WordPress.org

Plugin Directory


Ignore:
Location:
advanced-text-widget/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • advanced-text-widget/trunk/advancedtext.php

    r465828 r466102  
    55Description: Text widget that has extensive conditional options to display content on pages, posts, specific categories etc. It supports regular HTML as well as PHP code. Conditional visibility can be applied to other widgets of the site as well. 
    66Author: Max Chirkov 
    7 Version: 2.1.1 
     7Version: 2.0.2 
    88Author URI: http://simplerealtytheme.com 
    99*/ 
     
    9797 
    9898function atw_admin_scripts(){ 
    99     if (isset($_GET['page']) && $_GET['page'] == 'atw'){ 
     99    $page = esc_attr($_GET['page']);     
     100    if ( 'atw' == $page ){       
    100101        wp_enqueue_script('postbox'); 
    101102        wp_enqueue_script('dashboard'); 
  • advanced-text-widget/trunk/lib/wp_plugin_admin.php

    r465828 r466102  
    22/* 
    33*  WordPress Plugin Admin Class 
    4 ** Version 0.2.x 
     4** Version 0.3 
    55** Author: Max Chirkov 
    66** Based on work of: Joost de Valk (Yoast Plugin Admin), Ian Stewart (Thematic Theme Options) 
     
    153153         */      
    154154        function config_page_styles() { 
    155             if (isset($_GET['page']) && ($_GET['page'] == $this->filename || $_GET['page'] == $this->hook)) { 
     155            $page = esc_attr($_GET['page']); 
     156            if ($page && ($page == $this->filename || $page == $this->hook)) { 
    156157                wp_enqueue_style('dashboard'); 
    157158                wp_enqueue_style('thickbox'); 
     
    163164         
    164165        function config_page_scripts() { 
    165             if (isset($_GET['page']) && ($_GET['page'] == $this->filename || $_GET['page'] == $this->hook)) { 
     166            $page = esc_attr($_GET['page']); 
     167            if ($page && ($page == $this->filename || $page == $this->hook)) { 
    166168                            wp_enqueue_script('jquery'); 
    167169                            wp_enqueue_script('jquery-ui'); 
     
    178180                function admin_head(){ 
    179181                    //this condition is important, otherwise, if loads on other pages - breaks collapsible sidebar navigation. 
    180                     if (isset($_GET['page']) && ($_GET['page'] == $this->filename || $_GET['page'] == $this->hook)) { 
     182                    $page = esc_attr($_GET['page']); 
     183                    if ($page && ($page == $this->filename || $page == $this->hook)) { 
    181184                        echo '<script type="text/javascript" src="../wp-includes/js/jquery/ui.sortable.js"></script>'; 
    182185                        echo '<link type="text/css" href="http://jquery-ui.googlecode.com/svn/tags/latest/themes/base/jquery.ui.all.css" rel="stylesheet" />'; 
     
    229232         
    230233        function show_menu(){ 
    231             $submenu_slugs = array_keys($this->submenu_pages);           
    232             if($_GET['page'] && in_array($_GET['page'], $submenu_slugs)){            
     234            $submenu_slugs = array_keys($this->submenu_pages); 
     235            $page = esc_attr($_GET['page']);         
     236            if($page && in_array($page, $submenu_slugs)){            
    233237                //submenu slug contains prefix, but submenu files don't, so remove prefix 
    234                 $submenu_file_name = str_replace($this->prefix, '', $_GET['page']) . '.php';                                 
     238                $submenu_file_name = str_replace($this->prefix, '', $page) . '.php';                                 
    235239                $submenu_file_path = dirname (__FILE__) . '/' . $submenu_file_name;              
    236240                //options funtion should be $submenu_slug + _options_page() 
    237                 $func = $_GET['page'] . '_options_page'; 
     241                $func = $page . '_options_page'; 
    238242                if(function_exists($func)){ 
    239243                    call_user_func($func); 
  • advanced-text-widget/trunk/readme.txt

    r465828 r466102  
    55Requires at least: 2.8 
    66Tested up to: 3.3 
    7 Stable tag: 2.0.1 
     7Stable tag: 2.0.2 
    88 
    99Text widget with HTML and raw PHP support. Conditional visibility for all widgets or just this advanced text widget. Extensive conditional options with ability to edit and/or add custom conditions. 
     
    4141== Changelog == 
    4242 
     43**Version 2.0.2** 
     44 
     45- Updated all get method operations with esc_attr() to improve security. 
     46 
    4347**Version 2.0.1** 
    4448 
Note: See TracChangeset for help on using the changeset viewer.