Yasr – Yet Another Stars Rating

Version Description

FIXED: added a further check every time get_the_title function is called

Release Info

Developer	Dudo
Plugin	Yasr – Yet Another Stars Rating
Version	1.9.9
Comparing to
See all releases

lib/admin/settings/yasr-settings-functions-style.php CHANGED Viewed

	@@ -113,7 +113,10 @@ function yasr_style_options_sanitize ($style_options) {
113	$style_options = apply_filters('yasr_sanitize_style_options', $style_options);
114
115	foreach ($style_options as $key => $value) {
116	- $output[$key] = strip_tags( stripslashes( $style_options[$key] ) );



117	}
118
119	return $output;


113	$style_options = apply_filters('yasr_sanitize_style_options', $style_options);
114
115	foreach ($style_options as $key => $value) {
116	+ $output[$key] = strip_tags(stripslashes($style_options[$key]));
117	+
118	+ //Always use htmlspecialchars
119	+ $output[$key] = htmlspecialchars($output[$key]);
120	}
121
122	return $output;

lib/admin/settings/yasr-settings-functions.php CHANGED Viewed

	@@ -901,14 +901,14 @@ function yasr_general_options_sanitize( $option )
901	'show-body-only' => true,
902	) );
903	}
904	-
905	- //Use htmlspecialchars
906	- $output[$key] = htmlspecialchars( $output[$key] );
907	} else {
908	// handle quoted strings and allow no tags
909	$output[$key] = strip_tags( stripslashes( $option[$key] ), $allowed_tags );
910	}
911


912	if ( $key == 'blogposting_organization_logo' ) {
913	//if is not a valid url get_site_icon_url instead
914	if ( filter_var( $value, FILTER_VALIDATE_URL ) === false ) {


901	'show-body-only' => true,
902	) );
903	}
904	+


905	} else {
906	// handle quoted strings and allow no tags
907	$output[$key] = strip_tags( stripslashes( $option[$key] ), $allowed_tags );
908	}
909
910	+ //Always use htmlspecialchars
911	+ $output[$key] = htmlspecialchars( $output[$key] );
912	if ( $key == 'blogposting_organization_logo' ) {
913	//if is not a valid url get_site_icon_url instead
914	if ( filter_var( $value, FILTER_VALIDATE_URL ) === false ) {

lib/admin/settings/yasr-stats-functions.php CHANGED Viewed

	@@ -159,7 +159,7 @@ class YASR_Stats_Log_List_Table extends YASR_WP_List_Table {
159	case 'post_id':
160	$post_id = $item[$column_name];
161
162	- $title_post = get_the_title($post_id);
163	$link = get_permalink($post_id);
164
165	$yasr_title_link = '<a href="' . $link . '">' . $title_post . '</a>';


159	case 'post_id':
160	$post_id = $item[$column_name];
161
162	+ $title_post = wp_strip_all_tags(get_the_title($post_id));
163	$link = get_permalink($post_id);
164
165	$yasr_title_link = '<a href="' . $link . '">' . $title_post . '</a>';

lib/yasr-ajax-functions.php CHANGED Viewed

	@@ -397,7 +397,7 @@ if ( ! defined( 'ABSPATH' ) ) exit('You\'re not allowed to see this page'); // E
397
398	$avatar = get_avatar($column->user_id, '32'); //Get avatar from user id
399
400	- $title_post = get_the_title( $column->post_id ); //Get post title from post id
401	$link = get_permalink( $column->post_id ); //Get post link from post id
402
403	$yasr_log_vote_text = sprintf(__('Vote %d from %s on', 'yet-another-stars-rating'), $column->vote, '<strong style="color: blue">'.$user->user_login.'</strong>' );
	@@ -546,7 +546,7 @@ if ( ! defined( 'ABSPATH' ) ) exit('You\'re not allowed to see this page'); // E
546
547	$avatar = get_avatar($user_id, '32'); //Get avatar from user id
548
549	- $title_post = get_the_title( $column->post_id ); //Get post title from post id
550	$link = get_permalink( $column->post_id ); //Get post link from post id
551
552	$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">'.$column->vote.'</strong>');


397
398	$avatar = get_avatar($column->user_id, '32'); //Get avatar from user id
399
400	+ $title_post = wp_strip_all_tags(get_the_title($column->post_id)); //Get post title from post id
401	$link = get_permalink( $column->post_id ); //Get post link from post id
402
403	$yasr_log_vote_text = sprintf(__('Vote %d from %s on', 'yet-another-stars-rating'), $column->vote, '<strong style="color: blue">'.$user->user_login.'</strong>' );

546
547	$avatar = get_avatar($user_id, '32'); //Get avatar from user id
548
549	+ $title_post = wp_strip_all_tags(get_the_title( $column->post_id )); //Get post title from post id
550	$link = get_permalink( $column->post_id ); //Get post link from post id
551
552	$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">'.$column->vote.'</strong>');

lib/yasr-db-functions.php CHANGED Viewed

	@@ -514,7 +514,7 @@ function yasr_widget_log_dashboard_callback() {
514
515	$avatar = get_avatar($column->user_id, '32');
516
517	- $title_post = get_the_title($column->post_id);
518	$link = get_permalink($column->post_id);
519
520	$yasr_log_vote_text =
	@@ -643,7 +643,7 @@ function yasr_users_dashboard_widget_callback() {
643
644	$avatar = get_avatar($user_id, '32');
645
646	- $title_post = get_the_title($column->post_id);
647	$link = get_permalink($column->post_id);
648
649	$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">' . $column->vote . '</strong>');


514
515	$avatar = get_avatar($column->user_id, '32');
516
517	+ $title_post = wp_strip_all_tags(get_the_title($column->post_id));
518	$link = get_permalink($column->post_id);
519
520	$yasr_log_vote_text =

643
644	$avatar = get_avatar($user_id, '32');
645
646	+ $title_post = wp_strip_all_tags(get_the_title($column->post_id));
647	$link = get_permalink($column->post_id);
648
649	$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">' . $column->vote . '</strong>');

lib/yasr-functions.php CHANGED Viewed

	@@ -383,7 +383,7 @@ function yasr_add_schema($content) {
383
384
385	$author = get_the_author();
386	- $review_name = get_the_title();
387
388	$date = get_the_date('c');
389	$date_modified = get_the_modified_date('c');
	@@ -457,7 +457,7 @@ function yasr_add_schema($content) {
457
458	$rich_snippet["publisher"] = array(
459	"@type" => "Organization",
460	- "name" => YASR_BLOGPOSTING_ORGANIZATION_NAME,
461	"logo" => array(
462	"@type" => "ImageObject",
463	"url" => $logo_image_url,


383
384
385	$author = get_the_author();
386	+ $review_name = wp_strip_all_tags(get_the_title());
387
388	$date = get_the_date('c');
389	$date_modified = get_the_modified_date('c');

457
458	$rich_snippet["publisher"] = array(
459	"@type" => "Organization",
460	+ "name" => wp_strip_all_tags(YASR_BLOGPOSTING_ORGANIZATION_NAME), //already sanitex in the settings, just to be safe
461	"logo" => array(
462	"@type" => "ImageObject",
463	"url" => $logo_image_url,

lib/yasr-shortcode-functions.php CHANGED Viewed

	@@ -687,7 +687,7 @@ function yasr_top_ten_highest_rated_callback() {
687	$shortcode_html .= "<table class=\"yasr-table-chart\">";
688
689	foreach ($query_result as $result) {
690	- $post_title = get_the_title($result->post_id);
691	$link = get_permalink($result->post_id); //Get permalink from post it
692
693	$yasr_top_ten_html_id = 'yasr-top-ten-rater-' . $result->post_id;
	@@ -776,7 +776,7 @@ function yasr_most_or_highest_rated_posts_callback () {
776
777	$rating = round($rating, 1);
778
779	- $post_title = get_the_title($result->post_id);
780
781	$link = get_permalink($result->post_id); //Get permalink from post it
782
	@@ -817,7 +817,7 @@ function yasr_most_or_highest_rated_posts_callback () {
817
818	$rating = round($result->result, 1);
819
820	- $post_title = get_the_title($result->post_id);
821
822	$link = get_permalink($result->post_id); //Get permalink from post it
823
	@@ -1041,7 +1041,7 @@ function yasr_highest_rated_visitor_multi_set_callback ($atts) {
1041	}
1042
1043	$link = get_permalink($results->post_id);
1044	- $title = get_the_title($results->post_id);
1045
1046	$average = round($results->average, 1);
1047


687	$shortcode_html .= "<table class=\"yasr-table-chart\">";
688
689	foreach ($query_result as $result) {
690	+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
691	$link = get_permalink($result->post_id); //Get permalink from post it
692
693	$yasr_top_ten_html_id = 'yasr-top-ten-rater-' . $result->post_id;

776
777	$rating = round($rating, 1);
778
779	+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
780
781	$link = get_permalink($result->post_id); //Get permalink from post it
782

817
818	$rating = round($result->result, 1);
819
820	+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
821
822	$link = get_permalink($result->post_id); //Get permalink from post it
823

1041	}
1042
1043	$link = get_permalink($results->post_id);
1044	+ $title = wp_strip_all_tags(get_the_title($results->post_id));
1045
1046	$average = round($results->average, 1);
1047

lib/yasr-widgets.php CHANGED Viewed

	@@ -409,7 +409,7 @@ class Yasr_Recent_Ratings_Widget extends WP_Widget {
409	$user->user_login = __('anonymous');
410	}
411
412	- $title_post = get_the_title($result->post_id);
413	$link = get_permalink($result->post_id);
414	$vote = round($result->vote);
415


409	$user->user_login = __('anonymous');
410	}
411
412	+ $title_post = wp_strip_all_tags(get_the_title($result->post_id));
413	$link = get_permalink($result->post_id);
414	$vote = round($result->vote);
415

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Requires at least: 4.3.0
5	Contributors: Dudo
6	Tested up to: 5.2.2
7	Requires PHP: 5.3
8	- Stable tag: 1.9.8
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
11	Boost the way people interact with your website, e-commerce or blog with an easy and intuitive WordPress rating system!
	@@ -128,6 +128,9 @@ If doesn't, it's suggested to ask in a SEO oriented forum.
128
129	The full changelog can be found in the plugin's directory. Recent entries:
130



131	= 1.9.8 =
132	* FIXED: overall rating didn't get saved if default editor isnt't Gutenberg or Classic Editor
133


5	Contributors: Dudo
6	Tested up to: 5.2.2
7	Requires PHP: 5.3
8	+ Stable tag: 1.9.9
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
11	Boost the way people interact with your website, e-commerce or blog with an easy and intuitive WordPress rating system!

128
129	The full changelog can be found in the plugin's directory. Recent entries:
130
131	+ = 1.9.9 =
132	+ * FIXED: added a further check every time get_the_title function is called
133	+
134	= 1.9.8 =
135	* FIXED: overall rating didn't get saved if default editor isnt't Gutenberg or Classic Editor
136

yet-another-stars-rating.php CHANGED Viewed

	@@ -4,7 +4,7 @@
4	* Plugin Name: Yet Another Stars Rating
5	* Plugin URI: http://wordpress.org/plugins/yet-another-stars-rating/
6	* Description: Yasr - Yet Another Stars Rating is a powerful way to add SEO-friendly user-generated reviews and testimonials to your website posts, pages and CPT, without affecting its speed.
7	- * Version: 1.9.8
8	* Author: Dario Curvino
9	* Author URI: https://dariocurvino.it/
10	* Text Domain: yet-another-stars-rating
	@@ -76,7 +76,7 @@ if ( !function_exists( 'yasr_fs' ) ) {
76	yasr_fs();
77	// Signal that SDK was initiated.
78	do_action( 'yasr_fs_loaded' );
79	- define( 'YASR_VERSION_NUM', '1.9.8' );
80	//Plugin relative path
81	define( "YASR_ABSOLUTE_PATH", dirname( __FILE__ ) );
82	//Plugin RELATIVE PATH without slashes (just the directory's name)


4	* Plugin Name: Yet Another Stars Rating
5	* Plugin URI: http://wordpress.org/plugins/yet-another-stars-rating/
6	* Description: Yasr - Yet Another Stars Rating is a powerful way to add SEO-friendly user-generated reviews and testimonials to your website posts, pages and CPT, without affecting its speed.
7	+ * Version: 1.9.9
8	* Author: Dario Curvino
9	* Author URI: https://dariocurvino.it/
10	* Text Domain: yet-another-stars-rating

76	yasr_fs();
77	// Signal that SDK was initiated.
78	do_action( 'yasr_fs_loaded' );
79	+ define( 'YASR_VERSION_NUM', '1.9.9' );
80	//Plugin relative path
81	define( "YASR_ABSOLUTE_PATH", dirname( __FILE__ ) );
82	//Plugin RELATIVE PATH without slashes (just the directory's name)

Yasr – Yet Another Stars Rating - Version 1.9.9

Version Description

Release Info

Code changes from version 1.9.8 to 1.9.9