Slimstat Analytics - Version 4.9.3

Version Description

[Update] New logo and icon for the plugin!
[Fix] Hardened plugin security and sanitization of user input and escaped output

Release Info

Developer	mostafa.s1990
Plugin	Slimstat Analytics
Version	4.9.3
Comparing to
See all releases

Code changes from version 4.9.2 to 4.9.3

Files changed (5) hide show

admin/view/addons.php +108 -108
admin/view/right-now.php +1 -1
admin/view/wp-slimstat-reports.php +1 -1
readme.txt +6 -2
wp-slimstat.php +20 -14

admin/view/addons.php CHANGED Viewed

@@ -1,109 +1,109 @@
-            -
            <?php
-            -
            // Avoid direct access to this piece of code
-            -
            if ( !function_exists( 'add_action' ) ) {
-            -
            	exit(0);
-            -
            }
-            -
-            -
            // Update license keys, if needed
-            -
            if ( !empty( $_POST[ 'licenses' ] ) && is_array( $_POST[ 'licenses' ] ) && !empty( $_POST[ 'slimstat_update_licenses' ] ) && wp_verify_nonce( $_POST[ 'slimstat_update_licenses' ], 'slimstat_update_licenses' ) ) {
-            -
            	foreach( $_POST[ 'licenses' ] as $a_license_slug => $a_license_key ) {
-            -
            		wp_slimstat::$settings[ 'addon_licenses' ][ $a_license_slug ] = sanitize_title( $a_license_key );
-            -
            	}
-            -
-            -
            	wp_slimstat::update_option( 'slimstat_options', wp_slimstat::$settings );
-            -
            }
-            -
-            -
            $response = get_transient( 'wp_slimstat_addon_list' );
-            -
            $error_message = '';
-            -
-            -
            if ( !empty( $_GET[ 'force_refresh' ] ) || false === $response ) {
-            -
            	$response = wp_remote_get( 'https://www.wp-slimstat.com/update-checker/', array( 'headers' => array( 'referer' => get_site_url() ) ) );
-            -
            	if ( is_wp_error( $response ) || $response[ 'response' ][ 'code' ] != 200 ) {
-            -
            		$error_message = is_wp_error( $response ) ? $response->get_error_message() : $response[ 'response' ][ 'code' ] . ' ' . $response[ 'response' ][ 'message' ];
-            -
            		$error_message = sprintf( __( 'There was an error retrieving the add-ons list from the server. Please try again later. Error Message: %s', 'wp-slimstat' ), $error_message );
-            -
            	}
-            -
            	else {
-            -
            		set_transient( 'wp_slimstat_addon_list', $response, 86400 );
-            -
            	}
-            -
            }
-            -
-            -
            $at_least_one_add_on_active = false;
-            -
            $list_addons = @unserialize( $response[ 'body' ] );
-            -
-            -
            if ( !is_array( $list_addons ) ) {
-            -
            	$error_message = __( 'There was an error decoding the add-ons list from the server. Please try again later.', 'wp-slimstat' );
-            -
            }
-            -
            ?>
-            -
-            -
            <div class="wrap slimstat">
-            -
            <h2><?php _e( 'Add-ons', 'wp-slimstat' ) ?></h2>
-            -
            <p><?php _e( 'Add-ons extend the functionality of Slimstat in many interesting ways. We offer both free and premium (paid) extensions. Each add-on can be installed as a separate plugin, which will receive regular updates via the WordPress Plugins panel. In order to be notified when a new version of a premium add-on is available, please enter the <strong>license key</strong> you received when you purchased it.', 'wp-slimstat' ) ?>
-            -
            <?php
-            -
            	if ( empty( $_GET[ 'force_refresh' ] ) ) {
-            -
            		echo ' ';
-            -
            		printf( __( 'This list is refreshed once daily: <a href="%s&amp;force_refresh=true" class="noslimstat">click here</a> to clear the cache.', 'wp-slimstat' ), $_SERVER[ 'REQUEST_URI' ] );
-            -
            	}
-            -
-            -
            	if ( !empty( $error_message ) ) {
-            -
            		wp_slimstat_admin::show_message( $error_message, 'warning' );
-            -
            		return;
-            -
            	}
-            -
            ?>
-            -
            </p>
-            -
-            -
            <form method="post" id="form-slimstat-options-tab-addons">
-            -
            <?php wp_nonce_field( 'slimstat_update_licenses', 'slimstat_update_licenses' ); ?>
-            -
            <table class="wp-list-table widefat plugins slimstat-addons" cellspacing="0">
-            -
            	<thead>
-            -
            	<tr>
-            -
            		<th scope="col" id="name" class="manage-column column-name"><?php _e( 'Add-on', 'wp-slimstat' ) ?></th><th scope="col" id="description" class="manage-column column-description" style=""><?php _e( 'Description', 'wp-slimstat' ) ?></th>
-            -
            	</tr>
-            -
            	</thead>
-            -
-            -
            	<tbody id="the-list">
-            -
            		<?php foreach ( $list_addons as $a_addon ): $is_active = is_plugin_active( $a_addon[ 'slug' ] . '/index.php' ) || is_plugin_active( $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] . '.php'); ?>
-            -
            		<tr id="<?php echo $a_addon[ 'slug' ] ?>" <?php echo $is_active ? 'class="active"' : '' ?>>
-            -
            			<th scope="row" class="plugin-title">
-            -
            				<strong><a target="_blank" href="<?php echo $a_addon[ 'download_url' ] ?>"><?php echo $a_addon[ 'name' ] ?></a></strong>
-            -
            				<div class="row-actions-visible"><?php
-            -
            					if ( !empty( $a_addon[ 'version' ] ) ) {
-            -
            						echo ( $is_active ? __( 'Repo Version', 'wp-slimstat' ) : __( 'Version', 'wp-slimstat' ) ) . ': ' . $a_addon[ 'version' ].'<br/>';
-            -
            					}
-            -
-            -
            					if ( $is_active ){
-            -
            						if ( is_plugin_active($a_addon['slug'].'/index.php') ) {
-            -
            							$plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $a_addon[ 'slug' ] . '/index.php' );
-            -
            						}
-            -
            						else {
-            -
            							$plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] );
-            -
            						}
-            -
-            -
            						if ( !empty( $plugin_data[ 'Version' ] ) ) {
-            -
            							echo __( 'Your Version:', 'wp-slimstat' ) . ' ' . $plugin_data[ 'Version' ];
-            -
            						}
-            -
            						else{
-            -
            							_e( 'Installed and Active', 'wp-slimstat' );
-            -
            						}
-            -
            						$at_least_one_add_on_active = true;
-            -
            					}
-            -
            					else{
-            -
            						echo 'Price: ' . ( is_numeric( $a_addon[ 'price' ] ) ? '$' . $a_addon[ 'price' ] : $a_addon[ 'price' ] );
-            -
            					}  ?>
-            -
            				</div>
-            -
            			</th>
-            -
            			<td class="column-description desc">
-            -
            				<div class="plugin-description"><p><?php echo $a_addon[ 'description' ] ?></p></div>
-            -
            				<?php if ( ( is_plugin_active( $a_addon[ 'slug' ] . '/index.php' ) || is_plugin_active( $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] . '.php' ) ) ): ?>
-            -
            				<div class="active second">
-            -
            					License Key <input type="text" name="licenses[<?php echo $a_addon['slug'] ?>]" value="<?php echo !empty( wp_slimstat::$settings[ 'addon_licenses' ][ $a_addon[ 'slug' ] ] ) ? wp_slimstat::$settings[ 'addon_licenses' ][ $a_addon[ 'slug' ] ] : '' ?>" size="50">
-            -
            				</div>
-            -
            				<?php endif; ?>
-            -
            			</td>
-            -
            		</tr>
-            -
            		<?php endforeach ?>
-            -
            	</tbody>
-            -
            </table>
-            -
            <?php if ( $at_least_one_add_on_active ): ?><input type="submit" value="Save License Keys" class="button-primary" name="Submit"><?php endif ?>
-            -
-            -
            </form>
             </div>


1	+ <?php
2	+ // Avoid direct access to this piece of code
3	+ if ( !function_exists( 'add_action' ) ) {
4	+ exit(0);
5	+ }
6	+
7	+ // Update license keys, if needed
8	+ if ( !empty( $_POST[ 'licenses' ] ) && is_array( $_POST[ 'licenses' ] ) && !empty( $_POST[ 'slimstat_update_licenses' ] ) && wp_verify_nonce( $_POST[ 'slimstat_update_licenses' ], 'slimstat_update_licenses' ) ) {
9	+ foreach( $_POST[ 'licenses' ] as $a_license_slug => $a_license_key ) {
10	+ wp_slimstat::$settings[ 'addon_licenses' ][ $a_license_slug ] = sanitize_title( $a_license_key );
11	+ }
12	+
13	+ wp_slimstat::update_option( 'slimstat_options', wp_slimstat::$settings );
14	+ }
15	+
16	+ $response = get_transient( 'wp_slimstat_addon_list' );
17	+ $error_message = '';
18	+
19	+ if ( !empty( $_GET[ 'force_refresh' ] ) \|\| false === $response ) {
20	+ $response = wp_remote_get( 'https://www.wp-slimstat.com/update-checker/', array( 'headers' => array( 'referer' => get_site_url() ) ) );
21	+ if ( is_wp_error( $response ) \|\| $response[ 'response' ][ 'code' ] != 200 ) {
22	+ $error_message = is_wp_error( $response ) ? $response->get_error_message() : $response[ 'response' ][ 'code' ] . ' ' . $response[ 'response' ][ 'message' ];
23	+ $error_message = sprintf( __( 'There was an error retrieving the add-ons list from the server. Please try again later. Error Message: %s', 'wp-slimstat' ), $error_message );
24	+ }
25	+ else {
26	+ set_transient( 'wp_slimstat_addon_list', $response, 86400 );
27	+ }
28	+ }
29	+
30	+ $at_least_one_add_on_active = false;
31	+ $list_addons = @unserialize( $response[ 'body' ] );
32	+
33	+ if ( !is_array( $list_addons ) ) {
34	+ $error_message = __( 'There was an error decoding the add-ons list from the server. Please try again later.', 'wp-slimstat' );
35	+ }
36	+ ?>
37	+
38	+ <div class="wrap slimstat">
39	+ <h2><?php _e( 'Add-ons', 'wp-slimstat' ) ?></h2>
40	+ <p><?php _e( 'Add-ons extend the functionality of Slimstat in many interesting ways. We offer both free and premium (paid) extensions. Each add-on can be installed as a separate plugin, which will receive regular updates via the WordPress Plugins panel. In order to be notified when a new version of a premium add-on is available, please enter the <strong>license key</strong> you received when you purchased it.', 'wp-slimstat' ) ?>
41	+ <?php
42	+ if ( empty( $_GET[ 'force_refresh' ] ) ) {
43	+ echo ' ';
44	+ printf( __( 'This list is refreshed once daily: <a href="%s&force_refresh=true" class="noslimstat">click here</a> to clear the cache.', 'wp-slimstat' ), esc_url($_SERVER[ 'REQUEST_URI' ]) );
45	+ }
46	+
47	+ if ( !empty( $error_message ) ) {
48	+ wp_slimstat_admin::show_message( $error_message, 'warning' );
49	+ return;
50	+ }
51	+ ?>
52	+ </p>
53	+
54	+ <form method="post" id="form-slimstat-options-tab-addons">
55	+ <?php wp_nonce_field( 'slimstat_update_licenses', 'slimstat_update_licenses' ); ?>
56	+ <table class="wp-list-table widefat plugins slimstat-addons" cellspacing="0">
57	+ <thead>
58	+ <tr>
59	+ <th scope="col" id="name" class="manage-column column-name"><?php _e( 'Add-on', 'wp-slimstat' ) ?></th><th scope="col" id="description" class="manage-column column-description" style=""><?php _e( 'Description', 'wp-slimstat' ) ?></th>
60	+ </tr>
61	+ </thead>
62	+
63	+ <tbody id="the-list">
64	+ <?php foreach ( $list_addons as $a_addon ): $is_active = is_plugin_active( $a_addon[ 'slug' ] . '/index.php' ) \|\| is_plugin_active( $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] . '.php'); ?>
65	+ <tr id="<?php echo $a_addon[ 'slug' ] ?>" <?php echo $is_active ? 'class="active"' : '' ?>>
66	+ <th scope="row" class="plugin-title">
67	+ <strong><a target="_blank" href="<?php echo $a_addon[ 'download_url' ] ?>"><?php echo $a_addon[ 'name' ] ?></a></strong>
68	+ <div class="row-actions-visible"><?php
69	+ if ( !empty( $a_addon[ 'version' ] ) ) {
70	+ echo ( $is_active ? __( 'Repo Version', 'wp-slimstat' ) : __( 'Version', 'wp-slimstat' ) ) . ': ' . $a_addon[ 'version' ].'<br/>';
71	+ }
72	+
73	+ if ( $is_active ){
74	+ if ( is_plugin_active($a_addon['slug'].'/index.php') ) {
75	+ $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $a_addon[ 'slug' ] . '/index.php' );
76	+ }
77	+ else {
78	+ $plugin_data = get_plugin_data( WP_PLUGIN_DIR . '/' . $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] );
79	+ }
80	+
81	+ if ( !empty( $plugin_data[ 'Version' ] ) ) {
82	+ echo __( 'Your Version:', 'wp-slimstat' ) . ' ' . $plugin_data[ 'Version' ];
83	+ }
84	+ else{
85	+ _e( 'Installed and Active', 'wp-slimstat' );
86	+ }
87	+ $at_least_one_add_on_active = true;
88	+ }
89	+ else{
90	+ echo 'Price: ' . ( is_numeric( $a_addon[ 'price' ] ) ? '$' . $a_addon[ 'price' ] : $a_addon[ 'price' ] );
91	+ } ?>
92	+ </div>
93	+ </th>
94	+ <td class="column-description desc">
95	+ <div class="plugin-description"><p><?php echo $a_addon[ 'description' ] ?></p></div>
96	+ <?php if ( ( is_plugin_active( $a_addon[ 'slug' ] . '/index.php' ) \|\| is_plugin_active( $a_addon[ 'slug' ] . '/' . $a_addon[ 'slug' ] . '.php' ) ) ): ?>
97	+ <div class="active second">
98	+ License Key <input type="text" name="licenses[<?php echo $a_addon['slug'] ?>]" value="<?php echo !empty( wp_slimstat::$settings[ 'addon_licenses' ][ $a_addon[ 'slug' ] ] ) ? wp_slimstat::$settings[ 'addon_licenses' ][ $a_addon[ 'slug' ] ] : '' ?>" size="50">
99	+ </div>
100	+ <?php endif; ?>
101	+ </td>
102	+ </tr>
103	+ <?php endforeach ?>
104	+ </tbody>
105	+ </table>
106	+ <?php if ( $at_least_one_add_on_active ): ?><input type="submit" value="Save License Keys" class="button-primary" name="Submit"><?php endif ?>
107	+
108	+ </form>
109	</div>

admin/view/right-now.php CHANGED Viewed

	@@ -190,7 +190,7 @@ for ( $i=0; $i < $count_page_results; $i++ ) {
190	$resource_title = wp_slimstat_reports::get_resource_title( $results[$i][ 'resource' ] );
191	}
192
193	- $results[ $i ][ 'resource' ] = "<a class='slimstat-font-logout slimstat-tooltip-trigger' target='_blank' title='" . htmlentities( __( 'Open this URL in a new window', 'wp-slimstat' ), ENT_QUOTES, 'UTF-8' ) . "' href='" . htmlentities( $results[$i][ 'resource' ], ENT_QUOTES, 'UTF-8' ) . "'></a> <a class='slimstat-filter-link' href='" . wp_slimstat_reports::fs_url( 'resource equals ' . $results[ $i ][ 'resource' ] ) . "'>" . $resource_title . '</a>';
194	}
195	else {
196	if ( !empty( $results[$i][ 'notes' ] ) ) {


190	$resource_title = wp_slimstat_reports::get_resource_title( $results[$i][ 'resource' ] );
191	}
192
193	+ $results[ $i ][ 'resource' ] = "<a class='slimstat-font-logout slimstat-tooltip-trigger' target='_blank' title='" . htmlentities( __( 'Open this URL in a new window', 'wp-slimstat' ), ENT_QUOTES, 'UTF-8' ) . "' href='" . htmlentities( $results[$i][ 'resource' ], ENT_QUOTES, 'UTF-8' ) . "'></a> <a class='slimstat-filter-link' href='" . wp_slimstat_reports::fs_url( 'resource equals ' . esc_url($results[ $i ][ 'resource' ]) ) . "'>" . esc_html($resource_title) . '</a>';
194	}
195	else {
196	if ( !empty( $results[$i][ 'notes' ] ) ) {

admin/view/wp-slimstat-reports.php CHANGED Viewed

	@@ -1737,7 +1737,7 @@ class wp_slimstat_reports {
1737	}
1738	}
1739
1740	- return $request_uri;
1741	}
1742
1743	/**


1737	}
1738	}
1739
1740	+ return esc_url($request_uri);
1741	}
1742
1743	/**

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Text Domain: wp-slimstat
5	Requires at least: 5.6
6	Requires PHP: 7.4+
7	Tested up to: 6.1
8	- Stable tag: 4.9.2
9
10	== Description ==
11	Track returning customers and registered users, monitor Javascript events, detect intrusions, analyze email campaigns. Thousands of WordPress sites are already using it.
	@@ -31,7 +31,7 @@ Track returning customers and registered users, monitor Javascript events, detec
31
32	== Installation ==
33	1. In your WordPress admin, go to Plugins > Add New
34	- 2. Search for ~~limstat~~ Analytics
35	3. Click on Install Now next to Slimstat Analytics and then activate the plugin
36	4. Make sure your template calls `wp_footer()` or the equivalent hook somewhere (possibly just before the `</body>` tag)
37
	@@ -49,6 +49,10 @@ An extensive knowledge base is available on our [website](https://www.wp-slimsta
49	5. Responsive layout - Keep an eye on your reports on the go
50
51	== Changelog ==




52	= 4.9.2 =
53	* [Fix] Fixed tweak notice errors while activating the plugin in fresh installation
54	* [Update] Tested up to WordPress v6.1


5	Requires at least: 5.6
6	Requires PHP: 7.4+
7	Tested up to: 6.1
8	+ Stable tag: 4.9.3
9
10	== Description ==
11	Track returning customers and registered users, monitor Javascript events, detect intrusions, analyze email campaigns. Thousands of WordPress sites are already using it.

31
32	== Installation ==
33	1. In your WordPress admin, go to Plugins > Add New
34	+ 2. Search for Slimstat Analytics
35	3. Click on Install Now next to Slimstat Analytics and then activate the plugin
36	4. Make sure your template calls `wp_footer()` or the equivalent hook somewhere (possibly just before the `</body>` tag)
37

49	5. Responsive layout - Keep an eye on your reports on the go
50
51	== Changelog ==
52	+ = 4.9.3 =
53	+ * [Update] New logo and icon for the plugin!
54	+ * [Fix] Hardened plugin security and sanitization of user input and escaped output
55	+
56	= 4.9.2 =
57	* [Fix] Fixed tweak notice errors while activating the plugin in fresh installation
58	* [Update] Tested up to WordPress v6.1

wp-slimstat.php CHANGED Viewed

	@@ -3,10 +3,11 @@
3	Plugin Name: Slimstat Analytics
4	Plugin URI: https://wp-slimstat.com/
5	Description: The leading web analytics plugin for WordPress
6	- Version: 4.9.2
7	Author: Jason Crouse, VeronaLabs
8	Text Domain: wp-slimstat
9	Domain Path: /languages

10	Requires PHP: 7.4
11	*/
12
	@@ -360,7 +361,7 @@ class wp_slimstat {
360	$cookie_names[ $name ] = $value;
361	}
362	}
363	-
364	$cookie_found = false;
365	foreach ( $cookie_names as $a_name => $a_value ) {
366	if ( isset( $_COOKIE[ $a_name ] ) && strpos( $_COOKIE[ $a_name ], $a_value ) !== false ) {
	@@ -569,7 +570,7 @@ class wp_slimstat {
569	return false;
570	}
571
572	- // Geolocation
573	include_once( plugin_dir_path( __FILE__ ) . 'vendor/maxmind.php' );
574	try {
575	$geolocation_data = maxmind_geolite2_connector::get_geolocation_info( self::$stat[ 'ip' ] );
	@@ -704,7 +705,7 @@ class wp_slimstat {
704	$request_url = '';
705
706	if ( isset( $_SERVER[ 'REQUEST_URI' ] ) ) {
707	- return urldecode( $_SERVER[ 'REQUEST_URI' ] );
708	}
709	else if ( isset( $_SERVER[ 'SCRIPT_NAME' ] ) ) {
710	$request_url = $_SERVER[ 'SCRIPT_NAME' ];
	@@ -853,7 +854,7 @@ class wp_slimstat {
853	else {
854	$output[ $result_idx ][ $a_column ] .= $a_result[ 'username' ];
855	}
856	-
857	break;
858
859	case 'dt':
	@@ -1352,13 +1353,13 @@ class wp_slimstat {
1352	}
1353
1354	$update_checker_objects = array();
1355	-
1356	// This is only included if add-ons are installed
1357	include_once( plugin_dir_path( __FILE__ ) . 'vendor/update-checker/plugin-update-checker.php' );
1358
1359	foreach ( self::$update_checker as $a_slug ) {
1360	$a_clean_slug = str_replace( array( 'wp_slimstat_', '_' ), array( '', '-' ), $a_slug );
1361	-
1362	if ( !empty( self::$settings[ 'addon_licenses' ][ 'wp-slimstat-' . $a_clean_slug ] ) ) {
1363	$update_checker_objects[ $a_clean_slug ] = Puc_v4_Factory::buildUpdateChecker( 'https://www.wp-slimstat.com/update-checker/?slug=' . $a_clean_slug . '&key=' . urlencode( self::$settings[ 'addon_licenses' ][ 'wp-slimstat-' . $a_clean_slug ] ), dirname( dirname( __FILE__ ) ) . '/wp-slimstat-' . $a_clean_slug . '/index.php', 'wp-slimstat-' . $a_clean_slug );
1364
	@@ -1457,12 +1458,17 @@ class wp_slimstat {
1457	return -1;
1458	}
1459
1460	- // Remove unwanted characters (SQL injections, anyone?)
1461	$data_keys = array();
1462	foreach ( array_keys( $_data ) as $a_key ) {
1463	$data_keys[] = sanitize_key( $a_key );
1464	}
1465





1466	self::$wpdb->query( self::$wpdb->prepare( "
1467	INSERT IGNORE INTO $_table (" . implode (", ", $data_keys) . ')
1468	VALUES (' . substr( str_repeat( '%s,', count( $_data ) ), 0, -1 ) . ")", $_data ) );
	@@ -1950,8 +1956,8 @@ class wp_slimstat {
1950	* These two functions here implement an URL-safe base64 string
1951	*/
1952	protected static function _base64_url_encode( $_input = '' ) {
1953	- return strtr( base64_encode( $_input ), '+/=', '._-' );
1954	- }
1955	protected static function _base64_url_decode( $_input = '' ) {
1956	return strip_tags( trim( base64_decode( strtr( $_input, '._-', '+/=' ) ) ) );
1957	}
	@@ -1964,7 +1970,7 @@ class slimstat_widget extends WP_Widget {
1964	* Sets up the widgets name etc
1965	*/
1966	public function __construct() {
1967	- parent::__construct( 'slimstat_widget', 'Slimstat', array(
1968	'classname' => 'slimstat_widget',
1969	'description' => 'Add a Slimstat report to your sidebar',
1970	) );
	@@ -2017,7 +2023,7 @@ class slimstat_widget extends WP_Widget {
2017	?>
2018
2019	<p>
2020	- <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_id' ) ); ?>"><?php _e( 'Report', 'wp-slimstat' ) ?></label>
2021	<select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_id' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_id' ) ); ?>">
2022	<option value="">Select a widget</option>
2023	<?php echo $select_options ?>
	@@ -2025,12 +2031,12 @@ class slimstat_widget extends WP_Widget {
2025	</p>
2026
2027	<p>
2028	- <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_title' ) ); ?>"><?php _e( 'Title', 'wp-slimstat' ) ?></label>
2029	<input type="text" class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_title' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_title' ) ); ?>" value="<?php echo trim( strip_tags( $slimstat_widget_title ) ) ?>">
2030	</p>
2031
2032	<p>
2033	- <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_filters' ) ); ?>"><?php _e( 'Optional filters', 'wp-slimstat' ); ?></label>
2034	<a href="https://slimstat.freshdesk.com/solution/articles/5000631833-what-is-the-syntax-of-a-slimstat-shortcode-#slimstat-operators" target="_blank">[?]</a>
2035	<textarea class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_filters' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_filters' ) ); ?>"><?php echo trim( strip_tags( $slimstat_widget_filters ) ) ?></textarea>
2036	</p>


3	Plugin Name: Slimstat Analytics
4	Plugin URI: https://wp-slimstat.com/
5	Description: The leading web analytics plugin for WordPress
6	+ Version: 4.9.3
7	Author: Jason Crouse, VeronaLabs
8	Text Domain: wp-slimstat
9	Domain Path: /languages
10	+ Author URI: https://wp-slimstat.com/
11	Requires PHP: 7.4
12	*/
13

361	$cookie_names[ $name ] = $value;
362	}
363	}
364	+
365	$cookie_found = false;
366	foreach ( $cookie_names as $a_name => $a_value ) {
367	if ( isset( $_COOKIE[ $a_name ] ) && strpos( $_COOKIE[ $a_name ], $a_value ) !== false ) {

570	return false;
571	}
572
573	+ // Geolocation
574	include_once( plugin_dir_path( __FILE__ ) . 'vendor/maxmind.php' );
575	try {
576	$geolocation_data = maxmind_geolite2_connector::get_geolocation_info( self::$stat[ 'ip' ] );

705	$request_url = '';
706
707	if ( isset( $_SERVER[ 'REQUEST_URI' ] ) ) {
708	+ return urldecode( sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])) );
709	}
710	else if ( isset( $_SERVER[ 'SCRIPT_NAME' ] ) ) {
711	$request_url = $_SERVER[ 'SCRIPT_NAME' ];

854	else {
855	$output[ $result_idx ][ $a_column ] .= $a_result[ 'username' ];
856	}
857	+
858	break;
859
860	case 'dt':

1353	}
1354
1355	$update_checker_objects = array();
1356	+
1357	// This is only included if add-ons are installed
1358	include_once( plugin_dir_path( __FILE__ ) . 'vendor/update-checker/plugin-update-checker.php' );
1359
1360	foreach ( self::$update_checker as $a_slug ) {
1361	$a_clean_slug = str_replace( array( 'wp_slimstat_', '_' ), array( '', '-' ), $a_slug );
1362	+
1363	if ( !empty( self::$settings[ 'addon_licenses' ][ 'wp-slimstat-' . $a_clean_slug ] ) ) {
1364	$update_checker_objects[ $a_clean_slug ] = Puc_v4_Factory::buildUpdateChecker( 'https://www.wp-slimstat.com/update-checker/?slug=' . $a_clean_slug . '&key=' . urlencode( self::$settings[ 'addon_licenses' ][ 'wp-slimstat-' . $a_clean_slug ] ), dirname( dirname( __FILE__ ) ) . '/wp-slimstat-' . $a_clean_slug . '/index.php', 'wp-slimstat-' . $a_clean_slug );
1365

1458	return -1;
1459	}
1460
1461	+ // Remove unwanted characters from keys (SQL injections, anyone?)
1462	$data_keys = array();
1463	foreach ( array_keys( $_data ) as $a_key ) {
1464	$data_keys[] = sanitize_key( $a_key );
1465	}
1466
1467	+ // Remove unwanted characters from data (SQL injections, anyone?)
1468	+ foreach ($_data as $key => $value) {
1469	+ $_data[$key] = sanitize_text_field($value);
1470	+ }
1471	+
1472	self::$wpdb->query( self::$wpdb->prepare( "
1473	INSERT IGNORE INTO $_table (" . implode (", ", $data_keys) . ')
1474	VALUES (' . substr( str_repeat( '%s,', count( $_data ) ), 0, -1 ) . ")", $_data ) );

1956	* These two functions here implement an URL-safe base64 string
1957	*/
1958	protected static function _base64_url_encode( $_input = '' ) {
1959	+ return strtr( base64_encode( $_input ), '+/=', '._-' );
1960	+ }
1961	protected static function _base64_url_decode( $_input = '' ) {
1962	return strip_tags( trim( base64_decode( strtr( $_input, '._-', '+/=' ) ) ) );
1963	}

1970	* Sets up the widgets name etc
1971	*/
1972	public function __construct() {
1973	+ parent::__construct( 'slimstat_widget', 'Slimstat', array(
1974	'classname' => 'slimstat_widget',
1975	'description' => 'Add a Slimstat report to your sidebar',
1976	) );

2023	?>
2024
2025	<p>
2026	+ <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_id' ) ); ?>"><?php _e( 'Report', 'wp-slimstat' ) ?></label>
2027	<select class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_id' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_id' ) ); ?>">
2028	<option value="">Select a widget</option>
2029	<?php echo $select_options ?>

2031	</p>
2032
2033	<p>
2034	+ <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_title' ) ); ?>"><?php _e( 'Title', 'wp-slimstat' ) ?></label>
2035	<input type="text" class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_title' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_title' ) ); ?>" value="<?php echo trim( strip_tags( $slimstat_widget_title ) ) ?>">
2036	</p>
2037
2038	<p>
2039	+ <label for="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_filters' ) ); ?>"><?php _e( 'Optional filters', 'wp-slimstat' ); ?></label>
2040	<a href="https://slimstat.freshdesk.com/solution/articles/5000631833-what-is-the-syntax-of-a-slimstat-shortcode-#slimstat-operators" target="_blank">[?]</a>
2041	<textarea class="widefat" id="<?php echo esc_attr( $this->get_field_id( 'slimstat_widget_filters' ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( 'slimstat_widget_filters' ) ); ?>"><?php echo trim( strip_tags( $slimstat_widget_filters ) ) ?></textarea>
2042	</p>