WP Live Chat Support - Version 4.4.0

Version Description

It is highly recommended that you upgrade to WP Live Chat Support version 4.4.0 for security reasons.

Release Info

Developer	WP-LiveChat
Plugin	WP Live Chat Support
Version	4.4.0
Comparing to
See all releases

Code changes from version 4.3.5 to 4.4.0

Files changed (5) hide show

ajax.php +42 -45
functions.php +259 -105
js/wplc_u.js +7 -0
readme.txt +10 -3
wp-live-chat-support.php +82 -66

ajax.php CHANGED Viewed

	@@ -5,18 +5,28 @@ header('Access-Control-Allow-Origin: *');
5	header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
6	header('Access-Control-Max-Age: 604800');
7	header('Access-Control-Allow-Headers: x-requested-with');
8	-
9	ini_set('html_errors', 0);









10	define('SHORTINIT', true);
11
12
13	require_once( '../../../wp-load.php' );
14
15	-
16	if (!defined('WP_PLUGIN_DIR')) {
17	define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); // full path, no trailing slash
18	}
19



20	$iterations = 55;
21	/* time in microseconds between updating the user on the page within the DB (lower number = higher resource usage) */
22	define('WPLC_DELAY_BETWEEN_UPDATES',500000);
	@@ -36,33 +46,20 @@ require_once( ABSPATH . WPINC . '/formatting.php' );
36	require_once( ABSPATH . WPINC . '/kses.php' );
37
38
39	-
40	$plugin_dir = basename(dirname(__FILE__))."/languages/";
41	load_plugin_textdomain( 'wplivechat', false, $plugin_dir );
42
43
44	-
45	-
46	global $wpdb;
47	-
48	global $wplc_tblname_chats;
49	-
50	global $wplc_tblname_msgs;
51	-
52	$wplc_tblname_chats = $wpdb->prefix . "wplc_chat_sessions";
53	-
54	$wplc_tblname_msgs = $wpdb->prefix . "wplc_chat_msgs";
55	-
56	-
57	-
58	require_once("functions.php");
59
60
61
62
63	- // stuff goes here
64	-
65	-
66	/* we're using PHP 'sleep' which may lock other requests until our script wakes up. Call this function to ensure that other requests can run without waiting for us to finish */
67	session_write_close();
68
	@@ -88,13 +85,13 @@ if ($check == 1) {
88	if($_POST['wplc_update_admin_chat_table'] == 'false'){
89	$old_chat_data = false;
90	} else {
91	- $old_chat_data = $_POST['wplc_update_admin_chat_table'];
92	}
93
94	$pending = wplc_check_pending_chats();
95	$new_chat_data = wplc_list_chats();
96
97	- if(~~stripslashes~~($new_chat_data) !== ~~stripslashes~~($old_chat_data)){
98	$array['old_chat_data'] = $old_chat_data;
99	$array['wplc_update_admin_chat_table'] = $new_chat_data;
100	$array['pending'] = $pending;
	@@ -117,17 +114,17 @@ if ($check == 1) {
117	$array = array();
118	while($i <= $iterations){
119	if(isset($_POST['action_2']) && $_POST['action_2'] == "wplc_long_poll_check_user_opened_chat"){
120	- $chat_status = wplc_return_chat_status($_POST['cid']);
121	if($chat_status == 3){
122	$array['action'] = "wplc_user_open_chat";
123	}
124	} else {
125	- $new_chat_status = wplc_return_chat_status($_POST['cid']);
126	if($new_chat_status != $_POST['chat_status']){
127	$array['chat_status'] = $new_chat_status;
128	$array['action'] = "wplc_update_chat_status";
129	- }
130	- $new_chat_message = wplc_return_admin_chat_messages($_POST['cid']);
131	if($new_chat_message){
132
133	$array['chat_message'] = $new_chat_message;
	@@ -174,7 +171,7 @@ if ($check == 1) {
174	// echo 1;
175	$user = "user".time();
176	$email = "no email set";
177	- $cid = wplc_log_user_on_page($user,$email,$_POST['wplcsession']);
178	$array['cid'] = $cid;
179	$array['status'] = wplc_return_chat_status($cid);
180	$array['wplc_name'] = $user;
	@@ -183,16 +180,16 @@ if ($check == 1) {
183
184	} else {
185	// echo 2;
186	- $new_status = wplc_return_chat_status($_POST['cid']);
187	- $array['wplc_name'] = $_POST['wplc_name'];
188	- $array['wplc_email'] = $_POST['wplc_email'];
189	- $array['cid'] = $_POST['cid'];
190	if($new_status == $_POST['status']){ // if status matches do the following
191	if($_POST['status'] != 2){
192	/* check if session_variable is different? if yes then stop this script completely. */
193	if (isset($_POST['wplcsession']) && $_POST['wplcsession'] != '' && $i > 1) {
194	- $wplc_session_variable = $_POST['wplcsession'];
195	- $current_session_variable = wplc_return_chat_session_variable($_POST['cid']);
196	if ($current_session_variable != "" && $current_session_variable != $wplc_session_variable) {
197	/* stop this script */
198	$array['status'] = 11;
	@@ -203,18 +200,18 @@ if ($check == 1) {
203
204
205	if ($i == 1) {
206	- wplc_update_user_on_page(sanitize_text_field($_POST['cid']), sanitize_text_field($_POST['status']),$_POST['wplcsession']);
207	}
208	}
209	if ($_POST['status'] == 0){ // browsing - user tried to chat but admin didn't answer so turn back to browsing
210	- wplc_update_user_on_page($_POST['cid'], 5,$_POST['wplcsession']);
211	$array['status'] = 5;
212	$array['check'] = true;
213	} else if($_POST['status'] == 3){
214	- //wplc_update_user_on_page($_POST['cid'], 3);
215	- $messages = wplc_return_user_chat_messages($_POST['cid']);
216	if ($messages){
217	- wplc_mark_as_read_user_chat_messages($_POST['cid']);
218	$array['status'] = 3;
219	$array['data'] = $messages;
220	$array['check'] = true;
	@@ -224,28 +221,28 @@ if ($check == 1) {
224	} else { // statuses do not match
225	$array['status'] = $new_status;
226	if($new_status == 1){ // completed
227	- wplc_update_user_on_page($_POST['cid'], 8,$_POST['wplcsession']);
228	$array['check'] = true;
229	$array['status'] = 8;
230	$array['data'] = __("Admin has closed and ended the chat","wplivechat");
231	}
232	else if($new_status == 2){ // pending
233	$array['check'] = true;
234	- $array['wplc_name'] = wplc_return_chat_name($_POST['cid']);
235	- $array['wplc_email'] = wplc_return_chat_email($_POST['cid']);
236	}
237	else if($new_status == 3){ // active
238	$array['data'] = null;
239	$array['check'] = true;
240	if($_POST['status'] == 5){
241	- $messages = wplc_return_chat_messages($_POST['cid']);
242	if ($messages){
243	$array['data'] = $messages;
244	}
245	}
246	}
247	else if($new_status == 7){ // timed out
248	- wplc_update_user_on_page($_POST['cid'], 5,$_POST['wplcsession']);
249	}
250	else if($new_status == 9){ // user closed chat without inputting or starting a chat
251	$array['check'] = true;
	@@ -257,7 +254,7 @@ if ($check == 1) {
257	else if($new_status == 10){ // minimized active chat
258	$array['check'] = true;
259	if($_POST['status'] == 5){
260	- $messages = wplc_return_chat_messages($_POST['cid']);
261	if ($messages){
262	$array['data'] = $messages;
263	}
	@@ -278,18 +275,18 @@ if ($check == 1) {
278	/* */
279	if ($_POST['action'] == "wplc_user_close_chat") {
280	if($_POST['status'] == 5){
281	- wplc_change_chat_status($_POST['cid'],9);
282	} else if($_POST['status'] == 3){
283	- wplc_change_chat_status($_POST['cid'],8);
284	}
285	}
286
287	if ($_POST['action'] == "wplc_user_minimize_chat") {
288	- $chat_id = $_POST['cid'];
289	wplc_change_chat_status(sanitize_text_field($_POST['cid']),10);
290	}
291	if ($_POST['action'] == "wplc_user_maximize_chat") {
292	- $chat_id = $_POST['cid'];
293	wplc_change_chat_status(sanitize_text_field($_POST['cid']),3);
294	}
295
	@@ -307,13 +304,13 @@ if ($check == 1) {
307
308	if (isset($_POST['cid'])) {
309	if ($_POST['name'] && $_POST['email']) {
310	- echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']),sanitize_email($_POST['email']),sanitize_text_field($_POST['cid']),$_POST['wplcsession']); // echo the chat session id
311	} else {
312	echo "error2";
313	}
314	} else {
315	if ($_POST['name'] && $_POST['email']) {
316	- echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']),sanitize_email($_POST['email']),null,$_POST['wplcsession']); // echo the chat session id
317	} else {
318	echo "error2";
319	}


5	header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
6	header('Access-Control-Max-Age: 604800');
7	header('Access-Control-Allow-Headers: x-requested-with');

8	ini_set('html_errors', 0);
9	+
10	+
11	+
12	+ /* check to see if the ajax request was requested from the server this file is hosted on */
13	+ if (isset($_SERVER['HTTP_HOST'])) {
14	+ $refering_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST);
15	+ if ($refering_host != $_SERVER['HTTP_HOST']) { die('Security error #1'); }
16	+ }
17	+
18	define('SHORTINIT', true);
19
20
21	require_once( '../../../wp-load.php' );
22

23	if (!defined('WP_PLUGIN_DIR')) {
24	define( 'WP_PLUGIN_DIR', WP_CONTENT_DIR . '/plugins' ); // full path, no trailing slash
25	}
26
27	+
28	+
29	+
30	$iterations = 55;
31	/* time in microseconds between updating the user on the page within the DB (lower number = higher resource usage) */
32	define('WPLC_DELAY_BETWEEN_UPDATES',500000);

46	require_once( ABSPATH . WPINC . '/kses.php' );
47
48

49	$plugin_dir = basename(dirname(__FILE__))."/languages/";
50	load_plugin_textdomain( 'wplivechat', false, $plugin_dir );
51
52


53	global $wpdb;

54	global $wplc_tblname_chats;

55	global $wplc_tblname_msgs;

56	$wplc_tblname_chats = $wpdb->prefix . "wplc_chat_sessions";

57	$wplc_tblname_msgs = $wpdb->prefix . "wplc_chat_msgs";



58	require_once("functions.php");
59
60
61
62



63	/* we're using PHP 'sleep' which may lock other requests until our script wakes up. Call this function to ensure that other requests can run without waiting for us to finish */
64	session_write_close();
65

85	if($_POST['wplc_update_admin_chat_table'] == 'false'){
86	$old_chat_data = false;
87	} else {
88	+ $old_chat_data = sanitize_text_field($_POST['wplc_update_admin_chat_table']);
89	}
90
91	$pending = wplc_check_pending_chats();
92	$new_chat_data = wplc_list_chats();
93
94	+ if(sanitize_text_field($new_chat_data) !== sanitize_text_field($old_chat_data)){
95	$array['old_chat_data'] = $old_chat_data;
96	$array['wplc_update_admin_chat_table'] = $new_chat_data;
97	$array['pending'] = $pending;

114	$array = array();
115	while($i <= $iterations){
116	if(isset($_POST['action_2']) && $_POST['action_2'] == "wplc_long_poll_check_user_opened_chat"){
117	+ $chat_status = wplc_return_chat_status(sanitize_text_field($_POST['cid']));
118	if($chat_status == 3){
119	$array['action'] = "wplc_user_open_chat";
120	}
121	} else {
122	+ $new_chat_status = wplc_return_chat_status(sanitize_text_field($_POST['cid']));
123	if($new_chat_status != $_POST['chat_status']){
124	$array['chat_status'] = $new_chat_status;
125	$array['action'] = "wplc_update_chat_status";
126	+ }
127	+ $new_chat_message = wplc_return_admin_chat_messages(sanitize_text_field($_POST['cid']));
128	if($new_chat_message){
129
130	$array['chat_message'] = $new_chat_message;

171	// echo 1;
172	$user = "user".time();
173	$email = "no email set";
174	+ $cid = wplc_log_user_on_page($user,$email,sanitize_text_field($_POST['wplcsession']));
175	$array['cid'] = $cid;
176	$array['status'] = wplc_return_chat_status($cid);
177	$array['wplc_name'] = $user;

180
181	} else {
182	// echo 2;
183	+ $new_status = wplc_return_chat_status(sanitize_text_field($_POST['cid']));
184	+ $array['wplc_name'] = sanitize_text_field($_POST['wplc_name']);
185	+ $array['wplc_email'] = sanitize_text_field($_POST['wplc_email']);
186	+ $array['cid'] = sanitize_text_field($_POST['cid']);
187	if($new_status == $_POST['status']){ // if status matches do the following
188	if($_POST['status'] != 2){
189	/* check if session_variable is different? if yes then stop this script completely. */
190	if (isset($_POST['wplcsession']) && $_POST['wplcsession'] != '' && $i > 1) {
191	+ $wplc_session_variable = sanitize_text_field($_POST['wplcsession']);
192	+ $current_session_variable = wplc_return_chat_session_variable(sanitize_text_field($_POST['cid']));
193	if ($current_session_variable != "" && $current_session_variable != $wplc_session_variable) {
194	/* stop this script */
195	$array['status'] = 11;

200
201
202	if ($i == 1) {
203	+ wplc_update_user_on_page(sanitize_text_field($_POST['cid']), sanitize_text_field($_POST['status']), sanitize_text_field($_POST['wplcsession']));
204	}
205	}
206	if ($_POST['status'] == 0){ // browsing - user tried to chat but admin didn't answer so turn back to browsing
207	+ wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 5, sanitize_text_field($_POST['wplcsession']));
208	$array['status'] = 5;
209	$array['check'] = true;
210	} else if($_POST['status'] == 3){
211	+ //wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 3);
212	+ $messages = wplc_return_user_chat_messages(sanitize_text_field($_POST['cid']));
213	if ($messages){
214	+ wplc_mark_as_read_user_chat_messages(sanitize_text_field($_POST['cid']));
215	$array['status'] = 3;
216	$array['data'] = $messages;
217	$array['check'] = true;

221	} else { // statuses do not match
222	$array['status'] = $new_status;
223	if($new_status == 1){ // completed
224	+ wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 8, sanitize_text_field($_POST['wplcsession']));
225	$array['check'] = true;
226	$array['status'] = 8;
227	$array['data'] = __("Admin has closed and ended the chat","wplivechat");
228	}
229	else if($new_status == 2){ // pending
230	$array['check'] = true;
231	+ $array['wplc_name'] = wplc_return_chat_name(sanitize_text_field($_POST['cid']));
232	+ $array['wplc_email'] = wplc_return_chat_email(sanitize_text_field($_POST['cid']));
233	}
234	else if($new_status == 3){ // active
235	$array['data'] = null;
236	$array['check'] = true;
237	if($_POST['status'] == 5){
238	+ $messages = wplc_return_chat_messages(sanitize_text_field($_POST['cid']));
239	if ($messages){
240	$array['data'] = $messages;
241	}
242	}
243	}
244	else if($new_status == 7){ // timed out
245	+ wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 5, sanitize_text_field($_POST['wplcsession']));
246	}
247	else if($new_status == 9){ // user closed chat without inputting or starting a chat
248	$array['check'] = true;

254	else if($new_status == 10){ // minimized active chat
255	$array['check'] = true;
256	if($_POST['status'] == 5){
257	+ $messages = wplc_return_chat_messages(sanitize_text_field($_POST['cid']));
258	if ($messages){
259	$array['data'] = $messages;
260	}

275	/* */
276	if ($_POST['action'] == "wplc_user_close_chat") {
277	if($_POST['status'] == 5){
278	+ wplc_change_chat_status(sanitize_text_field($_POST['cid']),9);
279	} else if($_POST['status'] == 3){
280	+ wplc_change_chat_status(sanitize_text_field($_POST['cid']),8);
281	}
282	}
283
284	if ($_POST['action'] == "wplc_user_minimize_chat") {
285	+ $chat_id = sanitize_text_field($_POST['cid']);
286	wplc_change_chat_status(sanitize_text_field($_POST['cid']),10);
287	}
288	if ($_POST['action'] == "wplc_user_maximize_chat") {
289	+ $chat_id = sanitize_text_field($_POST['cid']);
290	wplc_change_chat_status(sanitize_text_field($_POST['cid']),3);
291	}
292

304
305	if (isset($_POST['cid'])) {
306	if ($_POST['name'] && $_POST['email']) {
307	+ echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']),sanitize_email($_POST['email']),sanitize_text_field($_POST['cid']), sanitize_text_field($_POST['wplcsession'])); // echo the chat session id
308	} else {
309	echo "error2";
310	}
311	} else {
312	if ($_POST['name'] && $_POST['email']) {
313	+ echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']), sanitize_email($_POST['email']), null, sanitize_text_field($_POST['wplcsession'])); // echo the chat session id
314	} else {
315	echo "error2";
316	}

functions.php CHANGED Viewed

@@ -18,23 +18,44 @@ function wplc_log_user_on_page($name,$email,$session) {
                         'user_agent' => $_SERVER['HTTP_USER_AGENT']
                     );
+                }
-            -
-            -
-            -
-            -
-            -
                $ins_array = array(
-            -
                    'status' => '5',
-            -
                    'timestamp' => date("Y-m-d H:i:s"),
-            -
                    'name' => $name,
-            -
                    'email' => $email,
-            -
                    'session' => $session,
-            -
                    'ip' => maybe_serialize($user_data),
-            -
                    'url' => $_SERVER['HTTP_REFERER'],
-            -
                    'last_active_timestamp' => date("Y-m-d H:i:s")
-            -
                );
-            -
-            -
                $rows_affected = $wpdb->insert( $wplc_tblname_chats, $ins_array );
                 $lastid = $wpdb->insert_id;
@@ -42,6 +63,7 @@ function wplc_log_user_on_page($name,$email,$session) {
+            }
             function wplc_update_user_on_page($cid, $status = 5,$session) {
                 global $wpdb;
                 global $wplc_tblname_chats;
                 $wplc_settings = get_option('WPLC_SETTINGS');
@@ -58,22 +80,43 @@ function wplc_update_user_on_page($cid, $status = 5,$session) {
                     );
+                }
-            -
                $query =
-            -
                    "
-            -
                UPDATE $wplc_tblname_chats
-            -
                    SET
-            -
                        `url` = '".$_SERVER['HTTP_REFERER']."',
-            -
                        `last_active_timestamp` = '".date("Y-m-d H:i:s")."',
-            -
                        `ip` = '".maybe_serialize($user_data)."',
-            -
                        `status` = '$status',
-            -
                        `session` = '$session'
-            -
                    WHERE `id` = '$cid'
-            -
                    LIMIT 1
-            -
                ";
-            -
                $results = $wpdb->query($query);
-            -
                return $query;
+            }
@@ -85,7 +128,7 @@ function wplc_record_chat_msg($from,$cid,$msg) {
                 global $wplc_tblname_msgs;
                 if ($from == "1") {
-            -
                    $fromname = wplc_return_chat_name($cid);
                     //$fromemail = wplc_return_chat_email($cid);
                     $orig = '2';
+                }
@@ -96,42 +139,66 @@ function wplc_record_chat_msg($from,$cid,$msg) {
+                }
-            -
                $ins_array = array(
-            -
                    'chat_sess_id' => $cid,
-            -
                    'timestamp' => date("Y-m-d H:i:s"),
-            -
                    'from' => $fromname,
-            -
                    'msg' => $msg,
-            -
                    'status' => 0,
-            -
                    'originates' => $orig
                 );
-            -
-            -
                $rows_affected = $wpdb->insert( $wplc_tblname_msgs, $ins_array );
-            -
-            -
                wplc_update_active_timestamp($cid);
-            -
                wplc_change_chat_status($cid,3);
-            -
-            -
-            -
-            -
                 return true;
-            -
+            }
             function wplc_update_active_timestamp($cid) {
                 global $wpdb;
                 global $wplc_tblname_chats;
-            -
                $results = $wpdb->get_results(
-            -
                    "
-            -
                    UPDATE $wplc_tblname_chats
-            -
                    SET `last_active_timestamp` = '".date("Y-m-d H:i:s")."'
-            -
                    WHERE `id` = '$cid'
-            -
                    LIMIT 1
-            -
                    "
                 );
-            -
                wplc_change_chat_status($cid,3);
                 return true;
+            }
@@ -350,6 +417,15 @@ function wplc_change_chat_status($id,$status) {
                     LIMIT 1
+                    "
                 );
                 return true;
+            }
@@ -444,15 +520,27 @@ function wplc_mark_as_read_user_chat_messages($cid) {
                 foreach ($results as $result) {
                     $id = $result->id;
-            -
                    $check = $wpdb->query(
-            -
                        "
-            -
                        UPDATE $wplc_tblname_msgs
-            -
                        SET `status` = 1
-            -
                        WHERE `id` = '$id'
-            -
                        LIMIT 1
-            -
-            -
            	"
                     );
+                }
                 return "ok";
@@ -467,6 +555,7 @@ function wplc_return_admin_chat_messages($cid) {
                 global $wpdb;
                 global $wplc_tblname_msgs;
                 $results = $wpdb->get_results(
+                    "
                         SELECT *
@@ -476,10 +565,10 @@ function wplc_return_admin_chat_messages($cid) {
+                    "
                 );
-            -
                 $msg_hist = "";
                 foreach ($results as $result) {
-            -
                     $id = $result->id;
                     $from = $result->from;
                     wplc_mark_as_read_admin_chat_messages($id);
@@ -497,16 +586,16 @@ function wplc_return_admin_chat_messages($cid) {
+                        }
                     } else {
                         $class = "wplc-user-message";
-            -
                         if(isset($_COOKIE['wplc_email']) && $_COOKIE['wplc_email'] != ""){ $wplc_user_gravatar = md5(strtolower(trim($_COOKIE['wplc_email']))); } else { $wplc_user_gravatar = ""; }
-            -
                         if($wplc_user_gravatar != ""){
                             $image = "<img src='http://www.gravatar.com/avatar/$wplc_user_gravatar?s=20' />";
                         } else {
                             $image = "";
+                        }
+                    }
-            -
                     if(function_exists('wplc_decrypt_msg')){
                         $msg = wplc_decrypt_msg($msg);
+                    }
@@ -526,16 +615,27 @@ function wplc_mark_as_read_admin_chat_messages($mid) {
                 global $wpdb;
                 global $wplc_tblname_msgs;
-            -
                $check = $wpdb->query(
-            -
                    "
-            -
                    UPDATE $wplc_tblname_msgs
-            -
                    SET `status` = 1
-            -
                    WHERE `id` = '$mid'
-            -
                    LIMIT 1
-            -
-            -
                "
                 );
+            }
@@ -636,40 +736,94 @@ function wplc_user_initiate_chat($name,$email,$cid = null,$session) {
                 if ($cid != null) { /* change from a visitor to a chat */
-            -
                    $query =
-            -
                        "
-            -
                    UPDATE $wplc_tblname_chats
-            -
                        SET
-            -
                            `status` = '2',
-            -
                            `timestamp` = '".date("Y-m-d H:i:s")."',
-            -
                            `name` = '$name',
-            -
                            `email` = '$email',
-            -
                            `session` = '$session',
-            -
                            `ip` = '".maybe_serialize($user_data)."',
-            -
                            `url` = '".$_SERVER['HTTP_REFERER']."',
-            -
                            `last_active_timestamp` = '".date("Y-m-d H:i:s")."'
-            -
-            -
                        WHERE `id` = '$cid'
-            -
                        LIMIT 1
-            -
                    ";
-            -
                    $results = $wpdb->query($query);
                     return $cid;
+                }
                 else { // create new ID for the chat
-            -
                    $ins_array = array(
-            -
                        'status' => '2',
-            -
                        'timestamp' => date("Y-m-d H:i:s"),
-            -
                        'name' => $name,
-            -
                        'email' => $email,
-            -
                        'session' => $session,
-            -
                        'ip' => maybe_serialize($user_data),
-            -
                        'url' => $_SERVER['HTTP_REFERER'],
-            -
                        'last_active_timestamp' => date("Y-m-d H:i:s")
                     );
-            -
                    $rows_affected = $wpdb->insert( $wplc_tblname_chats, $ins_array );
                     $lastid = $wpdb->insert_id;
                     return $lastid;
+                }
@@ -876,7 +1030,7 @@ function wplc_get_memory_usage() {
+            }
             function wplc_record_mem() {
                 $data = array(
-            -
                    'date' => date('Y-m-d H:i:s'),
                     'php_mem' => wplc_get_memory_usage()
                 );
                 $fp = @fopen(ABSPATH.'/wp-content/uploads/wp-live-chat-support'."/mem_usag.csv","a+");


18	'user_agent' => $_SERVER['HTTP_USER_AGENT']
19	);
20	}
















21
22	+ // $ins_array = array(
23	+ // 'status' => '5',
24	+ // 'timestamp' => date("Y-m-d H:i:s"),
25	+ // 'name' => $name,
26	+ // 'email' => $email,
27	+ // 'session' => $session,
28	+ // 'ip' => maybe_serialize($user_data),
29	+ // 'url' => $_SERVER['HTTP_REFERER'],
30	+ // 'last_active_timestamp' => date("Y-m-d H:i:s")
31	+ // );
32	+ //
33	+ // $rows_affected = $wpdb->insert( $wplc_tblname_chats, $ins_array );
34	+
35	+ $wpdb->insert(
36	+ $wplc_tblname_chats,
37	+ array(
38	+ 'status' => '5',
39	+ 'timestamp' => current_time('mysql'),
40	+ 'name' => $name,
41	+ 'email' => $email,
42	+ 'session' => $session,
43	+ 'ip' => maybe_serialize($user_data),
44	+ 'url' => $_SERVER['HTTP_REFERER'],
45	+ 'last_active_timestamp' => current_time('mysql')
46	+ ),
47	+ array(
48	+ '%s',
49	+ '%s',
50	+ '%s',
51	+ '%s',
52	+ '%s',
53	+ '%s',
54	+ '%s',
55	+ '%s'
56	+ )
57	+ );
58	+
59	$lastid = $wpdb->insert_id;
60
61

63
64	}
65	function wplc_update_user_on_page($cid, $status = 5,$session) {
66	+
67	global $wpdb;
68	global $wplc_tblname_chats;
69	$wplc_settings = get_option('WPLC_SETTINGS');

80	);
81	}
82
83	+ // $query =
84	+ // "
85	+ // UPDATE $wplc_tblname_chats
86	+ // SET
87	+ // `url` = '".$_SERVER['HTTP_REFERER']."',
88	+ // `last_active_timestamp` = '".date("Y-m-d H:i:s")."',
89	+ // `ip` = '".maybe_serialize($user_data)."',
90	+ // `status` = '$status',
91	+ // `session` = '$session'
92	+ //
93	+ // WHERE `id` = '$cid'
94	+ // LIMIT 1
95	+ // ";
96	+ // $results = $wpdb->query($query);
97	+
98	+ $query = $wpdb->update(
99	+ $wplc_tblname_chats,
100	+ array(
101	+ 'url' => $_SERVER['HTTP_REFERER'],
102	+ 'last_active_timestamp' => current_time('mysql'),
103	+ 'ip' => maybe_serialize($user_data),
104	+ 'status' => $status,
105	+ 'session' => $session,
106	+ ),
107	+ array('id' => $cid),
108	+ array(
109	+ '%s',
110	+ '%s',
111	+ '%s',
112	+ '%d',
113	+ '%s'
114	+ ),
115	+ array('%d')
116	+ );
117





118
119	+ return $query;
120
121
122	}

128	global $wplc_tblname_msgs;
129
130	if ($from == "1") {
131	+ $fromname = wplc_return_chat_name(sanitize_text_field($cid));
132	//$fromemail = wplc_return_chat_email($cid);
133	$orig = '2';
134	}

139	}
140
141
142	+ // $ins_array = array(
143	+ // 'chat_sess_id' => $cid,
144	+ // 'timestamp' => date("Y-m-d H:i:s"),
145	+ // 'from' => $fromname,
146	+ // 'msg' => $msg,
147	+ // 'status' => 0,
148	+ // 'originates' => $orig
149	+ // );
150	+ //
151	+ // $rows_affected = $wpdb->insert( $wplc_tblname_msgs, $ins_array );
152	+
153	+ $wpdb->insert(
154	+ $wplc_tblname_msgs,
155	+ array(
156	+ 'chat_sess_id' => $cid,
157	+ 'timestamp' => current_time('mysql'),
158	+ 'from' => $fromname,
159	+ 'msg' => $msg,
160	+ 'status' => 0,
161	+ 'originates' => $orig
162	+ ),
163	+ array(
164	+ '%s',
165	+ '%s',
166	+ '%s',
167	+ '%s',
168	+ '%d',
169	+ '%s'
170	+ )
171	);









172
173	+ wplc_update_active_timestamp(sanitize_text_field($cid));
174	+ wplc_change_chat_status(sanitize_text_field($cid),3);
175
176	return true;
177

178	}
179
180	function wplc_update_active_timestamp($cid) {
181	global $wpdb;
182	global $wplc_tblname_chats;
183	+ // $results = $wpdb->get_results(
184	+ // "
185	+ // UPDATE $wplc_tblname_chats
186	+ // SET `last_active_timestamp` = '".date("Y-m-d H:i:s")."'
187	+ // WHERE `id` = '$cid'
188	+ // LIMIT 1
189	+ // "
190	+ // );
191	+ $wpdb->update(
192	+ $wplc_tblname_chats,
193	+ array(
194	+ 'last_active_timestamp' => current_time('mysql')
195	+ ),
196	+ array('id' => $cid),
197	+ array('%s'),
198	+ array('%d')
199	);
200	+
201	+ wplc_change_chat_status(sanitize_text_field($cid),3);
202	return true;
203
204	}

417	LIMIT 1
418	"
419	);
420	+ $wpdb->update(
421	+ $wplc_tblname_chats,
422	+ array(
423	+ 'status' => $status
424	+ ),
425	+ array('id' => $id),
426	+ array('%d'),
427	+ array('%d')
428	+ );
429	return true;
430
431	}

520
521	foreach ($results as $result) {
522	$id = $result->id;
523	+ // $check = $wpdb->query(
524	+ // "
525	+ // UPDATE $wplc_tblname_msgs
526	+ // SET `status` = 1
527	+ // WHERE `id` = '$id'
528	+ // LIMIT 1
529	+ //
530	+ // "
531	+ // );
532	+
533	+ $wpdb->update(
534	+ $wplc_tblname_msgs,
535	+ array(
536	+ 'status' => 1
537	+ ),
538	+ array('id' => $id),
539	+ array('%d'),
540	+ array('%d')
541	);
542	+
543	+
544	}
545	return "ok";
546

555
556	global $wpdb;
557	global $wplc_tblname_msgs;
558	+
559	$results = $wpdb->get_results(
560	"
561	SELECT *

565
566	"
567	);
568	+
569	$msg_hist = "";
570	foreach ($results as $result) {
571	+
572	$id = $result->id;
573	$from = $result->from;
574	wplc_mark_as_read_admin_chat_messages($id);

586	}
587	} else {
588	$class = "wplc-user-message";
589	+
590	if(isset($_COOKIE['wplc_email']) && $_COOKIE['wplc_email'] != ""){ $wplc_user_gravatar = md5(strtolower(trim($_COOKIE['wplc_email']))); } else { $wplc_user_gravatar = ""; }
591	+
592	if($wplc_user_gravatar != ""){
593	$image = "<img src='http://www.gravatar.com/avatar/$wplc_user_gravatar?s=20' />";
594	} else {
595	$image = "";
596	}
597	}
598	+
599	if(function_exists('wplc_decrypt_msg')){
600	$msg = wplc_decrypt_msg($msg);
601	}

615	global $wpdb;
616	global $wplc_tblname_msgs;
617
618	+ // $check = $wpdb->query(
619	+ // "
620	+ // UPDATE $wplc_tblname_msgs
621	+ // SET `status` = 1
622	+ // WHERE `id` = '$mid'
623	+ // LIMIT 1
624	+ //
625	+ // "
626	+ // );
627	+
628	+ $wpdb->update(
629	+ $wplc_tblname_msgs,
630	+ array(
631	+ 'status' => 1
632	+ ),
633	+ array('id' => $mid),
634	+ array('%d'),
635	+ array('%d')
636	);
637
638	+
639	}
640
641

736
737	if ($cid != null) { /* change from a visitor to a chat */
738
739	+ // $query =
740	+ // "
741	+ // UPDATE $wplc_tblname_chats
742	+ // SET
743	+ // `status` = '2',
744	+ // `timestamp` = '".date("Y-m-d H:i:s")."',
745	+ // `name` = '$name',
746	+ // `email` = '$email',
747	+ // `session` = '$session',
748	+ // `ip` = '".maybe_serialize($user_data)."',
749	+ // `url` = '".$_SERVER['HTTP_REFERER']."',
750	+ // `last_active_timestamp` = '".date("Y-m-d H:i:s")."'
751	+ //
752	+ // WHERE `id` = '$cid'
753	+ // LIMIT 1
754	+ // ";
755	+ // $results = $wpdb->query($query);
756	+
757	+ $wpdb->update(
758	+ $wplc_tblname_chats,
759	+ array(
760	+ 'status' => 2,
761	+ 'timestamp' => current_time('mysql'),
762	+ 'name' => $name,
763	+ 'email' => $email,
764	+ 'session' => $session,
765	+ 'ip' => maybe_serialize($user_data),
766	+ 'url' => $_SERVER['HTTP_REFERER'],
767	+ 'last_active_timestamp' => current_time('mysql')
768	+ ),
769	+ array('id' => $cid),
770	+ array(
771	+ '%d',
772	+ '%s',
773	+ '%s',
774	+ '%s',
775	+ '%s',
776	+ '%s',
777	+ '%s',
778	+ '%s'
779	+ ),
780	+ array('%d')
781	+ );
782	+
783	return $cid;
784	}
785	else { // create new ID for the chat
786
787
788
789	+ // $ins_array = array(
790	+ // 'status' => '2',
791	+ // 'timestamp' => date("Y-m-d H:i:s"),
792	+ // 'name' => $name,
793	+ // 'email' => $email,
794	+ // 'session' => $session,
795	+ // 'ip' => maybe_serialize($user_data),
796	+ // 'url' => $_SERVER['HTTP_REFERER'],
797	+ // 'last_active_timestamp' => date("Y-m-d H:i:s")
798	+ // );
799	+ // $rows_affected = $wpdb->insert( $wplc_tblname_chats, $ins_array );
800	+
801	+
802	+ $wpdb->insert(
803	+ $wplc_tblname_chats,
804	+ array(
805	+ 'status' => '2',
806	+ 'timestamp' => current_time('mysql'),
807	+ 'name' => $name,
808	+ 'email' => $email,
809	+ 'session' => $session,
810	+ 'ip' => maybe_serialize($user_data),
811	+ 'url' => $_SERVER['HTTP_REFERER'],
812	+ 'last_active_timestamp' => current_time('mysql')
813	+ ),
814	+ array(
815	+ '%s',
816	+ '%s',
817	+ '%s',
818	+ '%s',
819	+ '%s',
820	+ '%s',
821	+ '%s',
822	+ '%s'
823	+ )
824	);
825	+
826	+
827	$lastid = $wpdb->insert_id;
828	return $lastid;
829	}

1030	}
1031	function wplc_record_mem() {
1032	$data = array(
1033	+ 'date' => current_time('mysql'),
1034	'php_mem' => wplc_get_memory_usage()
1035	);
1036	$fp = @fopen(ABSPATH.'/wp-content/uploads/wp-live-chat-support'."/mem_usag.csv","a+");

js/wplc_u.js CHANGED Viewed

	@@ -452,6 +452,13 @@ jQuery(document).ready(function() {
452	str=str.replace(/<p.*>/gi, "\n");
453	str=str.replace(/<a.href="(.?)".>(.?)<\/a>/gi, " $2 ($1) ");
454	str=str.replace(/<(?:.\|\s)*?>/g, "");







455	return str;
456	}
457


452	str=str.replace(/<p.*>/gi, "\n");
453	str=str.replace(/<a.href="(.?)".>(.?)<\/a>/gi, " $2 ($1) ");
454	str=str.replace(/<(?:.\|\s)*?>/g, "");
455	+
456	+ str=str.replace('iframe', "");
457	+ str=str.replace('src', "");
458	+ str=str.replace('href', "");
459	+ str=str.replace('<', "");
460	+ str=str.replace('>', "");
461	+
462	return str;
463	}
464

readme.txt CHANGED Viewed

	@@ -1,7 +1,7 @@
1	=== WP Live Chat Support ===
2	Contributors: WP-LiveChat
3	Donate link: http://www.wp-livechat.com
4	- Tags: live chat, live support, chat plugin, live help, wordpress chat, customer support, chat, live chat plugin, live support plugin, live chat support plugin, chat plugin, support plugin, support, chat software, chat online, visitor chat, chat, free chat, free live chat, customer support, online support, live help, chat widget~~, customer help~~
5	Requires at least: 3.8
6	Tested up to: 4.2.2
7	Stable tag: trunk
	@@ -35,6 +35,7 @@ The most cost effective Live Chat plugin. Chat with your visitors for free! WP L
35	* Initiate live chats with online visitors
36	* Chat to more than one visitor at a time
37	* Quick Responses (insert a predefined response to your live chat box)

38	* Access historical live chat records
39	* Set up your user profile
40	* Add your company logo to the live chat window
	@@ -47,9 +48,8 @@ The most cost effective Live Chat plugin. Chat with your visitors for free! WP L
47	* Apply animations to the chat window
48	* Anonymity for your visitors
49	* Choose when to accept chats
50	- * Encrypt your live chat conversations
51
52	- Get the [WP Live Chat Support Pro Add-on](http://wp-livechat.com/purchase-pro/?utm_source=readme&utm_medium=wordpress&utm_campaign=buy) for only $29.95!
53
54	= Coming soon =
55	* (Free & Pro) Improvements - Better link and image handling within the live chat text area
	@@ -173,11 +173,18 @@ If the live chat box still does not appear on your website, please go through th
173
174	== Upgrade Notice ==
175




176	= 4.1.4 =
177	It is highly recommended that you upgrade to WP Live Chat Support version 4.1.4
178
179	== Changelog ==
180



181	= 4.3.5 Espresso - 2015-07-03 - Low Priority =
182	* Enhancement: Provision made for live chat encryption in the Pro version (compatibility)
183	* Updated Translations:


1	=== WP Live Chat Support ===
2	Contributors: WP-LiveChat
3	Donate link: http://www.wp-livechat.com
4	+ Tags: live chat, live support, chat plugin, live help, wordpress chat, customer support, chat, live chat plugin, live support plugin, live chat support plugin, chat plugin, support plugin, support, chat software, chat online, visitor chat, chat, free chat, free live chat, customer support, online support, live help, chat widget
5	Requires at least: 3.8
6	Tested up to: 4.2.2
7	Stable tag: trunk

35	* Initiate live chats with online visitors
36	* Chat to more than one visitor at a time
37	* Quick Responses (insert a predefined response to your live chat box)
38	+ * Encrypt your live chat conversations
39	* Access historical live chat records
40	* Set up your user profile
41	* Add your company logo to the live chat window

48	* Apply animations to the chat window
49	* Anonymity for your visitors
50	* Choose when to accept chats

51
52	+ Get the [WP Live Chat Support Pro Add-on](http://wp-livechat.com/purchase-pro/?utm_source=readme&utm_medium=wordpress&utm_campaign=buy) for only $19.95!
53
54	= Coming soon =
55	* (Free & Pro) Improvements - Better link and image handling within the live chat text area

173
174	== Upgrade Notice ==
175
176	+ = 4.4.0 =
177	+ It is highly recommended that you upgrade to WP Live Chat Support version 4.4.0 for security reasons.
178	+
179	+
180	= 4.1.4 =
181	It is highly recommended that you upgrade to WP Live Chat Support version 4.1.4
182
183	== Changelog ==
184
185	+ = 4.4.0 - 2015-07-08 - Critical Priority =
186	+ * Major security update. Please ensure you update to this version to eliminate previous vulnerabilities.
187	+
188	= 4.3.5 Espresso - 2015-07-03 - Low Priority =
189	* Enhancement: Provision made for live chat encryption in the Pro version (compatibility)
190	* Updated Translations:

wp-live-chat-support.php CHANGED Viewed

	@@ -3,13 +3,16 @@
3	Plugin Name: WP Live Chat Support
4	Plugin URI: http://www.wp-livechat.com
5	Description: The easiest to use website live chat plugin. Let your visitors chat with you and increase sales conversion rates with WP Live Chat Support. No third party connection required!
6	- Version: 4.3.5
7	Author: WP-LiveChat
8	Author URI: http://www.wp-livechat.com
9	*/
10
11
12	- /* 4.3.5 ~~Espresso~~ - 2015-07-03 - ~~Low~~ Priority



13	* Enhancement: Provision made for live chat encryption in the Pro version (compatibility)
14	* Updated Translations:
15	* Hungarian (Thank you Andor Molnar)
	@@ -207,12 +210,13 @@ global $wplc_tblname_chats;
207	global $wplc_tblname_msgs;
208	$wplc_tblname_chats = $wpdb->prefix . "wplc_chat_sessions";
209	$wplc_tblname_msgs = $wpdb->prefix . "wplc_chat_msgs";
210	- $wplc_version = "4.3.05";
211
212	define('WPLC_BASIC_PLUGIN_DIR', dirname(__FILE__));
213	define('WPLC_BASIC_PLUGIN_URL', plugins_url() . "/wp-live-chat-support/");
214	global $wplc_basic_plugin_url;
215	$wplc_basic_plugin_url = get_option('siteurl') . "/wp-content/plugins/wp-live-chat-support/";

216	require_once (plugin_dir_path(__FILE__) . "functions.php");
217	add_action('wp_ajax_wplc_admin_set_transient', 'wplc_action_callback');
218	add_action('init', 'wplc_version_control');
	@@ -247,7 +251,9 @@ function wplc_basic_check() {
247
248	function wplc_init() {
249	$plugin_dir = basename(dirname(__FILE__)) . "/languages/";
250	- load_plugin_textdomain('wplivechat', false, $plugin_dir);


251	}
252
253	function wplc_version_control() {
	@@ -648,9 +654,8 @@ function wplc_admin_display_chat($cid) {
648	echo $msg_hist;
649	}
650
651	- function wplc_admin_accept_chat($cid) {
652	-
653	- wplc_change_chat_status($cid, 3);
654	return true;
655	}
656
	@@ -669,9 +674,9 @@ function wplc_superadmin_javascript() {
669	} // main page
670	else if (isset($_GET['action'])) {
671	if (function_exists("wplc_register_pro_version")) {
672	- wplc_return_pro_admin_chat_javascript($_GET['cid']);
673	} else {
674	- wplc_return_admin_chat_javascript($_GET['cid']);
675	}
676	}
677	}
	@@ -912,62 +917,65 @@ function wplc_admin_menu_layout() {
912	}
913
914	function wplc_admin_menu_layout_display() {
915	- if (~~!isset~~(~~$_GET[~~'~~action~~'])) {
916	- ?>
917	- ~~<div~~ ~~style=~~'~~float:right;~~ ~~display:block; width:450px; padding:10px; text-align:center; background-color: #EEE; border: 1px solid #E6DB55; margin:10px;'>~~
918	- ~~<strong><?php _e("Experiencing problems with the plugin?", "wplivechat") ?></strong>~~
919	- <br />
920	- <~~a href='http://wp-livechat.com/documentation/' title='WP Live Chat Support Documentation' target='_BLANK'~~><?php _e("~~Review~~ the ~~documentation.~~", "wplivechat") ?></a>
921	- ~~<?php _e("Or ask a question on our", "wplivechat") ?>~~ <a ~~href='http://wp-livechat.com/forums/forum/support/' title='WP Live Chat Support Forum' target='_BLANK'><?php _e('Support forum.', 'wplivechat'); ?></a>~~
922	- ~~</div~~>
923	- <~~br/>~~
924	- <br/>
925	- <br/>
926	- <div class='wplc_page_title'>
927	- <h1><?php _e("Chat sessions", "wplivechat"); ?></h1>
928	-
929	- <p><?php _e("Please note: This window must be open in order to receive new chat notifications.", "wplivechat"); ?></p>
930	- </div>
931	- <div id="wplc_sound"></div>
932	-
933	- <div class="wplc_admin_dashboard_container">
934	- <div id="wplc_sound"></div>
935	- <div id="wplc_admin_chat_area">
936	- <?php
937	- if (function_exists("wplc_register_pro_version")) {
938	- echo wplc_list_chats_pro();
939	- } else {
940	- echo wplc_list_chats();
941	- }
942	- ?>
943	</div>
944	- <~~div id="wplc_admin_visitor_area">~~
945	- <~~h1><?php _e("Visitors on site", "wplivechat") ?></h1>~~
946	- <p>
947	- ~~<?php~~ ~~_e("With the Pro add-on of WP Live Chat Support, you can", "wplivechat"); ?>~~
948	- <~~a href="http://www.wp-livechat.com/purchase-pro/?utm_source=plugin&utm_medium=link&utm_campaign=initiate1" title="<?~~php _e("~~see~~ ~~who's online and initiate chats~~", "wplivechat"); ~~?>" target=\"_BLANK\"~~>
949	- ~~<?php _e("see who's online and initiate chats", "wplivechat"); ?>~~
950	- ~~</a> <?~~php _e("~~with~~ ~~your~~ ~~online~~ ~~visitors~~ ~~with~~ ~~the~~ ~~click~~ of a ~~button~~.", "wplivechat"); ?>
951	- <a href="http://www.wp-livechat.com/purchase-pro/?utm_source=plugin&utm_medium=link&utm_campaign=initiate2" title="<?php _e("Buy the Pro add-on now for only $19.95. Free Updates FOREVER.", "wplivechat"); ?>" target=\"_BLANK\">
952	- <strong>
953	- <?php _e("Buy the Pro add-on now for only $19.95. Free Updates Forever.", "wplivechat"); ?>
954	- </strong>
955	- </a>
956	- </p>
957	</div>
958	- </div>
959
960	- ~~<?php~~
961	- } ~~else {~~
962	- if ~~($_GET['action'] == 'ac') {~~
963	- ~~wplc_change_chat_status($_GET['cid'], 3);~~
964	- if (function_exists('wplc_ma_register')) {
965	- wplc_ma_update_agent_id($_GET['cid'], $_GET['agent_id']);
966	- }
967	if (function_exists("wplc_register_pro_version")) {
968	- ~~wplc_pro_draw_chat_area~~(~~$_GET['cid']~~);
969	} else {
970	- ~~wplc_draw_chat_area~~(~~$_GET['cid']~~);































971	}
972	}
973	}
	@@ -1267,12 +1275,20 @@ function wplc_return_admin_chat_javascript($cid) {
1267	});
1268
1269	function wplc_strip(str) {
1270	- str = str.replace(/<br>/gi, "\n");
1271	- str = str.replace(/<p.*>/gi, "\n");
1272	- str = str.replace(/<a.href="(.?)".>(.?)<\/a>/gi, " $2 ($1) ");
1273	- str = str.replace(/<(?:.\|\s)*?>/g, "");







1274	return str;
1275	}

1276	jQuery("#wplc_admin_send_msg").on("click", function () {
1277	var wplc_cid = jQuery("#wplc_admin_cid").val();
1278	var wplc_chat = wplc_strip(document.getElementById('wplc_admin_chatmsg').value);
	@@ -1531,14 +1547,14 @@ function wplc_head_basic() {
1531	foreach($wplc_banned_ip_addresses as $key => $value) {
1532	$data[$key] = trim($value);
1533	}
1534	- $wplc_banned_ip_addresses = maybe_serialize($data);
1535
1536	update_option('WPLC_BANNED_IP_ADDRESSES', $wplc_banned_ip_addresses);
1537	}
1538
1539	update_option('WPLC_SETTINGS', $wplc_data);
1540	if (isset($_POST['wplc_hide_chat'])) {
1541	- update_option("WPLC_HIDE_CHAT", $_POST['wplc_hide_chat']);
1542	}
1543
1544


3	Plugin Name: WP Live Chat Support
4	Plugin URI: http://www.wp-livechat.com
5	Description: The easiest to use website live chat plugin. Let your visitors chat with you and increase sales conversion rates with WP Live Chat Support. No third party connection required!
6	+ Version: 4.4.0
7	Author: WP-LiveChat
8	Author URI: http://www.wp-livechat.com
9	*/
10
11
12	+ /* 4.4.0 - 2015-07-08 - Critical Priority
13	+ * Major security update. Please ensure you update to this version to eliminate previous vulnerabilities.
14	+ *
15	+ * 4.3.5 Espresso - 2015-07-03 - Low Priority
16	* Enhancement: Provision made for live chat encryption in the Pro version (compatibility)
17	* Updated Translations:
18	* Hungarian (Thank you Andor Molnar)

210	global $wplc_tblname_msgs;
211	$wplc_tblname_chats = $wpdb->prefix . "wplc_chat_sessions";
212	$wplc_tblname_msgs = $wpdb->prefix . "wplc_chat_msgs";
213	+ $wplc_version = "4.4.00";
214
215	define('WPLC_BASIC_PLUGIN_DIR', dirname(__FILE__));
216	define('WPLC_BASIC_PLUGIN_URL', plugins_url() . "/wp-live-chat-support/");
217	global $wplc_basic_plugin_url;
218	$wplc_basic_plugin_url = get_option('siteurl') . "/wp-content/plugins/wp-live-chat-support/";
219	+
220	require_once (plugin_dir_path(__FILE__) . "functions.php");
221	add_action('wp_ajax_wplc_admin_set_transient', 'wplc_action_callback');
222	add_action('init', 'wplc_version_control');

251
252	function wplc_init() {
253	$plugin_dir = basename(dirname(__FILE__)) . "/languages/";
254	+ load_plugin_textdomain('wplivechat', false, $plugin_dir);
255	+
256	+
257	}
258
259	function wplc_version_control() {

654	echo $msg_hist;
655	}
656
657	+ function wplc_admin_accept_chat($cid) {
658	+ wplc_change_chat_status(sanitize_text_field($cid), 3);

659	return true;
660	}
661

674	} // main page
675	else if (isset($_GET['action'])) {
676	if (function_exists("wplc_register_pro_version")) {
677	+ wplc_return_pro_admin_chat_javascript(sanitize_text_field($_GET['cid']));
678	} else {
679	+ wplc_return_admin_chat_javascript(sanitize_text_field($_GET['cid']));
680	}
681	}
682	}

917	}
918
919	function wplc_admin_menu_layout_display() {
920	+ if(current_user_can('wplc_ma_agent') \|\| current_user_can('manage_options')){
921	+
922	+ if (!isset($_GET['action'])) {
923	+ ?>
924	+ <div style='float:right; display:block; width:450px; padding:10px; text-align:center; background-color: #EEE; border: 1px solid #E6DB55; margin:10px;'>
925	+ <strong><?php _e("Experiencing problems with the plugin?", "wplivechat") ?></strong>
926	+ <br />
927	+ <a href='http://wp-livechat.com/documentation/' title='WP Live Chat Support Documentation' target='_BLANK'><?php _e("Review the documentation.", "wplivechat") ?></a>
928	+ <?php _e("Or ask a question on our", "wplivechat") ?> <a href='http://wp-livechat.com/forums/forum/support/' title='WP Live Chat Support Forum' target='_BLANK'><?php _e('Support forum.', 'wplivechat'); ?></a>



















929	</div>
930	+ <br/>
931	+ <br/>
932	+ <br/>
933	+ <div class='wplc_page_title'>
934	+ <h1><?php _e("Chat sessions", "wplivechat"); ?></h1>
935	+
936	+ <p><?php _e("Please note: This window must be open in order to receive new chat notifications.", "wplivechat"); ?></p>






937	</div>
938	+ <div id="wplc_sound"></div>
939
940	+ <div class="wplc_admin_dashboard_container">
941	+ <div id="wplc_sound"></div>
942	+ <div id="wplc_admin_chat_area">
943	+ <?php



944	if (function_exists("wplc_register_pro_version")) {
945	+ echo wplc_list_chats_pro();
946	} else {
947	+ echo wplc_list_chats();
948	+ }
949	+ ?>
950	+ </div>
951	+ <div id="wplc_admin_visitor_area">
952	+ <h1><?php _e("Visitors on site", "wplivechat") ?></h1>
953	+ <p>
954	+ <?php _e("With the Pro add-on of WP Live Chat Support, you can", "wplivechat"); ?>
955	+ <a href="http://www.wp-livechat.com/purchase-pro/?utm_source=plugin&utm_medium=link&utm_campaign=initiate1" title="<?php _e("see who's online and initiate chats", "wplivechat"); ?>" target=\"_BLANK\">
956	+ <?php _e("see who's online and initiate chats", "wplivechat"); ?>
957	+ </a> <?php _e("with your online visitors with the click of a button.", "wplivechat"); ?>
958	+ <a href="http://www.wp-livechat.com/purchase-pro/?utm_source=plugin&utm_medium=link&utm_campaign=initiate2" title="<?php _e("Buy the Pro add-on now for only $19.95. Free Updates FOREVER.", "wplivechat"); ?>" target=\"_BLANK\">
959	+ <strong>
960	+ <?php _e("Buy the Pro add-on now for only $19.95. Free Updates Forever.", "wplivechat"); ?>
961	+ </strong>
962	+ </a>
963	+ </p>
964	+ </div>
965	+ </div>
966	+
967	+ <?php
968	+ } else {
969	+ if ($_GET['action'] == 'ac') {
970	+ wplc_change_chat_status(sanitize_text_field($_GET['cid']), 3);
971	+ if (function_exists('wplc_ma_register')) {
972	+ wplc_ma_update_agent_id(sanitize_text_field($_GET['cid']), sanitize_text_field($_GET['agent_id']));
973	+ }
974	+ if (function_exists("wplc_register_pro_version")) {
975	+ wplc_pro_draw_chat_area(sanitize_text_field($_GET['cid']));
976	+ } else {
977	+ wplc_draw_chat_area(sanitize_text_field($_GET['cid']));
978	+ }
979	}
980	}
981	}

1275	});
1276
1277	function wplc_strip(str) {
1278	+ str=str.replace(/<br>/gi, "\n");
1279	+ str=str.replace(/<p.*>/gi, "\n");
1280	+ str=str.replace(/<a.href="(.?)".>(.?)<\/a>/gi, " $2 ($1) ");
1281	+ str=str.replace(/<(?:.\|\s)*?>/g, "");
1282	+
1283	+ str=str.replace('iframe', "");
1284	+ str=str.replace('src', "");
1285	+ str=str.replace('href', "");
1286	+ str=str.replace('<', "");
1287	+ str=str.replace('>', "");
1288	+
1289	return str;
1290	}
1291	+
1292	jQuery("#wplc_admin_send_msg").on("click", function () {
1293	var wplc_cid = jQuery("#wplc_admin_cid").val();
1294	var wplc_chat = wplc_strip(document.getElementById('wplc_admin_chatmsg').value);

1547	foreach($wplc_banned_ip_addresses as $key => $value) {
1548	$data[$key] = trim($value);
1549	}
1550	+ $wplc_banned_ip_addresses = maybe_serialize(sanitize_text_field($data));
1551
1552	update_option('WPLC_BANNED_IP_ADDRESSES', $wplc_banned_ip_addresses);
1553	}
1554
1555	update_option('WPLC_SETTINGS', $wplc_data);
1556	if (isset($_POST['wplc_hide_chat'])) {
1557	+ update_option("WPLC_HIDE_CHAT", esc_attr($_POST['wplc_hide_chat']));
1558	}
1559
1560