WordPress File Upload - Version 2.4.5

Version Description

correction of bug when using userfields inside notifyrecipients

Release Info

Developer	nickboss
Plugin	WordPress File Upload
Version	2.4.5
Comparing to
See all releases

Code changes from version 2.4.4 to 2.4.5

Files changed (7) hide show

css/wordpress_file_upload_adminstyle.css +42 -0
js/wordpress_file_upload_adminfunctions.js +34 -0
lib/wfu_admin_composer.php +35 -4
lib/wfu_blocks.php +1 -0
lib/wfu_functions.php +9 -1
readme.txt +6 -0
wordpress_file_upload.php +2 -1

css/wordpress_file_upload_adminstyle.css CHANGED Viewed

@@ -475,6 +475,48 @@ table.wfu_subfolder_tools td div.wfu_subfolders_browser_container td div div.wfu
             	margin-top: 2px;
+            }
             div.wfu_rolelist_checkall
+            {
             	display: inline-block;


475	margin-top: 2px;
476	}
477
478	+ div.wfu_mchecklist_container
479	+ {
480	+ display: inline-block;
481	+ border: 1px solid #ddd;
482	+ border-radius: 4px;
483	+ padding: 4px;
484	+ }
485	+
486	+ div.wfu_mchecklist_item
487	+ {
488	+ display: inline-block;
489	+ }
490	+
491	+ div.wfu_mchecklist_item label
492	+ {
493	+ vertical-align: baseline;
494	+ margin-left: 4px;
495	+ cursor: default;
496	+ }
497	+
498	+ div.wfu_mchecklist_item input:disabled + label
499	+ {
500	+ color: gray;
501	+ }
502	+
503	+ div.wfu_mchecklist_item div
504	+ {
505	+ margin-left: 4px;
506	+ }
507	+
508	+ div.wfu_mchecklist_item:hover img
509	+ {
510	+ visibility: visible;
511	+ }
512	+
513	+ div.wfu_mchecklist_checkall
514	+ {
515	+ display: inline-block;
516	+ vertical-align: top;
517	+ margin: 0px 0px 0px 10px;
518	+ }
519	+
520	div.wfu_rolelist_checkall
521	{
522	display: inline-block;

js/wordpress_file_upload_adminfunctions.js CHANGED Viewed

@@ -1175,6 +1175,27 @@ function wfu_update_ptext_value(e) {
             	wfu_generate_shortcode();
+            }
             function wfu_update_rolelist_value(attribute) {
             	var value = "";
             	var rolelist = document.getElementById("wfu_attribute_" + attribute);
@@ -1480,6 +1501,19 @@ function wfu_apply_value(attribute, type, value) {
             		wfu_update_ptext_value({target:item1});
             		wfu_update_ptext_value({target:item2});
+            	}
             	else if (type == "rolelist" ) {
             		value = value.toLowerCase();
             		if (value == "all") document.getElementById("wfu_attribute_" + attribute + "_all").checked = true;


1175	wfu_generate_shortcode();
1176	}
1177
1178	+ function wfu_update_mchecklist_value(attribute) {
1179	+ var value = "";
1180	+ var mchecklist = document.getElementById("wfu_attribute_" + attribute);
1181	+ var checkall = document.getElementById("wfu_attribute_" + attribute + "_all");
1182	+ if (checkall.checked) {
1183	+ jQuery("#wfu_attribute_" + attribute + " input").prop('disabled', true);
1184	+ jQuery("#wfu_attribute_" + attribute + " input").prop('checked', true);
1185	+ value = "all";
1186	+ }
1187	+ else {
1188	+ jQuery("#wfu_attribute_" + attribute + " input").prop('disabled', false);
1189	+ jQuery("#wfu_attribute_" + attribute + " input").each(function() {
1190	+ if (jQuery(this).prop('checked'))
1191	+ value += "," + jQuery(this).next().html();
1192	+ });
1193	+ value = value.substr(1);
1194	+ }
1195	+ document.getElementById("wfu_attribute_value_" + attribute).value = value;
1196	+ wfu_generate_shortcode();
1197	+ }
1198	+
1199	function wfu_update_rolelist_value(attribute) {
1200	var value = "";
1201	var rolelist = document.getElementById("wfu_attribute_" + attribute);

1501	wfu_update_ptext_value({target:item1});
1502	wfu_update_ptext_value({target:item2});
1503	}
1504	+ else if (type == "mchecklist" ) {
1505	+ value = value.toLowerCase();
1506	+ if (value == "all") document.getElementById("wfu_attribute_" + attribute + "_all").checked = true;
1507	+ else {
1508	+ document.getElementById("wfu_attribute_" + attribute + "_all").checked = false;
1509	+ var items = value.split(",");
1510	+ for (var i = 0; i < items.length; i++) items[i] = items[i].trim();
1511	+ jQuery("#wfu_attribute_" + attribute + " input").each(function() {
1512	+ jQuery(this).prop('checked', (items.indexOf(jQuery(this).next().html()) > -1));
1513	+ });
1514	+ }
1515	+ wfu_update_mchecklist_value(attribute);
1516	+ }
1517	else if (type == "rolelist" ) {
1518	value = value.toLowerCase();
1519	if (value == "all") document.getElementById("wfu_attribute_" + attribute + "_all").checked = true;

lib/wfu_admin_composer.php CHANGED Viewed

	@@ -127,9 +127,9 @@ function wfu_shortcode_composer() {
127	$echo_str .= $dlp.'<tr class="form-field">';
128	$echo_str .= $dlp."\t".'<th scope="row"><div class="wfu_td_div">';
129	if ( $def['parent'] == "" ) $echo_str .= $dlp."\t\t".'<div class="wfu_shadow wfu_shadow_'.$governor['attribute'].$governor['inv'].'" style="display:'.( $governor['active'] ? 'none' : 'block' ).';"></div>';
130	- $echo_str .= $dlp."\t\t".'<div class="wfu_restore_container" title="Double-click to restore defaults setting"><img src="'.WFU_IMAGE_ADMIN_RESTOREDEFAULT.'" ondblclick="wfu_apply_value(\''.$attr.'\', \''.$def['type'].'\', \''.$def['default'].'\');" ~~></~~div>';
131	$echo_str .= $dlp."\t\t".'<label for="wfu_attribute_'.$attr.'">'.$def['name'].'</label>';
132	- $echo_str .= $dlp."\t\t".'<div class="wfu_help_container" title="'.$def['help'].'"><img src="'.WFU_IMAGE_ADMIN_HELP.'" ~~></~~div>';
133	$echo_str .= $dlp."\t".'</div></th>';
134	$echo_str .= $dlp."\t".'<td style="vertical-align:top;"><div class="wfu_td_div">';
135	if ( $def['parent'] == "" ) $echo_str .= $dlp."\t\t".'<div class="wfu_shadow wfu_shadow_'.$governor['attribute'].$governor['inv'].'" style="display:'.( $governor['active'] ? 'none' : 'block' ).';"></div>';
	@@ -160,7 +160,7 @@ function wfu_shortcode_composer() {
160	foreach ( $items_in_section as $item_in_section ) {
161	if ( key_exists($item_in_section, $components_indexed) ) {
162	$components_used[$item_in_section] = true;
163	- $echo_str .= $dlp."\t\t\t\t".'<div id="wfu_component_box_'.$item_in_section.'" class="wfu_component_box" draggable="true">'.str_replace("XXX", $components_indexed[$item_in_section]['name'], $centered_content).'</div>';
164	$echo_str .= $dlp."\t\t\t\t".'<div class="wfu_component_separator_ver"></div>';
165	}
166	}
	@@ -176,7 +176,7 @@ function wfu_shortcode_composer() {
176	$echo_str .= $dlp."\t\t\t\t".'<div id="wfu_component_box_container_'.$component['id'].'" class="wfu_component_box_container">';
177	$echo_str .= $dlp."\t\t\t\t\t".'<div class="wfu_component_box_base">'.str_replace("XXX", $component['name'], $centered_content).'</div>';
178	if ( !$components_used[$component['id']] )
179	- $echo_str .= $dlp."\t\t\t\t\t".'<div id="wfu_component_box_'.$component['id'].'" class="wfu_component_box wfu_inbase" draggable="true">'.str_replace("XXX", $component['name'], $centered_content).'</div>';
180	$echo_str .= $dlp."\t\t\t\t".'</div>'.( ($ii++) % 3 == 0 ? '<br />' : '' );
181	}
182	$echo_str .= $dlp."\t\t\t".'</div>';
	@@ -297,6 +297,37 @@ function wfu_shortcode_composer() {
297	$echo_str .= $dlp."\t\t\t".'<input id="wfu_subfolders_newitemlevel2_'.$attr.'" type="hidden" value="" />';
298	$echo_str .= $dlp."\t\t".'</div>';
299	}































300	elseif ( $def['type'] == "rolelist" ) {
301	$roles = $wp_roles->get_names();
302	$def['value'] = strtolower($def['value']);


127	$echo_str .= $dlp.'<tr class="form-field">';
128	$echo_str .= $dlp."\t".'<th scope="row"><div class="wfu_td_div">';
129	if ( $def['parent'] == "" ) $echo_str .= $dlp."\t\t".'<div class="wfu_shadow wfu_shadow_'.$governor['attribute'].$governor['inv'].'" style="display:'.( $governor['active'] ? 'none' : 'block' ).';"></div>';
130	+ $echo_str .= $dlp."\t\t".'<div class="wfu_restore_container" title="Double-click to restore defaults setting"><img src="'.WFU_IMAGE_ADMIN_RESTOREDEFAULT.'" ondblclick="wfu_apply_value(\''.$attr.'\', \''.$def['type'].'\', \''.$def['default'].'\');" /></div>';
131	$echo_str .= $dlp."\t\t".'<label for="wfu_attribute_'.$attr.'">'.$def['name'].'</label>';
132	+ $echo_str .= $dlp."\t\t".'<div class="wfu_help_container" title="'.$def['help'].'"><img src="'.WFU_IMAGE_ADMIN_HELP.'" /></div>';
133	$echo_str .= $dlp."\t".'</div></th>';
134	$echo_str .= $dlp."\t".'<td style="vertical-align:top;"><div class="wfu_td_div">';
135	if ( $def['parent'] == "" ) $echo_str .= $dlp."\t\t".'<div class="wfu_shadow wfu_shadow_'.$governor['attribute'].$governor['inv'].'" style="display:'.( $governor['active'] ? 'none' : 'block' ).';"></div>';

160	foreach ( $items_in_section as $item_in_section ) {
161	if ( key_exists($item_in_section, $components_indexed) ) {
162	$components_used[$item_in_section] = true;
163	+ $echo_str .= $dlp."\t\t\t\t".'<div id="wfu_component_box_'.$item_in_section.'" class="wfu_component_box" draggable="true" title="'.$components_indexed[$item_in_section]['help'].'">'.str_replace("XXX", $components_indexed[$item_in_section]['name'], $centered_content).'</div>';
164	$echo_str .= $dlp."\t\t\t\t".'<div class="wfu_component_separator_ver"></div>';
165	}
166	}

176	$echo_str .= $dlp."\t\t\t\t".'<div id="wfu_component_box_container_'.$component['id'].'" class="wfu_component_box_container">';
177	$echo_str .= $dlp."\t\t\t\t\t".'<div class="wfu_component_box_base">'.str_replace("XXX", $component['name'], $centered_content).'</div>';
178	if ( !$components_used[$component['id']] )
179	+ $echo_str .= $dlp."\t\t\t\t\t".'<div id="wfu_component_box_'.$component['id'].'" class="wfu_component_box wfu_inbase" draggable="true" title="'.$component['help'].'">'.str_replace("XXX", $component['name'], $centered_content).'</div>';
180	$echo_str .= $dlp."\t\t\t\t".'</div>'.( ($ii++) % 3 == 0 ? '<br />' : '' );
181	}
182	$echo_str .= $dlp."\t\t\t".'</div>';

297	$echo_str .= $dlp."\t\t\t".'<input id="wfu_subfolders_newitemlevel2_'.$attr.'" type="hidden" value="" />';
298	$echo_str .= $dlp."\t\t".'</div>';
299	}
300	+ elseif ( $def['type'] == "mchecklist" ) {
301	+ $help_count = 0;
302	+ foreach ( $def['listitems'] as $key => $item ) {
303	+ $parts = explode("/", $item);
304	+ if ( count($parts) == 1 ) {
305	+ $items[$key]['id'] = $item;
306	+ $items[$key]['help'] = '';
307	+ }
308	+ else {
309	+ $items[$key]['id'] = $parts[0];
310	+ $items[$key]['help'] = $parts[1];
311	+ $help_count ++;
312	+ }
313	+ }
314	+ $def['value'] = strtolower($def['value']);
315	+ if ( $def['value'] == "all" ) $selected = array();
316	+ else $selected = explode(",", $def['value']);
317	+ foreach ( $selected as $key => $item ) $selected[$key] = trim($item);
318	+ $echo_str .= $dlp."\t\t".'<div id="wfu_attribute_'.$attr.'" class="wfu_mchecklist_container">';
319	+ $is_first = true;
320	+ foreach ( $items as $key => $item ) {
321	+ if ( !$is_first ) $echo_str .= "<br />";
322	+ $is_first = false;
323	+ $echo_str .= $dlp."\t\t\t".'<div class="wfu_mchecklist_item"><input id="wfu_attribute_'.$attr.'_'.$key.'" type="checkbox"'.( $def['value'] == "all" \|\| in_array($item['id'], $selected) ? ' checked="checked"' : '' ).( $def['value'] == "all" ? ' disabled="disabled"' : '' ).' onchange="wfu_update_mchecklist_value(\''.$attr.'\');" /><label for="wfu_attribute_'.$attr.'_'.$key.'">'.$item['id'].'</label>';
324	+ if ( $item['help'] != '' ) $echo_str .= '<div class="wfu_help_container" title="'.$item['help'].'"><img src="'.WFU_IMAGE_ADMIN_HELP.'" /></div>';
325	+ $echo_str .= '</div>';
326	+ }
327	+ $echo_str .= $dlp."\t\t".'</div>';
328	+ $echo_str .= $dlp."\t\t".'<div id="wfu_attribute_'.$attr.'_optionhelp" class="wfu_help_container" title="" style="display:none; position:absolute;"><img src="'.WFU_IMAGE_ADMIN_HELP.'" style="visibility:visible;" /></div>';
329	+ $echo_str .= $dlp."\t\t".'<div class="wfu_mchecklist_checkall"><input id="wfu_attribute_'.$attr.'_all" type="checkbox" onchange="wfu_update_mchecklist_value(\''.$attr.'\');"'.( $def['value'] == "all" ? ' checked="checked"' : '' ).' /> Select all</div>';
330	+ }
331	elseif ( $def['type'] == "rolelist" ) {
332	$roles = $wp_roles->get_names();
333	$def['value'] = strtolower($def['value']);

lib/wfu_blocks.php CHANGED Viewed

	@@ -137,6 +137,7 @@ function wfu_prepare_uploadform_block($params, $widths, $heights, $clickaction,
137	return $uploadform_item;
138	}
139

140	/* Prepare the submit button */
141	function wfu_prepare_submit_block($params, $widths, $heights, $clickaction) {
142	$sid = $params["uploadid"];


137	return $uploadform_item;
138	}
139
140	+
141	/* Prepare the submit button */
142	function wfu_prepare_submit_block($params, $widths, $heights, $clickaction) {
143	$sid = $params["uploadid"];

lib/wfu_functions.php CHANGED Viewed

	@@ -895,7 +895,15 @@ function wfu_send_notification_email($user, $only_filename_list, $target_path_li
895	$user_login = $user->user_login;
896	$user_email = $user->user_email;
897	}
898	- $~~notifyrecipients~~ = ~~trim~~(~~preg_replace(~~'/%useremail%/'~~, $user_email, $params["notifyrecipients"]~~));








899	$search = array ('/%n%/');
900	$replace = array ("\n");
901	$notifyheaders = preg_replace($search, $replace, $params["notifyheaders"]);


895	$user_login = $user->user_login;
896	$user_email = $user->user_email;
897	}
898	+ $search = array ('/%useremail%/');
899	+ $replace = array ($user_email);
900	+ foreach ( $userdata_fields as $userdata_key => $userdata_field ) {
901	+ $ind = 1 + $userdata_key;
902	+ array_push($search, '/%userdata'.$ind.'%/');
903	+ array_push($replace, $userdata_field["value"]);
904	+ }
905	+ // $notifyrecipients = trim(preg_replace('/%useremail%/', $user_email, $params["notifyrecipients"]));
906	+ $notifyrecipients = preg_replace($search, $replace, $params["notifyrecipients"]);
907	$search = array ('/%n%/');
908	$replace = array ("\n");
909	$notifyheaders = preg_replace($search, $replace, $params["notifyheaders"]);

readme.txt CHANGED Viewed

	@@ -110,6 +110,9 @@ Administrators can view and manage the uploaded files from the File Browser that
110
111	== Changelog ==
112



113	= 2.4.4 =
114	* intermediate update to make the plugin more immune to hackers
115
	@@ -316,6 +319,9 @@ Initial version.
316
317	== Upgrade Notice ==
318



319	= 2.4.4 =
320	Important upgrade to address some vulnerability issues.
321


110
111	== Changelog ==
112
113	+ = 2.4.5 =
114	+ * correction of bug when using userfields inside notifyrecipients
115	+
116	= 2.4.4 =
117	* intermediate update to make the plugin more immune to hackers
118

319
320	== Upgrade Notice ==
321
322	+ = 2.4.5 =
323	+ Minor upgrade to address some bugs.
324	+
325	= 2.4.4 =
326	Important upgrade to address some vulnerability issues.
327

wordpress_file_upload.php CHANGED Viewed

	@@ -4,7 +4,7 @@ session_start();
4	/*
5	Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
6	Description: Simple interface to upload files from a page.
7	- Version: 2.4.4
8	Author: Nickolas Bossinas
9	Author URI: http://www.iptanus.com
10	*/
	@@ -226,6 +226,7 @@ function wordpress_file_upload_function($incomingfromhandler) {
226	if ( $item_in_section == "title" ) array_push($section_array, $title_item);
227	elseif ( $item_in_section == "filename" ) array_push($section_array, $textbox_item);
228	elseif ( $item_in_section == "selectbutton" ) array_push($section_array, $uploadform_item);

229	elseif ( $item_in_section == "uploadbutton" && $params["singlebutton"] != "true" ) array_push($section_array, $submit_item);
230	elseif ( $item_in_section == "subfolders" ) array_push($section_array, $subfolders_item);
231	elseif ( $item_in_section == "progressbar" ) array_push($section_array, $progressbar_item);


4	/*
5	Plugin URI: http://www.iptanus.com/support/wordpress-file-upload
6	Description: Simple interface to upload files from a page.
7	+ Version: 2.4.5
8	Author: Nickolas Bossinas
9	Author URI: http://www.iptanus.com
10	*/

226	if ( $item_in_section == "title" ) array_push($section_array, $title_item);
227	elseif ( $item_in_section == "filename" ) array_push($section_array, $textbox_item);
228	elseif ( $item_in_section == "selectbutton" ) array_push($section_array, $uploadform_item);
229	+ elseif ( $item_in_section == "confirmbox" && preg_match("/(^\|,)\scheckbox\s(,\|$)/", $params['security_active']) && $params["singlebutton"] != "true" ) array_push($section_array, $confirmbox_item);
230	elseif ( $item_in_section == "uploadbutton" && $params["singlebutton"] != "true" ) array_push($section_array, $submit_item);
231	elseif ( $item_in_section == "subfolders" ) array_push($section_array, $subfolders_item);
232	elseif ( $item_in_section == "progressbar" ) array_push($section_array, $progressbar_item);