Headline
CVE-2021-4349: Changeset 2473649 – WordPress Plugin Repository
The Process Steps Template Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to conduct unspecified attacks via forged request granted they can trick a site administrator into performing an action such as clicking on a link.
process-steps-template-designer/trunk/cool-process.php
r2126485
r2473649
4
4
Plugin URI:http://process.cooltimeline.com/
5
5
Description:Process Steps Template Designer plugin allow you to show your workflow business process in a creative step by step design template.
6
Version:1.2.1
6
Version:1.3
7
7
Author:Cool Plugins
8
8
Author URI:https://coolplugins.net/
…
…
16
16
/\*\* Configuration \* \*/
17
17
if (!defined('COOL\_PROCESS\_VERSION\_CURRENT'))
18
define('COOL\_PROCESS\_VERSION\_CURRENT', '1.2.1');
18
define('COOL\_PROCESS\_VERSION\_CURRENT', '1.3');
19
19
define('COOL\_PROCESS\_PLUGIN\_URL', plugin\_dir\_url( \_\_FILE\_\_ ) );
20
20
define('COOL\_PROCESS\_PLUGIN\_DIR', plugin\_dir\_path( \_\_FILE\_\_ ) );
…
…
43
43
44
44
if(is\_admin()){
45
require\_once COOL\_PROCESS\_PLUGIN\_DIR . '/feedback/admin-feedback-form.php';
46
//include the main class file
47
require\_once COOL\_PROCESS\_PLUGIN\_DIR . "meta-box-class/my-meta-box-class.php";
48
/\*
49
\* custom meta boxes
50
\*/
45
require\_once COOL\_PROCESS\_PLUGIN\_DIR . '/includes/feedback/admin-feedback-form.php';
46
//include the main class file
47
require\_once COOL\_PROCESS\_PLUGIN\_DIR . "meta-box-class/my-meta-box-class.php";
48
/\*
49
\* custom meta boxes
50
\*/
51
51
$this->pp\_meta\_boxes();
52
// add a tinymce button that generates our shortcode for the user
53
add\_action('after\_setup\_theme', array($this, 'pp\_add\_tinymce'));
54
55
add\_action( 'admin\_notices',array($this,'pp\_admin\_messages'));
56
add\_action( 'wp\_ajax\_hideRating',array($this,'pp\_HideRating' ));
52
// add a tinymce button that generates our shortcode for the user
53
add\_action('after\_setup\_theme', array($this, 'pp\_add\_tinymce'));
54
55
add\_action( 'admin\_notices',array($this,'pp\_admin\_messages'));
56
add\_action( 'wp\_ajax\_hideRating',array($this,'pp\_HideRating' ));
57
57
}
58
require\_once COOL\_PROCESS\_PLUGIN\_DIR . 'includes/process\_functions.php';
59
require\_once COOL\_PROCESS\_PLUGIN\_DIR . 'includes/process\_shortcode.php';
60
require\_once COOL\_PROCESS\_PLUGIN\_DIR .'icons-selector/font-awesome-field.php';
58
59
60
require\_once COOL\_PROCESS\_PLUGIN\_DIR . 'includes/process\_functions.php';
61
require\_once COOL\_PROCESS\_PLUGIN\_DIR . 'includes/process\_shortcode.php';
62
require\_once COOL\_PROCESS\_PLUGIN\_DIR .'icons-selector/font-awesome-field.php';
61
63
// Include other PHP scripts
62
add\_action( 'init', array( $this, 'include\_files' ) );
63
new Font\_Awesome\_Field();
64
new ProcessShortcode();
64
add\_action( 'init', array( $this, 'include\_files' ) );
65
new Font\_Awesome\_Field();
66
new ProcessShortcode();
65
67
}
66
68
…
…
136
138
// inlcude the js for tinymce
137
139
public function pp\_add\_tinymce\_plugin($plugin\_array) {
138
$plugin\_array\['cool\_process'\] =COOL\_PROCESS\_PLUGIN\_URL.'/js/process-button-script.js';
140
$plugin\_array\['cool\_process'\] =COOL\_PROCESS\_PLUGIN\_URL.'assets/js/process-button-script.js';
139
141
return $plugin\_array;
140
142
}
…
…
143
145
function pp\_add\_tinymce\_button($buttons) {
144
146
array\_push($buttons, 'cool\_process\_shortcode\_button');
145
// Print all buttons
146
// var\_dump( $buttons );
147
147
148
return $buttons;
148
149
}
…
…
176
177
}
177
178
178
$install\_date = get\_option('pp-installDate' );
179
$ratingDiv =get\_option( 'pp-ratingDiv' )!=false?get\_option( 'pp-ratingDiv'):"no";
180
$display\_date = date( 'Y-m-d h:i:s' );
181
$install\_date= new DateTime( $install\_date );
182
$current\_date = new DateTime( $display\_date );
183
184
$difference = $install\_date->diff($current\_date);
185
$df\_days=$difference->days;
186
$dynamic\_msz='';
187
188
if ( $df\_days >=15 && $ratingDiv== "no" ) {
189
$dynamic\_msz ="for more than 2 weeks.";
190
echo '<div class="cool\_fivestar update-nag" style="box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);">
191
<p>Awesome, you\\'ve been using <strong>Process Steps Template Designer</strong> '.$dynamic\_msz .' Hopefully you\\'re happy with it. <br> May I ask you to give it a <strong>5-star rating</strong> on Wordpress?
192
This will help to spread its popularity and to make this plugin a better one.
193
<br><br>Your help is much appreciated.Thank you very much!
194
<ul>
195
<li class="float:left"><a href="https://wordpress.org/support/plugin/process-steps-template-designer/reviews/#new-post" class="thankyou button button-primary" target="\_new" title="I Like Process Steps" style="color: #ffffff;-webkit-box-shadow: 0 1px 0 #256e34;box-shadow: 0 1px 0 #256e34;font-weight: normal;float:left;margin-right:10px;">I like Process Steps</a></li>
196
<li><a href="javascript:void(0);" class="coolHideRating button" title="I already did" style="">I already rated it</a></li>
197
<li><a href="javascript:void(0);" class="coolHideRating" title="No, not good enough" style="">No, not good enough, i do not like to rate it!</a></li>
198
</ul>
199
</div>
200
<script>
201
jQuery( document ).ready(function( $ ) {
202
203
jQuery(\\'.coolHideRating\\').click(function(){
204
var data={\\'action\\':\\'hideRating\\'}
205
jQuery.ajax({
206
207
url: "' . admin\_url( 'admin-ajax.php' ) . '",
208
type: "post",
209
data: data,
210
dataType: "json",
211
async: !0,
212
success: function(e) {
213
if (e=="success") {
214
jQuery(\\'.cool\_fivestar\\').slideUp(\\'fast\\');
215
216
}
217
}
218
});
219
})
179
$install\_date = get\_option('pp-installDate' );
180
$ratingDiv =get\_option( 'pp-ratingDiv' )!=false?get\_option( 'pp-ratingDiv'):"no";
181
$display\_date = date( 'Y-m-d h:i:s' );
182
$install\_date= new DateTime( $install\_date );
183
$current\_date = new DateTime( $display\_date );
220
184
221
});
222
</script>';
185
$difference = $install\_date->diff($current\_date);
186
$df\_days=$difference->days;
187
$dynamic\_msz='';
188
189
if ( $df\_days >=15 && $ratingDiv== "no" ) {
190
$dynamic\_msz ="for more than 2 weeks.";
191
echo '<div class="cool\_fivestar update-nag" style="box-shadow: 0 1px 1px 0 rgba(0,0,0,.1);">
192
<p>Awesome, you\\'ve been using <strong>Process Steps Template Designer</strong> '.$dynamic\_msz .' Hopefully you\\'re happy with it. <br> May I ask you to give it a <strong>5-star rating</strong> on Wordpress?
193
This will help to spread its popularity and to make this plugin a better one.
194
<br><br>Your help is much appreciated.Thank you very much!
195
<ul>
196
<li class="float:left"><a href="https://wordpress.org/support/plugin/process-steps-template-designer/reviews/#new-post" class="thankyou button button-primary" target="\_new" title="I Like Process Steps" style="color: #ffffff;-webkit-box-shadow: 0 1px 0 #256e34;box-shadow: 0 1px 0 #256e34;font-weight: normal;float:left;margin-right:10px;">I like Process Steps</a></li>
197
<li><a href="javascript:void(0);" class="coolHideRating button" title="I already did" style="">I already rated it</a></li>
198
<li><a href="javascript:void(0);" class="coolHideRating" title="No, not good enough" style="">No, not good enough, i do not like to rate it!</a></li>
199
</ul>
200
</div>
201
<script>
202
jQuery( document ).ready(function( $ ) {
203
204
jQuery(\\'.coolHideRating\\').click(function(){
205
var data={\\'action\\':\\'hideRating\\'}
206
jQuery.ajax({
207
208
url: "' . admin\_url( 'admin-ajax.php' ) . '",
209
type: "post",
210
data: data,
211
dataType: "json",
212
async: !0,
213
success: function(e) {
214
if (e=="success") {
215
jQuery(\\'.cool\_fivestar\\').slideUp(\\'fast\\');
216
217
}
218
}
219
});
220
})
221
222
});
223
</script>';
223
224
}
224
225
}
process-steps-template-designer/trunk/icons-selector/css/fa-field.css
r1724935
r2473649
1
#searchicon {
2
3
background-position: 10px 12px; /\* Position the search icon \*/
4
background-repeat: no-repeat; /\* Do not repeat the icon image \*/
5
width: 100%; /\* Full-width \*/
6
font-size: 16px; /\* Increase font-size \*/
7
padding: 12px 20px 12px 40px; /\* Add some padding \*/
8
border: 1px solid #ddd; /\* Add a grey border \*/
9
margin-bottom: 12px; /\* Add some space below the input \*/
10
}
11
12
1
13
.fa-field-modal {
2
14
position: fixed;
…
…
37
49
overflow-x: hidden;
38
50
position: absolute;
39
top: 72px;
51
top:120px;
40
52
bottom: 24px;
41
53
left: 24px;
42
54
right: 24px;
43
55
}
56
.icon\_search\_container{
57
position:absolute;
58
top:60px;
59
60
}
44
61
.fa-field-modal .fa-field-modal-icons .fa-field-modal-icon-holder {
45
62
text-align: center;
46
width: 80px;
47
height: 90px;
63
width:35px;
64
height:35px;
48
65
float: left;
49
66
cursor: pointer;
…
…
53
70
}
54
71
.fa-field-modal .fa-field-modal-icons .fa-field-modal-icon-holder .icon {
55
font-size: 40px;
72
font-size:20px;
56
73
color: gray;
57
74
}
process-steps-template-designer/trunk/icons-selector/font-awesome-field.php
r2079138
r2473649
64
64
}
65
65
}
66
return '<i class="fa ' . $icon . '"></i>';
66
return '<i class="fa ' . esc\_attr($icon) . '"></i>';
67
67
}
68
68
/\*\*
…
…
86
86
}
87
87
if ( $format ) {
88
$output = '<i class="fa ' . $icon . '"></i>';
88
$output = '<i class="fa ' . esc\_attr($icon) . '"></i>';
89
89
} else {
90
$output = $icon;
90
$output =$icon;
91
91
}
92
92
return $output;
…
…
120
120
<?php foreach ( $this->icons as $icon ) : ?>
121
121
122
<div class="fa-field-modal-icon-holder" data-icon="<?php echo $icon\['class'\]; ?>">
122
<div class="fa-field-modal-icon-holder" data-icon="<?php echo esc\_attr($icon\['class'\]); ?>">
123
123
<div class="icon">
124
<i class="fa <?php echo $icon\['class'\]; ?>"></i>
124
<i class="fa <?php echo esc\_attr($icon\['class'\]); ?>"></i>
125
125
</div>
126
126
<div class="label">
127
<?php echo $icon\['class'\]; ?>
127
<?php echo esc\_attr($icon\['class'\]); ?>
128
128
</div>
129
129
</div>
…
…
146
146
if ( in\_array( get\_current\_screen()->post\_type, $this->screens ) ) {
147
147
// load up font awesome
148
wp\_enqueue\_style( 'fa-field-fontawesome-css', COOL\_FA\_URL . 'css/font-awesome/css/font-awesome.min.css' );
148
wp\_enqueue\_style( 'fa-field-fontawesome-css', COOL\_FA\_URL . 'css/font-awesome/css/all.min.css' );
149
149
// load up plugin css
150
150
wp\_enqueue\_style( 'fa-field-css', COOL\_FA\_URL . 'css/fa-field.css' );
…
…
182
182
$icon = get\_post\_meta( $post->ID, 'fa\_field\_icon', true );
183
183
?>
184
185
184
<div class="fa-field-metabox">
186
185
<div class="fa-field-current-icon">
187
186
<div class="icon">
188
<?php if ( $icon ) : ?>
189
<i class="fa <?php echo $icon; ?>"></i>
187
<?php
188
if ( $icon ) :
189
if(strpos($icon, '-o') !==false){
190
$icon="fa ".$icon;
191
}else if(strpos($icon, 'fas')!==false || strpos($icon, 'fab') !==false) {
192
$icon=$icon;
193
}else{
194
$icon="fa ".$icon;
195
}
196
?>
197
<i class="<?php echo esc\_attr($icon); ?>"></i>
190
198
<?php endif; ?>
191
199
</div>
192
<div class="delete <?php echo $icon ? 'active' : ''; ?>">×</div>
200
<div class="delete <?php echo esc\_attr($icon) ? 'active' : ''; ?>">×</div>
193
201
</div>
194
<input type="hidden" name="fa\_field\_icon" id="fa\_field\_icon" value="<?php echo $icon; ?>">
202
<input type="hidden" name="fa\_field\_icon" id="fa\_field\_icon" value="<?php echo esc\_attr($icon); ?>">
195
203
<?php wp\_nonce\_field( 'fa\_field\_icon', 'fa\_field\_icon\_nonce' ); ?>
196
204
197
<button class="button-primary add-fa-icon"><?php \_e( 'Add Icon', 'fa-field' ); ?></button>
205
<button class="button-primary add-fa-icon"><?php \_e( 'Add Icon', 'cool-timeline' ); ?></button>
198
206
</div>
199
207
<div class="fa-field-modal" id="fa-field-modal" style="display:none">
208
<div class="fa-field-modal-close">×</div>
209
<h1 class="fa-field-modal-title"><?php \_e( 'Select Font Awesome Icon', 'cool-timeline' ); ?></h1>
210
<div class="icon\_search\_container">
211
<input type="text" id="searchicon" onkeyup="ctlSearchIcon()" placeholder="Search Icon..">
212
</div>
213
<div id="ctl\_icon\_wrapper" class="fa-field-modal-icons">
214
<?php if ( $this->icons ) : ?>
215
<?php foreach ( $this->icons as $icon ) : ?>
216
<div class="fa-field-modal-icon-holder" data-icon="<?php echo esc\_attr($icon\['class'\]); ?>">
217
<div class="icon">
218
<i data-icon-name="<?php echo esc\_attr($icon\['class'\]); ?>" class="<?php echo esc\_attr($icon\['class'\]); ?>"></i>
219
</div>
220
</div>
221
<?php endforeach; ?>
222
223
<?php endif; ?>
224
</div>
225
</div>
200
226
<?php
201
227
}
228
202
229
/\*\*
203
230
\* Saves the data
…
…
208
235
public function save( $post\_id ) {
209
236
/\*\*
210
\* // change for all post types
237
\* check post type
211
238
\*\*/
212
/\*if ( ! in\_array( get\_post\_type( $post\_id ), $this->screens ) ) {
239
if ( get\_post\_type( $post\_id)!="process\_posts") {
213
240
return;
214
}\*/
215
if ( isset( $\_POST\['fa\_field\_icon\_nonce'\] ) && ! wp\_verify\_nonce( $\_POST\['fa\_field\_icon\_nonce'\], 'fa\_field\_icon' ) ) {
241
}
242
if(!isset( $\_POST\['fa\_field\_icon\_nonce'\] ) ||
243
!wp\_verify\_nonce( $\_POST\['fa\_field\_icon\_nonce'\], 'fa\_field\_icon' ) )
244
{
216
245
return;
217
246
}
218
247
if ( isset( $\_POST\['fa\_field\_icon'\] ) ) {
219
update\_post\_meta( $post\_id, 'fa\_field\_icon', $\_POST\['fa\_field\_icon'\] );
220
}
221
}
248
update\_post\_meta( $post\_id, 'fa\_field\_icon',sanitize\_text\_field($\_POST\['fa\_field\_icon'\]));
249
}
250
}
251
222
252
/\*\*
223
253
\* Get an instance of the plugin
…
…
234
264
\*\*/
235
265
private function generate\_icon\_array() {
236
$icons = get\_option( 'fa\_icons' );
266
$icons = get\_option( 'fa\_icons\_v2' );
237
267
if ( ! $icons ) {
238
$pattern = '/\\.(fa-(?:\\w+(?:-)?)+):before\\s+{\\s\*content:\\s\*"(.+)";\\s+}/';
239
$subject = file\_get\_contents( COOL\_FA\_DIR . 'css/font-awesome/css/font-awesome.css' );
240
preg\_match\_all( $pattern, $subject, $matches, PREG\_SET\_ORDER );
241
$icons = array();
242
foreach ( $matches as $match ) {
243
$icons\[\] = array( 'css' => $match\[2\], 'class' => stripslashes( $match\[1\] ) );
244
}
245
update\_option( 'fa\_icons', $icons );
246
}
247
$this->icons = $icons;
268
$all\_icons=json\_decode(file\_get\_contents(COOL\_FA\_DIR.'fontawesome-5.json'),true);
269
foreach ( $all\_icons as $icon ) {
270
$icons\[\] = array( 'class' =>$icon );
271
}
272
update\_option( 'fa\_icons\_v2', $icons );
273
}
274
$this->icons = $icons;
248
275
}
249
276
} // END class Font\_Awesome\_Field
process-steps-template-designer/trunk/icons-selector/includes/template-tags.php
r1724935
r2473649
1
1
<?php
2
/\*\*
3
\* Template tags for the Font Awesome Field
4
\*
5
\* @package WordPress
6
\*\*/
7
2
8
3
if( ! function\_exists( 'get\_fa' ) ) {
9
4
10
/\*\*
11
\* Retrieve the icon
12
\*
13
\* @param bool $format Format the output
14
\* @param integer $post\_id The post ID
15
\* @return string The icon, either formatted as HTML, or just the name
16
\* @author
17
\*\*/
18
5
function get\_fa( $format = false, $post\_id = null ) {
19
6
if ( ! $post\_id ) {
…
…
29
16
}
30
17
if ( $format ) {
31
$output = '<i class="fa ' . $icon . '"></i>';
18
if(strpos($icon, '-o') !==false){
19
$icon="fa ".$icon;
20
}else if(strpos($icon, 'fas')!==false || strpos($icon, 'fab') !==false) {
21
$icon=$icon;
22
}else{
23
$icon="fa ".$icon;
24
}
25
$output = '<i class="' .esc\_attr($icon) . '"></i>';
32
26
} else {
33
27
$output = $icon;
…
…
40
34
if( ! function\_exists( 'the\_fa' ) ) {
41
35
42
/\*\*
43
\* Print the icon
44
\*
45
\* @param bool $format Format the output
46
\* @param integer $post\_id The post ID
47
\* @return void Echoes the icon, either formatted as HTML, or just the name
48
\* @author
49
\*\*/
50
36
function the\_fa( $format = false, $post\_id = null ) {
51
37
echo get\_fa( $format, $post\_id );
process-steps-template-designer/trunk/icons-selector/js/fa-field.js
r1724935
r2473649
22
22
close = $( '.fa-field-modal-close' );
23
23
24
holder.html( '<i class="fa '+ icon +'" />' );
24
holder.html( '<i class="'+ icon +'" />' );
25
25
deleter.addClass( 'active' );
26
26
input.val(icon);
…
…
44
44
});
45
45
46
47
46
48
});
49
function ctlSearchIcon() {
50
// Declare variables
51
var input, filter, ul, li, a, i, txtValue;
52
input = document.getElementById('searchicon');
53
filter = input.value.toUpperCase();
54
iconsWrapper = document.getElementById("ctl\_icon\_wrapper");
55
allIcons = iconsWrapper.getElementsByTagName('div');
56
// Loop through all list items, and hide those who don't match the search query
57
for (i = 0; i < allIcons.length; i++) {
58
txtValue = allIcons\[i\].getElementsByTagName("i")\[0\].getAttribute("data-icon-name");;
59
// txtValue = icon.attr("data-icon-name");
60
if (txtValue.toUpperCase().indexOf(filter) > -1) {
61
allIcons\[i\].style.display = "";
62
} else {
63
allIcons\[i\].style.display = "none";
64
}
65
}
66
}
process-steps-template-designer/trunk/includes/process_functions.php
r2079138
r2473649
9
9
}
10
10
else{
11
$read\_more\_text = isset($attribute\['read-more-text'\]) && !empty($attribute\['read-more-text'\])? $attribute\['read-more-text'\] : \_\_('Read More','cool\_process');
11
$read\_more\_text = isset($attribute\['read-more-text'\]) && !empty($attribute\['read-more-text'\])? esc\_attr($attribute\['read-more-text'\]) : \_\_('Read More','cool\_process');
12
12
$read\_m\_btn= '…<a class="read\_more pp\_read\_more" href="' . get\_permalink(get\_the\_ID()) . '">' .$read\_more\_text. '</a>';
13
13
}
process-steps-template-designer/trunk/includes/process_posttype.php
r1724935
r2473649
17
17
18
18
add\_action( 'save\_post\_process\_posts',array(&$this,'pp\_set\_default\_object\_terms' ),100 ,2);
19
20
21
22
19
add\_filter('parse\_query',array(&$this, 'pp\_convert\_id\_to\_term\_in\_query'));
23
20
add\_action('restrict\_manage\_posts',array(&$this, 'pp\_filter\_post\_type\_by\_taxonomy'));
…
…
156
153
case "label":
157
154
$pp\_label = get\_post\_meta($post\_id, 'pp\_post\_lbl', true);
158
echo"<p><strong>" . $pp\_label . "</strong></p>";
155
echo"<p><strong>" . esc\_html($pp\_label) . "</strong></p>";
159
156
break;
160
157
case "order":
161
158
$pp\_order = get\_post\_meta($post\_id, 'pp\_post\_order', true);
162
echo"<p><strong>" . $pp\_order . "</strong></p>";
159
echo"<p><strong>" . esc\_html($pp\_order) . "</strong></p>";
163
160
break;
164
161
case "images":
…
…
222
219
$taxonomy = 'process-categories'; // change to your taxonomy
223
220
if ($typenow == $post\_type) {
224
$selected = isset($\_GET\[$taxonomy\]) ? $\_GET\[$taxonomy\] : '';
221
$selected = isset($\_GET\[$taxonomy\]) ? intval($\_GET\[$taxonomy\]) : '';
225
222
$info\_taxonomy = get\_taxonomy($taxonomy);
226
223
wp\_dropdown\_categories(array(
process-steps-template-designer/trunk/includes/process_shortcode.php
r2126485
r2473649
44
44
$pp\_content = isset($attribute\['content'\]) && !empty($attribute\['content'\])? $attribute\['content'\] : 'summary';
45
45
$autoplay = isset($attribute\['autoplay'\]) && !empty($attribute\['autoplay'\])? $attribute\['autoplay'\] : 'false';
46
$wrp\_cls = '';
46
$RM\_button = isset($attribute\['read-more-button'\]) && !empty($attribute\['read-more-button'\]) ? $attribute\['read-more-button'\] : 'no';
47
48
$wrp\_cls = '';
47
49
$wrapper\_cls = '';
48
50
$post\_skin\_cls = '';
…
…
115
117
}else{
116
118
if(isset($default\_icon)&& !empty($default\_icon)){
117
$icon='<i class="fa '.$default\_icon.'" aria-hidden="true"></i>';
119
$icon='<i class="fa '.esc\_attr($default\_icon).'" aria-hidden="true"></i>';
118
120
}else {
119
121
$icon = '<i class="fa fa-clock-o" aria-hidden="true"></i>';
…
…
135
137
136
138
$img\_thumb = wp\_get\_attachment\_image\_src(get\_post\_thumbnail\_id(get\_the\_ID()), 'full');
137
$bg\_img=$img\_thumb\[0\];
139
$bg\_img=isset($img\_thumb\[0\])?esc\_url($img\_thumb\[0\]):'';
138
140
if(isset($img\_thumb\[0\])){
139
$clt\_icon ='<a href="' . get\_permalink(get\_the\_ID()) . '">
140
<div class="img-placeholder" style="background-image:url('.$bg\_img.');">';
141
$clt\_icon .='</div></a>';
141
if($RM\_button=='yes'){
142
$clt\_icon ='<a href="' . esc\_url(get\_permalink(get\_the\_ID())) . '">
143
<div class="img-placeholder" style="background-image:url('.$bg\_img.');">';
144
$clt\_icon .='</div></a>';
145
}
146
else{
147
$clt\_icon ='<div class="img-placeholder" style="background-image:url('.$bg\_img.');">';
148
$clt\_icon .='</div>';
149
}
150
142
151
}
143
152
}
…
…
149
158
$pp\_html .= '<div class="ps\_timeline-marker"></div>';
150
159
$pp\_html .= '<div class="ps\_timeline-content">';
151
$pp\_html .= '<h3 class="ps\_timeline-label">' . $pp\_post\_lbl . '</h3>';
152
$pp\_html .= '<h4 class="ps\_timeline-title">' . get\_the\_title($post->ID) . '</h4>';
160
$pp\_html .= '<h3 class="ps\_timeline-label">' .$pp\_post\_lbl . '</h3>';
161
$pp\_html .= '<h4 class="ps\_timeline-title">' . sanitize\_title(get\_the\_title($post->ID)) . '</h4>';
153
162
$pp\_html .='<p>'.$clt\_icon.'</p><div class="ps\_v\_content"> ' . $post\_content . '</div>';
154
163
$pp\_html .='</div></li>';
…
…
158
167
$pp\_html .= '<li>
159
168
<span class="cool-process-icon">'.$clt\_icon.'</span>
160
<div class="cool-process-detail'.$post\_skin\_cls.'">';
169
<div class="cool-process-detail'.esc\_attr($post\_skin\_cls).'">';
161
170
if($pp\_post\_lbl && in\_array($attribute\['type'\],array('default','with-image'))){
162
171
$pp\_html .='<h3>'.$pp\_post\_lbl.'</h3>';
163
172
}
164
$pp\_html .='<h2 class="content-title">' . get\_the\_title() . '</h2>';
173
$pp\_html .='<h2 class="content-title">' . sanitize\_title(get\_the\_title()) . '</h2>';
165
174
$pp\_html .= '<span></span>';
166
175
$pp\_html .= '<div class="clearboth"></div><div class="process-description">';
…
…
197
206
$pp\_wrp\_id="process-".$process\_id;
198
207
$pp\_view .= '<!============= Process Steps Template Designer '.COOL\_PROCESS\_VERSION\_CURRENT.' =============>';
199
$pp\_view .= '<div id="'.$pp\_wrp\_id.'" class="cool-process '.$p\_type.'">
208
$pp\_view .= '<div id="'.esc\_attr($pp\_wrp\_id).'" class="cool-process '.esc\_attr($p\_type).'">
200
209
<div id="cool\_process" class="cool-process-steps process-steps-'.$step\_counts.'" >';
201
210
202
211
if(!empty($attribute\['show-posts'\])&& $attribute\['show-posts'\]!=false){
203
212
$slide=$attribute\['show-posts'\];
204
$prevArrow='<button type="button" class="slick-prev slick-arrow"><i class="fa fa fa-arrow-circle-o\-left"></i></button>';
205
206
$next\_arrow='<button type="button" class="slick-next slick-arrow"><i class="fa fa fa-arrow-circle-o\-right"></i></button>';
213
$prevArrow='<button type="button" class="slick-prev slick-arrow"><i class="far fa-arrow-alt-circle\-left"></i></button>';
214
215
$next\_arrow='<button type="button" class="slick-next slick-arrow"><i class="far fa-arrow-alt-circle\-right"></i></button>';
207
216
208
217
//icon size dynamic
…
…
305
314
//view of vertical process
306
315
$pp\_view .= '<!============= Process Steps Template Designer '.COOL\_PROCESS\_VERSION\_CURRENT.' =============>';
307
$pp\_view .= '<div id="ps-timeline'.$process\_id.'" class="row example-centered"><ul class="ps\_timeline ps\_timeline-centered">';
316
$pp\_view .= '<div id="ps-timeline'.esc\_attr($process\_id).'" class="row example-centered"><ul class="ps\_timeline ps\_timeline-centered">';
308
317
$pp\_view .=$pp\_html;
309
318
$pp\_view .= '</ul></div><style type="text/css">'.$select\_color.$select\_size.'</style>';
…
…
314
323
if($temp\_var==true){
315
324
316
$pp\_view .= '<ul class="responsive" id="process-slider-'.$process\_id.'">';
325
$pp\_view .= '<ul class="responsive" id="process-slider-'.esc\_attr($process\_id).'">';
317
326
$pp\_view .=$pp\_html;
318
327
$pp\_view .= '</ul></div></div><div style="clear:both"></div><style type="text/css">'.$animation\_styles.$select\_size.'</style>';
…
…
336
345
337
346
function pp\_load\_scripts\_styles() {
338
wp\_register\_style('cool\_process\_styles', COOL\_PROCESS\_PLUGIN\_URL . 'css/cool-process.css', null, null, 'all');
339
wp\_register\_style('font-aws', COOL\_PROCESS\_PLUGIN\_URL . 'icons-selector/css/font-awesome/css/font-awesome.min.css', null, null, 'all');
340
wp\_register\_style('pp\_slick\_style', COOL\_PROCESS\_PLUGIN\_URL . 'slick/slick.css', null, null, 'all');
347
wp\_register\_style('cool\_process\_styles', COOL\_PROCESS\_PLUGIN\_URL . 'assets/css/cool-process.css', null, null, 'all');
348
wp\_register\_style('font-aws', COOL\_PROCESS\_PLUGIN\_URL . 'icons-selector/css/font-awesome/css/all.min.css', null, null, 'all');
349
wp\_register\_style('pp\_slick\_style', COOL\_PROCESS\_PLUGIN\_URL . 'assets/slick/slick.css', null, null, 'all');
341
350
wp\_register\_script('pp\_slickmin','https://cdn.jsdelivr.net/jquery.slick/1.5.9/slick.min.js',array('jquery'),null, 'all');
342
351
}
process-steps-template-designer/trunk/meta-box-class/js/meta-box.js
r1513752
r2473649
43
43
44
44
// repater Field
45
$(".at-re-toggle").live('click', function() {
45
$(".at-re-toggle").on('click', function() {
46
46
$(this).parent().find('.repeater-table').toggle('slow');
47
47
});
…
…
199
199
});
200
200
201
$('.simplePanelimageUploadclear,.simplePanelfileUploadclear').live('click', function( event ){
201
$('.simplePanelimageUploadclear,.simplePanelfileUploadclear').on('click', function( event ){
202
202
event.preventDefault();
203
203
inited.set\_fields($(this));
process-steps-template-designer/trunk/meta-box-class/my-meta-box-class.php
r1513752
r2473649
469
469
jQuery(document).ready(function() {
470
470
var '.$counter.' = '.$c.';
471
jQuery("#add-'.$field\['id'\].'").live(\\'click\\', function() {
471
jQuery("#add-'.$field\['id'\].'").on(\\'click\\', function() {
472
472
'.$counter.' = '.$counter.' + 1;
473
473
jQuery(this).before(\\''.$js\_code.'\\');
474
474
update\_repeater\_fields();
475
475
});
476
jQuery("#remove-'.$field\['id'\].'").live(\\'click\\', function() {
476
jQuery("#remove-'.$field\['id'\].'").on(\\'click\\', function() {
477
477
if (jQuery(this).parent().hasClass("re-control"))
478
478
jQuery(this).parent().parent().remove();
process-steps-template-designer/trunk/readme.txt
r2210545
r2473649
4
4
Donate link: http://www.cooltimeline.com/
5
5
Requires at least: 4.5
6
Tested up to:5.2
7
Stable tag:trunk
8
Requires PHP: 5.6
6
Tested up to:5.6
7
Stable tag:1.3
9
8
License: GPL2
10
9
License URI: https://www.gnu.org/licenses/gpl-2.0.html
…
…
27
26
<li>Web Development Process Designer</li>
28
27
<li>Business Process Creator</li>
29
</ul>
30
28
<br>
31
29
…
…
36
34
\* \[View Demo\](https://cooltimeline.com/)
37
35
36
VERTICAL & HORIZONTAL TIMELINE FOR ELEMENTOR
37
\### VERTICAL & HORIZONTAL TIMELINE FOR ELEMENTOR
38
\* \[Check It\](https://wordpress.org/plugins/timeline-widget-addon-for-elementor/)
38
39
40
\* \[View Demo\](https://cooltimeline.com/stepbystep-timeline-demo/)
41
42
43
</ul>
39
44
You can easily show process on any page of your website using these shortcodes -
40
45
<pre>\[cool-process category="all" type="default" select-view="default" show-posts="3" icon-size="40px" animation="yes" autoplay="false" content="summary" content-length="" read-more-button="yes" read-more-text=""\]</pre>
…
…
42
47
<pre>\[cool-process category="all" type="with-image" show-posts="3" autoplay="false" content="summary" content-length="" read-more-button="yes" read-more-text=""\]</pre>
43
48
<pre>\[cool-process category="all" type="vertical-process" show-posts="4" icon-size="50px" choose-color="#ddccaa " autoplay="false" content="summary" content-length="" read-more-button="yes" read-more-text=""\]</pre>
44
\[\](http://coderisk.com/wp/plugin/process-steps-template-designer/RIPS-BAnHHbK330)
49
45
50
\== Installation ==
46
51
Download the plugin .zip file
…
…
59
64
60
65
\== Changelog ==
61
\=Version 1.2.1 | 22/07/2019=
66
\==Version 1.3 | 12/02/2021===
67
Fixed:Major security issue
68
Improved: sanitized all attributes and HTML
69
Added:New icons and search icon feature
70
71
\==Version 1.2.1 | 22/07/2019===
62
72
Added: Integrated link on images
63
73
Added: Integrated feedback form on deactivation