WP Product Review Lite - Version 3.7.8

Version Description

2020-05-22

Release Info

Developer	codeinwp
Plugin	WP Product Review Lite
Version	3.7.8
Comparing to
See all releases

Code changes from version 3.7.7 to 3.7.8

Files changed (19) hide show

CHANGELOG.md +4 -0
includes/admin/class-wppr-admin.php +6 -6
includes/admin/layouts/editor-default-tpl.php +4 -4
includes/admin/layouts/settings-tpl.php +4 -4
includes/class-wppr.php +1 -1
includes/functions.php +21 -21
includes/public/layouts/comment-rating-slider-tpl.php +1 -1
includes/public/layouts/comment-rating-star-tpl.php +3 -3
includes/public/layouts/default.php +1 -1
includes/public/layouts/style1.php +1 -1
package-lock.json +5 -5
readme.md +5 -0
readme.txt +5 -0
themeisle-hash.json +1 -1
vendor/autoload.php +1 -1
vendor/autoload_52.php +1 -1
vendor/composer/autoload_real.php +5 -5
vendor/composer/autoload_real_52.php +3 -3
wp-product-review.php +2 -2

CHANGELOG.md CHANGED Viewed

	@@ -1,4 +1,8 @@
1




2	### v3.7.7 - 2020-05-21
3	Changes:
4	* [Fix] Security vulnerability


1
2	+ ### v3.7.8 - 2020-05-22
3	+ Changes:
4	+ * [Fix] Sanitize values
5	+
6	### v3.7.7 - 2020-05-21
7	Changes:
8	* [Fix] Security vulnerability

includes/admin/class-wppr-admin.php CHANGED Viewed

	@@ -244,13 +244,13 @@ class WPPR_Admin {
244	}
245
246	foreach ( $data as $option ) {
247	- $model->wppr_set_option( $option['name'], $option['value'] );
248	}
249
250	// delete the transients for AMP.
251	$templates = apply_filters( 'wppr_review_templates', array( 'default', 'style1', 'style2' ) );
252	foreach ( $templates as $template ) {
253	- delete_transient( '_wppr_amp_css_' . str_replace( '.', '_', $this->version ) . '_' . $template );
254	}
255	die();
256	}
	@@ -265,7 +265,7 @@ class WPPR_Admin {
265	check_ajax_referer( WPPR_SLUG, 'nonce' );
266
267	if ( isset( $_POST['type'] ) ) {
268	- echo wp_send_json_success( array( 'categories' => self::get_taxonomy_and_terms_for_post_type( $_POST['type'] ) ) );
269	}
270	wp_die();
271	}
	@@ -280,7 +280,7 @@ class WPPR_Admin {
280	check_ajax_referer( WPPR_SLUG, 'nonce' );
281
282	if ( isset( $_POST['type'] ) ) {
283	- echo wp_send_json_success( array( 'categories' => self::get_category_for_post_type( $_POST['type'] ) ) );
284	}
285	wp_die();
286	}
	@@ -465,7 +465,7 @@ class WPPR_Admin {
465	switch ( $column ) {
466	case 'wppr_review':
467	$model = new WPPR_Review_Model( $id );
468	- echo $model->get_rating();
469	break;
470	}
471	}
	@@ -542,7 +542,7 @@ class WPPR_Admin {
542	switch ( $column ) {
543	case 'wppr_price':
544	$model = new WPPR_Review_Model( $id );
545	- echo $model->get_price();
546	break;
547	case 'wppr_rating':
548	$model = new WPPR_Review_Model( $id );


244	}
245
246	foreach ( $data as $option ) {
247	+ $model->wppr_set_option( sanitize_text_field( $option['name'] ), sanitize_text_field( $option['value'] ) );
248	}
249
250	// delete the transients for AMP.
251	$templates = apply_filters( 'wppr_review_templates', array( 'default', 'style1', 'style2' ) );
252	foreach ( $templates as $template ) {
253	+ delete_transient( '_wppr_amp_css_' . str_replace( '.', '_', $this->version ) . '_' . sanitize_text_field( $template ) );
254	}
255	die();
256	}

265	check_ajax_referer( WPPR_SLUG, 'nonce' );
266
267	if ( isset( $_POST['type'] ) ) {
268	+ echo wp_send_json_success( array( 'categories' => self::get_taxonomy_and_terms_for_post_type( sanitize_text_field( $_POST['type'] ) ) ) );
269	}
270	wp_die();
271	}

280	check_ajax_referer( WPPR_SLUG, 'nonce' );
281
282	if ( isset( $_POST['type'] ) ) {
283	+ echo wp_send_json_success( array( 'categories' => self::get_category_for_post_type( sanitize_text_field( $_POST['type'] ) ) ) );
284	}
285	wp_die();
286	}

465	switch ( $column ) {
466	case 'wppr_review':
467	$model = new WPPR_Review_Model( $id );
468	+ echo esc_html( $model->get_rating() );
469	break;
470	}
471	}

542	switch ( $column ) {
543	case 'wppr_price':
544	$model = new WPPR_Review_Model( $id );
545	+ echo esc_html( $model->get_price() );
546	break;
547	case 'wppr_rating':
548	$model = new WPPR_Review_Model( $id );

includes/admin/layouts/editor-default-tpl.php CHANGED Viewed

	@@ -102,7 +102,7 @@ $check = $review->is_active() ? 'yes' : 'no';
102	)
103	);
104	?>
105	- <label for="<?php echo $template_id; ?>">
106	<?php
107	$image = null;
108	if ( file_exists( WPPR_PATH . "/assets/img/templates/$template.png" ) ) {
	@@ -112,7 +112,7 @@ $check = $review->is_active() ? 'yes' : 'no';
112	}
113	if ( $image ) {
114	?>
115	- <img src='<?php echo $image; ?>' class="wppr-review-template"/>
116	<?php
117	}
118	?>
	@@ -419,8 +419,8 @@ $check = $review->is_active() ? 'yes' : 'no';
419	</div>
420
421	<script id="wppr-review-type-fields-template" type="text/template"
422	- data-json='<?php echo str_replace( "'", '\"', json_encode( $schema_types ) ); ?>'
423	- data-type='<?php echo $review->get_type(); ?>'
424	data-custom-fields='<?php echo json_encode( $review->get_custom_fields() ); ?>'
425	>
426	<li class="wppr-review-type-field">


102	)
103	);
104	?>
105	+ <label for="<?php echo esc_attr( $template_id ); ?>">
106	<?php
107	$image = null;
108	if ( file_exists( WPPR_PATH . "/assets/img/templates/$template.png" ) ) {

112	}
113	if ( $image ) {
114	?>
115	+ <img src='<?php echo esc_url( $image ); ?>' class="wppr-review-template"/>
116	<?php
117	}
118	?>

419	</div>
420
421	<script id="wppr-review-type-fields-template" type="text/template"
422	+ data-json='<?php echo esc_attr( str_replace( "'", '\"', json_encode( $schema_types ) ) ); ?>'
423	+ data-type='<?php echo esc_attr( $review->get_type() ); ?>'
424	data-custom-fields='<?php echo json_encode( $review->get_custom_fields() ); ?>'
425	>
426	<li class="wppr-review-type-field">

includes/admin/layouts/settings-tpl.php CHANGED Viewed

	@@ -22,9 +22,9 @@ $fields = $global_settings->get_fields();
22	<div id="wppr_top_tabs" class="clearfix">
23	<ul id="tabs_menu" role="menu">
24	<?php foreach ( $sections as $section_key => $section_name ) : ?>
25	- <li class="wppr-nav-tab" id="wppr-nav-tab-<?php echo $section_key; ?>"
26	- data-tab="wppr-tab-<?php echo $section_key; ?>">
27	- <a href="#wppr-tab-<?php echo $section_key; ?>" title="<?php esc_attr( $section_name ); ?>">
28	<?php echo esc_html( $section_name ); ?>
29	</a>
30	</li>
	@@ -35,7 +35,7 @@ $fields = $global_settings->get_fields();
35	<form id="wppr-settings" method="post" action="#" enctype="multipart/form-data">
36
37	<?php foreach ( $sections as $section_key => $section_name ) : ?>
38	- <div id="wppr-tab-<?php echo $section_key; ?>" class="wppr-tab-content">
39	<?php
40	if ( shortcode_exists( 'P_REVIEW' ) ) {
41	do_action( 'wppr_settings_section_upsell', $section_key );


22	<div id="wppr_top_tabs" class="clearfix">
23	<ul id="tabs_menu" role="menu">
24	<?php foreach ( $sections as $section_key => $section_name ) : ?>
25	+ <li class="wppr-nav-tab" id="wppr-nav-tab-<?php echo esc_attr( $section_key ); ?>"
26	+ data-tab="wppr-tab-<?php echo esc_attr( $section_key ); ?>">
27	+ <a href="#wppr-tab-<?php echo esc_attr( $section_key ); ?>" title="<?php esc_attr( $section_name ); ?>">
28	<?php echo esc_html( $section_name ); ?>
29	</a>
30	</li>

35	<form id="wppr-settings" method="post" action="#" enctype="multipart/form-data">
36
37	<?php foreach ( $sections as $section_key => $section_name ) : ?>
38	+ <div id="wppr-tab-<?php echo esc_attr( $section_key ); ?>" class="wppr-tab-content">
39	<?php
40	if ( shortcode_exists( 'P_REVIEW' ) ) {
41	do_action( 'wppr_settings_section_upsell', $section_key );

includes/class-wppr.php CHANGED Viewed

	@@ -67,7 +67,7 @@ class WPPR {
67	*/
68	public function __construct() {
69	$this->plugin_name = 'wppr';
70	- $this->version = '3.7.7';
71
72	$this->load_dependencies();
73	$this->set_locale();


67	*/
68	public function __construct() {
69	$this->plugin_name = 'wppr';
70	+ $this->version = '3.7.8';
71
72	$this->load_dependencies();
73	$this->set_locale();

includes/functions.php CHANGED Viewed

	@@ -34,7 +34,7 @@ if ( ! function_exists( 'wppr_display_rating_stars' ) ) {
34	$rating_5 = round( $review_rating / 20, PHP_ROUND_HALF_UP );
35	?>
36	<div class="wppr-review-stars <?php echo is_rtl() ? 'rtl' : ''; ?>" style="direction: <?php echo is_rtl() ? 'rtl' : ''; ?>">
37	- <div class="wppr-review-stars-grade <?php echo $review_object->get_rating_class(); ?>">
38	<?php
39	$stars = array( 'full' => intval( $rating_5 ), 'half' => $rating_5 > intval( $rating_5 ), 'empty' => ( $rating_5 > intval( $rating_5 ) ? 4 : 5 ) - intval( $rating_5 ) );
40	foreach ( $stars as $key => $value ) {
	@@ -85,7 +85,7 @@ if ( ! function_exists( 'wppr_display_rating_custom_icon' ) ) {
85	?>
86	<div id="review-statistics">
87	<div class="review-wu-bars">
88	- <ul class="cwpr_clearfix <?php echo ' ~~' .~~ $review_object->get_rating_class( $review_rating ) . apply_filters( 'wppr_option_custom_icon', '' ); ?>">
89	<?php
90	for ( $i = 1; $i <= 5; $i ++ ) {
91	?>
	@@ -176,13 +176,13 @@ if ( ! function_exists( 'wppr_default_get_rating' ) ) {
176	);
177	}
178	?>
179	- <div class="<?php echo $div_class1; ?>">
180	- <div class="review-wu-grade-content <?php echo $div_class2; ?>">
181	<div class="wppr-c100 wppr-p<?php echo esc_attr( $rating ) . ' ' . esc_attr( $review_object->get_rating_class() ); ?>">
182	<span><?php echo esc_html( $rating_10 ); ?></span>
183	<div class="wppr-slice">
184	- <div class="wppr-bar <?php echo $class_bar; ?>" style="<?php echo $style_bar; ?>"></div>
185	- <div class="wppr-fill <?php echo $class_fill; ?>" style="<?php echo $style_fill; ?>"></div>
186	</div>
187	<div class="wppr-slice-center"></div>
188	</div>
	@@ -193,7 +193,7 @@ if ( ! function_exists( 'wppr_default_get_rating' ) ) {
193
194	case 'number':
195	?>
196	- <span class="wppr-review-rating-grade wppr-p<?php echo esc_attr( $rating ) . ' ' . $review_object->get_rating_class(); ?>">
197	<?php
198	echo esc_html( $rating_10 );
199	?>
	@@ -228,11 +228,11 @@ if ( ! function_exists( 'wppr_layout_get_image' ) ) {
228	$image_link = $review_object->get_image();
229	}
230	?>
231	- <a title="<?php echo esc_attr( $review_object->get_name() ); ?>" class="<?php echo $class_a; ?>" href="<?php echo esc_url( $image_link ); ?>" <?php echo $lightbox; ?> rel="nofollow" target="_blank">
232	<img
233	src="<?php echo esc_attr( $src ); ?>"
234	alt="<?php echo esc_attr( $review_object->get_image_alt() ); ?>"
235	- class="<?php echo $class_img; ?>"/>
236	</a>
237	<?php
238	}
	@@ -267,10 +267,10 @@ if ( ! function_exists( 'wppr_layout_get_proscons' ) ) {
267	return;
268	}
269	?>
270	- <div class="<?php echo $class_div; ?> <?php echo $type; ?>s">
271	- <<?php echo $heading_type; ?> class="<?php echo $class_heading; ?>">
272	<?php echo esc_html( apply_filters( "wppr_review_{$type}s_text", $review_object->wppr_get_option( "cwppos_{$type}s_text" ) ) ); ?>
273	- </<?php echo $heading_type; ?>>
274	<ul>
275	<?php
276	foreach ( $pro_cons as $text ) {
	@@ -296,9 +296,9 @@ if ( ! function_exists( 'wppr_layout_get_user_rating' ) ) {
296	$comments_rating = $review_object->get_comments_rating();
297	$number_comments = count( $review_object->get_comments_options() );
298	?>
299	- <span class="wppr-review-rating-users wppr-p<?php echo esc_attr( round( $comments_rating ) ) . ' ' . $review_object->get_rating_class( $comments_rating ); ?>">
300	<span dir="<?php echo is_rtl() ? 'rtl' : ''; ?>">
301	- <?php echo sprintf( __( 'Users score: %1$d with %2$d votes', 'wp-product-review' ), $comments_rating, $number_comments ); ?>
302	</span>
303	</span>
304	<?php
	@@ -327,14 +327,14 @@ if ( ! function_exists( 'wppr_layout_get_options_ratings' ) ) {
327	foreach ( $review_object->get_options() as $option ) {
328	$class_ul = $review_object->get_rating_class( $option['value'] ) . apply_filters( 'wppr_option_custom_icon', '' );
329	?>
330	- <div class="rev-option" data-value="<?php echo $option['value']; ?>">
331	<div class="cwpr_clearfix">
332	<span>
333	<h3><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></h3>
334	</span>
335	- <span><?php echo esc_html( number_format( ( $option['value'] / $scale ), 1 ) ); ?>/<?php echo $display; ?></span>
336	</div>
337	- <ul class="cwpr_clearfix <?php echo $class_ul; ?>">
338	<?php
339	$rating = round( $option['value'] / $scale );
340	$start_from = is_rtl() ? ( $display + 1 - $rating ) : 1;
	@@ -365,8 +365,8 @@ if ( ! function_exists( 'wppr_layout_get_options_ratings' ) ) {
365	<span><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></span>
366	<span><?php echo esc_html( number_format( ( $review_option_rating / $scale ), 1 ) ); ?></span>
367	</div>
368	- <div class="wppr-review-grade-option-rating wppr-default <?php echo $review_object->get_rating_class( $review_option_rating ); ?> <?php echo is_rtl() ? 'rtl' : ''; ?>">
369	- <span class="<?php echo $review_object->get_rating_class( $review_option_rating ); ?>" style="
370	<?php
371	/**
372	* Adds min-width for amp support.
	@@ -394,14 +394,14 @@ if ( ! function_exists( 'wppr_layout_get_options_ratings' ) ) {
394	<div class="wppr-review-option-header">
395	<span><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></span>
396	</div>
397	- <ul class="wppr-review-option-rating <?php echo apply_filters( 'wppr_option_custom_icon', '' ); ?>">
398	<?php
399	$rating = round( $option['value'] / $scale );
400	$start_from = is_rtl() ? ( $display + 1 - $rating ) : 1;
401	$stop_at = is_rtl() ? $display : $rating;
402	for ( $i = 1; $i <= $display; $i ++ ) {
403	?>
404	- <li class="<?php echo $i >= $start_from && $i <= $stop_at ? $review_object->get_rating_class( $option['value'] ) : ' wppr-default'; ?>"></li>
405	<?php
406	}
407	?>


34	$rating_5 = round( $review_rating / 20, PHP_ROUND_HALF_UP );
35	?>
36	<div class="wppr-review-stars <?php echo is_rtl() ? 'rtl' : ''; ?>" style="direction: <?php echo is_rtl() ? 'rtl' : ''; ?>">
37	+ <div class="wppr-review-stars-grade <?php echo esc_attr( $review_object->get_rating_class() ); ?>">
38	<?php
39	$stars = array( 'full' => intval( $rating_5 ), 'half' => $rating_5 > intval( $rating_5 ), 'empty' => ( $rating_5 > intval( $rating_5 ) ? 4 : 5 ) - intval( $rating_5 ) );
40	foreach ( $stars as $key => $value ) {

85	?>
86	<div id="review-statistics">
87	<div class="review-wu-bars">
88	+ <ul class="cwpr_clearfix <?php echo esc_attr( $review_object->get_rating_class( $review_rating ) . apply_filters( 'wppr_option_custom_icon', '' ) ); ?>">
89	<?php
90	for ( $i = 1; $i <= 5; $i ++ ) {
91	?>

176	);
177	}
178	?>
179	+ <div class="<?php echo esc_attr( $div_class1 ); ?>">
180	+ <div class="review-wu-grade-content <?php echo esc_attr( $div_class2 ); ?>">
181	<div class="wppr-c100 wppr-p<?php echo esc_attr( $rating ) . ' ' . esc_attr( $review_object->get_rating_class() ); ?>">
182	<span><?php echo esc_html( $rating_10 ); ?></span>
183	<div class="wppr-slice">
184	+ <div class="wppr-bar <?php echo esc_attr( $class_bar ); ?>" style="<?php echo $style_bar; ?>"></div>
185	+ <div class="wppr-fill <?php echo esc_attr( $class_fill ); ?>" style="<?php echo $style_fill; ?>"></div>
186	</div>
187	<div class="wppr-slice-center"></div>
188	</div>

193
194	case 'number':
195	?>
196	+ <span class="wppr-review-rating-grade wppr-p<?php echo esc_attr( $rating ) . ' ' . esc_attr( $review_object->get_rating_class() ); ?>">
197	<?php
198	echo esc_html( $rating_10 );
199	?>

228	$image_link = $review_object->get_image();
229	}
230	?>
231	+ <a title="<?php echo esc_attr( $review_object->get_name() ); ?>" class="<?php echo esc_attr( $class_a ); ?>" href="<?php echo esc_url( $image_link ); ?>" <?php echo $lightbox; ?> rel="nofollow" target="_blank">
232	<img
233	src="<?php echo esc_attr( $src ); ?>"
234	alt="<?php echo esc_attr( $review_object->get_image_alt() ); ?>"
235	+ class="<?php echo esc_attr( $class_img ); ?>"/>
236	</a>
237	<?php
238	}

267	return;
268	}
269	?>
270	+ <div class="<?php echo esc_attr( $class_div ); ?> <?php echo esc_attr( $type ); ?>s">
271	+ <<?php echo esc_attr( $heading_type ); ?> class="<?php echo esc_attr( $class_heading ); ?>">
272	<?php echo esc_html( apply_filters( "wppr_review_{$type}s_text", $review_object->wppr_get_option( "cwppos_{$type}s_text" ) ) ); ?>
273	+ </<?php echo esc_attr( $heading_type ); ?>>
274	<ul>
275	<?php
276	foreach ( $pro_cons as $text ) {

296	$comments_rating = $review_object->get_comments_rating();
297	$number_comments = count( $review_object->get_comments_options() );
298	?>
299	+ <span class="wppr-review-rating-users wppr-p<?php echo esc_attr( round( $comments_rating ) ) . ' ' . esc_attr( $review_object->get_rating_class( $comments_rating ) ); ?>">
300	<span dir="<?php echo is_rtl() ? 'rtl' : ''; ?>">
301	+ <?php echo esc_html( sprintf( __( 'Users score: %1$d with %2$d votes', 'wp-product-review' ), $comments_rating, $number_comments ) ); ?>
302	</span>
303	</span>
304	<?php

327	foreach ( $review_object->get_options() as $option ) {
328	$class_ul = $review_object->get_rating_class( $option['value'] ) . apply_filters( 'wppr_option_custom_icon', '' );
329	?>
330	+ <div class="rev-option" data-value="<?php echo esc_attr( $option['value'] ); ?>">
331	<div class="cwpr_clearfix">
332	<span>
333	<h3><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></h3>
334	</span>
335	+ <span><?php echo esc_html( number_format( ( $option['value'] / $scale ), 1 ) ); ?>/<?php echo esc_html( $display ); ?></span>
336	</div>
337	+ <ul class="cwpr_clearfix <?php echo esc_attr( $class_ul ); ?>">
338	<?php
339	$rating = round( $option['value'] / $scale );
340	$start_from = is_rtl() ? ( $display + 1 - $rating ) : 1;

365	<span><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></span>
366	<span><?php echo esc_html( number_format( ( $review_option_rating / $scale ), 1 ) ); ?></span>
367	</div>
368	+ <div class="wppr-review-grade-option-rating wppr-default <?php echo esc_attr( $review_object->get_rating_class( $review_option_rating ) ); ?> <?php echo is_rtl() ? 'rtl' : ''; ?>">
369	+ <span class="<?php echo esc_attr( $review_object->get_rating_class( $review_option_rating ) ); ?>" style="
370	<?php
371	/**
372	* Adds min-width for amp support.

394	<div class="wppr-review-option-header">
395	<span><?php echo esc_html( apply_filters( 'wppr_option_name_html', $option['name'] ) ); ?></span>
396	</div>
397	+ <ul class="wppr-review-option-rating <?php echo esc_attr( apply_filters( 'wppr_option_custom_icon', '' ) ); ?>">
398	<?php
399	$rating = round( $option['value'] / $scale );
400	$start_from = is_rtl() ? ( $display + 1 - $rating ) : 1;
401	$stop_at = is_rtl() ? $display : $rating;
402	for ( $i = 1; $i <= $display; $i ++ ) {
403	?>
404	+ <li class="<?php echo esc_attr( $i >= $start_from && $i <= $stop_at ? $review_object->get_rating_class( $option['value'] ) : ' wppr-default' ); ?>"></li>
405	<?php
406	}
407	?>

includes/public/layouts/comment-rating-slider-tpl.php CHANGED Viewed

	@@ -18,7 +18,7 @@
18	$scale = 10;
19	}
20
21	- echo '<input type="hidden" name="wppr-scale" value="' . $scale . '">';
22	echo '<div id="wppr-slider-comment">' . implode( '', $sliders ) . '<div class="cwpr_clearfix"></div></div>';
23
24


18	$scale = 10;
19	}
20
21	+ echo '<input type="hidden" name="wppr-scale" value="' . esc_attr( $scale ). '">';
22	echo '<div id="wppr-slider-comment">' . implode( '', $sliders ) . '<div class="cwpr_clearfix"></div></div>';
23
24

includes/public/layouts/comment-rating-star-tpl.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	foreach ( $option_names as $k => $name ) {
7	?>
8	<div class="wppr-comment-form-meta">
9	- <label for="wppr-star-option-<?php echo $k; ?>"><?php echo $name; ?></label>
10	<div class="wppr-comment-rating-star <?php echo ( is_rtl() ? 'rtl' : '' ); ?> ">
11	<?php
12	$type = 'half';
	@@ -14,8 +14,8 @@
14	$value = round( $x / 2, 2 );
15	$type = $type === 'full' ? 'half' : 'full';
16	?>
17	- <input type="radio" id="star<?php echo $x; ?><?php echo $k; ?>" name="wppr-slider-option-<?php echo $k; ?>" value="<?php echo $value; ?>" />
18	- <label class="<?php echo $type; ?>" for="star<?php echo $x; ?><?php echo $k; ?>"></label>
19	<?php
20	}
21	?>


6	foreach ( $option_names as $k => $name ) {
7	?>
8	<div class="wppr-comment-form-meta">
9	+ <label for="wppr-star-option-<?php echo esc_attr( $k ); ?>"><?php echo esc_html( $name ); ?></label>
10	<div class="wppr-comment-rating-star <?php echo ( is_rtl() ? 'rtl' : '' ); ?> ">
11	<?php
12	$type = 'half';

14	$value = round( $x / 2, 2 );
15	$type = $type === 'full' ? 'half' : 'full';
16	?>
17	+ <input type="radio" id="star<?php echo $x; ?><?php echo esc_attr( $k ); ?>" name="wppr-slider-option-<?php echo esc_attr( $k ); ?>" value="<?php echo esc_attr( $value ); ?>" />
18	+ <label class="<?php echo esc_attr( $type ); ?>" for="star<?php echo esc_attr( $x ); ?><?php echo esc_attr( $k ); ?>"></label>
19	<?php
20	}
21	?>

includes/public/layouts/default.php CHANGED Viewed

	@@ -16,7 +16,7 @@ $pros = $review_object->get_pros();
16	$cons = $review_object->get_cons();
17
18	?>
19	- <div id="wppr-review-<?php echo $review_object->get_ID(); ?>"
20	class="wppr-template wppr-template-default <?php echo is_rtl() ? 'rtl' : ''; ?> wppr-review-container <?php echo( empty( $pros ) ? 'wppr-review-no-pros' : '' ); ?> <?php echo( empty( $cons ) ? 'wppr-review-no-cons' : '' ); ?>">
21	<section id="review-statistics" class="article-section">
22	<div class="review-wrap-up cwpr_clearfix">


16	$cons = $review_object->get_cons();
17
18	?>
19	+ <div id="wppr-review-<?php echo esc_attr( $review_object->get_ID() ); ?>"
20	class="wppr-template wppr-template-default <?php echo is_rtl() ? 'rtl' : ''; ?> wppr-review-container <?php echo( empty( $pros ) ? 'wppr-review-no-pros' : '' ); ?> <?php echo( empty( $cons ) ? 'wppr-review-no-cons' : '' ); ?>">
21	<section id="review-statistics" class="article-section">
22	<div class="review-wrap-up cwpr_clearfix">

includes/public/layouts/style1.php CHANGED Viewed

	@@ -17,7 +17,7 @@
17	$review_cons = $review_object->get_cons();
18	?>
19
20	- <div id="wppr-review-<?php echo $review_id; ?>" class="wppr-review-container">
21
22	<h2 class="wppr-review-name"><?php echo esc_html( $review_object->get_name() ); ?></h2>
23


17	$review_cons = $review_object->get_cons();
18	?>
19
20	+ <div id="wppr-review-<?php echo esc_attr( $review_id ); ?>" class="wppr-review-container">
21
22	<h2 class="wppr-review-name"><?php echo esc_html( $review_object->get_name() ); ?></h2>
23

package-lock.json CHANGED Viewed

	@@ -1,6 +1,6 @@
1	{
2	"name": "wp-product-review",
3	- "version": "3.7.7",
4	"lockfileVersion": 1,
5	"requires": true,
6	"dependencies": {
	@@ -692,7 +692,7 @@
692	"dev": true,
693	"requires": {
694	"caniuse-lite": "1.0.30001062",
695	- "electron-to-chromium": "1.3.~~448~~",
696	"node-releases": "1.1.56",
697	"pkg-up": "2.0.0"
698	}
	@@ -1698,9 +1698,9 @@
1698	}
1699	},
1700	"electron-to-chromium": {
1701	- "version": "1.3.~~448~~",
1702	- "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.~~448~~.tgz",
1703	- "integrity": "sha512-~~WOr3SrZ55lUFYugA6sUu3H3ZoxVIH5o3zTSqYS~~+~~2DOJJP4hnHmBiD1w432a2YFW/H2G5FIxE6DB06rv~~+~~9dUL5g~~==",
1704	"dev": true
1705	},
1706	"encoding": {


1	{
2	"name": "wp-product-review",
3	+ "version": "3.7.8",
4	"lockfileVersion": 1,
5	"requires": true,
6	"dependencies": {

692	"dev": true,
693	"requires": {
694	"caniuse-lite": "1.0.30001062",
695	+ "electron-to-chromium": "1.3.450",
696	"node-releases": "1.1.56",
697	"pkg-up": "2.0.0"
698	}

1698	}
1699	},
1700	"electron-to-chromium": {
1701	+ "version": "1.3.450",
1702	+ "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.3.450.tgz",
1703	+ "integrity": "sha512-m6iTlzM12aBf0W8E+Lhj8tUsO5bsYXzGkQ7x4VEqLLwziFN5uecajjOKJaIR25xrHYwnwHteHy1yzJ+mN6QTWA==",
1704	"dev": true
1705	},
1706	"encoding": {

readme.md CHANGED Viewed

	@@ -37,6 +37,11 @@ If you wanna learn more about the <a href="http://www.codeinwp.com/blog/fastest-
37	Please note that WP Product Review PRO has been retired and is no longer available
38
39	## Changelog ##





40	### 3.7.7 - 2020-05-21 ###
41
42	* [Fix] Security vulnerability


37	Please note that WP Product Review PRO has been retired and is no longer available
38
39	## Changelog ##
40	+ ### 3.7.8 - 2020-05-22 ###
41	+
42	+ * [Fix] Sanitize values
43	+
44	+
45	### 3.7.7 - 2020-05-21 ###
46
47	* [Fix] Security vulnerability

readme.txt CHANGED Viewed

	@@ -37,6 +37,11 @@ If you wanna learn more about the <a href="http://www.codeinwp.com/blog/fastest-
37	Please note that WP Product Review PRO has been retired and is no longer available
38
39	== Changelog ==





40	= 3.7.7 - 2020-05-21 =
41
42	* [Fix] Security vulnerability


37	Please note that WP Product Review PRO has been retired and is no longer available
38
39	== Changelog ==
40	+ = 3.7.8 - 2020-05-22 =
41	+
42	+ * [Fix] Sanitize values
43	+
44	+
45	= 3.7.7 - 2020-05-21 =
46
47	* [Fix] Security vulnerability

themeisle-hash.json CHANGED Viewed

	@@ -1 +1 @@
1	- {"class-wppr-autoloader.php":"c7f7f3dd52445edb5f7367ba7b31281f","class-wppr-recursive-filter.php":"6c74b0e7c04529d797ae9689d9a44c8d","index.php":"c76772901fa1b2b14aa3ba32d7773c8a","uninstall.php":"7c6d36652e8dcf013f2c246f4a289acf","wp-product-review.php":"~~290417958328e8f85d0cfdc9f2895af3~~"}


1	+ {"class-wppr-autoloader.php":"c7f7f3dd52445edb5f7367ba7b31281f","class-wppr-recursive-filter.php":"6c74b0e7c04529d797ae9689d9a44c8d","index.php":"c76772901fa1b2b14aa3ba32d7773c8a","uninstall.php":"7c6d36652e8dcf013f2c246f4a289acf","wp-product-review.php":"bc7edbd807c1010eb59b6ed89b0c5440"}

vendor/autoload.php CHANGED Viewed

	@@ -4,4 +4,4 @@
4
5	require_once __DIR__ . '/composer' . '/autoload_real.php';
6
7	- return ~~ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53~~::getLoader();


4
5	require_once __DIR__ . '/composer' . '/autoload_real.php';
6
7	+ return ComposerAutoloaderInit7728df58bd9f03f76e46962ae6f50476::getLoader();

vendor/autoload_52.php CHANGED Viewed

	@@ -4,4 +4,4 @@
4
5	require_once dirname(__FILE__) . '/composer'.'/autoload_real_52.php';
6
7	- return ~~ComposerAutoloaderInit18da8e8f6744b2b3547350816791e39f~~::getLoader();


4
5	require_once dirname(__FILE__) . '/composer'.'/autoload_real_52.php';
6
7	+ return ComposerAutoloaderInit839457711aa17aeb47daf641a1f4d01e::getLoader();

vendor/composer/autoload_real.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2
3	// autoload_real.php @generated by Composer
4
5	- class ~~ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53~~
6	{
7	private static $loader;
8
	@@ -19,9 +19,9 @@ class ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53
19	return self::$loader;
20	}
21
22	- spl_autoload_register(array('~~ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53~~', 'loadClassLoader'), true, true);
23	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
24	- spl_autoload_unregister(array('~~ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53~~', 'loadClassLoader'));
25
26	$map = require __DIR__ . '/autoload_namespaces.php';
27	foreach ($map as $namespace => $path) {
	@@ -42,14 +42,14 @@ class ComposerAutoloaderInit7af94f3c4164ff1014497b20b3a5ee53
42
43	$includeFiles = require __DIR__ . '/autoload_files.php';
44	foreach ($includeFiles as $fileIdentifier => $file) {
45	- ~~composerRequire7af94f3c4164ff1014497b20b3a5ee53~~($fileIdentifier, $file);
46	}
47
48	return $loader;
49	}
50	}
51
52	- function ~~composerRequire7af94f3c4164ff1014497b20b3a5ee53~~($fileIdentifier, $file)
53	{
54	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
55	require $file;


2
3	// autoload_real.php @generated by Composer
4
5	+ class ComposerAutoloaderInit7728df58bd9f03f76e46962ae6f50476
6	{
7	private static $loader;
8

19	return self::$loader;
20	}
21
22	+ spl_autoload_register(array('ComposerAutoloaderInit7728df58bd9f03f76e46962ae6f50476', 'loadClassLoader'), true, true);
23	self::$loader = $loader = new \Composer\Autoload\ClassLoader();
24	+ spl_autoload_unregister(array('ComposerAutoloaderInit7728df58bd9f03f76e46962ae6f50476', 'loadClassLoader'));
25
26	$map = require __DIR__ . '/autoload_namespaces.php';
27	foreach ($map as $namespace => $path) {

42
43	$includeFiles = require __DIR__ . '/autoload_files.php';
44	foreach ($includeFiles as $fileIdentifier => $file) {
45	+ composerRequire7728df58bd9f03f76e46962ae6f50476($fileIdentifier, $file);
46	}
47
48	return $loader;
49	}
50	}
51
52	+ function composerRequire7728df58bd9f03f76e46962ae6f50476($fileIdentifier, $file)
53	{
54	if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
55	require $file;

vendor/composer/autoload_real_52.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2
3	// autoload_real_52.php generated by xrstf/composer-php52
4
5	- class ~~ComposerAutoloaderInit18da8e8f6744b2b3547350816791e39f~~ {
6	private static $loader;
7
8	public static function loadClassLoader($class) {
	@@ -19,9 +19,9 @@ class ComposerAutoloaderInit18da8e8f6744b2b3547350816791e39f {
19	return self::$loader;
20	}
21
22	- spl_autoload_register(array('~~ComposerAutoloaderInit18da8e8f6744b2b3547350816791e39f~~', 'loadClassLoader'), true /, true /);
23	self::$loader = $loader = new xrstf_Composer52_ClassLoader();
24	- spl_autoload_unregister(array('~~ComposerAutoloaderInit18da8e8f6744b2b3547350816791e39f~~', 'loadClassLoader'));
25
26	$vendorDir = dirname(dirname(__FILE__));
27	$baseDir = dirname($vendorDir);


2
3	// autoload_real_52.php generated by xrstf/composer-php52
4
5	+ class ComposerAutoloaderInit839457711aa17aeb47daf641a1f4d01e {
6	private static $loader;
7
8	public static function loadClassLoader($class) {

19	return self::$loader;
20	}
21
22	+ spl_autoload_register(array('ComposerAutoloaderInit839457711aa17aeb47daf641a1f4d01e', 'loadClassLoader'), true /, true /);
23	self::$loader = $loader = new xrstf_Composer52_ClassLoader();
24	+ spl_autoload_unregister(array('ComposerAutoloaderInit839457711aa17aeb47daf641a1f4d01e', 'loadClassLoader'));
25
26	$vendorDir = dirname(dirname(__FILE__));
27	$baseDir = dirname($vendorDir);

wp-product-review.php CHANGED Viewed

	@@ -15,7 +15,7 @@
15	* Plugin Name: WP Product Review Lite
16	* Plugin URI: https://themeisle.com/plugins/wp-product-review/
17	* Description: The highest rated and most complete review plugin, now with rich snippets support. Easily turn your basic posts into in-depth reviews.
18	- * Version: 3.7.7
19	* Author: ThemeIsle
20	* Author URI: https://themeisle.com/
21	* Requires at least: 3.5
	@@ -66,7 +66,7 @@ register_deactivation_hook( __FILE__, 'deactivate_wppr' );
66	*/
67	function run_wppr() {
68
69	- define( 'WPPR_LITE_VERSION', '3.7.7' );
70	define( 'WPPR_PATH', dirname( __FILE__ ) );
71	define( 'WPPR_SLUG', 'wppr' );
72	define( 'WPPR_UPSELL_LINK', 'https://themeisle.com/plugins/wp-product-review/' );


15	* Plugin Name: WP Product Review Lite
16	* Plugin URI: https://themeisle.com/plugins/wp-product-review/
17	* Description: The highest rated and most complete review plugin, now with rich snippets support. Easily turn your basic posts into in-depth reviews.
18	+ * Version: 3.7.8
19	* Author: ThemeIsle
20	* Author URI: https://themeisle.com/
21	* Requires at least: 3.5

66	*/
67	function run_wppr() {
68
69	+ define( 'WPPR_LITE_VERSION', '3.7.8' );
70	define( 'WPPR_PATH', dirname( __FILE__ ) );
71	define( 'WPPR_SLUG', 'wppr' );
72	define( 'WPPR_UPSELL_LINK', 'https://themeisle.com/plugins/wp-product-review/' );