Ultimate CSV Importer - Version 3.7.3

Version Description

Download this release

Release Info

Developer smackcoders
Plugin Icon 128x128 Ultimate CSV Importer
Version 3.7.3
Comparing to
See all releases

Code changes from version 3.7.2 to 3.7.3

Files changed (25) hide show
  1. Readme.txt +12 -6
  2. images/Importicon_24.png +0 -0
  3. images/facebook.png +0 -0
  4. images/googleplus.png +0 -0
  5. images/icon.png +0 -0
  6. images/linkedin.png +0 -0
  7. images/twitter.png +0 -0
  8. includes/WPImporter_includes_helper.php +4 -0
  9. index.php +2 -2
  10. js/ultimate-importer-free.js +15 -8
  11. js/ultimate-importer-pro.js +0 -770
  12. lib/jquery-plugins/UploadHandler.php +2 -4
  13. modules/comments/templates/index.php +5 -2
  14. modules/custompost/templates/index.php +4 -0
  15. modules/eshop/templates/index.php +4 -0
  16. modules/page/templates/index.php +5 -0
  17. modules/post/templates/index.php +4 -1
  18. modules/settings/actions/actions.php +1 -0
  19. modules/settings/templates/index.php +11 -6
  20. modules/users/templates/index.php +4 -0
  21. templates/import.php +5 -2
  22. templates/layout.php +4 -0
  23. templates/menu.php +4 -0
  24. templates/readfile.php +5 -3
  25. templates/versioncheck.php +4 -1
Readme.txt CHANGED
@@ -1,20 +1,20 @@
1
- === Import a CSV with Ultimate CSV Importer ===
2
  Contributors: smackcoders
3
  Donate link: http://www.smackcoders.com/donate.html
4
  Tags: wp all import, batch, csv, excel, import, spreadsheet, autoblog, Autoblogger, csvimporter, data, dataimport, importer, wpcsvimporter, wpimporter, acf, auto blog, csv import, csv to post, data import, Easy CSV Importer, eci, import plugin, admin, user, users, Advanced CSV Import, Advanced CSV Importer, affiliate, amazon, author, automatic, blog, bulk, bulk edit, bulk editor, categories, comments, content, csv file, csv format, csv importer, custom post, e-commerce, free, images, language, manage, media, meta, multisite, News, page, photos, pictures, plugin, Post, seo, shop, shortcode, tags, Taxonomy, text, title, video, eshop, woocommerce, wordpress, xml, youtube, export
5
  Requires at least: 4.1
6
  Tested up to: 4.2.1
7
- Stable tag: 3.7.2
8
- Version: 3.7.2
9
  Author: smackcoders
10
  Author URI: http://profiles.wordpress.org/smackcoders/
11
 
12
  License: GPLv2 or later
13
 
14
- Import a CSV with Ultimate CSV Importer as posts, pages, eshop products, custom posts with custom fields in few simple clicks
15
 
16
  == Description ==
17
- Import a CSV as wordpress posts made very simple and easy even for novice users as in few clicks and 3 simple steps with Ultimate CSV Importer plugin. Wordpress Ultimate CSV Importer V3.7.2 is updated with major issue fix and 4.2.1 compatibility. Users can get product manual and sample csv files etc., from - http://www.wpultimatecsvimporter.com/
18
 
19
  ** New Features of Wordpress Ultimate CSV Importer Pro V4.0 **
20
 
@@ -31,7 +31,7 @@ Import a CSV as wordpress posts made very simple and easy even for novice users
31
  * Mapping template feature with edit option.
32
  * Auto mapping and specific column update in Update feature.
33
 
34
- ** Now stable version 3.7.2 available to download with hot linked featured image fix. Visit [www.wpultimatecsvimporter.com](http://www.wpultimatecsvimporter.com) for more news and future plans.
35
 
36
  WP Ultimate CSV Importer Plugin proven much effective advanced CSV File Importer With Ultimate User Friendly Features. It is much easy now even for newbies to import csv file exported from any tool, app or software. Import as any wordpress post type and associated fields by simple mapping feature. Now import any CSV file as thousands of post, page and custom post types. This is admin side free plugin helps you in bulk edit, create and import posts type for your blog or site.
37
 
@@ -197,6 +197,9 @@ This will solve your issue or get support from hosting if you dint have sufficie
197
 
198
  == Changelog ==
199
 
 
 
 
200
  = 3.7.2 =
201
  * Added: wordpress 4.2 and 4.2.1 compatibility.
202
  * Fixed: Blank page conflict issue
@@ -442,6 +445,9 @@ This will solve your issue or get support from hosting if you dint have sufficie
442
 
443
  == Upgrade Notice ==
444
 
 
 
 
445
  = 3.7.2 =
446
  * Important Upgrade for wordpress 4.2 and above
447
 
1
+ === Import CSV made simple with Ultimate CSV Importer ===
2
  Contributors: smackcoders
3
  Donate link: http://www.smackcoders.com/donate.html
4
  Tags: wp all import, batch, csv, excel, import, spreadsheet, autoblog, Autoblogger, csvimporter, data, dataimport, importer, wpcsvimporter, wpimporter, acf, auto blog, csv import, csv to post, data import, Easy CSV Importer, eci, import plugin, admin, user, users, Advanced CSV Import, Advanced CSV Importer, affiliate, amazon, author, automatic, blog, bulk, bulk edit, bulk editor, categories, comments, content, csv file, csv format, csv importer, custom post, e-commerce, free, images, language, manage, media, meta, multisite, News, page, photos, pictures, plugin, Post, seo, shop, shortcode, tags, Taxonomy, text, title, video, eshop, woocommerce, wordpress, xml, youtube, export
5
  Requires at least: 4.1
6
  Tested up to: 4.2.1
7
+ Stable tag: 3.7.3
8
+ Version: 3.7.3
9
  Author: smackcoders
10
  Author URI: http://profiles.wordpress.org/smackcoders/
11
 
12
  License: GPLv2 or later
13
 
14
+ Import a CSV with Ultimate CSV Importer made simple to import/export posts, pages, eshop products, custom posts with custom fields in few simple clicks
15
 
16
  == Description ==
17
+ Import CSV data to wordpress is made very easy even for novice users as in few clicks and 3 simple steps with Ultimate CSV Importer plugin. Wordpress Ultimate CSV Importer V3.7.3 is updated with major issue fix and 4.2.1 compatibility. Users can get product manual and sample csv files etc., from - http://www.wpultimatecsvimporter.com/
18
 
19
  ** New Features of Wordpress Ultimate CSV Importer Pro V4.0 **
20
 
31
  * Mapping template feature with edit option.
32
  * Auto mapping and specific column update in Update feature.
33
 
34
+ ** Now stable version 3.7.3 available to download with security issue fix. Visit [www.wpultimatecsvimporter.com](http://www.wpultimatecsvimporter.com) for more news and future plans.
35
 
36
  WP Ultimate CSV Importer Plugin proven much effective advanced CSV File Importer With Ultimate User Friendly Features. It is much easy now even for newbies to import csv file exported from any tool, app or software. Import as any wordpress post type and associated fields by simple mapping feature. Now import any CSV file as thousands of post, page and custom post types. This is admin side free plugin helps you in bulk edit, create and import posts type for your blog or site.
37
 
197
 
198
  == Changelog ==
199
 
200
+ = 3.7.3 =
201
+ * Fixed: Vulnarablility security issue fix.
202
+
203
  = 3.7.2 =
204
  * Added: wordpress 4.2 and 4.2.1 compatibility.
205
  * Fixed: Blank page conflict issue
445
 
446
  == Upgrade Notice ==
447
 
448
+ = 3.7.3 =
449
+ * Upgrade now for Vulnarability fix.
450
+
451
  = 3.7.2 =
452
  * Important Upgrade for wordpress 4.2 and above
453
 
images/Importicon_24.png CHANGED
File without changes
images/facebook.png CHANGED
File without changes
images/googleplus.png CHANGED
File without changes
images/icon.png CHANGED
File without changes
images/linkedin.png CHANGED
File without changes
images/twitter.png CHANGED
File without changes
includes/WPImporter_includes_helper.php CHANGED
@@ -1132,6 +1132,10 @@ class WPImporter_includes_helper {
1132
  </span>';
1133
  return $smackhelpnotes;
1134
  }
 
 
 
 
1135
  }
1136
 
1137
  class CallWPImporterObj extends WPImporter_includes_helper
1132
  </span>';
1133
  return $smackhelpnotes;
1134
  }
1135
+ function create_nonce_key(){
1136
+ return wp_create_nonce('smack_nonce');
1137
+ }
1138
+
1139
  }
1140
 
1141
  class CallWPImporterObj extends WPImporter_includes_helper
index.php CHANGED
@@ -2,7 +2,7 @@
2
  /******************************
3
  * Plugin Name: WP Ultimate CSV Importer
4
  * Description: A plugin that helps to import the data's from a CSV file.
5
- * Version: 3.7.2
6
  * Author: smackcoders.com
7
  * Plugin URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html
8
  * Author URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html
@@ -75,7 +75,7 @@ define('WP_CONST_ULTIMATE_CSV_IMP_URL', 'http://www.smackcoders.com/wp-ultimate-
75
  define('WP_CONST_ULTIMATE_CSV_IMP_NAME', 'WP Ultimate CSV Importer');
76
  define('WP_CONST_ULTIMATE_CSV_IMP_SLUG', 'wp-ultimate-csv-importer');
77
  define('WP_CONST_ULTIMATE_CSV_IMP_SETTINGS', 'WP Ultimate CSV Importer');
78
- define('WP_CONST_ULTIMATE_CSV_IMP_VERSION', '3.7.2');
79
  define('WP_CONST_ULTIMATE_CSV_IMP_DIR', WP_PLUGIN_URL . '/' . WP_CONST_ULTIMATE_CSV_IMP_SLUG . '/');
80
  define('WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY', plugin_dir_path(__FILE__));
81
  define('WP_CSVIMP_PLUGIN_BASE', WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY);
2
  /******************************
3
  * Plugin Name: WP Ultimate CSV Importer
4
  * Description: A plugin that helps to import the data's from a CSV file.
5
+ * Version: 3.7.3
6
  * Author: smackcoders.com
7
  * Plugin URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html
8
  * Author URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html
75
  define('WP_CONST_ULTIMATE_CSV_IMP_NAME', 'WP Ultimate CSV Importer');
76
  define('WP_CONST_ULTIMATE_CSV_IMP_SLUG', 'wp-ultimate-csv-importer');
77
  define('WP_CONST_ULTIMATE_CSV_IMP_SETTINGS', 'WP Ultimate CSV Importer');
78
+ define('WP_CONST_ULTIMATE_CSV_IMP_VERSION', '3.7.3');
79
  define('WP_CONST_ULTIMATE_CSV_IMP_DIR', WP_PLUGIN_URL . '/' . WP_CONST_ULTIMATE_CSV_IMP_SLUG . '/');
80
  define('WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY', plugin_dir_path(__FILE__));
81
  define('WP_CSVIMP_PLUGIN_BASE', WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY);
js/ultimate-importer-free.js CHANGED
@@ -7,10 +7,6 @@ jQuery( document ).ready(function() {
7
  document.getElementById('log').innerHTML = '<p style="margin:15px;color:red;">NO LOGS YET NOW.</p>';
8
  }
9
 
10
- //pieStats();
11
- //lineStats();
12
-
13
-
14
  }
15
  if (checkmodule == 'custompost') {
16
  var step = jQuery('#stepstatus').val();
@@ -22,7 +18,9 @@ jQuery( document ).ready(function() {
22
  }
23
  if (checkmodule != 'filemanager' && checkmodule != 'settings' && checkmodule !='support' && checkmodule !='export') {
24
  var checkfile = jQuery('#checkfile').val();
 
25
  var uploadedFile = jQuery('#uploadedFile').val();
 
26
  var select_delimeter = jQuery('#select_delim').val();
27
  var select_delim = jQuery('#select_delim').val();
28
  var get_log = jQuery('#log').val();
@@ -39,8 +37,8 @@ jQuery( document ).ready(function() {
39
  select_delim = select_delimeter;
40
  }
41
  if(uploadedFile != '' && select_delim != '') {
42
- var doaction = 'record_no=1&file_name=' + uploadedFile + '&selected_delimeter=' + select_delim + '&checkmodule=' + checkmodule;
43
  var tmpLoc = jQuery('#tmpLoc').val();
 
44
  if(tmpLoc != '' && tmpLoc != null) {
45
  jQuery.ajax({
46
  url: tmpLoc + 'templates/readfile.php',
@@ -70,6 +68,8 @@ document.getElementById('sec-two').style.display='';
70
 
71
  function gotoelement(id) {
72
  var gotoElement = document.getElementById('current_record').value;
 
 
73
  var no_of_records = document.getElementById('totRecords').value;
74
  var uploadedFile = document.getElementById('uploadedFile').value;
75
  var delim = document.getElementById('select_delimeter').value;
@@ -103,7 +103,7 @@ function gotoelement(id) {
103
  return false;
104
  }
105
  }
106
- var doaction = 'record_no=' + gotoElement + '&file_name=' + uploadedFile + '&delim='+ delim + '&checkmodule=' + checkmodule;
107
  var tmpLoc = document.getElementById('tmpLoc').value;
108
  jQuery.ajax({
109
  url: tmpLoc + 'templates/readfile.php',
@@ -531,7 +531,8 @@ function enableinlineimageoption() {
531
 
532
  function importRecordsbySettings(siteurl)
533
  {
534
- var importlimit = document.getElementById('importlimit').value;
 
535
  var get_requested_count = importlimit;
536
  var tot_no_of_records = document.getElementById('checktotal').value;
537
  var importas = document.getElementById('selectedImporter').value;
@@ -587,7 +588,7 @@ function importRecordsbySettings(siteurl)
587
  if(importas == 'post' || importas == 'page' || importas == 'custompost' || importas == 'eshop')
588
  advancemedia = document.getElementById('advance_media_handling').checked;
589
  var postdata = new Array();
590
- postdata = {'dupContent':dupContent,'dupTitle':dupTitle,'importlimit':importlimit,'limit':currentlimit,'totRecords':tot_no_of_records,'selectedImporter':importas,'uploadedFile':uploadedFile,'tmpcount':tmpCnt,'importinlineimage':importinlineimage,'inlineimagehandling':imagehandling,'inline_image_location':inline_image_location,'advance_media':advancemedia,}
591
 
592
  var tmpLoc = document.getElementById('tmpLoc').value;
593
  jQuery.ajax({
@@ -980,6 +981,9 @@ function addexportfilter(id) {
980
  document.getElementById('authors').style.display = '';
981
  document.getElementById('postauthor').style.display = '';
982
  }
 
 
 
983
  } else if (document.getElementById(id).checked == false) {
984
  if(id == 'getdataforspecificperiod') {
985
  document.getElementById('specificperiodexport').style.display = 'none';
@@ -998,6 +1002,9 @@ function addexportfilter(id) {
998
  document.getElementById('authors').style.display = 'none';
999
  document.getElementById('postauthor').style.display = 'none';
1000
  }
 
 
 
1001
  }
1002
  }
1003
 
7
  document.getElementById('log').innerHTML = '<p style="margin:15px;color:red;">NO LOGS YET NOW.</p>';
8
  }
9
 
 
 
 
 
10
  }
11
  if (checkmodule == 'custompost') {
12
  var step = jQuery('#stepstatus').val();
18
  }
19
  if (checkmodule != 'filemanager' && checkmodule != 'settings' && checkmodule !='support' && checkmodule !='export') {
20
  var checkfile = jQuery('#checkfile').val();
21
+ var dir_path = jQuery('#dirpathval').val();
22
  var uploadedFile = jQuery('#uploadedFile').val();
23
+ var noncekey = jQuery('#nonceKey').val();
24
  var select_delimeter = jQuery('#select_delim').val();
25
  var select_delim = jQuery('#select_delim').val();
26
  var get_log = jQuery('#log').val();
37
  select_delim = select_delimeter;
38
  }
39
  if(uploadedFile != '' && select_delim != '') {
 
40
  var tmpLoc = jQuery('#tmpLoc').val();
41
+ var doaction = 'record_no=1&file_name=' + uploadedFile + '&selected_delimeter=' + select_delim + '&checkmodule=' + checkmodule+'&temloc=' + tmpLoc+'&dir_path=' + dir_path + '&wpnonce=' + noncekey;
42
  if(tmpLoc != '' && tmpLoc != null) {
43
  jQuery.ajax({
44
  url: tmpLoc + 'templates/readfile.php',
68
 
69
  function gotoelement(id) {
70
  var gotoElement = document.getElementById('current_record').value;
71
+ var dir_path = jQuery('#dirpathval').val();
72
+ var noncekey = document.getElementById('nonceKey').value;
73
  var no_of_records = document.getElementById('totRecords').value;
74
  var uploadedFile = document.getElementById('uploadedFile').value;
75
  var delim = document.getElementById('select_delimeter').value;
103
  return false;
104
  }
105
  }
106
+ var doaction = 'record_no=' + gotoElement + '&file_name=' + uploadedFile + '&delim='+ delim + '&checkmodule=' + checkmodule+ '&dir_path=' + dir_path + '&wpnonce=' + noncekey;
107
  var tmpLoc = document.getElementById('tmpLoc').value;
108
  jQuery.ajax({
109
  url: tmpLoc + 'templates/readfile.php',
531
 
532
  function importRecordsbySettings(siteurl)
533
  {
534
+ var importlimit = document.getElementById('importlimit').value;
535
+ var noncekey = document.getElementById('wpnoncekey').value;
536
  var get_requested_count = importlimit;
537
  var tot_no_of_records = document.getElementById('checktotal').value;
538
  var importas = document.getElementById('selectedImporter').value;
588
  if(importas == 'post' || importas == 'page' || importas == 'custompost' || importas == 'eshop')
589
  advancemedia = document.getElementById('advance_media_handling').checked;
590
  var postdata = new Array();
591
+ postdata = {'dupContent':dupContent,'dupTitle':dupTitle,'importlimit':importlimit,'limit':currentlimit,'totRecords':tot_no_of_records,'selectedImporter':importas,'uploadedFile':uploadedFile,'tmpcount':tmpCnt,'importinlineimage':importinlineimage,'inlineimagehandling':imagehandling,'inline_image_location':inline_image_location,'advance_media':advancemedia,'wpnonce':noncekey}
592
 
593
  var tmpLoc = document.getElementById('tmpLoc').value;
594
  jQuery.ajax({
981
  document.getElementById('authors').style.display = '';
982
  document.getElementById('postauthor').style.display = '';
983
  }
984
+ else if(id == 'getdatawithdelimeter'){
985
+ document.getElementById('delimeter').style.display = '';
986
+ }
987
  } else if (document.getElementById(id).checked == false) {
988
  if(id == 'getdataforspecificperiod') {
989
  document.getElementById('specificperiodexport').style.display = 'none';
1002
  document.getElementById('authors').style.display = 'none';
1003
  document.getElementById('postauthor').style.display = 'none';
1004
  }
1005
+ else if(id == 'getdatawithdelimeter'){
1006
+ document.getElementById('delimeter').style.display = 'none';
1007
+ }
1008
  }
1009
  }
1010
 
js/ultimate-importer-pro.js DELETED
@@ -1,770 +0,0 @@
1
- jQuery( document ).ready(function() {
2
- jQuery('.dropdown-toggle').dropdown('toggle');
3
- var checkmodule = document.getElementById('checkmodule').value;
4
- if(checkmodule != 'dashboard' && checkmodule != 'filemanager') {
5
- var get_log = document.getElementById('log').innerHTML;
6
- if (!jQuery.trim(jQuery('#log').html()).length) {
7
- document.getElementById('log').innerHTML = '<p style="margin:15px;color:red;">NO LOGS YET NOW.</p>';
8
- }
9
-
10
- pieStats();
11
- lineStats();
12
-
13
-
14
- }
15
- if(checkmodule=='custompost')
16
- {
17
- var step = document.getElementById('stepstatus').value;
18
- if(step == 'mapping_settings') {
19
- var cust_post_list_count = document.getElementById('cust_post_list_count').value;
20
- if(cust_post_list_count=='0')
21
- document.getElementById('cust_post_empty').style.display='';
22
- }
23
- }
24
- var checkfile = document.getElementById('checkfile').value;
25
- var uploadedFile = document.getElementById('uploadedFile').value;
26
- var select_delimeter=document.getElementById('select_delim').value;
27
- var select_delim=document.getElementById('select_delim').value;
28
- var get_log = document.getElementById('log').innerHTML;
29
- if (!jQuery.trim(jQuery('#log').html()).length) {
30
- document.getElementById('log').innerHTML = '<p style="margin:15px;color:red;">NO LOGS YET NOW.</p>';
31
- }
32
- if(checkfile != ''){
33
- uploadedFile = checkfile;
34
- }
35
- if(select_delimeter!='')
36
- {
37
- select_delim=select_delimeter;
38
- }
39
- var doaction = 'record_no=1&file_name='+uploadedFile+'&selected_delimeter='+select_delim;
40
- var tmpLoc = document.getElementById('tmpLoc').value;
41
- jQuery.ajax({
42
- url: tmpLoc+'templates/readfile.php',
43
- type: 'post',
44
- data: doaction,
45
- dataType: 'json',
46
- success: function(response){
47
- var totalLength = response.length;
48
- var setHeight = (parseInt(totalLength)*30)+250;
49
- //document.getElementById('sec-two').style.height = setHeight+'px';
50
- }
51
- });
52
- });
53
- function goto_mapping(id){
54
- if(id == 'importfile'){
55
- var currentURL = document.URL;
56
- var go_to_url = currentURL.replace("uploadfile","mapping_settings");
57
- window.location.assign(go_to_url);
58
- document.getElementById('sec-one').style.display='none';
59
- document.getElementById('sec-two').style.display='';
60
- }
61
- }
62
-
63
- function gotoelement(id) {
64
- var gotoElement = document.getElementById('current_record').value;
65
- var no_of_records = document.getElementById('totRecords').value;
66
- var uploadedFile = document.getElementById('uploadedFile').value;
67
- var delim = document.getElementById('select_delimeter').value;
68
- if (id == 'prev_record') {
69
- gotoElement = parseInt(gotoElement) - 1;
70
- }
71
- if (id == 'next_record') {
72
- gotoElement = parseInt(gotoElement) + 1;
73
- }
74
- if (gotoElement <= 0) {
75
- gotoElement = 0;
76
- }
77
- if (gotoElement >= no_of_records) {
78
- gotoElement = parseInt(no_of_records) - 1;
79
- }
80
- if (id == 'apply_element') {
81
- gotoElement = parseInt(document.getElementById('goto_element').value);
82
- if (isNaN(gotoElement)) {
83
- showMapMessages('error', ' Please provide valid record number.');
84
- }
85
- if (gotoElement <= 0) {
86
- gotoElement = 0;
87
- showMapMessages('error', ' Please provide valid record number.');
88
- } else {
89
- gotoElement = gotoElement - 1;
90
- }
91
- if (gotoElement >= no_of_records) {
92
- gotoElement = parseInt(no_of_records) - 1;
93
- showMapMessages('error', 'CSV file have only ' + no_of_records + ' records.');
94
- return false;
95
- }
96
- }
97
- var doaction = 'record_no=' + gotoElement + '&file_name=' + uploadedFile + '&delim='+ delim;
98
- var tmpLoc = document.getElementById('tmpLoc').value;
99
- jQuery.ajax({
100
- url: tmpLoc + 'templates/readfile.php',
101
- type: 'post',
102
- data: doaction,
103
- dataType: 'json',
104
- success: function (response) {
105
- var totalLength = response.length;
106
- for (var i = 0; i < totalLength; i++) {
107
- if ((response[i].length) > 32) {
108
- document.getElementById('elementVal_' + i).innerHTML = response[i].substring(0, 28) + '...';
109
- } else {
110
- document.getElementById('elementVal_' + i).innerHTML = response[i];
111
- }
112
- }
113
- var displayRecCount = gotoElement + 1;
114
- document.getElementById('preview_of_row').innerHTML = "Showing preview of row #" + displayRecCount;
115
- document.getElementById('current_record').value = gotoElement;
116
- }
117
- });
118
- }
119
-
120
- function showtemplatediv_wpuci(checked, div)
121
- {
122
- if(checked)
123
- jQuery('#'+div).show();
124
- else
125
- jQuery('#'+div).hide();
126
- }
127
-
128
- function showtemplatediv_edit(checked, value)
129
- {
130
- if(value == 'saveas')
131
- jQuery('#showtemplate_edit_div').show();
132
- else
133
- jQuery('#showtemplate_edit_div').hide();
134
- }
135
-
136
-
137
- function selectpoststatus()
138
- {
139
- var ps = document.getElementById("importallwithps");
140
- var selectedpsindex = ps.options[ps.selectedIndex].value;
141
- if(selectedpsindex == 3){
142
- document.getElementById('globalpassword_label').style.display = "block";
143
- document.getElementById('globalpassword_text').style.display = "block";
144
- }
145
- else{
146
- document.getElementById('globalpassword_label').style.display = "none";
147
- document.getElementById('globalpassword_text').style.display = "none";
148
- }
149
- var totdropdown= document.getElementById('h2').value;
150
- var total = parseInt(totdropdown);
151
- if(selectedpsindex=='0')
152
- {
153
-
154
- for(var i=0;i < total;i++)
155
- {
156
-
157
- dropdown = document.getElementById("mapping"+i);
158
- var option=document.createElement('option');
159
- option.text="post_status";
160
- dropdown.add(option);
161
-
162
- }
163
-
164
- }
165
- else {
166
- for(var i=0;i < total;i++)
167
- {
168
-
169
- dropdown = document.getElementById("mapping"+i);
170
-
171
- var totarr = dropdown.options.length;
172
-
173
- for(var j=0;j<totarr;j++)
174
- {
175
-
176
- if(dropdown.options[j].value=='post_status')
177
- {
178
-
179
- dropdown.options.remove(j);
180
- totarr--;
181
- }
182
- }
183
-
184
- }
185
- }
186
- }
187
-
188
-
189
-
190
- // Function for add customfield
191
-
192
- function addcustomfield(myval, selected_id) {
193
- var a = document.getElementById('h1').value;
194
- var importer = document.getElementById('selectedImporter').value;
195
- var aa = document.getElementById('h2').value;
196
- var selected_dropdown = document.getElementById('mapping' + selected_id);
197
- var selected_value = selected_dropdown.value;
198
- var prevoptionindex = document.getElementById('prevoptionindex').value;
199
- var prevoptionvalue = document.getElementById('prevoptionvalue').value;
200
- var mappedID = 'mapping' + selected_id;
201
- var add_prev_option = false;
202
- if(mappedID == prevoptionindex){
203
- add_prev_option = true;
204
- }
205
- for (var i = 0; i < aa; i++) {
206
- var b = document.getElementById('mapping' + i).value;
207
- var id = 'mapping' + i;
208
- if(add_prev_option){
209
- if(i != selected_id){
210
- jQuery('#'+id).append( new Option(prevoptionvalue,prevoptionvalue) );
211
- }
212
- }
213
- if(i != selected_id){
214
- var x=document.getElementById('mapping' + i);
215
- jQuery('#'+id+' option[value="'+selected_value+'"]').remove();
216
- }
217
- if (b == 'add_custom' + i) {
218
- document.getElementById('textbox' + i).style.display = "";
219
- document.getElementById('customspan' + i).style.display = "";
220
- }
221
- else {
222
- document.getElementById('textbox' + i).style.display = "none";
223
- document.getElementById('customspan' + i).style.display = "none";
224
- }
225
- }
226
- document.getElementById('prevoptionindex').value = 'mapping' + selected_id;
227
- var customField = selected_value.indexOf("add_custom");
228
- if(selected_value != '-- Select --' && customField != 0){
229
- document.getElementById('prevoptionvalue').value = selected_value;
230
- }
231
- }
232
-
233
-
234
- function clearMapping()
235
- {
236
- var total_mfields = document.getElementById('h2').value;
237
- var mfields_arr = document.getElementById('mapping_fields_array').value;
238
- var n=mfields_arr.split(",");
239
- var options = '<option id="select">-- Select --</option>';
240
- for(var i=0;i<n.length;i++){
241
- options +="<option value='"+n[i]+"'>"+n[i]+"</option>";
242
- }
243
- for(var j=0;j<total_mfields;j++){
244
- document.getElementById('mapping'+j).innerHTML = options;
245
- document.getElementById('mapping'+j).innerHTML += "<option value='add_custom"+j+"'>Add Custom Field</option>";
246
- document.getElementById('textbox'+j).style.display = 'none';
247
- document.getElementById('customspan'+j).style.display = 'none';
248
- }
249
- }
250
-
251
- function clearmapping()
252
- {
253
- var total_mfields = document.getElementById('h2').value;
254
- var mfields_arr = document.getElementById('mapping_fields_array').value;
255
- var n=mfields_arr.split(",");
256
- var options = "<option id='select'>-- Select --</option>";
257
- for(var i=0;i<n.length;i++){
258
- options +="<option value='"+n[i]+"'>"+n[i]+"</option>";
259
- }
260
- for(var j=0;j<total_mfields;j++){
261
- document.getElementById('mapping'+j).innerHTML = options;
262
- //document.getElementById('mapping'+j).innerHTML += "<option value='add_custom"+j+"'>Add Custom Field</option>";
263
- document.getElementById('textbox'+j).style.display = 'none';
264
- document.getElementById('customspan'+j).style.display = 'none';
265
- }
266
- }
267
-
268
- function shownotification(msg, alerts)
269
- {
270
- var newclass;
271
- var divid = "notification_wp_csv";
272
-
273
- if(alerts == 'success')
274
- newclass = "alert alert-success";
275
- else if(alerts == 'danger')
276
- newclass = "alert alert-danger";
277
- else if(alerts == 'warning')
278
- newclass = "alert alert-warning";
279
- else
280
- newclass = "alert alert-info";
281
-
282
- jQuery('#'+divid).removeClass()
283
- jQuery('#'+divid).html(msg);
284
- jQuery('#'+divid).addClass(newclass);
285
- // Scroll
286
- jQuery('html,body').animate({
287
- scrollTop: jQuery("#"+divid).offset().top},
288
- 'slow');
289
- }
290
-
291
- function import_csv()
292
- {
293
- // code added by goku to check whether templatename
294
- var mapping_checked = jQuery('#mapping_templatename_checked').is(':checked');
295
- var mapping_tempname = jQuery('#mapping_templatename').val();
296
- var mapping_checked_radio = jQuery('input[name=tempaction]:radio:checked').val();
297
- if(mapping_checked || mapping_checked_radio == 'saveas')
298
- {
299
- if(mapping_checked_radio == 'saveas')
300
- mapping_tempname = jQuery('#mapping_templatename_edit').val();
301
-
302
- if(jQuery.trim(mapping_tempname) == '')
303
- {
304
- alert('Template name is empty');
305
- return false;
306
- }
307
- else
308
- {
309
- // check templatename already exists
310
- jQuery.ajax({
311
- type: 'POST',
312
- url: ajaxurl,
313
- async: false,
314
- data: {
315
- 'action' : 'checktemplatename',
316
- 'templatename' : mapping_tempname,
317
- },
318
- success:function(data)
319
- {
320
- if(data != 0)
321
- {
322
- jQuery('#mapping_templatename').val('');
323
- }
324
- },
325
- error: function(errorThrown){
326
- console.log(errorThrown);
327
- }
328
- });
329
- }
330
- }
331
- var mapping_tempname = jQuery('#mapping_templatename').val();
332
- if(mapping_checked_radio == 'saveas')
333
- //mapping_tempname = jQuery('#mapping_templatename_edit').val();
334
-
335
- if(mapping_tempname == '' && (mapping_checked || mapping_templatename_edit == 'saveas'))
336
- {
337
- alert('Template Name already exists');return false;
338
- }
339
- // code ends here on checking templatename
340
-
341
- var importer = document.getElementById('selectedImporter').value;
342
- var header_count = document.getElementById('h2').value;
343
- var array = new Array();
344
- var val1, val2, val3, val4, val5, val6, val7, error_msg, chk_status_in_csv, post_status_msg;
345
- val1 = val2 = val3 = val4 = val5 = val6 = val7 = post_status_msg = post_type = 'Off';
346
- for (var i = 0; i < header_count; i++) {
347
- var e = document.getElementById("mapping" + i);
348
- var value = e.options[e.selectedIndex].value;
349
- array[i] = value;
350
- }
351
- //alert(array.length);
352
- if (importer == 'post' || importer == 'page' || importer == 'custompost') {
353
- if(importer == 'custompost') {
354
- var getSelectedIndex = document.getElementById('custompostlist');
355
- var SelectedIndex = getSelectedIndex.value;
356
- //var t=getSelectedIndex.options[getSelectedIndex.selectedIndex];
357
- if( SelectedIndex != 'select')
358
- post_type='On';
359
- //alert(t+'---'+SelectedIndex);
360
- }
361
-
362
- chk_status_in_csv = document.getElementById('importallwithps').value;
363
- if (chk_status_in_csv != 0)
364
- post_status_msg = 'On';
365
-
366
- for (var j = 0; j < array.length; j++) {
367
- if (array[j] == 'post_title') {
368
- val1 = 'On';
369
- }
370
- if (array[j] == 'post_content') {
371
- val2 = 'On';
372
- }
373
- if (post_status_msg == 'Off') {
374
- if (array[j] == 'post_status')
375
- post_status_msg = 'On';
376
- }
377
- }
378
- if (importer != 'custompost' && val1 == 'On' && val2 == 'On' && post_status_msg == 'On') {
379
- return true;
380
- }
381
- else if (importer == 'custompost' && val1 == 'On' && val2 == 'On' && post_status_msg == 'On' && post_type=='On') {
382
- return true;
383
- }
384
- else {
385
- error_msg = '';
386
- if (val1 == 'Off')
387
- error_msg += " post_title,";
388
- if (val2 == 'Off')
389
- error_msg += " post_content,";
390
- if(importer == 'custompost') {
391
- if (SelectedIndex == 'select')
392
- error_msg += " post_type,";
393
- }
394
- if (post_status_msg == 'Off')
395
- error_msg += " post_status";
396
- showMapMessages('error', 'Error: ' + error_msg + ' - Mandatory fields. Please map the fields to proceed.');
397
- return false;
398
- }
399
- }
400
-
401
- // validation starts
402
- else if(importer == 'comments'){
403
- //var getSelectedIndex1 = document.getElementById('selectPosts');
404
- //var SelectedIndex1 = getSelectedIndex1.options[getSelectedIndex1.selectedIndex].text;
405
- for(var j=0;j<array.length;j++){
406
- if(array[j] == 'comment_author'){
407
- val1 = 'On';
408
- }
409
- if(array[j] == 'comment_author_email'){
410
- val2 = 'On';
411
- }
412
- if(array[j] == 'comment_content'){
413
- val3 = 'On';
414
- }
415
- if(array[j] == 'comment_post_ID'){
416
- val4 = 'On';
417
- }
418
-
419
-
420
- }
421
- if(val1 == 'On' && val2 == 'On' && val3 == 'On' && val4 == 'On') {
422
- return true;
423
- }
424
- else{
425
- showMapMessages('error',' "Post Id", "Comment Author", "Comment Author Email" and "Comment Content" should be mapped.');
426
- return false;
427
- }
428
-
429
-
430
- showMapMessages('error',header_count);return false;
431
- }
432
- else if(importer == 'users'){
433
- //var getSelectedIndex = document.getElementById('userrole');
434
- //var SelectedIndex = getSelectedIndex.options[getSelectedIndex.selectedIndex].text;
435
- for(var j=0;j<array.length;j++){
436
- if(array[j] == 'user_login'){
437
- val1 = 'On';
438
- }
439
- if(array[j] == 'user_email'){
440
- val2 = 'On';
441
- }
442
- if(array[j] == 'role'){
443
- val3 = 'On';
444
- }
445
- }
446
- if(val1 == 'On' && val2 == 'On' && val3 == 'On') {
447
- return true;
448
- }
449
- else{
450
- showMapMessages('error','"role", "user_login" and "user_email" should be mapped.');
451
- return false;
452
- }
453
- }
454
- // validation ends
455
- }
456
-
457
-
458
- function showMapMessages(alerttype, msg) {
459
- jQuery("#showMsg").addClass("maperror");
460
- document.getElementById('showMsg').innerHTML = msg;
461
- document.getElementById('showMsg').className += ' ' + alerttype;
462
- document.getElementById('showMsg').style.display = '';
463
- jQuery("#showMsg").fadeOut(10000);
464
- }
465
-
466
- function importRecordsbySettings(siteurl)
467
- {
468
- var importlimit = document.getElementById('importlimit').value;
469
- var get_requested_count = importlimit;
470
- var tot_no_of_records = document.getElementById('checktotal').value;
471
- var importas = document.getElementById('selectedImporter').value;
472
- var uploadedFile = document.getElementById('checkfile').value;
473
- // var no_of_columns = document.getElementById('h2').value;
474
- var step = document.getElementById('stepstatus').value;
475
- var mappingArr = document.getElementById('mappingArr').value;
476
- var dupContent = document.getElementById('duplicatecontent').checked;
477
- var dupTitle = document.getElementById('duplicatetitle').checked;
478
- var currentlimit = document.getElementById('currentlimit').value;
479
- var tmpCnt = document.getElementById('tmpcount').value;
480
- var no_of_tot_records = document.getElementById('tot_records').value;
481
- var get_log = document.getElementById('log').innerHTML;
482
- document.getElementById('reportLog').style.display = '';
483
- document.getElementById('terminatenow').style.display = '';
484
- if(get_requested_count != '') {
485
- //return true;
486
- } else {
487
- document.getElementById('showMsg').style.display = "";
488
- document.getElementById('showMsg').innerHTML = '<p id="warning-msg" class="alert alert-warning">Fill all mandatory fields.</p>'; jQuery("#showMsg").fadeOut(10000);
489
- return false;
490
- }
491
- if(parseInt(get_requested_count) <= parseInt(no_of_tot_records)) {
492
- document.getElementById('server_request_warning').style.display = 'none';
493
- } else {
494
- document.getElementById('server_request_warning').style.display = '';
495
- return false;
496
- }
497
- if(get_log == '<p style="margin:15px;color:red;">NO LOGS YET NOW.</p>'){
498
- document.getElementById('log').innerHTML = '<p style="margin:15px;color:red;">Your Import Is In Progress...</p>';
499
- document.getElementById('startbutton').disabled = true;
500
- }
501
- document.getElementById('ajaxloader').style.display="";
502
- var tempCount = parseInt(tmpCnt);
503
- var totalCount = parseInt(tot_no_of_records);
504
- if(tempCount>totalCount){
505
- document.getElementById('ajaxloader').style.display="none";
506
- document.getElementById('startbutton').style.display="none";
507
- document.getElementById('importagain').style.display="";
508
- document.getElementById('terminatenow').style.display = "none";
509
- return false;
510
- }
511
-
512
- var postdata = new Array();
513
- postdata = {'dupContent':dupContent,'dupTitle':dupTitle,'importlimit':importlimit,'limit':currentlimit,'totRecords':tot_no_of_records,'selectedImporter':importas,'uploadedFile':uploadedFile,'tmpcount':tmpCnt,}
514
-
515
- var tmpLoc = document.getElementById('tmpLoc').value;
516
- jQuery.ajax({
517
- type: 'POST',
518
- url: ajaxurl,
519
- data: {
520
- 'action' : 'importByRequest',
521
- 'postdata' : postdata,
522
- 'siteurl' : siteurl,
523
- },
524
- success:function(data) {
525
- if(parseInt(tmpCnt) == parseInt(tot_no_of_records)){
526
- document.getElementById('terminatenow').style.display = "none";
527
- }
528
- if(parseInt(tmpCnt) < parseInt(tot_no_of_records)){
529
- var terminate_action = document.getElementById('terminateaction').value;
530
- if(terminate_action == 'continue'){
531
- currentlimit = parseInt(currentlimit)+parseInt(importlimit);
532
- document.getElementById('currentlimit').value = currentlimit;
533
- console.log('impLmt: '+importlimit+'totRecds: '+tot_no_of_records);
534
- document.getElementById('tmpcount').value = parseInt(tmpCnt)+parseInt(importlimit);
535
- setTimeout(function(){importRecordsbySettings()},0);
536
- } else {
537
- document.getElementById('log').innerHTML += "Import process has been terminated.</br>";
538
- return false;
539
- }
540
- }else{
541
- document.getElementById('ajaxloader').style.display="none";
542
- document.getElementById('startbutton').style.display="none";
543
- document.getElementById('importagain').style.display="";
544
- return false;
545
- }
546
- document.getElementById('log').innerHTML += data+'<br/>';
547
-
548
- },
549
- error: function(errorThrown){
550
- console.log(errorThrown);
551
- }
552
- });
553
- }
554
-
555
- // Terminate import process
556
- function terminateProcess(){
557
- document.getElementById('terminateaction').value = 'terminate';
558
- }
559
-
560
-
561
- // Enable/Disable WP-e-Commerce Custom Fields
562
- function enablewpcustomfield(val){
563
- if(val == 'wpcustomfields'){
564
- document.getElementById('wpcustomfieldstr').style.display = '';
565
- }
566
- else{
567
- document.getElementById('wpcustomfields').checked = false;
568
- document.getElementById('wpcustomfieldstr').style.display = 'none';
569
- }
570
- }
571
-
572
- function saveSettings(){ //alert('dd');
573
- //document.getElementById('ShowMsg').style.display = '';
574
- jQuery(document).ready( function() {
575
- jQuery('#ShowMsg').delay(2000).fadeOut();
576
- });
577
- }
578
-
579
- function Reload(){
580
- window.location.reload();
581
- }
582
-
583
- function check_if_avail(val){
584
- var proModule = new Array();
585
- proModule[0] = 'categories';
586
- proModule[1] = 'customtaxonomy';
587
- proModule[2] = 'eshop';
588
- proModule[3] = 'marketpress';
589
- proModule[4] = 'woocommerce';
590
- proModule[5] = 'wpcommerce';
591
- proModule[6] = 'cctm';
592
- proModule[7] = 'types';
593
- proModule[8] = 'acf';
594
- proModule[9] = 'Customerreviews';
595
- proModule[10] = 'WP-Members';
596
- proModule[11] = 'yoastseo';
597
- proModule[12] = 'caticonenable';
598
- proModule[13] = 'custompostuitype';
599
- proModule[14] = 'wpcustomfields';
600
- proModule[15] = 'recommerce';
601
- proModule[16] = 'automapping';
602
- proModule[17] = 'utfsupport';
603
-
604
-
605
- var warning_name = new Array();
606
- warning_name['categories'] = 'Categories/Tags';
607
- warning_name['customtaxonomy'] = 'Custom Taxonomy';
608
- warning_name['eshop'] = 'Eshop';
609
- warning_name['marketpress'] = 'Market Press Lite';
610
- warning_name['woocommerce'] = 'WooCommerce';
611
- warning_name['wpcommerce'] = 'WP e-Commerce';
612
- warning_name['cctm'] = 'CCTM';
613
- warning_name['types'] = 'Types';
614
- warning_name['acf'] = 'ACF';
615
- warning_name['Customerreviews'] = 'Customer Reviews';
616
- warning_name['WP-Members'] = 'WP-Members';
617
- warning_name['aioseo'] = 'All-in-SEO';
618
- warning_name['yoastseo'] = 'Yoast SEO';
619
- warning_name['caticonenable'] = 'Category Icons';
620
- warning_name['custompostuitype'] = 'Custom Post Type UI';
621
- warning_name['automapping'] = 'Auto Mapping';
622
- warning_name['utfsupport'] = 'UTF Support';
623
-
624
- var result = inArray(val, proModule);
625
- if(result == true){
626
-
627
- if(val == 'eshop' || val == 'wpcustomfields' || val == 'wpcommerce' || val == 'woocommerce' || val == 'marketpress'){
628
- if(val == 'wpcommerce' || val == 'wpcustomfields') {
629
- document.getElementById('wpcustomfieldstr').style.display = '';
630
- } else {
631
- document.getElementById('wpcustomfieldstr').style.display = '';
632
- }
633
- // document.getElementById('wpcustomfieldstr').style.display = 'none';
634
- document.getElementById('nonerecommerce').checked = true;
635
- }
636
- if(val == 'cctm' || val == 'acf'){
637
- document.getElementById('nonercustompost').checked = true;
638
- }
639
- if(val == 'aioseo' || val == 'yoastseo'){
640
- document.getElementById('nonerseooption').checked = true;
641
- }
642
- if(val == 'caticonenable'){
643
- document.getElementById('caticondisable').checked = true;
644
- }
645
- document.getElementById(val).checked = false;
646
- document.getElementById('ShowMsg').style.display = "";
647
- document.getElementById('warning-msg').innerHTML = warning_name[val]+' feature is available only for PRO!.';
648
- jQuery('#ShowMsg').delay(7000).fadeOut();
649
- }
650
- }
651
-
652
- function inArray(needle, haystack) {
653
- var length = haystack.length;
654
- for(var i = 0; i < length; i++) {
655
- if(typeof haystack[i] == 'object') {
656
- if(arrayCompare(haystack[i], needle)) {
657
- return true;
658
- }
659
- } else {
660
- if(haystack[i] == needle) {
661
- return true;
662
- }
663
- }
664
- }
665
- return false;
666
- }
667
-
668
- function import_again(){
669
- var get_current_url = document.getElementById('current_url').value;
670
- window.location.assign(get_current_url);
671
- }
672
- function sendemail2smackers(){
673
- // var useremail = document.getElementById('usermailid').value;
674
- var message_content = document.getElementById('message').value;
675
- var firstname = document.getElementById('firstname').value;
676
- var lastname = document.getElementById('lastname').value;
677
- if(message_content != '' && firstname != '' && lastname != '')
678
- return true;
679
- else
680
- document.getElementById('showMsg').style.display = '';
681
- document.getElementById('showMsg').innerHTML = '<p id="warning-msg" class="alert alert-warning">Fill all mandatory fields.</p>';
682
- jQuery("#showMsg").fadeOut(10000);
683
- return false;
684
- }
685
-
686
-
687
- function check_allnumeric(inputtxt)
688
- {
689
- var numbers = /^[0-9]+$/;
690
- if(inputtxt.match(numbers))
691
- {
692
- return true;
693
- }
694
- else
695
- {
696
- if(inputtxt == '')
697
- alert('Fill all mandatory fields.');
698
- else
699
- alert('Please enter numeric characters only');
700
- return false;
701
- }
702
- }
703
-
704
- function gotoback() {
705
- var currentURL = document.getElementById('current_url').value;
706
- var set_assigned_step = currentURL.replace("uploadfile","mapping_settings");
707
- // window.location.assign(set_assigned_step);
708
- }
709
- function export_module(){
710
- var get_selected_module = document.getElementsByName('export');
711
- // alert(get_selected_module);
712
- for (var i = 0, length = get_selected_module.length; i < length; i++) {
713
- if (get_selected_module[i].checked) {
714
- // do whatever you want with the checked radio
715
- //alert(get_selected_module[i].value);
716
- // only one radio can be logically checked, don't check the rest
717
- //break;
718
- return true;
719
- }
720
- }
721
- showMapMessages('error', 'Please choose one module to export the records!');
722
- return false;
723
- }
724
- function export_check(value) {
725
- if( value == 'woocommerce' || value == 'wpcommerce' || value == 'marketpress' || value == 'users' || value == 'category' || value == 'tags' || value == 'customtaxonomy') {
726
- document.getElementById(value).checked = false;
727
- document.getElementById('ShowMsg').style.display = "";
728
- value = value.toUpperCase();
729
- document.getElementById('warning-msg').innerHTML = value+' Feature is available only for PRO!.';
730
- jQuery('#ShowMsg').delay(7000).fadeOut();
731
- }
732
- }
733
- function choose_import_method(id) {
734
- if(id == 'uploadfilefromcomputer') {
735
- document.getElementById('boxmethod1').style.border = "1px solid #ccc";
736
- document.getElementById('method1').style.display = '';
737
- document.getElementById('method1').style.height = '40px';
738
- }
739
- }
740
- function choose_import_mode(id) {
741
- if(id == 'importNow') {
742
- document.getElementById('importrightaway').style.display='';
743
- document.getElementById('reportLog').style.display='';
744
- document.getElementById('schedule').style.display='none';
745
- }
746
- if(id == 'scheduleNow') {
747
- document.getElementById('schedule').style.display='';
748
- document.getElementById('importrightaway').style.display='none';
749
- document.getElementById('reportLog').style.display='none';
750
- }
751
- }
752
- function selectModules(id) {
753
- var param = id ;
754
- if(param == 'checkallModules') {
755
- document.getElementById('post').checked = true;
756
- document.getElementById('page').checked = true;
757
- document.getElementById('users').checked = true;
758
- document.getElementById('comments').checked = true;
759
- document.getElementById('custompost').checked = true;
760
- }
761
- else if(param == 'uncheckallModules') {
762
-
763
- document.getElementById('post').checked = false;
764
- document.getElementById('page').checked = false;
765
- document.getElementById('users').checked = false;
766
- document.getElementById('comments').checked = false;
767
- document.getElementById('custompost').checked = false;
768
- }
769
- }
770
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
lib/jquery-plugins/UploadHandler.php CHANGED
@@ -9,10 +9,8 @@
9
  * Licensed under the MIT license:
10
  * http://www.opensource.org/licenses/MIT
11
  */
12
-
13
- require_once("../../../../../wp-load.php");
14
- require_once("../../includes/WPImporter_includes_helper.php");
15
-
16
  $impCheckobj = CallWPImporterObj::checkSecurity();
17
  if($impCheckobj != 'true')
18
  die($impCheckobj);
9
  * Licensed under the MIT license:
10
  * http://www.opensource.org/licenses/MIT
11
  */
12
+ $parse_uri = explode( 'wp-content', $_SERVER['SCRIPT_FILENAME'] );
13
+ require_once($parse_uri[0]."wp-load.php");
 
 
14
  $impCheckobj = CallWPImporterObj::checkSecurity();
15
  if($impCheckobj != 'true')
16
  die($impCheckobj);
modules/comments/templates/index.php CHANGED
@@ -34,11 +34,11 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
 
 
37
  ?>
38
  <div style="width:100%;">
39
  <div id="accordion">
40
- <?php $impCE = new WPImporter_includes_helper();
41
- ?>
42
  <table class="table-importer">
43
  <tr>
44
  <td>
@@ -65,6 +65,7 @@
65
  <div class="container">
66
  <?php echo $impCE->smack_csv_import_method(); ?>
67
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
68
  <?php $uploadDir = wp_upload_dir(); ?>
69
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
70
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -231,6 +232,7 @@ $allcustomposts.=$value.',';
231
  <input type='hidden' id='current_record' name='current_record' value='0' />
232
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
233
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
 
234
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
235
  <!-- real uploaded filename -->
236
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
@@ -408,6 +410,7 @@ $mFieldsArr = substr($mFieldsArr, 0, -1);
408
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
409
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
410
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
411
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
412
 
413
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $impCE = new WPImporter_includes_helper();
38
+ $nonce_Key = $impCE->create_nonce_key();
39
  ?>
40
  <div style="width:100%;">
41
  <div id="accordion">
 
 
42
  <table class="table-importer">
43
  <tr>
44
  <td>
65
  <div class="container">
66
  <?php echo $impCE->smack_csv_import_method(); ?>
67
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
68
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
69
  <?php $uploadDir = wp_upload_dir(); ?>
70
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
71
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
232
  <input type='hidden' id='current_record' name='current_record' value='0' />
233
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
234
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
235
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
236
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
237
  <!-- real uploaded filename -->
238
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
410
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
411
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
412
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
413
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
414
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
415
 
416
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
modules/custompost/templates/index.php CHANGED
@@ -36,6 +36,7 @@
36
  ********************************************************************************/
37
 
38
  $impCE = new WPImporter_includes_helper();
 
39
  ?>
40
  <div style="width:100%;">
41
  <div id="accordion">
@@ -62,6 +63,7 @@ $impCE = new WPImporter_includes_helper();
62
  <div class="container">
63
  <?php echo $impCE->smack_csv_import_method(); ?>
64
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
65
  <?php $uploadDir = wp_upload_dir(); ?>
66
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
67
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -333,6 +335,7 @@ $impCE = new WPImporter_includes_helper();
333
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
334
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
335
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
 
336
  <!-- real uploaded filename -->
337
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
338
  <input type='hidden' id='select_delimeter' name='select_delimeter' value="<?php if(isset($delimeter)) { echo $delimeter; } ?>" />
@@ -537,6 +540,7 @@ $impCE = new WPImporter_includes_helper();
537
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
538
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
539
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
540
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
541
  <label id="importalign">No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
542
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
36
  ********************************************************************************/
37
 
38
  $impCE = new WPImporter_includes_helper();
39
+ $nonce_Key = $impCE->create_nonce_key();
40
  ?>
41
  <div style="width:100%;">
42
  <div id="accordion">
63
  <div class="container">
64
  <?php echo $impCE->smack_csv_import_method(); ?>
65
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
66
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
67
  <?php $uploadDir = wp_upload_dir(); ?>
68
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
69
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
335
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
336
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
337
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
338
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
339
  <!-- real uploaded filename -->
340
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
341
  <input type='hidden' id='select_delimeter' name='select_delimeter' value="<?php if(isset($delimeter)) { echo $delimeter; } ?>" />
540
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
541
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
542
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
543
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
544
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
545
  <label id="importalign">No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
546
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
modules/eshop/templates/index.php CHANGED
@@ -36,6 +36,7 @@
36
  ********************************************************************************/
37
  require_once(WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY.'/includes/WPImporter_includes_helper.php');
38
  $impCE = new WPImporter_includes_helper();
 
39
  $eshopObj = new EshopActions();
40
  $eshopObj->isplugin();
41
  ?>
@@ -99,6 +100,7 @@ if ($_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['isplugin_avail'] != 'not_avail'
99
  <?php echo $impCE->smack_csv_import_method(); ?>
100
 
101
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
102
  <?php $uploadDir = wp_upload_dir(); ?>
103
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
104
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -316,6 +318,7 @@ if ($_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['isplugin_avail'] != 'not_avail'
316
  <input type='hidden' id='current_record' name='current_record' value='0' />
317
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
318
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
 
319
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
320
  <!-- real uploaded filename -->
321
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
@@ -521,6 +524,7 @@ if ($_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['isplugin_avail'] != 'not_avail'
521
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
522
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
523
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
524
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
525
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
526
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
36
  ********************************************************************************/
37
  require_once(WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY.'/includes/WPImporter_includes_helper.php');
38
  $impCE = new WPImporter_includes_helper();
39
+ $nonce_Key = $impCE->create_nonce_key();
40
  $eshopObj = new EshopActions();
41
  $eshopObj->isplugin();
42
  ?>
100
  <?php echo $impCE->smack_csv_import_method(); ?>
101
 
102
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
103
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
104
  <?php $uploadDir = wp_upload_dir(); ?>
105
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
106
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
318
  <input type='hidden' id='current_record' name='current_record' value='0' />
319
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
320
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
321
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
322
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
323
  <!-- real uploaded filename -->
324
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
524
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
525
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
526
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
527
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
528
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
529
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
530
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
modules/page/templates/index.php CHANGED
@@ -36,6 +36,8 @@
36
  ********************************************************************************/
37
 
38
  $impCE = new WPImporter_includes_helper();
 
 
39
  ?>
40
  <div style="width:100%;">
41
  <div id="accordion">
@@ -62,6 +64,7 @@ $impCE = new WPImporter_includes_helper();
62
  <div class="container">
63
  <?php echo $impCE->smack_csv_import_method(); ?>
64
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
65
  <?php $uploadDir = wp_upload_dir(); ?>
66
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
67
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -273,6 +276,7 @@ $impCE = new WPImporter_includes_helper();
273
  <input type='hidden' id='current_record' name='current_record' value='0' />
274
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
275
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
 
276
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
277
  <!-- real uploaded filename -->
278
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
@@ -474,6 +478,7 @@ $impCE = new WPImporter_includes_helper();
474
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
475
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
476
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
477
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
478
  <label id="importalign">No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?> <br>
479
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
36
  ********************************************************************************/
37
 
38
  $impCE = new WPImporter_includes_helper();
39
+ $nonce_Key = $impCE->create_nonce_key();
40
+
41
  ?>
42
  <div style="width:100%;">
43
  <div id="accordion">
64
  <div class="container">
65
  <?php echo $impCE->smack_csv_import_method(); ?>
66
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
67
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
68
  <?php $uploadDir = wp_upload_dir(); ?>
69
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
70
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
276
  <input type='hidden' id='current_record' name='current_record' value='0' />
277
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
278
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
279
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
280
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
281
  <!-- real uploaded filename -->
282
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
478
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
479
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
480
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
481
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
482
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
483
  <label id="importalign">No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?> <br>
484
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
modules/post/templates/index.php CHANGED
@@ -35,7 +35,7 @@
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
  $impCE = new WPImporter_includes_helper();
38
-
39
  ?>
40
  <div style="width:100%;">
41
  <div id="accordion">
@@ -63,6 +63,7 @@ $impCE = new WPImporter_includes_helper();
63
  <?php echo $impCE->smack_csv_import_method(); ?>
64
 
65
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
66
  <?php $uploadDir = wp_upload_dir(); ?>
67
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
68
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -279,6 +280,7 @@ $impCE = new WPImporter_includes_helper();
279
  <input type='hidden' id='current_record' name='current_record' value='0' />
280
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
281
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
 
282
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
283
  <!-- real uploaded filename -->
284
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
@@ -483,6 +485,7 @@ $impCE = new WPImporter_includes_helper();
483
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
484
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
485
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
486
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
487
  <label id="importalign">No. of posts/rows per server request</label><span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
488
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
  $impCE = new WPImporter_includes_helper();
38
+ $nonce_Key = $impCE->create_nonce_key();
39
  ?>
40
  <div style="width:100%;">
41
  <div id="accordion">
63
  <?php echo $impCE->smack_csv_import_method(); ?>
64
 
65
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
66
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
67
  <?php $uploadDir = wp_upload_dir(); ?>
68
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir)) { echo $uploadDir['basedir']; } ?>">
69
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
280
  <input type='hidden' id='current_record' name='current_record' value='0' />
281
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
282
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
283
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
284
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
285
  <!-- real uploaded filename -->
286
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
485
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
486
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
487
  <label id="importalign"><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
488
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
489
  <label id="importalign"><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
490
  <label id="importalign">No. of posts/rows per server request</label><span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
491
  <span class='msg' id='server_request_warning' style="display:none;color:red;margin-left:-10px;">You can set upto <?php echo $_SESSION['SMACK_MAPPING_SETTINGS_VALUES']['totRecords']; ?> per request.</span>
modules/settings/actions/actions.php CHANGED
@@ -56,6 +56,7 @@ class SettingsActions extends SkinnyActions
56
  if(isset($_POST['savesettings'])){
57
  update_option('wpcsvfreesettings',$_POST);
58
  $data['savesettings'] = 'done';
 
59
  }
60
  $setingsArr = array('post', 'page', 'custompost', 'comments', 'categories', 'customtaxonomy', 'users', 'eshop', 'wpcommerce', 'woocommerce', 'custompostuitype', 'cctm', 'acf', 'aioseo', 'yoastseo', 'enable', 'disable', 'nonerseooption', 'nonercustompost', 'nonerecommerce', 'recommerce','enable_plugin_access_for_author', 'send_log_email', 'enable_debug', 'disable_debug', 'debug_mode');
61
  foreach($setingsArr as $option)
56
  if(isset($_POST['savesettings'])){
57
  update_option('wpcsvfreesettings',$_POST);
58
  $data['savesettings'] = 'done';
59
+ echo "<script> location.reload(); </script>";
60
  }
61
  $setingsArr = array('post', 'page', 'custompost', 'comments', 'categories', 'customtaxonomy', 'users', 'eshop', 'wpcommerce', 'woocommerce', 'custompostuitype', 'cctm', 'acf', 'aioseo', 'yoastseo', 'enable', 'disable', 'nonerseooption', 'nonercustompost', 'nonerecommerce', 'recommerce','enable_plugin_access_for_author', 'send_log_email', 'enable_debug', 'disable_debug', 'debug_mode');
62
  foreach($setingsArr as $option)
modules/settings/templates/index.php CHANGED
@@ -34,6 +34,10 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
 
 
 
 
37
  ?>
38
  <div style ='text-align:center;margin:0;color:red;font-size:smaller;'> Your Required Settings Configuration Please Select Security and Performance tab </div></br>
39
  <div id="ShowMsg" style="display:none;"><p id="warning-msg" class="alert alert-warning"><?php echo $skinnyData['plugStatus'];?></p></div>
@@ -382,14 +386,14 @@ global $wpdb; ?>
382
  <tr><td>
383
  <label class=$utfsupport><input type='checkbox' name='rutfsupport' id='utfsupport' value='utfsupport' checked disabled onclick="check_if_avail(this.id);" ><span id="align">Enable UTF Support</span></label>
384
  </td></tr>
385
- <tr class="databorder"><td>
386
  <label id="align">Export Delimiter
387
  <select name="export_delimiter">
388
- <option>;</option>
389
- <option>,</option>
390
  </select>
391
  </label>
392
- </td></tr>
393
  <tr class="databorder"><td>
394
  <h3 id="innertitle">Debug Mode</h3>
395
  <label>You can enable/disable the debug mode.</label> </td><td>
@@ -518,7 +522,8 @@ global $wpdb; ?>
518
  <h3 id="innertitle" colspan="2" >Required Loaders and Extentions:</h3>
519
  <table class="table table-striped">
520
  <?php $loaders_extensions = get_loaded_extensions();
521
- $mod_security = apache_get_modules();
 
522
  ?>
523
  <tr><td>IonCube Loader </td><td><?php if(in_array('ionCube Loader', $loaders_extensions)) {
524
  echo '<label style="color:green;">Yes</label>';
@@ -535,7 +540,7 @@ global $wpdb; ?>
535
  } else {
536
  echo '<label style="color:red;">No</label>';
537
  } ?></td><td></td></tr>
538
- <tr><td>Mod Security </td><td><?php if(in_array('mod_security.c', $mod_security)) {
539
  echo '<label style="color:green;">Yes</label>';
540
  } else {
541
  echo '<label style="color:red;">No</label>';
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $impCE = new WPImporter_includes_helper();
38
+ $nonce_Key = $impCE->create_nonce_key();
39
+ if(! wp_verify_nonce($nonce_Key, 'smack_nonce'))
40
+ die('You are not allowed to do this operation.Please contact your admin.');
41
  ?>
42
  <div style ='text-align:center;margin:0;color:red;font-size:smaller;'> Your Required Settings Configuration Please Select Security and Performance tab </div></br>
43
  <div id="ShowMsg" style="display:none;"><p id="warning-msg" class="alert alert-warning"><?php echo $skinnyData['plugStatus'];?></p></div>
386
  <tr><td>
387
  <label class=$utfsupport><input type='checkbox' name='rutfsupport' id='utfsupport' value='utfsupport' checked disabled onclick="check_if_avail(this.id);" ><span id="align">Enable UTF Support</span></label>
388
  </td></tr>
389
+ <!--<tr class="databorder"><td>
390
  <label id="align">Export Delimiter
391
  <select name="export_delimiter">
392
+ <option value = ";">;</option>
393
+ <option value = ",">,</option>
394
  </select>
395
  </label>
396
+ </td></tr>-->
397
  <tr class="databorder"><td>
398
  <h3 id="innertitle">Debug Mode</h3>
399
  <label>You can enable/disable the debug mode.</label> </td><td>
522
  <h3 id="innertitle" colspan="2" >Required Loaders and Extentions:</h3>
523
  <table class="table table-striped">
524
  <?php $loaders_extensions = get_loaded_extensions();
525
+ if(function_exists('apache_get_modules'))
526
+ $mod_security = apache_get_modules();
527
  ?>
528
  <tr><td>IonCube Loader </td><td><?php if(in_array('ionCube Loader', $loaders_extensions)) {
529
  echo '<label style="color:green;">Yes</label>';
540
  } else {
541
  echo '<label style="color:red;">No</label>';
542
  } ?></td><td></td></tr>
543
+ <tr><td>Mod Security </td><td><?php if(isset($mod_security) && in_array('mod_security.c', $mod_security)) {
544
  echo '<label style="color:green;">Yes</label>';
545
  } else {
546
  echo '<label style="color:red;">No</label>';
modules/users/templates/index.php CHANGED
@@ -42,6 +42,7 @@ require_once(WP_CONST_ULTIMATE_CSV_IMP_DIRECTORY.'/includes/WPImporter_includes_
42
  <div id="accordion">
43
  <?php
44
  $impCE = new WPImporter_includes_helper();
 
45
  ?>
46
  <table class="table-importer">
47
  <tr>
@@ -66,6 +67,7 @@ $impCE = new WPImporter_includes_helper();
66
  <div class="container">
67
  <?php echo $impCE->smack_csv_import_method(); ?>
68
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
 
69
  <?php $uploadDir = wp_upload_dir(); ?>
70
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
71
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
@@ -229,6 +231,7 @@ $allcustomposts.=$value.',';
229
  <input type='hidden' id='current_record' name='current_record' value='0' />
230
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
231
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
 
232
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
233
  <!-- real uploaded filename -->
234
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
@@ -405,6 +408,7 @@ $mFieldsArr = substr($mFieldsArr, 0, -1);
405
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
406
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
407
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
 
408
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
409
 
410
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
42
  <div id="accordion">
43
  <?php
44
  $impCE = new WPImporter_includes_helper();
45
+ $nonce_Key = $impCE->create_nonce_key();
46
  ?>
47
  <table class="table-importer">
48
  <tr>
67
  <div class="container">
68
  <?php echo $impCE->smack_csv_import_method(); ?>
69
  <input type ='hidden' id="pluginurl"value="<?php echo WP_CONTENT_URL;?>">
70
+ <input type='hidden' id='dirpathval' name='dirpathval' value='<?php echo ABSPATH; ?>' />
71
  <?php $uploadDir = wp_upload_dir(); ?>
72
  <input type="hidden" id="uploaddir" value="<?php if(isset($uploadDir['basedir'])) { echo $uploadDir['basedir']; } ?>">
73
  <input type="hidden" id="uploadFileName" name="uploadfilename" value="">
231
  <input type='hidden' id='current_record' name='current_record' value='0' />
232
  <input type='hidden' id='totRecords' name='totRecords' value='<?php if(isset($records)) { echo $records; } ?>' />
233
  <input type='hidden' id='tmpLoc' name='tmpLoc' value='<?php echo WP_CONST_ULTIMATE_CSV_IMP_DIR; ?>' />
234
+ <input type='hidden' id='nonceKey' name='wpnonce' value='<?php echo $nonce_Key; ?>' />
235
  <input type='hidden' id='uploadedFile' name='uploadedFile' value="<?php if(isset($filename)) { echo $filename; } ?>" />
236
  <!-- real uploaded filename -->
237
  <input type='hidden' id='uploaded_csv_name' name='uploaded_csv_name' value="<?php if(isset($uploaded_csv_name)) { echo $uploaded_csv_name; } ?>" />
408
  <input name="filterhtml" id="filterhtml" type="checkbox" value="1"> Filter out HTML-Tags while comparing <br>
409
  <input name="filterhtmlentities" id="filterhtmlentities" type="checkbox" value="1"> Decode HTML-Entities before comparing <br>-->
410
  <label id='importalign'><input name='duplicatecontent' id='duplicatecontent' type="checkbox" value=""> Detect duplicate post content</label> <br>
411
+ <input type='hidden' name='wpnoncekey' id='wpnoncekey' value='<?php echo $nonce_Key; ?>' />
412
  <label id='importalign'><input name='duplicatetitle' id='duplicatetitle' type="checkbox" value="" > Detect duplicate post title</label> <br>
413
 
414
  <label id='importalign'>No. of posts/rows per server request</label> <span class="mandatory" style="margin-left:-13px;margin-right:10px">*</span> <input name="importlimit" id="importlimit" type="text" value="1" placeholder="10" onblur="check_allnumeric(this.value);"></label> <?php echo $impCE->helpnotes(); ?><br>
templates/import.php CHANGED
@@ -34,7 +34,10 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
- //require_once(WP_CONST_ULTIMATE_CSV_IMP_DIR.'includes/WPImporter_includes_helper.php');
 
 
 
38
  $impCheckobj = CallWPImporterObj::checkSecurity();
39
  if($impCheckobj != 'true')
40
  die($impCheckobj);
@@ -46,7 +49,7 @@ $importedAs = Null;
46
  $inserted_post_count = 0;
47
  $noofrecords = '';
48
  if ($curr_action != 'post' && $curr_action != 'page' && $curr_action != 'custompost') {
49
- require_once(plugin_dir_path(__FILE__) . '../modules/' . $curr_action . '/actions/actions.php');
50
  }
51
  if ($curr_action == 'post' || $curr_action == 'page' || $curr_action == 'custompost') {
52
  $importObj = new WPImporter_includes_helper();
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $noncevar = isset($_POST['postdata']['wpnonce']) ? $_POST['postdata']['wpnonce'] : '';
38
+ if(!wp_verify_nonce($noncevar, 'smack_nonce'))
39
+ die('You are not allowed to do this operation.Please contact your admin.');
40
+
41
  $impCheckobj = CallWPImporterObj::checkSecurity();
42
  if($impCheckobj != 'true')
43
  die($impCheckobj);
49
  $inserted_post_count = 0;
50
  $noofrecords = '';
51
  if ($curr_action != 'post' && $curr_action != 'page' && $curr_action != 'custompost') {
52
+ require_once(WP_CSVIMP_PLUGIN_BASE . '/modules/' . $curr_action . '/actions/actions.php');
53
  }
54
  if ($curr_action == 'post' || $curr_action == 'page' || $curr_action == 'custompost') {
55
  $importObj = new WPImporter_includes_helper();
templates/layout.php CHANGED
@@ -34,6 +34,10 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
 
 
 
 
37
  ?>
38
 
39
  <style> #ui-datepicker-div { display:none } </style>
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $impObj = new WPImporter_includes_helper();
38
+ $nonceKey = $impObj->create_nonce_key();
39
+ if(! wp_verify_nonce($nonceKey, 'smack_nonce'))
40
+ die('You are not allowed to do this operation.Please contact your admin.');
41
  ?>
42
 
43
  <style> #ui-datepicker-div { display:none } </style>
templates/menu.php CHANGED
@@ -6,6 +6,10 @@
6
  * You can contact Smackcoders at email address info@smackcoders.com.
7
  *******************************************************************************************/
8
  //require_once(WP_CONST_ULTIMATE_CSV_IMP_DIR.'includes/WPImporter_includes_helper.php');
 
 
 
 
9
  $impCheckobj = CallWPImporterObj::checkSecurity();
10
  if($impCheckobj != 'true')
11
  die($impCheckobj);
6
  * You can contact Smackcoders at email address info@smackcoders.com.
7
  *******************************************************************************************/
8
  //require_once(WP_CONST_ULTIMATE_CSV_IMP_DIR.'includes/WPImporter_includes_helper.php');
9
+ $impObj = new WPImporter_includes_helper();
10
+ $nonceKey = $impObj->create_nonce_key();
11
+ if(! wp_verify_nonce($nonceKey, 'smack_nonce'))
12
+ die('You are not allowed to do this operation.Please contact your admin.');
13
  $impCheckobj = CallWPImporterObj::checkSecurity();
14
  if($impCheckobj != 'true')
15
  die($impCheckobj);
templates/readfile.php CHANGED
@@ -34,13 +34,15 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
 
37
 
38
- require_once('../includes/WPImporter_includes_helper.php');
39
  $impCheckobj = CallWPImporterObj::checkSecurity();
40
  if($impCheckobj != 'true')
41
  die($impCheckobj);
42
-
43
- require_once('../../../../wp-load.php');
 
44
 
45
  $requested_module = "";
46
  if(isset($requested_module))
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $parse_uri = explode( 'wp-content', $_SERVER['SCRIPT_FILENAME'] );
38
 
39
+ require_once($parse_uri[0]."wp-load.php");
40
  $impCheckobj = CallWPImporterObj::checkSecurity();
41
  if($impCheckobj != 'true')
42
  die($impCheckobj);
43
+ $noncevar = isset($_REQUEST['wpnonce']) ? $_REQUEST['wpnonce'] : '';
44
+ if(! wp_verify_nonce($noncevar, 'smack_nonce'))
45
+ die('You are not allowed to do this operation.Please contact your admin.');
46
 
47
  $requested_module = "";
48
  if(isset($requested_module))
templates/versioncheck.php CHANGED
@@ -34,7 +34,10 @@
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
- //require_once(WP_CONST_ULTIMATE_CSV_IMP_DIR.'includes/WPImporter_includes_helper.php');
 
 
 
38
  $impCheckobj = CallWPImporterObj::checkSecurity();
39
  if($impCheckobj != 'true')
40
  die($impCheckobj);
34
  * Notices must display the words
35
  * "Copyright Smackcoders. 2014. All rights reserved".
36
  ********************************************************************************/
37
+ $impObj = new WPImporter_includes_helper();
38
+ $nonceKey = $impObj->create_nonce_key();
39
+ if(! wp_verify_nonce($nonceKey, 'smack_nonce'))
40
+ die('You are not allowed to do this operation.Please contact your admin.');
41
  $impCheckobj = CallWPImporterObj::checkSecurity();
42
  if($impCheckobj != 'true')
43
  die($impCheckobj);