Author URI: http://cabrerahector.com/
22	* License: GPL-2.0+


16	* Plugin Name: WordPress Popular Posts
17	* Plugin URI: https://wordpress.org/plugins/wordpress-popular-posts/
18	* Description: A highly customizable widget that displays the most popular posts on your blog.
19	+ * Version: 4.0.3
20	* Author: Hector Cabrera
21	* Author URI: http://cabrerahector.com/
22	* License: GPL-2.0+