WordPress.org

Plugin Directory

Changeset 750054


Ignore:
Timestamp:
08/02/13 15:44:33 (9 months ago)
Author:
xhanch_studio
Message:

Security n hashtag

Location:
xhanch-my-twitter/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • xhanch-my-twitter/trunk/admin/setting.php

    r725652 r750054  
    7676            'otl' => 'Oldest to latest', 
    7777        ); 
     78 
     79        if(!empty($_POST) && !wp_verify_nonce($_POST['vrf_xmt_cfg_frm'],'xmt_cfg_frm')){ 
     80            echo '<div id="message" class="updated fade"><p>'.__('Invalid form verification token.', 'xmt').'</p></div>';  
     81            exit; 
     82        } 
    7883                 
    7984        if(isset($_POST['cmd_xmt_crt_prf']) || isset($_POST['cmd_xmt_dpl_prf'])){ 
     
    152157                'twt_usr_nme' => xmt_form_post('txt_xmt_twt_usr_nme'), 
    153158                'oah_use' => $cfg['oah_use'], 
    154                 'csm_key' => $cfg['csm_key'], 
    155                 'csm_sct' => $cfg['csm_sct'], 
    156                 'oah_tkn' => $cfg['oah_tkn'], 
    157                 'oah_sct' => $cfg['oah_sct'], 
     159                'csm_key' => trim($cfg['csm_key']), 
     160                'csm_sct' => trim($cfg['csm_sct']), 
     161                'oah_tkn' => trim($cfg['oah_tkn']), 
     162                'oah_sct' => trim($cfg['oah_sct']), 
    158163                'ord' => xmt_form_post('cbo_xmt_ord'),   
    159164                'cnt' => intval(xmt_form_post('int_xmt_cnt')), 
     
    864869                        <input type="submit" name="cmd_xmt_dpl_prf" value="<?php echo __('Duplicate Profile', 'xmt'); ?>"/> 
    865870                    </p> 
     871 
     872                    <?php wp_nonce_field('xmt_cfg_frm','vrf_xmt_cfg_frm'); ?> 
    866873                </form> 
    867874            <?php }else{ ?>  
     
    884891                    <i><small><?php echo __('Each profile will create a new widget to be placed to your sidebar/post/template code', 'xmt'); ?></small></i><br/> 
    885892                    <p class="submit"><input type="submit" name="cmd_xmt_crt_prf" value="<?php echo __('Create Profile', 'xmt'); ?>"/></p> 
     893                    <?php wp_nonce_field('xmt_cfg_frm','vrf_xmt_cfg_frm'); ?> 
    886894                </form> 
    887895                <br/><br/> 
     
    893901                    <input type="file" size="30" name="fil_xmt_prf_fle"/><br/>   
    894902                    <p class="submit"><input type="submit" name="cmd_xmt_import_profile" value="<?php echo __('Import Profile', 'xmt'); ?>"/></p> 
     903                    <?php wp_nonce_field('xmt_cfg_frm','vrf_xmt_cfg_frm'); ?> 
    895904                </form> 
    896905                <br/><br/> 
     
    906915                    </table> 
    907916                    <p class="submit"><input type="submit" name="cmd_xmt_dtb_ver_upd" value="<?php echo __('Change', 'xmt'); ?>"/></p> 
     917                    <?php wp_nonce_field('xmt_cfg_frm','vrf_xmt_cfg_frm'); ?> 
    908918                </form> 
    909919                <br/><br/> 
     
    915925                    You can export your profiles so you can import them again after reinstall. 
    916926                    <p class="submit"><input type="submit" name="cmd_xmt_rit" value="<?php echo __('Confirm', 'xmt'); ?>"/></p> 
     927                    <?php wp_nonce_field('xmt_cfg_frm','vrf_xmt_cfg_frm'); ?> 
    917928                </form> 
    918929            <?php } ?> 
  • xhanch-my-twitter/trunk/inc/twitter.php

    r725672 r750054  
    266266                if($xmt_acc[$acc]['cfg']['shw_hsh_tag'] && $xmt_acc[$acc]['cfg']['clc_hsh_tag']){ 
    267267                    $pattern = '/(\s\#([_a-z0-9\-]+))/i'; 
    268                     $replace = '<a href="http://search.twitter.com/search?q=%23$2" '.($xmt_acc[$acc]['cfg']['lnk_new_tab']?'target="_blank"':'').'>$1</a>'; 
     268                    $replace = '<a href="https://twitter.com/search?q=%23$2&src=hash" '.($xmt_acc[$acc]['cfg']['lnk_new_tab']?'target="_blank"':'').'>$1</a>'; 
    269269                    $twt = preg_replace($pattern,$replace,$twt); 
    270270                } 
  • xhanch-my-twitter/trunk/readme.txt

    r726633 r750054  
    77Requires at least: 2.3 
    88Tested up to: 3.6 
    9 Stable tag: 2.7.6 
     9Stable tag: 2.7.7 
    1010 
    1111The best plugin to display your latest tweets, replies, direct messages, retweets, auto and manual tweet and lots more. Support multiple accounts 
  • xhanch-my-twitter/trunk/xhanch-my-twitter.php

    r725652 r750054  
    66        Author: Susanto BSc (Xhanch Studio) 
    77        Author URI: http://xhanch.com 
    8         Version: 2.7.6 
     8        Version: 2.7.7 
    99    */ 
    1010     
Note: See TracChangeset for help on using the changeset viewer.