WordPress.org

Plugin Directory

Changeset 1802137


Ignore:
Timestamp:
01/12/18 23:54:14 (5 weeks ago)
Author:
TigrouMeow
Message:

Sanitization to avoid cross-site scripting.

Location:
wp-retina-2x/trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • wp-retina-2x/trunk/core.php

    r1769894 r1802137  
    1515    add_filter( 'wp_calculate_image_srcset', array( $this, 'calculate_image_srcset' ), 1000, 3 ); 
    1616    add_action( 'init', array( $this, 'init' ) ); 
    17         require( 'api.php' ); 
     17        include( 'api.php' ); 
    1818 
    1919    if ( is_admin() ) { 
    20         require( 'ajax.php' ); 
     20        include( 'ajax.php' ); 
    2121      new Meow_WR2X_Ajax( $this ); 
    2222        if ( !get_option( "wr2x_hide_retina_dashboard" ) ) { 
    23         require( 'dashboard.php' ); 
     23        include( 'dashboard.php' ); 
    2424        new Meow_WR2X_Dashboard( $this ); 
    2525      } 
    2626        if ( !get_option( "wr2x_hide_retina_column" ) ) { 
    27         require( 'media-library.php' ); 
     27        include( 'media-library.php' ); 
    2828        new Meow_WR2X_MediaLibrary( $this ); 
    2929            } 
    3030      //if ( !get_option( "wr2x_hide_retina_column" ) ) 
    31       //require( 'wr2x_retina_uploader.php' ); 
     31      //include( 'wr2x_retina_uploader.php' ); 
    3232    } 
    3333  } 
     
    102102        return $buffer; 
    103103    if ( !function_exists( "str_get_html" ) ) 
    104         require( 'inc/simple_html_dom.php' ); 
     104        include( 'inc/simple_html_dom.php' ); 
    105105 
    106106    $lazysize = get_option( "wr2x_picturefill_lazysizes" ) && $this->admin->is_registered(); 
  • wp-retina-2x/trunk/dashboard.php

    r1769894 r1802137  
    2424 
    2525    function dashboard() { 
    26         $refresh = isset ( $_GET[ 'refresh' ] ) ? $_GET[ 'refresh' ] : 0; 
    27         $clearlogs = isset ( $_GET[ 'clearlogs' ] ) ? $_GET[ 'clearlogs' ] : 0; 
    28         $ignore = isset ( $_GET[ 'ignore' ] ) ? $_GET[ 'ignore' ] : false; 
     26        $refresh = isset ( $_GET[ 'refresh' ] ) ? sanitize_text_field( $_GET[ 'refresh' ] ) : 0; 
     27        $clearlogs = isset ( $_GET[ 'clearlogs' ] ) ? sanitize_text_field( $_GET[ 'clearlogs' ] ) : 0; 
     28        $ignore = isset ( $_GET[ 'ignore' ] ) ? sanitize_text_field( $_GET[ 'ignore' ] ) : false; 
    2929        if ( $ignore ) { 
    3030            if ( !$this->core->admin->is_registered() ) { 
     
    4646 
    4747        $hide_ads = get_option( 'meowapps_hide_ads', false ); 
    48         $view = isset ( $_GET[ 'view' ] ) ? $_GET[ 'view' ] : 'issues'; 
    49         $paged = isset ( $_GET[ 'paged' ] ) ? $_GET[ 'paged' ] : 1; 
     48        $view = isset( $_GET[ 'view' ] ) ? sanitize_text_field( $_GET[ 'view' ] ) : 'issues'; 
     49        $paged = isset( $_GET[ 'paged' ] ) ? sanitize_text_field( $_GET[ 'paged' ] ) : 1; 
    5050        $s = isset( $_GET[ 's' ] ) && !empty( $_GET[ 's' ] ) ? sanitize_text_field( $_GET[ 's' ] ) : null; 
    5151        $issues = $count = 0; 
    52         $posts_per_page = 15; // TODO: HOW TO GET THE NUMBER OF MEDIA PER PAGES? IT IS NOT get_option('posts_per_page'); 
     52 
     53        $posts_per_page = get_user_meta( get_current_user_id(), 'upload_per_page', true ); 
     54        if ( empty( $posts_per_page ) ) 
     55            $posts_per_page = 20; 
    5356        $issues = $this->core->get_issues(); 
    5457        $ignored = $this->core->get_ignores(); 
  • wp-retina-2x/trunk/readme.txt

    r1769894 r1802137  
    44Requires at least: 3.5 
    55Tested up to: 4.9 
    6 Stable tag: 5.2.0 
     6Stable tag: 5.2.2 
    77 
    88Make your website look beautiful and crisp on modern displays by creating and displaying retina images. WP 4.4+ is also supported and enhanced. 
     
    3333 
    3434== Changelog == 
     35 
     36= 5.2.2 = 
     37* Fix: Sanitization to avoid cross-site scripting. 
    3538 
    3639= 5.2.0 = 
  • wp-retina-2x/trunk/wp-retina-2x.php

    r1769894 r1802137  
    44Plugin URI: http://meowapps.com 
    55Description: Make your website look beautiful and crisp on modern displays by creating + displaying retina images. 
    6 Version: 5.2.0 
     6Version: 5.2.2 
    77Author: Jordy Meow 
    88Author URI: http://meowapps.com 
     
    3030    $wr2x_retina_image, $wr2x_core; 
    3131 
    32 $wr2x_version = '5.2.0'; 
     32$wr2x_version = '5.2.2'; 
    3333$wr2x_retinajs = '2.0.0'; 
    3434$wr2x_picturefill = '3.0.2'; 
  • wp-retina-2x/trunk/wr2x_admin.php

    r1769894 r1802137  
    208208                    <h3>How to use</h3> 
    209209                    <div class="inside"> 
    210                         <?php echo _e( 'This plugin works out of the box, the default settings are the best for most installs. However, you should have a look at the <a target="_blank" href="https://meowapps.com/wp-retina-2x/tutorial/">tutorial</a>.', 'meow-gallery' ) ?> 
     210                        <?php echo _e( 'This plugin works out of the box, the default settings are the best for most installs. However, you should have a look at the <a target="_blank" href="https://meowapps.com/wp-retina-2x/tutorial/">tutorial</a>.', 'wp-retina-2x' ) ?> 
    211211                    </div> 
    212212                </div> 
Note: See TracChangeset for help on using the changeset viewer.