Ultimate CSV Importer - Version 5.6.1

Version Description

Release Info

Developer	smackcoders
Plugin	Ultimate CSV Importer
Version	5.6.1
Comparing to
See all releases

Code changes from version 5.3.7 to 5.6.1

Files changed (18) hide show

Readme.txt +13 -5
admin/class-uci-admin.php +33 -2
admin/views/form-advanced-mapping-configuration.php +3 -0
admin/views/form-file-import-method.php +2 -0
admin/views/form-ignite-import.php +2 -0
admin/views/form-import-configuration.php +2 -0
admin/views/form-inform-export.php +0 -52
admin/views/form-manager-view.php +2 -0
admin/views/form-mapping-configuration.php +2 -0
admin/views/form-media-handling.php +2 -0
admin/views/form-settings-view.php +1 -0
admin/views/form-support-view.php +1 -0
assets/images/wp-ultimate-csv-importer-old.png +0 -0
assets/images/wp-ultimate-csv-importer.png +0 -0
assets/js/jquery.fileDownload.js +3 -1
includes/class-uci-admin-ajax.php +8 -3
includes/class-uci-upload-handler.php +6 -0
index.php +2 -2

Readme.txt CHANGED Viewed

	@@ -3,10 +3,10 @@ Contributors: smackcoders, smacksupport
3	Donate link: https://www.paypal.me/smackcoders
4	Tags: csv, csv import, csv importer, import, import csv, import seo, import woocommerce, acf, excel, spreadsheet
5	Requires at least: 4.5
6	- Tested up to: 4.9.8
7	Requires PHP: 5.2.4 or above
8	- Stable tag: 5.3.7
9	- Version: 5.3.7
10	Author: smackcoders
11	Author URI: http://profiles.wordpress.org/smackcoders/
12	License: GPLv2 or later
	@@ -56,10 +56,10 @@ Import of CSV involves few simple steps. Choose your CSV file to import. Map you
56	* Core Module - Post, Page, Custom Post, Comments, Category, Tags, Users, Customer Reviews.
57	* eCommerce Products - WooCommerce, MarketPress, WP e-Commerce & eShop.
58	* SEO field - Free & Pro version of All in One SEO and Yoast SEO.
59	- * Multilingual - WPML & [qTranslate X](https://www.smackcoders.com/blog/import-marketpress-pro-event-manager-and-more.html?utm_source=web&utm_campaign=readme&utm_medium=wp_org)
60	* Image - NextGEN Gallery
61	* Events Management - Events Manager FREE & Pro
62	- * Custom fields - CustomPress, ACF, Types, Pods, CCTM & WordPress default Text & Textarea fields.
63	* Custom Post - CustomPress, Types, Pods, CPT UI, CCTM & default WordPress Custom Post.
64
65	= Highlighted Feature of PRO =
	@@ -126,6 +126,10 @@ The importer supports [default WordPress Text and Text area fields](https://www.
126	For more FAQ, you can refer [here](https://www.smackcoders.com/wordpress-products-faq.html?utm_source=wp_org&utm_campaign=readme&utm_medium=faq).
127
128	== Changelog ==




129	= 5.3.7 =
130	* Removed: Registering custom field in Mapping section.
131	= 5.3.6 =
	@@ -498,6 +502,10 @@ For more FAQ, you can refer [here](https://www.smackcoders.com/wordpress-product
498	* Initial release version. Tested and found works well without any issues.
499
500	== Upgrade Notice ==




501	= 5.3.7 =
502	* Upgrade now to get latest version of Ultimate CSV Importer
503	= 5.3.6 =


3	Donate link: https://www.paypal.me/smackcoders
4	Tags: csv, csv import, csv importer, import, import csv, import seo, import woocommerce, acf, excel, spreadsheet
5	Requires at least: 4.5
6	+ Tested up to: 5.0.1
7	Requires PHP: 5.2.4 or above
8	+ Stable tag: 5.6.1
9	+ Version: 5.6.1
10	Author: smackcoders
11	Author URI: http://profiles.wordpress.org/smackcoders/
12	License: GPLv2 or later

56	* Core Module - Post, Page, Custom Post, Comments, Category, Tags, Users, Customer Reviews.
57	* eCommerce Products - WooCommerce, MarketPress, WP e-Commerce & eShop.
58	* SEO field - Free & Pro version of All in One SEO and Yoast SEO.
59	+ * Multilingual - [WPML](https://www.youtube.com/watch?v=yvSPfvPp5s0&t=8s) & [qTranslate X](https://www.smackcoders.com/blog/import-marketpress-pro-event-manager-and-more.html?utm_source=web&utm_campaign=readme&utm_medium=wp_org)
60	* Image - NextGEN Gallery
61	* Events Management - Events Manager FREE & Pro
62	+ * Custom fields - CustomPress, [ACF](https://youtu.be/RVoqPX3Ib94), [Toolset Types](https://www.smackcoders.com/documentation/ultimate-csv-importer-pro/toolset-types-import?utm_source=readme&utm_medium=wp_org), Pods, CCTM & WordPress default Text & Textarea fields.
63	* Custom Post - CustomPress, Types, Pods, CPT UI, CCTM & default WordPress Custom Post.
64
65	= Highlighted Feature of PRO =

126	For more FAQ, you can refer [here](https://www.smackcoders.com/wordpress-products-faq.html?utm_source=wp_org&utm_campaign=readme&utm_medium=faq).
127
128	== Changelog ==
129	+ =5.6.1=
130	+ * Added: WP CSRF Protection
131	+ =5.6=
132	+ * Added: Compatibility for WordPress 5.0
133	= 5.3.7 =
134	* Removed: Registering custom field in Mapping section.
135	= 5.3.6 =

502	* Initial release version. Tested and found works well without any issues.
503
504	== Upgrade Notice ==
505	+ = 5.6.1 =
506	+ * Important update for security fixes.
507	+ = 5.6 =
508	+ * Upgrade now for WordPress 5.0 compatibility
509	= 5.3.7 =
510	* Upgrade now to get latest version of Ultimate CSV Importer
511	= 5.3.6 =

admin/class-uci-admin.php CHANGED Viewed

	@@ -49,6 +49,7 @@ class SmackUCIAdmin extends SmackUCIHelper {
49	public static function show_admin_menus() {
50	$is_author_can_import = get_option('sm_uci_pro_settings', null);
51	$is_author_can_import = isset($is_author_can_import['author_editor_access']) ? $is_author_can_import['author_editor_access'] : '';

52	if ( apply_filters( 'sm_uci_enable_setup_wizard', true ) && is_user_logged_in() && current_user_can( 'administrator' ) ) {
53	add_action( 'admin_menu', array( __CLASS__, 'admin_menus' ) );
54	}
	@@ -92,6 +93,18 @@ class SmackUCIAdmin extends SmackUCIHelper {
92	}
93
94	public static function sm_uci_screens() {












95	global $uci_admin;
96	$uci_admin->show_top_navigation_menus();
97	switch (sanitize_title($_REQUEST['page'])) {
	@@ -119,6 +132,7 @@ class SmackUCIAdmin extends SmackUCIHelper {
119	default:
120	break;
121	}

122	return false;
123	}
124
	@@ -157,6 +171,7 @@ class SmackUCIAdmin extends SmackUCIHelper {
157	$parserObj = new SmackCSVParser();
158	$uci_admin->show_notices($parserObj);
159	$step = isset($_REQUEST['step']) ? sanitize_title($_REQUEST['step']) : '';

160	switch ($step) {
161	case 'import_file': // Step one
162	include ( 'views/form-file-import-method.php' );
	@@ -165,11 +180,27 @@ class SmackUCIAdmin extends SmackUCIHelper {
165	# NOTE: Removed the suggested template view
166	break;
167	case 'mapping_config': // Step two

168	if(isset($_REQUEST['eventKey']) ? sanitize_key($_REQUEST['eventKey']):'' ) :
169	if(isset($_POST) && !empty($_POST)) :

170	$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
171	- ~~$parserObj->screenData = array('import_file' => $_POST);~~
172	- ~~update_option~~($_REQUEST['eventKey']~~, $parserObj->screenData~~);














173	else:
174	$parserObj->screenData = get_option($_REQUEST['eventKey']);
175	endif;


49	public static function show_admin_menus() {
50	$is_author_can_import = get_option('sm_uci_pro_settings', null);
51	$is_author_can_import = isset($is_author_can_import['author_editor_access']) ? $is_author_can_import['author_editor_access'] : '';
52	+
53	if ( apply_filters( 'sm_uci_enable_setup_wizard', true ) && is_user_logged_in() && current_user_can( 'administrator' ) ) {
54	add_action( 'admin_menu', array( __CLASS__, 'admin_menus' ) );
55	}

93	}
94
95	public static function sm_uci_screens() {
96	+
97	+ // Mari added
98	+ // Verify the WP NONCE if the request is POST
99	+ // nonce name - sm-uci-import
100	+ if($_POST){
101	+
102	+ if ( !isset($_POST['_wpnonce']) \|\| ! wp_verify_nonce( $_POST['_wpnonce'], 'sm-uci-import' ) ) {
103	+
104	+ die( 'You are restricted from accessing this page.' );
105	+ }
106	+ }
107	+
108	global $uci_admin;
109	$uci_admin->show_top_navigation_menus();
110	switch (sanitize_title($_REQUEST['page'])) {

132	default:
133	break;
134	}
135	+
136	return false;
137	}
138

171	$parserObj = new SmackCSVParser();
172	$uci_admin->show_notices($parserObj);
173	$step = isset($_REQUEST['step']) ? sanitize_title($_REQUEST['step']) : '';
174	+
175	switch ($step) {
176	case 'import_file': // Step one
177	include ( 'views/form-file-import-method.php' );

180	# NOTE: Removed the suggested template view
181	break;
182	case 'mapping_config': // Step two
183	+
184	if(isset($_REQUEST['eventKey']) ? sanitize_key($_REQUEST['eventKey']):'' ) :
185	if(isset($_POST) && !empty($_POST)) :
186	+
187	$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
188	+
189	+ if(empty($_REQUEST['eventKey'])){
190	+ // Mari added - to prevent from invalid form action
191	+ $parserObj->wp_session = "Invaid Event Key";
192	+ echo "Invaid Event Key";
193	+ exit();
194	+ }else if(get_option($_REQUEST['eventKey'])){
195	+ // Mari added - to prevent from invalid form action
196	+ $parserObj->wp_session = "Invaid Event Key";
197	+ echo "Invaid Event Key";
198	+ exit();
199	+ }else{
200	+ $parserObj->screenData = array('import_file' => $_POST);
201	+ update_option($_REQUEST['eventKey'], $parserObj->screenData);
202	+ }
203	+
204	else:
205	$parserObj->screenData = get_option($_REQUEST['eventKey']);
206	endif;

admin/views/form-advanced-mapping-configuration.php CHANGED Viewed

	@@ -111,6 +111,9 @@ $ecommerce_module = array('WooCommerce', 'MarketPress', 'WPeCommerce', 'eShop');
111	<link rel="stylesheet" type="text/css" href="style.css">
112	</head> -->
113	<form id ="mapping_section" autocomplete="off" method="post" action="<?php echo $actionURL;?>">



114	<main id="main ">
115	<div id="mapping-container">
116	<div id="header1"></div>


111	<link rel="stylesheet" type="text/css" href="style.css">
112	</head> -->
113	<form id ="mapping_section" autocomplete="off" method="post" action="<?php echo $actionURL;?>">
114	+
115	+ <?php wp_nonce_field('sm-uci-import'); ?>
116	+
117	<main id="main ">
118	<div id="mapping-container">
119	<div id="header1"></div>

admin/views/form-file-import-method.php CHANGED Viewed

	@@ -49,6 +49,8 @@ else{
49	?>
50	<div class="whole_body wp_ultimate_csv_importer_pro">
51	<form class="form-horizontal" id="form_import_file" method="post" action= "<?php echo esc_url(admin_url() . 'admin.php?page=sm-uci-import&step=suggested_template');?>" enctype="multipart/form-data">


52	<div id='wp_warning_main' class = 'updated notice'>
53	<p>Supported file types .csv .zip .txt
54	</p></div>


49	?>
50	<div class="whole_body wp_ultimate_csv_importer_pro">
51	<form class="form-horizontal" id="form_import_file" method="post" action= "<?php echo esc_url(admin_url() . 'admin.php?page=sm-uci-import&step=suggested_template');?>" enctype="multipart/form-data">
52	+ <?php wp_nonce_field('sm-uci-import'); ?>
53	+
54	<div id='wp_warning_main' class = 'updated notice'>
55	<p>Supported file types .csv .zip .txt
56	</p></div>

admin/views/form-ignite-import.php CHANGED Viewed

	@@ -72,6 +72,8 @@ if($main_mode == 'on'){
72
73	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="font-size: 15px; margin-top: 40px;">
74	<form class="form-inline" method="post">


75	<div class="col-md-12">
76	<div class="col-md-12 mt40" style="text-align: center;">
77	<input type="button" class="smack-btn smack-btn-primary btn-radius" value="<?php echo esc_attr('Resume','wp-ultimate-csv-importer');?>" style="display:none;" id="continue_import" onclick="continueImport();" >


72
73	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="font-size: 15px; margin-top: 40px;">
74	<form class="form-inline" method="post">
75	+ <?php wp_nonce_field('sm-uci-import'); ?>
76	+
77	<div class="col-md-12">
78	<div class="col-md-12 mt40" style="text-align: center;">
79	<input type="button" class="smack-btn smack-btn-primary btn-radius" value="<?php echo esc_attr('Resume','wp-ultimate-csv-importer');?>" style="display:none;" id="continue_import" onclick="continueImport();" >

admin/views/form-import-configuration.php CHANGED Viewed

	@@ -81,6 +81,8 @@ else{
81	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="font-size: 14px; margin-top: 40px;">
82	<h3 style="margin-left:2%;" class="csv-importer-heading"><?php echo esc_html__('Import configuration Section','wp-ultimate-csv-importer');?></h3>
83	<form class="form-inline" method="post" action="<?php echo $actionURL;?>">


84	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
85	<div class="config_table">
86	<div class="col-md-12 mt20" id="main_ch">


81	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="font-size: 14px; margin-top: 40px;">
82	<h3 style="margin-left:2%;" class="csv-importer-heading"><?php echo esc_html__('Import configuration Section','wp-ultimate-csv-importer');?></h3>
83	<form class="form-inline" method="post" action="<?php echo $actionURL;?>">
84	+ <?php wp_nonce_field('sm-uci-import'); ?>
85	+
86	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
87	<div class="config_table">
88	<div class="col-md-12 mt20" id="main_ch">

admin/views/form-inform-export.php DELETED Viewed

@@ -1,52 +0,0 @@
-            -
            <?php
-            -
            /*********************************************************************************
-            -
             * WP Ultimate CSV Importer is a Tool for importing CSV for the Wordpress
-            -
             * plugin developed by Smackcoders. Copyright (C) 2016 Smackcoders.
-            -
             *
-            -
             * WP Ultimate CSV Importer is free software; you can redistribute it and/or
-            -
             * modify it under the terms of the GNU Affero General Public License version 3
-            -
             * as published by the Free Software Foundation with the addition of the
-            -
             * following permission added to Section 15 as permitted in Section 7(a): FOR
-            -
             * ANY PART OF THE COVERED WORK IN WHICH THE COPYRIGHT IS OWNED BY WP Ultimate
-            -
             * CSV Importer, WP Ultimate CSV Importer DISCLAIMS THE WARRANTY OF NON
-            -
             * INFRINGEMENT OF THIRD PARTY RIGHTS.
-            -
             *
-            -
             * WP Ultimate CSV Importer is distributed in the hope that it will be useful,
-            -
             * but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-            -
             * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
-            -
             * License for more details.
-            -
             *
-            -
             * You should have received a copy of the GNU Affero General Public License
-            -
             * along with this program; if not, see http://www.gnu.org/licenses or write
-            -
             * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
-            -
             * Boston, MA 02110-1301 USA.
-            -
             *
-            -
             * You can contact Smackcoders at email address info@smackcoders.com.
-            -
             *
-            -
             * The interactive user interfaces in original and modified versions
-            -
             * of this program must display Appropriate Legal Notices, as required under
-            -
             * Section 5 of the GNU Affero General Public License version 3.
-            -
             *
-            -
             * In accordance with Section 7(b) of the GNU Affero General Public License
-            -
             * version 3, these Appropriate Legal Notices must retain the display of the
-            -
             * WP Ultimate CSV Importer copyright notice. If the display of the logo is
-            -
             * not reasonably feasible for technical reasons, the Appropriate Legal
-            -
             * Notices must display the words
-            -
             * "Copyright Smackcoders. 2016. All rights reserved".
-            -
             ********************************************************************************/
-            -
-            -
            if ( ! defined( 'ABSPATH' ) )
-            -
                exit; // Exit if accessed directly
-            -
            ?>
-            -
-            -
            <div class="list-inline pull-right mb10 wp_ultimate_csv_importer_pro">
-            -
                <div class="col-md-6 mt10"><a href="https://goo.gl/jdPMW8" target="_blank"><?php echo esc_html__('Documentation','wp-ultimste-csv-importer');?></a></div>
-            -
                <div class="col-md-6 mt10"><a href="https://goo.gl/fKvDxH" target="_blank"><?php echo esc_html__('Sample CSV','wp-ultimste-csv-importer');?></a></div>
-            -
            </div>
-            -
            <div class="wp_ultimate_csv_importer_pro panel col-md-12" style="font-size:14px; height: 500px;width:99%;">
-            -
-            -
            <div style="text-align: center;margin-top: 200px;font-size: 16px;">
-            -
            <div> Exporter feature in Ultimate CSV Importer FREE moved to a separate add-on. </div> <br>
-            -
             <div> To continue using this feature, kindly install <a href="https://wordpress.org/plugins/wp-ultimate-exporter/" target="_blank">WP Ultimate Exporter </a>. </div>
-            -
             </div>
-            -
            </div>

admin/views/form-manager-view.php CHANGED Viewed

	@@ -46,6 +46,8 @@ if ( ! defined( 'ABSPATH' ) )
46	</div>
47	<div class="whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px">
48	<form>


49	<div class="import_holder" id="import_holder" >
50	<div class="panel " style="width: 99%;">
51	<div class="panel-body no-padding">


46	</div>
47	<div class="whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px">
48	<form>
49	+ <?php wp_nonce_field('sm-uci-import'); ?>
50	+
51	<div class="import_holder" id="import_holder" >
52	<div class="panel " style="width: 99%;">
53	<div class="panel-body no-padding">

admin/views/form-mapping-configuration.php CHANGED Viewed

	@@ -119,6 +119,8 @@ if(isset($_REQUEST['mapping_type']) && $_REQUEST['mapping_type'] == 'normal') {
119	<h3 style="margin-left:2%;" class="csv-importer-heading"><?php echo esc_html__('Mapping Section','wp-ultimate-csv-importer');?></h3>
120	</div>
121	<form id = "mapping_section" method="post" action="<?php echo $actionURL;?>">


122	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
123	<?php $import_mode = $get_records[sanitize_key($_REQUEST['eventkey'])]['import_file']['import_mode']; ?>
124	<div class="mapping_table">


119	<h3 style="margin-left:2%;" class="csv-importer-heading"><?php echo esc_html__('Mapping Section','wp-ultimate-csv-importer');?></h3>
120	</div>
121	<form id = "mapping_section" method="post" action="<?php echo $actionURL;?>">
122	+ <?php wp_nonce_field('sm-uci-import'); ?>
123	+
124	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
125	<?php $import_mode = $get_records[sanitize_key($_REQUEST['eventkey'])]['import_file']['import_mode']; ?>
126	<div class="mapping_table">

admin/views/form-media-handling.php CHANGED Viewed

	@@ -67,6 +67,8 @@ $records = $uci_admin->GetPostValues(sanitize_key($_REQUEST['eventkey']));
67
68	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px;">
69	<form class="form-inline" method="post" action="<?php echo $actionURL;?>">


70	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
71	<h3 class="media_head csv-importer-heading"><?php echo esc_html__('Media Handling','wp-ultimate-csv-importer');?></h3>
72	<input type="hidden" id="eventkey" name="eventkey" value="<?php echo sanitize_text_field($_REQUEST['eventkey']); ?>" />


67
68	<div class="template_body whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px;">
69	<form class="form-inline" method="post" action="<?php echo $actionURL;?>">
70	+ <?php wp_nonce_field('sm-uci-import'); ?>
71	+
72	<div id='wp_warning' style = 'display:none;' class = 'error'></div>
73	<h3 class="media_head csv-importer-heading"><?php echo esc_html__('Media Handling','wp-ultimate-csv-importer');?></h3>
74	<input type="hidden" id="eventkey" name="eventkey" value="<?php echo sanitize_text_field($_REQUEST['eventkey']); ?>" />

admin/views/form-settings-view.php CHANGED Viewed

	@@ -199,6 +199,7 @@ if(isset($ucioptimize['delete_all_trackback_comments'])) {
199	</div>
200	<div class="whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px;">
201	<form id="form_import_file">

202	<div class="import_holder" id="import_holder" >
203	<div class="panel " style="width: 99%;">
204	<div id="warningsec" style="color:red;width:100%; min-height: 110px;border: 1px solid #d1d1d1;background-color:#fff;display:none;">


199	</div>
200	<div class="whole_body wp_ultimate_csv_importer_pro" style="margin-top: 40px;">
201	<form id="form_import_file">
202	+ <?php wp_nonce_field('sm-uci-import'); ?>
203	<div class="import_holder" id="import_holder" >
204	<div class="panel " style="width: 99%;">
205	<div id="warningsec" style="color:red;width:100%; min-height: 110px;border: 1px solid #d1d1d1;background-color:#fff;display:none;">

admin/views/form-support-view.php CHANGED Viewed

	@@ -48,6 +48,7 @@ if ( ! defined( 'ABSPATH' ) )
48	<div class="col-md-6 col-sm-6 mt40 mb40" style="">
49	<fieldset class="scheduler-border"> <legend class="scheduler-border" style="margin-top:15px;"><?php echo esc_html__('Contact Support','wp-ultimate-csv-importer');?></legend>
50	<form class="support-form" type="post" style="margin-top:10px;" action="">

51	<div class="form-group">
52	<label><?php echo esc_html__('Email','wp-ultimate-csv-importer');?></label>
53	<input name="email" id="email" class="form-control" value="" type="text">


48	<div class="col-md-6 col-sm-6 mt40 mb40" style="">
49	<fieldset class="scheduler-border"> <legend class="scheduler-border" style="margin-top:15px;"><?php echo esc_html__('Contact Support','wp-ultimate-csv-importer');?></legend>
50	<form class="support-form" type="post" style="margin-top:10px;" action="">
51	+ <?php wp_nonce_field('sm-uci-import'); ?>
52	<div class="form-group">
53	<label><?php echo esc_html__('Email','wp-ultimate-csv-importer');?></label>
54	<input name="email" id="email" class="form-control" value="" type="text">

assets/images/wp-ultimate-csv-importer-old.png ADDED Viewed

Binary file

assets/images/wp-ultimate-csv-importer.png CHANGED Viewed

Binary file

assets/js/jquery.fileDownload.js CHANGED Viewed

	@@ -341,7 +341,9 @@ $.extend({
341	formDoc = getiframeDocument($iframe);
342	}
343
344	- ~~formDoc.write("<html><head></head><body><form~~ ~~method='"~~ ~~+ settings.httpMethod + "' action='" + fileUrl + "'>" + formInnerHtml + "</form>" + settings.popupWindowTitle + "</body></html>");~~


345	$form = $(formDoc).find('form');
346	}
347


341	formDoc = getiframeDocument($iframe);
342	}
343
344	+ // Mari added
345	+ // TODO - remove the nonce after testing
346	+ formDoc.write("<html><head></head><body><form method='" + settings.httpMethod + "' action='" + fileUrl + "'><?php wp_nonce_field('sm-uci-import'); ?>" + formInnerHtml + "</form>" + settings.popupWindowTitle + "</body></html>");
347	$form = $(formDoc).find('form');
348	}
349

includes/class-uci-admin-ajax.php CHANGED Viewed

	@@ -806,27 +806,32 @@ class SmackUCIAdminAjax {
806
807	public static function sendmail(){
808	if($_POST){

809	$email = $_POST['email'];
810	$url = get_option('siteurl');
811	$site_name = get_option('blogname');
812	$headers = "From: " . $site_name . "<$email>" . "\r\n";
813	$headers.= 'MIME-Version: 1.0' . "\r\n";
814	- $headers.= "Content-type: text/html; charset=~~iso~~-~~8859-1 \r\n~~";
815	$to = 'support@smackcoders.com';
816	$subject = $_POST['query'];
817	$message = "Site URL: " . $url . "\r\n";
818	$message .= "Plugin Name: " . SM_UCI_SETTINGS . "\r\n";
819	- $message .= "Message: " . $_POST['message'] . "\r\n";
820	//send email
821	if(wp_mail($to, $subject, $message, $headers)) {
822	echo 'Mail Sent!';
823	} else {
824	echo "Please draft a mail to support@smackcoders.com. If you doesn't get any acknowledgement within an hour!";
825	} //This method sends the mail.

826	die;
827	}
828	}
829	-



830	public static function send_subscribe_email(){
831	if($_POST){
832	$email = $_POST['subscribe_email'];


806
807	public static function sendmail(){
808	if($_POST){
809	+ add_filter( 'wp_mail_content_type','SmackUCIAdminAjax::set_content_type' );
810	$email = $_POST['email'];
811	$url = get_option('siteurl');
812	$site_name = get_option('blogname');
813	$headers = "From: " . $site_name . "<$email>" . "\r\n";
814	$headers.= 'MIME-Version: 1.0' . "\r\n";
815	+ $headers= array( "Content-type: text/html; charset=UTF-8");
816	$to = 'support@smackcoders.com';
817	$subject = $_POST['query'];
818	$message = "Site URL: " . $url . "\r\n";
819	$message .= "Plugin Name: " . SM_UCI_SETTINGS . "\r\n";
820	+ $message .= "Message: " ."\r\n" . $_POST['message'] . "\r\n";
821	//send email
822	if(wp_mail($to, $subject, $message, $headers)) {
823	echo 'Mail Sent!';
824	} else {
825	echo "Please draft a mail to support@smackcoders.com. If you doesn't get any acknowledgement within an hour!";
826	} //This method sends the mail.
827	+ remove_filter( 'wp_mail_content_type', 'SmackUCIAdminAjax::set_content_type' );
828	die;
829	}
830	}
831	+ function set_content_type( $message ) {
832	+
833	+ return 'text/plain';
834	+ }
835	public static function send_subscribe_email(){
836	if($_POST){
837	$email = $_POST['subscribe_email'];

includes/class-uci-upload-handler.php CHANGED Viewed

	@@ -194,6 +194,7 @@ if(!class_exists('SmackUCIUploadHandler')) {
194	wp_mkdir_p($eventDir);
195	}
196	}

197	return $eventDir . '/' . $this->get_user_path() . $version_path . $eventkey;
198	}
199
	@@ -1181,6 +1182,11 @@ if(!class_exists('SmackUCIUploadHandler')) {
1181	}
1182	# code added by goku to get the uploaded filename
1183	$files[0]->uploadedname = $upload['name'];





1184	return $this->generate_response(array($this->options['param_name'] => $files), $print_response);
1185	}
1186


194	wp_mkdir_p($eventDir);
195	}
196	}
197	+
198	return $eventDir . '/' . $this->get_user_path() . $version_path . $eventkey;
199	}
200

1182	}
1183	# code added by goku to get the uploaded filename
1184	$files[0]->uploadedname = $upload['name'];
1185	+
1186	+ // Mari added this line
1187	+ // Use this event key as CSRF token
1188	+ add_option($files[0]->eventkey, true);
1189	+
1190	return $this->generate_response(array($this->options['param_name'] => $files), $print_response);
1191	}
1192

index.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	/******************************
3	* Plugin Name: WP Ultimate CSV Importer
4	* Description: Seamlessly create posts, custom posts, pages, media, SEO and more from your CSV data with ease.
5	- * Version: 5.3.7
6	* Author: smackcoders
7	* Author URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html?utm_source=plugin&utm_campaign=csv_importer_pro&utm_medium=wordpress
8	* Text Domain: wp-ultimate-csv-importer
	@@ -56,7 +56,7 @@ if ( ! class_exists( 'SM_WPUltimateCSVImporter' ) ) :
56	*/
57	class SM_WPUltimateCSVImporter {
58
59	- public $version = '5.3.7';
60
61	/**
62	* The single instance of the class.


2	/******************************
3	* Plugin Name: WP Ultimate CSV Importer
4	* Description: Seamlessly create posts, custom posts, pages, media, SEO and more from your CSV data with ease.
5	+ * Version: 5.6.1
6	* Author: smackcoders
7	* Author URI: http://www.smackcoders.com/wp-ultimate-csv-importer-pro.html?utm_source=plugin&utm_campaign=csv_importer_pro&utm_medium=wordpress
8	* Text Domain: wp-ultimate-csv-importer

56	*/
57	class SM_WPUltimateCSVImporter {
58
59	+ public $version = '5.6.1';
60
61	/**
62	* The single instance of the class.