Import any XML or CSV File to WordPress

Version Description

Important security fixes - additional hardening, prevention of blind SQL injection and reflected XSS attacks

Release Info

Developer	soflyy
Plugin	Import any XML or CSV File to WordPress
Version	3.2.5
Comparing to
See all releases

Code changes from version 3.2.4 to 3.2.5

Files changed (16) hide show

actions/admin_head.php +19 -9
actions/admin_init.php +1 -50
actions/wp_ajax_auto_detect_cf.php +4 -0
actions/wp_ajax_auto_detect_sf.php +4 -0
actions/wp_ajax_import_failed.php +4 -0
actions/wp_ajax_test_images.php +4 -0
classes/handler.php +1 -1
classes/input.php +8 -1
controllers/admin/history.php +10 -0
controllers/admin/import.php +4 -0
controllers/admin/manage.php +8 -0
plugin.php +3 -13
readme.txt +5 -8
views/admin/import/options/_reimport_options.php +8 -8
views/admin/import/preview_images.php +14 -12
views/admin/import/template/_custom_fields_template.php +1 -1

actions/admin_head.php CHANGED Viewed

	@@ -7,23 +7,33 @@ function pmxi_admin_head(){
7	}
8	</style>
9	<?php

10	$input = new PMXI_Input();
11	- $~~import_id~~ = $input->get(~~'id', false);~~
12	- ~~$import_action = $input->get(~~'~~action~~', false);
13	- if ~~($import_id){~~



14	?>
15	<script type="text/javascript">
16	- var import_id = '<?php echo $~~import_id~~; ?>';
17	</script>
18	<?php
19	}
20
21	- $wp_all_import_ajax_nonce = ~~wp_create_nonce( "wp_all_import_secure" )~~;






22
23	?>
24	- <script type="text/javascript">
25	- var import_action = '<?php echo $~~import_action~~; ?>';
26	- var wp_all_import_security = '<?php echo $wp_all_import_ajax_nonce; ?>';
27	- </script>
28	<?php
29	}


7	}
8	</style>
9	<?php
10	+
11	$input = new PMXI_Input();
12	+ $get_params = $input->get(array(
13	+ 'id' => false,
14	+ 'action' => false
15	+ ));
16	+
17	+ if ($get_params['id']){
18	?>
19	<script type="text/javascript">
20	+ var import_id = '<?php echo $get_params["id"]; ?>';
21	</script>
22	<?php
23	}
24
25	+ $wp_all_import_ajax_nonce = '';
26	+
27	+ if ( get_current_user_id() and current_user_can('manage_options')) {
28	+
29	+ $wp_all_import_ajax_nonce = wp_create_nonce( "wp_all_import_secure" );
30	+
31	+ }
32
33	?>
34	+ <script type="text/javascript">
35	+ var import_action = '<?php echo $get_params["action"]; ?>';
36	+ var wp_all_import_security = '<?php echo $wp_all_import_ajax_nonce; ?>';
37	+ </script>
38	<?php
39	}

actions/admin_init.php CHANGED Viewed

@@ -6,54 +6,5 @@ function pmxi_admin_init(){
                 @ini_set('mysql.connect_timeout', 300);
                 @ini_set('default_socket_timeout', 300);
-            -
-            -
                // PressTrends Account API Key
-            -
                $api_key = 'xz614vukf9fcl3w100g1zvnzeenphzti6vt4';
-            -
                $auth    = 'mnqfv85ftc98zpkgheiz16qzry9g87s6k';
-            -
                // Start of Metrics
-            -
                global $wpdb;
-            -
                $data = get_transient( 'presstrends_cache_data' );
-            -
                if ( !$data || $data == '' ) {
-            -
                    $api_base = 'http://api.presstrends.io/index.php/api/pluginsites/update?auth=';
-            -
                    $url      = $api_base . $auth . '&api=' . $api_key . '';
-            -
                    $count_posts    = wp_count_posts();
-            -
                    $count_pages    = wp_count_posts( 'page' );
-            -
                    $comments_count = wp_count_comments();
-            -
                    if ( function_exists( 'wp_get_theme' ) ) {
-            -
                        $theme_data = wp_get_theme();
-            -
                        $theme_name = urlencode( $theme_data->Name );
-            -
                    } else {
-            -
                        $theme_data = get_theme_data( get_stylesheet_directory() . '/style.css' );
-            -
                        $theme_name = $theme_data['Name'];
-            -
                    }
-            -
                    $plugin_name = '&';
-            -
                    foreach ( get_plugins() as $plugin_info ) {
-            -
                        $plugin_name .= $plugin_info['Name'] . '&';
-            -
                    }
-            -
                    // CHANGE __FILE__ PATH IF LOCATED OUTSIDE MAIN PLUGIN FILE
-            -
                    $plugin_data         = get_plugin_data( __FILE__ );
-            -
                    $posts_with_comments = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->posts WHERE post_type='post' AND comment_count > 0" );
-            -
                    $data                = array(
-            -
                        'url'             => base64_encode(site_url()),
-            -
                        'posts'           => $count_posts->publish,
-            -
                        'pages'           => $count_pages->publish,
-            -
                        'comments'        => $comments_count->total_comments,
-            -
                        'approved'        => $comments_count->approved,
-            -
                        'spam'            => $comments_count->spam,
-            -
                        'pingbacks'       => $wpdb->get_var( "SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_type = 'pingback'" ),
-            -
                        'post_conversion' => ( $count_posts->publish > 0 && $posts_with_comments > 0 ) ? number_format( ( $posts_with_comments / $count_posts->publish ) * 100, 0, '.', '' ) : 0,
-            -
                        'theme_version'   => $plugin_data['Version'],
-            -
                        'theme_name'      => $theme_name,
-            -
                        'site_name'       => str_replace( ' ', '', get_bloginfo( 'name' ) ),
-            -
                        'plugins'         => count( get_option( 'active_plugins' ) ),
-            -
                        'plugin'          => urlencode( $plugin_name ),
-            -
                        'wpversion'       => get_bloginfo( 'version' ),
-            -
                    );
-            -
                    foreach ( $data as $k => $v ) {
-            -
                        $url .= '&' . $k . '=' . $v . '';
-            -
                    }
-            -
                    wp_remote_get( $url );
-            -
                    set_transient( 'presstrends_cache_data', $data, 60 * 60 * 24 );
-            -
                }
-            -
+            }

                 @ini_set('mysql.connect_timeout', 300);
                 @ini_set('default_socket_timeout', 300);
+            +
+            }

actions/wp_ajax_auto_detect_cf.php CHANGED Viewed

	@@ -5,6 +5,10 @@ function pmxi_wp_ajax_auto_detect_cf(){
5	exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}
7




8	$input = new PMXI_Input();
9	$fields = $input->post('fields', array());
10	$post_type = $input->post('post_type', 'post');


5	exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}
7
8	+ if ( ! current_user_can('manage_options') ){
9	+ exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
10	+ }
11	+
12	$input = new PMXI_Input();
13	$fields = $input->post('fields', array());
14	$post_type = $input->post('post_type', 'post');

actions/wp_ajax_auto_detect_sf.php CHANGED Viewed

	@@ -5,6 +5,10 @@ function pmxi_wp_ajax_auto_detect_sf(){
5	exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}
7




8	$input = new PMXI_Input();
9	$fieldName = $input->post('name', '');
10	$post_type = $input->post('post_type', 'post');


5	exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}
7
8	+ if ( ! current_user_can('manage_options') ){
9	+ exit( json_encode(array('result' => array(), 'msg' => __('Security check', 'wp_all_import_plugin'))) );
10	+ }
11	+
12	$input = new PMXI_Input();
13	$fieldName = $input->post('name', '');
14	$post_type = $input->post('post_type', 'post');

actions/wp_ajax_import_failed.php CHANGED Viewed

	@@ -4,6 +4,10 @@ function pmxi_wp_ajax_import_failed(){
4	if ( ! check_ajax_referer( 'wp_all_import_secure', 'security', false )){
5	exit( json_encode(array('result' => false, 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}




7
8	extract($_POST);
9	$import = new PMXI_Import_record();


4	if ( ! check_ajax_referer( 'wp_all_import_secure', 'security', false )){
5	exit( json_encode(array('result' => false, 'msg' => __('Security check', 'wp_all_import_plugin'))) );
6	}
7	+
8	+ if ( ! current_user_can('manage_options') ){
9	+ exit( json_encode(array('result' => false, 'msg' => __('Security check', 'wp_all_import_plugin'))) );
10	+ }
11
12	extract($_POST);
13	$import = new PMXI_Import_record();

actions/wp_ajax_test_images.php CHANGED Viewed

	@@ -6,6 +6,10 @@ function pmxi_wp_ajax_test_images(){
6	exit( json_encode(array('result' => array(), 'failed_msgs' => array(__('Security check', 'wp_all_import_plugin')))));
7	}
8




9	$input = new PMXI_Input();
10
11	$post = $input->post(array(


6	exit( json_encode(array('result' => array(), 'failed_msgs' => array(__('Security check', 'wp_all_import_plugin')))));
7	}
8
9	+ if ( ! current_user_can('manage_options') ){
10	+ exit( json_encode(array('result' => array(), 'failed_msgs' => array(__('Security check', 'wp_all_import_plugin')))));
11	+ }
12	+
13	$input = new PMXI_Input();
14
15	$post = $input->post(array(

classes/handler.php CHANGED Viewed

	@@ -115,7 +115,7 @@ class PMXI_Handler extends PMXI_Session {
115
116	$now = time();
117	$expired_sessions = array();
118	- $wpallimport_session_expires = $wpdb->get_results( "SELECT option_name, option_value FROM $wpdb->options WHERE option_name LIKE '_wpallimport_session_expires_". $import_id ."_%'" );
119
120	foreach ( $wpallimport_session_expires as $wpallimport_session_expire ) {
121	//if ( $now > intval( $wpallimport_session_expire->option_value ) ) {


115
116	$now = time();
117	$expired_sessions = array();
118	+ $wpallimport_session_expires = $wpdb->get_results( $wpdb->prepare("SELECT option_name, option_value FROM $wpdb->options WHERE option_name LIKE %s", "_wpallimport_session_expires_" . $import_id . "_%") );
119
120	foreach ( $wpallimport_session_expires as $wpallimport_session_expire ) {
121	//if ( $now > intval( $wpallimport_session_expire->option_value ) ) {

classes/input.php CHANGED Viewed

	@@ -19,7 +19,14 @@ class PMXI_Input {
19	}
20
21	public function get($paramName, $default = NULL) {
22	- ~~return~~ $this->~~read~~(~~$_GET, $paramName, $default~~);







23	}
24
25	public function post($paramName, $default = NULL) {


19	}
20
21	public function get($paramName, $default = NULL) {
22	+ $this->addFilter('strip_tags');
23	+ $this->addFilter('htmlspecialchars');
24	+ $this->addFilter('esc_sql');
25	+ $result = $this->read($_GET, $paramName, $default);
26	+ $this->removeFilter('strip_tags');
27	+ $this->removeFilter('htmlspecialchars');
28	+ $this->removeFilter('esc_sql');
29	+ return $result;
30	}
31
32	public function post($paramName, $default = NULL) {

controllers/admin/history.php CHANGED Viewed

	@@ -25,7 +25,17 @@ class PMXI_Admin_History extends PMXI_Controller_Admin {
25	'id' => ''
26	));
27	$get['pagenum'] = absint($get['pagenum']);

28	extract($get);









29	if (empty($id)){
30	wp_redirect(add_query_arg(array('page' => 'pmxi-admin-manage', 'pmxi_nt' => urlencode(__('Import is not specified.', 'wp_all_import_plugin'))), $this->baseUrl)); die();
31	}


25	'id' => ''
26	));
27	$get['pagenum'] = absint($get['pagenum']);
28	+ $get['id'] = absint($get['id']);
29	extract($get);
30	+
31	+ if ( ! in_array($order_by, array('date', 'id', 'run_time', 'type'))){
32	+ $order_by = 'date';
33	+ }
34	+
35	+ if ( ! in_array($order, array('DESC', 'ASC'))){
36	+ $order = 'DESC';
37	+ }
38	+
39	if (empty($id)){
40	wp_redirect(add_query_arg(array('page' => 'pmxi-admin-manage', 'pmxi_nt' => urlencode(__('Import is not specified.', 'wp_all_import_plugin'))), $this->baseUrl)); die();
41	}

controllers/admin/import.php CHANGED Viewed

	@@ -1231,6 +1231,10 @@ class PMXI_Admin_Import extends PMXI_Controller_Admin {
1231	$template_options['wizard_type'] = $post['wizard_type'];
1232	$template_options['delimiter'] = $post['delimiter'];
1233




1234	$this->data['post'] = $template_options;
1235	PMXI_Plugin::$session->set('is_loaded_template', $load_template);
1236	PMXI_Plugin::$session->set('options', $template_options);


1231	$template_options['wizard_type'] = $post['wizard_type'];
1232	$template_options['delimiter'] = $post['delimiter'];
1233
1234	+ if ($this->isWizard and $post['wizard_type'] == 'new') {
1235	+ $template_options['create_new_records'] = 1;
1236	+ }
1237	+
1238	$this->data['post'] = $template_options;
1239	PMXI_Plugin::$session->set('is_loaded_template', $load_template);
1240	PMXI_Plugin::$session->set('options', $template_options);

controllers/admin/manage.php CHANGED Viewed

	@@ -29,6 +29,14 @@ class PMXI_Admin_Manage extends PMXI_Controller_Admin {
29	$get['pagenum'] = absint($get['pagenum']);
30	extract($get);
31	$this->data += $get;








32
33	$list = new PMXI_Import_List();
34	$post = new PMXI_Post_Record();


29	$get['pagenum'] = absint($get['pagenum']);
30	extract($get);
31	$this->data += $get;
32	+
33	+ if ( ! in_array($order_by, array('registered_on', 'id', 'name'))){
34	+ $order_by = 'registered_on';
35	+ }
36	+
37	+ if ( ! in_array($order, array('DESC', 'ASC'))){
38	+ $order = 'DESC';
39	+ }
40
41	$list = new PMXI_Import_List();
42	$post = new PMXI_Post_Record();

plugin.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: WP All Import
4	Plugin URI: http://www.wpallimport.com/upgrade-to-pro?utm_source=wordpress.org&utm_medium=plugins-page&utm_campaign=free+plugin
5	Description: The most powerful solution for importing XML and CSV files to WordPress. Create Posts and Pages with content from any XML or CSV file. A paid upgrade to WP All Import Pro is available for support and additional features.
6	- Version: 3.2.4
7	Author: Soflyy
8	*/
9
	@@ -25,7 +25,7 @@ define('WP_ALL_IMPORT_ROOT_URL', rtrim(plugin_dir_url(__FILE__), '/'));
25	*/
26	define('WP_ALL_IMPORT_PREFIX', 'pmxi_');
27
28	- define('PMXI_VERSION', '3.2.4');
29
30	define('PMXI_EDITION', 'free');
31
	@@ -860,17 +860,7 @@ final class PMXI_Plugin {
860
861	if ( ! empty($fields_to_alter) ){
862
863	- if (empty($grands)) {
864	- ?>
865	- <div class="error"><p>
866	- <?php printf(
867	- __('<b>%s Plugin</b>: Current sql user %s doesn\'t have ALTER privileges', 'pmwi_plugin'),
868	- self::getInstance()->getName(), DB_USER
869	- ) ?>
870	- </p></div>
871	- <?php
872	- return false;
873	- }
874
875	foreach ($fields_to_alter as $field) {
876	switch ($field) {


3	Plugin Name: WP All Import
4	Plugin URI: http://www.wpallimport.com/upgrade-to-pro?utm_source=wordpress.org&utm_medium=plugins-page&utm_campaign=free+plugin
5	Description: The most powerful solution for importing XML and CSV files to WordPress. Create Posts and Pages with content from any XML or CSV file. A paid upgrade to WP All Import Pro is available for support and additional features.
6	+ Version: 3.2.5
7	Author: Soflyy
8	*/
9

25	*/
26	define('WP_ALL_IMPORT_PREFIX', 'pmxi_');
27
28	+ define('PMXI_VERSION', '3.2.5');
29
30	define('PMXI_EDITION', 'free');
31

860
861	if ( ! empty($fields_to_alter) ){
862
863	+ if (empty($grands)) return false;










864
865	foreach ($fields_to_alter as $field) {
866	switch ($field) {

readme.txt CHANGED Viewed

	@@ -2,7 +2,7 @@
2	Contributors: soflyy, wpallimport
3	Requires at least: 3.6.1
4	Tested up to: 4.1
5	- Stable tag: 3.2.4
6	Tags: wordpress csv import, wordpress xml import, xml, csv, datafeed, import, migrate, import csv to wordpress, import xml to wordpress, advanced xml import, advanced csv import, bulk csv import, bulk xml import, bulk data import, xml to custom post type, csv to custom post type, woocommerce csv import, woocommerce xml import, csv import, import csv, xml import, import xml, csv importer
7
8	WP All Import is an extremely powerful importer that makes it easy to import any XML or CSV file to WordPress.
	@@ -103,14 +103,11 @@ Does it work with special character encoding like Hebrew, Arabic, Chinese, etc?
103
104	== Changelog ==
105



106	= 3.2.4 =
107	- * critical security fix - stopping non-logged in users from accessing adminInit ~~http://www.wpallimport.com/2015/02/wp-import-4-1-1-mandatory-security-update/~~
108	- * added new option 'Search for existing attachments to prevent duplicates in media library'
109	- * added new filter 'wp_all_import_is_post_to_update' to skip needed posts
110	- * fixed imports pagination
111	- * fixed preview taxonomies
112	- * fixed upload folder creation when 'upload_dir' filter defined
113	- * fixed db schema for wpmu when new site added
114
115	= 3.2.3 =
116	* fixed re-count record when a file has been changed at an import setting screen


2	Contributors: soflyy, wpallimport
3	Requires at least: 3.6.1
4	Tested up to: 4.1
5	+ Stable tag: 3.2.5
6	Tags: wordpress csv import, wordpress xml import, xml, csv, datafeed, import, migrate, import csv to wordpress, import xml to wordpress, advanced xml import, advanced csv import, bulk csv import, bulk xml import, bulk data import, xml to custom post type, csv to custom post type, woocommerce csv import, woocommerce xml import, csv import, import csv, xml import, import xml, csv importer
7
8	WP All Import is an extremely powerful importer that makes it easy to import any XML or CSV file to WordPress.

103
104	== Changelog ==
105
106	+ = 3.2.5 =
107	+ * Important security fixes - additional hardening, prevention of blind SQL injection and reflected XSS attacks
108	+
109	= 3.2.4 =
110	+ * critical security fix - stopping non-logged in users from accessing adminInit






111
112	= 3.2.3 =
113	* fixed re-count record when a file has been changed at an import setting screen

views/admin/import/options/_reimport_options.php CHANGED Viewed

	@@ -146,16 +146,16 @@
146	<input type="radio" id="update_custom_fields_logic_only" name="update_custom_fields_logic" value="only" <?php echo ( "only" == $post['update_custom_fields_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
147	<label for="update_custom_fields_logic_only"><?php _e('Update only these Custom Fields, leave the rest alone', 'wp_all_import_plugin') ?></label>
148	<div class="switcher-target-update_custom_fields_logic_only pmxi_choosen" style="padding-left:17px;">
149	- <span class="hidden choosen_values"><?php if (!empty($existing_meta_keys)) echo implode(',', $existing_meta_keys);?></span>
150	- <input class="choosen_input" value="<?php if (!empty($post['custom_fields_list']) and "only" == $post['update_custom_fields_logic']) echo implode(',', $post['custom_fields_list']); ?>" type="hidden" name="custom_fields_only_list"/>
151	</div>
152	</div>
153	<div class="input">
154	<input type="radio" id="update_custom_fields_logic_all_except" name="update_custom_fields_logic" value="all_except" <?php echo ( "all_except" == $post['update_custom_fields_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
155	<label for="update_custom_fields_logic_all_except"><?php _e('Leave these fields alone, update all other Custom Fields', 'wp_all_import_plugin') ?></label>
156	<div class="switcher-target-update_custom_fields_logic_all_except pmxi_choosen" style="padding-left:17px;">
157	- <span class="hidden choosen_values"><?php if (!empty($existing_meta_keys)) echo implode(',', $existing_meta_keys);?></span>
158	- <input class="choosen_input" value="<?php if (!empty($post['custom_fields_list']) and "all_except" == $post['update_custom_fields_logic']) echo implode(',', $post['custom_fields_list']); ?>" type="hidden" name="custom_fields_except_list"/>
159	</div>
160	</div>
161	</div>
	@@ -180,16 +180,16 @@
180	<input type="radio" id="update_categories_logic_all_except" name="update_categories_logic" value="all_except" <?php echo ( "all_except" == $post['update_categories_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
181	<label for="update_categories_logic_all_except"><?php _e('Leave these taxonomies alone, update all others', 'wp_all_import_plugin') ?></label>
182	<div class="switcher-target-update_categories_logic_all_except pmxi_choosen" style="padding-left:17px;">
183	- <span class="hidden choosen_values"><?php if (!empty($existing_taxonomies)) echo implode(',', $existing_taxonomies);?></span>
184	- <input class="choosen_input" value="<?php if (!empty($post['taxonomies_list']) and "all_except" == $post['update_categories_logic']) echo implode(',', $post['taxonomies_list']); ?>" type="hidden" name="taxonomies_except_list"/>
185	</div>
186	</div>
187	<div class="input" style="margin-bottom:3px;">
188	<input type="radio" id="update_categories_logic_only" name="update_categories_logic" value="only" <?php echo ( "only" == $post['update_categories_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
189	<label for="update_categories_logic_only"><?php _e('Update only these taxonomies, leave the rest alone', 'wp_all_import_plugin') ?></label>
190	<div class="switcher-target-update_categories_logic_only pmxi_choosen" style="padding-left:17px;">
191	- <span class="hidden choosen_values"><?php if (!empty($existing_taxonomies)) echo implode(',', $existing_taxonomies);?></span>
192	- <input class="choosen_input" value="<?php if (!empty($post['taxonomies_list']) and "only" == $post['update_categories_logic']) echo implode(',', $post['taxonomies_list']); ?>" type="hidden" name="taxonomies_only_list"/>
193	</div>
194	</div>
195	<div class="input" style="margin-bottom:3px;">


146	<input type="radio" id="update_custom_fields_logic_only" name="update_custom_fields_logic" value="only" <?php echo ( "only" == $post['update_custom_fields_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
147	<label for="update_custom_fields_logic_only"><?php _e('Update only these Custom Fields, leave the rest alone', 'wp_all_import_plugin') ?></label>
148	<div class="switcher-target-update_custom_fields_logic_only pmxi_choosen" style="padding-left:17px;">
149	+ <span class="hidden choosen_values"><?php if (!empty($existing_meta_keys)) echo esc_html(implode(',', $existing_meta_keys));?></span>
150	+ <input class="choosen_input" value="<?php if (!empty($post['custom_fields_list']) and "only" == $post['update_custom_fields_logic']) echo esc_html(implode(',', $post['custom_fields_list'])); ?>" type="hidden" name="custom_fields_only_list"/>
151	</div>
152	</div>
153	<div class="input">
154	<input type="radio" id="update_custom_fields_logic_all_except" name="update_custom_fields_logic" value="all_except" <?php echo ( "all_except" == $post['update_custom_fields_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
155	<label for="update_custom_fields_logic_all_except"><?php _e('Leave these fields alone, update all other Custom Fields', 'wp_all_import_plugin') ?></label>
156	<div class="switcher-target-update_custom_fields_logic_all_except pmxi_choosen" style="padding-left:17px;">
157	+ <span class="hidden choosen_values"><?php if (!empty($existing_meta_keys)) echo esc_html(implode(',', $existing_meta_keys));?></span>
158	+ <input class="choosen_input" value="<?php if (!empty($post['custom_fields_list']) and "all_except" == $post['update_custom_fields_logic']) echo esc_html(implode(',', $post['custom_fields_list'])); ?>" type="hidden" name="custom_fields_except_list"/>
159	</div>
160	</div>
161	</div>

180	<input type="radio" id="update_categories_logic_all_except" name="update_categories_logic" value="all_except" <?php echo ( "all_except" == $post['update_categories_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
181	<label for="update_categories_logic_all_except"><?php _e('Leave these taxonomies alone, update all others', 'wp_all_import_plugin') ?></label>
182	<div class="switcher-target-update_categories_logic_all_except pmxi_choosen" style="padding-left:17px;">
183	+ <span class="hidden choosen_values"><?php if (!empty($existing_taxonomies)) echo esc_html(implode(',', $existing_taxonomies));?></span>
184	+ <input class="choosen_input" value="<?php if (!empty($post['taxonomies_list']) and "all_except" == $post['update_categories_logic']) echo esc_html(implode(',', $post['taxonomies_list'])); ?>" type="hidden" name="taxonomies_except_list"/>
185	</div>
186	</div>
187	<div class="input" style="margin-bottom:3px;">
188	<input type="radio" id="update_categories_logic_only" name="update_categories_logic" value="only" <?php echo ( "only" == $post['update_categories_logic'] ) ? 'checked="checked"': '' ?> class="switcher"/>
189	<label for="update_categories_logic_only"><?php _e('Update only these taxonomies, leave the rest alone', 'wp_all_import_plugin') ?></label>
190	<div class="switcher-target-update_categories_logic_only pmxi_choosen" style="padding-left:17px;">
191	+ <span class="hidden choosen_values"><?php if (!empty($existing_taxonomies)) echo esc_html(implode(',', $existing_taxonomies));?></span>
192	+ <input class="choosen_input" value="<?php if (!empty($post['taxonomies_list']) and "only" == $post['update_categories_logic']) echo esc_html(implode(',', $post['taxonomies_list'])); ?>" type="hidden" name="taxonomies_only_list"/>
193	</div>
194	</div>
195	<div class="input" style="margin-bottom:3px;">

views/admin/import/preview_images.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	<div class="title">
4	<div class="navigation">
5	<?php if ($tagno > 1): ?><a href="#prev" class="previous_element"> </a><?php else: ?><span class="previous_element"> </span><?php endif ?>
6	- <?php printf(__('<strong><input type="text" value="%s" name="tagno" class="tagno"/></strong><span class="out_of"> of <strong class="pmxi_count">%s</strong></span>', '~~pmxi_plugin~~'), $tagno, PMXI_Plugin::$session->count); ?>
7	<?php if ($tagno < PMXI_Plugin::$session->count): ?><a href="#next" class="next_element"> </a><?php else: ?><span class="next_element"> </span><?php endif ?>
8	</div>
9	</div>
	@@ -14,16 +14,16 @@
14	<?php $this->error() ?>
15	<?php endif ?>
16
17	- <h3><?php _e('Test Image Import', '~~pmxi_plugin~~'); ?></h3>
18
19	<?php
20
21	if ( ! empty($featured_images) ){
22
23	?>
24	- <p><?php _e('Click to test button to have WP All Import ensure it can import your images.', '~~pmxi_plugin~~'); ?></p>
25
26	- <a class="test_images" href="javascript:void(0);" style="margin-left:0;" rel="<?php echo $post['download_images']; ?>"><?php _e('Test', '~~pmxi_plugin~~'); ?></a>
27
28	<?php
29
	@@ -35,6 +35,8 @@
35	foreach ($line_imgs as $line_img)
36	$imgs = array_merge($imgs, ( ! empty($featured_delim) ) ? str_getcsv($line_img, $featured_delim) : array($line_img) );
37


38	if ( "yes" == $post['download_images']):
39
40	?>
	@@ -46,7 +48,7 @@
46	<h4><?php _e('WP All Import will attempt to import images from the following URLs:'); ?></h4>
47	<p><?php _e('Please check the URLs to ensure they point to valid images'); ?></p>
48	<ul class="images_list">
49	- <?php foreach ($imgs as $img)~~:?>~~
50
51	<li rel="<?php echo trim($img); ?>"><a href="<?php echo trim($img); ?>" target="_blank"><?php echo trim($img); ?></a></li>
52
	@@ -71,20 +73,20 @@
71	<div class="img_success"></div>
72	<div class="img_failed"></div>
73	</div>
74	- <h4><?php _e('WP All Import will import images from the following file paths:', '~~pmxi_plugin~~'); ?></h4>
75	- <p><?php _e('Please ensure the images exists at these file paths', '~~pmxi_plugin~~'); ?></p>
76	<ul class="images_list">
77	- <?php foreach ($imgs as $img) ~~:?>~~
78
79	- <li rel="<?php echo trim($img);?>"><?php echo trim(preg_replace('%.*/wp-content%', '/wp-content', $wp_uploads['basedir']) . ~~'/wpallimport/files/'~~ . trim($img)); ?></li>
80
81	<?php endforeach; ?>
82	</ul>
83	<h4><?php _e('Here are the above URLs, in <img> tags. '); ?></h4>
84
85	<?php
86	- foreach ($imgs as $img) {
87	- $img_url = home_url() . preg_replace('%.*/wp-content%', '/wp-content', $wp_uploads['basedir']) . ~~'/wpallimport/files/'~~ . trim($img);
88	?>
89	<img src="<?php echo trim($img_url);?>" style="width:64px; margin:5px; vertical-align:top;"/>
90	<?php
	@@ -95,7 +97,7 @@
95	}
96	else{
97	?>
98	- <p><?php _e('Images not found for current record.', '~~pmxi_plugin~~'); ?></p>
99	<?php
100	}
101	?>


3	<div class="title">
4	<div class="navigation">
5	<?php if ($tagno > 1): ?><a href="#prev" class="previous_element"> </a><?php else: ?><span class="previous_element"> </span><?php endif ?>
6	+ <?php printf(__('<strong><input type="text" value="%s" name="tagno" class="tagno"/></strong><span class="out_of"> of <strong class="pmxi_count">%s</strong></span>', 'wp_all_import_plugin'), $tagno, PMXI_Plugin::$session->count); ?>
7	<?php if ($tagno < PMXI_Plugin::$session->count): ?><a href="#next" class="next_element"> </a><?php else: ?><span class="next_element"> </span><?php endif ?>
8	</div>
9	</div>

14	<?php $this->error() ?>
15	<?php endif ?>
16
17	+ <h3><?php _e('Test Image Import', 'wp_all_import_plugin'); ?></h3>
18
19	<?php
20
21	if ( ! empty($featured_images) ){
22
23	?>
24	+ <p><?php _e('Click to test button to have WP All Import ensure it can import your images.', 'wp_all_import_plugin'); ?></p>
25
26	+ <a class="test_images" href="javascript:void(0);" style="margin-left:0;" rel="<?php echo $post['download_images']; ?>"><?php _e('Test', 'wp_all_import_plugin'); ?></a>
27
28	<?php
29

35	foreach ($line_imgs as $line_img)
36	$imgs = array_merge($imgs, ( ! empty($featured_delim) ) ? str_getcsv($line_img, $featured_delim) : array($line_img) );
37
38	+ $imgs = array_filter($imgs);
39	+
40	if ( "yes" == $post['download_images']):
41
42	?>

48	<h4><?php _e('WP All Import will attempt to import images from the following URLs:'); ?></h4>
49	<p><?php _e('Please check the URLs to ensure they point to valid images'); ?></p>
50	<ul class="images_list">
51	+ <?php foreach ($imgs as $img): ?>
52
53	<li rel="<?php echo trim($img); ?>"><a href="<?php echo trim($img); ?>" target="_blank"><?php echo trim($img); ?></a></li>
54

73	<div class="img_success"></div>
74	<div class="img_failed"></div>
75	</div>
76	+ <h4><?php _e('WP All Import will import images from the following file paths:', 'wp_all_import_plugin'); ?></h4>
77	+ <p><?php _e('Please ensure the images exists at these file paths', 'wp_all_import_plugin'); ?></p>
78	<ul class="images_list">
79	+ <?php foreach ($imgs as $img) : ?>
80
81	+ <li rel="<?php echo trim($img);?>"><?php echo trim(preg_replace('%.*/wp-content%', '/wp-content', $wp_uploads['basedir']) . DIRECTORY_SEPARATOR . PMXI_Plugin::FILES_DIRECTORY . DIRECTORY_SEPARATOR . trim($img)); ?></li>
82
83	<?php endforeach; ?>
84	</ul>
85	<h4><?php _e('Here are the above URLs, in <img> tags. '); ?></h4>
86
87	<?php
88	+ foreach ($imgs as $img) {
89	+ $img_url = home_url() . preg_replace('%.*/wp-content%', '/wp-content', $wp_uploads['basedir']) . DIRECTORY_SEPARATOR . PMXI_Plugin::FILES_DIRECTORY . DIRECTORY_SEPARATOR . trim($img);
90	?>
91	<img src="<?php echo trim($img_url);?>" style="width:64px; margin:5px; vertical-align:top;"/>
92	<?php

97	}
98	else{
99	?>
100	+ <p><?php _e('Images not found for current record.', 'wp_all_import_plugin'); ?></p>
101	<?php
102	}
103	?>

views/admin/import/template/_custom_fields_template.php CHANGED Viewed

	@@ -529,7 +529,7 @@
529	</tbody>
530	</table>
531
532	- <input type="hidden" id="existing_meta_keys" value="<?php echo implode(',', $meta_keys); ?>"/>
533
534	</td>
535	</tr>


529	</tbody>
530	</table>
531
532	+ <input type="hidden" id="existing_meta_keys" value="<?php echo esc_html(implode(',', $meta_keys)); ?>"/>
533
534	</td>
535	</tr>

Import any XML or CSV File to WordPress - Version 3.2.5

Version Description

Release Info

Code changes from version 3.2.4 to 3.2.5