Zendesk Chat - Version 1.2.6

Version Description

  • Addresses XSS vulnerabilities concerns by removing ZeroClipboard
Download this release

Release Info

Developer bencxr
Plugin Icon 128x128 Zendesk Chat
Version 1.2.6
Comparing to
See all releases

Code changes from version 1.2.5 to 1.2.6

Files changed (5) hide show
  1. ZeroClipboard.js +0 -302
  2. ZeroClipboard.swf +0 -0
  3. imintegration.php +8 -27
  4. readme.txt +4 -1
  5. zopim.php +1 -1
ZeroClipboard.js DELETED
@@ -1,302 +0,0 @@
1
- // Simple Set Clipboard System
2
- // Author: Joseph Huckaby
3
-
4
- var ZeroClipboard = {
5
-
6
- version: "1.0.5",
7
- clients: {}, // registered upload clients on page, indexed by id
8
- moviePath: 'ZeroClipboard.swf', // URL to movie
9
- nextId: 1, // ID of next movie
10
-
11
- $: function(thingy) {
12
- // simple DOM lookup utility function
13
- if (typeof(thingy) == 'string') thingy = document.getElementById(thingy);
14
- if (!thingy.addClass) {
15
- // extend element with a few useful methods
16
- thingy.hide = function() { this.style.display = 'none'; };
17
- thingy.show = function() { this.style.display = ''; };
18
- thingy.addClass = function(name) { this.removeClass(name); this.className += ' ' + name; };
19
- thingy.removeClass = function(name) {
20
- this.className = this.className.replace( new RegExp("(^|\\s+)" + name + "(\\s+|$)"), "").replace(/^\s+|\s+$/g, '');
21
- };
22
- thingy.hasClass = function(name) {
23
- return !!this.className.match( new RegExp("\\s*" + name + "\\s*") );
24
- };
25
- }
26
- return thingy;
27
- },
28
-
29
- setMoviePath: function(path) {
30
- // set path to ZeroClipboard.swf
31
- this.moviePath = path;
32
- },
33
-
34
- dispatch: function(id, eventName, args) {
35
- // receive event from flash movie, send to client
36
- var client = this.clients[id];
37
- if (client) {
38
- client.receiveEvent(eventName, args);
39
- }
40
- },
41
-
42
- register: function(id, client) {
43
- // register new client to receive events
44
- this.clients[id] = client;
45
- },
46
-
47
- getDOMObjectPosition: function(obj, stopObj) {
48
- // get absolute coordinates for dom element
49
- var info = {
50
- left: 0,
51
- top: 0,
52
- width: obj.width ? obj.width : obj.offsetWidth,
53
- height: obj.height ? obj.height : obj.offsetHeight
54
- };
55
-
56
- while (obj && (obj != stopObj)) {
57
- info.left += obj.offsetLeft;
58
- info.top += obj.offsetTop;
59
- obj = obj.offsetParent;
60
- }
61
-
62
- return info;
63
- },
64
-
65
- Client: function(elem) {
66
- // constructor for new simple upload client
67
- this.handlers = {};
68
-
69
- // unique ID
70
- this.id = ZeroClipboard.nextId++;
71
- this.movieId = 'ZeroClipboardMovie_' + this.id;
72
-
73
- // register client with singleton to receive flash events
74
- ZeroClipboard.register(this.id, this);
75
-
76
- // create movie
77
- if (elem) this.glue(elem);
78
- }
79
- };
80
-
81
- ZeroClipboard.Client.prototype = {
82
-
83
- id: 0, // unique ID for us
84
- ready: false, // whether movie is ready to receive events or not
85
- movie: null, // reference to movie object
86
- clipText: '', // text to copy to clipboard
87
- handCursorEnabled: true, // whether to show hand cursor, or default pointer cursor
88
- cssEffects: true, // enable CSS mouse effects on dom container
89
- handlers: null, // user event handlers
90
-
91
- glue: function(elem, appendElem, stylesToAdd) {
92
- // glue to DOM element
93
- // elem can be ID or actual DOM element object
94
- this.domElement = ZeroClipboard.$(elem);
95
-
96
- // float just above object, or zIndex 99 if dom element isn't set
97
- var zIndex = 99;
98
- if (this.domElement.style.zIndex) {
99
- zIndex = parseInt(this.domElement.style.zIndex, 10) + 1;
100
- }
101
-
102
- if (typeof(appendElem) == 'string') {
103
- appendElem = ZeroClipboard.$(appendElem);
104
- }
105
- else if (typeof(appendElem) == 'undefined') {
106
- appendElem = document.getElementsByTagName('body')[0];
107
- }
108
-
109
- // find X/Y position of domElement
110
- var box = ZeroClipboard.getDOMObjectPosition(this.domElement, appendElem);
111
-
112
- // create floating DIV above element
113
- this.div = document.createElement('div');
114
- var style = this.div.style;
115
- style.position = 'absolute';
116
- style.left = '' + box.left + 'px';
117
- style.top = '' + box.top + 'px';
118
- style.width = '' + box.width + 'px';
119
- style.height = '' + box.height + 'px';
120
- style.zIndex = zIndex;
121
-
122
- if (typeof(stylesToAdd) == 'object') {
123
- for (addedStyle in stylesToAdd) {
124
- style[addedStyle] = stylesToAdd[addedStyle];
125
- }
126
- }
127
-
128
- // style.backgroundColor = '#f00'; // debug
129
-
130
- appendElem.appendChild(this.div);
131
-
132
- this.div.innerHTML = this.getHTML( box.width, box.height );
133
- },
134
-
135
- getHTML: function(width, height) {
136
- // return HTML for movie
137
- var html = '';
138
- var flashvars = 'id=' + this.id +
139
- '&width=' + width +
140
- '&height=' + height;
141
-
142
- if (navigator.userAgent.match(/MSIE/)) {
143
- // IE gets an OBJECT tag
144
- var protocol = location.href.match(/^https/i) ? 'https://' : 'http://';
145
- html += '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="'+protocol+'download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="'+width+'" height="'+height+'" id="'+this.movieId+'" align="middle"><param name="allowScriptAccess" value="always" /><param name="allowFullScreen" value="false" /><param name="movie" value="'+ZeroClipboard.moviePath+'" /><param name="loop" value="false" /><param name="menu" value="false" /><param name="quality" value="best" /><param name="bgcolor" value="#ffffff" /><param name="flashvars" value="'+flashvars+'"/><param name="wmode" value="transparent"/></object>';
146
- }
147
- else {
148
- // all other browsers get an EMBED tag
149
- html += '<embed id="'+this.movieId+'" src="'+ZeroClipboard.moviePath+'" loop="false" menu="false" quality="best" bgcolor="#ffffff" width="'+width+'" height="'+height+'" name="'+this.movieId+'" align="middle" allowScriptAccess="always" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" flashvars="'+flashvars+'" wmode="transparent" />';
150
- }
151
- return html;
152
- },
153
-
154
- hide: function() {
155
- // temporarily hide floater offscreen
156
- if (this.div) {
157
- this.div.style.left = '-2000px';
158
- }
159
- },
160
-
161
- show: function() {
162
- // show ourselves after a call to hide()
163
- this.reposition();
164
- },
165
-
166
- destroy: function() {
167
- // destroy control and floater
168
- if (this.domElement && this.div) {
169
- this.hide();
170
- this.div.innerHTML = '';
171
-
172
- var body = document.getElementsByTagName('body')[0];
173
- try { body.removeChild( this.div ); } catch(e) {;}
174
-
175
- this.domElement = null;
176
- this.div = null;
177
- }
178
- },
179
-
180
- reposition: function(elem) {
181
- // reposition our floating div, optionally to new container
182
- // warning: container CANNOT change size, only position
183
- if (elem) {
184
- this.domElement = ZeroClipboard.$(elem);
185
- if (!this.domElement) this.hide();
186
- }
187
-
188
- if (this.domElement && this.div) {
189
- var box = ZeroClipboard.getDOMObjectPosition(this.domElement);
190
- var style = this.div.style;
191
- style.left = '' + box.left + 'px';
192
- style.top = '' + box.top + 'px';
193
- }
194
- },
195
-
196
- setText: function(newText) {
197
- // set text to be copied to clipboard
198
- this.clipText = newText;
199
- if (this.ready) this.movie.setText(newText);
200
- },
201
-
202
- addEventListener: function(eventName, func) {
203
- // add user event listener for event
204
- // event types: load, queueStart, fileStart, fileComplete, queueComplete, progress, error, cancel
205
- eventName = eventName.toString().toLowerCase().replace(/^on/, '');
206
- if (!this.handlers[eventName]) this.handlers[eventName] = [];
207
- this.handlers[eventName].push(func);
208
- },
209
-
210
- setHandCursor: function(enabled) {
211
- // enable hand cursor (true), or default arrow cursor (false)
212
- this.handCursorEnabled = enabled;
213
- if (this.ready) this.movie.setHandCursor(enabled);
214
- },
215
-
216
- setCSSEffects: function(enabled) {
217
- // enable or disable CSS effects on DOM container
218
- this.cssEffects = !!enabled;
219
- },
220
-
221
- receiveEvent: function(eventName, args) {
222
- // receive event from flash
223
- eventName = eventName.toString().toLowerCase().replace(/^on/, '');
224
-
225
- // special behavior for certain events
226
- switch (eventName) {
227
- case 'load':
228
- // movie claims it is ready, but in IE this isn't always the case...
229
- // bug fix: Cannot extend EMBED DOM elements in Firefox, must use traditional function
230
- this.movie = document.getElementById(this.movieId);
231
- if (!this.movie) {
232
- var self = this;
233
- setTimeout( function() { self.receiveEvent('load', null); }, 1 );
234
- return;
235
- }
236
-
237
- // firefox on pc needs a "kick" in order to set these in certain cases
238
- if (!this.ready && navigator.userAgent.match(/Firefox/) && navigator.userAgent.match(/Windows/)) {
239
- var self = this;
240
- setTimeout( function() { self.receiveEvent('load', null); }, 100 );
241
- this.ready = true;
242
- return;
243
- }
244
-
245
- this.ready = true;
246
- this.movie.setText( this.clipText );
247
- this.movie.setHandCursor( this.handCursorEnabled );
248
- break;
249
-
250
- case 'mouseover':
251
- if (this.domElement && this.cssEffects) {
252
- this.domElement.addClass('hover');
253
- if (this.recoverActive) this.domElement.addClass('active');
254
- }
255
- break;
256
-
257
- case 'mouseout':
258
- if (this.domElement && this.cssEffects) {
259
- this.recoverActive = false;
260
- if (this.domElement.hasClass('active')) {
261
- this.domElement.removeClass('active');
262
- this.recoverActive = true;
263
- }
264
- this.domElement.removeClass('hover');
265
- }
266
- break;
267
-
268
- case 'mousedown':
269
- if (this.domElement && this.cssEffects) {
270
- this.domElement.addClass('active');
271
- }
272
- break;
273
-
274
- case 'mouseup':
275
- if (this.domElement && this.cssEffects) {
276
- this.domElement.removeClass('active');
277
- this.recoverActive = false;
278
- }
279
- break;
280
- } // switch eventName
281
-
282
- if (this.handlers[eventName]) {
283
- for (var idx = 0, len = this.handlers[eventName].length; idx < len; idx++) {
284
- var func = this.handlers[eventName][idx];
285
-
286
- if (typeof(func) == 'function') {
287
- // actual function reference
288
- func(this, args);
289
- }
290
- else if ((typeof(func) == 'object') && (func.length == 2)) {
291
- // PHP style object + method, i.e. [myObject, 'myMethod']
292
- func[0][ func[1] ](this, args);
293
- }
294
- else if (typeof(func) == 'string') {
295
- // name of function
296
- window[func](this, args);
297
- }
298
- } // foreach event handler defined
299
- } // user defined handler for event
300
- }
301
-
302
- };
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
ZeroClipboard.swf DELETED
Binary file
imintegration.php CHANGED
@@ -50,17 +50,16 @@ display: inline-block;
50
  1. Add the Control Bot to the IM Client of your choice.<br/><br/>
51
 
52
  <table class="clients" cellpadding="0" cellspacing="0">
53
- <tr><td align="center" width="160" class="first"><b>IM Cient</b></td><td class="first" width="200"><b>Chat Bot's Name</b></td></tr>
54
- <tr><td valign="center" align="center"><img src="<?php echo ZOPIM_IM_LOGOS ?>big/gtalk.png"></td><td><?php echo $iminfo->bots->gtalk; ?></td></tr>
55
- <tr><td valign="center" align="center"><img src="<?php echo ZOPIM_IM_LOGOS ?>big/msn.png"></td><td><?php echo $iminfo->bots->msn; ?></td></tr>
56
- <tr><td valign="center" align="center"><img src="<?php echo ZOPIM_IM_LOGOS ?>big/yahoo.png"></td><td><?php echo $iminfo->bots->yahoo; ?></td></tr>
57
- <tr><td valign="center" align="center"><img src="<?php echo ZOPIM_IM_LOGOS ?>big/aim.png"></td><td><?php echo $iminfo->bots->aim; ?></td></tr>
58
  </table>
59
- <div class="explain">For example, to use <b>MSN Live Messenger</b> to chat,<br/>add <b>zdctrlbot01@hotmail.com</b> to your MSN contact list.</div>
60
  </td>
61
  <td>
62
  2. Send the Control Bot this message:<br/><br/><input style="font-size:31px;color:#555;margin:0 0 5px;width:380px;" type="text" value="#setup <?php echo $iminfo->auth_key; ?>" id="box-content" readonly></input><br/>
63
- <input id="copy" value="Copy to Clipboard" type="button"></input>
64
 
65
  <br/><br/>
66
  3. Accept the invitations to add the Chat Bots.<br>
@@ -76,26 +75,6 @@ display: inline-block;
76
  </div>
77
  </div>
78
  </div>
79
- <script type="text/javascript" src="http://www.zopim.com/static/ZeroClipboard.js"></script>
80
- <script language="javascript">
81
-
82
- //create client
83
- ZeroClipboard.setMoviePath('http://www.zopim.com/static/ZeroClipboard.swf');
84
- var clip = new ZeroClipboard.Client();
85
-
86
- //event
87
- function $(id) { return document.getElementById(id); }
88
-
89
- clip.addEventListener('mousedown',function() {
90
- clip.setText(document.getElementById('box-content').value);
91
- });
92
- clip.addEventListener('complete',function(client,text) {
93
- window.status = 'copied: ' + text;
94
- });
95
- //glue it to the button
96
- clip.glue('copy');
97
- </script>
98
-
99
  <?php } else if (isset($iminfo->status)) { // integration already set up ?>
100
 
101
  <h3><img src="<?php echo ZOPIM_IM_LOGOS.$iminfo->protocol; ?>.png"> Your <?php echo strtoupper($iminfo->protocol); ?> account is now linked with Zopim.</h3>
@@ -103,8 +82,10 @@ clip.glue('copy');
103
  You are connected using the account: <?php echo $iminfo->username; ?>. <br>
104
  Your status is now <b><?php echo $iminfo->status; ?></b>.<br><br>
105
 
 
106
  <H3>Disable IM Integration</h3>
107
  You can <a href="admin.php?page=zopim_instant_messaging&remove=1">disable IM integration by clicking here</a>.
 
108
 
109
  <?php } else { // could not contact zopim to get the IM status
110
 
50
  1. Add the Control Bot to the IM Client of your choice.<br/><br/>
51
 
52
  <table class="clients" cellpadding="0" cellspacing="0">
53
+ <tr><td align="center" width="160" class="first"><b>IM Client</b></td><td class="first" width="200"><b>Chat Bot's Name</b></td></tr>
54
+ <tr><td valign="center" align="center">Gtalk</td><td><?php echo $iminfo->bots->gtalk; ?></td></tr>
55
+ <tr><td valign="center" align="center">Yahoo</td><td><?php echo $iminfo->bots->yahoo; ?></td></tr>
56
+ <tr><td valign="center" align="center">AIM</td><td><?php echo $iminfo->bots->aim; ?></td></tr>
57
+ <tr><td valign="center" align="center">Microsoft</td><td><?php echo $iminfo->bots->msn; ?></td></tr>
58
  </table>
59
+ <div class="explain">For example, to use <b>Gtalk</b> to chat,<br/>add <b><?php echo $iminfo->bots->gtalk; ?></b> to your Gtalk contact list.</div>
60
  </td>
61
  <td>
62
  2. Send the Control Bot this message:<br/><br/><input style="font-size:31px;color:#555;margin:0 0 5px;width:380px;" type="text" value="#setup <?php echo $iminfo->auth_key; ?>" id="box-content" readonly></input><br/>
 
63
 
64
  <br/><br/>
65
  3. Accept the invitations to add the Chat Bots.<br>
75
  </div>
76
  </div>
77
  </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
78
  <?php } else if (isset($iminfo->status)) { // integration already set up ?>
79
 
80
  <h3><img src="<?php echo ZOPIM_IM_LOGOS.$iminfo->protocol; ?>.png"> Your <?php echo strtoupper($iminfo->protocol); ?> account is now linked with Zopim.</h3>
82
  You are connected using the account: <?php echo $iminfo->username; ?>. <br>
83
  Your status is now <b><?php echo $iminfo->status; ?></b>.<br><br>
84
 
85
+ <!--
86
  <H3>Disable IM Integration</h3>
87
  You can <a href="admin.php?page=zopim_instant_messaging&remove=1">disable IM integration by clicking here</a>.
88
+ -->
89
 
90
  <?php } else { // could not contact zopim to get the IM status
91
 
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: bencxr
3
  Tags: widget, plugin, sidebar, page, admin, enhancement, livechat, chat, widget
4
  Requires at least: 3.1
5
  Tested up to: 3.4.2
6
- Stable tag: 1.2.5
7
 
8
  Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
9
 
@@ -51,6 +51,9 @@ What are you waiting for? Download Zopim Live Chat plugin now and <a href="https
51
 
52
  == Changelog ==
53
 
 
 
 
54
  = 1.2.5 =
55
  * Enhancement to Theme Editor - now autoloads blog's url automatically
56
 
3
  Tags: widget, plugin, sidebar, page, admin, enhancement, livechat, chat, widget
4
  Requires at least: 3.1
5
  Tested up to: 3.4.2
6
+ Stable tag: 1.2.6
7
 
8
  Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
9
 
51
 
52
  == Changelog ==
53
 
54
+ = 1.2.6 =
55
+ * Addresses XSS vulnerabilities concerns by removing ZeroClipboard
56
+
57
  = 1.2.5 =
58
  * Enhancement to Theme Editor - now autoloads blog's url automatically
59
 
zopim.php CHANGED
@@ -5,7 +5,7 @@ Plugin Name: Zopim Widget
5
  Plugin URI: http://www.zopim.com/?iref=wp_plugin
6
  Description: Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
7
  Author: Zopim
8
- Version: 1.2.5
9
  Author URI: http://www.zopim.com/?iref=wp_plugin
10
  */
11
 
5
  Plugin URI: http://www.zopim.com/?iref=wp_plugin
6
  Description: Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
7
  Author: Zopim
8
+ Version: 1.2.6
9
  Author URI: http://www.zopim.com/?iref=wp_plugin
10
  */
11