Zendesk Chat - Version 1.4.0

Version Description

Security patch

Release Info

Developer	zendesk_official
Plugin	Zendesk Chat
Version	1.4.0
Comparing to
See all releases

Code changes from version 1.3.9 to 1.4.0

Files changed (6) hide show

includes/class-linked-view.php +10 -3
includes/class-login.php +39 -32
includes/views/linked-view.php +1 -0
includes/views/login-form.php +1 -0
readme.txt +4 -1
zopim.php +2 -2

includes/class-linked-view.php CHANGED Viewed

	@@ -24,9 +24,16 @@ class Zopim_Linked_View extends Zopim_Base_View
24	public function update_widget_options()
25	{
26	$notices = Zopim_Notices::get_instance();
27	- ~~$opts = $_POST[ 'widget-options' ];~~
28	- ~~update_option~~( ~~Zopim_Options::ZOPIM_OPTION_WIDGET,~~ $~~opts~~ );
29	- ~~$notices->add_notice~~( ~~'before_udpate_widget_textarea'~~, '~~<i>~~' ~~. $this->get_message( 'options-updated'~~ ) ~~. '<br/></i>', 'notice' )~~;







30	}
31
32	/**


24	public function update_widget_options()
25	{
26	$notices = Zopim_Notices::get_instance();
27	+
28	+ if (!( isset($_POST['_wpnonce'] ) ) \|\| (! wp_verify_nonce($_POST['_wpnonce'], 'zopim_widget_options'))) {
29	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, 'wronglogin' );
30	+ $notices->add_notice( 'before_udpate_widget_textarea', 'Invalid CSRF token. Please try re-sending the request.', 'error' );
31	+ } else {
32	+ $opts = $_POST[ 'widget-options' ];
33	+ update_option( Zopim_Options::ZOPIM_OPTION_WIDGET, $opts );
34	+ $notices->add_notice( 'before_udpate_widget_textarea', '<i>' . $this->get_message( 'options-updated' ) . '<br/></i>', 'notice' );
35	+ }
36	+
37	}
38
39	/**

includes/class-login.php CHANGED Viewed

	@@ -1,66 +1,73 @@
1	<?php
2
3	- class Zopim_Login extends Zopim_Base_View
4	- {
5	- protected function set_messages()
6	- {
7	$this->_messages = array(
8	'login-fail' => __( 'Could not log in to Zopim. Please check your login details.', 'zopim' ),
9	- 'wp-login-error' => __( 'Could not log in to Zopim. We were unable to contact Zopim servers. Please check with your server administrator to ensure that <a href="http://www.php.net/manual/en/book.curl.php">PHP Curl</a> is installed and permissions are set correctly', ~~'zopim' ),~~

10	'setup-your-account' => __( 'Set up your Zopim Account', 'zopim' ),
11	- 'congratulations' => __( 'Congratulations on successfully installing the Zopim WordPress plugin!', ~~'zopim' ),~~

12	'link-up-title' => __( 'Link up with your Zopim account', 'zopim' ),
13	'username' => __( 'Zopim Username (E-mail)', 'zopim' ),
14	'password' => __( 'Zopim Password', 'zopim' ),
15	- 'widget-display-notice' => __( 'The Zopim chat widget will display on your blog after your account is linked up.', ~~'zopim' ),~~

16	'link-up-button' => __( 'Link Up', 'zopim' ),
17	'sign-up-link' => __( 'Sign up now', 'zopim' ),
18	);
19	}
20
21	- public function do_login()
22	- {
23	- $admin = Zopim_Admin::get_instance();
24	$notices = Zopim_Notices::get_instance();
25
26	- if ( $_POST[ ~~Zopim_Options::ZOPIM_OPTION_USERNAME~~ ] != '' && $_POST[ '~~zopimPassword~~' ] != '' ) {




27
28	- $logindata = array( ~~'email' => $_POST[ Zopim_Options::ZOPIM_OPTION_USERNAME ], 'password' => $_POST[ 'zopimPassword' ] );~~
29	- $~~loginresult~~ = ~~json_decode( $admin->zopim_post_request( ZOPIM_LOGIN_URL~~, ~~$logindata ) );~~



30
31	- if ( isset( $loginresult->error ) ) {
32	- $notices->add_notice( 'login_form', $this->get_message( 'login-fail' ), 'error' );
33
34	- update_option( Zopim_Options::ZOPIM_OPTION_SALT, 'wronglogin' );
35	- } else if ( isset( $loginresult->salt ) ) {
36	- update_option( Zopim_Options::ZOPIM_OPTION_USERNAME, $_POST[ Zopim_Options::ZOPIM_OPTION_USERNAME ] );
37	- update_option( Zopim_Options::ZOPIM_OPTION_SALT, $loginresult->salt );
38	- $account = $admin->zopim_get_account_details( get_option( Zopim_Options::ZOPIM_OPTION_SALT ) );
39
40	- if ( isset( $account ) ) {
41	- update_option( Zopim_Options::ZOPIM_OPTION_CODE, $account->account_key );
42
43	- if ( get_option( 'zopimGreetings' ) == '' ) {
44	- $jsongreetings = json_encode( $account->settings->greetings );
45
46	- update_option( 'zopimGreetings', $jsongreetings );

47	}



48	}
49	} else {
50	- update_option( Zopim_Options::ZOPIM_OPTION_SALT, '' );
51	- $notices->add_notice( 'login_form', $this->get_message( '~~wp-~~login-~~error~~' ), 'error' );
52	}
53	- } else {
54	- update_option( Zopim_Options::ZOPIM_OPTION_SALT, "wronglogin" );
55	- $notices->add_notice( 'login_form', $this->get_message( 'login-fail' ), 'error' );
56	}
57	}
58
59	/**
60	*
61	*/
62	- public function display_login_form()
63	- {
64	$notices = Zopim_Notices::get_instance();
65	Zopim_Template::load_template( 'login-form', array( 'notices' => $notices, 'messages' => $this->_messages ) );
66	}


1	<?php
2
3	+ class Zopim_Login extends Zopim_Base_View {
4	+ protected function set_messages() {


5	$this->_messages = array(
6	'login-fail' => __( 'Could not log in to Zopim. Please check your login details.', 'zopim' ),
7	+ 'wp-login-error' => __( 'Could not log in to Zopim. We were unable to contact Zopim servers. Please check with your server administrator to ensure that <a href="http://www.php.net/manual/en/book.curl.php">PHP Curl</a> is installed and permissions are set correctly',
8	+ 'zopim' ),
9	'setup-your-account' => __( 'Set up your Zopim Account', 'zopim' ),
10	+ 'congratulations' => __( 'Congratulations on successfully installing the Zopim WordPress plugin!',
11	+ 'zopim' ),
12	'link-up-title' => __( 'Link up with your Zopim account', 'zopim' ),
13	'username' => __( 'Zopim Username (E-mail)', 'zopim' ),
14	'password' => __( 'Zopim Password', 'zopim' ),
15	+ 'widget-display-notice' => __( 'The Zopim chat widget will display on your blog after your account is linked up.',
16	+ 'zopim' ),
17	'link-up-button' => __( 'Link Up', 'zopim' ),
18	'sign-up-link' => __( 'Sign up now', 'zopim' ),
19	);
20	}
21
22	+ public function do_login() {
23	+ $admin = Zopim_Admin::get_instance();

24	$notices = Zopim_Notices::get_instance();
25
26	+ if (!( isset($_POST['_wpnonce'] ) ) \|\| (! wp_verify_nonce($_POST['_wpnonce'], 'zopim_login'))) {
27	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, 'wronglogin' );
28	+ $notices->add_notice( 'login_form', 'Invalid CSRF token. Please try re-sending the request.', 'error' );
29	+ } else {
30	+ if ( $_POST[ Zopim_Options::ZOPIM_OPTION_USERNAME ] != '' && $_POST['zopimPassword'] != '' ) {
31
32	+ $logindata = array(
33	+ 'email' => $_POST[ Zopim_Options::ZOPIM_OPTION_USERNAME ],
34	+ 'password' => $_POST['zopimPassword']
35	+ );
36	+ $loginresult = json_decode( $admin->zopim_post_request( ZOPIM_LOGIN_URL, $logindata ) );
37
38	+ if ( isset( $loginresult->error ) ) {
39	+ $notices->add_notice( 'login_form', $this->get_message( 'login-fail' ), 'error' );
40
41	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, 'wronglogin' );
42	+ } else if ( isset( $loginresult->salt ) ) {
43	+ update_option( Zopim_Options::ZOPIM_OPTION_USERNAME, $_POST[ Zopim_Options::ZOPIM_OPTION_USERNAME ] );
44	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, $loginresult->salt );
45	+ $account = $admin->zopim_get_account_details( get_option( Zopim_Options::ZOPIM_OPTION_SALT ) );
46
47	+ if ( isset( $account ) ) {
48	+ update_option( Zopim_Options::ZOPIM_OPTION_CODE, $account->account_key );
49
50	+ if ( get_option( 'zopimGreetings' ) == '' ) {
51	+ $jsongreetings = json_encode( $account->settings->greetings );
52
53	+ update_option( 'zopimGreetings', $jsongreetings );
54	+ }
55	}
56	+ } else {
57	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, '' );
58	+ $notices->add_notice( 'login_form', $this->get_message( 'wp-login-error' ), 'error' );
59	}
60	} else {
61	+ update_option( Zopim_Options::ZOPIM_OPTION_SALT, "wronglogin" );
62	+ $notices->add_notice( 'login_form', $this->get_message( 'login-fail' ), 'error' );
63	}



64	}
65	}
66
67	/**
68	*
69	*/
70	+ public function display_login_form() {

71	$notices = Zopim_Notices::get_instance();
72	Zopim_Template::load_template( 'login-form', array( 'notices' => $notices, 'messages' => $this->_messages ) );
73	}

includes/views/linked-view.php CHANGED Viewed

	@@ -27,6 +27,7 @@
27	$notices->do_notices( 'before_udpate_widget_textarea' );
28	?>
29	<p>

30	<?php echo $messages[ 'textarea-label' ]; ?>
31	<br/>
32	<textarea name="widget-options"><?php echo esc_textarea( Zopim_Options::get_widget_options() ); ?></textarea>


27	$notices->do_notices( 'before_udpate_widget_textarea' );
28	?>
29	<p>
30	+ <?php wp_nonce_field('zopim_widget_options') ?>
31	<?php echo $messages[ 'textarea-label' ]; ?>
32	<br/>
33	<textarea name="widget-options"><?php echo esc_textarea( Zopim_Options::get_widget_options() ); ?></textarea>

includes/views/login-form.php CHANGED Viewed

	@@ -19,6 +19,7 @@ $notices->do_notices( 'before_login' );
19	<input type="hidden" name="action" value="login">
20	<table class="form-table">
21

22	<tr valign="top">
23	<th scope="row"><?php echo $messages[ 'username' ]; ?></th>
24	<td><input type="text" name="zopimUsername"


19	<input type="hidden" name="action" value="login">
20	<table class="form-table">
21
22	+ <?php wp_nonce_field('zopim_login') ?>
23	<tr valign="top">
24	<th scope="row"><?php echo $messages[ 'username' ]; ?></th>
25	<td><input type="text" name="zopimUsername"

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: zendesk_official
3	Tags: chat, chat online, contact plugin, contact us, customer support, free chat, chat software, IM chat, live chat, live chat inc, live chat services, live chat software, live chatting, live help, live support, live web chat, livechat, live help, live support, olark, online chat, online support, php live chat, snapengage, support software, website chat, wordpress chat, wordpress live chat, wordpress live chat plugin, Zopim, zendesk, Zopim live chat, banckle, clickdesk, click desk
4	Requires at least: 3.1
5	Tested up to: 4.1.1
6	- Stable tag: 1.3.9
7
8	Zopim lets you monitor and chat with visitors surfing your store in real-time. Impress them personally and ease them into their purchase.
9
	@@ -48,6 +48,9 @@ What are you waiting for? Download Zopim Live Chat plugin now and <a href="https
48	* Arabic \| Bulgarian \| Chinese \| Croatian \| Czech \| Danish \| Dutch; Flemish \| Estonian \| Faroese \| Finnish \| French \| Georgian \| German \| Greek \| Hebrew \| Hungarian \| Icelandic \| Indonesian \| Italian \| Japanese \| Korean \| Kurdish \| Latvian \| Lithuanian \| Macedonian \| Malay \| Norwegian Bokmal \| Persian \| Polish \| Portuguese \| Romanian \| Russian \| Serbian \| Slovak \| Slovenian \| Spanish; Castilian \| Swedish \| Thai \| Turkish \| Ukranian \| Urdu \| Vietnamese
49
50	== Changelog ==



51	= 1.3.9 =
52	* Refactoring of plugin files
53


3	Tags: chat, chat online, contact plugin, contact us, customer support, free chat, chat software, IM chat, live chat, live chat inc, live chat services, live chat software, live chatting, live help, live support, live web chat, livechat, live help, live support, olark, online chat, online support, php live chat, snapengage, support software, website chat, wordpress chat, wordpress live chat, wordpress live chat plugin, Zopim, zendesk, Zopim live chat, banckle, clickdesk, click desk
4	Requires at least: 3.1
5	Tested up to: 4.1.1
6	+ Stable tag: 1.4.0
7
8	Zopim lets you monitor and chat with visitors surfing your store in real-time. Impress them personally and ease them into their purchase.
9

48	* Arabic \| Bulgarian \| Chinese \| Croatian \| Czech \| Danish \| Dutch; Flemish \| Estonian \| Faroese \| Finnish \| French \| Georgian \| German \| Greek \| Hebrew \| Hungarian \| Icelandic \| Indonesian \| Italian \| Japanese \| Korean \| Kurdish \| Latvian \| Lithuanian \| Macedonian \| Malay \| Norwegian Bokmal \| Persian \| Polish \| Portuguese \| Romanian \| Russian \| Serbian \| Slovak \| Slovenian \| Spanish; Castilian \| Swedish \| Thai \| Turkish \| Ukranian \| Urdu \| Vietnamese
49
50	== Changelog ==
51	+ = 1.4.0 =
52	+ * Security patch
53	+
54	= 1.3.9 =
55	* Refactoring of plugin files
56

zopim.php CHANGED Viewed

	@@ -5,13 +5,13 @@ Plugin Name: Zopim Widget
5	Plugin URI: http://www.zopim.com/?iref=wp_plugin
6	Description: Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
7	Author: Zopim
8	- Version: 1.3.9
9	Author URI: http://www.zopim.com/?iref=wp_plugin
10	Text Domain: zopim
11	Domain path: /language
12	*/
13
14	- define( 'VERSION_NUMBER', "1.3.9" );
15	define( 'ZOPIM_BASE_URL', "https://www.zopim.com/" );
16	define( 'ZOPIM_ACCOUNT_URL', "https://account.zopim.com/" );
17	define( 'ZOPIM_SIGNUP_REDIRECT_URL', ZOPIM_ACCOUNT_URL . "?aref=MjUxMjY4:1TeORR:9SP1e-iPTuAVXROJA6UU5seC8x4&visit_id=6ffe00ec3cfc11e2b5ab22000a1db8fa&utm_source=account%2Bsetup%2Bpage&utm_medium=link&utm_campaign=wp%2Bsignup2#signup" );


5	Plugin URI: http://www.zopim.com/?iref=wp_plugin
6	Description: Zopim is an award winning chat solution that helps website owners to engage their visitors and convert customers into fans!
7	Author: Zopim
8	+ Version: 1.4.0
9	Author URI: http://www.zopim.com/?iref=wp_plugin
10	Text Domain: zopim
11	Domain path: /language
12	*/
13
14	+ define( 'VERSION_NUMBER', "1.4.0" );
15	define( 'ZOPIM_BASE_URL', "https://www.zopim.com/" );
16	define( 'ZOPIM_ACCOUNT_URL', "https://account.zopim.com/" );
17	define( 'ZOPIM_SIGNUP_REDIRECT_URL', ZOPIM_ACCOUNT_URL . "?aref=MjUxMjY4:1TeORR:9SP1e-iPTuAVXROJA6UU5seC8x4&visit_id=6ffe00ec3cfc11e2b5ab22000a1db8fa&utm_source=account%2Bsetup%2Bpage&utm_medium=link&utm_campaign=wp%2Bsignup2#signup" );