From 10a9ee4edcef60c2189085d8ebd2cc0d31b62126 Mon Sep 17 00:00:00 2001 From: "Anthony G. Basile" Date: Tue, 1 Jan 2019 22:17:02 -0500 Subject: Update easy-table 1.8 Signed-off-by: Anthony G. Basile --- plugins/easy-table/easy-table.php | 56 ++++++++++----------------------------- plugins/easy-table/readme.txt | 12 ++++++--- 2 files changed, 23 insertions(+), 45 deletions(-) diff --git a/plugins/easy-table/easy-table.php b/plugins/easy-table/easy-table.php index 4bfe2854..1ade56fc 100644 --- a/plugins/easy-table/easy-table.php +++ b/plugins/easy-table/easy-table.php @@ -4,7 +4,7 @@ Plugin Name: Easy Table Plugin URI: http://takien.com/ Description: Create table in post, page, or widget in easy way. Author: Takien -Version: 1.6 +Version: 1.8 Author URI: http://takien.com/ */ @@ -106,7 +106,7 @@ function __construct(){ private function easy_table_base($return){ $easy_table_base = Array( 'name' => 'Easy Table', - 'version' => '1.6', + 'version' => '1.8', 'plugin-domain' => 'easy-table' ); return $easy_table_base[$return]; @@ -570,23 +570,24 @@ function themes(){ } return $themes; } -function theme_content() { - if(!isset($_GET['edit'])) { - return false; - } - $theme = $_GET['edit']; - $dir = plugin_dir_path(__FILE__).'themes/'; - if(is_writable($dir.$theme.'/style.css')) { - return file_get_contents($dir.$theme.'/style.css'); - } -} + /** * Register plugin setting +* @since: 1.7 add sanitize_callback */ function easy_table_register_setting() { - register_setting('easy_table_option_field', 'easy_table_plugin_option'); + $args = array('sanitize_callback'=> array(&$this,'easy_table_sanitize_callback')); + register_setting('easy_table_option_field', 'easy_table_plugin_option', $args); } +/** +* Add sanitize_callback to register_setting to filter the options value +* @since: 1.7 +*/ + +function easy_table_sanitize_callback ( $value ) { + return filter_var( $value,FILTER_CALLBACK, array("options"=>"strip_tags")); +} /** * Render form * @param array @@ -1085,35 +1086,6 @@ col4,col5,col6
- -

- -
-
- - -
-
- -
- New theme:
- - -
-
-

To ask question, please visit this plugin support on WordPress.org

diff --git a/plugins/easy-table/readme.txt b/plugins/easy-table/readme.txt index 4e09bf50..96036d6e 100644 --- a/plugins/easy-table/readme.txt +++ b/plugins/easy-table/readme.txt @@ -2,9 +2,9 @@ Contributors: takien Donate link: http://takien.com/donate Tags: table,csv,csv-to-table,post,excel,csv file,widget,tablesorter -Requires at least: 3.0 -Tested up to: 4.4.1 -Stable tag: 1.6 +Requires at least: 4.0 +Tested up to: 4.9.8 +Stable tag: 1.8 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -248,6 +248,12 @@ No == Changelog == += 1.8 = +* Remove unused and unsafe code that made this plugin taken down from repository. + += 1.7 = +* Add filter to the option values to prevent security issues (Vulnerability reported by Manuel Garcia Cardenas) + = 1.6 = * Added: exclude_row, exclude_col argument. Useful to hide sort of rows or columns from your data. * Added: sslverify=false to wp_remote_get $args -- cgit v1.2.3-18-g5258