MailPoet Newsletters (Previous)

Version Description

2021-10-06 =
Fixed security issues.

Release Info

Developer	MailPoet
Plugin	MailPoet Newsletters (Previous)
Version	2.16
Comparing to
See all releases

Code changes from version 2.15 to 2.16

Files changed (15) hide show

controllers/ajax/campaigns.php +22 -0
controllers/ajax/config.php +17 -0
controllers/ajax/statistics.php +3 -0
controllers/ajax/subscribers.php +5 -0
controllers/ajax/tmce.php +3 -0
core/base.php +3 -2
helpers/form_engine.php +1 -1
helpers/forms.php +5 -5
helpers/render_engine.php +1 -1
index.php +1 -1
readme.txt +4 -1
views/back.php +1 -1
views/back/campaigns.php +4 -4
views/back/subscribers.php +6 -6
views/front/widget_nl.php +22 -22

controllers/ajax/campaigns.php CHANGED Viewed

@@ -1,6 +1,28 @@
             <?php
             defined('WYSIJA') or die('Restricted access');
             class WYSIJA_control_back_campaigns extends WYSIJA_control{
             	function __construct(){
             		if(!WYSIJA::current_user_can('wysija_newsletters'))  die('Action is forbidden.');


1	<?php
2	defined('WYSIJA') or die('Restricted access');
3	class WYSIJA_control_back_campaigns extends WYSIJA_control{
4	+ const ALLOWED_ACTIONS = [
5	+ 'save_poll',
6	+ 'switch_theme',
7	+ 'save_editor',
8	+ 'save_styles',
9	+ 'deleteimg',
10	+ 'deleteTheme',
11	+ 'setDefaultTheme',
12	+ 'save_IQS',
13	+ 'insert_articles',
14	+ 'send_preview',
15	+ 'send_spamtest',
16	+ 'set_divider',
17	+ 'generate_social_bookmarks',
18	+ 'install_theme',
19	+ 'get_social_bookmarks',
20	+ 'refresh_themes',
21	+ 'generate_auto_post',
22	+ 'load_auto_post',
23	+ 'search_terms',
24	+ 'get_articles',
25	+ ];
26
27	function __construct(){
28	if(!WYSIJA::current_user_can('wysija_newsletters')) die('Action is forbidden.');

controllers/ajax/config.php CHANGED Viewed

@@ -1,6 +1,23 @@
             <?php
             defined('WYSIJA') or die('Restricted access');
             class WYSIJA_control_back_config extends WYSIJA_control{
                 function __construct(){
                     if(!WYSIJA::current_user_can('wysija_config'))  die("Action is forbidden.");


1	<?php
2	defined('WYSIJA') or die('Restricted access');
3	class WYSIJA_control_back_config extends WYSIJA_control{
4	+ const ALLOWED_ACTIONS = [
5	+ 'send_test_mail',
6	+ 'send_test_mail_ms',
7	+ 'bounce_connect',
8	+ 'bounce_process',
9	+ 'linkignore',
10	+ 'share_analytics',
11	+ 'validate',
12	+ 'wysija_form_generate_template',
13	+ 'wysija_form_manage_field',
14	+ 'form_field_delete',
15	+ 'form_name_save',
16	+ 'form_save',
17	+ 'wysija_dismiss_update_notice',
18	+ 'wysija_dismiss_license_notice',
19	+ ];
20	+
21
22	function __construct(){
23	if(!WYSIJA::current_user_can('wysija_config')) die("Action is forbidden.");

controllers/ajax/statistics.php CHANGED Viewed

	@@ -4,6 +4,9 @@ defined('WYSIJA') or die('Restricted access');
4	require_once(WYSIJA_CORE.'module'.DS.'statistics.php'); // @todo
5
6	class WYSIJA_control_back_statistics extends WYSIJA_control {



7
8	/**
9	* Main model of this controller


4	require_once(WYSIJA_CORE.'module'.DS.'statistics.php'); // @todo
5
6	class WYSIJA_control_back_statistics extends WYSIJA_control {
7	+ const ALLOWED_ACTIONS = [
8	+ 'get_block',
9	+ ];
10
11	/**
12	* Main model of this controller

controllers/ajax/subscribers.php CHANGED Viewed

	@@ -2,6 +2,11 @@
2	defined('WYSIJA') or die('Restricted access');
3	include(dirname(dirname(__FILE__)).DS.'front.php');
4	class WYSIJA_control_back_subscribers extends WYSIJA_control_front{





5	var $model='user';
6	var $view='';
7


2	defined('WYSIJA') or die('Restricted access');
3	include(dirname(dirname(__FILE__)).DS.'front.php');
4	class WYSIJA_control_back_subscribers extends WYSIJA_control_front{
5	+ const ALLOWED_ACTIONS = [
6	+ 'save',
7	+ 'registerToLists',
8	+ ];
9	+
10	var $model='user';
11	var $view='';
12

controllers/ajax/tmce.php CHANGED Viewed

	@@ -1,6 +1,9 @@
1	<?php
2	defined('WYSIJA') or die('Restricted access');
3	class WYSIJA_control_back_tmce extends WYSIJA_control{



4
5	function __construct(){
6	parent::__construct();


1	<?php
2	defined('WYSIJA') or die('Restricted access');
3	class WYSIJA_control_back_tmce extends WYSIJA_control{
4	+ const ALLOWED_ACTIONS = [
5	+ 'registerAdd',
6	+ ];
7
8	function __construct(){
9	parent::__construct();

core/base.php CHANGED Viewed

	@@ -19,7 +19,7 @@ class WYSIJA_object{
19	* Static variable holding core MailPoet's version
20	* @var array
21	*/
22	- static $version = '2.15';
23
24	function __construct(){}
25
	@@ -392,7 +392,8 @@ class WYSIJA_help extends WYSIJA_object{
392	$this->controller = WYSIJA::get( $_REQUEST['controller'] , 'controller' , false, $plugin_requesting_ajax );
393
394	// let's make sure the requested task exist
395	- ~~if(~~ ~~method_exists~~( $this->controller , ~~$_REQUEST[~~'~~task~~'~~] ) ){~~

396	$result_array['result'] = call_user_func(array($this->controller, $_REQUEST['task']));
397	}else{
398	$this->error( 'Method "' . esc_html($_REQUEST['task']) . '" doesn\'t exist for controller : "'.esc_html($_REQUEST['controller']) );


19	* Static variable holding core MailPoet's version
20	* @var array
21	*/
22	+ static $version = '2.16';
23
24	function __construct(){}
25

392	$this->controller = WYSIJA::get( $_REQUEST['controller'] , 'controller' , false, $plugin_requesting_ajax );
393
394	// let's make sure the requested task exist
395	+ $allowedConstant = get_class($this->controller) . '::ALLOWED_ACTIONS';
396	+ if(method_exists($this->controller, $_REQUEST['task']) && defined($allowedConstant) && in_array($_REQUEST['task'], constant($allowedConstant), true)){
397	$result_array['result'] = call_user_func(array($this->controller, $_REQUEST['task']));
398	}else{
399	$this->error( 'Method "' . esc_html($_REQUEST['task']) . '" doesn\'t exist for controller : "'.esc_html($_REQUEST['controller']) );

helpers/form_engine.php CHANGED Viewed

	@@ -380,7 +380,7 @@ class WYSIJA_help_form_engine extends WYSIJA_object {
380	}
381
382	// generate html for toolbar item
383	- $output .= '<li><a class="wysija_form_item" id="'.$field['column_name'].'" wysija_field="'.$field['column_name'].'" wysija_name="'.$field['name'].'" wysija_unique="'.$is_unique.'" wysija_type="'.$type.'">'.$field['name'].'</a>'.$actions.'</li>';
384	}
385
386	return $output;


380	}
381
382	// generate html for toolbar item
383	+ $output .= '<li><a class="wysija_form_item" id="'.esc_attr($field['column_name']).'" wysija_field="'.esc_attr($field['column_name']).'" wysija_name="'.esc_attr($field['name']).'" wysija_unique="'.esc_attr($is_unique).'" wysija_type="'.esc_attr($type).'">'.esc_html($field['name']).'</a>'.$actions.'</li>';
384	}
385
386	return $output;

helpers/forms.php CHANGED Viewed

	@@ -97,7 +97,7 @@ class WYSIJA_help_forms{
97	$data2=$data;
98	$data2['id'].="-".$val;
99	if($val==$value)$checked=true;
100	- $html.='<label for="'.$data2['id'].'">'.$this->checkbox($data2, $val, $checked, $extra).$valtitle."</label>";
101	}
102
103	return $html;
	@@ -110,7 +110,7 @@ class WYSIJA_help_forms{
110	$data2=$data;
111	$data2['id'].="-".$val;
112	if($val==$value)$checked=true;
113	- $html.='<label for="'.$data2['id'].'">'.$this->radio($data2, $val, $checked, $extra).$valtitle."</label>";
114	}
115
116	return $html;
	@@ -172,7 +172,7 @@ class WYSIJA_help_forms{
172	</div>
173
174	<?php
175	- $the_editor = apply_filters('the_editor', "<div id='editorcontainer'><textarea rows='$rows'$class cols='40' name='$id' tabindex='$tab_index' id='$id'>%s</textarea></div>\n");
176	$the_editor_content = apply_filters('the_editor_content', $content);
177
178	printf($the_editor, $the_editor_content);
	@@ -216,12 +216,12 @@ class WYSIJA_help_forms{
216	$form .= '<optgroup label="'.$key.'">'."\n";
217	foreach ($val as $optgroup_key => $optgroup_val) {
218	$sel = (in_array($optgroup_key, $selected)) ? ' selected="selected"' : '';
219	- $form .= '<option value="'.esc_attr($optgroup_key).'"'.$sel.'>'.(string) $optgroup_val."</option>\n";
220	}
221	$form .= '</optgroup>'."\n";
222	} else {
223	$sel = (in_array($key, $selected)) ? ' selected="selected"' : '';
224	- $form .= '<option value="'.esc_attr($key).'"'.$sel.'>'.(string) $val."</option>\n";
225	}
226	}
227	$form .= '</select>';


97	$data2=$data;
98	$data2['id'].="-".$val;
99	if($val==$value)$checked=true;
100	+ $html.='<label for="'.esc_attr($data2['id']).'">'.$this->checkbox($data2, $val, $checked, $extra).$valtitle."</label>";
101	}
102
103	return $html;

110	$data2=$data;
111	$data2['id'].="-".$val;
112	if($val==$value)$checked=true;
113	+ $html.='<label for="'.esc_attr($data2['id']).'">'.$this->radio($data2, $val, $checked, $extra).$valtitle."</label>";
114	}
115
116	return $html;

172	</div>
173
174	<?php
175	+ $the_editor = apply_filters('the_editor', "<div id='editorcontainer'><textarea rows='".esc_attr($rows)."'$class cols='40' name='".esc_attr($id)."' tabindex='$tab_index' id='".esc_attr($id)."'>%s</textarea></div>\n");
176	$the_editor_content = apply_filters('the_editor_content', $content);
177
178	printf($the_editor, $the_editor_content);

216	$form .= '<optgroup label="'.$key.'">'."\n";
217	foreach ($val as $optgroup_key => $optgroup_val) {
218	$sel = (in_array($optgroup_key, $selected)) ? ' selected="selected"' : '';
219	+ $form .= '<option value="'.esc_attr($optgroup_key).'"'.$sel.'>'.esc_html((string) $optgroup_val)."</option>\n";
220	}
221	$form .= '</optgroup>'."\n";
222	} else {
223	$sel = (in_array($key, $selected)) ? ' selected="selected"' : '';
224	+ $form .= '<option value="'.esc_attr($key).'"'.$sel.'>'.esc_html((string) $val)."</option>\n";
225	}
226	}
227	$form .= '</select>';

helpers/render_engine.php CHANGED Viewed

	@@ -1139,7 +1139,7 @@ class WYSIJA_help_render_engine extends WYSIJA_object {
1139
1140	case 'join':
1141	if(isset($arguments[0])) {
1142	- $value = join($~~value, $~~arguments[0]);
1143	}
1144	break;
1145


1139
1140	case 'join':
1141	if(isset($arguments[0])) {
1142	+ $value = join($arguments[0], $value);
1143	}
1144	break;
1145

index.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: MailPoet 2
4	Plugin URI: http://www.mailpoet.com/
5	Description: Create and send newsletters or automated emails. Capture subscribers with a widget. Import and manage your lists. This version is being replaced by MailPoet 3. Support offered to Premium customers only. Updates are limited to security issues.
6	- Version: 2.15
7	Author: MailPoet
8	Author URI: http://www.mailpoet.com/
9	License: GPLv2 or later


3	Plugin Name: MailPoet 2
4	Plugin URI: http://www.mailpoet.com/
5	Description: Create and send newsletters or automated emails. Capture subscribers with a widget. Import and manage your lists. This version is being replaced by MailPoet 3. Support offered to Premium customers only. Updates are limited to security issues.
6	+ Version: 2.16
7	Author: MailPoet
8	Author URI: http://www.mailpoet.com/
9	License: GPLv2 or later

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: mailpoet
3	Tags: newsletter, email, welcome email, post notification, autoresponder, signup, subscription, SMTP
4	Requires at least: 3.5
5	Tested up to: 5.5
6	- Stable tag: 2.15
7	Send newsletters post notifications or autoresponders from WordPress easily, and beautifully. Start to capture subscribers with our widget now.
8
9	== Description ==
	@@ -113,6 +113,9 @@ Our [support site](https://www.mailpoet.com/support) has plenty of articles and
113
114	== Changelog ==
115



116	= 2.15 - 2021-09-21 =
117	* Fixed security issues, thank you to Mike for reporting these issues.
118


3	Tags: newsletter, email, welcome email, post notification, autoresponder, signup, subscription, SMTP
4	Requires at least: 3.5
5	Tested up to: 5.5
6	+ Stable tag: 2.16
7	Send newsletters post notifications or autoresponders from WordPress easily, and beautifully. Start to capture subscribers with our widget now.
8
9	== Description ==

113
114	== Changelog ==
115
116	+ = 2.16 - 2021-10-06 =
117	+ * Fixed security issues.
118	+
119	= 2.15 - 2021-09-21 =
120	* Fixed security issues, thank you to Mike for reporting these issues.
121

views/back.php CHANGED Viewed

	@@ -528,7 +528,7 @@ class WYSIJA_view_back extends WYSIJA_view{
528	$helper_forms=WYSIJA::get('forms','helper');
529	switch($type){
530	case 'pk':
531	- return '<input type="hidden" value="'.$val.'" id="'.$id_field.'" name="'.$field_name.'">';
532	break;
533	case 'boolean':
534


528	$helper_forms=WYSIJA::get('forms','helper');
529	switch($type){
530	case 'pk':
531	+ return '<input type="hidden" value="'.esc_attr($val).'" id="'.esc_attr($id_field).'" name="'.esc_attr($field_name).'">';
532	break;
533	case 'boolean':
534

views/back/campaigns.php CHANGED Viewed

	@@ -249,7 +249,7 @@ class WYSIJA_view_back_campaigns extends WYSIJA_view_back {
249	if ((isset($_REQUEST['link_filter']) && $_REQUEST['link_filter'] == $countType) \|\| ($countType == 'allsent' && !isset($_REQUEST['link_filter'])))
250	$classcurrent = 'class="current"';
251
252	- echo '<li><a ' . $classcurrent . ' href="admin.php?page=wysija_campaigns&action=viewstats&id=' . $_REQUEST['id'] . '&link_filter=' . $countType . '">' . $tradText . ' <span class="count">(' . $count . ')</span></a>';
253
254	if ($total != $i)
255	echo ' \| ';
	@@ -875,7 +875,7 @@ class WYSIJA_view_back_campaigns extends WYSIJA_view_back {
875	if (!empty($_REQUEST['url_id']) && $_REQUEST['url_id'] == $click['url_id'])
876	$css_class .= ' select';
877
878	- $link = 'admin.php?page=wysija_campaigns&action=viewstats&id=' . $_REQUEST['id'] . '&url_id=' . $click['url_id'];
879	$result.='<li><a href="' . $link . '" class="' . $css_class . '">' . $click['name'] . '</a> : ' . $label . '</li>';
880	$countloop++;
881	}
	@@ -1206,7 +1206,7 @@ class WYSIJA_view_back_campaigns extends WYSIJA_view_back {
1206	<?php if ((int) $data['email']['type'] === 2) { ?><li><a class="wysija_item" id="wysija-widget-autopost" wysija_type="popup-auto-post"><?php _e('Automatic latest content', WYSIJA) ?></a></li><?php } ?>
1207	<li>
1208	<a class="wysija_item" wysija_type="divider" wysija_src="<?php echo $divider['src'] ?>" wysija_width="<?php echo $divider['width'] ?>" wysija_height="<?php echo $divider['height'] ?>"><?php _e('Divider', WYSIJA) ?></a>
1209	- <a id="wysija_divider_settings" class="wysija_item_settings settings" title="<?php _e('Edit', WYSIJA); ?>" href="javascript:;" href2="admin.php?page=wysija_campaigns&action=dividers&tab=dividers&emailId=<?php echo $_REQUEST['id'] ?>"><span class="dashicons dashicons-admin-generic"></span></a>
1210	</li>
1211	<li><a class="wysija_item" wysija_type="popup-bookmark"><?php _e('Social bookmarks', WYSIJA) ?></a></li>
1212	</ul>
	@@ -1217,7 +1217,7 @@ class WYSIJA_view_back_campaigns extends WYSIJA_view_back {
1217	<?php
1218	$action = 'special_new_wordp_upload';
1219	?>
1220	- <a id="wysija-upload-browse" class="button" href="javascript:;" href2="admin.php?page=wysija_campaigns&action=medias&tab=<?php echo $action; ?>&emailId=<?php echo $_REQUEST['id'] ?>"><?php _e('Add Images', WYSIJA) ?></a>
1221	</div>
1222
1223	<ul id="wj-images-quick" class="clearfix">


249	if ((isset($_REQUEST['link_filter']) && $_REQUEST['link_filter'] == $countType) \|\| ($countType == 'allsent' && !isset($_REQUEST['link_filter'])))
250	$classcurrent = 'class="current"';
251
252	+ echo '<li><a ' . $classcurrent . ' href="admin.php?page=wysija_campaigns&action=viewstats&id=' . esc_attr($_REQUEST['id']) . '&link_filter=' . esc_attr($countType) . '">' . $tradText . ' <span class="count">(' . esc_html($count) . ')</span></a>';
253
254	if ($total != $i)
255	echo ' \| ';

875	if (!empty($_REQUEST['url_id']) && $_REQUEST['url_id'] == $click['url_id'])
876	$css_class .= ' select';
877
878	+ $link = 'admin.php?page=wysija_campaigns&action=viewstats&id=' . esc_attr($_REQUEST['id']) . '&url_id=' . $click['url_id'];
879	$result.='<li><a href="' . $link . '" class="' . $css_class . '">' . $click['name'] . '</a> : ' . $label . '</li>';
880	$countloop++;
881	}

1206	<?php if ((int) $data['email']['type'] === 2) { ?><li><a class="wysija_item" id="wysija-widget-autopost" wysija_type="popup-auto-post"><?php _e('Automatic latest content', WYSIJA) ?></a></li><?php } ?>
1207	<li>
1208	<a class="wysija_item" wysija_type="divider" wysija_src="<?php echo $divider['src'] ?>" wysija_width="<?php echo $divider['width'] ?>" wysija_height="<?php echo $divider['height'] ?>"><?php _e('Divider', WYSIJA) ?></a>
1209	+ <a id="wysija_divider_settings" class="wysija_item_settings settings" title="<?php _e('Edit', WYSIJA); ?>" href="javascript:;" href2="admin.php?page=wysija_campaigns&action=dividers&tab=dividers&emailId=<?php echo esc_attr($_REQUEST['id']); ?>"><span class="dashicons dashicons-admin-generic"></span></a>
1210	</li>
1211	<li><a class="wysija_item" wysija_type="popup-bookmark"><?php _e('Social bookmarks', WYSIJA) ?></a></li>
1212	</ul>

1217	<?php
1218	$action = 'special_new_wordp_upload';
1219	?>
1220	+ <a id="wysija-upload-browse" class="button" href="javascript:;" href2="admin.php?page=wysija_campaigns&action=medias&tab=<?php echo esc_attr($action); ?>&emailId=<?php echo esc_attr($_REQUEST['id']); ?>"><?php _e('Add Images', WYSIJA) ?></a>
1221	</div>
1222
1223	<ul id="wj-images-quick" class="clearfix">

views/back/subscribers.php CHANGED Viewed

	@@ -270,12 +270,12 @@ class WYSIJA_view_back_subscribers extends WYSIJA_view_back
270	}
271	$header = '<tr class="thead">
272	<th scope="col" id="user-id" class="manage-column column-user-id check-column"><input type="checkbox" /></th>
273	- <th class="manage-column column-username'.$username_sorting.'" id="email" scope="col" style="width:140px;"><a href="#" class="orderlink" ><span>'.__('Email', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
274	$header .='<th class="manage-column column-list-names" id="list-list" scope="col">'.__('Lists', WYSIJA).'</th>';
275	- $header .='<th class="manage-column column-status'.$status_sorting.'" id="status" scope="col" style="width:80px;"><a href="#" class="orderlink" ><span>'.__('Status', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
276	- $header .= '<th class="manage-column column-date'.$created_at_sorting.'" id="created_at" scope="col"><a href="#" class="orderlink" ><span>'.__('Subscribed on', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
277	- $header .= '<th class="manage-column column-date' . $last_opened_sorting . '" id="last_opened" scope="col"><a href="#" class="orderlink" ><span>' . __('Last open', WYSIJA) . '</span><span class="sorting-indicator"></span></a></th>';
278	- $header .= '<th class="manage-column column-date' . $last_clicked_sorting . '" id="last_clicked" scope="col"><a href="#" class="orderlink" ><span>' . __('Last click', WYSIJA) . '</span><span class="sorting-indicator"></span></a></th>';
279
280	$header .= '</tr>';
281	echo $header;
	@@ -479,7 +479,7 @@ class WYSIJA_view_back_subscribers extends WYSIJA_view_back
479
480	$formid = 'wysija-'.$_REQUEST['action'];
481	?>
482	- <form name="<?php echo $formid ?>" method="post" id="<?php echo $formid ?>" action="" class="form-valid">
483
484	<table class="form-table">
485	<tbody>


270	}
271	$header = '<tr class="thead">
272	<th scope="col" id="user-id" class="manage-column column-user-id check-column"><input type="checkbox" /></th>
273	+ <th class="manage-column column-username'.esc_attr($username_sorting).'" id="email" scope="col" style="width:140px;"><a href="#" class="orderlink" ><span>'.__('Email', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
274	$header .='<th class="manage-column column-list-names" id="list-list" scope="col">'.__('Lists', WYSIJA).'</th>';
275	+ $header .='<th class="manage-column column-status'.esc_attr($status_sorting).'" id="status" scope="col" style="width:80px;"><a href="#" class="orderlink" ><span>'.__('Status', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
276	+ $header .= '<th class="manage-column column-date'.esc_attr($created_at_sorting).'" id="created_at" scope="col"><a href="#" class="orderlink" ><span>'.__('Subscribed on', WYSIJA).'</span><span class="sorting-indicator"></span></a></th>';
277	+ $header .= '<th class="manage-column column-date' . esc_attr($last_opened_sorting) . '" id="last_opened" scope="col"><a href="#" class="orderlink" ><span>' . __('Last open', WYSIJA) . '</span><span class="sorting-indicator"></span></a></th>';
278	+ $header .= '<th class="manage-column column-date' . esc_attr($last_clicked_sorting) . '" id="last_clicked" scope="col"><a href="#" class="orderlink" ><span>' . __('Last click', WYSIJA) . '</span><span class="sorting-indicator"></span></a></th>';
279
280	$header .= '</tr>';
281	echo $header;

479
480	$formid = 'wysija-'.$_REQUEST['action'];
481	?>
482	+ <form name="<?php echo esc_attr($formid); ?>" method="post" id="<?php echo esc_attr($formid); ?>" action="" class="form-valid">
483
484	<table class="form-table">
485	<tbody>

views/front/widget_nl.php CHANGED Viewed

	@@ -134,13 +134,13 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
134	$extra_class = ' '.$params['form_type'].'_wysija';
135	}
136
137	- $data.='<div class="widget_wysija_cont'.$extra_class.'">';
138
139	//if data has been posted the classique php/HTML way we display the result straight in good old HTML
140	if(isset($_POST['wysija']['user']['email']) && isset($_POST['formid']) && $form_id_real==$_POST['formid']){
141	- $data.= str_replace ('class="wysija-msg', 'id="msg-'.$form_id_real.'" class="wysija-msg', $this->messages());
142	}else{
143	- $data.='<div id="msg-'.$form_id_real.'" class="wysija-msg ajax">'.$msg_success_preview.'</div>';
144	}
145
146	// A form built with the form editor has been selected
	@@ -184,7 +184,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
184	// interpret shortcodes
185	$form_html = do_shortcode($form_html);
186
187	- $data .= '<form id="'.$form_id_real.'" method="post" action="#wysija" class="widget_wysija'.$extra_class.'">';
188	$data .= $form_html;
189	$data .= '</form>';
190	}
	@@ -192,7 +192,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
192
193	// What is included in this Else condition is only for retrocompatibility we should move it maybe to another file at some point as deprecated
194
195	- $data .= '<form id="'.$form_id_real.'" method="post" action="#wysija" class="widget_wysija form-valid-sub">';
196
197	if(isset($params['instruction']) && $params['instruction']) {
198	if(strpos($params['instruction'], '[total_subscribers') !== false){
	@@ -201,7 +201,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
201
202	$params['instruction']=str_replace('[total_subscribers]', $totalsubscribers, $params['instruction']);
203	}
204	- $data.='<p class="wysija-instruct">'.$params['instruction'].'</p>';
205	}
206
207
	@@ -210,7 +210,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
210	$i=0;
211	foreach($params['lists'] as $list_id){
212	$list_fields.='<p class="wysija_list_check">
213	- <label for="'.$form_id_real.'_list_id_'.$list_id.'"><input id="'.$form_id_real.'_list_id_'.$list_id.'" class="validate[minCheckbox[1]] checkbox checklists" type="checkbox" name="wysija[user_list][list_id][]" value="'.$list_id.'" checked="checked" /> '.$params['lists_name'][$list_id].' </label>
214	</p>';
215	$i++;
216	}
	@@ -227,7 +227,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
227	$captcha_field = '';
228	if($helperUser->isCaptchaEnabled()) {
229	$captcha_key = htmlspecialchars($model_config->getValue('recaptcha_key'));
230	- $captcha_field = '<div class="g-recaptcha" data-sitekey="'.$captcha_key.'" data-size="compact"></div>';
231	}
232
233	$submit_value = (!empty($params['submit'])) ? $params['submit'] : __('Submit', WYSIJA);
	@@ -245,7 +245,7 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
245	}
246
247	$classValidate='wysija-email '.$this->getClassValidate($this->model->columns['email'],true);
248	- $data.='<p><input type="text" id="'.$form_id_real.'-wysija-to" class="'.$classValidate.'" value="'.$value_attribute.'" name="wysija[user][email]" />';
249	$data.=$this->honey($params,$form_id_real);
250	$data.=$submitbutton.'</p>';
251	}
	@@ -301,36 +301,36 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
301	if($fieldKey=='email') $fieldid=$formidreal.'-wysija-to';
302	else $fieldid=$formidreal.'-'.$fieldKey;
303	if(isset($params['form_type']) && $params['form_type']=='html'){
304	- $titleplaceholder='placeholder="'.$field['label'].'" title="'.$field['label'].'"';
305	}else{
306	- $titleplaceholder='title="'.$field['label'].'"';
307	}
308
309	- $value_attribute=' value="'.$value_attribute.'" ';
310	if(count($params['customfields'])>1){
311	if(isset($params['labelswithin'])){
312	if($params['labelswithin']=='labels_within'){
313	- $fieldstring='<input type="text" id="'.$fieldid.'" '.$titleplaceholder.' class="defaultlabels '.$classValidate.'" name="wysija[user]['.$fieldKey.']" '.$value_attribute.'/>';
314	}else{
315	- $fieldstring='<label for="'.$fieldid.'">'.$field['label'].'</label><input type="text" id="'.$fieldid.'" class="'.$classValidate.'" name="wysija[user]['.$fieldKey.']" />';
316	}
317	}else{
318	- $fieldstring='<label for="'.$fieldid.'">'.$field['label'].'</label><input type="text" id="'.$fieldid.'" class="'.$classValidate.'" name="wysija[user]['.$fieldKey.']" />';
319	}
320	}else{
321	if(isset($params['labelswithin'])){
322	if($params['labelswithin']=='labels_within'){
323	- $fieldstring='<input type="text" id="'.$fieldid.'" '.$titleplaceholder.' class="defaultlabels '.$classValidate.'" name="wysija[user]['.$fieldKey.']" '.$value_attribute.'/>';
324	}else{
325	- $fieldstring='<input type="text" id="'.$fieldid.'" class="'.$classValidate.'" name="wysija[user]['.$fieldKey.']" '.$value_attribute.'/>';
326	}
327	}else{
328	- $fieldstring='<input type="text" id="'.$fieldid.'" class="'.$classValidate.'" name="wysija[user]['.$fieldKey.']" '.$value_attribute.'/>';
329	}
330	}
331
332
333	- $html.='<p class="wysija-p-'.$fieldKey.'">'.$fieldstring.'</p>';
334	}
335
336	$html.=$this->honey($params,$formidreal);
	@@ -353,11 +353,11 @@ class WYSIJA_view_front_widget_nl extends WYSIJA_view_front {
353	$fieldid=$formidreal.'-abs-'.$fieldKey;
354
355	if(isset($params['labelswithin'])){
356	- $fieldstring='<input type="text" id="'.$fieldid.'" value="" class="defaultlabels validated[abs]['.$field['type'].']" name="wysija[user][abs]['.$fieldKey.']" />';
357	}else{
358	- $fieldstring='<label for="'.$fieldid.'">'.$field['label'].'</label><input type="text" id="'.$fieldid.'" class="validated[abs]['.$field['type'].']" name="wysija[user][abs]['.$fieldKey.']" />';
359	}
360	- $html.='<span class="wysija-p-'.$fieldKey.' abs-req">'.$fieldstring.'</span>';
361	}
362	return $html;
363	}


134	$extra_class = ' '.$params['form_type'].'_wysija';
135	}
136
137	+ $data.='<div class="widget_wysija_cont'.esc_attr($extra_class).'">';
138
139	//if data has been posted the classique php/HTML way we display the result straight in good old HTML
140	if(isset($_POST['wysija']['user']['email']) && isset($_POST['formid']) && $form_id_real==$_POST['formid']){
141	+ $data.= str_replace ('class="wysija-msg', 'id="msg-'.esc_attr($form_id_real).'" class="wysija-msg', $this->messages());
142	}else{
143	+ $data.='<div id="msg-'.esc_attr($form_id_real).'" class="wysija-msg ajax">'.esc_html($msg_success_preview).'</div>';
144	}
145
146	// A form built with the form editor has been selected

184	// interpret shortcodes
185	$form_html = do_shortcode($form_html);
186
187	+ $data .= '<form id="'.esc_attr($form_id_real).'" method="post" action="#wysija" class="widget_wysija'.esc_attr($extra_class).'">';
188	$data .= $form_html;
189	$data .= '</form>';
190	}

192
193	// What is included in this Else condition is only for retrocompatibility we should move it maybe to another file at some point as deprecated
194
195	+ $data .= '<form id="'.esc_attr($form_id_real).'" method="post" action="#wysija" class="widget_wysija form-valid-sub">';
196
197	if(isset($params['instruction']) && $params['instruction']) {
198	if(strpos($params['instruction'], '[total_subscribers') !== false){

201
202	$params['instruction']=str_replace('[total_subscribers]', $totalsubscribers, $params['instruction']);
203	}
204	+ $data.='<p class="wysija-instruct">'.esc_html($params['instruction']).'</p>';
205	}
206
207

210	$i=0;
211	foreach($params['lists'] as $list_id){
212	$list_fields.='<p class="wysija_list_check">
213	+ <label for="'.esc_attr($form_id_real).'_list_id_'.esc_attr($list_id).'"><input id="'.esc_attr($form_id_real).'_list_id_'.esc_attr($list_id).'" class="validate[minCheckbox[1]] checkbox checklists" type="checkbox" name="wysija[user_list][list_id][]" value="'.esc_attr($list_id).'" checked="checked" /> '.esc_html($params['lists_name'][$list_id]).' </label>
214	</p>';
215	$i++;
216	}

227	$captcha_field = '';
228	if($helperUser->isCaptchaEnabled()) {
229	$captcha_key = htmlspecialchars($model_config->getValue('recaptcha_key'));
230	+ $captcha_field = '<div class="g-recaptcha" data-sitekey="'.esc_attr($captcha_key).'" data-size="compact"></div>';
231	}
232
233	$submit_value = (!empty($params['submit'])) ? $params['submit'] : __('Submit', WYSIJA);

245	}
246
247	$classValidate='wysija-email '.$this->getClassValidate($this->model->columns['email'],true);
248	+ $data.='<p><input type="text" id="'.esc_attr($form_id_real).'-wysija-to" class="'.esc_attr($classValidate).'" value="'.esc_attr($value_attribute).'" name="wysija[user][email]" />';
249	$data.=$this->honey($params,$form_id_real);
250	$data.=$submitbutton.'</p>';
251	}

301	if($fieldKey=='email') $fieldid=$formidreal.'-wysija-to';
302	else $fieldid=$formidreal.'-'.$fieldKey;
303	if(isset($params['form_type']) && $params['form_type']=='html'){
304	+ $titleplaceholder='placeholder="'.esc_attr($field['label']).'" title="'.esc_attr($field['label']).'"';
305	}else{
306	+ $titleplaceholder='title="'.esc_attr($field['label']).'"';
307	}
308
309	+ $value_attribute=' value="'.esc_attr($value_attribute).'" ';
310	if(count($params['customfields'])>1){
311	if(isset($params['labelswithin'])){
312	if($params['labelswithin']=='labels_within'){
313	+ $fieldstring='<input type="text" id="'.esc_attr($fieldid).'" '.$titleplaceholder.' class="defaultlabels '.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" '.$value_attribute.'/>';
314	}else{
315	+ $fieldstring='<label for="'.esc_attr($fieldid).'">xxx'.esc_html($field['label']).'</label><input type="text" id="'.esc_attr($fieldid).'" class="'.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" />';
316	}
317	}else{
318	+ $fieldstring='<label for="'.esc_attr($fieldid).'">yyy'.esc_html($field['label']).'</label><input type="text" id="'.esc_attr($fieldid).'" class="'.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" />';
319	}
320	}else{
321	if(isset($params['labelswithin'])){
322	if($params['labelswithin']=='labels_within'){
323	+ $fieldstring='<input type="text" id="'.esc_attr($fieldid).'" '.$titleplaceholder.' class="defaultlabels '.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" '.$value_attribute.'/>';
324	}else{
325	+ $fieldstring='<input type="text" id="'.esc_attr($fieldid).'" class="'.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" '.$value_attribute.'/>';
326	}
327	}else{
328	+ $fieldstring='<input type="text" id="'.esc_attr($fieldid).'" class="'.esc_attr($classValidate).'" name="wysija[user]['.esc_attr($fieldKey).']" '.$value_attribute.'/>';
329	}
330	}
331
332
333	+ $html.='<p class="wysija-p-'.esc_attr($fieldKey).'">'.$fieldstring.'</p>';
334	}
335
336	$html.=$this->honey($params,$formidreal);

353	$fieldid=$formidreal.'-abs-'.$fieldKey;
354
355	if(isset($params['labelswithin'])){
356	+ $fieldstring='<input type="text" id="'.esc_attr($fieldid).'" value="" class="defaultlabels validated[abs]['.esc_attr($field['type']).']" name="wysija[user][abs]['.esc_attr($fieldKey).']" />';
357	}else{
358	+ $fieldstring='<label for="'.esc_attr($fieldid).'">'.esc_html($field['label']).'</label><input type="text" id="'.esc_attr($fieldid).'" class="validated[abs]['.esc_attr($field['type']).']" name="wysija[user][abs]['.esc_attr($fieldKey).']" />';
359	}
360	+ $html.='<span class="wysija-p-'.esc_attr($fieldKey).' abs-req">'.$fieldstring.'</span>';
361	}
362	return $html;
363	}

MailPoet Newsletters (Previous) - Version 2.16

Version Description

Release Info

Code changes from version 2.15 to 2.16