WP External Links (nofollow new tab seo) - Version 1.81

Version Description

  • Security update (reported by Vulnerability Lab)
  • Some small changes
Download this release

Release Info

Developer freelancephp
Plugin Icon 128x128 WP External Links (nofollow new tab seo)
Version 1.81
Comparing to
See all releases

Code changes from version 1.80 to 1.81

Files changed (5) hide show
  1. includes/class-admin-external-links.php +3 -3
  2. includes/class-wp-external-links.php +6 -6
  3. includes/wp-plugin-dev-classes/class-wp-option-forms.php +26 -12
  4. readme.txt +6 -2
  5. wp-external-links.php +11 -2
includes/class-admin-external-links.php CHANGED
@@ -260,17 +260,17 @@ style;
260
  </tr>
261
  <tr>
262
  <th style="width:250px;"><?php $this->_e( 'Make subdomains internal' ) ?>
263
- <?php echo $this->tooltip_help( 'Threat all links to the site\'s domain and subdomains as internal links.' ) ?></th>
264
  <td>
265
  <label><?php echo $this->form->checkbox( 'ignore_subdomains', 1 ); ?>
266
- <span><?php $this->_e( 'Threat all links to the site\'s domain and subdomains as internal links' ) ?></span></label>
267
  </td>
268
  </tr>
269
  <tr>
270
  <th><?php $this->_e( 'Ignore links with URL\'s containing...' ) ?>
271
  <?php echo $this->tooltip_help( 'This plugin will completely ignore links that contain one of the given texts in the URL. Use enter to seperate each text. This check is not case sensitive.' ) ?></th>
272
  <td><label><?php echo $this->form->textarea( 'ignore' ); ?>
273
- <span class="description"><?php _e( 'Seperate each by an enter. No wildcards nescessary, f.e. <code>wordpress.org</code> will be threaded as <code>*wordpress.org*</code>' ) ?></span></label>
274
  </td>
275
  </tr>
276
  <?php
260
  </tr>
261
  <tr>
262
  <th style="width:250px;"><?php $this->_e( 'Make subdomains internal' ) ?>
263
+ <?php echo $this->tooltip_help( 'Treat all links to the site\'s domain and subdomains as internal links.' ) ?></th>
264
  <td>
265
  <label><?php echo $this->form->checkbox( 'ignore_subdomains', 1 ); ?>
266
+ <span><?php $this->_e( 'Treat all links to the site\'s domain and subdomains as internal links' ) ?></span></label>
267
  </td>
268
  </tr>
269
  <tr>
270
  <th><?php $this->_e( 'Ignore links with URL\'s containing...' ) ?>
271
  <?php echo $this->tooltip_help( 'This plugin will completely ignore links that contain one of the given texts in the URL. Use enter to seperate each text. This check is not case sensitive.' ) ?></th>
272
  <td><label><?php echo $this->form->textarea( 'ignore' ); ?>
273
+ <span class="description"><?php _e( 'Seperate each by an enter. No wildcards nescessary, f.e. <code>wordpress.org</code> will be treaded as <code>*wordpress.org*</code>' ) ?></span></label>
274
  </td>
275
  </tr>
276
  <?php
includes/class-wp-external-links.php CHANGED
@@ -158,7 +158,7 @@ final class WP_External_Links {
158
  ?>
159
  <style type="text/css" media="screen">
160
  /* WP External Links Plugin */
161
- .ext-icon-<?php echo $icon ?> { background:url(<?php echo plugins_url('/images/ext-icons/ext-icon-' . $icon . '.png', WP_EXTERNAL_LINKS_FILE) ?>) no-repeat 100% 50%; padding-right:<?php echo $padding ?>px; }';
162
  </style>
163
  <?php
164
  }
@@ -403,7 +403,7 @@ final class WP_External_Links {
403
  }
404
 
405
  // is an internal link?
406
- // rel=external will be threaded as external link
407
  $is_external = $this->is_external( $href );
408
  $has_rel_external = (strpos( $rel, 'external' ) !== FALSE);
409
 
@@ -442,7 +442,7 @@ final class WP_External_Links {
442
  // set title
443
  $title_format = $this->get_opt( 'title' );
444
  $title = ( isset( $attrs[ 'title' ] ) ) ? $attrs[ 'title' ] : '';
445
- $attrs[ 'title' ] = str_replace( '%title%', $title, $title_format );
446
 
447
  // set user-defined class
448
  $class = $this->get_opt( 'class_name' );
@@ -471,10 +471,10 @@ final class WP_External_Links {
471
  } elseif ($target && $target !== '_none') {
472
  if ($this->get_opt( 'use_js' )) {
473
  // add data-attr for javascript
474
- $attrs['data-wpel-target'] = $target;
475
  } else {
476
  // set target value
477
- $attrs[ 'target' ] = $target;
478
  }
479
  }
480
 
@@ -535,7 +535,7 @@ final class WP_External_Links {
535
  if ( empty( $value ) AND $default === NULL ) {
536
  unset( $attrs[ $attr_name ] );
537
  } else {
538
- $attrs[ $attr_name ] = $value;
539
  }
540
 
541
  return $value;
158
  ?>
159
  <style type="text/css" media="screen">
160
  /* WP External Links Plugin */
161
+ .ext-icon-<?php echo esc_html( $icon ) ?> { background:url(<?php echo plugins_url('/images/ext-icons/ext-icon-' . esc_html( $icon ) . '.png', WP_EXTERNAL_LINKS_FILE) ?>) no-repeat 100% 50%; padding-right:<?php echo $padding ?>px; };
162
  </style>
163
  <?php
164
  }
403
  }
404
 
405
  // is an internal link?
406
+ // rel=external will be treaded as external link
407
  $is_external = $this->is_external( $href );
408
  $has_rel_external = (strpos( $rel, 'external' ) !== FALSE);
409
 
442
  // set title
443
  $title_format = $this->get_opt( 'title' );
444
  $title = ( isset( $attrs[ 'title' ] ) ) ? $attrs[ 'title' ] : '';
445
+ $attrs[ 'title' ] = str_replace( '%title%', $title, esc_attr( $title_format ) );
446
 
447
  // set user-defined class
448
  $class = $this->get_opt( 'class_name' );
471
  } elseif ($target && $target !== '_none') {
472
  if ($this->get_opt( 'use_js' )) {
473
  // add data-attr for javascript
474
+ $attrs['data-wpel-target'] = esc_attr( $target );
475
  } else {
476
  // set target value
477
+ $attrs[ 'target' ] = esc_attr( $target );
478
  }
479
  }
480
 
535
  if ( empty( $value ) AND $default === NULL ) {
536
  unset( $attrs[ $attr_name ] );
537
  } else {
538
+ $attrs[ $attr_name ] = esc_attr( $value );
539
  }
540
 
541
  return $value;
includes/wp-plugin-dev-classes/class-wp-option-forms.php CHANGED
@@ -71,18 +71,32 @@ class WP_Option_Forms_01 {
71
  public function call_wp_ajax() {
72
  check_ajax_referer( 'wpof_update_options', 'wpof-nonce' );
73
 
 
 
 
 
74
  $option_name = $_POST[ 'ajax_option_name' ];
75
- $value = NULL;
76
 
77
  if ( isset( $_POST[ $option_name ] ) )
78
- $value = $_POST[ $option_name ];
 
 
 
 
79
 
80
- if ( ! is_array( $value ) )
81
- $value = trim( $value );
82
 
83
- $value = stripslashes_deep( $value );
 
 
 
 
 
 
 
84
 
85
- update_option( $option_name, $value );
86
 
87
  die( '1' );
88
  }
@@ -141,7 +155,7 @@ class WP_Option_Forms_01 {
141
  if ( $ajaxSave ) {
142
  $html .= wp_nonce_field( 'wpof_update_options', 'wpof-nonce', FALSE, FALSE );
143
  $html .= '<input type="hidden" name="action" value="wpof_update_options" />';
144
- $html .= '<input type="hidden" name="ajax_option_name" value="'. $this->current_option .'" />';
145
 
146
  // instead of using settings_fields();
147
  $html .= '<input type="hidden" name="option_page" value="' . esc_attr( $this->current_option ) . '" />';
@@ -220,7 +234,7 @@ class WP_Option_Forms_01 {
220
  if ( ! key_exists( 'class', $attrs ) )
221
  $attrs[ 'class' ] = 'large-text';
222
 
223
- return '<textarea '. $this->attrs( $attrs, $key ) .'>'. $this->value( $key ) .'</textarea>';
224
  }
225
 
226
  /**
@@ -261,7 +275,7 @@ class WP_Option_Forms_01 {
261
 
262
  foreach ( $options AS $value => $label ) {
263
  $selected = ( $value == $this->value( $key ) ) ? ' selected="selected"' : '';
264
- $html .= '<option value="'. $value .'"'. $selected .'>'. $label .'</option>';
265
  }
266
 
267
  $html .= '</select>';
@@ -341,14 +355,14 @@ class WP_Option_Forms_01 {
341
  if ( $key !== NULL ) {
342
  $str .= 'name="' . $this->field_name( $key ) .'" ';
343
  if ( ! key_exists( 'id', $attrs ) )
344
- $str .= 'id="' . $key .'" ';
345
  }
346
 
347
  if ( $value !== NULL )
348
- $str .= 'value="' . $value .'" ';
349
 
350
  foreach ( $attrs AS $attr => $value )
351
- $str .= $attr .'="'. $value .'" ';
352
 
353
  return $str;
354
  }
71
  public function call_wp_ajax() {
72
  check_ajax_referer( 'wpof_update_options', 'wpof-nonce' );
73
 
74
+ if ( ! current_user_can( 'manage_options' ) ) {
75
+ die( '0' );
76
+ }
77
+
78
  $option_name = $_POST[ 'ajax_option_name' ];
79
+ $values = NULL;
80
 
81
  if ( isset( $_POST[ $option_name ] ) )
82
+ $values = $_POST[ $option_name ];
83
+
84
+ if ( ! is_array( $values ) ) {
85
+ die( '0' );
86
+ }
87
 
88
+ $values = stripslashes_deep( $values );
 
89
 
90
+ foreach ( $values as $key => $val ) {
91
+ if ( $key === 'ignore' ) {
92
+ // text area (don't remove line breaks)
93
+ $values[ $key ] = filter_var( $val, FILTER_SANITIZE_STRING );
94
+ } else {
95
+ $values[ $key ] = sanitize_text_field( $val );
96
+ }
97
+ }
98
 
99
+ update_option( $option_name, $values );
100
 
101
  die( '1' );
102
  }
155
  if ( $ajaxSave ) {
156
  $html .= wp_nonce_field( 'wpof_update_options', 'wpof-nonce', FALSE, FALSE );
157
  $html .= '<input type="hidden" name="action" value="wpof_update_options" />';
158
+ $html .= '<input type="hidden" name="ajax_option_name" value="'. esc_attr( $this->current_option ) .'" />';
159
 
160
  // instead of using settings_fields();
161
  $html .= '<input type="hidden" name="option_page" value="' . esc_attr( $this->current_option ) . '" />';
234
  if ( ! key_exists( 'class', $attrs ) )
235
  $attrs[ 'class' ] = 'large-text';
236
 
237
+ return '<textarea '. $this->attrs( $attrs, $key ) .'>'. esc_textarea( $this->value( $key ) ) .'</textarea>';
238
  }
239
 
240
  /**
275
 
276
  foreach ( $options AS $value => $label ) {
277
  $selected = ( $value == $this->value( $key ) ) ? ' selected="selected"' : '';
278
+ $html .= '<option value="'. esc_attr( $value ) .'"'. $selected .'>'. $label .'</option>';
279
  }
280
 
281
  $html .= '</select>';
355
  if ( $key !== NULL ) {
356
  $str .= 'name="' . $this->field_name( $key ) .'" ';
357
  if ( ! key_exists( 'id', $attrs ) )
358
+ $str .= 'id="' . esc_attr( $key ) .'" ';
359
  }
360
 
361
  if ( $value !== NULL )
362
+ $str .= 'value="' . esc_attr( $value ) .'" ';
363
 
364
  foreach ( $attrs AS $attr => $value )
365
+ $str .= $attr .'="'. esc_attr( $value ) .'" ';
366
 
367
  return $str;
368
  }
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: freelancephp
3
  Tags: links, external, icon, target, _blank, _new, _none, rel, nofollow, new window, new tab, javascript, xhtml, seo
4
  Requires at least: 3.6.0
5
- Tested up to: 4.2.3
6
- Stable tag: 1.80
7
 
8
  Open external links in a new window or tab, adding "nofollow", set link icon, styling, SEO friendly options and more. Easy install and go.
9
 
@@ -217,6 +217,10 @@ See [FAQ](https://wordpress.org/plugins/wp-external-links/faq/) for more possibi
217
 
218
  == Changelog ==
219
 
 
 
 
 
220
  = 1.80 =
221
  * Added filter hook wpel_external_link_attrs to change attributes before creating the link
222
  * Added filter hook wpel_ignored_external_links
2
  Contributors: freelancephp
3
  Tags: links, external, icon, target, _blank, _new, _none, rel, nofollow, new window, new tab, javascript, xhtml, seo
4
  Requires at least: 3.6.0
5
+ Tested up to: 4.5.2
6
+ Stable tag: 1.81
7
 
8
  Open external links in a new window or tab, adding "nofollow", set link icon, styling, SEO friendly options and more. Easy install and go.
9
 
217
 
218
  == Changelog ==
219
 
220
+ = 1.81 =
221
+ * Security update (reported by Vulnerability Lab)
222
+ * Some small changes
223
+
224
  = 1.80 =
225
  * Added filter hook wpel_external_link_attrs to change attributes before creating the link
226
  * Added filter hook wpel_ignored_external_links
wp-external-links.php CHANGED
@@ -4,14 +4,14 @@ Plugin Name: WP External Links
4
  Plugin URI: http://www.freelancephp.net/wp-external-links-plugin
5
  Description: Open external links in a new window/tab, add "external" / "nofollow" to rel-attribute, set icon, XHTML strict, SEO friendly...
6
  Author: Victor Villaverde Laan
7
- Version: 1.80
8
  Author URI: http://www.freelancephp.net
9
  License: Dual licensed under the MIT and GPL licenses
10
  */
11
 
12
  // constants
13
  if (!defined('WP_EXTERNAL_LINKS_FILE')) { define('WP_EXTERNAL_LINKS_FILE', __FILE__); }
14
- if (!defined('WP_EXTERNAL_LINKS_VERSION')) { define('WP_EXTERNAL_LINKS_VERSION', '1.80'); }
15
  if (!defined('WP_EXTERNAL_LINKS_KEY')) { define('WP_EXTERNAL_LINKS_KEY', 'wp_external_links'); }
16
  if (!defined('WP_EXTERNAL_LINKS_DOMAIN')) { define('WP_EXTERNAL_LINKS_DOMAIN', 'wp-external-links'); }
17
  if (!defined('WP_EXTERNAL_LINKS_OPTIONS_NAME')) { define('WP_EXTERNAL_LINKS_OPTIONS_NAME', 'WP_External_Links_options'); }
@@ -34,6 +34,15 @@ if (version_compare($wp_version, '3.6', '>=') && version_compare(phpversion(), '
34
  // create instance
35
  $WP_External_Links = new WP_External_Links();
36
 
 
 
 
 
 
 
 
 
 
37
  // init test
38
  if (class_exists('Test_WP_External_Links')) {
39
  $Test_WP_External_Links = new Test_WP_External_Links;
4
  Plugin URI: http://www.freelancephp.net/wp-external-links-plugin
5
  Description: Open external links in a new window/tab, add "external" / "nofollow" to rel-attribute, set icon, XHTML strict, SEO friendly...
6
  Author: Victor Villaverde Laan
7
+ Version: 1.81
8
  Author URI: http://www.freelancephp.net
9
  License: Dual licensed under the MIT and GPL licenses
10
  */
11
 
12
  // constants
13
  if (!defined('WP_EXTERNAL_LINKS_FILE')) { define('WP_EXTERNAL_LINKS_FILE', __FILE__); }
14
+ if (!defined('WP_EXTERNAL_LINKS_VERSION')) { define('WP_EXTERNAL_LINKS_VERSION', '1.81'); }
15
  if (!defined('WP_EXTERNAL_LINKS_KEY')) { define('WP_EXTERNAL_LINKS_KEY', 'wp_external_links'); }
16
  if (!defined('WP_EXTERNAL_LINKS_DOMAIN')) { define('WP_EXTERNAL_LINKS_DOMAIN', 'wp-external-links'); }
17
  if (!defined('WP_EXTERNAL_LINKS_OPTIONS_NAME')) { define('WP_EXTERNAL_LINKS_OPTIONS_NAME', 'WP_External_Links_options'); }
34
  // create instance
35
  $WP_External_Links = new WP_External_Links();
36
 
37
+ // Warning for the next update to version 2.x
38
+ if (!function_exists('wpel_update_notice')) {
39
+ function wpel_update_notice()
40
+ {
41
+ echo '<p style="color:#f00; font-weight:bold;">ATTENTION: This update has some major changes. Please check the changelog first!</p>';
42
+ }
43
+ add_action('in_plugin_update_message-' . plugin_basename(__FILE__), 'wpel_update_notice');
44
+ }
45
+
46
  // init test
47
  if (class_exists('Test_WP_External_Links')) {
48
  $Test_WP_External_Links = new Test_WP_External_Links;