Changeset 2985200 for hk-filter-and-search
- Timestamp:
- 10/28/2023 12:20:52 AM (18 months ago)
- Location:
- hk-filter-and-search
- Files:
-
- 12 added
- 2 deleted
- 2 edited
- 3 copied
-
tags/2.8 (copied) (copied from hk-filter-and-search/trunk)
-
tags/2.8/hk-filter-and-search.php (copied) (copied from hk-filter-and-search/trunk/hk-filter-and-search.php) (18 diffs)
-
tags/2.8/languages (added)
-
tags/2.8/languages/hk-filter-and-search-en_GB.mo (added)
-
tags/2.8/languages/hk-filter-and-search-en_GB.po (added)
-
tags/2.8/languages/hk-filter-and-search-sv_SE.mo (added)
-
tags/2.8/languages/hk-filter-and-search-sv_SE.po (added)
-
tags/2.8/languages/hk-filter-and-search.pot (added)
-
tags/2.8/readme.txt (copied) (copied from hk-filter-and-search/trunk/readme.txt) (2 diffs)
-
tags/2.8/screenshot-1.png (deleted)
-
tags/2.8/screenshot-2.png (deleted)
-
trunk/hk-filter-and-search.php (modified) (18 diffs)
-
trunk/languages (added)
-
trunk/languages/hk-filter-and-search-en_GB.mo (added)
-
trunk/languages/hk-filter-and-search-en_GB.po (added)
-
trunk/languages/hk-filter-and-search-sv_SE.mo (added)
-
trunk/languages/hk-filter-and-search-sv_SE.po (added)
-
trunk/languages/hk-filter-and-search.pot (added)
-
trunk/readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
hk-filter-and-search/tags/2.8/hk-filter-and-search.php
r2957037 r2985200 4 4 Plugin URI: http://wordpress.org/plugins/hk-filter-and-search 5 5 Description: Easy way to enable jquery HTML filter or a CSV-file-search to a webpage. Use the shortcodes [csvsearch] and [filtersearch] to enable. 6 Version: 2. 76 Version: 2.8 7 7 Author: jonashjalmarsson 8 8 Author URI: https://jonashjalmarsson.se 9 9 License: GPLv3 10 Text domain: hk-filter-and-search 10 Text Domain: hk-filter-and-search 11 Domain Path: /languages 11 12 */ 12 13 13 14 namespace hk_filter_and_search; 14 15 16 if ( ! defined( 'ABSPATH' ) ) { 17 exit; // Exit if accessed directly. 18 } 19 20 /* 21 * load textdomain 22 */ 23 function hk_load_textdomain() { 24 load_plugin_textdomain( 'hk-filter-and-search', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' ); 25 } 26 add_action( 'init', __NAMESPACE__ . '\\hk_load_textdomain' ); 27 28 /* 29 * enqueue scripts 30 */ 15 31 function hk_filter_search_scripts() { 16 32 if ( ! wp_script_is( 'jquery', 'enqueued' )) { … … 30 46 'charset' => 'iso-8859-1', 31 47 'format' => '{b}{0}{/b}, {1}, {2}{br/}', 32 'searchtext' => 'sök',48 'searchtext' => __('Search', 'hk-filter-and-search'), 33 49 'instantformat' => '{0}', 34 50 'instantsearch' => 'false', 35 51 'dataidformat' => "{0}", 36 52 'csv_separator' => ";", 37 'nothing_found_message' => 'Nothing found when searching for: ',53 'nothing_found_message' => __('Nothing found when searching for: ', 'hk-filter-and-search'), 38 54 'placeholder_text' => '', 39 55 'exact_match' => 'false', … … 44 60 'ignore_default_header_style' => 'false', 45 61 'set_focus_on_load' => 'false', 46 ), $atts ); 47 48 /*foreach ( $defaults as $default => $value ) { // add defaults 49 if ( ! @array_key_exists( $default, $atts ) ) { // mute warning with "@" when no params at all 50 $atts[$default] = $value; 51 } 52 }*/ 53 54 62 ), $atts ); 63 64 $atts = hk_escape_atts($atts); 65 55 66 $src = $atts["src"]; 56 67 … … 58 69 $html .= "<div class='content-container csv-container'>"; 59 70 60 $src = $atts["src"];61 71 $src = trim($src, '\'"”`´ '); 72 73 if (empty($src)) { 74 $html .= '<b>' . __('No file found or not a valid .csv file!', 'hk-filter-and-search') . '</b><br/>'; 75 $html .= '<b>' . __("Src has to be set and point to a .csv file.", 'hk-filter-and-search') . '</b><br/>'; 76 $html .= '</div><!-- END HK CSV search -->'; 77 return wp_kses_post($html); 78 } 79 62 80 $rand = rand(0,10000); 63 81 $charset = $atts["charset"]; … … 74 92 $dataidformat = $atts["dataidformat"]; 75 93 $csv_separator = $atts["csv_separator"]; 94 $nothing_found_message = $atts["nothing_found_message"]; 76 95 $placeholder_text = $atts["placeholder_text"]; 77 96 $only_search_in_column = $atts["only_search_in_column"]; … … 114 133 $src_without_site_url = str_replace($site_url, '', $src); 115 134 116 117 $file_valid = true;118 if (empty($src)) {119 $html .= '<b>No file found!</b><br/>';120 $html .= "<b>Src has to be set to use csvsearch shortcode.</b><br/>";121 $file_valid = false;122 }123 124 135 if ($skip_file_check == "true") { 125 136 // skip file check … … 132 143 } 133 144 else { 134 $html .= "<b>File: " . $src . " not found.</b> Only support for local files.<br/>"; 135 $file_valid = false; 136 } 137 138 if ($file_valid) { 139 $html .= '<div class="hk-csv-search-wrapper">'; 140 $html .= '<form method="POST" class="hk-csv-search-form-'.$rand.'">'; 141 $html .= '<input type="text" name="hk-csv-input" class="hk-csv-input" ' . $autofocus . '/>'; 142 $html .= '<input type="submit" name="hk-csv-button" class="hk-csv-button" value="' . $search_text . '" />'; 143 if ($instantsearch == "true") { 144 $html .= '<div class="hk-csv-instantsearch">'.$placeholder_text.'</div>'; 145 } 146 $html .= '<div class="hk-csv-search-output">'.$placeholder_text.'</div>'; 147 $html .= '</form></div>'; 148 } 149 145 /* translators: %s: filename */ 146 $html .= __(sprintf("<b>File: %s not found.</b> Only support for local files.", $src), 'hk-filter-and-search') . '<br />'; 147 $html .= '</div><!-- END HK CSV search -->'; 148 return wp_kses_post($html); 149 } 150 151 $keep_writing = __('Keep writing...', 'hk-filter-and-search'); 152 153 $html .= '<div class="hk-csv-search-wrapper">'; 154 $html .= '<form method="POST" class="hk-csv-search-form-'.$rand.'">'; 155 $html .= '<input type="text" name="hk-csv-input" class="hk-csv-input" ' . $autofocus . '/>'; 156 $html .= '<input type="submit" name="hk-csv-button" class="hk-csv-button" value="' . $search_text . '" />'; 157 if ($instantsearch == "true") { 158 $html .= '<div class="hk-csv-instantsearch">'.$placeholder_text.'</div>'; 159 } 160 $html .= '<div class="hk-csv-search-output">'.$placeholder_text.'</div>'; 161 $html .= '</form></div>'; 150 162 $html .= '</div>'."\n"; 151 163 152 $ html .= '<style>.hk_header_row { font-weight: bold } .hk-csv-instant-list { list-style-type: none; margin-left: 0; display: inline-block; border: 1px solid #ddd; } .hk-csv-instant-list li { padding: 4px; } .hk-csv-instant-list li:hover { background-color: #ddd; }</style>'."\n";153 $ html .= '<script>164 $style = '.hk_header_row { font-weight: bold } .hk-csv-instant-list { list-style-type: none; margin-left: 0; display: inline-block; border: 1px solid #ddd; } .hk-csv-instant-list li { padding: 4px; } .hk-csv-instant-list li:hover { background-color: #ddd; }'; 165 $js = ' 154 166 (function($) { 155 167 show_header_row_' . $rand . ' = ' . $show_header_row . '; 156 168 $(document).ready(function () { 157 169 var lines' . $rand . ' = []; 158 var nothing_msg_' . $rand . ' = "' . $ atts['nothing_found_message']. '";170 var nothing_msg_' . $rand . ' = "' . $nothing_found_message . '"; 159 171 // search button 160 172 $( ".hk-csv-search-form-' . $rand . '" ).submit(function( event ) { … … 185 197 // on list click 186 198 $(document).on("click", ".hk-csv-search-form-' . $rand . ' .hk-csv-instant-list li a", function(event){ 187 //$(".hk-csv-search-form-' . $rand . ' .hk-csv-instant-list li a").click( function(event){ 188 event.preventDefault(); 189 search = $(this).data("id"); 190 if (search != "") { 191 $(this).parents("ul").remove(); 192 } 193 194 doSearch' . $rand . '(search); 195 }); 199 event.preventDefault(); 200 search = $(this).data("id"); 201 if (search != "") { 202 $(this).parents("ul").remove(); 203 } 204 205 doSearch' . $rand . '(search); 206 }); 196 207 197 208 198 // do search199 function doSearch' . $rand . '(search) {200 if (search != "") {201 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").html("");202 var output = searchData' . $rand . '(search);203 209 // do search 210 function doSearch' . $rand . '(search) { 211 if (search != "") { 212 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").html(""); 213 var output = searchData' . $rand . '(search); 214 204 215 if ((!show_header_row_' . $rand . ' && output.length == 0) || (show_header_row_' . $rand . ' && output.length <= 1)) { 205 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(nothing_msg_' . $rand . ' + search);216 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(nothing_msg_' . $rand . ' + " " + search); 206 217 } 207 218 else { … … 220 231 retline = retline.replace(/\{/g,"<"); 221 232 retline = retline.replace(/\}/g,">"); 222 //retline = retline.toLowerCase();223 233 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(retline); 224 234 } … … 233 243 var output = searchData' . $rand . '(search); 234 244 if (search.length < 3) { 235 $(event).parents(".hk-csv-search-wrapper").find(".hk-csv-instantsearch").html("<ul class=\'hk-csv-instant-list\'><li> Fortsätt skriva...</li></ul>");245 $(event).parents(".hk-csv-search-wrapper").find(".hk-csv-instantsearch").html("<ul class=\'hk-csv-instant-list\'><li>' . $keep_writing . '</li></ul>"); 236 246 } 237 247 else { … … 339 349 340 350 })(jQuery); 341 </script>351 342 352 '; 343 $html .= "\n".'<!-- END HK CSV search -->'."\n"; 344 345 346 return $html; 353 354 return wp_kses( 355 $html, 356 array( 357 'a' => array( 358 'href' => array(), 359 'title' => array(), 360 ), 361 'br' => array(), 362 'em' => array(), 363 'strong' => array(), 364 'div' => array( 365 'class' => array(), 366 ), 367 'form' => array( 368 'method' => array(), 369 'class' => array(), 370 ), 371 'input' => array( 372 'type' => array(), 373 'name' => array(), 374 'class' => array(), 375 'value' => array(), 376 ), 377 ) ) . 378 "<script>" . $js . "</script>\n" . 379 "<style>" . esc_attr($style) . "</style>\n" . 380 '<!-- END HK CSV search -->'."\n"; 347 381 } 348 382 … … 359 393 'search_element' => 'table', 360 394 'show_header_in_table' => 'false', 361 'text' => 'sök på denna sida',395 'text' => __('Search on this site', 'hk-filter-and-search'), 362 396 'clear_icon_class' => 'delete-icon', 363 397 'clear_text' => '', … … 365 399 'set_focus_on_load' => 'true', 366 400 ), $atts ); 401 402 $atts = hk_escape_atts($atts); 367 403 368 404 $html = ""; … … 405 441 $html .= "</div>"; 406 442 /* add default filter style */ 407 $ html .= '<style>443 $style = ' 408 444 .filtersearch' . $rand . ' { 409 445 background-color: #C6CACB; … … 434 470 display: none; 435 471 cursor: pointer; 436 </style>';472 '; 437 473 /* add the jquery script, the script uses random id to work even if added more than once in a page */ 438 $html .= '<script> 474 $warning_text = __('Warning: Nothing to filter!', 'hk-filter-and-search'); 475 $js = ' 439 476 (function($) { 440 477 /* case insensitive contain */ … … 469 506 if ($(selected_element) === undefined || $(selected_element).length == 0) { 470 507 if($("#hk_filter_warning'.$rand.'").length > 0) { 471 $("#hk_filter_warning'.$rand.'").html("<b> Warning: Nothing to filter!</b>");508 $("#hk_filter_warning'.$rand.'").html("<b>'.$warning_text.'</b>"); 472 509 } 473 510 else { 474 $(el).after("<p id=\"hk_filter_warning'.$rand.'\"><b> Warning: Nothing to filter!</b></p>");511 $(el).after("<p id=\"hk_filter_warning'.$rand.'\"><b>'.$warning_text.'</b></p>"); 475 512 } 476 513 } … … 540 577 541 578 })(jQuery); 542 </script>543 579 '; 544 $html .= "\n".'<!-- END HK filter search -->'."\n"; 545 546 return $html; 580 581 return wp_kses( 582 $html, 583 array( 584 'span' => array( 585 'class' => array(), 586 ), 587 'div' => array( 588 'class' => array(), 589 ), 590 'input' => array( 591 'type' => array(), 592 'name' => array(), 593 'class' => array(), 594 'value' => array(), 595 ), 596 ) ) . 597 "<script>" . $js . "</script>\n" . 598 "<style>" . esc_attr($style) . "</style>\n" . 599 '<!-- END HK filter search -->'."\n"; 547 600 } 548 601 … … 556 609 557 610 558 611 function hk_escape_atts($atts) { 612 foreach($atts as $key => $value) { 613 if ($key == "src") { 614 $atts[$key] = esc_url($value); 615 // ignore src if not ending with .csv 616 if (substr($atts[$key], -4) != ".csv") { 617 $atts[$key] = ""; 618 } 619 } 620 else { 621 $atts[$key] = esc_attr($value); 622 } 623 } 624 return $atts; 625 } 626 627 -
hk-filter-and-search/tags/2.8/readme.txt
r2957037 r2985200 3 3 Tags: filter, csv, excel, search, jquery 4 4 Requires at least: 5.0 5 Tested up to: 6.3 6 Stable tag: 2. 75 Tested up to: 6.3.2 6 Stable tag: 2.8 7 7 License: GPLv3 8 Text Domain: hk-filter-and-search 9 Domain Path: /languages 8 10 License URI: http://www.gnu.org/licenses/gpl.html 9 11 … … 103 105 == Changelog == 104 106 107 = 2.8 = 108 Major security fix. Attributes escaped. Cross scripting fix. Please update to this version! 109 Translation added. Swedish and English. 110 105 111 = 2.7 = 106 112 Bugfixes for filtersearch, search per td cell if filtering table. Support if thead is used in table. 107 108 113 109 114 = 2.6 = -
hk-filter-and-search/trunk/hk-filter-and-search.php
r2957037 r2985200 4 4 Plugin URI: http://wordpress.org/plugins/hk-filter-and-search 5 5 Description: Easy way to enable jquery HTML filter or a CSV-file-search to a webpage. Use the shortcodes [csvsearch] and [filtersearch] to enable. 6 Version: 2. 76 Version: 2.8 7 7 Author: jonashjalmarsson 8 8 Author URI: https://jonashjalmarsson.se 9 9 License: GPLv3 10 Text domain: hk-filter-and-search 10 Text Domain: hk-filter-and-search 11 Domain Path: /languages 11 12 */ 12 13 13 14 namespace hk_filter_and_search; 14 15 16 if ( ! defined( 'ABSPATH' ) ) { 17 exit; // Exit if accessed directly. 18 } 19 20 /* 21 * load textdomain 22 */ 23 function hk_load_textdomain() { 24 load_plugin_textdomain( 'hk-filter-and-search', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' ); 25 } 26 add_action( 'init', __NAMESPACE__ . '\\hk_load_textdomain' ); 27 28 /* 29 * enqueue scripts 30 */ 15 31 function hk_filter_search_scripts() { 16 32 if ( ! wp_script_is( 'jquery', 'enqueued' )) { … … 30 46 'charset' => 'iso-8859-1', 31 47 'format' => '{b}{0}{/b}, {1}, {2}{br/}', 32 'searchtext' => 'sök',48 'searchtext' => __('Search', 'hk-filter-and-search'), 33 49 'instantformat' => '{0}', 34 50 'instantsearch' => 'false', 35 51 'dataidformat' => "{0}", 36 52 'csv_separator' => ";", 37 'nothing_found_message' => 'Nothing found when searching for: ',53 'nothing_found_message' => __('Nothing found when searching for: ', 'hk-filter-and-search'), 38 54 'placeholder_text' => '', 39 55 'exact_match' => 'false', … … 44 60 'ignore_default_header_style' => 'false', 45 61 'set_focus_on_load' => 'false', 46 ), $atts ); 47 48 /*foreach ( $defaults as $default => $value ) { // add defaults 49 if ( ! @array_key_exists( $default, $atts ) ) { // mute warning with "@" when no params at all 50 $atts[$default] = $value; 51 } 52 }*/ 53 54 62 ), $atts ); 63 64 $atts = hk_escape_atts($atts); 65 55 66 $src = $atts["src"]; 56 67 … … 58 69 $html .= "<div class='content-container csv-container'>"; 59 70 60 $src = $atts["src"];61 71 $src = trim($src, '\'"”`´ '); 72 73 if (empty($src)) { 74 $html .= '<b>' . __('No file found or not a valid .csv file!', 'hk-filter-and-search') . '</b><br/>'; 75 $html .= '<b>' . __("Src has to be set and point to a .csv file.", 'hk-filter-and-search') . '</b><br/>'; 76 $html .= '</div><!-- END HK CSV search -->'; 77 return wp_kses_post($html); 78 } 79 62 80 $rand = rand(0,10000); 63 81 $charset = $atts["charset"]; … … 74 92 $dataidformat = $atts["dataidformat"]; 75 93 $csv_separator = $atts["csv_separator"]; 94 $nothing_found_message = $atts["nothing_found_message"]; 76 95 $placeholder_text = $atts["placeholder_text"]; 77 96 $only_search_in_column = $atts["only_search_in_column"]; … … 114 133 $src_without_site_url = str_replace($site_url, '', $src); 115 134 116 117 $file_valid = true;118 if (empty($src)) {119 $html .= '<b>No file found!</b><br/>';120 $html .= "<b>Src has to be set to use csvsearch shortcode.</b><br/>";121 $file_valid = false;122 }123 124 135 if ($skip_file_check == "true") { 125 136 // skip file check … … 132 143 } 133 144 else { 134 $html .= "<b>File: " . $src . " not found.</b> Only support for local files.<br/>"; 135 $file_valid = false; 136 } 137 138 if ($file_valid) { 139 $html .= '<div class="hk-csv-search-wrapper">'; 140 $html .= '<form method="POST" class="hk-csv-search-form-'.$rand.'">'; 141 $html .= '<input type="text" name="hk-csv-input" class="hk-csv-input" ' . $autofocus . '/>'; 142 $html .= '<input type="submit" name="hk-csv-button" class="hk-csv-button" value="' . $search_text . '" />'; 143 if ($instantsearch == "true") { 144 $html .= '<div class="hk-csv-instantsearch">'.$placeholder_text.'</div>'; 145 } 146 $html .= '<div class="hk-csv-search-output">'.$placeholder_text.'</div>'; 147 $html .= '</form></div>'; 148 } 149 145 /* translators: %s: filename */ 146 $html .= __(sprintf("<b>File: %s not found.</b> Only support for local files.", $src), 'hk-filter-and-search') . '<br />'; 147 $html .= '</div><!-- END HK CSV search -->'; 148 return wp_kses_post($html); 149 } 150 151 $keep_writing = __('Keep writing...', 'hk-filter-and-search'); 152 153 $html .= '<div class="hk-csv-search-wrapper">'; 154 $html .= '<form method="POST" class="hk-csv-search-form-'.$rand.'">'; 155 $html .= '<input type="text" name="hk-csv-input" class="hk-csv-input" ' . $autofocus . '/>'; 156 $html .= '<input type="submit" name="hk-csv-button" class="hk-csv-button" value="' . $search_text . '" />'; 157 if ($instantsearch == "true") { 158 $html .= '<div class="hk-csv-instantsearch">'.$placeholder_text.'</div>'; 159 } 160 $html .= '<div class="hk-csv-search-output">'.$placeholder_text.'</div>'; 161 $html .= '</form></div>'; 150 162 $html .= '</div>'."\n"; 151 163 152 $ html .= '<style>.hk_header_row { font-weight: bold } .hk-csv-instant-list { list-style-type: none; margin-left: 0; display: inline-block; border: 1px solid #ddd; } .hk-csv-instant-list li { padding: 4px; } .hk-csv-instant-list li:hover { background-color: #ddd; }</style>'."\n";153 $ html .= '<script>164 $style = '.hk_header_row { font-weight: bold } .hk-csv-instant-list { list-style-type: none; margin-left: 0; display: inline-block; border: 1px solid #ddd; } .hk-csv-instant-list li { padding: 4px; } .hk-csv-instant-list li:hover { background-color: #ddd; }'; 165 $js = ' 154 166 (function($) { 155 167 show_header_row_' . $rand . ' = ' . $show_header_row . '; 156 168 $(document).ready(function () { 157 169 var lines' . $rand . ' = []; 158 var nothing_msg_' . $rand . ' = "' . $ atts['nothing_found_message']. '";170 var nothing_msg_' . $rand . ' = "' . $nothing_found_message . '"; 159 171 // search button 160 172 $( ".hk-csv-search-form-' . $rand . '" ).submit(function( event ) { … … 185 197 // on list click 186 198 $(document).on("click", ".hk-csv-search-form-' . $rand . ' .hk-csv-instant-list li a", function(event){ 187 //$(".hk-csv-search-form-' . $rand . ' .hk-csv-instant-list li a").click( function(event){ 188 event.preventDefault(); 189 search = $(this).data("id"); 190 if (search != "") { 191 $(this).parents("ul").remove(); 192 } 193 194 doSearch' . $rand . '(search); 195 }); 199 event.preventDefault(); 200 search = $(this).data("id"); 201 if (search != "") { 202 $(this).parents("ul").remove(); 203 } 204 205 doSearch' . $rand . '(search); 206 }); 196 207 197 208 198 // do search199 function doSearch' . $rand . '(search) {200 if (search != "") {201 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").html("");202 var output = searchData' . $rand . '(search);203 209 // do search 210 function doSearch' . $rand . '(search) { 211 if (search != "") { 212 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").html(""); 213 var output = searchData' . $rand . '(search); 214 204 215 if ((!show_header_row_' . $rand . ' && output.length == 0) || (show_header_row_' . $rand . ' && output.length <= 1)) { 205 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(nothing_msg_' . $rand . ' + search);216 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(nothing_msg_' . $rand . ' + " " + search); 206 217 } 207 218 else { … … 220 231 retline = retline.replace(/\{/g,"<"); 221 232 retline = retline.replace(/\}/g,">"); 222 //retline = retline.toLowerCase();223 233 $(".hk-csv-search-form-' . $rand . ' .hk-csv-search-output").append(retline); 224 234 } … … 233 243 var output = searchData' . $rand . '(search); 234 244 if (search.length < 3) { 235 $(event).parents(".hk-csv-search-wrapper").find(".hk-csv-instantsearch").html("<ul class=\'hk-csv-instant-list\'><li> Fortsätt skriva...</li></ul>");245 $(event).parents(".hk-csv-search-wrapper").find(".hk-csv-instantsearch").html("<ul class=\'hk-csv-instant-list\'><li>' . $keep_writing . '</li></ul>"); 236 246 } 237 247 else { … … 339 349 340 350 })(jQuery); 341 </script>351 342 352 '; 343 $html .= "\n".'<!-- END HK CSV search -->'."\n"; 344 345 346 return $html; 353 354 return wp_kses( 355 $html, 356 array( 357 'a' => array( 358 'href' => array(), 359 'title' => array(), 360 ), 361 'br' => array(), 362 'em' => array(), 363 'strong' => array(), 364 'div' => array( 365 'class' => array(), 366 ), 367 'form' => array( 368 'method' => array(), 369 'class' => array(), 370 ), 371 'input' => array( 372 'type' => array(), 373 'name' => array(), 374 'class' => array(), 375 'value' => array(), 376 ), 377 ) ) . 378 "<script>" . $js . "</script>\n" . 379 "<style>" . esc_attr($style) . "</style>\n" . 380 '<!-- END HK CSV search -->'."\n"; 347 381 } 348 382 … … 359 393 'search_element' => 'table', 360 394 'show_header_in_table' => 'false', 361 'text' => 'sök på denna sida',395 'text' => __('Search on this site', 'hk-filter-and-search'), 362 396 'clear_icon_class' => 'delete-icon', 363 397 'clear_text' => '', … … 365 399 'set_focus_on_load' => 'true', 366 400 ), $atts ); 401 402 $atts = hk_escape_atts($atts); 367 403 368 404 $html = ""; … … 405 441 $html .= "</div>"; 406 442 /* add default filter style */ 407 $ html .= '<style>443 $style = ' 408 444 .filtersearch' . $rand . ' { 409 445 background-color: #C6CACB; … … 434 470 display: none; 435 471 cursor: pointer; 436 </style>';472 '; 437 473 /* add the jquery script, the script uses random id to work even if added more than once in a page */ 438 $html .= '<script> 474 $warning_text = __('Warning: Nothing to filter!', 'hk-filter-and-search'); 475 $js = ' 439 476 (function($) { 440 477 /* case insensitive contain */ … … 469 506 if ($(selected_element) === undefined || $(selected_element).length == 0) { 470 507 if($("#hk_filter_warning'.$rand.'").length > 0) { 471 $("#hk_filter_warning'.$rand.'").html("<b> Warning: Nothing to filter!</b>");508 $("#hk_filter_warning'.$rand.'").html("<b>'.$warning_text.'</b>"); 472 509 } 473 510 else { 474 $(el).after("<p id=\"hk_filter_warning'.$rand.'\"><b> Warning: Nothing to filter!</b></p>");511 $(el).after("<p id=\"hk_filter_warning'.$rand.'\"><b>'.$warning_text.'</b></p>"); 475 512 } 476 513 } … … 540 577 541 578 })(jQuery); 542 </script>543 579 '; 544 $html .= "\n".'<!-- END HK filter search -->'."\n"; 545 546 return $html; 580 581 return wp_kses( 582 $html, 583 array( 584 'span' => array( 585 'class' => array(), 586 ), 587 'div' => array( 588 'class' => array(), 589 ), 590 'input' => array( 591 'type' => array(), 592 'name' => array(), 593 'class' => array(), 594 'value' => array(), 595 ), 596 ) ) . 597 "<script>" . $js . "</script>\n" . 598 "<style>" . esc_attr($style) . "</style>\n" . 599 '<!-- END HK filter search -->'."\n"; 547 600 } 548 601 … … 556 609 557 610 558 611 function hk_escape_atts($atts) { 612 foreach($atts as $key => $value) { 613 if ($key == "src") { 614 $atts[$key] = esc_url($value); 615 // ignore src if not ending with .csv 616 if (substr($atts[$key], -4) != ".csv") { 617 $atts[$key] = ""; 618 } 619 } 620 else { 621 $atts[$key] = esc_attr($value); 622 } 623 } 624 return $atts; 625 } 626 627 -
hk-filter-and-search/trunk/readme.txt
r2957037 r2985200 3 3 Tags: filter, csv, excel, search, jquery 4 4 Requires at least: 5.0 5 Tested up to: 6.3 6 Stable tag: 2. 75 Tested up to: 6.3.2 6 Stable tag: 2.8 7 7 License: GPLv3 8 Text Domain: hk-filter-and-search 9 Domain Path: /languages 8 10 License URI: http://www.gnu.org/licenses/gpl.html 9 11 … … 103 105 == Changelog == 104 106 107 = 2.8 = 108 Major security fix. Attributes escaped. Cross scripting fix. Please update to this version! 109 Translation added. Swedish and English. 110 105 111 = 2.7 = 106 112 Bugfixes for filtersearch, search per td cell if filtering table. Support if thead is used in table. 107 108 113 109 114 = 2.6 =
Note: See TracChangeset
for help on using the changeset viewer.