WP Notification Bars - Version 1.0.10

Version Description

  • Security improvements
Download this release

Release Info

Developer MyThemeShop
Plugin Icon 128x128 WP Notification Bars
Version 1.0.10
Comparing to
See all releases

Code changes from version 1.0.9 to 1.0.10

Files changed (4) hide show
  1. admin/class-wp-notification-bars-admin.php +1 -45
  2. includes/class-wp-notification-bars-shared.php +48 -10
  3. includes/class-wp-notification-bars.php +1 -1
  4. readme.txt +5 -2
admin/class-wp-notification-bars-admin.php CHANGED
@@ -727,56 +727,12 @@ if ( ! class_exists( 'MTSNBF_Admin' ) ) {
727
  }
728
 
729
  // Sanitize fields.
730
- $my_data = $this->sanitize_data( $_POST['mtsnb_fields'] );
731
 
732
  // Update the meta field in the database.
733
  update_post_meta( $post_id, '_mtsnb_data', $my_data );
734
  }
735
 
736
- /**
737
- * Sanitize meta fields recursively.
738
- *
739
- * @param mixed $value Original value.
740
- *
741
- * @return mixed Sanitized value.
742
- */
743
- public function sanitize_data( $data ) {
744
- if ( defined( 'MTSNBF_UNFILTERED_HTML' ) && MTSNBF_UNFILTERED_HTML ) {
745
- return $data;
746
- }
747
-
748
- $sanitized_data = array();
749
-
750
- $default_sanitize = 'sanitize_text_field';
751
- $sanitize_map = array(
752
- 'active_tab' => 'sanitize_text_field',
753
- 'button' => 'sanitize_text_field',
754
- 'content_width' => 'absint',
755
- 'css_position' => 'sanitize_text_field',
756
- 'content_type' => 'sanitize_text_field',
757
- 'basic_link_style' => 'sanitize_text_field',
758
- 'basic_text' => 'wp_kses_post',
759
- 'basic_link_url' => 'esc_url',
760
- 'custom_content' => 'wp_kses_post',
761
- 'bg_color' => 'sanitize_hex_color',
762
- 'txt_color' => 'sanitize_hex_color',
763
- 'link_color' => 'sanitize_hex_color',
764
- 'font_size' => 'absint',
765
- );
766
-
767
- foreach ( $data as $key => $value ) {
768
- if ( is_array( $value ) ) {
769
- $sanitized_data[ $key ] = $this->sanitize_data( $value );
770
- } elseif ( isset( $sanitize_map[ $key ] ) ) {
771
- $sanitized_data[ $key ] = call_user_func( $sanitize_map[ $key ], $value );
772
- } else {
773
- $sanitized_data[ $key ] = call_user_func( $default_sanitize, $value );
774
- }
775
- }
776
-
777
- return $sanitized_data;
778
- }
779
-
780
  /**
781
  * Deactivate plugin if pro is active.
782
  *
727
  }
728
 
729
  // Sanitize fields.
730
+ $my_data = MTSNBF_Shared::sanitize_data( $_POST['mtsnb_fields'] );
731
 
732
  // Update the meta field in the database.
733
  update_post_meta( $post_id, '_mtsnb_data', $my_data );
734
  }
735
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
736
  /**
737
  * Deactivate plugin if pro is active.
738
  *
includes/class-wp-notification-bars-shared.php CHANGED
@@ -193,6 +193,51 @@ if ( ! class_exists( 'MTSNBF_Shared' ) ) {
193
  }
194
  }
195
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
196
  /**
197
  * Notification bar output.
198
  *
@@ -292,14 +337,7 @@ if ( ! class_exists( 'MTSNBF_Shared' ) ) {
292
  die( '0' );
293
  }
294
 
295
- // fix slashes
296
- foreach ( $meta_values as $key => $value ) {
297
-
298
- if ( is_string( $value ) ) {
299
-
300
- $meta_values[ $key ] = stripslashes( $value );
301
- }
302
- }
303
 
304
  $this->bar_output( $id, $meta_values );
305
 
@@ -528,8 +566,8 @@ if ( ! class_exists( 'MTSNBF_Shared' ) ) {
528
 
529
  if ( isset( $_COOKIE['mtsnb_referrer'] ) ) {
530
 
531
- // Stored referrer url
532
- $referer = esc_url( $_COOKIE['mtsnb_referrer'] );
533
  }
534
  }
535
 
193
  }
194
  }
195
 
196
+ /**
197
+ * Sanitize meta fields recursively.
198
+ *
199
+ * @param mixed $value Original value.
200
+ *
201
+ * @return mixed Sanitized value.
202
+ */
203
+ public static function sanitize_data( $data ) {
204
+ if ( defined( 'MTSNBF_UNFILTERED_HTML' ) && MTSNBF_UNFILTERED_HTML ) {
205
+ return $data;
206
+ }
207
+
208
+ $sanitized_data = array();
209
+
210
+ $default_sanitize = 'sanitize_text_field';
211
+ $sanitize_map = array(
212
+ 'active_tab' => 'sanitize_text_field',
213
+ 'button' => 'sanitize_text_field',
214
+ 'content_width' => 'absint',
215
+ 'css_position' => 'sanitize_text_field',
216
+ 'content_type' => 'sanitize_text_field',
217
+ 'basic_link_style' => 'sanitize_text_field',
218
+ 'basic_text' => 'wp_kses_post',
219
+ 'basic_link_url' => 'esc_url',
220
+ 'custom_content' => 'wp_kses_post',
221
+ 'bg_color' => 'sanitize_hex_color',
222
+ 'txt_color' => 'sanitize_hex_color',
223
+ 'link_color' => 'sanitize_hex_color',
224
+ 'font_size' => 'absint',
225
+ );
226
+
227
+ $data = stripslashes_deep( $data );
228
+ foreach ( $data as $key => $value ) {
229
+ if ( is_array( $value ) ) {
230
+ $sanitized_data[ $key ] = self::sanitize_data( $value );
231
+ } elseif ( isset( $sanitize_map[ $key ] ) ) {
232
+ $sanitized_data[ $key ] = call_user_func( $sanitize_map[ $key ], $value );
233
+ } else {
234
+ $sanitized_data[ $key ] = call_user_func( $default_sanitize, $value );
235
+ }
236
+ }
237
+
238
+ return $sanitized_data;
239
+ }
240
+
241
  /**
242
  * Notification bar output.
243
  *
337
  die( '0' );
338
  }
339
 
340
+ $meta_values = self::sanitize_data( $meta_values );
 
 
 
 
 
 
 
341
 
342
  $this->bar_output( $id, $meta_values );
343
 
566
 
567
  if ( isset( $_COOKIE['mtsnb_referrer'] ) ) {
568
 
569
+ // Store referrer url.
570
+ $referer = esc_url_raw( $_COOKIE['mtsnb_referrer'] );
571
  }
572
  }
573
 
includes/class-wp-notification-bars.php CHANGED
@@ -69,7 +69,7 @@ class MTSNBF {
69
  public function __construct() {
70
 
71
  $this->plugin_name = 'wp-notification-bars';
72
- $this->version = '1.0.9';
73
 
74
  $this->load_dependencies();
75
  $this->set_locale();
69
  public function __construct() {
70
 
71
  $this->plugin_name = 'wp-notification-bars';
72
+ $this->version = '1.0.10';
73
 
74
  $this->load_dependencies();
75
  $this->set_locale();
readme.txt CHANGED
@@ -3,8 +3,8 @@ Contributors: mythemeshop
3
  Creator's website link: http://mythemeshop.com/plugins/wp-notification-bars/
4
  Tags: notification, alert, notification bar, welcome google visitor, welcome facebook visitor, attention bar, floating bar, message, notice, sticky header, offer bar, hello bar
5
  Requires at least: 3.0.1
6
- Tested up to: 5.8.2
7
- Stable tag: 1.0.9
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -74,6 +74,9 @@ Please disable all plugins and check if backup is working properly. Then you can
74
 
75
  == Changelog ==
76
 
 
 
 
77
  = 1.0.9 =
78
  * Security improvements
79
 
3
  Creator's website link: http://mythemeshop.com/plugins/wp-notification-bars/
4
  Tags: notification, alert, notification bar, welcome google visitor, welcome facebook visitor, attention bar, floating bar, message, notice, sticky header, offer bar, hello bar
5
  Requires at least: 3.0.1
6
+ Tested up to: 5.8.3
7
+ Stable tag: 1.0.10
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
74
 
75
  == Changelog ==
76
 
77
+ = 1.0.10 =
78
+ * Security improvements
79
+
80
  = 1.0.9 =
81
  * Security improvements
82