WP RSS Aggregator - Version 4.6.9

Version Description

(2015-01-21) = * Enhanced: Admin user will now be warned about invalid or expiring licenses. * Enhanced: Admin notices logic centralized in this plugin. * Fixed: Multiple small-scale security vulnerabilities. * Fixed: Ampersand in feed URL no longer causes the product of generated feeds to be invalidated by W3C Validator.

Download this release

Release Info

Developer	jeangalea
Plugin	WP RSS Aggregator
Version	4.6.9
Comparing to
See all releases

Code changes from version 4.6.8 to 4.6.9

Files changed (9) hide show

changelog.txt +7 -1
includes/admin-ajax-notice.php +3 -0
includes/admin-display.php +1 -0
includes/admin-heartbeat.php +2 -0
includes/admin-welcome.php +6 -6
includes/custom-feed.php +1 -1
includes/licensing.php +117 -0
readme.txt +8 -2
wp-rss-aggregator.php +3 -3

changelog.txt CHANGED Viewed

@@ -1,4 +1,10 @@
-            -
            4.6.8 (2014-01-07)
             Enhanced: Added more logging during feed importing.
             Enhanced: Irrelevent metaboxes added by other plugins are now removed from the Add/Edit Feed Source page.
             Fixed bug: Valid feed URLS were being invalidated.


1	+ 4.6.9 (2015-01-21)
2	+ Enhanced: Admin user will now be warned about invalid or expiring licenses.
3	+ Enhanced: Admin notices logic centralized in this plugin.
4	+ Fixed: Multiple small-scale security vulnerabilities.
5	+ Fixed: Ampersand in feed URL no longer causes the product of generated feeds to be invalidated by W3C Validator.
6	+
7	+ 4.6.8 (2015-01-07)
8	Enhanced: Added more logging during feed importing.
9	Enhanced: Irrelevent metaboxes added by other plugins are now removed from the Add/Edit Feed Source page.
10	Fixed bug: Valid feed URLS were being invalidated.

includes/admin-ajax-notice.php CHANGED Viewed

	@@ -17,6 +17,9 @@
17	* @since 3.0
18	*/
19	function wprss_display_admin_notice() {



20	global $pagenow, $typenow;
21	if ( empty( $typenow ) && !empty( $_GET['post'] ) ) {
22	$post = get_post( $_GET['post'] );


17	* @since 3.0
18	*/
19	function wprss_display_admin_notice() {
20	+ // If not an admin, do not show the notification
21	+ if ( ! current_user_can( 'manage_options' ) ) return;
22	+
23	global $pagenow, $typenow;
24	if ( empty( $typenow ) && !empty( $_GET['post'] ) ) {
25	$post = get_post( $_GET['post'] );

includes/admin-display.php CHANGED Viewed

	@@ -373,6 +373,7 @@
373	* @since 3.5
374	*/
375	function check_delete_for_feed_source( $source_id = NULL ) {

376	// then we need to check the GET data for the request
377	if ( isset( $_GET['purge-feed-items'] ) ) {
378	$source_id = $_GET['purge-feed-items'];


373	* @since 3.5
374	*/
375	function check_delete_for_feed_source( $source_id = NULL ) {
376	+ if ( ! current_user_can( 'delete_feeds' ) ) return;
377	// then we need to check the GET data for the request
378	if ( isset( $_GET['purge-feed-items'] ) ) {
379	$source_id = $_GET['purge-feed-items'];

includes/admin-heartbeat.php CHANGED Viewed

	@@ -7,6 +7,8 @@ add_action( 'wp_ajax_wprss_feed_source_table_ajax', 'wprss_feed_source_updates')
7	function wprss_feed_source_updates() {
8	$response = array();
9


10	if ( empty($_POST['wprss_heartbeat']) ) return $response;
11
12	// Get the wprss heartbeat data and extract the data


7	function wprss_feed_source_updates() {
8	$response = array();
9
10	+ if ( ! current_user_can( 'edit_feed_sources' ) ) return $response;
11	+
12	if ( empty($_POST['wprss_heartbeat']) ) return $response;
13
14	// Get the wprss heartbeat data and extract the data

includes/admin-welcome.php CHANGED Viewed

	@@ -80,10 +80,10 @@
80
81	<!-- TAB WRAPPER -->
82	<h2 class="nav-tab-wrapper">
83	- <a class="nav-tab <?php if ( $tab === null ) echo 'nav-tab-active'; ?>"
84	href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'wprss-welcome' ), 'index.php' ) ) ); ?>">
85	<?php _e( "What's New?", WPRSS_TEXT_DOMAIN ) ?>
86	- </a>
87
88	<!-- SHOW ALL TABS -->
89	<?php foreach ($tabs as $slug => $title) : ?>
	@@ -106,7 +106,7 @@
106	default: ?>
107	<div class="changelog">
108
109	- <h2 class="about-headline-callout"><?php _e( 'Bulk Adding Feed Sources', WPRSS_TEXT_DOMAIN ) ?></h2>
110	<div class="about-overview">
111	<img src="<?php echo WPRSS_IMG; ?>welcome-page/bulk-add.png" />
112	<?php echo wpautop( sprintf( __('The new bulk adding option saves you time by allowing you to enter your feed names and URLs all at once.
	@@ -136,7 +136,7 @@
136	. "<strong>WP RSS Aggregator</strong> in the future, meaning it won't be imported from any of your feed sources."
137	. 'and added to the <strong>Blacklist</strong>.', WPRSS_TEXT_DOMAIN) ) ) ?>
138	</div>
139	- </div>
140
141	<hr/>
142
	@@ -151,7 +151,7 @@
151	<li><strong><a href="http://www.wprssaggregator.com/extension/wordai/" target="wprss_ai"><?php _e( 'WordAi', WPRSS_TEXT_DOMAIN ); ?></a></strong></li>
152	</ul>
153	</p>
154	- <?php echo wpautop( sprintf( __('More information about add-ons can be found on our website <a href="%1$s">%2$s</a>', WPRSS_TEXT_DOMAIN), 'http://www.wprssaggregator.com', 'www.wprssaggregator.com' ) ) ?>
155
156	<hr/>
157
	@@ -164,7 +164,7 @@
164	<?php endforeach; ?>
165	</ul>
166
167	- <?php echo wpautop( sprintf( __('Need functionality not already available in core or the add-ons? You can <a href="%1$s">suggest new features</a>!', WPRSS_TEXT_DOMAIN), 'http://www.wprssaggregator.com/feature-requests/' ) ) ?>
168
169	</div>
170


80
81	<!-- TAB WRAPPER -->
82	<h2 class="nav-tab-wrapper">
83	+ <!--<a class="nav-tab <?php if ( $tab === null ) echo 'nav-tab-active'; ?>"
84	href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'wprss-welcome' ), 'index.php' ) ) ); ?>">
85	<?php _e( "What's New?", WPRSS_TEXT_DOMAIN ) ?>
86	+ </a>-->
87
88	<!-- SHOW ALL TABS -->
89	<?php foreach ($tabs as $slug => $title) : ?>

106	default: ?>
107	<div class="changelog">
108
109	+ <!--<h2 class="about-headline-callout"><?php _e( 'Bulk Adding Feed Sources', WPRSS_TEXT_DOMAIN ) ?></h2>
110	<div class="about-overview">
111	<img src="<?php echo WPRSS_IMG; ?>welcome-page/bulk-add.png" />
112	<?php echo wpautop( sprintf( __('The new bulk adding option saves you time by allowing you to enter your feed names and URLs all at once.

136	. "<strong>WP RSS Aggregator</strong> in the future, meaning it won't be imported from any of your feed sources."
137	. 'and added to the <strong>Blacklist</strong>.', WPRSS_TEXT_DOMAIN) ) ) ?>
138	</div>
139	+ </div>-->
140
141	<hr/>
142

151	<li><strong><a href="http://www.wprssaggregator.com/extension/wordai/" target="wprss_ai"><?php _e( 'WordAi', WPRSS_TEXT_DOMAIN ); ?></a></strong></li>
152	</ul>
153	</p>
154	+ <?php echo wpautop( sprintf( __( 'More information about add-ons can be found on our website <a href="%1$s">%2$s</a>', WPRSS_TEXT_DOMAIN ), 'http://www.wprssaggregator.com', 'www.wprssaggregator.com' ) ) ?>
155
156	<hr/>
157

164	<?php endforeach; ?>
165	</ul>
166
167	+ <?php echo wpautop( sprintf( __( 'Need functionality not already available in core or the add-ons? You can <a href="%1$s">suggest new features</a>!', WPRSS_TEXT_DOMAIN ), 'http://www.wprssaggregator.com/feature-requests/' ) ) ?>
168
169	</div>
170

includes/custom-feed.php CHANGED Viewed

	@@ -141,7 +141,7 @@
141	<pubDate><?php echo get_post_time( DATE_RSS ); ?></pubDate>
142	<description><![CDATA[<?php echo $content; ?>]]></description>
143	<content:encoded><![CDATA[<?php echo $content; ?>]]></content:encoded>
144	- <source url="<?php echo get_post_meta( $source, 'wprss_url', TRUE ); ?>"><?php echo get_the_title( $source ); ?></source>
145	<?php do_action( 'wprss_custom_feed_entry', get_the_ID() ); ?>
146	</item>
147	<?php


141	<pubDate><?php echo get_post_time( DATE_RSS ); ?></pubDate>
142	<description><![CDATA[<?php echo $content; ?>]]></description>
143	<content:encoded><![CDATA[<?php echo $content; ?>]]></content:encoded>
144	+ <source url="<?php echo esc_attr(get_post_meta( $source, 'wprss_url', TRUE )); ?>"><?php echo get_the_title( $source ); ?></source>
145	<?php do_action( 'wprss_custom_feed_entry', get_the_ID() ); ?>
146	</item>
147	<?php

includes/licensing.php CHANGED Viewed

@@ -165,6 +165,123 @@ function wprss_get_license_expiry( $addon ) {
+            }
             add_action( 'wp_ajax_wprss_ajax_manage_license', 'wprss_ajax_manage_license' );
             /**
              * Handles the AJAX request to check a license.


165	}
166
167
168	+ add_action( 'admin_init', 'wprss_check_for_expired_licenses');
169	+ /**
170	+ * Checks whether there are any invalid or expired licenses.
171	+ *
172	+ * @since 4.6.9
173	+ */
174	+ function wprss_check_for_expired_licenses() {
175	+ $show_notice = FALSE;
176	+ // Get the license statuses including expiry dates.
177	+ $statuses = get_option( 'wprss_settings_license_statuses', array() );
178	+
179	+ foreach ($statuses as $key => $value) {
180	+ if ( strpos($key, '_license_status') > 0 ) {
181	+ if ( $value !== 'valid') {
182	+ $show_notice = TRUE;
183	+ }
184	+ } else if ( strpos($key, '_license_expires') > 0 ) {
185	+ // Check invalid expiry dates.
186	+ $expires = strtotime( substr( $value, 0, strpos( $value, " " ) ) );
187	+
188	+ if ( $expires == 0 \|\| ( $expires < strtotime("+2 weeks") ) ) {
189	+ $show_notice = TRUE;
190	+ break;
191	+ }
192	+ }
193	+ }
194	+
195	+ // Check if we found any of the licenses to be invalid, expiring or expired
196	+ // so that we can show the appropriate license nag.
197	+ if ($show_notice) {
198	+ add_action( 'all_admin_notices', 'wprss_show_license_notice' );
199	+ }
200	+ }
201	+
202	+
203	+ /**
204	+ * Shows an admin notice for any invalid/expired licenses.
205	+ *
206	+ * @since 4.6.9
207	+ */
208	+ function wprss_show_license_notice() {
209	+ // Get the license statuses including expiry dates.
210	+ $statuses = get_option( 'wprss_settings_license_statuses', array() );
211	+
212	+ // Array of notices to show.
213	+ $notices = array();
214	+
215	+ foreach ($statuses as $key => $value) {
216	+ if ( strpos($key, '_license_status') > 0 ) {
217	+ if ( $value === 'expired' ) {
218	+ // License is expired, but we'll show the notice for this when checking the *_license_expires key.
219	+
220	+ continue;
221	+
222	+ } else if ( $value !== 'valid' ) {
223	+ // The license is invalid or unactivated.
224	+
225	+ $uid = strtoupper( substr( $key, 0, strpos( $key, "_" ) ) );
226	+
227	+ // Check if the plugin is currently activated.
228	+ if ( !defined("WPRSS_{$uid}_SL_ITEM_NAME") ) {
229	+ continue;
230	+ } else {
231	+ $plugin = constant("WPRSS_{$uid}_SL_ITEM_NAME");
232	+ }
233	+
234	+ $msg = sprintf(
235	+ __( 'Remember to <a href="%s">enter your plugin license code</a> for the WP RSS Aggregator <b>%s</b> add-on to benefit from updates and support.', WPRSS_TEXT_DOMAIN ),
236	+ esc_attr(admin_url( 'edit.php?post_type=wprss_feed&page=wprss-aggregator-settings&tab=licenses_settings' )),
237	+ $plugin
238	+ );
239	+
240	+ // Save the notice we're going to display
241	+ $notices[$uid] = '<div class="error"><p>' . $msg . '</p></div>';
242	+ }
243	+ } else if ( strpos($key, '_license_expires') > 0 ) {
244	+ // Check for expired licenses
245	+
246	+ $expires = strtotime( substr( $value, 0, strpos( $value, " " ) ) );
247	+ $id = substr( $key, 0, strpos( $key, "_" ) );
248	+ $uid = strtoupper($id);
249	+
250	+ // Check if the plugin is currently activated.
251	+ if ( !defined("WPRSS_{$uid}_SL_ITEM_NAME") ) {
252	+ continue;
253	+ } else {
254	+ $plugin = constant("WPRSS_{$uid}_SL_ITEM_NAME");
255	+ }
256	+
257	+ if ( $expires < strtotime("+2 weeks") ) {
258	+ // The license is expired or expiring soon.
259	+ $license_key = wprss_get_license_key($id);
260	+ $msg = sprintf(
261	+ __('<a href="%s">Save 30%% on your license renewal</a> for the WP RSS Aggregator <b>%s</b> add-on and continue receiving updates and support.', WPRSS_TEXT_DOMAIN),
262	+ esc_attr(WPRSS_SL_STORE_URL . '/checkout/?edd_license_key=' . $license_key),
263	+ $plugin
264	+ );
265	+
266	+ // User can hide expiring/expired license messages.
267	+ $hide = '<a href="#" class="ajax-close-addon-notice" style="float:right;" data-addon="categories" data-notice="license">' .
268	+ __('Dismiss this notification', WPRSS_TEXT_DOMAIN) . '</a>';
269	+
270	+ // Only show this notice if there isn't already a notice to show for this add-on.
271	+ if ( !isset($notices[$uid]) ) {
272	+ $notices[$uid] = '<div class="error"><p>' . $msg . $hide . '</p></div>';
273	+ }
274	+ }
275	+ }
276	+ }
277	+
278	+ // Display the notices
279	+ foreach ($notices as $notice) {
280	+ echo $notice;
281	+ }
282	+ }
283	+
284	+
285	add_action( 'wp_ajax_wprss_ajax_manage_license', 'wprss_ajax_manage_license' );
286	/**
287	* Handles the AJAX request to check a license.

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Plugin URI: http://www.wprssaggregator.com
5	Tags: rss, feeds, aggregation, rss to post, autoblog aggregator, rss import, feed aggregator, rss aggregator, multiple rss feeds, multi rss feeds, rss multi importer, feed import, feed import, multiple feed import, feed aggregation, rss feader, feed reader, feed to post, multiple feeds, multi feed importer, multi feed import, multi import, autoblogging, autoblogger, rss feeder, rss post importer, autoblog aggregator, autoblog, autopost, content curation, feedwordpress, wp rss multi import, hungryfeed, wp-o-matic, rss feed, rss feed to post, rss retriever, syndication
6	Requires at least: 3.3
7	Tested up to: 4.1
8	- Stable tag: 4.6.8
9	License: GPLv2 or later
10	The no.1 RSS feed importer for WordPress. Premium add-ons available for more functionality.
11
	@@ -167,7 +167,13 @@ The full documentation section can be found on the [WP RSS Aggregator website](w
167
168	== Changelog ==
169
170	- = 4.6.8 (~~2014~~-01-07) =






171	* Enhanced: Added more logging during feed importing.
172	* Enhanced: Irrelevent metaboxes added by other plugins are now removed from the Add/Edit Feed Source page.
173	* Fixed bug: Valid feed URLS were being invalidated.


5	Tags: rss, feeds, aggregation, rss to post, autoblog aggregator, rss import, feed aggregator, rss aggregator, multiple rss feeds, multi rss feeds, rss multi importer, feed import, feed import, multiple feed import, feed aggregation, rss feader, feed reader, feed to post, multiple feeds, multi feed importer, multi feed import, multi import, autoblogging, autoblogger, rss feeder, rss post importer, autoblog aggregator, autoblog, autopost, content curation, feedwordpress, wp rss multi import, hungryfeed, wp-o-matic, rss feed, rss feed to post, rss retriever, syndication
6	Requires at least: 3.3
7	Tested up to: 4.1
8	+ Stable tag: 4.6.9
9	License: GPLv2 or later
10	The no.1 RSS feed importer for WordPress. Premium add-ons available for more functionality.
11

167
168	== Changelog ==
169
170	+ = 4.6.9 (2015-01-21) =
171	+ * Enhanced: Admin user will now be warned about invalid or expiring licenses.
172	+ * Enhanced: Admin notices logic centralized in this plugin.
173	+ * Fixed: Multiple small-scale security vulnerabilities.
174	+ * Fixed: Ampersand in feed URL no longer causes the product of generated feeds to be invalidated by W3C Validator.
175	+
176	+ = 4.6.8 (2015-01-07) =
177	* Enhanced: Added more logging during feed importing.
178	* Enhanced: Irrelevent metaboxes added by other plugins are now removed from the Add/Edit Feed Source page.
179	* Fixed bug: Valid feed URLS were being invalidated.

wp-rss-aggregator.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: WP RSS Aggregator
4	Plugin URI: http://www.wprssaggregator.com
5	Description: Imports and aggregates multiple RSS Feeds using SimplePie
6	- Version: 4.6.8
7	Author: Jean Galea
8	Author URI: http://www.wprssaggregator.com
9	License: GPLv2
	@@ -29,7 +29,7 @@
29
30	/**
31	* @package WPRSSAggregator
32	- * @version 4.6.8
33	* @since 1.0
34	* @author Jean Galea <info@wprssaggregator.com>
35	* @copyright Copyright (c) 2012-2015, Jean Galea
	@@ -43,7 +43,7 @@
43
44	// Set the version number of the plugin.
45	if( !defined( 'WPRSS_VERSION' ) )
46	- define( 'WPRSS_VERSION', '4.6.8', true );
47
48	// Set the database version number of the plugin.
49	if( !defined( 'WPRSS_DB_VERSION' ) )


3	Plugin Name: WP RSS Aggregator
4	Plugin URI: http://www.wprssaggregator.com
5	Description: Imports and aggregates multiple RSS Feeds using SimplePie
6	+ Version: 4.6.9
7	Author: Jean Galea
8	Author URI: http://www.wprssaggregator.com
9	License: GPLv2

29
30	/**
31	* @package WPRSSAggregator
32	+ * @version 4.6.9
33	* @since 1.0
34	* @author Jean Galea <info@wprssaggregator.com>
35	* @copyright Copyright (c) 2012-2015, Jean Galea

43
44	// Set the version number of the plugin.
45	if( !defined( 'WPRSS_VERSION' ) )
46	+ define( 'WPRSS_VERSION', '4.6.9', true );
47
48	// Set the database version number of the plugin.
49	if( !defined( 'WPRSS_DB_VERSION' ) )