Yet Another Related Posts Plugin (YARPP) - Version 5.8.0

Version Description

(08-September-2020) = * Enhancement: Code hygiene upgrade with usage of WPDB->prepare everywhere possible and related improvements * Bugfix: Since there is no YARPP Pro currently, removed mention of it from the widget form * Bugfix: Fixes "role" in deactivation survey

Download this release

Release Info

Developer jeffparker
Plugin Icon 128x128 Yet Another Related Posts Plugin (YARPP)
Version 5.8.0
Comparing to
See all releases

Code changes from version 5.7.0 to 5.8.0

Files changed (9) hide show
  1. classes/YARPP_Cache.php +91 -20
  2. classes/YARPP_Cache_Postmeta.php +18 -6
  3. classes/YARPP_Cache_Tables.php +37 -10
  4. classes/YARPP_Core.php +15 -0
  5. includes/phtmls/yarpp_meta_box_pool.phtml +9 -10
  6. includes/phtmls/yarpp_widget_form.phtml +1 -62
  7. includes/yarpp_options.php +15 -2
  8. readme.txt +7 -2
  9. yarpp.php +2 -2
classes/YARPP_Cache.php CHANGED
@@ -162,14 +162,25 @@ abstract class YARPP_Cache {
162
  $keywords = $this->get_keywords($reference_ID);
163
 
164
  // SELECT
165
- $newsql = "SELECT $reference_ID as reference_ID, ID, "; //post_title, post_date, post_content, post_excerpt,
 
 
 
166
  $newsql .= 'ROUND(0';
167
  if (isset($weight) && is_array($weight)){
168
  if (isset($weight['body']) && (int) $weight['body']) {
169
- $newsql .= " + (MATCH (post_content) AGAINST ('".esc_sql($keywords['body'])."')) * ".absint($weight['body']);
 
 
 
 
170
  }
171
  if (isset($weight['title']) && (int) $weight['title']) {
172
- $newsql .= " + (MATCH (post_title) AGAINST ('".esc_sql($keywords['title'])."')) * ".absint($weight['title']);
 
 
 
 
173
  }
174
 
175
  // Build tax criteria query parts based on the weights
@@ -186,22 +197,68 @@ abstract class YARPP_Cache {
186
 
187
  $exclude_tt_ids = wp_parse_id_list($exclude);
188
  if (count($exclude_tt_ids) || (isset($weight) && isset($weight['tax']) && count((array) $weight['tax'])) || count($require_tax)) {
189
- $newsql .= "left join $wpdb->term_relationships as terms on ( terms.object_id = $wpdb->posts.ID ) \n";
190
  }
191
 
192
  /*
193
  * Where
194
  */
195
 
196
- $newsql .= " where post_status in ( 'publish', 'static' ) and ID != '$reference_ID'";
 
 
 
197
  /**
198
  * @since 3.1.8 Revised $past_only option
199
  */
200
- if ($past_only) $newsql .= " and post_date <= '$reference_post->post_date' ";
201
- if (!$show_pass_post) $newsql .= " and post_password ='' ";
202
- if ((bool) $recent) $newsql .= " and post_date > date_sub(now(), interval {$recent}) ";
203
-
204
- $newsql .= " and post_type = 'post'";
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
205
 
206
  // GROUP BY
207
  $newsql .= "\n group by ID \n";
@@ -212,17 +269,27 @@ abstract class YARPP_Cache {
212
  /**
213
  * @since 3.5.3: ID=0 is a special value; never save such a result.
214
  */
215
- $newsql .= " having score >= $safethreshold and ID != 0";
 
 
 
216
  if (count($exclude_tt_ids)) {
 
217
  $newsql .= " and bit_or(terms.term_taxonomy_id in (".join(',', $exclude_tt_ids).")) = 0";
218
  }
219
 
220
  foreach ((array) $require_tax as $tax => $number) {
221
- $newsql .= ' and '.$this->tax_criteria($reference_ID, $tax).' >= '.intval($number);
 
 
 
222
  }
223
 
224
- $newsql .= " order by score desc limit $limit";
225
-
 
 
 
226
  if (isset($args['post_type'])) {
227
  $post_types = (array) $args['post_type'];
228
  } else {
@@ -232,13 +299,12 @@ abstract class YARPP_Cache {
232
  $post_types = array(get_post_type($reference_post));
233
  }
234
  }
235
- $sql = '('.str_replace("post_type = 'post'", "post_type IN ('" . implode("','",$post_types). "')", $newsql).')';
236
-
237
- if ($this->core->debug) echo "<!-- $sql -->";
238
 
239
- $this->last_sql = $sql;
240
 
241
- return $sql;
242
  }
243
 
244
  private function tax_criteria($reference_ID, $taxonomy) {
@@ -246,7 +312,12 @@ abstract class YARPP_Cache {
246
  // if there are no terms of that tax
247
  if (false === $terms) return '(1 = 0)';
248
 
249
- $tt_ids = wp_list_pluck($terms, 'term_taxonomy_id');
 
 
 
 
 
250
  return "count(distinct if( terms.term_taxonomy_id in (".join(',',$tt_ids)."), terms.term_taxonomy_id, null ))";
251
  }
252
  /*
162
  $keywords = $this->get_keywords($reference_ID);
163
 
164
  // SELECT
165
+ $newsql = $wpdb->prepare(
166
+ "SELECT %d as reference_ID, ID, ",
167
+ $reference_ID
168
+ );
169
  $newsql .= 'ROUND(0';
170
  if (isset($weight) && is_array($weight)){
171
  if (isset($weight['body']) && (int) $weight['body']) {
172
+ $newsql .= $wpdb->prepare(
173
+ " + (MATCH (post_content) AGAINST (%s)) * %d",
174
+ $keywords['body'],
175
+ $weight['body']
176
+ );
177
  }
178
  if (isset($weight['title']) && (int) $weight['title']) {
179
+ $newsql .= $wpdb->prepare(
180
+ " + (MATCH (post_title) AGAINST (%s)) * %d",
181
+ $keywords['title'],
182
+ $weight['title']
183
+ );
184
  }
185
 
186
  // Build tax criteria query parts based on the weights
197
 
198
  $exclude_tt_ids = wp_parse_id_list($exclude);
199
  if (count($exclude_tt_ids) || (isset($weight) && isset($weight['tax']) && count((array) $weight['tax'])) || count($require_tax)) {
200
+ $newsql .= "left join $wpdb->term_relationships as terms on ( terms.object_id = {$wpdb->posts}.ID ) \n";
201
  }
202
 
203
  /*
204
  * Where
205
  */
206
 
207
+ $newsql .= $wpdb->prepare(
208
+ " where post_status in ( 'publish', 'static' ) and ID != %d",
209
+ $reference_ID
210
+ );
211
  /**
212
  * @since 3.1.8 Revised $past_only option
213
  */
214
+ if ($past_only) {
215
+ $newsql .= $wpdb->prepare(
216
+ " and post_date <= %s ",
217
+ $reference_post->post_date
218
+ );
219
+ }
220
+ if (!$show_pass_post){
221
+ $newsql .= " and post_password ='' ";
222
+ }
223
+ if ((bool) $recent){
224
+ $recent_parts = explode(' ', $recent);
225
+ if(count($recent_parts) === 2 && isset($recent_parts[0], $recent_parts[1])){
226
+ $recent_number = $recent_parts[0];
227
+ if(in_array(
228
+ $recent_parts[1],
229
+ array_keys(
230
+ $this->core->recent_units()
231
+ )
232
+ )){
233
+ $recent_unit = $recent_parts[1];
234
+ } else {
235
+ $recent_unit = 'day';
236
+ }
237
+ $newsql .= $wpdb->prepare(
238
+ " and post_date > date_sub(now(), interval %d {$recent_unit}) ",
239
+ $recent_number
240
+ );
241
+ }
242
+
243
+ }
244
+
245
+ if (isset($args['post_type'])) {
246
+ $post_types = (array) $args['post_type'];
247
+ } else {
248
+ if ($this->core->get_option('cross_relate')) {
249
+ $post_types = $this->core->get_post_types();
250
+ } else {
251
+ $post_types = array(get_post_type($reference_post));
252
+ }
253
+ }
254
+ $sanitized_post_types = array_map(
255
+ function($item){
256
+ global $wpdb;
257
+ return $wpdb->prepare('%s', $item);
258
+ },
259
+ $post_types
260
+ );
261
+ $newsql .= ' and post_type IN (' . implode(',',$sanitized_post_types). ')';
262
 
263
  // GROUP BY
264
  $newsql .= "\n group by ID \n";
269
  /**
270
  * @since 3.5.3: ID=0 is a special value; never save such a result.
271
  */
272
+ $newsql .= $wpdb->prepare(
273
+ " having score >= %f and ID != 0",
274
+ $safethreshold
275
+ );
276
  if (count($exclude_tt_ids)) {
277
+ // $exclude_tt_ids already ran through wp_parse_id_list
278
  $newsql .= " and bit_or(terms.term_taxonomy_id in (".join(',', $exclude_tt_ids).")) = 0";
279
  }
280
 
281
  foreach ((array) $require_tax as $tax => $number) {
282
+ $newsql .= $wpdb->prepare(
283
+ ' and '.$this->tax_criteria($reference_ID, $tax).' >= %d',
284
+ $number
285
+ );
286
  }
287
 
288
+ $newsql .= $wpdb->prepare(
289
+ " order by score desc limit %d",
290
+ $limit
291
+ );
292
+
293
  if (isset($args['post_type'])) {
294
  $post_types = (array) $args['post_type'];
295
  } else {
299
  $post_types = array(get_post_type($reference_post));
300
  }
301
  }
302
+
303
+ if ($this->core->debug) echo "<!-- $newsql -->";
 
304
 
305
+ $this->last_sql = $newsql;
306
 
307
+ return $newsql;
308
  }
309
 
310
  private function tax_criteria($reference_ID, $taxonomy) {
312
  // if there are no terms of that tax
313
  if (false === $terms) return '(1 = 0)';
314
 
315
+ $tt_ids = array_map(
316
+ function($item){
317
+ return (int)$item->term_taxonomy_id;
318
+ },
319
+ $terms
320
+ );
321
  return "count(distinct if( terms.term_taxonomy_id in (".join(',',$tt_ids)."), terms.term_taxonomy_id, null ))";
322
  }
323
  /*
classes/YARPP_Cache_Postmeta.php CHANGED
@@ -41,11 +41,18 @@ class YARPP_Cache_Postmeta extends YARPP_Cache {
41
 
42
  public function uncached($limit = 20, $offset = 0) {
43
  global $wpdb;
44
- return $wpdb->get_col("select SQL_CALC_FOUND_ROWS p.ID
45
- FROM `{$wpdb->posts}` as p
46
- LEFT JOIN `{$wpdb->postmeta}` as m ON (p.ID = m.post_id and m.meta_key = '" . YARPP_POSTMETA_RELATED_KEY . "')
47
- WHERE p.post_status = 'publish' and m.meta_value IS NULL
48
- LIMIT $limit OFFSET $offset");
 
 
 
 
 
 
 
49
  }
50
 
51
  public function stats() {
@@ -214,7 +221,12 @@ class YARPP_Cache_Postmeta extends YARPP_Cache {
214
 
215
  // return a list of entities which list this post as "related"
216
  if (!is_null($related_ID)) {
217
- return $wpdb->get_col("select post_id from `{$wpdb->postmeta}` where meta_key = '" . YARPP_POSTMETA_RELATED_KEY . "' and meta_value regexp 's:2:\"ID\";s:\d+:\"{$related_ID}\"'");
 
 
 
 
 
218
  }
219
 
220
  return false;
41
 
42
  public function uncached($limit = 20, $offset = 0) {
43
  global $wpdb;
44
+
45
+ return $wpdb->get_col(
46
+ $wpdb->prepare(
47
+ "select SQL_CALC_FOUND_ROWS p.ID
48
+ FROM `{$wpdb->posts}` as p
49
+ LEFT JOIN `{$wpdb->postmeta}` as m ON (p.ID = m.post_id and m.meta_key = '" . YARPP_POSTMETA_RELATED_KEY . "')
50
+ WHERE p.post_status = 'publish' and m.meta_value IS NULL
51
+ LIMIT %d OFFSET %d",
52
+ $limit,
53
+ $offset
54
+ )
55
+ );
56
  }
57
 
58
  public function stats() {
221
 
222
  // return a list of entities which list this post as "related"
223
  if (!is_null($related_ID)) {
224
+ return $wpdb->get_col(
225
+ $wpdb->prepare(
226
+ "select post_id from `{$wpdb->postmeta}` where meta_key = '" . YARPP_POSTMETA_RELATED_KEY . "' and meta_value regexp 's:2:\"ID\";s:\d+:\"%d\"'",
227
+ $reference_ID
228
+ )
229
+ );
230
  }
231
 
232
  return false;
classes/YARPP_Cache_Tables.php CHANGED
@@ -78,11 +78,17 @@ class YARPP_Cache_Tables extends YARPP_Cache {
78
 
79
  public function uncached($limit = 20, $offset = 0) {
80
  global $wpdb;
81
- return $wpdb->get_col("select SQL_CALC_FOUND_ROWS p.ID
82
- FROM `{$wpdb->posts}` as p
83
- LEFT JOIN `{$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . "` as c ON (p.ID = c.reference_ID)
84
- WHERE p.post_status = 'publish' and c.ID IS NULL
85
- LIMIT $limit OFFSET $offset");
 
 
 
 
 
 
86
  }
87
 
88
  public function stats() {
@@ -241,7 +247,12 @@ class YARPP_Cache_Tables extends YARPP_Cache {
241
 
242
  return YARPP_RELATED;
243
  } else {
244
- $wpdb->query("insert into {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " (reference_ID,ID,score) values ($reference_ID,0,0) on duplicate key update date = now()");
 
 
 
 
 
245
 
246
  // Clear the caches of those which are no longer related.
247
  if ( count($original_related) )
@@ -253,7 +264,7 @@ class YARPP_Cache_Tables extends YARPP_Cache {
253
 
254
  public function flush() {
255
  global $wpdb;
256
- $wpdb->query("truncate table `{$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . "`");
257
  // @since 3.5.2: clear object cache, used for is_cached_* values
258
  wp_cache_flush();
259
  }
@@ -267,18 +278,34 @@ class YARPP_Cache_Tables extends YARPP_Cache {
267
  }
268
 
269
  if (!is_null($reference_ID) && !is_null($related_ID)) {
270
- $results = $wpdb->get_col("select ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where reference_ID = $reference_ID and ID = $related_ID");
 
 
 
 
 
 
271
  return count($results) > 0;
272
  }
273
 
274
  // return a list of ID's of "related" entries
275
  if ( !is_null($reference_ID) ) {
276
- return $wpdb->get_col("select distinct ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where reference_ID = $reference_ID and ID != 0");
 
 
 
 
 
277
  }
278
 
279
  // return a list of entities which list this post as "related"
280
  if ( !is_null($related_ID) ) {
281
- return $wpdb->get_col("select distinct reference_ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where ID = $related_ID");
 
 
 
 
 
282
  }
283
 
284
  return false;
78
 
79
  public function uncached($limit = 20, $offset = 0) {
80
  global $wpdb;
81
+ return $wpdb->get_col(
82
+ $wpdb->prepare(
83
+ "select SQL_CALC_FOUND_ROWS p.ID
84
+ FROM `{$wpdb->posts}` as p
85
+ LEFT JOIN `{$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . "` as c ON (p.ID = c.reference_ID)
86
+ WHERE p.post_status = 'publish' and c.ID IS NULL
87
+ LIMIT %d OFFSET %d",
88
+ $limit,
89
+ $offset
90
+ )
91
+ );
92
  }
93
 
94
  public function stats() {
247
 
248
  return YARPP_RELATED;
249
  } else {
250
+ $wpdb->query(
251
+ $wpdb->prepare(
252
+ "insert into " . $wpdb->prefix . YARPP_TABLES_RELATED_TABLE . " (reference_ID,ID,score) values (%d,0,0) on duplicate key update date = now()",
253
+ $reference_ID
254
+ )
255
+ );
256
 
257
  // Clear the caches of those which are no longer related.
258
  if ( count($original_related) )
264
 
265
  public function flush() {
266
  global $wpdb;
267
+ $wpdb->query("truncate table `" . $wpdb->prefix. YARPP_TABLES_RELATED_TABLE . '`');
268
  // @since 3.5.2: clear object cache, used for is_cached_* values
269
  wp_cache_flush();
270
  }
278
  }
279
 
280
  if (!is_null($reference_ID) && !is_null($related_ID)) {
281
+ $results = $wpdb->get_col(
282
+ $wpdb->prepare(
283
+ "select ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where reference_ID = %d and ID = %d",
284
+ $reference_ID,
285
+ $related_ID
286
+ )
287
+ );
288
  return count($results) > 0;
289
  }
290
 
291
  // return a list of ID's of "related" entries
292
  if ( !is_null($reference_ID) ) {
293
+ return $wpdb->get_col(
294
+ $wpdb->prepare(
295
+ "select distinct ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where reference_ID = %d and ID != 0",
296
+ $related_ID
297
+ )
298
+ );
299
  }
300
 
301
  // return a list of entities which list this post as "related"
302
  if ( !is_null($related_ID) ) {
303
+ return $wpdb->get_col(
304
+ $wpdb->prepare(
305
+ "select distinct reference_ID from {$wpdb->prefix}" . YARPP_TABLES_RELATED_TABLE . " where ID = %d",
306
+ $related_ID
307
+ )
308
+ );
309
  }
310
 
311
  return false;
classes/YARPP_Core.php CHANGED
@@ -660,6 +660,7 @@ class YARPP {
660
  $option_keys[] = 'excerpt_len';
661
  $option_keys[] = 'show_score';
662
  if (count($option_keys)) {
 
663
  $in = "('yarpp_".join("', 'yarpp_", $option_keys)."')";
664
  $wpdb->query("DELETE FROM {$wpdb->options} WHERE option_name IN {$in}");
665
  }
@@ -1622,4 +1623,18 @@ class YARPP {
1622
  $text = str_replace('</p>', '', $text);
1623
  return $text;
1624
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1625
  }
660
  $option_keys[] = 'excerpt_len';
661
  $option_keys[] = 'show_score';
662
  if (count($option_keys)) {
663
+ // This sanitization is sufficient because $option_keys are hardcoded above.
664
  $in = "('yarpp_".join("', 'yarpp_", $option_keys)."')";
665
  $wpdb->query("DELETE FROM {$wpdb->options} WHERE option_name IN {$in}");
666
  }
1623
  $text = str_replace('</p>', '', $text);
1624
  return $text;
1625
  }
1626
+
1627
+ /**
1628
+ * Gets the list of valid interval units used by YARPP and MySQL interval statements.
1629
+ *
1630
+ * @return array keys are valid values for recent units, and for MySQL interval
1631
+ * (see https://www.mysqltutorial.org/mysql-interval/), values are translated strings
1632
+ */
1633
+ public function recent_units() {
1634
+ return array(
1635
+ 'day' => __('day(s)','yarpp'),
1636
+ 'week' => __('week(s)','yarpp'),
1637
+ 'month' => __('month(s)','yarpp')
1638
+ );
1639
+ }
1640
  }
includes/phtmls/yarpp_meta_box_pool.phtml CHANGED
@@ -22,14 +22,13 @@
22
  $recent_units = 'month';
23
  }
24
 
25
- $recent_number = '<input name="recent_number" type="text" id="recent_number" value="'.esc_attr($recent_number).'" size="2" />';
26
-
27
- $recent_units =
28
- '<select name="recent_units" id="recent_units" style="vertical-align:inherit">'.
29
- '<option value="day" ' .(($recent_units === 'day') ? 'selected' : null).'>'.__('day(s)', 'yarpp').'</option>'.
30
- '<option value="week" ' .(($recent_units === 'week') ? 'selected' : null).'>'.__('week(s)', 'yarpp').'</option>'.
31
- '<option value="month" '.(($recent_units === 'month') ? 'selected' : null).'>'.__('month(s)', 'yarpp').'</option>'.
32
- '</select>';
33
  ?>
34
 
35
  <div class='yarpp_form_row yarpp_form_checkbox'>
@@ -41,8 +40,8 @@
41
  printf(
42
  // translators: 1: HTML for a number field, 2: HTML for a units dropdown (eg "week(s)", "day(s)", month(s))
43
  __('Display only posts from the past %1$s %2$s', 'yarpp'),
44
- $recent_number,
45
- $recent_units
46
  );
47
  ?>
48
  </label>
22
  $recent_units = 'month';
23
  }
24
 
25
+ $recent_number_html = '<input name="recent_number" type="text" id="recent_number" value="'.esc_attr($recent_number).'" size="2" />';
26
+
27
+ $recent_units_html = '<select name="recent_units" id="recent_units" style="vertical-align:inherit">';
28
+ foreach($yarpp->recent_units() as $value => $translated_string){
29
+ $recent_units_html .= '<option value="' . esc_attr($value) . '" ' . (($recent_units === $value) ? 'selected' : '') . '>' . $translated_string . '</option>';
30
+ }
31
+ $recent_units_html .= '</select>';
 
32
  ?>
33
 
34
  <div class='yarpp_form_row yarpp_form_checkbox'>
40
  printf(
41
  // translators: 1: HTML for a number field, 2: HTML for a units dropdown (eg "week(s)", "day(s)", month(s))
42
  __('Display only posts from the past %1$s %2$s', 'yarpp'),
43
+ $recent_number_html,
44
+ $recent_units_html
45
  );
46
  ?>
47
  </label>
includes/phtmls/yarpp_widget_form.phtml CHANGED
@@ -1,51 +1,5 @@
1
  <div class="yarpp-widget-settings-switch">
2
- <p>
3
- <label for="<?php echo $this->get_field_id('use_yarpp_pro') ?>">Display widget using </label>
4
- <select
5
- class="yarpp-mode-switch"
6
- name="<?php echo $this->get_field_name('use_pro') ?>"
7
- <?php echo ($yarpp->yarppPro['active']) ? null : 'disabled' ?>>
8
- <option value="0" <?php echo selected($instance['use_pro']) ?>>Yarpp Basic</option>
9
- <option value="1" <?php echo selected($instance['use_pro']) ?>>Yarpp Pro</option>
10
- </select>
11
-
12
- <?php if (!$yarpp->yarppPro['active']): ?>
13
- <div class="yarpp_pro_msg">
14
- <p>
15
- <strong>YARPP Pro is not active!</strong>
16
- <br/>
17
- Take advantage of YARPP Pro&apos;s enhanced features by creating your free account today.
18
- </p>
19
- <a href="options-general.php?page=yarpp&mode=pro" class="button" style="width: 100%; text-align: center">
20
- Take me to YARPP Pro setting&apos;s page
21
- </a>
22
- </div>
23
- <?php endif ?>
24
-
25
- </p>
26
-
27
- <div class="yarpp-widget-pro-settings" style="display: <?php echo ($instance['use_pro']) ? 'block' : 'none' ?>">
28
- <p>
29
- To show relevant sponsored content in this sidebar, copy and paste the correct Widget ID from your YARPP Pro dashboard.
30
- <br/>
31
- <br/>
32
- <label>Widget ID: </label>
33
- <input
34
- type="text"
35
- id="<?php echo $this->get_field_id('use_yarpp_pro_dpid') ?>"
36
- name="<?php echo $this->get_field_name('pro_dpid') ?>"
37
- value="<?php echo esc_attr($instance['pro_dpid']) ?>"
38
- />
39
- <span class="yarpp_help dashicons dashicons-editor-help">
40
- <span class="yarpp_help_msg">
41
- Create an account through the “YARPP Pro” tab on the “Settings” page, create your widget style,
42
- and click “Get Code” to find your Widget ID.
43
- </span>
44
- </span>
45
- </p>
46
- </div>
47
-
48
- <div class="yarpp-widget-basic-settings" style="display: <?php echo ($instance['use_pro']) ? 'none' : 'block' ?>">
49
  <p class='yarpp-widget-type-control'>
50
  <label style="padding-right: 10px; display: inline-block;" for="<?php echo $this->get_field_id('use_template_builtin'); ?>">
51
  <input
@@ -119,7 +73,6 @@
119
  jQuery(function($) {
120
  $('.yarpp-widget-type-control','#wpbody').each(ensureTemplateChoice);
121
  $('.yarpp-widget-type-control input','#wpbody').on('change', ensureTemplateChoice);
122
- $('.yarpp-widget-settings-switch .yarpp-mode-switch', '#wpbody').on('change', makeTheSwitch);
123
 
124
  function ensureTemplateChoice(e) {
125
  if (typeof e === 'object' && 'type' in e) e.stopImmediatePropagation();
@@ -134,19 +87,5 @@ jQuery(function($) {
134
  $('#widget-'+widget_id+'-thumbnails_heading').closest('p').toggle(thumbnails);
135
  $('#widget-'+widget_id+'-template_file').closest('p').toggle(custom);
136
  }
137
-
138
- function makeTheSwitch(e){
139
- if (typeof e === 'object' && 'type' in e) e.stopImmediatePropagation();
140
- var $context = $(this).closest('.yarpp-widget-settings-switch');
141
- if ($(this).val() === '1') {
142
- $('.yarpp-widget-basic-settings', $context).fadeOut('fast',function(){
143
- $('.yarpp-widget-pro-settings', $context).fadeIn('fast');
144
- });
145
- } else {
146
- $('.yarpp-widget-pro-settings', $context).fadeOut('fast',function(){
147
- $('.yarpp-widget-basic-settings', $context).fadeIn('fast');
148
- });
149
- }
150
- }
151
  });
152
  </script>
1
  <div class="yarpp-widget-settings-switch">
2
+ <div class="yarpp-widget-basic-settings" style="display: block;">
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
3
  <p class='yarpp-widget-type-control'>
4
  <label style="padding-right: 10px; display: inline-block;" for="<?php echo $this->get_field_id('use_template_builtin'); ?>">
5
  <input
73
  jQuery(function($) {
74
  $('.yarpp-widget-type-control','#wpbody').each(ensureTemplateChoice);
75
  $('.yarpp-widget-type-control input','#wpbody').on('change', ensureTemplateChoice);
 
76
 
77
  function ensureTemplateChoice(e) {
78
  if (typeof e === 'object' && 'type' in e) e.stopImmediatePropagation();
87
  $('#widget-'+widget_id+'-thumbnails_heading').closest('p').toggle(thumbnails);
88
  $('#widget-'+widget_id+'-template_file').closest('p').toggle(custom);
89
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
90
  });
91
  </script>
includes/yarpp_options.php CHANGED
@@ -114,8 +114,21 @@ if (isset($_POST['update_yarpp']) && check_admin_referer('update_yarpp', 'update
114
  $new_options['auto_display_post_types'] = array();
115
  }
116
 
117
- $new_options['recent'] = isset($_POST['recent_only']) ?
118
- $_POST['recent_number'] . ' ' . $_POST['recent_units'] : false;
 
 
 
 
 
 
 
 
 
 
 
 
 
119
 
120
  if ( isset($_POST['exclude']) )
121
  $new_options['exclude'] = implode(',',array_keys($_POST['exclude']));
114
  $new_options['auto_display_post_types'] = array();
115
  }
116
 
117
+ // The new value for "recent only" will be used directly in MySQL query, so make sure its sanitized.
118
+ if ( isset($_POST['recent_only'] ) ) {
119
+ if(in_array(
120
+ $_POST['recent_units'],
121
+ array_keys($yarpp->recent_units())
122
+ )){
123
+ $unit = $_POST['recent_units'];
124
+ } else {
125
+ $unit = 'day';
126
+ }
127
+ $recent = ((int)$_POST['recent_number']) . ' ' . $unit;
128
+ } else {
129
+ $recent = false;
130
+ }
131
+ $new_options['recent'] = $recent;
132
 
133
  if ( isset($_POST['exclude']) )
134
  $new_options['exclude'] = implode(',',array_keys($_POST['exclude']));
readme.txt CHANGED
@@ -5,7 +5,7 @@ Requires at least: 3.7
5
  Requires PHP: 5.3
6
  License: GPLv2 or later
7
  Tested up to: 5.5
8
- Stable tag: 5.7.0
9
 
10
  The most popular plugin to display a list of related posts on your site based on a powerful unique algorithm.
11
 
@@ -282,6 +282,11 @@ add_action(
282
  `
283
 
284
  == Changelog ==
 
 
 
 
 
285
  = 5.7.0 (18-August-2020) =
286
  * Enhancement: Ensure that when a post is finally published, YARPP cache for peer posts is cleared to ensure the most related posts are always recommended across every post
287
  * [Bugfix](https://wordpress.org/support/topic/an-error-occurred-while-processing-the-directive-6/): Fixed warning in Admin UI caused by an unnecessary HTML comment
@@ -1007,6 +1012,6 @@ After a break of many years, the plugin is 100% supported now that the baton has
1007
  * Initial upload
1008
 
1009
  == Upgrade Notice ==
1010
- = 5.7.0 =
1011
  We update this plugin regularly so we can make it better for you. Update to the latest version for all of the available features and improvements. Thank you for using YARPP!
1012
 
5
  Requires PHP: 5.3
6
  License: GPLv2 or later
7
  Tested up to: 5.5
8
+ Stable tag: 5.8.0
9
 
10
  The most popular plugin to display a list of related posts on your site based on a powerful unique algorithm.
11
 
282
  `
283
 
284
  == Changelog ==
285
+ = 5.8.0 (08-September-2020) =
286
+ * Enhancement: Code hygiene upgrade with usage of `WPDB->prepare` everywhere possible and related improvements
287
+ * [Bugfix](https://wordpress.org/support/topic/i-need-to-ad-yarpp-to-my-sidebar-but-it-wont-let-me-upgrade-to-pro/): Since there is no YARPP Pro currently, removed mention of it from the widget form
288
+ * [Bugfix](https://wordpress.org/support/topic/bug-fix-for-role-related-code/): Fixes "role" in deactivation survey
289
+
290
  = 5.7.0 (18-August-2020) =
291
  * Enhancement: Ensure that when a post is finally published, YARPP cache for peer posts is cleared to ensure the most related posts are always recommended across every post
292
  * [Bugfix](https://wordpress.org/support/topic/an-error-occurred-while-processing-the-directive-6/): Fixed warning in Admin UI caused by an unnecessary HTML comment
1012
  * Initial upload
1013
 
1014
  == Upgrade Notice ==
1015
+ = 5.8.0 =
1016
  We update this plugin regularly so we can make it better for you. Update to the latest version for all of the available features and improvements. Thank you for using YARPP!
1017
 
yarpp.php CHANGED
@@ -2,7 +2,7 @@
2
  /*
3
  Plugin Name: Yet Another Related Posts Plugin (YARPP)
4
  Description: Adds related posts to your site and in RSS feeds, based on a powerful, customizable algorithm.
5
- Version: 5.7.0
6
  Author: YARPP
7
  Author URI: https://yarpp.com/
8
  Plugin URI: https://yarpp.com/
@@ -23,7 +23,7 @@ if(!defined('WP_CONTENT_DIR')){
23
  define('WP_CONTENT_DIR', substr($tr,0,strrpos($tr,'/')));
24
  }
25
 
26
- define('YARPP_VERSION', '5.7.0');
27
 
28
  define('YARPP_DIR', dirname(__FILE__));
29
  /**
2
  /*
3
  Plugin Name: Yet Another Related Posts Plugin (YARPP)
4
  Description: Adds related posts to your site and in RSS feeds, based on a powerful, customizable algorithm.
5
+ Version: 5.8.0
6
  Author: YARPP
7
  Author URI: https://yarpp.com/
8
  Plugin URI: https://yarpp.com/
23
  define('WP_CONTENT_DIR', substr($tr,0,strrpos($tr,'/')));
24
  }
25
 
26
+ define('YARPP_VERSION', '5.8.0');
27
 
28
  define('YARPP_DIR', dirname(__FILE__));
29
  /**