Yasr – Yet Another Stars Rating - Version 1.9.9

Version Description

  • FIXED: added a further check every time get_the_title function is called
Download this release

Release Info

Developer Dudo
Plugin Icon 128x128 Yasr – Yet Another Stars Rating
Version 1.9.9
Comparing to
See all releases

Code changes from version 1.9.8 to 1.9.9

lib/admin/settings/yasr-settings-functions-style.php CHANGED
@@ -113,7 +113,10 @@ function yasr_style_options_sanitize ($style_options) {
113
$style_options = apply_filters('yasr_sanitize_style_options', $style_options);
114
115
foreach ($style_options as $key => $value) {
116
- $output[$key] = strip_tags( stripslashes( $style_options[$key] ) );
117
}
118
119
return $output;
113
$style_options = apply_filters('yasr_sanitize_style_options', $style_options);
114
115
foreach ($style_options as $key => $value) {
116
+ $output[$key] = strip_tags(stripslashes($style_options[$key]));
117
+
118
+ //Always use htmlspecialchars
119
+ $output[$key] = htmlspecialchars($output[$key]);
120
}
121
122
return $output;
lib/admin/settings/yasr-settings-functions.php CHANGED
@@ -901,14 +901,14 @@ function yasr_general_options_sanitize( $option )
901
'show-body-only' => true,
902
) );
903
}
904
-
905
- //Use htmlspecialchars
906
- $output[$key] = htmlspecialchars( $output[$key] );
907
} else {
908
// handle quoted strings and allow no tags
909
$output[$key] = strip_tags( stripslashes( $option[$key] ), $allowed_tags );
910
}
911
912
if ( $key == 'blogposting_organization_logo' ) {
913
//if is not a valid url get_site_icon_url instead
914
if ( filter_var( $value, FILTER_VALIDATE_URL ) === false ) {
901
'show-body-only' => true,
902
) );
903
}
904
+
905
} else {
906
// handle quoted strings and allow no tags
907
$output[$key] = strip_tags( stripslashes( $option[$key] ), $allowed_tags );
908
}
909
910
+ //Always use htmlspecialchars
911
+ $output[$key] = htmlspecialchars( $output[$key] );
912
if ( $key == 'blogposting_organization_logo' ) {
913
//if is not a valid url get_site_icon_url instead
914
if ( filter_var( $value, FILTER_VALIDATE_URL ) === false ) {
lib/admin/settings/yasr-stats-functions.php CHANGED
@@ -159,7 +159,7 @@ class YASR_Stats_Log_List_Table extends YASR_WP_List_Table {
159
case 'post_id':
160
$post_id = $item[$column_name];
161
162
- $title_post = get_the_title($post_id);
163
$link = get_permalink($post_id);
164
165
$yasr_title_link = '<a href="' . $link . '">' . $title_post . '</a>';
159
case 'post_id':
160
$post_id = $item[$column_name];
161
162
+ $title_post = wp_strip_all_tags(get_the_title($post_id));
163
$link = get_permalink($post_id);
164
165
$yasr_title_link = '<a href="' . $link . '">' . $title_post . '</a>';
lib/yasr-ajax-functions.php CHANGED
@@ -397,7 +397,7 @@ if ( ! defined( 'ABSPATH' ) ) exit('You\'re not allowed to see this page'); // E
397
398
$avatar = get_avatar($column->user_id, '32'); //Get avatar from user id
399
400
- $title_post = get_the_title( $column->post_id ); //Get post title from post id
401
$link = get_permalink( $column->post_id ); //Get post link from post id
402
403
$yasr_log_vote_text = sprintf(__('Vote %d from %s on', 'yet-another-stars-rating'), $column->vote, '<strong style="color: blue">'.$user->user_login.'</strong>' );
@@ -546,7 +546,7 @@ if ( ! defined( 'ABSPATH' ) ) exit('You\'re not allowed to see this page'); // E
546
547
$avatar = get_avatar($user_id, '32'); //Get avatar from user id
548
549
- $title_post = get_the_title( $column->post_id ); //Get post title from post id
550
$link = get_permalink( $column->post_id ); //Get post link from post id
551
552
$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">'.$column->vote.'</strong>');
397
398
$avatar = get_avatar($column->user_id, '32'); //Get avatar from user id
399
400
+ $title_post = wp_strip_all_tags(get_the_title($column->post_id)); //Get post title from post id
401
$link = get_permalink( $column->post_id ); //Get post link from post id
402
403
$yasr_log_vote_text = sprintf(__('Vote %d from %s on', 'yet-another-stars-rating'), $column->vote, '<strong style="color: blue">'.$user->user_login.'</strong>' );
546
547
$avatar = get_avatar($user_id, '32'); //Get avatar from user id
548
549
+ $title_post = wp_strip_all_tags(get_the_title( $column->post_id )); //Get post title from post id
550
$link = get_permalink( $column->post_id ); //Get post link from post id
551
552
$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">'.$column->vote.'</strong>');
lib/yasr-db-functions.php CHANGED
@@ -514,7 +514,7 @@ function yasr_widget_log_dashboard_callback() {
514
515
$avatar = get_avatar($column->user_id, '32');
516
517
- $title_post = get_the_title($column->post_id);
518
$link = get_permalink($column->post_id);
519
520
$yasr_log_vote_text =
@@ -643,7 +643,7 @@ function yasr_users_dashboard_widget_callback() {
643
644
$avatar = get_avatar($user_id, '32');
645
646
- $title_post = get_the_title($column->post_id);
647
$link = get_permalink($column->post_id);
648
649
$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">' . $column->vote . '</strong>');
514
515
$avatar = get_avatar($column->user_id, '32');
516
517
+ $title_post = wp_strip_all_tags(get_the_title($column->post_id));
518
$link = get_permalink($column->post_id);
519
520
$yasr_log_vote_text =
643
644
$avatar = get_avatar($user_id, '32');
645
646
+ $title_post = wp_strip_all_tags(get_the_title($column->post_id));
647
$link = get_permalink($column->post_id);
648
649
$yasr_log_vote_text = sprintf(__('You rated %s on ', 'yet-another-stars-rating'), '<strong style="color: blue">' . $column->vote . '</strong>');
lib/yasr-functions.php CHANGED
@@ -383,7 +383,7 @@ function yasr_add_schema($content) {
383
384
385
$author = get_the_author();
386
- $review_name = get_the_title();
387
388
$date = get_the_date('c');
389
$date_modified = get_the_modified_date('c');
@@ -457,7 +457,7 @@ function yasr_add_schema($content) {
457
458
$rich_snippet["publisher"] = array(
459
"@type" => "Organization",
460
- "name" => YASR_BLOGPOSTING_ORGANIZATION_NAME,
461
"logo" => array(
462
"@type" => "ImageObject",
463
"url" => $logo_image_url,
383
384
385
$author = get_the_author();
386
+ $review_name = wp_strip_all_tags(get_the_title());
387
388
$date = get_the_date('c');
389
$date_modified = get_the_modified_date('c');
457
458
$rich_snippet["publisher"] = array(
459
"@type" => "Organization",
460
+ "name" => wp_strip_all_tags(YASR_BLOGPOSTING_ORGANIZATION_NAME), //already sanitex in the settings, just to be safe
461
"logo" => array(
462
"@type" => "ImageObject",
463
"url" => $logo_image_url,
lib/yasr-shortcode-functions.php CHANGED
@@ -687,7 +687,7 @@ function yasr_top_ten_highest_rated_callback() {
687
$shortcode_html .= "<table class=\"yasr-table-chart\">";
688
689
foreach ($query_result as $result) {
690
- $post_title = get_the_title($result->post_id);
691
$link = get_permalink($result->post_id); //Get permalink from post it
692
693
$yasr_top_ten_html_id = 'yasr-top-ten-rater-' . $result->post_id;
@@ -776,7 +776,7 @@ function yasr_most_or_highest_rated_posts_callback () {
776
777
$rating = round($rating, 1);
778
779
- $post_title = get_the_title($result->post_id);
780
781
$link = get_permalink($result->post_id); //Get permalink from post it
782
@@ -817,7 +817,7 @@ function yasr_most_or_highest_rated_posts_callback () {
817
818
$rating = round($result->result, 1);
819
820
- $post_title = get_the_title($result->post_id);
821
822
$link = get_permalink($result->post_id); //Get permalink from post it
823
@@ -1041,7 +1041,7 @@ function yasr_highest_rated_visitor_multi_set_callback ($atts) {
1041
}
1042
1043
$link = get_permalink($results->post_id);
1044
- $title = get_the_title($results->post_id);
1045
1046
$average = round($results->average, 1);
1047
687
$shortcode_html .= "<table class=\"yasr-table-chart\">";
688
689
foreach ($query_result as $result) {
690
+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
691
$link = get_permalink($result->post_id); //Get permalink from post it
692
693
$yasr_top_ten_html_id = 'yasr-top-ten-rater-' . $result->post_id;
776
777
$rating = round($rating, 1);
778
779
+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
780
781
$link = get_permalink($result->post_id); //Get permalink from post it
782
817
818
$rating = round($result->result, 1);
819
820
+ $post_title = wp_strip_all_tags(get_the_title($result->post_id));
821
822
$link = get_permalink($result->post_id); //Get permalink from post it
823
1041
}
1042
1043
$link = get_permalink($results->post_id);
1044
+ $title = wp_strip_all_tags(get_the_title($results->post_id));
1045
1046
$average = round($results->average, 1);
1047
lib/yasr-widgets.php CHANGED
@@ -409,7 +409,7 @@ class Yasr_Recent_Ratings_Widget extends WP_Widget {
409
$user->user_login = __('anonymous');
410
}
411
412
- $title_post = get_the_title($result->post_id);
413
$link = get_permalink($result->post_id);
414
$vote = round($result->vote);
415
409
$user->user_login = __('anonymous');
410
}
411
412
+ $title_post = wp_strip_all_tags(get_the_title($result->post_id));
413
$link = get_permalink($result->post_id);
414
$vote = round($result->vote);
415
readme.txt CHANGED
@@ -5,7 +5,7 @@ Requires at least: 4.3.0
5
Contributors: Dudo
6
Tested up to: 5.2.2
7
Requires PHP: 5.3
8
- Stable tag: 1.9.8
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
11
Boost the way people interact with your website, e-commerce or blog with an easy and intuitive WordPress rating system!
@@ -128,6 +128,9 @@ If doesn't, it's suggested to ask in a SEO oriented forum.
128
129
The full changelog can be found in the plugin's directory. Recent entries:
130
131
= 1.9.8 =
132
* FIXED: overall rating didn't get saved if default editor isnt't Gutenberg or Classic Editor
133
5
Contributors: Dudo
6
Tested up to: 5.2.2
7
Requires PHP: 5.3
8
+ Stable tag: 1.9.9
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
11
Boost the way people interact with your website, e-commerce or blog with an easy and intuitive WordPress rating system!
128
129
The full changelog can be found in the plugin's directory. Recent entries:
130
131
+ = 1.9.9 =
132
+ * FIXED: added a further check every time get_the_title function is called
133
+
134
= 1.9.8 =
135
* FIXED: overall rating didn't get saved if default editor isnt't Gutenberg or Classic Editor
136
yet-another-stars-rating.php CHANGED
@@ -4,7 +4,7 @@
4
* Plugin Name: Yet Another Stars Rating
5
* Plugin URI: http://wordpress.org/plugins/yet-another-stars-rating/
6
* Description: Yasr - Yet Another Stars Rating is a powerful way to add SEO-friendly user-generated reviews and testimonials to your website posts, pages and CPT, without affecting its speed.
7
- * Version: 1.9.8
8
* Author: Dario Curvino
9
* Author URI: https://dariocurvino.it/
10
* Text Domain: yet-another-stars-rating
@@ -76,7 +76,7 @@ if ( !function_exists( 'yasr_fs' ) ) {
76
yasr_fs();
77
// Signal that SDK was initiated.
78
do_action( 'yasr_fs_loaded' );
79
- define( 'YASR_VERSION_NUM', '1.9.8' );
80
//Plugin relative path
81
define( "YASR_ABSOLUTE_PATH", dirname( __FILE__ ) );
82
//Plugin RELATIVE PATH without slashes (just the directory's name)
4
* Plugin Name: Yet Another Stars Rating
5
* Plugin URI: http://wordpress.org/plugins/yet-another-stars-rating/
6
* Description: Yasr - Yet Another Stars Rating is a powerful way to add SEO-friendly user-generated reviews and testimonials to your website posts, pages and CPT, without affecting its speed.
7
+ * Version: 1.9.9
8
* Author: Dario Curvino
9
* Author URI: https://dariocurvino.it/
10
* Text Domain: yet-another-stars-rating
76
yasr_fs();
77
// Signal that SDK was initiated.
78
do_action( 'yasr_fs_loaded' );
79
+ define( 'YASR_VERSION_NUM', '1.9.9' );
80
//Plugin relative path
81
define( "YASR_ABSOLUTE_PATH", dirname( __FILE__ ) );
82
//Plugin RELATIVE PATH without slashes (just the directory's name)