WordPress.org

Plugin Directory

Changeset 545369


Ignore:
Timestamp:
05/17/12 13:22:14 (2 years ago)
Author:
michelem
Message:

Release version 1.8.3.1

Location:
wassup/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • wassup/trunk/readme.txt

    r527146 r545369  
    1 === WassUp Real Time Analitycs === 
     1=== WassUp Real Time Analytics === 
    22Contributors: michelem, helened 
    33Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=michele%40befree%2eit&item_name=WassUp&no_shipping=0&no_note=1&tax=0&currency_code=EUR&lc=IT&bn=PP%2dDonationsBF&charset=UTF%2d8 
     
    55Requires at least: 2.2 
    66Tested up to: 3.2.1 
    7 Stable tag: 1.8.3 
     7Stable tag: 1.8.3.1 
    88 
    99Analyze your visitors traffic with real-time statistics, a lot of chronological information, charts, a sidebar widget. 
     
    144144 
    145145== Changelog == 
     146 
     147= 1.8.3.1 = 
     148= Urgent bugfix = 
     149* fixed security issue: Change the UserAgent of the browser to include html tags, and by accessing a WordPress blog with WassUp installed, the tag is executed when going to "View Details" from the administrative page and viewing the access logs. 
    146150 
    147151= 1.8.3 = 
  • wassup/trunk/wassup.php

    r444137 r545369  
    11<?php 
    22/* 
    3 Plugin Name: WassUp 
     3Plugin Name: WassUp Real Time Analytics 
    44Plugin URI: http://www.wpwp.org 
    55Description: Analyze your visitors traffic with real-time stats, charts, and a lot of chronological information. Includes a sidebar widget of current online visitors and other statistics and an admin dashboard widget with chart. For Wordpress 2.2 or higher. Caution: don't upgrade when your site is busy! 
    6 Version: 1.8.3 
     6Version: 1.8.3.1 
    77Author: Michele Marcucci, Helene Duncker 
    88Author URI: http://www.michelem.org/ 
     
    2424//wassup globals & constants 
    2525global $wp_version, $current_user, $user_level, $wassup_options; 
    26 $wassupversion="1.8.3"; 
     26$wassupversion="1.8.3.1"; 
    2727$wassup_cookie_value=""; 
    2828$wdebug_mode=false; //turn on debugging (global)...Use cautiously! Will display errors from all plugins, not just WassUp 
     
    15561556        echo __("Page","wassup").': <span class="raw">'.$rk->searchpage.'</span>';?></li><?php 
    15571557        } ?> 
    1558         <li><?php echo __("User Agent","wassup").': <span class="raw">'.attribute_escape(htmlspecialchars(html_entity_decode($rk->agent))).'</span>'; ?></li><?php 
     1558        <li><?php echo __("User Agent","wassup").': <span class="raw">'.strip_tags(attribute_escape(htmlspecialchars(html_entity_decode($rk->agent)))).'</span>'; ?></li><?php 
    15591559        if (empty($rk->spider) || $rk->browser != "") {  
    15601560            echo "\n"; ?> 
     
    17021702            //hidden user agent string 
    17031703            ?><div style="display: none;" class="togglenavi naviagent<?php echo $rk->id ?>"><ul class="useragent"> 
    1704                 <li class="useragent"><?php _e('User Agent','wassup'); ?>: <strong><?php print $rk->agent; ?></strong></li> 
     1704                <li class="useragent"><?php _e('User Agent','wassup'); ?>: <strong><?php print strip_tags($rk->agent); ?></strong></li> 
    17051705            </ul></div> 
    17061706            <?php 
Note: See TracChangeset for help on using the changeset viewer.