WordPress.org

Plugin Directory

Changeset 723187 for download-monitor


Ignore:
Timestamp:
06/05/13 17:07:04 (21 months ago)
Author:
jolley_small
Message:

Security patch (XSS)

Location:
download-monitor/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • download-monitor/trunk/admin/admin.php

    r655693 r723187  
    783783                                        </tr> 
    784784                                    </table> 
    785                                     <input type="hidden" name="sort" value="<?php echo $_REQUEST['sort']; ?>" /> 
    786                                     <input type="hidden" name="p" value="<?php echo $_REQUEST['p']; ?>" /> 
     785                                    <input type="hidden" name="sort" value="<?php echo sanitize_text_field( $_REQUEST['sort'] ); ?>" /> 
     786                                    <input type="hidden" name="p" value="<?php echo sanitize_text_field( $_REQUEST['p'] ); ?>" /> 
    787787                                    <input type="hidden" name="sub" value="1" /> 
    788788                                    <input type="hidden" name="postDate" value="<?php echo $postDate; ?>" /> 
     
    13771377            <div class="alignright"> 
    13781378                <label class="hidden" for="post-search-input"><?php _e('Search Downloads:',"wp-download_monitor"); ?></label> 
    1379                 <input class="search-input" id="post-search-input" name="search_downloads" value="<?php if (isset($_REQUEST['search_downloads'])) echo $_REQUEST['search_downloads']; ?>" type="text" /> 
     1379                <input class="search-input" id="post-search-input" name="search_downloads" value="<?php if (isset($_REQUEST['search_downloads'])) echo sanitize_text_field( $_REQUEST['search_downloads'] ); ?>" type="text" /> 
    13801380                <input value="<?php _e('Search Downloads',"wp-download_monitor"); ?>" class="button" type="submit" /> 
    13811381            </div> 
  • download-monitor/trunk/readme.txt

    r655693 r723187  
    1 === Plugin Name === 
     1=== Download Monitor === 
    22Contributors: mikejolley 
    33Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=10691945 
     
    55Requires at least: 2.8 
    66Tested up to: 3.5 
    7 Stable tag: 3.3.6.1 
     7Stable tag: 3.3.6.2 
    88 
    99Plugin with interface for uploading and managing download files, inserting download links in posts, and monitoring download hits. 
     
    1111== Description == 
    1212 
    13 __Note: This plugin is no longer actively developed nor maintained!__ 
     13__Note: This plugin is no longer actively developed nor maintained! However, a rewrite is planned - see more here: [http://mikejolley.com/2013/04/the-new-download-monitor-plugin/](http://mikejolley.com/2013/04/the-new-download-monitor-plugin/)__ 
    1414 
    1515Download Monitor is a plugin for uploading and managing downloads, tracking download hits, and displaying links. 
    1616 
    1717You can contribute code to this plugin via GitHub: https://github.com/mikejolley/download-monitor 
    18  
    19 Note, my work on this plugin is on hold due to other projects. 
    2018 
    2119For older versions of wordpress use the older Download Monitor version 2.2.3 which is available from http://wordpress.org/extend/plugins/download-monitor/download/ (tested and working in Wordpress 2.0 and 2.3). 
     
    8785 
    8886== Changelog == 
     87 
     88= 3.3.6.2 = 
     89*   sanitize_text_field to prevent XSS in admin 
    8990 
    9091= 3.3.6.1 = 
  • download-monitor/trunk/wp-download_monitor.php

    r655693 r723187  
    33Plugin Name: Wordpress Download Monitor 
    44Plugin URI: http://wordpress.org/extend/plugins/download-monitor/ 
    5 Description: <strong style="color:red">Note: This plugin is no longer actively developed nor maintained!</strong> Manage downloads on your site, view and show hits, and output in posts. If you are upgrading Download Monitor it is a good idea to <strong>back-up your database</strong> first just in case. You may need to re-save your permalink settings after upgrading if your downloads stop working. 
    6 Version: 3.3.6.1 
     5Description: <strong style="color:red">Note: This plugin is no longer actively developed nor maintained! However, a rewrite is planned - http://mikejolley.com/2013/04/the-new-download-monitor-plugin/</strong> Manage downloads on your site, view and show hits, and output in posts. 
     6Version: 3.3.6.2 
    77Author: Mike Jolley 
    88Author URI: http://mikejolley.com 
Note: See TracChangeset for help on using the changeset viewer.