Changeset 2931706 for wp-mail-log
- Timestamp:
- 06/28/2023 08:26:15 AM (22 months ago)
- Location:
- wp-mail-log
- Files:
-
- 6 edited
-
tags/1.1.2/readme.txt (modified) (1 diff)
-
trunk/classes/api.php (modified) (2 diffs)
-
trunk/classes/capture-mail.php (modified) (3 diffs)
-
trunk/classes/db-table.php (modified) (1 diff)
-
trunk/readme.txt (modified) (2 diffs)
-
trunk/wp-mail-log.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
wp-mail-log/tags/1.1.2/readme.txt
r2931421 r2931706 4 4 Requires at least: 5.0 5 5 Tested up to: 6.2 6 Stable tag: trunk6 Stable tag: 1.1.2 7 7 Requires PHP: 7.4 8 8 License: GPLv2 or later -
wp-mail-log/trunk/classes/api.php
r2885546 r2931706 233 233 } 234 234 235 // sanitize $sql recursively 236 237 $sql = $this->sanitize_data( $sql ); 238 235 239 $res = [ 236 240 'columns' => $columns, … … 423 427 return rest_ensure_response( $response ); 424 428 } 429 430 function sanitize_data( $data ) { 431 432 $sanitized_data = []; 433 434 $allowed_html = wp_kses_allowed_html('post'); 435 $allowed_html['style'] = []; 436 437 foreach ( $data as $key => $row ) { 438 $sanitized_data[] = [ 439 'id' => $row->id, 440 'to_email' => $row->to_email, 441 'subject' => sanitize_text_field( $row->subject ), 442 'message' => wp_kses( $row->message, $allowed_html ), 443 'headers' => $row->headers, 444 'attachments' => $row->attachments, 445 'sent_date' => $row->sent_date, 446 'files' => $row->files, 447 ]; 448 } 449 450 return $sanitized_data; 451 } 425 452 } -
wp-mail-log/trunk/classes/capture-mail.php
r2885546 r2931706 22 22 */ 23 23 public static function log_email( $mail_info ) { 24 25 $original_mail_info = $mail_info; 26 24 27 global $wpdb; 25 28 $table_name = $wpdb->prefix . 'wml_entries'; … … 40 43 } 41 44 }; 45 46 // sanitize email 47 if(is_array($mail_to)){ 48 $mail_to = self::sanitize_to_email($mail_to); 49 } else if(strpos($mail_to, ',') !== false){ 50 $mail_to = explode(',', $mail_to); 51 $mail_to = self::sanitize_to_email($mail_to); 52 } else { 53 $mail_to = self::sanitize_to_email([$mail_to]); 54 } 55 56 // implode email 57 $mail_to = implode(', ', $mail_to); 58 59 $mail_info['subject'] = sanitize_text_field($mail_info['subject']); 60 61 $allowed_html = wp_kses_allowed_html('post'); 62 $allowed_html['style'] = []; 63 //print_r($allowed_html); die(); 64 // sanitize message but allow style tags 65 $mail_info['message'] = wp_kses($mail_info['message'], $allowed_html); 66 42 67 // Log into the database 68 43 69 $wpdb->insert( 44 70 $table_name, … … 56 82 57 83 // return unmodifiyed array 58 return $mail_info; 84 return $original_mail_info; 85 } 86 87 public static function sanitize_to_email( $array ) { 88 89 foreach ( $array as $key => &$value ) { 90 if ( is_array( $value ) ) { 91 $value = self::sanitize_to_email( $value ); 92 } else { 93 $value = sanitize_email( $value ); 94 } 95 } 96 97 return $array; 59 98 } 60 99 } -
wp-mail-log/trunk/classes/db-table.php
r2920109 r2931706 50 50 `sent_date` VARCHAR(50) NOT NULL, 51 51 `captured_gmt` VARCHAR(50) NOT NULL, 52 `attachments_file` TEXT52 `attachments_file` TEXT 53 53 ) collate {$wpdb_collate};"; 54 54 -
wp-mail-log/trunk/readme.txt
r2920109 r2931706 4 4 Requires at least: 5.0 5 5 Tested up to: 6.2 6 Stable tag: trunk6 Stable tag: 1.1.2 7 7 Requires PHP: 7.4 8 8 License: GPLv2 or later … … 43 43 == Changelog == 44 44 45 = 1.1.2 = 46 * Improved data sanitization and escaping for enhanced security 47 45 48 = 1.1.1 = 46 * Fixed: Not creating DB tablesin some cases49 * Fixed: Not creating required DB table in some cases 47 50 48 51 = 1.1 = -
wp-mail-log/trunk/wp-mail-log.php
r2920109 r2931706 6 6 * Plugin URI: https://wpvibes.com/ 7 7 * Author: WPVibes 8 * Version: 1.1. 18 * Version: 1.1.2 9 9 * Author URI: https://wpvibes.com/ 10 10 * License: GNU General Public License v2 or later … … 22 22 define( 'WML_BASE', plugin_basename( __FILE__ ) ); 23 23 define( 'WML_FILE', __FILE__ ); 24 define( 'WML_VERSION', '1.1. 1' );24 define( 'WML_VERSION', '1.1.2' ); 25 25 26 26
Note: See TracChangeset
for help on using the changeset viewer.