WP Meta SEO - Version 3.7.5

Version Description

Fix : Warning returned on frontend
Fix : Load Dashboard widget content using ajax method (large amount of data)
Fix : PHP warning in redirect URL interface

Release Info

Developer	JoomUnited
Plugin	WP Meta SEO
Version	3.7.5
Comparing to
See all releases

Code changes from version 3.7.4 to 3.7.5

Files changed (35) hide show

css/html_sitemap.css +4 -0
inc/breadcrumb/class.metaseo-breadcrumb.php +1 -1
inc/class.image-helper.php +1 -1
inc/class.metaseo-admin.php +10 -3
inc/class.metaseo-broken-link-table.php +16 -16
inc/class.metaseo-content-list-table.php +28 -28
inc/class.metaseo-dashboard.php +6 -6
inc/class.metaseo-front_end.php +1 -1
inc/class.metaseo-image-list-table.php +24 -24
inc/class.metaseo-link-list-table.php +15 -15
inc/class.metaseo-metabox.php +7 -7
inc/class.metaseo-sitemap.php +2 -2
inc/google_analytics/tracking/code-classic.php +1 -1
inc/google_analytics/tracking/code-universal.php +1 -1
inc/google_analytics/tracking/events-universal.php +1 -1
inc/pages/content-meta.php +1 -1
inc/pages/dashboard.php +0 -3
inc/pages/dashboard_widgets.php +0 -3
inc/pages/google-analytics/menu.php +2 -2
inc/pages/image-meta.php +1 -1
inc/pages/link-meta.php +1 -1
inc/pages/metaseo-broken-link.php +1 -1
inc/pages/metaseo-image-compression.php +4 -4
inc/pages/settings.php +3 -3
inc/pages/sitemaps/metaseo-google-sitemap.php +2 -2
inc/pages/sitemaps/metaseo-source_menu.php +1 -1
inc/pages/sitemaps/metaseo-source_pages.php +1 -1
inc/pages/sitemaps/metaseo-source_posts.php +1 -1
js/dashboard.js +48 -1
js/dashboard_widgets.js +48 -1
js/wpms-broken-link.js +2 -2
jutranslation/jutranslation.php +1 -1
languages/wp-meta-seo-en_US.mo +0 -0
readme.txt +7 -2
wp-meta-seo.php +141 -153

css/html_sitemap.css CHANGED Viewed

	@@ -87,4 +87,8 @@
87	.wpms_li_cate .cat_name {
88	font-weight: bold;
89	font-size: 14px;




90	}


87	.wpms_li_cate .cat_name {
88	font-weight: bold;
89	font-size: 14px;
90	+ }
91	+
92	+ .page-header-excerpt {
93	+ display: none;
94	}

inc/breadcrumb/class.metaseo-breadcrumb.php CHANGED Viewed

	@@ -161,7 +161,7 @@ class MetaSeoBreadcrumb
161	if ($return) {
162	return $html; // for return has true
163	} else {
164	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method generateBreadcrumb
165	echo $html; // for return has false
166	}
167	}


161	if ($return) {
162	return $html; // for return has true
163	} else {
164	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method generateBreadcrumb
165	echo $html; // for return has false
166	}
167	}

inc/class.image-helper.php CHANGED Viewed

	@@ -448,7 +448,7 @@ class ImageHelper
448	// query post
449	$posts = $wpdb->get_results('SELECT ID, post_title, post_content, post_type, post_date
450	FROM ' . $wpdb->posts . '
451	- WHERE ' . implode(' AND ', $where) . ' ORDER BY ID'); // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
452
453	$results = self::IPrepare($imgs, $posts);
454	//Update some value into fields in wp_postmeta


448	// query post
449	$posts = $wpdb->get_results('SELECT ID, post_title, post_content, post_type, post_date
450	FROM ' . $wpdb->posts . '
451	+ WHERE ' . implode(' AND ', $where) . ' ORDER BY ID'); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
452
453	$results = self::IPrepare($imgs, $posts);
454	//Update some value into fields in wp_postmeta

inc/class.metaseo-admin.php CHANGED Viewed

	@@ -298,7 +298,7 @@ class MetaSeoAdmin
298	public function saveCategoryMeta($term_id)
299	{
300	global $pagenow;
301	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- Nonce used in next lines
302	if ($pagenow === 'edit-tags.php' \|\| (isset($_POST['action'], $_POST['screen']) && $_POST['action'] === 'add-tag' && $_POST['screen'] === 'edit-category')) {
303	if (empty($_POST['wpms_nonce'])
304	\|\| !wp_verify_nonce($_POST['wpms_nonce'], 'wpms_nonce')) {
	@@ -2683,14 +2683,21 @@ class MetaSeoAdmin
2683	);
2684	}
2685





2686	// in JavaScript, object properties are accessed as ajax_object.ajax_url, ajax_object.we_value
2687	wp_localize_script('wpmetaseoAdmin', 'wpms_localize', array(

2688	'ajax_url' => admin_url('admin-ajax.php'),
2689	'settings' => $this->settings,
2690	'wpms_cat_metatitle_length' => MPMSCAT_TITLE_LENGTH,
2691	'wpms_cat_metadesc_length' => MPMSCAT_DESC_LENGTH,
2692	'wpms_cat_metakeywords_length' => MPMSCAT_KEYWORDS_LENGTH,
2693	- 'wpms_nonce' => wp_create_nonce('wpms_nonce')

2694	));
2695	}
2696
	@@ -2978,7 +2985,7 @@ class MetaSeoAdmin
2978	public function loadPage()
2979	{
2980	if (isset($_GET['page'])) {
2981	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
2982	switch ($_GET['page']) {
2983	case 'metaseo_google_analytics':
2984	echo "<div class='error wpms_msg_ublock'><p>";


298	public function saveCategoryMeta($term_id)
299	{
300	global $pagenow;
301	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- Nonce used in next lines
302	if ($pagenow === 'edit-tags.php' \|\| (isset($_POST['action'], $_POST['screen']) && $_POST['action'] === 'add-tag' && $_POST['screen'] === 'edit-category')) {
303	if (empty($_POST['wpms_nonce'])
304	\|\| !wp_verify_nonce($_POST['wpms_nonce'], 'wpms_nonce')) {

2683	);
2684	}
2685
2686	+ if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
2687	+ $addon_active = 1;
2688	+ } else {
2689	+ $addon_active = 0;
2690	+ }
2691	// in JavaScript, object properties are accessed as ajax_object.ajax_url, ajax_object.we_value
2692	wp_localize_script('wpmetaseoAdmin', 'wpms_localize', array(
2693	+ 'addon_active' => $addon_active,
2694	'ajax_url' => admin_url('admin-ajax.php'),
2695	'settings' => $this->settings,
2696	'wpms_cat_metatitle_length' => MPMSCAT_TITLE_LENGTH,
2697	'wpms_cat_metadesc_length' => MPMSCAT_DESC_LENGTH,
2698	'wpms_cat_metakeywords_length' => MPMSCAT_KEYWORDS_LENGTH,
2699	+ 'wpms_nonce' => wp_create_nonce('wpms_nonce'),
2700	+ 'home_url' => home_url()
2701	));
2702	}
2703

2985	public function loadPage()
2986	{
2987	if (isset($_GET['page'])) {
2988	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
2989	switch ($_GET['page']) {
2990	case 'metaseo_google_analytics':
2991	echo "<div class='error wpms_msg_ublock'><p>";

inc/class.metaseo-broken-link-table.php CHANGED Viewed

	@@ -148,7 +148,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
148	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
149	$current_url = remove_query_arg('paged', $current_url);
150
151	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
152	if (isset($_GET['orderby'])) {
153	$current_orderby = $_GET['orderby'];
154	} else {
	@@ -208,7 +208,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
208	$class = "class='" . esc_attr(join(' ', $class)) . "'";
209	}
210
211	- // phpcs:disable WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
212	if ($column_key === 'cb') {
213	echo '<th scope="col" ' . $id . ' ' . $class . ' style="padding:8px 10px;">' . $column_display_name . '</th>';
214	} else {
	@@ -227,7 +227,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
227	{
228	global $wpdb;
229	$where = array('1=1');
230	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
231	if (!empty($_REQUEST['sltype']) && $_REQUEST['sltype'] !== 'all') {
232	if ($_REQUEST['sltype'] !== 'other') {
233	$where[] = $wpdb->prepare('type = %s', array($_REQUEST['sltype']));
	@@ -312,7 +312,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
312	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
313	}
314
315	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
316	$total_items = $wpdb->get_var('SELECT COUNT(id) FROM ' . $wpdb->prefix . 'wpms_links WHERE ' . implode(' AND ', $where) . $orderStr);
317	$columns = $this->get_columns();
318	$hidden = array();
	@@ -333,7 +333,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
333	'per_page' => $per_page
334	));
335
336	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
337	$this->items = $wpdb->get_results($query);
338	}
339
	@@ -347,7 +347,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
347	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
348	require_once(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/custom_redirect_form.php');
349	}
350	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
351	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
352	return;
353	}
	@@ -394,7 +394,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
394	'not_yet_redirect' => esc_html__('Not yet redirected', 'wp-meta-seo'),
395	'already_redirect' => esc_html__('Already redirected', 'wp-meta-seo')
396	);
397	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
398	$curent_redirect = isset($_REQUEST['sl_redirect']) ? $_REQUEST['sl_redirect'] : 'all';
399	?>
400	<label for="filter-by-redirect"
	@@ -434,7 +434,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
434	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
435	$brokens['custom_redirect_url'] = esc_html__('Custom redirect URL', 'wp-meta-seo');
436	}
437	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
438	$curent_broken = isset($_REQUEST['sl_broken']) ? $_REQUEST['sl_broken'] : 'all';
439	?>
440	<label for="filter-by-broken"
	@@ -470,7 +470,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
470	'image' => esc_html__('Image', 'wp-meta-seo'),
471	'other' => esc_html__('Other', 'wp-meta-seo')
472	);
473	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
474	$curent_type = isset($_REQUEST['sltype']) ? $_REQUEST['sltype'] : 'all';
475	?>
476	<label for="filter-by-type"
	@@ -601,7 +601,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
601	<span>' . esc_html__('Check', 'wp-meta-seo') . '</span></a>'
602	);
603
604	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
605	echo $this->row_actions($row_action, false);
606	$iii = 0;
607	$jjj = 0;
	@@ -794,7 +794,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
794	$source_inner = '<span style="float: left;margin-right: 5px;">
795	<i class="material-icons metaseo_help_status" data-alt="External URL indexed">link</i></span>';
796	$source_inner .= esc_html__('404 automaticaly indexed', 'wp-meta-seo');
797	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
798	echo '<td colspan="3">' . $source_inner . '</td>';
799	} else {
800	if ($rec->type === 'comment' \|\| $rec->type === 'comment_content_url'
	@@ -847,9 +847,9 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
847
848	echo '<td colspan="3">';
849	if (!empty($source)) {
850	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
851	echo $source_inner;
852	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
853	echo $this->row_actions($row_action, false);
854	} else {
855	if ($rec->type === 'add_custom' \|\| $rec->type === 'add_rule') {
	@@ -879,7 +879,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
879	{
880	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
881	$redirect = false;
882	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
883	if (isset($_POST['search'])) {
884	$current_url = add_query_arg(
885	array(
	@@ -1566,7 +1566,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
1566	$where = array();
1567	$where[] = 'post_type IN (\'' . $post_types . '\')';
1568	$where[] = 'post_status = "publish"';
1569	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
1570	$total_posts = $wpdb->get_var('SELECT COUNT(*) FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where));
1571	$percent_post = 33.33;
1572	if (!empty($total_posts)) {
	@@ -1577,7 +1577,7 @@ class MetaSeoBrokenLinkTable extends WP_List_Table
1577	$percent_post = 33.33;
1578	}
1579
1580	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
1581	$results = $wpdb->get_results($wpdb->prepare('SELECT ID, post_title, post_excerpt, post_content, post_name, post_type, post_status FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . 'LIMIT %d OFFSET %d', array(
1582	$limit_post,
1583	$off_set


148	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
149	$current_url = remove_query_arg('paged', $current_url);
150
151	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
152	if (isset($_GET['orderby'])) {
153	$current_orderby = $_GET['orderby'];
154	} else {

208	$class = "class='" . esc_attr(join(' ', $class)) . "'";
209	}
210
211	+ // phpcs:disable WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
212	if ($column_key === 'cb') {
213	echo '<th scope="col" ' . $id . ' ' . $class . ' style="padding:8px 10px;">' . $column_display_name . '</th>';
214	} else {

227	{
228	global $wpdb;
229	$where = array('1=1');
230	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
231	if (!empty($_REQUEST['sltype']) && $_REQUEST['sltype'] !== 'all') {
232	if ($_REQUEST['sltype'] !== 'other') {
233	$where[] = $wpdb->prepare('type = %s', array($_REQUEST['sltype']));

312	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
313	}
314
315	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
316	$total_items = $wpdb->get_var('SELECT COUNT(id) FROM ' . $wpdb->prefix . 'wpms_links WHERE ' . implode(' AND ', $where) . $orderStr);
317	$columns = $this->get_columns();
318	$hidden = array();

333	'per_page' => $per_page
334	));
335
336	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
337	$this->items = $wpdb->get_results($query);
338	}
339

347	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
348	require_once(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/custom_redirect_form.php');
349	}
350	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
351	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
352	return;
353	}

394	'not_yet_redirect' => esc_html__('Not yet redirected', 'wp-meta-seo'),
395	'already_redirect' => esc_html__('Already redirected', 'wp-meta-seo')
396	);
397	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
398	$curent_redirect = isset($_REQUEST['sl_redirect']) ? $_REQUEST['sl_redirect'] : 'all';
399	?>
400	<label for="filter-by-redirect"

434	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
435	$brokens['custom_redirect_url'] = esc_html__('Custom redirect URL', 'wp-meta-seo');
436	}
437	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
438	$curent_broken = isset($_REQUEST['sl_broken']) ? $_REQUEST['sl_broken'] : 'all';
439	?>
440	<label for="filter-by-broken"

470	'image' => esc_html__('Image', 'wp-meta-seo'),
471	'other' => esc_html__('Other', 'wp-meta-seo')
472	);
473	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
474	$curent_type = isset($_REQUEST['sltype']) ? $_REQUEST['sltype'] : 'all';
475	?>
476	<label for="filter-by-type"

601	<span>' . esc_html__('Check', 'wp-meta-seo') . '</span></a>'
602	);
603
604	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
605	echo $this->row_actions($row_action, false);
606	$iii = 0;
607	$jjj = 0;

794	$source_inner = '<span style="float: left;margin-right: 5px;">
795	<i class="material-icons metaseo_help_status" data-alt="External URL indexed">link</i></span>';
796	$source_inner .= esc_html__('404 automaticaly indexed', 'wp-meta-seo');
797	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
798	echo '<td colspan="3">' . $source_inner . '</td>';
799	} else {
800	if ($rec->type === 'comment' \|\| $rec->type === 'comment_content_url'

847
848	echo '<td colspan="3">';
849	if (!empty($source)) {
850	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
851	echo $source_inner;
852	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
853	echo $this->row_actions($row_action, false);
854	} else {
855	if ($rec->type === 'add_custom' \|\| $rec->type === 'add_rule') {

879	{
880	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
881	$redirect = false;
882	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
883	if (isset($_POST['search'])) {
884	$current_url = add_query_arg(
885	array(

1566	$where = array();
1567	$where[] = 'post_type IN (\'' . $post_types . '\')';
1568	$where[] = 'post_status = "publish"';
1569	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
1570	$total_posts = $wpdb->get_var('SELECT COUNT(*) FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where));
1571	$percent_post = 33.33;
1572	if (!empty($total_posts)) {

1577	$percent_post = 33.33;
1578	}
1579
1580	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
1581	$results = $wpdb->get_results($wpdb->prepare('SELECT ID, post_title, post_excerpt, post_content, post_name, post_type, post_status FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . 'LIMIT %d OFFSET %d', array(
1582	$limit_post,
1583	$off_set

inc/class.metaseo-content-list-table.php CHANGED Viewed

	@@ -44,7 +44,7 @@ class MetaSeoContentListTable extends WP_List_Table
44
45	<input type="hidden" name="page" value="metaseo_content_meta"/>
46	<input type="hidden" name="page" value="metaseo_content_meta"/>
47	- <?php // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
48	?>
49	<?php if (!empty($_REQUEST['post_status'])) : ?>
50	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>
	@@ -79,7 +79,7 @@ class MetaSeoContentListTable extends WP_List_Table
79	protected function extra_tablenav($which) // phpcs:ignore PSR1.Methods.CamelCapsMethodName.NotCamelCaps -- extends from WP_List_Table class
80	{
81	echo '<div class="alignleft actions">';
82	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
83	$selected = !empty($_REQUEST['post_type_filter']) ? $_REQUEST['post_type_filter'] : - 1;
84
85	$options = '<option value="-1">Show All Post Types</option>';
	@@ -103,7 +103,7 @@ class MetaSeoContentListTable extends WP_List_Table
103	class="wpmsbtn wpmsbtn_small btn_do_copy post_do_copy"
104	value="' . esc_attr__('Content title as meta title', 'wp-meta-seo') . '"><span class="spinner"></span>';
105
106	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
107	$selected_duplicate = !empty($_REQUEST['wpms_duplicate_meta']) ? $_REQUEST['wpms_duplicate_meta'] : 'none';
108	$options_dups = array(
109	'none' => esc_html__('All meta information', 'wp-meta-seo'),
	@@ -119,23 +119,23 @@ class MetaSeoContentListTable extends WP_List_Table
119	}
120	}
121	$sl_duplicate .= '</select>';
122	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
123	echo sprintf('<select name="post_type_filter" class="metaseo-filter">%1$s</select>', $options);
124	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
125	echo $sl_duplicate;
126	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
127	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
128	\|\| is_plugin_active('polylang/polylang.php'))) {
129	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
130	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
131	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
132	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
133	echo $sl_lang;
134	}
135
136	echo '<input type="submit" name="do_filter" id="post-query-submit"
137	class="wpmsbtn wpmsbtn_small wpmsbtn_secondary" value="' . esc_html__('Filter', 'wp-meta-seo') . '">';
138	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
139	echo $sl_bulk . $btn_bulk;
140	echo '</div>';
141	}
	@@ -226,7 +226,7 @@ class MetaSeoContentListTable extends WP_List_Table
226	{
227	global $wpdb;
228	$this->post_types = $this->getPostTypes();
229	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
230	$post_type = isset($_REQUEST['post_type_filter']) ? $_REQUEST['post_type_filter'] : '';
231	if ($post_type === '-1') {
232	$post_type = '';
	@@ -251,7 +251,7 @@ class MetaSeoContentListTable extends WP_List_Table
251	$where = array();
252	$where[] = 'post_type IN (\'' . $post_type . '\')';
253	$where[] = 'post_status IN (\'' . $all_states . '\')';
254	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
255	$keyword = !empty($_GET['s']) ? $_GET['s'] : '';
256	if (isset($keyword) && $keyword !== '') {
257	$where[] = $wpdb->prepare('(post_title LIKE %s OR mt.meta_value LIKE %s OR md.meta_value LIKE %s)', array(
	@@ -262,9 +262,9 @@ class MetaSeoContentListTable extends WP_List_Table
262	}
263
264	//Order By block
265	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
266	$orderby = !empty($_GET['orderby']) ? ($_GET['orderby']) : 'post_title';
267	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
268	$order = !empty($_GET['order']) ? ($_GET['order']) : 'asc';
269
270	$sortable = $this->get_sortable_columns();
	@@ -285,7 +285,7 @@ class MetaSeoContentListTable extends WP_List_Table
285	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
286	}
287
288	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
289	if (isset($_GET['wpms_duplicate_meta']) && $_GET['wpms_duplicate_meta'] !== 'none') {
290	if ($_GET['wpms_duplicate_meta'] === 'duplicate_title') {
291	$where[] = 'mt.meta_key = "_metaseo_metatitle" AND mt.meta_value IN (SELECT DISTINCT meta_value FROM ' . $wpdb->postmeta . ' WHERE meta_key="_metaseo_metatitle" AND meta_value != "" GROUP BY meta_value HAVING COUNT(*) >= 2)';
	@@ -301,7 +301,7 @@ class MetaSeoContentListTable extends WP_List_Table
301	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metakeywords") mk ON mk.post_id = p.ID ';
302	$query .= ' WHERE ' . implode(' AND ', $where);
303
304	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
305	$total_items = $wpdb->get_var($query);
306
307	$query = 'SELECT DISTINCT ID, post_title, post_name, post_type, post_status, mt.meta_value AS metatitle, md.meta_value AS metadesc ,mk.meta_value AS metakeywords '
	@@ -311,7 +311,7 @@ class MetaSeoContentListTable extends WP_List_Table
311	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metakeywords") mk ON mk.post_id = p.ID';
312	// query post by lang with polylang plugin
313	if (is_plugin_active(WPMSEO_ADDON_FILENAME) && is_plugin_active('polylang/polylang.php')) {
314	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
315	if (isset($_GET['wpms_lang_list']) && $_GET['wpms_lang_list'] !== '0') {
316	$query .= $wpdb->prepare(' INNER JOIN (SELECT * FROM ' . $wpdb->term_relationships . ' as ml
317	INNER JOIN (SELECT * FROM ' . $wpdb->terms . ' WHERE slug = %s)
	@@ -322,7 +322,7 @@ class MetaSeoContentListTable extends WP_List_Table
322
323	// query post by lang with WPML plugin
324	if (is_plugin_active(WPMSEO_ADDON_FILENAME) && is_plugin_active('sitepress-multilingual-cms/sitepress.php')) {
325	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
326	if (isset($_GET['wpms_lang_list']) && $_GET['wpms_lang_list'] !== '0') {
327	$query .= $wpdb->prepare(' INNER JOIN (SELECT * FROM ' . $wpdb->prefix . 'icl_translations
328	WHERE element_type LIKE %s AND language_code = %s) t
	@@ -333,7 +333,7 @@ class MetaSeoContentListTable extends WP_List_Table
333
334	$query .= ' WHERE ' . implode(' AND ', $where) . $orderStr;
335
336	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
337	if (!empty($_REQUEST['metaseo_posts_per_page'])) {
338	$_per_page = intval($_REQUEST['metaseo_posts_per_page']);
339	} else {
	@@ -355,7 +355,7 @@ class MetaSeoContentListTable extends WP_List_Table
355	add_user_meta(get_current_user_id(), 'metaseo_posts_per_page', $per_page);
356	}
357
358	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
359	$paged = !empty($_GET['paged']) ? $_GET['paged'] : '';
360	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {
361	$paged = 1;
	@@ -379,7 +379,7 @@ class MetaSeoContentListTable extends WP_List_Table
379	$sortable = $this->get_sortable_columns();
380	$this->_column_headers = array($columns, $hidden, $sortable);
381
382	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
383	$this->items = $wpdb->get_results($query);
384	}
385
	@@ -442,7 +442,7 @@ class MetaSeoContentListTable extends WP_List_Table
442	'<td %2$s><div class="action-wrapper">
443	<strong id="' . esc_attr('post-title-' . $rec->ID) . '">%1$s</strong>',
444	esc_html($post_title),
445	- $attributes // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
446	);
447
448	$post_type_object = get_post_type_object($rec->post_type);
	@@ -481,7 +481,7 @@ class MetaSeoContentListTable extends WP_List_Table
481	}
482	}
483
484	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
485	echo $this->row_actions($actions);
486	echo '</div></td>';
487
	@@ -518,7 +518,7 @@ class MetaSeoContentListTable extends WP_List_Table
518	'<div class="title-len" id="%1$s"></div>',
519	esc_attr('metaseo-metatitle-len' . $rec->ID)
520	);
521	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
522	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
523	break;
524
	@@ -534,7 +534,7 @@ class MetaSeoContentListTable extends WP_List_Table
534	'<div class="keywords-len" id="%1$s"></div>',
535	esc_attr('metaseo-metakeywords-len' . $rec->ID)
536	);
537	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
538	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
539	break;
540
	@@ -550,7 +550,7 @@ class MetaSeoContentListTable extends WP_List_Table
550	'<div class="desc-len" id="%1$s"></div>',
551	esc_attr('metaseo-metadesc-len' . $rec->ID)
552	);
553	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
554	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
555	break;
556
	@@ -563,7 +563,7 @@ class MetaSeoContentListTable extends WP_List_Table
563	$input = '<input checked class="metaseo_post_index"
564	name="index[]" type="checkbox" value="' . esc_attr($rec->ID) . '">';
565	}
566	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
567	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
568	break;
569
	@@ -576,7 +576,7 @@ class MetaSeoContentListTable extends WP_List_Table
576	$input = '<input checked class="metaseo_post_follow"
577	name="follow[]" type="checkbox" value="' . esc_attr($rec->ID) . '">';
578	}
579	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
580	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
581	break;
582	}
	@@ -596,7 +596,7 @@ class MetaSeoContentListTable extends WP_List_Table
596	{
597	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
598	$redirect = false;
599	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
600	if (isset($_POST['do_filter'])) {
601	if (isset($_POST['post_type_filter'])) {
602	$current_url = add_query_arg(array('post_type_filter' => $_POST['post_type_filter']), $current_url);
	@@ -667,7 +667,7 @@ class MetaSeoContentListTable extends WP_List_Table
667	}
668
669	$metakeys = ltrim($metakeys, ' OR ');
670	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
671	$posts_metas = $wpdb->get_results('SELECT post_id as pID, meta_key, meta_value FROM ' . $wpdb->postmeta . ' WHERE ' . $metakeys . ' ORDER BY meta_key');
672
673	if (is_array($posts_metas) && count($posts_metas) > 0) {


44
45	<input type="hidden" name="page" value="metaseo_content_meta"/>
46	<input type="hidden" name="page" value="metaseo_content_meta"/>
47	+ <?php // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
48	?>
49	<?php if (!empty($_REQUEST['post_status'])) : ?>
50	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>

79	protected function extra_tablenav($which) // phpcs:ignore PSR1.Methods.CamelCapsMethodName.NotCamelCaps -- extends from WP_List_Table class
80	{
81	echo '<div class="alignleft actions">';
82	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
83	$selected = !empty($_REQUEST['post_type_filter']) ? $_REQUEST['post_type_filter'] : - 1;
84
85	$options = '<option value="-1">Show All Post Types</option>';

103	class="wpmsbtn wpmsbtn_small btn_do_copy post_do_copy"
104	value="' . esc_attr__('Content title as meta title', 'wp-meta-seo') . '"><span class="spinner"></span>';
105
106	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
107	$selected_duplicate = !empty($_REQUEST['wpms_duplicate_meta']) ? $_REQUEST['wpms_duplicate_meta'] : 'none';
108	$options_dups = array(
109	'none' => esc_html__('All meta information', 'wp-meta-seo'),

119	}
120	}
121	$sl_duplicate .= '</select>';
122	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
123	echo sprintf('<select name="post_type_filter" class="metaseo-filter">%1$s</select>', $options);
124	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
125	echo $sl_duplicate;
126	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
127	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
128	\|\| is_plugin_active('polylang/polylang.php'))) {
129	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
130	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
131	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
132	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
133	echo $sl_lang;
134	}
135
136	echo '<input type="submit" name="do_filter" id="post-query-submit"
137	class="wpmsbtn wpmsbtn_small wpmsbtn_secondary" value="' . esc_html__('Filter', 'wp-meta-seo') . '">';
138	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
139	echo $sl_bulk . $btn_bulk;
140	echo '</div>';
141	}

226	{
227	global $wpdb;
228	$this->post_types = $this->getPostTypes();
229	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
230	$post_type = isset($_REQUEST['post_type_filter']) ? $_REQUEST['post_type_filter'] : '';
231	if ($post_type === '-1') {
232	$post_type = '';

251	$where = array();
252	$where[] = 'post_type IN (\'' . $post_type . '\')';
253	$where[] = 'post_status IN (\'' . $all_states . '\')';
254	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
255	$keyword = !empty($_GET['s']) ? $_GET['s'] : '';
256	if (isset($keyword) && $keyword !== '') {
257	$where[] = $wpdb->prepare('(post_title LIKE %s OR mt.meta_value LIKE %s OR md.meta_value LIKE %s)', array(

262	}
263
264	//Order By block
265	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
266	$orderby = !empty($_GET['orderby']) ? ($_GET['orderby']) : 'post_title';
267	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
268	$order = !empty($_GET['order']) ? ($_GET['order']) : 'asc';
269
270	$sortable = $this->get_sortable_columns();

285	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
286	}
287
288	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
289	if (isset($_GET['wpms_duplicate_meta']) && $_GET['wpms_duplicate_meta'] !== 'none') {
290	if ($_GET['wpms_duplicate_meta'] === 'duplicate_title') {
291	$where[] = 'mt.meta_key = "_metaseo_metatitle" AND mt.meta_value IN (SELECT DISTINCT meta_value FROM ' . $wpdb->postmeta . ' WHERE meta_key="_metaseo_metatitle" AND meta_value != "" GROUP BY meta_value HAVING COUNT(*) >= 2)';

301	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metakeywords") mk ON mk.post_id = p.ID ';
302	$query .= ' WHERE ' . implode(' AND ', $where);
303
304	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
305	$total_items = $wpdb->get_var($query);
306
307	$query = 'SELECT DISTINCT ID, post_title, post_name, post_type, post_status, mt.meta_value AS metatitle, md.meta_value AS metadesc ,mk.meta_value AS metakeywords '

311	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metakeywords") mk ON mk.post_id = p.ID';
312	// query post by lang with polylang plugin
313	if (is_plugin_active(WPMSEO_ADDON_FILENAME) && is_plugin_active('polylang/polylang.php')) {
314	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
315	if (isset($_GET['wpms_lang_list']) && $_GET['wpms_lang_list'] !== '0') {
316	$query .= $wpdb->prepare(' INNER JOIN (SELECT * FROM ' . $wpdb->term_relationships . ' as ml
317	INNER JOIN (SELECT * FROM ' . $wpdb->terms . ' WHERE slug = %s)

322
323	// query post by lang with WPML plugin
324	if (is_plugin_active(WPMSEO_ADDON_FILENAME) && is_plugin_active('sitepress-multilingual-cms/sitepress.php')) {
325	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
326	if (isset($_GET['wpms_lang_list']) && $_GET['wpms_lang_list'] !== '0') {
327	$query .= $wpdb->prepare(' INNER JOIN (SELECT * FROM ' . $wpdb->prefix . 'icl_translations
328	WHERE element_type LIKE %s AND language_code = %s) t

333
334	$query .= ' WHERE ' . implode(' AND ', $where) . $orderStr;
335
336	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
337	if (!empty($_REQUEST['metaseo_posts_per_page'])) {
338	$_per_page = intval($_REQUEST['metaseo_posts_per_page']);
339	} else {

355	add_user_meta(get_current_user_id(), 'metaseo_posts_per_page', $per_page);
356	}
357
358	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
359	$paged = !empty($_GET['paged']) ? $_GET['paged'] : '';
360	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {
361	$paged = 1;

379	$sortable = $this->get_sortable_columns();
380	$this->_column_headers = array($columns, $hidden, $sortable);
381
382	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
383	$this->items = $wpdb->get_results($query);
384	}
385

442	'<td %2$s><div class="action-wrapper">
443	<strong id="' . esc_attr('post-title-' . $rec->ID) . '">%1$s</strong>',
444	esc_html($post_title),
445	+ $attributes // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
446	);
447
448	$post_type_object = get_post_type_object($rec->post_type);

481	}
482	}
483
484	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
485	echo $this->row_actions($actions);
486	echo '</div></td>';
487

518	'<div class="title-len" id="%1$s"></div>',
519	esc_attr('metaseo-metatitle-len' . $rec->ID)
520	);
521	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
522	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
523	break;
524

534	'<div class="keywords-len" id="%1$s"></div>',
535	esc_attr('metaseo-metakeywords-len' . $rec->ID)
536	);
537	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
538	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
539	break;
540

550	'<div class="desc-len" id="%1$s"></div>',
551	esc_attr('metaseo-metadesc-len' . $rec->ID)
552	);
553	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
554	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
555	break;
556

563	$input = '<input checked class="metaseo_post_index"
564	name="index[]" type="checkbox" value="' . esc_attr($rec->ID) . '">';
565	}
566	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
567	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
568	break;
569

576	$input = '<input checked class="metaseo_post_follow"
577	name="follow[]" type="checkbox" value="' . esc_attr($rec->ID) . '">';
578	}
579	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
580	echo sprintf('<td %2$s>%1$s</td>', $input, $attributes);
581	break;
582	}

596	{
597	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
598	$redirect = false;
599	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
600	if (isset($_POST['do_filter'])) {
601	if (isset($_POST['post_type_filter'])) {
602	$current_url = add_query_arg(array('post_type_filter' => $_POST['post_type_filter']), $current_url);

667	}
668
669	$metakeys = ltrim($metakeys, ' OR ');
670	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
671	$posts_metas = $wpdb->get_results('SELECT post_id as pID, meta_key, meta_value FROM ' . $wpdb->postmeta . ' WHERE ' . $metakeys . ' ORDER BY meta_key');
672
673	if (is_array($posts_metas) && count($posts_metas) > 0) {

inc/class.metaseo-dashboard.php CHANGED Viewed

	@@ -49,7 +49,7 @@ class MetaSeoDashboard
49	$where[] = 'post_type IN (\'' . $post_types . '\')';
50	$where[] = 'post_content <> ""';
51	$where[] = 'post_content LIKE "%<img%>%"';
52	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
53	$posts = $wpdb->get_results('SELECT ID,post_content FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID');
54	if (count($posts) > 0) {
55	$doc = new DOMDocument();
	@@ -140,7 +140,7 @@ class MetaSeoDashboard
140	{
141	$rank = $this->getRank($url);
142	if ($rank !== '') {
143	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method getRank
144	echo $rank;
145	} else {
146	esc_html_e('We can\'t get rank of this site from Alexa.com!', 'wp-meta-seo');
	@@ -277,7 +277,7 @@ class MetaSeoDashboard
277	$where = array();
278	$where[] = 'post_type IN (\'' . $post_types . '\')';
279	$where[] = 'post_status IN (\'' . $all_states . '\')';
280	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
281	$total_posts = $wpdb->get_var('SELECT COUNT(ID) FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where));
282	return $total_posts;
283	}
	@@ -312,7 +312,7 @@ class MetaSeoDashboard
312	. ' FROM ' . $wpdb->posts . ' as p'
313	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metatitle" AND meta_value != "") mt ON mt.post_id = p.ID ';
314	$query .= ' WHERE ' . implode(' AND ', $where);
315	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
316	$ps = $wpdb->get_results($query);
317
318	$metatitle_filled = 0;
	@@ -380,7 +380,7 @@ class MetaSeoDashboard
380	. ' FROM ' . $wpdb->posts . ' as p'
381	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metadesc" AND meta_value != "") mt ON mt.post_id = p.ID ';
382	$query .= ' WHERE ' . implode(' AND ', $where);
383	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
384	$wpms_posts = $wpdb->get_results($query);
385	$metadesc_filled = 0;
386	if (!empty($wpms_posts)) {
	@@ -692,7 +692,7 @@ class MetaSeoDashboard
692	$where[] = 'post_type IN (\'' . $post_types . '\')';
693	$where[] = 'post_content <> "" AND post_content LIKE "%<img%>%"';
694
695	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
696	$posts = $wpdb->get_results($wpdb->prepare('SELECT ID,post_content FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID LIMIT %d OFFSET %d', array(
697	$limit,
698	$offset


49	$where[] = 'post_type IN (\'' . $post_types . '\')';
50	$where[] = 'post_content <> ""';
51	$where[] = 'post_content LIKE "%<img%>%"';
52	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
53	$posts = $wpdb->get_results('SELECT ID,post_content FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID');
54	if (count($posts) > 0) {
55	$doc = new DOMDocument();

140	{
141	$rank = $this->getRank($url);
142	if ($rank !== '') {
143	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method getRank
144	echo $rank;
145	} else {
146	esc_html_e('We can\'t get rank of this site from Alexa.com!', 'wp-meta-seo');

277	$where = array();
278	$where[] = 'post_type IN (\'' . $post_types . '\')';
279	$where[] = 'post_status IN (\'' . $all_states . '\')';
280	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
281	$total_posts = $wpdb->get_var('SELECT COUNT(ID) FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where));
282	return $total_posts;
283	}

312	. ' FROM ' . $wpdb->posts . ' as p'
313	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metatitle" AND meta_value != "") mt ON mt.post_id = p.ID ';
314	$query .= ' WHERE ' . implode(' AND ', $where);
315	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
316	$ps = $wpdb->get_results($query);
317
318	$metatitle_filled = 0;

380	. ' FROM ' . $wpdb->posts . ' as p'
381	. ' LEFT JOIN (SELECT * FROM ' . $wpdb->postmeta . ' WHERE meta_key = "_metaseo_metadesc" AND meta_value != "") mt ON mt.post_id = p.ID ';
382	$query .= ' WHERE ' . implode(' AND ', $where);
383	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
384	$wpms_posts = $wpdb->get_results($query);
385	$metadesc_filled = 0;
386	if (!empty($wpms_posts)) {

692	$where[] = 'post_type IN (\'' . $post_types . '\')';
693	$where[] = 'post_content <> "" AND post_content LIKE "%<img%>%"';
694
695	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
696	$posts = $wpdb->get_results($wpdb->prepare('SELECT ID,post_content FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID LIMIT %d OFFSET %d', array(
697	$limit,
698	$offset

inc/class.metaseo-front_end.php CHANGED Viewed

	@@ -91,7 +91,7 @@ class MetaSeoFront
91	$tracking_code = trim($this->gaDisconnect['wpmsga_code_tracking']);
92	if (!empty($tracking_code)) {
93	echo '<script type="text/javascript">';
94	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content has saved by user when save Analytics JS code
95	echo strip_tags(stripslashes($this->gaDisconnect['wpmsga_code_tracking']));
96	echo '</script>';
97	} else {


91	$tracking_code = trim($this->gaDisconnect['wpmsga_code_tracking']);
92	if (!empty($tracking_code)) {
93	echo '<script type="text/javascript">';
94	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content has saved by user when save Analytics JS code
95	echo strip_tags(stripslashes($this->gaDisconnect['wpmsga_code_tracking']));
96	echo '</script>';
97	} else {

inc/class.metaseo-image-list-table.php CHANGED Viewed

	@@ -55,10 +55,10 @@ class MetaSeoImageListTable extends WP_List_Table
55	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
56	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
57	\|\| is_plugin_active('polylang/polylang.php'))) {
58	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
59	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
60	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
61	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
62	echo $sl_lang;
63	}
64	?>
	@@ -72,10 +72,10 @@ class MetaSeoImageListTable extends WP_List_Table
72	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
73	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
74	\|\| is_plugin_active('polylang/polylang.php'))) {
75	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
76	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
77	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
78	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
79	echo $sl_lang;
80	}
81	?>
	@@ -112,7 +112,7 @@ class MetaSeoImageListTable extends WP_List_Table
112	</div>
113
114	<input type="hidden" name="page" value="metaseo_image_meta"/>
115	- <?php // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
116	?>
117	<?php if (!empty($_REQUEST['post_status'])) : ?>
118	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>
	@@ -191,7 +191,7 @@ class MetaSeoImageListTable extends WP_List_Table
191	list($columns, $hidden, $sortable) = $this->get_column_info();
192	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
193	$current_url = remove_query_arg('paged', $current_url);
194	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
195	if (isset($_GET['orderby'])) {
196	$current_orderby = $_GET['orderby'];
197	} else {
	@@ -251,7 +251,7 @@ class MetaSeoImageListTable extends WP_List_Table
251	$class = "class='" . esc_attr(join(' ', $class)) . "'";
252	}
253
254	- // phpcs:disable WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
255	if ($column_key === 'col_id') {
256	echo '<th scope="col" ' . $id . ' ' . $class . ' ' . $style . ' colspan="1">' . $column_display_name . '</th>';
257	} elseif ($column_key === 'col_image_name') {
	@@ -297,7 +297,7 @@ class MetaSeoImageListTable extends WP_List_Table
297	global $wpdb;
298	$this->months = $this->getMonths();
299	$where = array();
300	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
301	$where[] = ' post_type="attachment" AND ((post_mime_type="image/jpeg") OR (post_mime_type="image/jpg")
302	OR (post_mime_type="image/png") OR (post_mime_type="image/gif")) ';
303	if (!empty($_REQUEST['search'])) {
	@@ -359,7 +359,7 @@ class MetaSeoImageListTable extends WP_List_Table
359	ON t.element_id = posts.ID ', array('post_%', $_GET['wpms_lang_list']));
360	}
361	}
362	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
363	$total_items = $wpdb->get_var('SELECT COUNT(ID) FROM ' . $wpdb->posts . ' as posts ' . $join . ' WHERE ' . implode(' AND ', $where) . $orderStr);
364	$query = 'SELECT DISTINCT ID, post_title as title, post_name as name, post_content as des,
365	post_excerpt as legend, guid, post_type , post_mime_type, post_status, mt.meta_value AS alt
	@@ -388,7 +388,7 @@ class MetaSeoImageListTable extends WP_List_Table
388	add_user_meta(get_current_user_id(), 'metaseo_imgs_per_page', $per_page);
389	}
390
391	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
392	$paged = !empty($_GET['paged']) ? ($_GET['paged']) : '';
393
394	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {
	@@ -412,9 +412,9 @@ class MetaSeoImageListTable extends WP_List_Table
412	$hidden = array();
413	$sortable = $this->get_sortable_columns();
414	$this->_column_headers = array($columns, $hidden, $sortable);
415	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
416	$this->items = $wpdb->get_results($query);
417	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
418	if (isset($_GET['slmeta']) && ($_GET['slmeta'] === 'missing_information' \|\| $_GET['slmeta'] === 'resizeimages')) {
419	foreach ($this->items as $item) {
420	$item->alt = get_post_meta($item->ID, '_wp_attachment_image_alt', true);
	@@ -429,7 +429,7 @@ class MetaSeoImageListTable extends WP_List_Table
429	*/
430	public function searchBox1()
431	{
432	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
433	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
434	return;
435	}
	@@ -477,7 +477,7 @@ class MetaSeoImageListTable extends WP_List_Table
477	return;
478	}
479
480	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
481	$m = isset($_REQUEST['sldate']) ? $_REQUEST['sldate'] : 0;
482	?>
483	<label for="filter-by-date"
	@@ -518,7 +518,7 @@ class MetaSeoImageListTable extends WP_List_Table
518	*/
519	public function metaFilter($name)
520	{
521	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
522	$m = isset($_REQUEST['slmeta']) ? $_REQUEST['slmeta'] : 0;
523	?>
524	<label>
	@@ -630,7 +630,7 @@ class MetaSeoImageListTable extends WP_List_Table
630	'<img src="' . esc_url($thumb_url) . '" width="100px" height="100px" class="metaseo-image"
631	data-name="' . esc_attr($img_name . $type) . '" data-img-post-id="' . esc_attr($rec->ID) . '" />'
632	);
633	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
634	echo sprintf('<td %2$s colspan="3">%1$s</td>', $img, $attributes);
635	break;
636
	@@ -648,7 +648,7 @@ class MetaSeoImageListTable extends WP_List_Table
648	<span class="spinner"></span>
649	</span>';
650	$info .= '</div>';
651	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
652	echo sprintf('<td %2$s colspan="4">%1$s</td>', $info, $attributes);
653	break;
654
	@@ -661,7 +661,7 @@ class MetaSeoImageListTable extends WP_List_Table
661	<span class="popup-close" title="Close">x</span>
662	<div class="popup-content"></div>
663	</div>';
664	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
665	echo sprintf('<td %2$s colspan="5" style="position:relative">%1$s</td>', $info, $attributes);
666	break;
667
	@@ -672,7 +672,7 @@ class MetaSeoImageListTable extends WP_List_Table
672	$input .= ('<span class="saved-info" style="position:relative">
673	<span class="spinner"></span>
674	</span>');
675	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
676	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
677	break;
678
	@@ -683,7 +683,7 @@ class MetaSeoImageListTable extends WP_List_Table
683	$input .= ('<span class="saved-info" style="position:relative">
684	<span class="spinner"></span>
685	</span>');
686	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
687	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
688	break;
689
	@@ -694,7 +694,7 @@ class MetaSeoImageListTable extends WP_List_Table
694	$input .= '<span class="saved-info" style="position:relative">
695	<span class="spinner"></span>
696	</span>';
697	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
698	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
699	break;
700
	@@ -705,7 +705,7 @@ class MetaSeoImageListTable extends WP_List_Table
705	$input .= ('<span class="saved-info" style="position:relative">
706	<span class="spinner"></span>
707	</span>');
708	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
709	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
710	break;
711	}
	@@ -1052,7 +1052,7 @@ class MetaSeoImageListTable extends WP_List_Table
1052	{
1053	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
1054	$redirect = false;
1055	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
1056	if (isset($_POST['search']) && $_POST['search'] === 'Search') {
1057	$current_url = add_query_arg(
1058	array(
	@@ -1557,7 +1557,7 @@ class MetaSeoImageListTable extends WP_List_Table
1557	$where[] = "post_content LIKE '%<img%>%'";
1558	$where[] = $w;
1559	// query post
1560	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
1561	$posts = $wpdb->get_results('SELECT ID, post_title, post_content, post_type, post_date FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID');
1562	$imgs = array($old_name . $oldpart->ext => $postID);
1563	$posts_contain_img = array();


55	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
56	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
57	\|\| is_plugin_active('polylang/polylang.php'))) {
58	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
59	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
60	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
61	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
62	echo $sl_lang;
63	}
64	?>

72	if (is_plugin_active(WPMSEO_ADDON_FILENAME)
73	&& (is_plugin_active('sitepress-multilingual-cms/sitepress.php')
74	\|\| is_plugin_active('polylang/polylang.php'))) {
75	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
76	$lang = !empty($_REQUEST['wpms_lang_list']) ? $_REQUEST['wpms_lang_list'] : '0';
77	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang);
78	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
79	echo $sl_lang;
80	}
81	?>

112	</div>
113
114	<input type="hidden" name="page" value="metaseo_image_meta"/>
115	+ <?php // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
116	?>
117	<?php if (!empty($_REQUEST['post_status'])) : ?>
118	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>

191	list($columns, $hidden, $sortable) = $this->get_column_info();
192	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
193	$current_url = remove_query_arg('paged', $current_url);
194	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
195	if (isset($_GET['orderby'])) {
196	$current_orderby = $_GET['orderby'];
197	} else {

251	$class = "class='" . esc_attr(join(' ', $class)) . "'";
252	}
253
254	+ // phpcs:disable WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
255	if ($column_key === 'col_id') {
256	echo '<th scope="col" ' . $id . ' ' . $class . ' ' . $style . ' colspan="1">' . $column_display_name . '</th>';
257	} elseif ($column_key === 'col_image_name') {

297	global $wpdb;
298	$this->months = $this->getMonths();
299	$where = array();
300	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
301	$where[] = ' post_type="attachment" AND ((post_mime_type="image/jpeg") OR (post_mime_type="image/jpg")
302	OR (post_mime_type="image/png") OR (post_mime_type="image/gif")) ';
303	if (!empty($_REQUEST['search'])) {

359	ON t.element_id = posts.ID ', array('post_%', $_GET['wpms_lang_list']));
360	}
361	}
362	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
363	$total_items = $wpdb->get_var('SELECT COUNT(ID) FROM ' . $wpdb->posts . ' as posts ' . $join . ' WHERE ' . implode(' AND ', $where) . $orderStr);
364	$query = 'SELECT DISTINCT ID, post_title as title, post_name as name, post_content as des,
365	post_excerpt as legend, guid, post_type , post_mime_type, post_status, mt.meta_value AS alt

388	add_user_meta(get_current_user_id(), 'metaseo_imgs_per_page', $per_page);
389	}
390
391	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
392	$paged = !empty($_GET['paged']) ? ($_GET['paged']) : '';
393
394	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {

412	$hidden = array();
413	$sortable = $this->get_sortable_columns();
414	$this->_column_headers = array($columns, $hidden, $sortable);
415	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
416	$this->items = $wpdb->get_results($query);
417	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
418	if (isset($_GET['slmeta']) && ($_GET['slmeta'] === 'missing_information' \|\| $_GET['slmeta'] === 'resizeimages')) {
419	foreach ($this->items as $item) {
420	$item->alt = get_post_meta($item->ID, '_wp_attachment_image_alt', true);

429	*/
430	public function searchBox1()
431	{
432	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
433	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
434	return;
435	}

477	return;
478	}
479
480	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
481	$m = isset($_REQUEST['sldate']) ? $_REQUEST['sldate'] : 0;
482	?>
483	<label for="filter-by-date"

518	*/
519	public function metaFilter($name)
520	{
521	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
522	$m = isset($_REQUEST['slmeta']) ? $_REQUEST['slmeta'] : 0;
523	?>
524	<label>

630	'<img src="' . esc_url($thumb_url) . '" width="100px" height="100px" class="metaseo-image"
631	data-name="' . esc_attr($img_name . $type) . '" data-img-post-id="' . esc_attr($rec->ID) . '" />'
632	);
633	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
634	echo sprintf('<td %2$s colspan="3">%1$s</td>', $img, $attributes);
635	break;
636

648	<span class="spinner"></span>
649	</span>';
650	$info .= '</div>';
651	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
652	echo sprintf('<td %2$s colspan="4">%1$s</td>', $info, $attributes);
653	break;
654

661	<span class="popup-close" title="Close">x</span>
662	<div class="popup-content"></div>
663	</div>';
664	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
665	echo sprintf('<td %2$s colspan="5" style="position:relative">%1$s</td>', $info, $attributes);
666	break;
667

672	$input .= ('<span class="saved-info" style="position:relative">
673	<span class="spinner"></span>
674	</span>');
675	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
676	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
677	break;
678

683	$input .= ('<span class="saved-info" style="position:relative">
684	<span class="spinner"></span>
685	</span>');
686	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
687	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
688	break;
689

694	$input .= '<span class="saved-info" style="position:relative">
695	<span class="spinner"></span>
696	</span>';
697	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
698	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
699	break;
700

705	$input .= ('<span class="saved-info" style="position:relative">
706	<span class="spinner"></span>
707	</span>');
708	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
709	echo sprintf('<td %2$s colspan="3">%1$s</td>', $input, $attributes);
710	break;
711	}

1052	{
1053	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
1054	$redirect = false;
1055	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
1056	if (isset($_POST['search']) && $_POST['search'] === 'Search') {
1057	$current_url = add_query_arg(
1058	array(

1557	$where[] = "post_content LIKE '%<img%>%'";
1558	$where[] = $w;
1559	// query post
1560	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
1561	$posts = $wpdb->get_results('SELECT ID, post_title, post_content, post_type, post_date FROM ' . $wpdb->posts . ' WHERE ' . implode(' AND ', $where) . ' ORDER BY ID');
1562	$imgs = array($old_name . $oldpart->ext => $postID);
1563	$posts_contain_img = array();

inc/class.metaseo-link-list-table.php CHANGED Viewed

	@@ -59,7 +59,7 @@ class MetaSeoLinkListTable extends WP_List_Table
59	<?php endif ?>
60
61	<input type="hidden" name="page" value="metaseo_image_meta"/>
62	- <?php // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
63	?>
64	<?php if (!empty($_REQUEST['post_status'])) : ?>
65	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>
	@@ -148,15 +148,15 @@ class MetaSeoLinkListTable extends WP_List_Table
148	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
149	$current_url = remove_query_arg('paged', $current_url);
150
151	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
152	if (isset($_GET['orderby'])) {
153	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
154	$current_orderby = $_GET['orderby'];
155	} else {
156	$current_orderby = '';
157	}
158
159	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
160	if (isset($_GET['order']) && 'desc' === $_GET['order']) {
161	$current_order = 'desc';
162	} else {
	@@ -211,7 +211,7 @@ class MetaSeoLinkListTable extends WP_List_Table
211	$class = "class='" . esc_attr(join(' ', $class)) . "'";
212	}
213
214	- // phpcs:disable WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
215	if ($column_key === 'col_id') {
216	echo '<th scope="col" ' . $id . ' ' . $class . ' ' . $style . ' colspan="1">' . $column_display_name . '</th>';
217	} elseif ($column_key === 'col_image_name') {
	@@ -240,7 +240,7 @@ class MetaSeoLinkListTable extends WP_List_Table
240	$post_type = esc_sql($post_type);
241	}
242	$post_types = implode("', '", $post_types);
243	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
244	$months = $wpdb->get_results('SELECT DISTINCT YEAR( post_date ) AS year, MONTH( post_date ) AS month FROM ' . $wpdb->posts . ' WHERE post_type IN (\'' . $post_types . '\') ORDER BY post_date DESC');
245	return $months;
246	}
	@@ -256,7 +256,7 @@ class MetaSeoLinkListTable extends WP_List_Table
256	$this->months = $this->getMonths();
257
258	$where = array('1=1');
259	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
260	$keyword = !empty($_GET['txtkeyword']) ? $_GET['txtkeyword'] : '';
261	if (isset($keyword) && $keyword !== '') {
262	$where[] .= $wpdb->prepare('(link_text LIKE %s OR link_url LIKE %s)', array(
	@@ -299,7 +299,7 @@ class MetaSeoLinkListTable extends WP_List_Table
299	add_user_meta(get_current_user_id(), 'metaseo_broken_link_per_page', $per_page);
300	}
301
302	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
303	$paged = !empty($_GET['paged']) ? $_GET['paged'] : '';
304	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {
305	$paged = 1;
	@@ -323,7 +323,7 @@ class MetaSeoLinkListTable extends WP_List_Table
323	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
324	}
325
326	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
327	$total_items = $wpdb->get_var('SELECT COUNT(id) FROM ' . $wpdb->prefix . 'wpms_links WHERE ' . implode(' AND ', $where) . $orderStr);
328	$columns = $this->get_columns();
329	$hidden = array();
	@@ -344,7 +344,7 @@ class MetaSeoLinkListTable extends WP_List_Table
344	'per_page' => $per_page
345	));
346
347	- // phpcs:ignore WordPress.WP.PreparedSQL.NotPrepared -- Variable has been prepare
348	$this->items = $wpdb->get_results($query);
349	}
350
	@@ -355,7 +355,7 @@ class MetaSeoLinkListTable extends WP_List_Table
355	*/
356	public function searchBox1()
357	{
358	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
359	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
360	return;
361	}
	@@ -422,7 +422,7 @@ class MetaSeoLinkListTable extends WP_List_Table
422	*/
423	public function sourceFilter()
424	{
425	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
426	$link_source = isset($_GET['metaseo_link_source']) ? $_GET['metaseo_link_source'] : 0;
427	?>
428	<label>
	@@ -456,7 +456,7 @@ class MetaSeoLinkListTable extends WP_List_Table
456	if (!$month_count \|\| (1 === (int) $month_count && 0 === (int) $this->months[0]->month)) {
457	return;
458	}
459	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
460	$m = isset($_REQUEST['sldate']) ? $_REQUEST['sldate'] : 0;
461	?>
462	<label for="filter-by-date"
	@@ -531,7 +531,7 @@ class MetaSeoLinkListTable extends WP_List_Table
531	echo '<td class="col_id" colspan="3">';
532	echo '<a target="_blank"
533	href="' . esc_url(get_edit_post_link($rec->source_id)) . '">' . esc_html($post->post_title) . '</a>';
534	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
535	echo $this->row_actions($row_action, false);
536	echo '</td>';
537	}
	@@ -586,7 +586,7 @@ class MetaSeoLinkListTable extends WP_List_Table
586	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
587	$redirect = false;
588
589	- // phpcs:disable WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
590	if (isset($_POST['search']) && $_POST['search'] === 'Search') {
591	$current_url = add_query_arg(
592	array(


59	<?php endif ?>
60
61	<input type="hidden" name="page" value="metaseo_image_meta"/>
62	+ <?php // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
63	?>
64	<?php if (!empty($_REQUEST['post_status'])) : ?>
65	<input type="hidden" name="post_status" value="<?php echo esc_attr($_REQUEST['post_status']); ?>"/>

148	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
149	$current_url = remove_query_arg('paged', $current_url);
150
151	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
152	if (isset($_GET['orderby'])) {
153	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
154	$current_orderby = $_GET['orderby'];
155	} else {
156	$current_orderby = '';
157	}
158
159	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
160	if (isset($_GET['order']) && 'desc' === $_GET['order']) {
161	$current_order = 'desc';
162	} else {

211	$class = "class='" . esc_attr(join(' ', $class)) . "'";
212	}
213
214	+ // phpcs:disable WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
215	if ($column_key === 'col_id') {
216	echo '<th scope="col" ' . $id . ' ' . $class . ' ' . $style . ' colspan="1">' . $column_display_name . '</th>';
217	} elseif ($column_key === 'col_image_name') {

240	$post_type = esc_sql($post_type);
241	}
242	$post_types = implode("', '", $post_types);
243	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
244	$months = $wpdb->get_results('SELECT DISTINCT YEAR( post_date ) AS year, MONTH( post_date ) AS month FROM ' . $wpdb->posts . ' WHERE post_type IN (\'' . $post_types . '\') ORDER BY post_date DESC');
245	return $months;
246	}

256	$this->months = $this->getMonths();
257
258	$where = array('1=1');
259	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
260	$keyword = !empty($_GET['txtkeyword']) ? $_GET['txtkeyword'] : '';
261	if (isset($keyword) && $keyword !== '') {
262	$where[] .= $wpdb->prepare('(link_text LIKE %s OR link_url LIKE %s)', array(

299	add_user_meta(get_current_user_id(), 'metaseo_broken_link_per_page', $per_page);
300	}
301
302	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
303	$paged = !empty($_GET['paged']) ? $_GET['paged'] : '';
304	if (empty($paged) \|\| !is_numeric($paged) \|\| $paged <= 0) {
305	$paged = 1;

323	$orderStr = ' ORDER BY ' . esc_sql($orderStr) . ' ';
324	}
325
326	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
327	$total_items = $wpdb->get_var('SELECT COUNT(id) FROM ' . $wpdb->prefix . 'wpms_links WHERE ' . implode(' AND ', $where) . $orderStr);
328	$columns = $this->get_columns();
329	$hidden = array();

344	'per_page' => $per_page
345	));
346
347	+ // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared -- Variable has been prepare
348	$this->items = $wpdb->get_results($query);
349	}
350

355	*/
356	public function searchBox1()
357	{
358	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
359	if (empty($_REQUEST['txtkeyword']) && !$this->has_items()) {
360	return;
361	}

422	*/
423	public function sourceFilter()
424	{
425	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
426	$link_source = isset($_GET['metaseo_link_source']) ? $_GET['metaseo_link_source'] : 0;
427	?>
428	<label>

456	if (!$month_count \|\| (1 === (int) $month_count && 0 === (int) $this->months[0]->month)) {
457	return;
458	}
459	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
460	$m = isset($_REQUEST['sldate']) ? $_REQUEST['sldate'] : 0;
461	?>
462	<label for="filter-by-date"

531	echo '<td class="col_id" colspan="3">';
532	echo '<a target="_blank"
533	href="' . esc_url(get_edit_post_link($rec->source_id)) . '">' . esc_html($post->post_title) . '</a>';
534	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
535	echo $this->row_actions($row_action, false);
536	echo '</td>';
537	}

586	$current_url = set_url_scheme('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
587	$redirect = false;
588
589	+ // phpcs:disable WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
590	if (isset($_POST['search']) && $_POST['search'] === 'Search') {
591	$current_url = add_query_arg(
592	array(

inc/class.metaseo-metabox.php CHANGED Viewed

	@@ -50,7 +50,7 @@ class WPMSEOMetabox extends WPMSEOMeta
50	*/
51	public function savePostData($post_id)
52	{
53	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- Nonce used in next lines
54	if (isset($_POST['metaseo_wpmseo_title'])) {
55	if (empty($_POST['_wpnonce'])
56	\|\| !wp_verify_nonce($_POST['_wpnonce'], 'update-post_' . $post_id)) {
	@@ -437,7 +437,7 @@ class WPMSEOMetabox extends WPMSEOMeta
437	$this->doTab('general', $content);
438	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
439	if ($check_connected) {
440	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::gscKeywords
441	echo apply_filters('wpmsaddon_google_search_keywords', '', $post->post_content, $service);
442	}
443	}
	@@ -659,7 +659,7 @@ class WPMSEOMetabox extends WPMSEOMeta
659	*/
660	private function getMetaboxPost()
661	{
662	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
663	if (isset($_GET['post'])) {
664	$post_id = (int) $_GET['post'];
665	$post = get_post($post_id);
	@@ -708,13 +708,13 @@ class WPMSEOMetabox extends WPMSEOMeta
708	<?php endif; ?>
709	<table class="form-table">
710	<?php
711	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method doMetaBox
712	echo $content;
713	?>
714	</table>
715	<?php
716	if ($id === 'general') {
717	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method pageAnalysis
718	echo $this->pageAnalysis($post);
719	$settings = get_option('_metaseo_settings');
720	if (!empty($settings['metaseo_follow'])) {
	@@ -732,7 +732,7 @@ class WPMSEOMetabox extends WPMSEOMeta
732	<i class="material-icons alignright metaseo_help" id="deschelp"
733	data-alt="' . esc_attr__('Nofollow provides a way for webmasters to tell search engines:
734	don\'t follow this link. So it may influence the link target’s ranking', 'wp-meta-seo') . '"
735	- style="color:#32373C" data-hasqtip="2">chat_bubble</i></span>' . $slf . '</p>'; // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
736	}
737
738	if (!empty($settings['metaseo_index'])) {
	@@ -751,7 +751,7 @@ class WPMSEOMetabox extends WPMSEOMeta
751	<i class="material-icons alignright metaseo_help" id="deschelp"
752	data-alt="' . esc_attr__('Allow search engines robots to index this content,
753	as default your content is indexed', 'wp-meta-seo') . '"
754	- style="color:#32373C" data-hasqtip="2">chat_bubble</i></span>' . $sli . '</p>'; // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same function)
755	}
756	}
757	?>


50	*/
51	public function savePostData($post_id)
52	{
53	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- Nonce used in next lines
54	if (isset($_POST['metaseo_wpmseo_title'])) {
55	if (empty($_POST['_wpnonce'])
56	\|\| !wp_verify_nonce($_POST['_wpnonce'], 'update-post_' . $post_id)) {

437	$this->doTab('general', $content);
438	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
439	if ($check_connected) {
440	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::gscKeywords
441	echo apply_filters('wpmsaddon_google_search_keywords', '', $post->post_content, $service);
442	}
443	}

659	*/
660	private function getMetaboxPost()
661	{
662	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
663	if (isset($_GET['post'])) {
664	$post_id = (int) $_GET['post'];
665	$post = get_post($post_id);

708	<?php endif; ?>
709	<table class="form-table">
710	<?php
711	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method doMetaBox
712	echo $content;
713	?>
714	</table>
715	<?php
716	if ($id === 'general') {
717	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method pageAnalysis
718	echo $this->pageAnalysis($post);
719	$settings = get_option('_metaseo_settings');
720	if (!empty($settings['metaseo_follow'])) {

732	<i class="material-icons alignright metaseo_help" id="deschelp"
733	data-alt="' . esc_attr__('Nofollow provides a way for webmasters to tell search engines:
734	don\'t follow this link. So it may influence the link target’s ranking', 'wp-meta-seo') . '"
735	+ style="color:#32373C" data-hasqtip="2">chat_bubble</i></span>' . $slf . '</p>'; // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
736	}
737
738	if (!empty($settings['metaseo_index'])) {

751	<i class="material-icons alignright metaseo_help" id="deschelp"
752	data-alt="' . esc_attr__('Allow search engines robots to index this content,
753	as default your content is indexed', 'wp-meta-seo') . '"
754	+ style="color:#32373C" data-hasqtip="2">chat_bubble</i></span>' . $sli . '</p>'; // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same function)
755	}
756	}
757	?>

inc/class.metaseo-sitemap.php CHANGED Viewed

	@@ -478,7 +478,7 @@ class MetaSeoSitemap
478	{
479	$lang = $this->settings_sitemap['wpms_sitemap_include_lang'];
480	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang, 'multiple');
481	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
482	echo $sl_lang;
483	}
484
	@@ -1665,7 +1665,7 @@ ORDER BY p.post_date DESC', array('publish', $post_type, $taxo, $cat->slug)));
1665	$check_menu[] = 'sitemap_menus_' . $term->term_id;
1666	echo '<div id="' . esc_attr('sitemap_menus_' . $term->term_id) . '" class="wpms_sitemap_menus">';
1667	$viewmenu = $this->viewMenusFrontend($term, $ids_menu);
1668	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method viewMenusFrontend
1669	echo $viewmenu;
1670
1671	echo '</div>';


478	{
479	$lang = $this->settings_sitemap['wpms_sitemap_include_lang'];
480	$sl_lang = apply_filters('wpms_get_languagesList', '', $lang, 'multiple');
481	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoAddonAdmin::listLanguageSelect
482	echo $sl_lang;
483	}
484

1665	$check_menu[] = 'sitemap_menus_' . $term->term_id;
1666	echo '<div id="' . esc_attr('sitemap_menus_' . $term->term_id) . '" class="wpms_sitemap_menus">';
1667	$viewmenu = $this->viewMenusFrontend($term, $ids_menu);
1668	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method viewMenusFrontend
1669	echo $viewmenu;
1670
1671	echo '</div>';

inc/google_analytics/tracking/code-classic.php CHANGED Viewed

	@@ -11,7 +11,7 @@
11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$profile = WpmsGaTools::getSelectedProfile($google_alanytics['profile_list'], $google_alanytics['tableid_jail']);
14	- // phpcs:disable Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore -- Render google analytics script structure on frontend
15	?>
16	<script type="text/javascript">
17	var _gaq = _gaq \|\| [];


11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$profile = WpmsGaTools::getSelectedProfile($google_alanytics['profile_list'], $google_alanytics['tableid_jail']);
14	+ // phpcs:disable Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Generic.WhiteSpace.ScopeIndent.IncorrectExact, Generic.WhiteSpace.ScopeIndent.Incorrect, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore -- Render google analytics script structure on frontend
15	?>
16	<script type="text/javascript">
17	var _gaq = _gaq \|\| [];

inc/google_analytics/tracking/code-universal.php CHANGED Viewed

	@@ -11,7 +11,7 @@
11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$profile = WpmsGaTools::getSelectedProfile($google_alanytics['profile_list'], $google_alanytics['tableid_jail']);
14	- // phpcs:disable WordPress.~~XSS~~.EscapeOutput.OutputNotEscaped, Squiz.ControlStructures.ForEachLoopDeclaration.SpaceAfterOpen, Squiz.ControlStructures.ForEachLoopDeclaration.SpaceBeforeClose, PSR2.ControlStructures.ControlStructureSpacing.SpaceBeforeCloseBrace, PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOpenBrace, Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore, Generic.WhiteSpace.ScopeIndent.IncorrectExact -- Render google analytics script structure on frontend
15	?>
16	<script>
17	(function (i, s, o, g, r, a, m) {


11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$profile = WpmsGaTools::getSelectedProfile($google_alanytics['profile_list'], $google_alanytics['tableid_jail']);
14	+ // phpcs:disable Generic.WhiteSpace.ScopeIndent.Incorrect, WordPress.Security.EscapeOutput.OutputNotEscaped, Squiz.ControlStructures.ForEachLoopDeclaration.SpaceAfterOpen, Squiz.ControlStructures.ForEachLoopDeclaration.SpaceBeforeClose, PSR2.ControlStructures.ControlStructureSpacing.SpaceBeforeCloseBrace, PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOpenBrace, Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore, Generic.WhiteSpace.ScopeIndent.IncorrectExact -- Render google analytics script structure on frontend
15	?>
16	<script>
17	(function (i, s, o, g, r, a, m) {

inc/google_analytics/tracking/events-universal.php CHANGED Viewed

	@@ -11,7 +11,7 @@
11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$domaindata = WpmsGaTools::getRootDomain(esc_html(get_option('siteurl')));
14	- // phpcs:disable WordPress.~~XSS~~.EscapeOutput.OutputNotEscaped, Squiz.ControlStructures.ControlSignature.SpaceAfterCloseParenthesis, PSR2.Methods.FunctionCallSignature.SpaceBeforeOpenBracket, Squiz.WhiteSpace.ScopeClosingBrace.Indent, Squiz.WhiteSpace.ControlStructureSpacing.SpacingAfterOpen, PSR2.ControlStructures.ControlStructureSpacing.SpaceBeforeCloseBrace, PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOpenBrace, Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore, Generic.WhiteSpace.ScopeIndent.IncorrectExact -- Render google analytics script structure on frontend
15	?>
16	<script type="text/javascript">
17	(function ($) {


11	/* Prohibit direct script loading */
12	defined('ABSPATH') \|\| die('No direct script access allowed!');
13	$domaindata = WpmsGaTools::getRootDomain(esc_html(get_option('siteurl')));
14	+ // phpcs:disable Generic.WhiteSpace.ScopeIndent.Incorrect, WordPress.Security.EscapeOutput.OutputNotEscaped, Squiz.ControlStructures.ControlSignature.SpaceAfterCloseParenthesis, PSR2.Methods.FunctionCallSignature.SpaceBeforeOpenBracket, Squiz.WhiteSpace.ScopeClosingBrace.Indent, Squiz.WhiteSpace.ControlStructureSpacing.SpacingAfterOpen, PSR2.ControlStructures.ControlStructureSpacing.SpaceBeforeCloseBrace, PSR2.ControlStructures.ControlStructureSpacing.SpacingAfterOpenBrace, Squiz.ControlStructures.ControlSignature.NewlineAfterOpenBrace, Squiz.WhiteSpace.ScopeClosingBrace.ContentBefore, Generic.WhiteSpace.ScopeIndent.IncorrectExact -- Render google analytics script structure on frontend
15	?>
16	<script type="text/javascript">
17	(function ($) {

inc/pages/content-meta.php CHANGED Viewed

	@@ -7,7 +7,7 @@ $metaseo_list_table = new MetaSeoContentListTable();
7	$metaseo_list_table->processAction();
8	$metaseo_list_table->prepare_items();
9
10	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
11	if (!empty($_REQUEST['_wp_http_referer'])) {
12	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
13	exit;


7	$metaseo_list_table->processAction();
8	$metaseo_list_table->prepare_items();
9
10	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
11	if (!empty($_REQUEST['_wp_http_referer'])) {
12	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
13	exit;

inc/pages/dashboard.php CHANGED Viewed

	@@ -117,9 +117,6 @@ $plugin_imgRecycle_file = 'imagerecycle-pdf-image-compression/wp-image-recycle.p
117	if (!class_exists('MetaSeoAddonAdmin')) {
118	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/class.metaseo-addon-admin.php';
119	}
120	- $metaseo_addon = new MetaSeoAddonAdmin();
121	- $duplicateTitle = $metaseo_addon->getDuplicateMetatitle();
122	- $duplicateDesc = $metaseo_addon->getDuplicateMetadesc();
123	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metatitle_widgets.php';
124	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metadesc_widgets.php';
125	}


117	if (!class_exists('MetaSeoAddonAdmin')) {
118	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/class.metaseo-addon-admin.php';
119	}



120	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metatitle_widgets.php';
121	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metadesc_widgets.php';
122	}

inc/pages/dashboard_widgets.php CHANGED Viewed

	@@ -100,9 +100,6 @@
100	if (!class_exists('MetaSeoAddonAdmin')) {
101	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/class.metaseo-addon-admin.php';
102	}
103	- $metaseo_addon = new MetaSeoAddonAdmin();
104	- $duplicateTitle = $metaseo_addon->getDuplicateMetatitle();
105	- $duplicateDesc = $metaseo_addon->getDuplicateMetadesc();
106	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metatitle_widgets.php';
107	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metadesc_widgets.php';
108	}


100	if (!class_exists('MetaSeoAddonAdmin')) {
101	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/class.metaseo-addon-admin.php';
102	}



103	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metatitle_widgets.php';
104	require_once WPMETASEO_ADDON_PLUGIN_DIR . '/inc/page/dashboard/duplicate_metadesc_widgets.php';
105	}

inc/pages/google-analytics/menu.php CHANGED Viewed

	@@ -8,7 +8,7 @@ if (!empty($this->google_alanytics)) :
8	<?php esc_html_e('Google Analytics Report', 'wp-meta-seo') ?>
9	</a>
10	<?php
11	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
12	if (empty($_GET['view'])) {
13	echo '<div class="indicator" style="bottom: 0; left: 0;width:100%"></div>';
14	}
	@@ -20,7 +20,7 @@ if (!empty($this->google_alanytics)) :
20	<?php esc_html_e('Tracking code', 'wp-meta-seo') ?>
21	</a>
22	<?php
23	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
24	if (isset($_GET['view']) && $_GET['view'] === 'wpmsga_trackcode') {
25	echo '<div class="indicator" style="bottom: 0; left: 0;width:100%"></div>';
26	}


8	<?php esc_html_e('Google Analytics Report', 'wp-meta-seo') ?>
9	</a>
10	<?php
11	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
12	if (empty($_GET['view'])) {
13	echo '<div class="indicator" style="bottom: 0; left: 0;width:100%"></div>';
14	}

20	<?php esc_html_e('Tracking code', 'wp-meta-seo') ?>
21	</a>
22	<?php
23	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
24	if (isset($_GET['view']) && $_GET['view'] === 'wpmsga_trackcode') {
25	echo '<div class="indicator" style="bottom: 0; left: 0;width:100%"></div>';
26	}

inc/pages/image-meta.php CHANGED Viewed

	@@ -10,7 +10,7 @@ $metaseo_list_table = new MetaSeoImageListTable();
10	$metaseo_list_table->processAction();
11	$metaseo_list_table->prepare_items();
12
13	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
14	if (!empty($_REQUEST['_wp_http_referer'])) {
15	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
16	exit;


10	$metaseo_list_table->processAction();
11	$metaseo_list_table->prepare_items();
12
13	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
14	if (!empty($_REQUEST['_wp_http_referer'])) {
15	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
16	exit;

inc/pages/link-meta.php CHANGED Viewed

	@@ -7,7 +7,7 @@ $metaseo_list_table = new MetaSeoLinkListTable();
7	$metaseo_list_table->processAction();
8	$metaseo_list_table->prepare_items();
9
10	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
11	if (!empty($_REQUEST['_wp_http_referer'])) {
12	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
13	exit;


7	$metaseo_list_table->processAction();
8	$metaseo_list_table->prepare_items();
9
10	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
11	if (!empty($_REQUEST['_wp_http_referer'])) {
12	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
13	exit;

inc/pages/metaseo-broken-link.php CHANGED Viewed

	@@ -14,7 +14,7 @@ $metaseo_list_table->processAction();
14	$metaseo_list_table->prepare_items();
15	$a = json_encode($metaseo_list_table->items);
16
17	- // phpcs:ignore WordPress.~~CSRF~~.NonceVerification.NoNonceVerification -- No action, nonce is not required
18	if (!empty($_REQUEST['_wp_http_referer'])) {
19	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
20	exit;


14	$metaseo_list_table->prepare_items();
15	$a = json_encode($metaseo_list_table->items);
16
17	+ // phpcs:ignore WordPress.Security.NonceVerification.NoNonceVerification -- No action, nonce is not required
18	if (!empty($_REQUEST['_wp_http_referer'])) {
19	wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
20	exit;

inc/pages/metaseo-image-compression.php CHANGED Viewed

	@@ -53,7 +53,7 @@ if (isset($_GET['action'])) {
53	));
54
55	if (is_wp_error($api)) {
56	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Variable is object\|array\|WP_Error
57	wp_die($api);
58	}
59
	@@ -101,7 +101,7 @@ if (isset($_GET['action'])) {
101	);
102	exit;
103	} else {
104	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Variable is WP_Error\|null
105	wp_die($result);
106	}
107	}
	@@ -181,7 +181,7 @@ if (!file_exists(WP_PLUGIN_DIR . '/imagerecycle-pdf-image-compression')) {
181	<br/>In order to start the optimization process, please install the WordPress plugin. Enjoy!</p>
182	<p></p>
183	<p>
184	- <?php echo $button; // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same file) ?>
185	</p>
186	</div>
187	</div>
	@@ -210,7 +210,7 @@ if (!file_exists(WP_PLUGIN_DIR . '/imagerecycle-pdf-image-compression')) {
210	Enjoy!</p>
211	<p></p>
212	<p>
213	- <?php echo $button; // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in previous line (same file) ?>
214	</p>
215	</div>
216	</div>


53	));
54
55	if (is_wp_error($api)) {
56	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Variable is object\|array\|WP_Error
57	wp_die($api);
58	}
59

101	);
102	exit;
103	} else {
104	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Variable is WP_Error\|null
105	wp_die($result);
106	}
107	}

181	<br/>In order to start the optimization process, please install the WordPress plugin. Enjoy!</p>
182	<p></p>
183	<p>
184	+ <?php echo $button; // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same file) ?>
185	</p>
186	</div>
187	</div>

210	Enjoy!</p>
211	<p></p>
212	<p>
213	+ <?php echo $button; // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in previous line (same file) ?>
214	</p>
215	</div>
216	</div>

inc/pages/settings.php CHANGED Viewed

	@@ -101,7 +101,7 @@ wp_enqueue_script('jquery-qtip');
101	</table>
102	<?php
103	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
104	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/link_settings.php' file
105	echo $link_settings_html;
106	}
107	?>
	@@ -251,9 +251,9 @@ wp_enqueue_script('jquery-qtip');
251
252	<?php
253	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
254	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/email_settings.php' file
255	echo $html_tabemail;
256	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/local_business.php' file
257	echo $local_business_html;
258	}
259	?>


101	</table>
102	<?php
103	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
104	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/link_settings.php' file
105	echo $link_settings_html;
106	}
107	?>

251
252	<?php
253	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
254	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/email_settings.php' file
255	echo $html_tabemail;
256	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/local_business.php' file
257	echo $local_business_html;
258	}
259	?>

inc/pages/sitemaps/metaseo-google-sitemap.php CHANGED Viewed

	@@ -19,7 +19,7 @@
19	require(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/sitemaps/posts_custom.php');
20	$html = ob_get_contents();
21	ob_end_clean();
22	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/sitemaps/posts_custom.php' file
23	echo $html;
24	}
25	}
	@@ -28,7 +28,7 @@
28	require(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/sitemaps/custom_url.php');
29	$html = ob_get_contents();
30	ob_end_clean();
31	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/sitemaps/custom_url.php' file
32	echo $html;
33	}
34	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {


19	require(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/sitemaps/posts_custom.php');
20	$html = ob_get_contents();
21	ob_end_clean();
22	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/sitemaps/posts_custom.php' file
23	echo $html;
24	}
25	}

28	require(WPMETASEO_ADDON_PLUGIN_DIR . 'inc/page/sitemaps/custom_url.php');
29	$html = ob_get_contents();
30	ob_end_clean();
31	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in 'wp-meta-seo-addon/inc/page/sitemaps/custom_url.php' file
32	echo $html;
33	}
34	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {

inc/pages/sitemaps/metaseo-source_menu.php CHANGED Viewed

	@@ -32,7 +32,7 @@
32	}
33	echo '<div class="wrap_sitemap_option">';
34	echo '<input name="_metaseo_settings_sitemap[wpms_check_firstsave]" type="hidden" value="1">';
35	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewMenus
36	echo $viewmenu;
37	echo '</div>';
38	}


32	}
33	echo '<div class="wrap_sitemap_option">';
34	echo '<input name="_metaseo_settings_sitemap[wpms_check_firstsave]" type="hidden" value="1">';
35	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewMenus
36	echo $viewmenu;
37	echo '</div>';
38	}

inc/pages/sitemaps/metaseo-source_pages.php CHANGED Viewed

	@@ -109,7 +109,7 @@
109	}
110
111	echo '</div>';
112	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewPriority and MetaSeoSitemap::viewFrequency
113	echo '<div style="margin-left:200px">' . $slpr . $slfr . '</div>';
114	echo '</div>';
115	}


109	}
110
111	echo '</div>';
112	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewPriority and MetaSeoSitemap::viewFrequency
113	echo '<div style="margin-left:200px">' . $slpr . $slfr . '</div>';
114	echo '</div>';
115	}

inc/pages/sitemaps/metaseo-source_posts.php CHANGED Viewed

	@@ -150,7 +150,7 @@
150	}
151
152	echo '</div>';
153	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewPriority and MetaSeoSitemap::viewFrequency
154	echo '<div style="margin-left:200px">' . $slpr . $slfr . '</div>';
155	echo '</div>';
156	}


150	}
151
152	echo '</div>';
153	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in the method MetaSeoSitemap::viewPriority and MetaSeoSitemap::viewFrequency
154	echo '<div style="margin-left:200px">' . $slpr . $slfr . '</div>';
155	echo '</div>';
156	}

js/dashboard.js CHANGED Viewed

@@ -117,13 +117,60 @@ jQuery(document).ready(function ($) {
                                 wpms_dash_widgets++;
                                 if(wpms_dash_widgets === 5){
-            -
                                    wpms_dash_widgets_metadesc();
+                                }
+                            }
+                        }
                     });
+                }
                 function wpms_dash_widgets_metadesc(){
                     $.ajax({
                         url: ajaxurl,


117
118	wpms_dash_widgets++;
119	if(wpms_dash_widgets === 5){
120	+ if (parseInt(wpms_localize.addon_active) === 0) {
121	+ wpms_dash_widgets_metadesc();
122	+ } else {
123	+ wpms_dash_widgets_duplicate_title();
124	+ }
125	}
126	}
127	}
128	});
129	}
130
131	+ function wpms_dash_widgets_duplicate_title(){
132	+ $.ajax({
133	+ url: ajaxurl,
134	+ method: 'POST',
135	+ dataType: 'json',
136	+ data: {
137	+ action: 'dash_duplicate_title',
138	+ wpms_nonce: wpms_localize.wpms_nonce
139	+ },
140	+ success: function (res) {
141	+ $('.wpms_dash_duplicate_metatitle .percent_1').html(res.percent +'%');
142	+ $('.wpms_dash_duplicate_metatitle .percent_2 span.percent').html(res.count_post_duplicate + '/' + res.total_items);
143	+ $('.wpms_dash_duplicate_metatitle .percent_3').css('width',res.percent + '%');
144	+
145	+ wpms_dash_widgets++;
146	+ if(wpms_dash_widgets === 6){
147	+ wpms_dash_widgets_duplicate_desc();
148	+ }
149	+ }
150	+ });
151	+ }
152	+
153	+ function wpms_dash_widgets_duplicate_desc(){
154	+ $.ajax({
155	+ url: ajaxurl,
156	+ method: 'POST',
157	+ dataType: 'json',
158	+ data: {
159	+ action: 'dash_duplicate_desc',
160	+ wpms_nonce: wpms_localize.wpms_nonce
161	+ },
162	+ success: function (res) {
163	+ $('.wpms_dash_duplicate_metadesc .percent_1').html(res.percent +'%');
164	+ $('.wpms_dash_duplicate_metadesc .percent_2 span.percent').html(res.count_post_duplicate + '/' + res.total_items);
165	+ $('.wpms_dash_duplicate_metadesc .percent_3').css('width',res.percent + '%');
166	+ wpms_dash_widgets++;
167	+ if(wpms_dash_widgets === 7){
168	+ wpms_dash_widgets_metadesc();
169	+ }
170	+ }
171	+ });
172	+ }
173	+
174	function wpms_dash_widgets_metadesc(){
175	$.ajax({
176	url: ajaxurl,

js/dashboard_widgets.js CHANGED Viewed

@@ -117,13 +117,60 @@ jQuery(document).ready(function ($) {
                                 wpms_dash_widgets++;
                                 if(wpms_dash_widgets === 5){
-            -
                                    wpms_dash_widgets_metadesc();
+                                }
+                            }
+                        }
                     });
+                }
                 function wpms_dash_widgets_metadesc(){
                     $.ajax({
                         url: ajaxurl,


117
118	wpms_dash_widgets++;
119	if(wpms_dash_widgets === 5){
120	+ if (parseInt(wpms_localize.addon_active) === 0) {
121	+ wpms_dash_widgets_metadesc();
122	+ } else {
123	+ wpms_dash_widgets_duplicate_title();
124	+ }
125	}
126	}
127	}
128	});
129	}
130
131	+ function wpms_dash_widgets_duplicate_title(){
132	+ $.ajax({
133	+ url: ajaxurl,
134	+ method: 'POST',
135	+ dataType: 'json',
136	+ data: {
137	+ action: 'dash_duplicate_title',
138	+ wpms_nonce: wpms_localize.wpms_nonce
139	+ },
140	+ success: function (res) {
141	+ $('.wpms_dash_duplicate_metatitle .percent_1').html(res.percent +'%');
142	+ $('.wpms_dash_duplicate_metatitle .percent_2 span.percent').html(res.count_post_duplicate + '/' + res.total_items);
143	+ $('.wpms_dash_duplicate_metatitle .percent_3').css('width',res.percent + '%');
144	+
145	+ wpms_dash_widgets++;
146	+ if(wpms_dash_widgets === 6){
147	+ wpms_dash_widgets_duplicate_desc();
148	+ }
149	+ }
150	+ });
151	+ }
152	+
153	+ function wpms_dash_widgets_duplicate_desc(){
154	+ $.ajax({
155	+ url: ajaxurl,
156	+ method: 'POST',
157	+ dataType: 'json',
158	+ data: {
159	+ action: 'dash_duplicate_desc',
160	+ wpms_nonce: wpms_localize.wpms_nonce
161	+ },
162	+ success: function (res) {
163	+ $('.wpms_dash_duplicate_metadesc .percent_1').html(res.percent +'%');
164	+ $('.wpms_dash_duplicate_metadesc .percent_2 span.percent').html(res.count_post_duplicate + '/' + res.total_items);
165	+ $('.wpms_dash_duplicate_metadesc .percent_3').css('width',res.percent + '%');
166	+ wpms_dash_widgets++;
167	+ if(wpms_dash_widgets === 7){
168	+ wpms_dash_widgets_metadesc();
169	+ }
170	+ }
171	+ });
172	+ }
173	+
174	function wpms_dash_widgets_metadesc(){
175	$.ajax({
176	url: ajaxurl,

js/wpms-broken-link.js CHANGED Viewed

	@@ -242,8 +242,8 @@ jQuery(document).ready(function ($) {
242	if (res.status) {
243	$this.closest('td').find('.wpms-inline-editor-content').hide();
244	//if(res.type != '404_automaticaly'){
245	- $this.closest('td').find('.link_html').html(new_link).attr('href', new_link);
246	- $this.closest('td').find('.link_html_redirect').html(link_redirect).attr('href', link_redirect);
247	$this.closest('tr').find('.col_status').html(res.status_text);
248
249	var status = res.status_text;


242	if (res.status) {
243	$this.closest('td').find('.wpms-inline-editor-content').hide();
244	//if(res.type != '404_automaticaly'){
245	+ $this.closest('td').find('.link_html').html(new_link).attr('href', wpms_localize.home_url + '/' + new_link);
246	+ $this.closest('td').find('.link_html_redirect').html(link_redirect).attr('href', wpms_localize.home_url + '/' + link_redirect);
247	$this.closest('tr').find('.col_status').html(res.status_text);
248
249	var status = res.status_text;

jutranslation/jutranslation.php CHANGED Viewed

	@@ -673,7 +673,7 @@ class Jutranslation
673	echo '<input type="hidden" name="extension" value="' . esc_attr($addons[$plugin]->extension_slug) . '" />';
674	echo '<input type="hidden" name="extension_language" value="' . esc_attr($language) . '" />';
675	echo '<input type="hidden" name="extension_version" value="' . esc_attr($version) . '" />';
676	- // phpcs:ignore WordPress.~~XSS~~.EscapeOutput -- Value wrong
677	echo '<textarea style="display: none" name="strings">' . htmlentities($strings) . '</textarea>';
678	echo '</form>';
679	//Add waiting image


673	echo '<input type="hidden" name="extension" value="' . esc_attr($addons[$plugin]->extension_slug) . '" />';
674	echo '<input type="hidden" name="extension_language" value="' . esc_attr($language) . '" />';
675	echo '<input type="hidden" name="extension_version" value="' . esc_attr($version) . '" />';
676	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Value wrong
677	echo '<textarea style="display: none" name="strings">' . htmlentities($strings) . '</textarea>';
678	echo '</form>';
679	//Add waiting image

languages/wp-meta-seo-en_US.mo CHANGED Viewed

Binary file

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: JoomUnited
3	Tags: google, webmaster tools, keywords, meta, meta description, meta keywords, meta title, robots meta, search engine optimization, seo, wordpress seo, yahoo, image optimization, image resize, custom post seo, redirect, redirection, 301, broken link
4	Requires at least: 4.0
5	- Tested up to: 4.9.7
6	- Stable tag: 3.7.4
7	Requires PHP: 5.3
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
	@@ -277,6 +277,11 @@ Yes WP Meta SEO is compatible with Gutenberg editor since 3.7 version.
277
278	== Changelog ==
279





280	= 3.7.4 =
281	* Fix : Update alt meta for Elementor image in content
282	* Fix : Redirect URL


2	Contributors: JoomUnited
3	Tags: google, webmaster tools, keywords, meta, meta description, meta keywords, meta title, robots meta, search engine optimization, seo, wordpress seo, yahoo, image optimization, image resize, custom post seo, redirect, redirection, 301, broken link
4	Requires at least: 4.0
5	+ Tested up to: 4.9.8
6	+ Stable tag: 3.7.5
7	Requires PHP: 5.3
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html

277
278	== Changelog ==
279
280	+ = 3.7.5 =
281	+ * Fix : Warning returned on frontend
282	+ * Fix : Load Dashboard widget content using ajax method (large amount of data)
283	+ * Fix : ¨PHP warning in redirect URL interface
284	+
285	= 3.7.4 =
286	* Fix : Update alt meta for Elementor image in content
287	* Fix : Redirect URL

wp-meta-seo.php CHANGED Viewed

@@ -4,7 +4,7 @@
              * Plugin Name: WP Meta SEO
              * Plugin URI: http://www.joomunited.com/wordpress-products/wp-meta-seo
              * Description: WP Meta SEO is a plugin for WordPress to fill meta for content, images and main SEO info in a single view.
-            -
             * Version: 3.7.4
              * Text Domain: wp-meta-seo
              * Domain Path: /languages
              * Author: JoomUnited
@@ -90,7 +90,7 @@ if (!defined('WPMSEO_VERSION')) {
                 /**
                  * Plugin version
                  */
-            -
                define('WPMSEO_VERSION', '3.7.4');
+            }
             if (!defined('WPMS_CLIENTID')) {
@@ -391,7 +391,7 @@ if (is_admin()) {
                     );
                     foreach ($patterns as $k => $pattern) {
-            -
                        // phpcs:ignore WordPress.XSS.EscapeOutput -- Content escaped in some method in class MetaSeoOpenGraph
                         echo $pattern[1];
+                    }
+                }
@@ -416,7 +416,7 @@ if (is_admin()) {
                     do_action('wpmsseo_head');
                     if (!empty($old_wp_query)) {
-            -
                        // phpcs:ignore WordPress.Variables.GlobalVariables.OverrideProhibited -- This combines all the output on the frontend
                         $GLOBALS['wp_query'] = $old_wp_query;
                         unset($old_wp_query);
+                    }
@@ -636,176 +636,164 @@ add_action('template_redirect', 'wpmsTemplateRedirect');
             function wpmsTemplateRedirect()
+            {
                 global $wpdb;
-            -
                if (is_404()) {
-            -
                    if (isset($_SERVER['REQUEST_URI'])) {
-            -
                        $url   = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
-            -
                        if (isset($_SERVER['HTTPS']) &&
-            -
                            ($_SERVER['HTTPS'] === 'on' || (int) $_SERVER['HTTPS'] === 1) ||
-            -
                            isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
-            -
                            $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
-            -
                            $protocol = 'https://';
-            -
                        } else {
-            -
                            $protocol = 'http://';
-            -
                        }
-            -
                        $esc_url = str_replace(array('http://', 'https://'), $protocol, esc_url($url));
-            -
                        $check = $wpdb->get_results($wpdb->prepare(
-            -
                            'SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE (link_url=%s OR link_url=%s OR link_url=%s)',
-            -
                            array(
-            -
                                $url,
-            -
                                $esc_url,
-            -
                                $_SERVER['REQUEST_URI']
-            -
                            )
-            -
                        ));
-            -
-            -
                        if (count($check) === 0) {
-            -
                            // insert url
-            -
                            $insert = array(
-            -
                                'link_url'        => ($url),
-            -
                                'status_code'     => '404 Not Found',
-            -
                                'status_text'     => '404 Not Found',
-            -
                                'type'            => '404_automaticaly',
-            -
                                'broken_indexed'  => 1,
-            -
                                'broken_internal' => 0,
-            -
                                'warning'         => 0,
-            -
                                'dismissed'       => 0
-            -
                            );
-            -
-            -
                            $wpdb->insert($wpdb->prefix . 'wpms_links', $insert);
-            -
                        } else {
-            -
                            // update url
-            -
                            $links_broken = $wpdb->get_row($wpdb->prepare(
-            -
                                'SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE (link_url=%s OR link_url=%s OR link_url=%s) ',
-            -
                                array(
-            -
                                    $url,
-            -
                                    $esc_url,
-            -
                                    $_SERVER['REQUEST_URI']
-            -
                                )
-            -
                            ));
-            -
-            -
                            if (!empty($links_broken)) {
-            -
                                $value = array('hit' => (int) $links_broken->hit + 1);
-            -
                                $wpdb->update(
-            -
                                    $wpdb->prefix . 'wpms_links',
-            -
                                    $value,
-            -
                                    array('id' => $links_broken->id),
-            -
                                    array('%d'),
-            -
                                    array('%d')
-            -
                                );
-            -
-            -
                                if (($url === $links_broken->link_url || esc_url($url) === $links_broken->link_url)
-            -
                                    && $links_broken->link_url_redirect !== '') {
-            -
                                    if ($links_broken->type === 'add_custom') {
-            -
                                        $status_redirect = $links_broken->meta_title;
-            -
                                    } else {
-            -
                                        $status_redirect = 302;
-            -
                                    }
-            -
                                    if (empty($status_redirect)) {
-            -
                                        $status_redirect = 302;
-            -
                                    }
-            -
                                    wp_redirect($links_broken->link_url_redirect, $status_redirect);
-            -
                                    exit();
-            -
                                }
-            -
                            }
-            -
                        }
-            -
                    }
-            -
-            -
                    $defaul_settings_404 = array(
-            -
                        'wpms_redirect_homepage' => 0,
-            -
                        'wpms_type_404'          => 'none',
-            -
                        'wpms_page_redirected'   => 'none'
-            -
                    );
-            -
                    $wpms_settings_404   = get_option('wpms_settings_404');
-            -
-            -
                    if (is_array($wpms_settings_404)) {
-            -
                        $defaul_settings_404 = array_merge($defaul_settings_404, $wpms_settings_404);
-            -
                    }
-            -
-            -
                    // redirect url by settings
-            -
                    if (isset($defaul_settings_404['wpms_redirect_homepage'])
-            -
                        && (int) $defaul_settings_404['wpms_redirect_homepage'] === 1) {
-            -
                        wp_redirect(get_home_url());
-            -
                        exit();
-            -
                    } else {
-            -
                        if (isset($defaul_settings_404['wpms_type_404'])) {
-            -
                            switch ($defaul_settings_404['wpms_type_404']) {
-            -
                                case 'wp-meta-seo-page':
-            -
                                    global $wpdb;
-            -
                                    $wpms_page = $wpdb->get_row($wpdb->prepare(
-            -
                                        'SELECT * FROM ' . $wpdb->prefix . 'posts WHERE post_title = %s AND post_excerpt = %s',
-            -
                                        array(
-            -
                                            '404 Error, content does not exist anymore',
-            -
                                            'metaseo_404_page'
-            -
                                        )
-            -
                                    ));
-            -
                                    if (!empty($wpms_page)) {
-            -
                                        $link_redirect = get_permalink($wpms_page->ID);
-            -
                                        if ($link_redirect) {
-            -
                                            wp_redirect($link_redirect);
-            -
                                            exit();
-            -
                                        }
-            -
                                    }
-            -
                                    break;
-            -
-            -
                                case 'custom_page':
-            -
                                    if (isset($defaul_settings_404['wpms_page_redirected'])
-            -
                                        && $defaul_settings_404['wpms_page_redirected'] !== 'none') {
-            -
                                        $link_redirect = get_permalink($defaul_settings_404['wpms_page_redirected']);
-            -
                                        if ($link_redirect) {
-            -
                                            wp_redirect($link_redirect);
-            -
                                            exit();
-            -
                                        }
-            -
                                    }
-            -
                                    break;
-            -
                            }
-            -
                        }
-            -
                    }
-            -
                }
-            -
                 // redirect by rule
                 if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
-            -
                    $url = $_SERVER['REQUEST_URI'];
-            -
                    $params = explode('/', $url);
-            -
                    $rule_url = '';
-            -
                    if (isset($params[2])) {
-            -
                        $rule_url = '/' . $params[2] . '/';
+                    }
                     if (!is_home() && !is_front_page()) {
-            -
                        $matches         = false;
-            -
                        $all_links       = $wpdb->get_results($wpdb->prepare('SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE link_url != %s AND link_url != "" AND (link_url LIKE %s || link_url LIKE %s)', array(
-            -
                            '/',
-            -
                            '%' . $url . '%',
-            -
                            '%' . $rule_url . '%'
                         )));
                         $target          = '';
                         $status_redirect = 302;
-            -
                        foreach ($all_links as $link) {
-            -
                            $link->link_url = str_replace('/*', '/(.*)', $link->link_url);
-            -
                            if ((preg_match('@' . str_replace('@', '\\@', $link->link_url) . '@', $url, $matches) > 0) || (preg_match('@' . str_replace('@', '\\@', $link->link_url) . '@', urldecode($url), $matches) > 0)) {    // Check if our match wants this URL
                                 $target = $link->link_url_redirect;
                                 if ($link->type === 'add_custom') {
                                     $status_redirect = $link->meta_title;
+                                }
-            -
                                break;
-            -
                            }
-            -
                            if (home_url($url) === $link->link_url || home_url($url) === home_url($link->link_url)) {
-            -
                                $target = $link->link_url_redirect;
-            -
-            -
                                if ($link->type === 'add_custom') {
-            -
                                    $status_redirect = $link->meta_title;
-            -
                                    wp_redirect($target, $status_redirect);
-            -
                                    exit();
-            -
                                }
                                 break;
+                            }
+                        }
-            -
                        if (!empty($target)) {
                             if (empty($status_redirect)) {
                                 $status_redirect = 302;
+                            }
                             wp_redirect($target, $status_redirect);
                             exit();
+                        }
+                    }
+                }


4	* Plugin Name: WP Meta SEO
5	* Plugin URI: http://www.joomunited.com/wordpress-products/wp-meta-seo
6	* Description: WP Meta SEO is a plugin for WordPress to fill meta for content, images and main SEO info in a single view.
7	+ * Version: 3.7.5
8	* Text Domain: wp-meta-seo
9	* Domain Path: /languages
10	* Author: JoomUnited

90	/**
91	* Plugin version
92	*/
93	+ define('WPMSEO_VERSION', '3.7.5');
94	}
95
96	if (!defined('WPMS_CLIENTID')) {

391	);
392
393	foreach ($patterns as $k => $pattern) {
394	+ // phpcs:ignore WordPress.Security.EscapeOutput -- Content escaped in some method in class MetaSeoOpenGraph
395	echo $pattern[1];
396	}
397	}

416	do_action('wpmsseo_head');
417
418	if (!empty($old_wp_query)) {
419	+ // phpcs:ignore WordPress.WP.GlobalVariablesOverride.OverrideProhibited -- This combines all the output on the frontend
420	$GLOBALS['wp_query'] = $old_wp_query;
421	unset($old_wp_query);
422	}

636	function wpmsTemplateRedirect()
637	{
638	global $wpdb;





























































































































639	// redirect by rule
640	if (is_plugin_active(WPMSEO_ADDON_FILENAME)) {
641	+ $url = '';
642	+ if (isset($_SERVER['REQUEST_URI'])) {
643	+ $url = $_SERVER['REQUEST_URI'];


644	}
645	+
646	if (!is_home() && !is_front_page()) {
647	+ $redirects = $wpdb->get_results($wpdb->prepare('SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE (link_url = %s AND link_url != "/") OR type = "add_rule" OR type = "add_custom"', array(
648	+ $url



649	)));
650	$target = '';
651	$status_redirect = 302;
652	+ foreach ($redirects as $link) {
653	+ $link->link_url = str_replace(' ', '%20', $link->link_url);
654	+ $matches = false;
655	+ // phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged -- remove warning if match the URL
656	+ if ((($link->link_url === $url \|\| $link->link_url === rtrim($url, '/') \|\| $link->link_url === urldecode($url))) \|\| (@preg_match('@' . str_replace('@', '\\@', $link->link_url) . '@', $url, $matches) > 0) \|\| (@preg_match('@' . str_replace('@', '\\@', $link->link_url) . '@', urldecode($url), $matches) > 0)) {
657	$target = $link->link_url_redirect;
658	if ($link->type === 'add_custom') {
659	$status_redirect = $link->meta_title;
660	}


661








662	break;
663	}
664	}
665
666	+ if ($target) {
667	if (empty($status_redirect)) {
668	$status_redirect = 302;
669	}
670	wp_redirect($target, $status_redirect);
671	exit();
672	+ } else {
673	+ if (is_404()) {
674	+ if (isset($_SERVER['REQUEST_URI'])) {
675	+ $url = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
676	+ if (isset($_SERVER['HTTPS']) &&
677	+ ($_SERVER['HTTPS'] === 'on' \|\| (int) $_SERVER['HTTPS'] === 1) \|\|
678	+ isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
679	+ $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
680	+ $protocol = 'https://';
681	+ } else {
682	+ $protocol = 'http://';
683	+ }
684	+ $esc_url = str_replace(array('http://', 'https://'), $protocol, esc_url($url));
685	+ $check = $wpdb->get_results($wpdb->prepare(
686	+ 'SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE (link_url=%s OR link_url=%s OR link_url=%s)',
687	+ array(
688	+ $url,
689	+ $esc_url,
690	+ $_SERVER['REQUEST_URI']
691	+ )
692	+ ));
693	+
694	+ if (count($check) === 0) {
695	+ // insert url
696	+ $insert = array(
697	+ 'link_url' => ($url),
698	+ 'status_code' => '404 Not Found',
699	+ 'status_text' => '404 Not Found',
700	+ 'type' => '404_automaticaly',
701	+ 'broken_indexed' => 1,
702	+ 'broken_internal' => 0,
703	+ 'warning' => 0,
704	+ 'dismissed' => 0
705	+ );
706	+
707	+ $wpdb->insert($wpdb->prefix . 'wpms_links', $insert);
708	+ } else {
709	+ // update url
710	+ $links_broken = $wpdb->get_row($wpdb->prepare(
711	+ 'SELECT * FROM ' . $wpdb->prefix . 'wpms_links WHERE (link_url=%s OR link_url=%s OR link_url=%s) ',
712	+ array(
713	+ $url,
714	+ $esc_url,
715	+ $_SERVER['REQUEST_URI']
716	+ )
717	+ ));
718	+
719	+ if (!empty($links_broken)) {
720	+ $value = array('hit' => (int) $links_broken->hit + 1);
721	+ $wpdb->update(
722	+ $wpdb->prefix . 'wpms_links',
723	+ $value,
724	+ array('id' => $links_broken->id),
725	+ array('%d'),
726	+ array('%d')
727	+ );
728	+
729	+ if (($url === $links_broken->link_url \|\| esc_url($url) === $links_broken->link_url)
730	+ && $links_broken->link_url_redirect !== '') {
731	+ if ($links_broken->type === 'add_custom') {
732	+ $status_redirect = $links_broken->meta_title;
733	+ } else {
734	+ $status_redirect = 302;
735	+ }
736	+ if (empty($status_redirect)) {
737	+ $status_redirect = 302;
738	+ }
739	+ wp_redirect($links_broken->link_url_redirect, $status_redirect);
740	+ exit();
741	+ }
742	+ }
743	+ }
744	+ }
745	+
746	+ $defaul_settings_404 = array(
747	+ 'wpms_redirect_homepage' => 0,
748	+ 'wpms_type_404' => 'none',
749	+ 'wpms_page_redirected' => 'none'
750	+ );
751	+ $wpms_settings_404 = get_option('wpms_settings_404');
752	+
753	+ if (is_array($wpms_settings_404)) {
754	+ $defaul_settings_404 = array_merge($defaul_settings_404, $wpms_settings_404);
755	+ }
756	+
757	+ // redirect url by settings
758	+ if (isset($defaul_settings_404['wpms_redirect_homepage'])
759	+ && (int) $defaul_settings_404['wpms_redirect_homepage'] === 1) {
760	+ wp_redirect(get_home_url());
761	+ exit();
762	+ } else {
763	+ if (isset($defaul_settings_404['wpms_type_404'])) {
764	+ switch ($defaul_settings_404['wpms_type_404']) {
765	+ case 'wp-meta-seo-page':
766	+ global $wpdb;
767	+ $wpms_page = $wpdb->get_row($wpdb->prepare(
768	+ 'SELECT * FROM ' . $wpdb->prefix . 'posts WHERE post_title = %s AND post_excerpt = %s',
769	+ array(
770	+ '404 Error, content does not exist anymore',
771	+ 'metaseo_404_page'
772	+ )
773	+ ));
774	+ if (!empty($wpms_page)) {
775	+ $link_redirect = get_permalink($wpms_page->ID);
776	+ if ($link_redirect) {
777	+ wp_redirect($link_redirect);
778	+ exit();
779	+ }
780	+ }
781	+ break;
782	+
783	+ case 'custom_page':
784	+ if (isset($defaul_settings_404['wpms_page_redirected'])
785	+ && $defaul_settings_404['wpms_page_redirected'] !== 'none') {
786	+ $link_redirect = get_permalink($defaul_settings_404['wpms_page_redirected']);
787	+ if ($link_redirect) {
788	+ wp_redirect($link_redirect);
789	+ exit();
790	+ }
791	+ }
792	+ break;
793	+ }
794	+ }
795	+ }
796	+ }
797	}
798	}
799	}